CDRouter 11.8

Release Type	Release Number	Release Date
Original	CDRouter 11.8 Build 1	January 23, 2020
Maintenance Release 1	CDRouter 11.8 Build 2	February 27, 2020

Note: CDRouter 11.8 includes many new features and configuration testvars. Old config files can be automatically upgraded to include all new CDRouter 11.8 testvars using the config upgrade utility.

Attention: Operating System Deprecation Notice

Ubuntu and CentOS 6 will not be suported in future releases

All CDRouter systems will require the CentOS 7 operating system in order to install CDRouter 12.0 and beyond.

Support for the Ubuntu operating system and CentOS 6 has been deprecated. CDRouter systems running on Ubuntu or CentOS 6 will now see warning messages during installation and in the ‘start’ log of a test run.

Support for both of these operating systems will be officially removed with the next major version of CDRouter (12.0). Please contact support@qacafe.com for additional information and assistance in migrating to a supported operating system.

January 23, 2020

New Features and Enhancements

CDRouter

New PPPoE pass-through test case

A new test case has been added to the pppoe-pt (PPPoE pass-through) test module. This new test, cdrouter_pppoept_3, verifies PPPoE pass-through sessions using a random session ID whereas the other tests in this module use sequential session IDs. [ch1606]

CDRouter TR-069

Support for the Device:2.13 data model

CDRouter now supports the Broadband Forum’s Device:2.13 data model for CWMP as defined in TR-181 Issue 2 Amendment 13. [ch585]

Updated CWMP profiles

CDRouter’s Device2_profiles test module has also been updated to support the Device:2.13 data model. All profiles defined in the following data models are now supported:

Data Model	Version
InternetGatewayDevice:1	1.14
Device:1	1.14
Device:2	2.13
STBService:1	1.4
VoiceService:1	1.1
VoiceService:2	2.0
StorageService:1	1.3
FAPService:1	1.1
FAPService:2	2.1

This update adds support for the new Device:2 profiles listed below:

Test Module	Profile
Device2_profiles	PacketCaptureDiagnostics:1
Device2_profiles	SELTDiagnostics:1
Device2_profiles	MQTTClientCon:1

In addition, one test, FAPService2_REMLTE_ado_6, has been removed due to changes in Device:2.13 data model requirements. [ch585]

CDRouter USP

Support for the Device:2.13 data model

CDRouter now supports the Broadband Forum’s Device:2.13 data model for USP as defined in TR-181 Issue 2 Amendment 13. [ch585]

Updated CWMP profiles

CDRouter’s USP_Device2_profiles test module has also been updated to support the Device:2.13 data model. All profiles defined in the following data models are now supported:

Data Model	Version
Device:2	2.13
STBService:1	1.4
VoiceService:2	2.0
StorageService:1	1.3
FAPService:2	2.1

This update adds support for the new Device:2 profiles listed below:

Test Module	Profile
USP_Device2_profiles	MQTTClientCon:1
USP_Device2_profiles	BinaryControl:1
USP_Device2_profiles	LevelControl:1
USP_Device2_profiles	LevelControlIntensity:1
USP_Device2_profiles	EnumControl:1
USP_Device2_profiles	BinarySensor:1
USP_Device2_profiles	LevelSensor:1
USP_Device2_profiles	LevelSensorLowThreshold:1
USP_Device2_profiles	LevelSensorHighThreshold:1
USP_Device2_profiles	MultiLevelSensor:1
USP_Device2_profiles	EnumSensor:1
USP_Device2_profiles	SELTDiagnostics:1
USP_Device2_profiles	PacketCaptureDiagnostics:1
USP_Device2_profiles	CoAPAgent:1
USP_Device2_profiles	WebSocketAgent:1
USP_Device2_profiles	MQTTAgent:1
USP_Device2_profiles	CoAPController:1
USP_Device2_profiles	WebSocketController:1
USP_Device2_profiles	MQTTController:1
USP_Device2_profiles	ControllerTrust:1

In addition, one test, USP_FAPService2_REMLTE_ado_6, has been removed due to changes in Device:2.13 data model requirements. [ch585]

NTA1000

New 7.0 Golden Image

Version 7.0 of the NTA1000 operating system image, aka the golden image, is now available. This version is supported on all NTA1000v2 through NTA1000v6 platforms and is based on CentOS 7. For more information, please see the Golden Image Release Notes.

Testvar updates

Testvars added to this release:

None.

Testvars modified or removed in this release:

cwmpSupportedDataModel and uspSupportedDataModel - these testvars will now accept a value of Device:2.13.

New Test Modules and Test Cases

CDRouter TR-069

New Device:2.13 profile tests

PROFILE: PacketCaptureDiagnostics:1
MODULE: Device2_profiles
NEW TEST CASES: 6

PROFILE: SELTDiagnostics:1
MODULE: Device2_profiles
NEW TEST CASES: 6

PROFILE: MQTTClientCon:1
MODULE: Device2_profiles
NEW TEST CASES: 6

CDRouter USP

New Device:2.13 profile tests

PROFILE: MQTTClientCon:1
MODULE: USP_Device2_profiles
NEW TEST CASES: 4

PROFILE: BinaryControl:1
MODULE: USP_Device2_profiles
NEW TEST CASES: 4

PROFILE: LevelControl:1
MODULE: USP_Device2_profiles
NEW TEST CASES: 4

PROFILE: LevelControlIntensity:1
MODULE: USP_Device2_profiles
NEW TEST CASES: 4

PROFILE: EnumControl:1
MODULE: USP_Device2_profiles
NEW TEST CASES: 4

PROFILE: BinarySensor:1
MODULE: USP_Device2_profiles
NEW TEST CASES: 4

PROFILE: LevelSensor:1
MODULE: USP_Device2_profiles
NEW TEST CASES: 4

PROFILE: LevelSensorLowThreshold:1
MODULE: USP_Device2_profiles
NEW TEST CASES: 4

PROFILE: LevelSensorHighThreshold:1
MODULE: USP_Device2_profiles
NEW TEST CASES: 4

PROFILE: MultiLevelSensor:1
MODULE: USP_Device2_profiles
NEW TEST CASES: 4

PROFILE: EnumSensor:1
MODULE: USP_Device2_profiles
NEW TEST CASES: 4

PROFILE: SELTDiagnostics:1
MODULE: USP_Device2_profiles
NEW TEST CASES: 4

PROFILE: PacketCaptureDiagnostics:1
MODULE: USP_Device2_profiles
NEW TEST CASES: 4

PROFILE: CoAPAgent:1
MODULE: USP_Device2_profiles
NEW TEST CASES: 4

PROFILE: WebSocketAgent:1
MODULE: USP_Device2_profiles
NEW TEST CASES: 4

PROFILE: MQTTAgent:1
MODULE: USP_Device2_profiles
NEW TEST CASES: 4

PROFILE: CoAPController:1
MODULE: USP_Device2_profiles
NEW TEST CASES: 4

PROFILE: WebSocketController:1
MODULE: USP_Device2_profiles
NEW TEST CASES: 4

PROFILE: MQTTController:1
MODULE: USP_Device2_profiles
NEW TEST CASES: 4

PROFILE: ControllerTrust:1
MODULE: USP_Device2_profiles
NEW TEST CASES: 4

Notes

CDRouter

Updated version of Tcl shipped with CDRouter to 8.6.10. [ch2468]
The test constraints and skip logic for configurations utilizing wireless virtualization have been re-factored. These changes impact tests within the incompatible-with-multiple-wireless-radio skip label. This makes it possible to run any test cases that require the creation of LAN clients with specific user defined MAC addresses if at most one wireless interface that supports virtualization is enabled. Previously, these tests were skipped if one or more wireless interfaces with virtualization support were enabled. [ch1921]
Created a new requires-wired-wan skip label. All tests that require virtualization on the WAN are now contained within this label and will therefore only run in configurations that utilize a wired WAN interface. [ch1921]
The cdrouter_dos_10 test is not compatible with configurations where the wanMode is set to a value of none and will now be skipped automatically in these configurations. [ch2350]
Updated the dns_60 test case and all variants to wait dnsFailoverDelay seconds before verifying that the original servers have been restored. Previously these tests waited a fixed 5 seconds which was not always sufficient. [ch2147]
CDRouter now generates a configuration error if both the lanMode and ipv6LanMode testvars are set to a value of none. This prevents a fatal error in certain configurations from occurring. [ch2983] [ch2502]

CDRouter TR-069

The value Completed for the UploadDiagnosticsState and DownloadDiagnosticsSate parameters in the Device:2.13 data model has been deprecated and replaced with the value Complete. A number of tests in the ir181 and tr143_http test modules have been updated to handle this change. Devices implementing Device2:12 or earlier MUST use a value of Completed for these two parameters, whereas devices implementing Device:2.13 may use values of Completed or Complete. [ch2669]

CDRouter Multiport

Resolved an issue associated with reconnection of CDRouter’s wireless LAN clients if disassociated during a test run. Previously, only one wireless client would reconnect - all other clients would not reconnect, resulting in failures in all subsequent tests. [ch2620]

CDRouter IPv6

CDRouter’s relay server for 6to4 and 6rd will now be configured with a link-local IPv6 address which can be used by the DUT for Neighbor Unreachability Detection, as defined in Section 9 of RFC 5969 and Section 3.8 of RFC 4213. [ch2230]

CDRouter Performance

Resolved a fatal error when running perf_multi_2, perf_multi_4, ipv6_perf_multi_2, or ipv6_perf_multi_4 test cases in PPPoE mode on the WAN. [ch2197]

CDRouter USP

Resolved an issue with parameters specified by the testvar uspSkipParameters not being properly skipped during USP profile validation tests. [ch3066]

February 27, 2020

New Features and Enhancements

CDRouter Multiport

New LAN multiport routing test cases

Four new test cases have been added to the CDRouter Multiport expansion. These tests verify TCP and UDP routing over IPv4 and IPv6 between LAN clients.

The cdrouter_lan_mp_21 and cdrouter_lan_mp_22 test cases verify TCP and UDP routing between LAN clients over IPv4, respectively. The ipv6_lan_mp_21 and ipv6_lan_mp_22 test cases verify the same functionality over IPv6.

CDRouter TR-069

New ACS domain name and TLS server certificates

The ACS and ACS download server certificates shipped with previous releases of CDRouter have expired and have been replaced by a new set of test certificates signed by Sectigo.com (formerly COMODO).

The Common Name (CN) field of these certificates has been changed from acs.qacafe.com and acs-download.qacafe.com to acs.cdroutertest.com and acs-download.cdroutertest.com, respectively. The default value of the acsDomain testvar, which identifies the fully-qualified domain name (FQDN) of CDRouter’s ACS, has also been changed from acs.qacafe.com to acs.cdroutertest.com.

It is important to note that these changes may break some existing CDRouter configurations. CPE devices may fail to resolve the ACS IP address through DNS and and will not be able to validate the expired TLS server certificates until your configurations have been updated.

Please see the following Knowledge Base article for instructions to update your configurations:

[Updating the TR-069 ACS Domain Name] (/cdrouter/knowledge-base/updating-the-acs-domain-name)

CDRouter IPv6

New DS-Lite test case

A new test case, dslite_42, has been added to the dslite module. This test verifies that the DUT copies the IPv4 TOS field into the IPv6 Traffic Class field and vice versa when handling DS-Lite traffic, as defined in Section 7.1 of RFC6333.

Testvar updates

Testvars added to this release:

uspControllerUseNonPayloadProtection - this testvar controls whether or not CDRouter’s USP Controller sends a mac_signature value. [ch2053]

Testvars modified or removed in this release:

mapTunnelTrafficClass - this testvar supports the new value of auto, which indicates that the IPv6 Traffic Class field is expected to be copied from the IPv4 Type of Service (TOS) field of the original IPv4 header in test case mape_21. [ch2168]
acsDomain - the default value of this testvar has been changed from acs.qacafe.com to acs.cdroutertest.com.
acsCertPath - the default value of this testvar has been updated to the location of the new ACS server certificate.
acsCaCertPath - the default value of this testvar has been updated to the location of the new ACS CA bundle.
acsDownloadCertPath - the default value of this testvar has been updated to the location of the new ACS download server certificate.
acsDownloadCaCertPath - the default value of this testvar has been updated to the location of the new ACS download server CA bundle.
supportsH323AlgOutbound - this testvar is now deprecated and will be removed in the next release of CDRouter.
supportsH323AlgInbound - this testvar is now deprecated and will be removed in the next release of CDRouter.
inboundH323Host - this testvar is now deprecated and will be removed in the next release of CDRouter.

New Test Modules and Test Cases

CDRouter IPv6

New DS-Lite test case

TEST: dslite_42
MODULE: dslite
DESCRIPTION: Verify IPv4 TOS is copied to IPv6 Traffic Class

CDRouter Multiport

New TCP and UDP LAN to LAN routing tests

TEST: cdrouter_lan_mp_21
MODULE: lan-mp
DESCRIPTION: Verify TCP routing between multiple LAN ports

TEST: cdrouter_lan_mp_22
MODULE: lan-mp
DESCRIPTION: Verify UDP routing between multiple LAN ports

TEST: ipv6_lan_mp_21
MODULE: lan-mp-v6
DESCRIPTION: Verify HTTPv6 routing between multiple IPv6 LAN ports

TEST: ipv6_lan_mp_22
MODULE: lan-mp-v6
DESCRIPTION: Verify UDP routing between multiple IPv6 LAN ports

Notes

CDRouter

The arrangement of the Auto-Update and test navigation buttons within the web UI have been switched. This prevents the navigation buttons from moving when a test is finished versus running. [ch3088]
Updated the Visualize Package feature to properly escape special characters in package names. [ch3159]
CDRouter’s HTTP client no longer includes the Accept-Encoding: gzip header option in requests. [ch2551]
The CDRouter web UI no longer supports HTTP/2. This resolves an issue with the Automatic and Manual upgrade features within the CDRouter web UI when initiated over HTTPS with a browser that supports HTTP/2. HTTP/2 support will be re-enabled in the future when the underlying library has been patched. [ch3719]
Certain wifi cards manage their regulatory domain via firmware and cannot be configured for a specific country code. CDRouter will now ignore these cards when setting the country code. This resolves a fatal error on certain systems. [ch2464]
The following tests which involve H323 ALG functionality will be removed in the next release of CDRouter: cdrouter_app_200, cdrouter_app_205, cdrouter_app_207, cdrouter_app_220, cdrouter_app_225, and cdrouter_app_227. [ch3891]

CDRouter TR-069

CDRouter will now generate a config check warning if IPv6 is disabled and the testvar acsIp is set to an IPv6 address. Previously this configuration would generate a fatal error at run time. [ch3047]
Resolved an issue with the tr69_wireless module in which the original PSK was not being properly restored at the end of each test. This issue was introduced in CDRouter 11.5 and impacted only tests utilizing WPA in configurations where the testvar lanSecurity was set to the value WPA. [ch3382]

CDRouter BBF.069

Resolved a race condition with XMPP based connection requests. This issue has also been reported upstream to the UNH-IOL. [ch3781]

CDRouter IPv6

Update the logic for the mape_21 test case to recognize the new auto value for mapTunnelTrafficClass such that the test case will pass if and only if the DUT copies the IPv4 TOS field into the IPv6 Traffic Class field when performing MAP-E translation. [ch2168]
Resolved an off by one issue with CDRouter’s LAN side DHCPv6 pool size calculation. [ch3858]

CDRouter Storage

Resolved an issue in the storage tests in which a failed initial connection to the server would result in a test case pass rather than failure. [ch3512]

CDRouter USP

A new testvar, uspControllerUseNonPayloadProtection has been added. This testvar controls whether or not CDRouter’s USP Controller sends a mac_signature value. [ch2053]
General improvements to session management within the USP Controller. [ch2053]
Added heartbeat support for STOMP. [ch2053]
Numerous improvements based on initial verification testing of the USP conformance test plan (Broadband Forum TR-469). [ch2053]
Minor bugfixes in USP scenarios. [ch2056]

CDRouter 11.7

Release Type	Release Number	Release Date
Original	CDRouter 11.7 Build 1	November 14, 2019
Maintenance Release 1	CDRouter 11.7 Build 2	December 12, 2019

Note: CDRouter 11.7 includes many new features and configuration testvars. Old config files can be automatically upgraded to include all new CDRouter 11.7 testvars using the config upgrade utility.

Attention: Operating System Deprecation Notice

All CDRouter systems will require the CentOS 7 operating system in order to install CDRouter 12.0 and beyond.

November 14, 2019

New Features and Enhancements

CDRouter

Automatic decryption of SSL payloads

CDRouter now has the ability to automatically decrypt SSL payloads for all managed stacks on any configured test interface. This makes it possible to inspect encrypted traffic directly within the log file viewer and packet capture viewer without having to export the capture file, install decryption keys, and set up decryption rules in external tools such as Wireshark.

In addition, CDRouter’s CloudShark integration will automatically include and apply the necessary decryption keys when capture files are pushed to a remote CloudShark instance.

Note that this feature supports decryption of SSL for protocols on known ports only. [ch493]
New testvar for specifying expected RSN pairwise ciphers

The new testvar wifiBeaconRsnCipher can be used to specify the list of RSN pairwise ciphers advertised by the DUT in its wifi beacons. This testvar can be used in conjunction with the existing wifiBeaconWpaCipher testvar for DUT’s operating in mixed modes that support both WPA and RSN.

Note that the group cipher is always expected to be the same for both WPA and RSN modes. As a result there is no need for a separate RSN specific testvar for the expected group cipher. [ch1143]

CDRouter USP

Updates for Broadband Forum TR-469

The usp_conformance test module has been updated with 98 new test cases. With these new tests CDRouter now contains a complete implementation of the Broadband Forum’s TR-469 Conformance Test Plan for User Services Platform Agents.

CDRouter Performance

Display of additional 802.11 header information for each client on every interval

During performance throughput tests CDRouter will now provide additional 802.11 information per reporting interval for each wireless client in use.

For 802.11n clients, CDRouter provides information about the HT characteristics:
```
chan-width=40 rx-bitrate=364.5  tx-bitrate=450.0
signal=-39    rx-short-gi=0     tx-short-gi=1
noise=-95     rx-mcs=22         tx-mcs=23
```
For 802.11ac clients, CDRouter provides information about the VHT characteristics:
```
chan-width=80 rx-bitrate=1300.0 tx-bitrate=975.0
signal=-44    rx-short-gi=1     tx-short-gi=1
noise=-101    rx-vht-mcs=7      tx-vht-mcs=7
              rx-vht-nss=4      tx-vht-nss=3
```

Testvar updates

Testvars added to this release:

wifiBeaconRsnCipher - New testvar for specifying the RSN pairwise ciphers that the DUT is expected to advertise. [ch1143]

Testvars modified or removed in this release:

None

New Test Modules and Test Cases

CDRouter USP

Broadband Forum TR-469 USP Conformance Test Module

MODULE: usp_conformance
DESCRIPTION: Broadband Forum TR-469 USP conformance tests
TEST CASES: 98

Notes

CDRouter

Resolved an issue associated with properly setting the wireless regulatory domain using the testvar wirelessCountryCode on NTA1000 systems that utilize the ath10k wireless driver. [ch1011]
The testvar wirelessCountryCode now defaults to the value auto. When set to auto CDRouter will automatically determine and set the wireless regulatory domain used during a test run based on the locale settings of the operating system. Note that the wireless regulatory domain cannot be modified by CDRouter on non-CentOS systems. [ch1011]
The testvar httpServerIp can now be set to either an IPv4 or an IPv6 address. [ch566]
CDRouter’s integrated packet viewer has been upgraded to TraceFrame version 1.2.1, which includes fixes for a few minor packet decode display issues. [ch770]
Resolved a fatal error that would occur if a test package using a wireless interface is queued while another test package using the same interface in wireless on the WAN mode is actively running. [ch1760]

CDRouter IPv6

Resolved an issue with the dns_rfc5625_14, dns_rfc5625_15, and dns_rfc5625_17 test cases. These tests now listen for DNS queries from the DUT on all four DNS servers, if configured. Previously these tests would only listen on the first two DNS servers. [ch1634]
CDRouter now displays the target address of received Neighbor Solicitation and Neighbor Advertisement messages directly in the log. [ch1660]
The dhcpv6-pd test module can now be run in IPv6 WAN unnumbered mode. [ch1748]

CDRouter TR-069

Updated the descriptions of the tr69_140 through tr69_170 test cases to clarify that the tr69_140 and tr69_150 test cases verify the Upload RPC as defined in Amendment 2 or earlier of the TR-069 specification whereas tr69_160 and tr69_170 verify the new Upload RPC as defined in Amendment 3 and later versions of the specification. [ch1417]
Resolved a potential fatal error with XMPP based connection requests. [ch1080]
The tr69_101, tr69_hearbeat_2, tr69_heartbeat_4, and ir181_test_5.1.1 tests now utilize the value of the tr69MinPeriodicInform testvar value when configuring the periodic inform interval on the DUT. Previously these tests relied on fixed values that may not be supported on all devices. [ch1282]
Resolved an issue where successful XMPP connection requests were being reported as failures and causing tests to fail. [ch1596]

CDRouter BBF.069

Updated the 5_035_redirect_in_session test case to abort rather than continue if a CWMP session fails to start. This patch has been reported upstream to the UNH-IOL as well. [ch537]
Resolved a fatal error in the 5_120_xmpp_incorrect_jabber_id. This patch has been reported upstream to the UNH-IOL as well. [ch1812]
Resolved a potential fatal error in the ACS_XMPP_send_connection_request test case. This patch has been reported upstream to the UNH-IOL as well. [ch1420]

CDRouter USP

CDRouter’s CoAP DTLS implementation will now send a TLS alert message when closing a session. This notifies the remote peer that the session has been closed. [ch880]
The usp_30 test case procedure and cleanup process have been modified to determine which firmware slot is active at the start of the test and revert the original firmware to the same slot at the end of the test. [ch1021]

CDRouter ICS

CDRouter ICS will now return the TTL of the upstream resolver rather than a fixed TTL of 0 when resolving DNS queries using the system resolver. [ch490]

December 12, 2019

New Features and Enhancements

CDRouter

New SIP ALG test cases

Three new SIP ALG test cases have been added to verify that the DUT properly handles outbound SIP calls with multiple DHCP LAN clients that do not register a port. The new tests are cdrouter_sip_201, cdrouter_sip_tcp_201, and ipv6_sip_201, and verify this behavior over UDP/IPv4, TCP/IPv4, and UDP/IPv6, respectively.

As part of this work, CDRouter’s SIP client behavior has also been modified. CDRouter’s SIP client will now omit the port number from its SIP headers if the default port value is in use (5060/5061). Previously, the port number was always included even the default port was used.

New Test Modules and Test Cases

CDRouter

New SIP ALG test cases

TEST: cdrouter_sip_201
MODULE: sip-alg
DESCRIPTION: Verify outbound SIP calls with multiple DHCP LAN clients without registering a port

TEST: cdrouter_sip_tcp_201
MODULE: sip-alg-tcp
DESCRIPTION: Verify outbound SIP calls with multiple DHCP LAN clients (TCP) without registering a port

CDRouter IPv6

New SIP ALG test case

TEST: ipv6_sip_201
MODULE: sip-v6
DESCRIPTION: Verify outbound SIPv6 calls with multiple DHCP LAN clients without registering a port

Notes

CDRouter

Added the DUT’s LAN IP to the list of excluded MAC addresses in the cdrouter_dos_30 and cdrouter_dos_32 test cases. This resolves a potential ARP conflict in certain test scenarios. [ch2348]

CDRouter IPv6

Updated the option type used in the ipv6_basic_10 test case from Type 07 (0x07) to Type 17 (0x11). This change is consistent with the option type used in Revision 5.0.0 of the IPv6 Ready Core Protocols Test Specification. [ch1923]

Performance

The iperf process scheduling algorithm used by CDRouter has been modified and improved for compatibility with newer operating systems and kernels. This change impacts only CentOS 7 and 8 systems. [ch1662]

CDRouter DOCSIS

Updated the test descriptions for the docsis_firewall_100, docsis_firewall_101, docsis_firewall_110, ipv6_docsis_firewall_100, ipv6_docsis_firewall_101, and ipv6_docsis_firewall_110 to reference the correct testvars for specifying the expected open and closed TCP and UDP ports for the DOSCIS interface firewall. [ch2087]

Pktsrc API Notifications

Changes to IPv4_set and IPv4_reconfigure ARP functionality

Previously, IPv4_reconfigure would send a gratuitous ARP when changing a stack’s IPv4 address while IPv4_set s ip would not. CDRouter’s behavior has been unified such that by default, both methods now send a gratuitous ARP, while also adding options to disable this new behavior if it is not desired.

IPv4_set now supports an optional noarp argument if setting the ip field, i.e. IPv4_set s ip <ip> noarp. This change is meant to be symmetric with the nodad argument supported by the IPv6_set call which works similarly.

IPv4_reconfigure now passes noarp to its call to IPv4_set instead of calling ARP_announce directly. [ch885]

CDRouter 11.6

Release Type	Release Number	Release Date
Original	CDRouter 11.6 Build 1	September 12, 2019
Maintenance Release 1	CDRouter 11.6 Build 2	October 10, 2019

Note: CDRouter 11.6 includes many new features and configuration testvars. Old config files can be automatically upgraded to include all new CDRouter 11.6 testvars using the config upgrade utility.

Attention: Operating System Deprecation Notice

All CDRouter systems will require the CentOS 7 operating system in order to install CDRouter 12.0 and beyond.

September 12, 2019

New Features and Enhancements

CDRouter

TraceFrame updated

CDRouter’s integrated packet viewer has been upgraded to TraceFrame version 1.2, which includes the following enhancements:
- Improved speed and performance
- Additional space added to the middle of the ASCII decode pane
- Add ALT+Click support to the decode tree (expands all)
- Ignore a load error if file is truncated
- Correctly display fragmented IPv4 packets
- Add new loading graphic for summary pane
- Speed up perceived loading of large files
- Prevent error if click+drag in summary table
- Fix crash if no file was opened
New multicast test cases

Four new test cases have been added to the mcast module. These new tests are designed to verify the behavior of the DUT when processing received IGMP packets that have the unspecified source address of 0.0.0.0. Please see the New Test Modules and Test Cases section below for more information. [LH #4181]
New DHCP client tests

Two new DHCP client tests have been added to the dhcp-c test module. These tests verify that the DUT’s WAN DHCP client consistently requests the same set of parameters and advertises the same client ID in accordance with RFC 2131. Please see the New Test Modules and Test Cases section below for more information. [LH #4291]
Log viewer UI tweaks

A number of visual tweaks have been made to the log viewer to improve functionality and the visibility of search results when using CTRL+F within the browser. [LH #4278]
- Previously, only the current search match was highlighted. Now, all matches are highlighted yellow.
- Previously, the current search match was highlighted yellow for a brief period of time. Now, the current search match is highlighted orange persistently.
- Previously, non-matching lines were dimmed to 25% opacity. Now, non-matching lines are only dimmed to 60% opacity as 25% was deemed illegible on certain monitors.

CDRouter IPv6

Support for LW4o6

CDRouter now supports Lightweight 4over6 (LW4o6), as defined in RFC 7596. LW4o6 is an IPv6 transition technology that shares some concepts with MAP-E and DS-Lite. For more information, please see our Knowledge Base article on MAP and LW4o6 testing.
New multicast test cases

Two new test cases have been added to the mcast-v6 module. These new tests are designed to verify the behavior of the DUT when processing received MLD packets that have the unspecified source address of ::. Please see the New Test Modules and Test Cases section below for more information. [LH #4181]
New IPv6 “unnumbered” WAN mode for Prefix Delegation

CDRouter now supports configurations in which the DUT requests a DHCPv6 Delegated Prefix without creating its own on-link global IPv6 WAN address. Now, devices that do not use DHCPv6 or SLAAC on the WAN to autoconfigure an address are supported with the “unnumbered” mode of the ipv6WanMode testvar. More information and configuration examples can be found in our Knowledge Base article,
IPv6 Stateless Addressing with Prefix Delegation.

CDRouter USP

Added support for MQTT

The USP expansion now supports MQTT as an MTP. For more information, please see the CDRouter USP User Guide. [LH #4192]

CDRouter Nmap

Nmap updated

The CDRouter Nmap expansion has been updated to Nmap release 7.80. Please see the Nmap 7.80 release announcement for more information on changes associated with this update. [LH #4279]

Testvar updates

Testvars added to this release:

None

Testvars modified or removed in this release:

MAP start port
- mapStartPort - This testvar now supports a minimum value of 0. [LH #4289]
IPv6 WAN mode
- ipv6WanMode - This testvar now supports the value unnumbered. [LH #4138]
Supports Multicast Out and Supports IPv6 Multicast Out
- supportsMulticastOut
- supportsIPv6MulticastOut - These testvars now default to no for consistency with the default configuration of most CPE. [LH #4285]

New Test Modules and Test Cases

CDRouter

New multicast test cases for verifying DUT’s behavior when processing IGMP packets with unspecified source address

TEST: mcast_80
MODULE: cdrouter_mcast
DESCRIPTION: Verify IGMP router accepts reports with unspecified source address

TEST: mcast_81
MODULE: cdrouter_mcast
DESCRIPTION: Verify IGMP snooping switch scenario with unspecified source address

TEST: mcast_82
MODULE: cdrouter_mcast
DESCRIPTION: Verify IGMP proxy interface answers general IGMP query requests with unspecified source address

TEST: mcast_83
MODULE: cdrouter_mcast
DESCRIPTION: Verify IGMP proxy interface answers specific IGMP query requests with unspecified source address

New DHCP client tests

TEST: cdrouter_dhcp_40
MODULE: dhcp-c
DESCRIPTION: Verify client requests same parameters in all subsequent DHCP messages

TEST: cdrouter_dhcp_41
MODULE: dhcp-c
DESCRIPTION: Verify client uses same Client ID in all subsequent DHCP messages

CDRouter IPv6

New multicast test cases for verifying DUT’s behavior when processing MLD packets with unspecified source address

TEST: ipv6_mcast_80
MODULE: mcast-v6
DESCRIPTION: Verify MLD router accepts reports with unspecified source address

TEST: ipv6_mcast_81
MODULE: mcast-v6
DESCRIPTION: Verify MLD snooping switch scenario with unspecified source address

Notes

CDRouter

CDRouter’s web UI now supports TLSv1.3 and no longer supports SSLv3. [LH #4273]
The cdrouter.py Python client has been up updated to version 0.4.27 which resolves an issue with Marshmallow 3.0. [LH #4288]
Updated wpa_supplicant to version 2.9. [LH #4274]
Updated hostapd to version 2.9. [LH #4275]
The cdrouter_mcast_2 test case can now be run in bridge mode. Previously this test was skipped if the forwardingMode was set to bridge. The IPv4 hop count is now also automatically set to 0 if bridge mode is enabled. [LH #4181]
The mape_11, mape_13, mapt_11, and mapt_13 test cases are now automatically skipped if the testvar mapStartPort is set to a value of 1, or if the testvar mapStartPort is set to a value of 0 and the testvar mapSharingRatio is set to a value of 1. These tests verify that a MAP CE correctly translates UDP / TCP ports which are outside of its port set. They are not relevant if the CE’s port set contains no excluded ports and should therefore be skipped. [LH #4289]
Re-factored the PSID calculation code for MAP (MAP-E, MAP-T, LW4o6). The testvar mapStartPort now supports a minimum value of 0 (in previous releases the minimum value supported by this testvar was 1). This allows a MAP CE’s port set to be configured with a PSID offset length of zero bits, which was not possible in previous releases. [LH #4289]

CDRouter IPv6

The ipv6_mcast_2 test case can now be run in bridge mode. Previously this test was skipped if the forwardingMode was set to bridge. The IPv6 hop count is now also automatically set to 0 if bridge mode is enabled. [LH #4181]

CDRouter TR-069

Resolved an issue with the tr69_27 test case. This test was validating the wrong fault code for one error condition. In addition, the inner fault code was not being properly validated in all conditions. [LH #4300]
Updated the tr69_inactive_firmware_1 test case to use the ACS download server rather than the general purpose HTTP server for firmware downloads. This makes it possible to enable HTTP authentication for firmware downloads, which is not possible with the general purpose HTTP server. Some logging was also cleaned up in this test case. [LH #4281]

October 10, 2019

Notes

CDRouter

Upgraded CDRouter’s web server HSTS functionality to achieve an A+ rating via SSL Labs. [LH #4318]
Upgraded the javascript library used for markdown rendering on the client side within CDRouter’s web UI. This resolves some markdown rendering issues. [LH #4295]
Resolved a logic issue in the nat_frag_1 and nat_frag_2 test cases that resulted in a fatal error in certain scenarios. [LH #4304]
The cdrouter_basic_20 test case will now only be skipped if the testvar wanDutMac is not defined for the main WAN group. [LH #4293]
Resolved an issue with the cdrouter_dhcp_40 test case that would result in a fatal error if the parameter request list provided by the DUT was an empty list. [LH #4317]

CDRouter IPv6

Resolved an issue associated with the preservation of the A-bit and O-bit values in Router Advertisements sent by CDRouter on the WAN in certain test cases. This issue was only present when the testvar ipv6WanMode was set to PPPoE and the testvar ipv6PPPoEAddressMode was set to autoconf. [LH #4296]

CDRouter TR-069

Resolved a fatal error in the ir181_test_5.1.1 test case. [LH #4323]
The tr69_26 test case now utilizes the value of the tr69MinPeriodicInform testvar rather than a fixed value of 50 during the SetParameterValues RPC. This modification makes it possible to run this test against devices that do not support a periodic inform interval of 50 seconds. [LH #4322]
The tr69_27 test case has been updated to specify the proper root object in all SetParameterValues RPCs for IGD devices [LH #4320].
Updated the ir181_test_5.1.8 test for compatibility with the revised procedure in IR-181 Corrigendum 1. [LH #4206]
The tr69_inactive_firmware_1 test was updated to resolve an error in the URL sent by the ACS to restore the DUT’s original firmware at the end of the test. The URL of the Download RPC now contains the domain name of the file server instead of its IP address. The test has also been updated to provide additional logging if there are any errors encountered during this process. [LH #4311] [LH #4312]

CDRouter BBF.069

Patched the 5_038_basic_authentication test case so that it can be run from the command line without the -pt flag. This patch has also been submitted to the UNH-IOL. [LH #4306]

CDRouter USP

Resolved issue in CoAP / DTLS processing which was causing CDRouter to send empty UDP packets during the DTLS handshake. [LH #4268]

CDRouter 11.5

Release Type	Release Number	Release Date
Original	CDRouter 11.5 Build 2	July 18, 2019
Maintenance Release 1	CDRouter 11.5 Build 3	August 14, 2019

Note: CDRouter 11.5 includes many new features and configuration testvars. Old config files can be automatically upgraded to include all new CDRouter 11.5 testvars using the config upgrade utility.

Attention: Operating System Deprecation Notice

All CDRouter systems will require the CentOS 7 operating system in order to install CDRouter 12.0 and beyond.

July 18, 2019

New Features and Enhancements

CDRouter

Support for WPA3

CDRouter now supports WPA3-Personal and WPA3-Enterprise in client mode on the LAN and access point (AP) mode in the WAN.

WPA3 requires many advanced new wireless features which are also now supported, including Protected Management Frames (PMF), 256 bit ciphers (GCMP and CCMP), and new key management suites such as Simultaneous Authentication of Equals (SAE) and Suite-B.

Additional information about all new wireless enhancements included in this release are provided below.
New WPA configuration presets for WiFi Alliance security modes

CDRouter now supports a simplified configuration model for six common wireless security modes defined by the WiFi Alliance: WPA-Personal, WPA-Enterprise, WPA2-Personal, WPA2-Enterprise, WPA3-Personal, and WPA3-Enterprise. These six modes are now options that can be configured directly in client mode on the LAN using the testvar wpaMode.

These modes represent configuration presets that force all other WPA related testvars to specific, fixed values which speeds up and simplifies the configuration process. For more information on these modes and advanced WPA configuration please see this Knowledge Base article.

These modes are also available as options for configuring CDRouter’s AP on the WAN using the testvar wanApWpaMode.

Note that when any of these modes are used the advanced WPA configuration options highlighted below are configured automatically and do not need to be specified.

Note that WPA3-Enterprise modes require the 802.11ac Wave 2 wireless adapter included in the NTA1000v6 platform. As a result, WPA3-Enterprise is not supported on older NTA1000 systems.
Support for WPA Protected Management Frames (PMF)

CDRouter now supports Protected Management Frames (PMF) for RSN and WPA3. PMF support is required for all WPA3 security modes and optional for all RSN security modes. The new testvars wpaPMF and wanApWpaPMF can be used to enable or disable PMF support in client mode on the LAN and AP mode on the WAN, respectively.

By default these testvars are set to a value of auto, which will enable PMF for WPA3 modes and disable PMF for all other modes.
Support for GCMP pairwise and group ciphers

CDRouter now supports Galois Counter Mode Protocol (GCMP) cipher suites in addition to Counter Mode CBC-MAC Protocol (CCMP) and TKIP. For client mode on the LAN the testvars wpaCipher and wpaGroupCipher have been updated with two new GCMP specific options: GCMP-128 and GCMP-256.

In AP mode on the WAN, the testvars wanApWpaCipher and wanApWpaGroupCipher also support these new options.
Support for 256 bit CCMP pairwise and group ciphers

CDRouter now supports 256 bit CCMP cipher suites in addition to 128 bit CCMP, TKIP, and GCMP (128 and 256 bit). The testvars wpaCipher and wpaGroupCipher have been updated with with a new 256 bit CCMP option: CCMP-256.

In AP mode on the WAN, the testvars wanApWpaCipher and wanApWpaGroupCipher also support this new option.
Support for the SAE key management suite

WPA3-Personal requires use of the Simultaneous Authentication of Equals (SAE) key management suite, which is now supported by CDRouter and can be enabled in client mode on the LAN by setting the new testvar wpaKeyMgmt to a value of SAE. When SAE is enabled the SAE secret must also be configured using the new testvar wpaSaePassword.

In AP mode on the WAN, SAE can be enabled by setting the testvar wanApWpaKeyMgmt to SAE and setting the SAE secret using the new testvar wanApWpaSaePassword.
Support for Suite-B key management suites

WPA3-Enterprise requires use of IEEE 802.1X using Suite B compliant EAP, which is now supported by CDRouter and can be enabled in client mode on the LAN by setting the new testvar wpaKeyMgmt to a value of either SUITE-B (which uses SHA-256 key derivation) or SUITE-B-192 (which uses SHA-384 key derivation).

In AP mode on the WAN, the testvar wanApWpaKeyMgmt also supports these new options.
Support for advanced WPA key management suites

CDRouter now supports advanced 802.1X and PSK key management suites for WPA and WPA2 that utilize SHA-256 for key derivation. The new testvar wpaKeyMgmt includes the options 802.1X-256 and PSK-256 for enabling these key management suites in client mode on the LAN.

In AP mode on the WAN, the testvar wanApWpaKeyMgmt also supports these new options.

Note that legacy key management suites utilizing SHA-128 for key derivation can be configured using the 802.1X and PSK options on the LAN side and the WAN side.

CDRouter TR-069

Support for TLS version 1.3

CDRouter’s ACS can now be configured for TLS 1.3.

CDRouter Performance

Support for multiple LAN client performance testing

CDRouter now supports performance testing with multiple LAN clients using the new perf-multi and perf-multi-v6 test modules that are included with the CDRouter Performance expansion.

These tests measure the aggregate download and upload throughput of multiple LAN clients over IPv4 and IPv6 using TCP and UDP traffic. In addition to verifying the aggregate bandwidth, CDRouter can also optionally verify that each individual LAN client achieved a minimum fairness throughput using the new testvar perfFairness.

Up to 32 Ethernet and/or wireless LAN clients can be used during these tests. In addition up to 30 streams per LAN client for a maximum of 960 UDP or TCP connections per test can be configured.

Note that this functionality requires the CDRouter Performance and Multiport expansions.
Support for performance testing up 5.0 Gbps

The CDRouter Performance expansion now supports maximum single client performance speeds of up to 2.5 Gbps and multi-client speeds of up to 5.0 Gbps on the new NTA1000v6-10G platform.

This feature makes it possible to fully saturate and test cutting edge access points and routers that include 2.5GBASE-T and 5GBASE-T Ethernet interfaces and wireless interfaces capable of greater than 1 Mbps throughput.

NTA1000

New NTA1000v6-10G platform with 2.5/5/10 Gbps Ethernet interfaces

The new NTA1000v6-10G platform includes an integrated dual port 10GBASE-T Ethernet network interface that supports Ethernet speeds of 2.5/5/10 Gbps over standard Category 5e and 6 cabling.

With this addition there are now two NTA1000 platforms to choose from - the NTA1000v6 which includes eight Gigabit Ethernet NICs, three wifi NICs, and support for up to 128 wireless clients, and the NTA1000v6-10G which includes eight Gigabit Ethernet NICs, two 10 Gigabit Ethernet NICs, two wifi NICs, and support for 64 wireless clients.
Support for 2.5/5/10GBASE-T Ethernet interfaces

With the addition of the new NTA1000v6-10G platform, CDRouter 11.5 now supports 2.5/5/10GBASE-T Ethernet network interfaces for functional and performance testing. Performance testing is limited to 2.5 Gbps (single client) and 5.0 Gbps (multi-client).

Testvar updates

Testvars added to this release:

WPA3 LAN side wireless client testvars
- wpaKeyMgmt - Specifies which RSN/WPA authentication key management suite to use with the DUT.
- wpaPMF - Specifies if WPA protected management frames should be used with the DUT.
- wpaSaePassword - Specifies the WPA SAE password to be used with the DUT.
WPA3 WAN side wireless AP testvars
- wanApWpaPMF - Specifies if WPA protected management frames should be used by the WAN Access Point authenticator.
- wanApWpaSaePassword - Set the 802.11 WPA SAE password used by the WAN Access Point authenticator.
New multiple LAN client performance testvar
- perfFairness - Forces all LAN clients to share the available bandwidth when enabled during multi-LAN performance tests.

Testvars modified or removed in this release:

Wireless LAN configuration
- lanSecurity - The values WPA-PSK and WPA-802.1X have been deprecated and will be removed in a future release. Existing configs should be updated to use the value WPA and the new settings available in the wpaMode testvar instead.
- wpaMode - The following additional values are now available: auto, RSN, WPA-Enterprise, WPA-Personal, WPA2-Enterprise, WPA2-Personal, WPA3-Enterprise, WPA3-Personal. The WPA2 setting has been deprecated and will be removed in a future release.
- wpaCipher - The value AES-CCMP has been deprecated and will be removed in a future release. Existing configs should be updated to use any of the new, more specific values of CCMP-128, CCMP-256, GCMP-128, or GCMP-256.
- wpaGroupCipher - The value AES-CCMP has been deprecated and will be removed in a future release. Existing configs should be updated to use any of the new, more specific values of CCMP-128, CCMP-256, GCMP-128, or GCMP-256.
- wifiBeaconWpaMode - The value WPA2 has been deprecated and will be removed in a future release. Existing configs should be updated to use the value RSN instead.
- wifiBeaconWpaCipher - The value AES-CCMP has been deprecated and will be removed in a future release. Existing configs should be updated to use the value CCMP-128 for WPA1 configs, or the new testvar wifiBeaconRsnCipher for WPA2/WPA3 configs.
- wifiBeaconWpaGroupCipher - The value AES-CCMP has been deprecated and will be removed in a future release. Existing configs should be updated to use any of the new, more specific values of CCMP-128, CCMP-256, GCMP-128, or GCMP-256.
- See the wireless LAN Configuration Knowledge Base article for more details on using these new settings.
Wireless WAN Configuration
- wanApWpaMode - The value WPA2 has been deprecated and will be removed in a future release. Existing configs should be updated with one of the new values supported by this testvar.
- wanApWpaKeyMgmt - The values WPA-PSK and WPA-802.1X have been deprecated and will be removed in a future release. Existing configs should be updated.
- wanApWpaCipher - The value AEX-CCMP has been deprecated and will be removed in a future release. All existing configs should be updated.
TR-069 TLS configuration
- acsSslVersion - The values tls and tlsv1_3 have been added to this testvar. The value sslv23 has been removed and will cause a config error if it is used.
  See the Notes section below for more details.

Test Modules and Test Cases

CDRouter TR-069

New IR-181 test case

TEST: ir181_test_5.3.5
MODULE: ir181
DESCRIPTION: IR-181 Test 5.3.5: Device Connect/Disconnect Notification

CDRouter Performance

New multiple LAN client performance module for IPv4

MODULE: perf-multi
DESCRIPTION: IPv4 multiple LAN clients performance tests
TEST CASES: 4

New multiple LAN client performance module for IPv6

MODULE: perf-multi-v6
DESCRIPTION: IPv6 multiple LAN clients performance tests
TEST CASES: 4

Notes

CDRouter

A number of WPA specific testvars have had options deprecated in this release. To maintain backwards compatibility with older configurations, CDRouter will automatically map any deprecated WPA related testvar values to new, supported values according to the following table:

Testvar Deprecated Values New Value

lanSecurity WPA-802.1X, WPA-PSK WPA

wpaMode WPA2 RSN

wpaCipher AES-CCMP CCMP-128

wpaGroupCipher AES-CCMP CCMP-128

Testvar	Deprecated Values	New Value
lanSecurity	WPA-802.1X, WPA-PSK	WPA
wpaMode	WPA2	RSN
wpaCipher	AES-CCMP	CCMP-128
wpaGroupCipher	AES-CCMP	CCMP-128

The testvars used to define the expected contents of the DUT’s wifi beacons for the wifi_20 test case have been updated to support WPA3. Some testvar options have been deprecated while other new options have been added.

Testvar	Deprecated Values	New Values
wifiBeaconWpaMode	WPA2	RSN
wifiBeaconWpaKeyMgMt		802.1X-256, PSK-256, SAE, SUITE-B, SUITE-B-192
wifiBeaconWpaCipher	AES-CCMP	CCMP-128, CCMP-256, GCMP-128, GCMP-256
wifiBeaconWpaGroupCipher	AES-CCMP	CCMP-128, CCMP-256, GCMP-128, GCMP-256
wifiBeaconPhy

The static test module has been updated to support host routes. [LH #4212]
The wifi_40 test case has been updated. This test now disassociates all additional LAN clients at the start of the test and performs a new scan for the configured SSID rather than relying on cached and potentially out of date scan data. All clients are re-associated at the end of the test. [LH #4175]
Resolved an issue with multi-service gateway configurations on CentOS 7 systems. This issue prevented secondary WAN interfaces on separate VLANs from receiving and responding to traffic from the DUT. This issue was introduced in CDRouter 11.4.1 and impacts only the 11.4.1 and 11.4.2 releases. [LH #4226]
Resolved an issue with the elapsed time reported for a running test within CDRouter’s web UI. In CDRouter 11.4.1 and 11.4.2, refreshing the results page within the browser would reset the elapsed time to 00:00 or the elapsed time of the test when the page was first loaded. [LH #4225]

CDRouter Multiport

Resolved a fatal error in the static_10 and static_20 test cases when run in a multi-service gateway type configuration with multiple WAN interfaces. [LH #4227]
Updated static_20 and static_v6_20 to support dynamic static routes defined on secondary WAN interfaces. [LH #4213]

CDRouter IPv6

The static-v6 test module has been updated to support host routes. [LH #4212]
The ula_12 test case is not compatible with 6to4 or 6rd WAN modes and is now automatically skipped when 6to4 or 6rd are configured. [LH #4233]

CDRouter TR-069

CDRouter’s ACS no longer supports SSL v2. This change was required to add support for TLS v1.3. The acsSslVersion testvar can now be configured with the value tlsv1_3 or the new default mode of tls, which will negotiate down from TLS v1.3 to v1.2 to v1.1 and finally to v1.0. The previous default value, sslv23, has been removed and will cause a config error if it is used. Existing config files that explicitly use this value must be updated to use tls or another valid setting. [LH #3725]
The list of ciphers supported by CDRouter’s ACS has been updated. In order to add support for TLS v1.3, a number of new ciphers were added while older ciphers were dropped. Please see the documentation for the testvar acsCipherSuite for the complete list of ciphers supported in this release. For details on which older ciphers have been dropped, please contact support@qacafe.com.
The tr69_400 and ir181_test_5.2.6 test cases have been updated to support both IP addresses and FQDNs for the Host parameter entries in the RouteHops table returned by the DUT. Previously only IP addresses were supported. [LH #4218]
Resolved an issue in the ir181_test_5.5.1 test case where the DeleteObject RPC called at the end of the test was not properly specifying a full object path. [LH #4232]
Resolved a fatal error in ir181_test_5.6.13 if run individually. [LH #4229]
Tests od128_test_35.1 through od128_test_35.6 have been updated so that the URL argument of the ChangeDUState RPC contains the file name indicated by the tr69DUInstallImage file instead of "DeploymentUnitImage.bin". This change was made to ensure that the format of the file name in the URL remains consistent with any naming requirements imposed by the DUT implementation.

Note that the URL argument will always contain the same file name in each test, but the ACS will still dynamically map the URL to either the tr69DUInstallImage or tr69DUInstallImageAlternate image file. This verifies that the DUT follows through with the requested Install or Update operation, even if the URL is the same as one that was used in a previous operation. [LH #4230]
A new test, ir181_test_5.3.5 has been added to the ir181 module. This test did not exist in early drafts of the IR-181 specification which is why it was not included in previous releases. [LH #4210]
Tests tr69_31 through tr69_38 have been updated to be more compatible with private TLS/SSL certificates. When the acsDownloadCertPath testvar is set, CDRouter will automatically determine the fully-qualified domain name of the alternate ACS server from the CN field of the specified certificate. The primary ACS will use that domain name instead of the default (acs-download.qacafe.com) in the HTTP redirect it sends to the DUT. If the CN field of the certificate file is set to a wildcard domain (eg.: *.example.com), CDRouter will use the hostname “acs-download” with the target domain (“acs-download.example.com”). [LH #4214]
Test tr69_wireless_50 was updated to resolve an error that occurred when the LAN client failed to reassociate with the DUT. [LH #4240]
Updated the od128_test_19.1 test case to select a channel from the list channels supported by the DUT rather than using channel 11, which may or may not be supported by the DUT. [LH #4198]

CDRouter Performance

The maximum value of perfStreams testvar has been reduced from 500 to 128. This change was made to improve the overall consistency and repeatability of performance test results. [LH #4148]
The maximum number of streams will be automatically capped to 32 when running the multi-perf and multi-perf-v6 test modules if the perfStreams testvar is set to a value greater than 32. [LH #4148]
Relaxed skip logic to allow the perf-lan and perf-lan-v6 tests to run in bridge mode configurations. [LH #4178]
The test descriptions of perf_10 and ipv6_perf_10 mistakenly referred to testvar “perfDHCPRestartLatency”, which does not exist. The correct testvar perfDHCPRestartMaxLatency. The test descriptions have been updated. [LH #4244]
Performance graphs now support values greater than 1 Gbps. In addition, a all performance graphs now default to auto for the graph scale.
All latency tests now verify and graph the upload and download latencies independently. Previously only the sum of the upload and download latencies was verified and graphed. [LH #3330]

CDRouter USP

Resolved a fatal error when generating STOMP error messages. [LH #4219]
Resolved issue with test case usp_30 that sometimes resulted in a fatal error when trying to download new firmware. Also adjusted test to be more event driven instead of time based. [LH #4189]

August 15, 2019

New Features and Enhancements

CDRouter

WAN side 802.1X authenticator now supports EAP-PEAP

CDRouter’s WAN authenticator now supports EAP-PEAP v0 and v1 with MS-CHAPv2 using anonymous outer identities. PEAP can be enabled by setting the testvar wanEapType to the new value eap-peap. CDRouter’s WAN authenticator is used to authenticate wired and wireless clients when 802.1X authentication is enabled on the WAN. [LH #4209]
New test case for verifying the DUT’s ping behavior on the WAN

A new test case, cdrouter_icmp_7 has been added to the icmp module. This test case verifies the expected behavior of the DUT when it receives ICMP pings on the WAN. If the testvar wanPingRespond is set to yes, this test will verify that the DUT responds to pings on the WAN. If set to no, this test verifies that the DUT does not respond to pings on the WAN. [LH #4261]

CDRouter BBF.069

BBF.069 updated

CDRouter is now shipping with Release 9.1 of the BBF.069 scripts from the UNH-IOL. For a complete list of modifications included with this release, please see the notes section below.

Testvar updates

Testvars added to this release:

None

Testvars modified or removed in this release:

None

Test Modules and Test Cases

CDRouter

New ICMP test case

TEST: cdrouter_icmp_7
MODULE: icmp
DESCRIPTION: Verify ICMP Echo Requests to router's WAN side IP address from the WAN

Notes

CDRouter

Some refactoring of CDRouter’s client and server EAP/EAPOL functionality has been performed as part of the work associated with adding EAP-PEAP support to the WAN side 802.1X authenticator. [LH #4209]
The default value of the wanPingRespond has been changed from yes to no for consistency with the default configuration of most DUTs. [LH #4261]
Set the maximum value of the natMaxTcpConns to 4000. This is the largest value supported on current NTA1000 systems. [LH #4256]

CDRouter IPv6

Resolved an issue associated with the dhcpv6ClientOptionRequest testvar. In previous releases CDRouter’s DHCPv6 clients were not honoring this testvar. [LH #4250]
The ula_12 test case has been updated and can now be run in 6to4 and 6rd WAN configurations. [LH #4234]

CDRouter Performance

CDRouter will now generate a failure if any of the interfaces used for a performance test do not have IPv4 and/or IPv6 addresses at the start of the test. [LH #4176]

CDRouter TR-069

The wireless configuration verification tests in the tr69_wireless and ir181 test modules have been updated. These tests now validate that the DUT includes the client MAC in the AssociatedDevice table after the basic traffic verification step has been performed. This resolves an issue with some implementations where the AssociatedDevice table was verified before it had been fully updated by the DUT. [LH #4246]
Resolved a regression in the tr69_wireless_40, tr69_wireless_41, tr69_wireless_42, ir181_test_5.6.9, ir181_test_5.6.11, and ir181_test_5.6.13 test cases which prevented CDRouter from properly associating with the DUT after changing the wireless configuration. This regression was introduced in release 11.5.2 as part of the WPA3 work. [LH #4262]
Updated the od128_test_19.1 test case to prevent configuration of a wireless channel that is not supported by the DUT. [LH #4247]
The cdrouter_heartbleed_300 test case has been updated to use an alternate ACS server to verify the Heartbleed exploit against the DUT. The DUT’s Device.ManagementServer.URL parameter will temporarily be changed to direct the DUT to the alternate ACS. The location of SSL certificates for the alternate ACS are configurable using the acsDownloadCertPath and acsDownloadCaCertPath testvars. [LH #4259]
Re-factored the code associated with the tr69ForceBoolean testvar. [LH #4223]

CDRouter BBF.069

The bbf069UploadType testvar was updated to support the “3 Vendor Configuration File <i>” and “4 Vendor Log File <i>” FileType values. [LH #156]
The 5_103_periodic_inform_time_past and 5_104_periodic_inform_time_future tests were updated to improve validation of the DUT’s reported CurrentTime parameter and any parsing errors in the test log. [LH #179]
The 5_081_download_queuing test was updated with additional logging to aid in troubleshooting failures. [LH #171]
Resolved an issue in the 5_036_redirect_cookies test sometimes caused the ACS to quote the DUT’s cookie value, resulting in a mismatch and eventual test failure. [LH #159]
Updated 5_098_inform_ip_address_change test to make it compatible with changes to CDRouter’s DHCP server in CDRouter 11.0. Those changes were causing a fatal error in this test. [LH #170]
Resolved an issue in the 5_032_redirect_multiple_redirections test to ensure the alternate ACS uses the correct transport and port when redirecting the DUT back to the primary ACS. [LH #182]
Updated the 5_019_conn_request and 5_020_conn_request_session_exists tests to support XMPP connection requests. Before this, only HTTP connection requests were supported. [LH #185]
The 5_023_conn_TLS and 5_024_conn_TLS_1_2 tests were updated to ensure the DUT does not have any pending Inform messages at the start of the test. Prior to this change, an unexpected connection from the DUT could cause the ACS to accept the CWMP session without requiring TLS 1.0, resulting in a false positive test result. [LH #186]
CDRouter will now automatically skip the DHCPv4.tcl test module if IPv4 is not enabled in the config file. Likewise, the DHCPv6.tcl test module if IPv6 is not enabled. [LH #181]
The 5_097_DUT_properly_encodes_and_decodes_XML_entities_test test was updated to ensure that the DUT is always returned to its original state at the end of the test. In some situations, the test would exit early without resetting the Device.ManagementServer.Username and Device.ManagementServer.Password parameters to their original values. [LH #161]
Resolved a packet processing bug that was causing “ERROR(pktsrc)” errors to be reported in the 5_019_conn_request and 5_020_conn_request_session_exists tests. [LH #172]
Fixed a timing problem that caused the 5_089_factoryReset test to miss the TCP FIN sent by the DUT, resulting in a false negative test result. [LH #164]
Updated the 5_020_conn_request_session_exists test to address a fatal error caused when the DUT unexpectedly terminates the initial CWMP session. [LH #175]
Test cases 5_021_conn_after_interval, 5_067_SPA_Active_notif_persist, 5_074_addObject, 5_060_GPA_complete_path and 5_061_GPA_multiple_complete_path were updated to address an error that can occur if the GetParameterAttributes request fails unexpectedly. [LH #165]
Resolved an issue in the 5_021_conn_after_interval test that could cause a fatal error when resetting the PeriodicInformInterval parameter. [LH #169]
Fixed a bug in the 5_042_SPV_SOAP_Fault test that resulted in a fatal error in some situations. [LH #162]
A number of additional tests that require user intervention will now be skipped if the test package is not run with “pause mode” enabled. The full list of manual tests is shown below [LH #163]:
- 5_001_DHCPv4_ACS_discovery
- 5_002_DHCPv6_ACS_discovery
- 5_003_DHCPv4_ACS_rediscovery
- 5_004_DHCPv6_ACS_rediscovery
- 5_005_DHCPv4_Inform_retry
- 5_006_DHCPv6_Inform_retry
- 5_011_Same_mechanism_after_factoryReset
- 5_012_DHCPv4_null_term_URL
- 5_013_DHCPv6_null_term_URL
- 5_016_ACS_URL_mod_3rd_party
- 5_018_event_discard_after_bootstrap
- 5_066_SPA_Active_notif
- 5_069_SPA_complete_path_passive_notif
- 5_070_SPA_partial_path_passive_notif
- 5_071_SPA_complete_partial_path_passive_noti
- 5_072_SPA_disable_notif
- 5_079_Manual_Reboot
- 5_089_factoryReset
- 5_098_inform_ip_address_change
- 5_099_no_inform_ip_address_change
- 5_100_enable_cwmp_to_false
- 5_105_default_active_notification_throttle
Patched the 5_068_SPA_atomic test case to ensure that the value set in subsequent SetParameterAttribute RPCs is different than the initial value at the start of the test. [LH #4270]

CDRouter 11.4

Release Type	Release Number	Release Date
Original	CDRouter 11.4 Build 1	May 23, 2019
Maintenance Release 1	CDRouter 11.4 Build 2	June 20, 2019

Note: CDRouter 11.4 includes many new features and configuration testvars. Old config files can be automatically upgraded to include all new CDRouter 11.4 testvars using the config upgrade utility.

Attention: Operating System Deprecation Notice

All CDRouter systems will require the CentOS 7 operating system in order to install CDRouter 12.0 and beyond.

May 23, 2019

New Features and Enhancements

CDRouter

Updated log file viewer

CDRouter’s integrated log file viewer has been updated to improve the overall performance and usability when viewing and analyzing large log files.

This update increases the limit on the number of log lines that can be displayed from 100k to 700k when using newer releases of the Chrome, Firefox, and Safari browsers (Microsoft Edge imposes a limit of 270k lines). In addition to increasing the number of lines that can be viewed, the load time and scrolling / navigation performance have been significantly improved. [LH #4134]
Packet decode pane in log file viewer can now be resized

The packet decode pane within CDRouter’s log file viewer can now be resized both vertically and horizontally making it easier for users to optimize their analysis layout and view. [LH #4134]
New DHCP test cases

Three new DHCP test cases have been added to CDRouter to verify that the DUT’s client or server only responds to DHCP requests on the correct port. Please see the new test modules and test cases section below for more information. [LH #3828]
New network health check feature available during startup

CDRouter will now perform a series of tests at the end of the “start” procedure to verify basic network connectivity between the DUT and CDRouter. A new testvar, healthCheckEnable, has been added to enable these checks. When running them, CDRouter will successively ping each known router hop along the path between its local interface and the DUT. A summary of the results are displayed at the end of the “start” test log. This can be helpful in routed setups for detecting possible packet loss or routing problems during the initialization of a test run. [LH #4145]

CDRouter TR-069

Support for HTTP bulk data collection

CDRouter now supports HTTP Bulk Data Collection as defined in Annex N of TR-069 Amendment 6. The new tr69_annex_n test module has been added to test and verify this functionality. The tr69_annex_n test module includes 16 new test cases that provide coverage for basic bulk data collection over HTTP and HTTPS using different combinations of CSV and JSON encoded data, single and multiple parameter reporting, with and without optional URI parameters.

Note that HTTP Bulk Data Collection requires Device:2 data model support. [LH #3835]
New test case for verifying SetParameterValues failure with multiple invalid parameters

A new test case, tr69_26, has been added to the tr69 test module. This test case verifies that the DUT generates the proper Fault structure when it receives a SetParameterValues RPC with multiple invalid parameters, based on the following requirement in Section 3.5 of TR-069 Amendment 6:

A SetParameterValuesFault element, to be used only in an error response to the SetParameterValues method, that contains a list of one or more structures indicating the specific fault associated with each parameter in error. [LH #4147]
Enhancements to HTTP redirect test cases

The tr69.tcl test module has been updated to more thoroughly verify how the CPE follows HTTP redirects from the ACS. Four new test cases (tr69_35 through tr69_38) have been added to verify redirects to a different TCP port number and redirects from HTTP to HTTPS.

The existing redirect test cases (tr69_31 through tr69_34) have also been modified so that HTTPS URLs will be redirected to another HTTPS URL (not HTTP). Additionally, all of these tests now issue an alternate URL containing a fully-qualified domain name, as opposed to an IP address. These changes produce more realistic scenarios for testing HTTP redirects. [LH #2056]
New test case for verifying CPE fault codes

A new test case, tr69_27, has been added to the tr69 test module. This test verifies that the CPE returns the correct CWMP fault code for various scenarios according to Section A.5.1 of TR-069 Amendment 6. [LH #4163]
New test case for verifying InstanceWildcardsSupported parameter

A new test case, tr69_wildcards_supported, has been added to the tr69 test module. This test verifies that the InstanceWildcardsSupported parameter aligns with the functionality of the DUT.

Note that the InstanceWildcardsSupported parameter requires Device:2 data model support. [LH #4133]

CDRouter Performance

Support for performance over stacked VLAN configurations on the WAN

CDRouter’s performance tests can now be run in configurations that utilize stacked VLANs on the WAN. Both types of stacked VLAN configurations, 802.1ad and QinQ, are supported. [LH #4010]

New Test Modules and Test Cases

CDRouter

New DHCP test cases for verifying correct ports are used

TEST: cdrouter_dhcp_35
MODULE: dhcp-c
DESCRIPTION: Verify client ignores DHCPFORCERENEW messages on port 67

TEST: cdrouter_dhcp_36
MODULE: dhcp-c
DESCRIPTION: Verify client ignores DHCPOFFER messages on port 67

TEST: cdrouter_dhcp_server_36
MODULE: dhcp-s
DESCRIPTION: Verify DHCP server ignores DHCPDISCOVER messages on port 68

CDRouter TR-069

New test module for Annex N bulk data collection

MODULE: tr69_annex_n
DESCRIPTION: TR-069 tests for Annex N Bulk Data Collection
TEST CASES: 16

New test case for verifying SetParameterValues failure with multiple invalid parameters

TEST: tr69_26
MODULE: tr69
DESCRIPTION: Verify error code is returned for every failed parameter in SetParameterValues

New test case for verifying CPE fault codes

TEST: tr69_27
MODULE: tr69
DESCRIPTION: Verify CPE returns the correct fault codes

New test case for verifying InstanceWildcardsSupported parameter

TEST: tr69_wilcards_supported
MODULE: tr69
DESCRIPTION: Validate the InstanceWildcardsSupported parameter aligns with the functionality of the DUT

New tests to verify HTTP redirects to a different TCP port number and redirects from HTTP to HTTPS

TEST: tr69_35
MODULE: tr69
DESCRIPTION: Verify CPE follows 302 redirects to new ACS server with a specified port number log

TEST: tr69_36
MODULE: tr69
DESCRIPTION: Verify CPE follows 307 redirects to new ACS server with a specified port number log

TEST: tr69_37
MODULE: tr69
DESCRIPTION: Verify CWMP session can be redirected from HTTP to HTTPS using 302

TEST: tr69_38
MODULE: tr69
DESCRIPTION: Verify CWMP session can be redirected from HTTP to HTTPS using 307

Bug Fixes and Notes

CDRouter

Resolved a false negative failure in the rfc5508_rec_2 test case when run in configurations using PPTP or L2TP on the WAN. [LH #4159]
The ability to expand and collapse sections within CDRouter’s log file viewer has been removed. This feature is not compatible with CDRouter’s updated and improved log file viewer. [LH #4134]
CDRouter’s log file viewer now has its own search feature which can be accessed by typing CTRL + F within the log file viewer. Previously this command would open the browser’s native search feature, which is no longer supported in CDRouter’s updated log file viewer. Most search functions supported natively by the browser are also supported by CDRouter’s built-in search feature. [LH #4134]
A number of fixed delays have been removed from the scaling tests. These delays should not be needed by most modern devices. Removal of these delays reduces the duration of the scaling tests. [LH #4155]
Enhancements have been made to CDRouter’s wireless LAN clients to improve error detection and reconnection when its association to access point has been lost [LH #4155]
Resolved a test case cleanup issue in the cdrouter_app_140 and ipv6_app_140 test cases that could prevent these tests from running properly if they were run multiple times in the same test run. [LH #4167]

CDRouter IPv6

The rfc5508 test module is not compatible with DS-Lite WAN mode and is now automatically skipped in these configurations. [LH #3403]
The ndp and ndp-wan test modules have been updated to use a new set of procs to determine the MAC address of the DUT when needed. [LH #4093]

CDRouter TR-069

Tests tr69_31 through tr69_34 have been updated to send HTTP redirects with URLs containing a fully-qualified domain name of an alternate ACS, rather than an IP address. This provides a more realistic redirection scenario and verifies that the DUT performs full HTTPS/TLS certificate validation with the new ACS. [LH #2056]
Two new testvars have been added: docsisDhcpRelayServer and docsisDhcpv6RelayServer. These testvars specify the DHCP/DHCPv6 relay server address of the CMTS in DOCSIS test setups. These testvars complement the dhcpRelayServer and dhcpv6RelayServer testvars, and are only needed in certain network configurations. Normally, CDRouter only has routing information to reach the IP subnet/IPv6 prefix of the DUT’s WAN interface and its own local interface. If the relay server uses an unknown address (such as its upstream WAN interface) as the source address for DHCP/DHCPv6 requests, CDRouter would not be able to respond to them because the address is not in CDRouter’s routing table. These testvars will allow CDRouter to send responses back to the specified addresses. [LH #4115]
The “XMPP connection request configuration” check that runs in the CDRouter “start” procedure was updated to better handle situations where the DUT sends an Inform to the ACS before responding to the connection request. This prevents the problem of having the ACS receive an unexpected “6 CONNECTION REQUEST” Inform while the first test case is running. [LH #4154]

CDRouter Performance

CDRouter Performance now takes advantage of kernel-based packet filtering on systems with a 4.14 or newer Linux kernel. Older systems will continue to implement user-space packet filtering. Kernel-based packet filtering is more efficient and improves the overall performance of the system. As part of this update, CDRouter will also automatically truncate the value of the testvar perfUdpLen, if needed, to avoid fragmentation. [LH #4140]

CDRouter ICS

The default value of the icsInterface testvar has been changed to none instead of eth0. Note that this will cause a configuration error if supportsICS is set to “yes”, but this testvar has not been explicitly set. When setting the value of icsInterface, CDRouter will automatically provide a list of possible values from the available interfaces on the system. [LH #4144]

June 20, 2019

New Features and Enhancements

CDRouter

New IPv4 fragmentation test module

A new test module, nat-frag, has been added to this release. This test module includes six new test cases that verify the behavior of the DUT’s NAPT implementation with TCP, UDP, and ICMP fragmentation with both in-order and out-of-order fragments. [LH #4141]

New Test Modules and Test Cases

CDRouter

New test module verifying NAPT behavior with IPv4 fragmentation

MODULE: nat-frag
DESCRIPTION: NAPT tests for IPv4 fragmentation
TEST CASES: 6

Bug Fixes and Notes

CDRouter

Resolved an issue in CDRouter’s web UI associated with filtering results by date. This issue only impacted the Microsoft Edge and Firefox browsers. [LH #4123]
CDRouter now supports L2GRE test scenarios that contain one or more routing hops between the L2GRE client and remote endpoint. No additional configuration is required to support these setups; CDRouter will automatically account for any intermediate routers, if present. [LH #4190]
The password input box on the /system/upgrade page within the web UI has been removed. This field is no longer required by the new CDRouter Customer Lounge when upgrading CDRouter through the web interface. [LH #4117]
Resolved an error when trying to view the start.txt log file within the web UI for results generated in CDRouter 9.3 or earlier releases. This issue was introduced in CDRouter 11.4.1, and impacts the 11.4.1 release only. [LH #4183]
Resolved an issue with the elapsed time calculation for a running test within the web UI. This update prevents the elapsed time from changing formats during a test run. [LH #3709]
The cdrouter_dhcp_35 test case is now automatically skipped if the DUT does not support DHCP authentication, as configured by the testvar supportsDhcpAuth. [LH #4193]
Resolved an issue with CDRouter’s PPTP client shutdown routine that would prevent forwarding of IPv4 multicast traffic on the LAN in subsequent tests. [LH #4187]
CDRouter 11.1.1 through CDRouter 11.4.1 contained an issue in which the number of wireless LAN clients created by CDRouter was not restricted by the lanWirelessMaxClients testvar. This issue has been resolved. CDRouter now adheres to the lanWirelessMaxClients when creating wireless LAN clients. [LH #4195]
Removed the requires-dhcp-pool-size-le-64-wireless-lan skip label which was used to skip the cdrouter_scale_10 test case in configurations where only wireless LAN interfaces were available and the DHCP pool size was greater than 64. This constraint no longer applies to NTA1000v6 systems which can create more than 64 wireless LAN clients. To resolve this issue the cdrouter_scale_10 test case has been updated to generate a failure if the DHCP pool cannot be exhausted. [LH #4194]

CDRouter DOCSIS

CDRouter’s network health check feature has been updated to support DOCSIS setups. The network connectivity health tests performed at the end of the start procedure will now verify connectivity to nodes along the path between the DUT’s Cable Modem and CDRouter’s WAN interface. Note that you must set the healthCheckEnable testvar to yes to enable this health check feature. [LH #4119]

CDRouter TR-069

The testvar acsDownloadCaCertPath is now disabled by default. This means it does not have a value unless it is uncommented and given one in a CDRouter configuration file. This now matches the behavior of acsCaCertPath. [LH #4211]
In tests tr69_31 through tr69_38, the alternate ACS (acs-download.qacafe.com) was not transmitting the CA certificates contained in the acsDownloadCaCertPath file when initializing an SSL/TLS connection with the DUT. This has been resolved. Note that the certificates from this file will only be sent if acsDownloadCaCertPath is explicitly defined in the config file. Otherwise, only the server certificate (acsDownloadCertPath will be sent. [LH #4204]
Added an additional configuration constraint to verify that the CWMP bootstrap scenario file exists and is readable, if defined using the testvar cwmpScenarioBootstrap. [LH #4196]
CDRouter’s RADIUS server will now be automatically enabled when running ir181_test_5.6.9, ir181_test_5.6.11, ir181_test_5.6.13, tr69_wireless_40, tr69_wireless_41, and tr69_wireless_42. Previously these tests would not enable the RADIUS server, which would lead to test failures if the RADIUS server was not already enabled during start (which would occur only if WPA/WPA2 Enterprise were initially configured). [LH #4179]
The AddObject issued by CDRouter for the Device.Firewall.Chain parameter in the ir181_test_5.5.1, ir181_test_5.5.2, ir181_test_5.5.3, and ir181_test_5.5.4 tests is now properly formatted. Previously this AddObject was not using calculating the correct instance number which would generate a CWMP fault when sent to the DUT. [LH #4179]
The source and destination addresses used to verify the port mapping behavior in the ir181_test_5.5.1, ir181_test_5.5.2, ir181_test_5.5.3, and ir181_test_5.5.4 are now obtained from the configured free network range. [LH #4179]
The length of the packets used for the forwarding portion of the ir181_test_5.5.1, ir181_test_5.5.2, ir181_test_5.5.3, and ir181_test_5.5.4 has been set to 256 bytes. Previously the length was not specified which would generate a fatal error. [LH #4179]
The ir181_test_5.5.1, ir181_test_5.5.2, ir181_test_5.5.3, and ir181_test_5.5.4 tests were previously issuing a GetParameterValues RPC for the parameter Device.DestinationInterface, which does not exist in the Device:2 data model and would generate a CWMP fault when sent to the DUT. This issue is the result of a typo in the IR-181 test plan which has now been reported to the Broadband Forum. The correct parameter is Device.DestInterface. These tests have been updated to use the correct parameter name. [LH #4179]
Previously the ir181_test_5.5.1, ir181_test_5.5.2, ir181_test_5.5.3, and ir181_test_5.5.4 tests were specifying an invalid type value of integer when issuing SetParameterValues RPCs for certain parameters. These tests have been updated to specify the correct type syntax of int for the impacted parameters. [LH #4179]
The ir181_test_5.4.3 now sets the Protocol parameter for the port mapping instance that is created to UDP as defined in test test procedure. Previously this test set the Protocol parameter to TCP. [LH #4200]
The ir181_test_5.4.1 through ir181_test_5.4.9 tests (with the exception of ir181_test_5.4.2) now query the DUT for WAN interface instance that is in use and use that interface when creating port mappings. [LH #4201]
The ir181_test_5.3.1 test was updated to resolve a fatal error that occurred when the DUT did not return an expected instance of the “Device.Ethernet.Link.{i}.LowerLayers” parameter [LH #4203]
The ir181_test_5.2.6 test case now explicitly sets all required parameters even if the default value for each parameter is what is defined in the test procedure. [LH #4207]
The ir181_test_5.2.7 test case now explicitly sets the Interface parameter to an empty string as specified in the test procedure. [LH #4208]
The **URL that the ACS sends in its ChangeDUState request no longer matches the filename of the image being downloaded. The DUT seems to require the URL to contain the name of the file ending in “.gz”.

We changed the URL format so that the ACS could use the same URL in each of the od128_test_35.* tests, regardless of which image was actually being downloaded. One of the requirements of the ChangeDUState request is that the CPE must follow through with the requested Install or Update, even if the URL is the same as one that was used in a previous operation.

Tests od128_test_35.1 through od128_test_35.6 have been updated and now require two different Deployment Unit images in order to run. Three additional testvars have been introduced in order to support this enhancement. All six of the following testvars must now be defined in order to run these tests:
```
-  tr69DUInstallUUID
-  tr69DUChangeExecEnvRef
-  tr69DUInstallImage
-  tr69DUInstallImageVersion
-  tr69DUInstallImageAlternate
-  tr69DUInstallImageAlternateVersion
```
The ACS will first check the Device.SoftwareModules.DeploymentUnit.{i}.Version parameter to determine which version of the Deployment Unit is currently installed (if any), and then send a ChangeDUState RPC to instruct the DUT to download a different image version, either tr69DUInstallImage or tr69DUInstallImageAlternate.

Note that the URL argument will always contain the same file name in each test ("DeploymentUnitImage.bin"), but the ACS will dynamically map the URL to either the tr69DUInstallImage or tr69DUInstallImageAlternate image file. This verifies that the DUT follows through with the requested Install or Update operation, even if the URL is the same as one that was used in a previous operation. [LH #4184]
Tests od128_test_35.3 through od128_test_35.6 may no longer be run independently. Unlike most tests in CDRouter, these tests rely on the assumption that test od128_test_35.1 has already been run and that the Deployment Unit image is installed on the DUT. CDRouter will automatically abort these tests if the first test in the set has not already been run. [LH #4184]

CDRouter BBF.069

Many of the SSL Certificate files used with the BBF.069 tests have been updated with new expiration dates. Note that certificates shipped with earlier versions of CDRouter’s BBF.069 expansion may no longer be valid. [LH #4197]

CDRouter 11.3

Release Type	Release Number	Release Date
Original	CDRouter 11.3 Build 1	March 28, 2019
Maintenance Release 1	CDRouter 11.3 Build 2	April 25, 2019

Note: CDRouter 11.3 includes many new features and configuration testvars. Old config files can be automatically upgraded to include all new CDRouter 11.3 testvars using the config upgrade utility.

Attention: Operating System Deprecation Notice

All CDRouter systems will require the CentOS 7 operating system in order to install CDRouter 12.0 and beyond.

March 28, 2019

New Features and Enhancements

CDRouter

Support for captive DNS

The cdrouter_app_30 and ipv6_app_112 test cases have been updated to support captive DNS, which is a DNS filtering feature that re-routes all outbound DNS requests to the DUT’s local DNS server.

Captive DNS prevents LAN clients from bypassing any DNS based content filtering or parental control mechanisms that may be implemented within the DUT. The new testvar dnsCaptive specifies whether or not captive DNS is enabled within the DUT.

CDRouter IPv6

New IPv6 Top-100 Test List

CDRouter now includes a sample test package containing CDRouter’s top 100 IPv6 test cases. The tests in the IPv6 Top-100 test list focus on fundamental IPv6 functionality that every IPv6 CPE gateway should support. This test package can be used as a testing benchmark of essential IPv6 support, and is a great way to quickly evaluate the IPv6 operation of any CPE device. This package is also marked as a test list, so it can be included automatically in any other CDRouter test packages that you build. You can read more about the IPv6 Top 100 test list in our quick start guide.

CDRouter TR-069

New TR-069 Essentials Test List

CDRouter now includes a sample test package containing CDRouter’s TR-069 test cases. The tests in the TR-069 Test List focus on core TR-069 functionality including CWMP protocol operation and Baseline data model support that every TR-069 capable CPE device should support. This test package can be used to set a baseline for a CPE’s TR-069 support, and is a great way to quickly evaluate the fundamental operation of any TR-069 device. This package is also marked as a test list, so it can be included automatically in any other CDRouter test packages that you build. You can read more about the TR-069 test list in our quick start guide.
Support for TR-069 Amendment 6 enhancements

CDRouter has been updated to support many of the new features and enhancements added to Amendment 6 of the TR-069 specification published by the Broadband Forum. Updates include support for Alternate Firmware Images, Heartbeat Inform Events, and Wildcard Parameter Names. New test cases have been added to the tr69.tcl module to validate these features on the CPE device under test.

CDRouter Performance

New testvar for specifying differentiated services code point (DSCP) value

The new testvar perfDSCP can be used to set the differentiated services field (DS field) in the IPv4 header or the traffic class field (TC field) in the IPv6 header of all performance traffic that is generated by CDRouter to a specific value.

NTA1000

New 5.5 Golden Image

A new version of the NTA1000 disk images has been created. This set of disk images is based on the new nta1000-updates-5.5-3.el7.x86_64.rpm, which is also available. This set of disk images and the RPM are for pre-v6 NTA1000 systems only. For more information, please see the Golden Image Release Notes.

New Test Modules and Test Cases

CDRouter TR-069

TR-069 Amendment 6 Wildcard Parameter Names

TEST: tr69_wildcard_1         
MODULE: tr69.tcl
DESCRIPTION: Validate GetParameterValues RPC works with wildcards

TEST: tr69_wildcard_2         
MODULE: tr69.tcl
DESCRIPTION: Validate GetParameterNames RPC works with wildcards

TEST: tr69_wildcard_3         
MODULE: tr69.tcl
DESCRIPTION: Validate GetParameterAttributes RPC works with wildcards

TR-069 Amendment 6 Heartbeat Inform Events

TEST: tr69_heartbeat_1        
MODULE: tr69.tcl
DESCRIPTION: Verify non-heartbeat sessions take precedence

TEST: tr69_heartbeat_2        
MODULE: tr69.tcl
DESCRIPTION: Verify other events are not included in heartbeat messages

TEST: tr69_heartbeat_3        
MODULE: tr69.tcl
DESCRIPTION: Verify heartbeats are discarded if there is an existing heartbeat session

TEST: tr69_heartbeat_4        
MODULE: tr69.tcl
DESCRIPTION: Verify non-heartbeat Informs take precedence over Heartbeats

TEST: tr69_heartbeat_5        
MODULE: tr69.tcl
DESCRIPTION: Ensure heartbeats are dropped if heartbeat session is being retried

TR-069 Amendment 6 Alternate Firmware Images

TEST: tr69_inactive_firmware_1        
MODULE: tr69.tcl
DESCRIPTION: Verify Multiple Firmware Images mechanism functions properly

Bug Fixes and Notes

CDRouter

In CDRouter 11.2, the Automatic Upgrade feature in CDRouter’s web interface was updated to support the newly redesigned CDRouter Customer Lounge website, which no longer supports password authentication. Please see the CDRouter 11.2 Release Notes for details. [LH #3998]
The generic cdrouter_check_connectivity proc which is used by CDRouter to verify that IPv4 and/or IPv6 connectivity is working as expected in various test cases has been updated. This proc will now always check both IPv4 and IPv6 connectivity if called with a value of auto. [LH #4113]
Resolved an issue with pptp-pt test module in which the PPTP pass-through connections were not properly cleaned up, causing subsequent tests from the pppoe-pt module to generate a fatal error. [LH #4110]
Resolved an issue with the dns_tls_150 and dns_tls_400 test cases which were not using TLS as a transport. [LH #4124]

CDRouter IPv6

Updated the dhcpv6_pd_15 test case to send a Router Solicitation instead of just waiting for the DUT to send its next periodic unsolicited RA. [LH #4118]
The icmpv6_34 test case will now be skipped in DHCPv6 relay or routed IPv6 setups. Previously this test case would run but fail in these setups because the intermediate router or relay would drop the ping packet that was sent by CDRouter with a TTL of 0. [LH #4112]
Resolved an issue with the ipv6_dns_tls_150 and ipv6_dns_tls_400 test cases which were not using TLS as a transport. [LH #4124]
The v6_cpe_2_5 test case is not compatible with DHCPv6 on the LAN and will now be skipped unless autoconf is used. [LH #4084]
The common test cleanup produced used within the cpe-v6 module has been updated to send a valid RA based on the settings in the configuration file once all other cleanup steps have been performed. [LH #4084]

CDRouter TR-069

The tr69_wireless_50 test case has been updated to verify that each WiFi channel reported by the DUT is supported by the CDRouter system’s wireless interface before attempting to test it. [LH #4104]

CDRouter Performance

Upgraded the underlying core engine for the Performance Expansion to use iPerf v3.6. This upgrade included several minor bug fixes and enhancements to iPerf. It also allows a CDRouter log enhancement to display both the sender and receiver summary statistics for the UDP throughput test cases. [LH #3106]
Modified the multicast upload performance test cases perf_mcast_2 and ipv6_perf_mcast_2 to restrict the number of streams to 1, regardless of the value set for perfStreams or perfStreamIncr, to achieve more realistic results.

April 25, 2019

Bug Fixes and Notes

CDRouter

Resolved an issue where the testvar wanDutClientID was not always evaluated as case-insensitive. Both upper and lower case hex characters will now be equivalent. [LH #4130]
In previous releases, the CDRouter web CLI would generate the following error message if the -https flag was not specified when running commands on systems with HTTP Strict Transport Security (HSTS) enabled via the force_https option in the web server configuration file:
```
[root@astro ]# cdrouter -package "foo" -token ea39bf22
2019/03/15 09:55:22 json: cannot unmarshal array into Go struct field .data of type job.Job
```
The CDRouter web CLI has been updated to automatically detect if the force_https option is enabled and behave as if the -https has been applied which will prevent this error from occurring. [LH #4125]
CDRouter now has a basic unicast reverse path forwarding filter (uRPF) for both IPv4 and IPv6. With this modification CDRouter will drop incoming packets if the source address of the packet matches a unicast source address of the receiving stack. [LH #4096]
In configurations with more than 10 LAN test clients, CDRouter now rotates through the list of clients numerically rather than alphabetically. [LH #4069]

All of the DHCP/DHCPv6/autoconf scaling tests have been re-factored. These tests now utilize any existing LAN stacks or additional LAN clients that may have been created using the lanClients testvar.

These changes impact the following tests:

Test Module	Expansion	Test Case(s)
scaling	Base	all
scaling-v6	IPv6	all
sip-alg	Base	cdrouter_sip_200
sip-alg-tcp	Base	cdrouter_sip_tcp_200
ftp	Storage	ftp_52
ftps	Storage	ftps_52
ftp-v6	Storage	ipv6_ftp_52
ftps-v6	Storage	ipv6_ftps_52
smb	Storage	smb_52
smb-v6	Storage	ipv6_smb_52

In addition, the cdrouter_scale_3 and ipv6_scale_3 tests have been updated for compatibility with configurations that have a small free network range. These tests will now create as many unique WAN servers as possible and increment port numbers on the servers if needed to create additional endpoints. [LH #4020]

Resolved an issue with the HTTP server that is initialized in the cdrouter_renum_pppoe_6 test case. This issue prevented devices from establishing a TCP connection to the server, which ultimately led to a false negative test failure. Note that this issue was introduced in CDRouter 11.2.1, and only impacts the 11.2.X releases. [LH #4152]

CDRouter IPv6

Resolved an issue with the config validation logic for the testvar ipv6LanIp. In previous releases this testvar would generate a config check error if a full 64-bit prefix was specified in addition to the keyword %eui64% for the 64-bit host ID. This issue has been resolved, making it possible to specify values such as 3001:1111:1111:1111::%eui64% or 3001:1111:1111:1111:%eui64% for this testvar. [LH #4018]
The perf-mcast-v6 test module is not compatible with 6to4 and 6rd IPv6 WAN modes and will now be automatically skipped in these configurations. [LH #4146]

CDRouter BBF.069

This release includes bug fixes that are not yet available in the official test scripts used for Broadband Forum BBF.069 Certification testing. The UNH-IOL is expected to make these changes available after completing its next development and validation cycle. Please contact the UNH-IOL for more information.
Updated tests in the XMPP.tcl module to adjust for recent changes in CDRouter’s TLS protocol implementation. This will resolve errors that occurred while processing TLS messages. [LH #4139]
Updated the 5_097_DUT_properly_encodes_and_decodes_XML_entities test case to resolve a problem that occurs with XMPP Connection Requests. [LH #4135]

CDRouter USP

CDRouter’s USP controller was updated to use any existing websocket connection that may exist with the DUT (agent) instead of automatically initiating a new connection. [LH #4136]

CDRouter 11.2

Release Type	Release Number	Release Date
Original	CDRouter 11.2 Build 1	February 6, 2019
Maintenance Release 1	CDRouter 11.2 Build 2	March 4, 2019

Note: CDRouter 11.2 includes many new features and configuration testvars. Old config files can be automatically upgraded to include all new CDRouter 11.2 testvars using the config upgrade utility.

Attention: Operating System Deprecation Notice

Support for the Ubuntu operating system has been deprecated. CDRouter systems running on Ubuntu will now see warning messages during installation and in the ‘start’ log of a test run. Support for this operating system will be officially removed with the next major version of CDRouter (12.0). Please contact support@qacafe.com for additional information and assistance in migrating to a supported operating system.

February 6, 2019

New Features and Enhancements

CDRouter

802.11ac Wave 2

CDRouter now supports 802.11ac Wave 2 connections for both simulated LAN clients and WiFi WAN connections. This support comes through the new NTA1000v6 platform, released alongside CDRouter 11.2. If you are interested in upgrading your system to the NTA1000v6, please reach out to sales@qacafe.com.

In addition, Wi-Fi scaling tests are now supported on all 3 of the NTA1000v6 wireless cards.
Support for DNS over HTTPS (DoH)

CDRouter’s WAN DNS servers now support DNS over HTTPS (DoH) as defined in RFC 8484.

With the addition of DNS over HTTPS, CDRouter’s DNS servers now support four different transports: traditional DNS over UDP on port 53, DNS over TCP on port 53, DNS over TLS (DoT) on port 853, and DNS over HTTPS on port 443.

For more information please see our Knowledge Base article on testing DNS over TLS and HTTPS with CDRouter.

CDRouter Multiport

Support for layer 2 GRE tunnels on the WAN

CDRouter now supports layer 2 IPv4 GRE tunnels on the WAN, as defined in RFC 2784. For more information, please see the CDRouter User Guide.

A new l2gre test module, with 12 test cases, has also been added. This test module can be used to validate layer 2 GRE tunnel behavior on the DUT.

In addition, two more application style L2GRE tests have been added to apps and apps-v6 test modules. [LH #3260]

CDRouter IPv6

Support for IPv6 DNS over HTTPS (DoH)

CDRouter’s WAN IPv6 DNS servers now also support DNS over HTTPS as a transport. See the announcement above for more information.

CDRouter TR-069

New commands added to CWMP Scenario Testing feature

The CWMP Scenario Testing feature now includes support for GetParameterAttributes and SetParameterAttributes requests to allow scenarios to configure Notifications for any parameter in the CPE’s data model. The Event command has also been updated so that the parameters in Inform messages can be verified when a “Value Change” Event occurs.

These new commands are documented in the CWMP Scenario Testing section of the CDRouter TR-069 User Guide.

CDRouter ICS

Automatically generated capture file for all ICS traffic

When ICS is enabled CDRouter now automatically generates a separate capture file, per test case, for all ICS traffic. The new capture files can be accessed by clicking on the file labeled ics in the Files drop-down within the web UI.

ICS capture files allow users to quickly and easily see exactly what cloud service or resources a device is communicating with. This information is very helpful in understanding the behavior of a device and assessing its overall security.

New Test Modules and Test Cases

CDRouter

New L2GRE application tests

TEST: cdrouter_app_140
MODULE: apps.tcl
DESCRIPTION: Verify IPv4 L2GRE session through the router

CDRouter Multiport

New GRE test module

MODULE: l2gre.tcl
DESCRIPTION: L2 over GRE related test cases
NEW TEST CASES: 12

CDRouter

New IPv6 L2GRE application tests

TEST: ipv6_app_140
MODULE: apps-v6.tcl
DESCRIPTION: Verify IPv6 L2GRE session through the router

CDRouter TR-069

New ACS redirection test cases

TEST: tr69_35
MODULE: tr69.tcl
DESCRIPTION: Verify CPE follows 302 redirects to new ACS server with a specified port number

TEST: tr69_36
MODULE: tr69.tcl
DESCRIPTION: Verify CPE follows 307 redirects to new ACS server with a specified port number

Bug Fixes and Notes

CDRouter

The CDRouter Customer Lounge website has been redesigned and no longer supports password authentication. Instead, registered users can log in by entering their email address to receive a single-use login token via email. Consequently, the Automatic Upgrade feature on the /system/upgrade page of CDRouter’s web interface no longer requires a password. A valid, registered email address must still be entered for users to be able to automatically upgrade CDRouter to the latest version, however. Please contact support@qacafe.com if you have any questions about the CDRouter customer Lounge. [LH #3998]

The renum-dhcp, renum-l2tp, renum-pptp, and renum-pppoe test modules have been updated. Many of the tests in these modules have been updated with an additional test metric to explicitly verify that the original IP is properly restored and that traffic is flowing at the end of the test. The following table list the test cases affected: [LH #4062]

renum-dhcp	renum-l2tp	renum-pppoe	renum-pptp
cdrouter_renumber_1	cdrouter_renum_l2tp_1	cdrouter_renum_pppoe_1	cdrouter_renum_pptp_1
cdrouter_renumber_2	cdrouter_renum_l2tp_2	cdrouter_renum_pppoe_2	cdrouter_renum_pptp_2
cdrouter_renumber_3	cdrouter_renum_l2tp_3	cdrouter_renum_pppoe_3	cdrouter_renum_pptp_3
cdrouter_renumber_4	cdrouter_renum_l2tp_6	cdrouter_renum_pppoe_6	cdrouter_renum_pptp_6
cdrouter_renumber_5	cdrouter_renum_l2tp_50	cdrouter_renum_pppoe_50	cdrouter_renum_pptp_50
cdrouter_renumber_6

The dhcp-c.tcl modules can now be run when CDRouter is in “bridge mode” (testvar forwardingMode is set to “bridge”). [LH #3954]
Improved the TCP behavior associated with the IPv4 https and http2 test cases to better handle packets received out of order and also delayed closing the session to ensure receiving the TCP FIN. [LH #3846]
The version of TCL that CDRouter uses has been upgraded to 8.6.9.
The version of the wpa_supplicant driver that CDRouter uses has been upgraded to 2.7.
Resolved a memory leak leading to system unresponsiveness. This issue was triggered when an OSPFv3 LS Update packet was received by CDRouter. [LH #4081]
Resolved an issue with the NTP server option provided by CDRouter’s DHCP server on the WAN. In previous releases if two NTP servers were defined, the DHCP option would contain only the information for the second NTP server. Both NTP servers are now included in the DHCP option, if specified. [LH #4059]

CDRouter Multiport

The interface rotation logic for failure retries has been modified. Prior to this release, if the test retry package option was enabled in a configuration with multiple LAN interfaces, CDRouter would rotate to the next test interface when a test failed. Now, when a test fails under these conditions, all test retries will utilize the same test interface rather than rotating to the next test interface. [LH #4045]
Prior to this release, the scheme for automatically generating MAC addresses for wireless clients involved appending a 24-bit client identifier to the 24-bit cdrouterOui:
```
<24-bit OUI><24-bit Client ID>
```
This scheme is not sufficient for certain configurations where some additional uniqueness, per wireless interface, is required.

If there is more than one wireless LAN interface in use, CDRouter now ensures that all wireless LAN interfaces have a unique 32-bit MAC prefix which is composed by appending an 8-bit random interface identifier to the 24-bit cdrouterOui.

The scheme for automatically generating MAC addresses for wireless clients now involves appending a 16-bit random client identifier to the unique 32-bit interface prefix:
```
<24-bit OUI><8-bit Interface ID><16-bit Client ID>
```
Note that this change applies only to wireless clients when there are more than one wireless LAN interface in use. If there is only a single wireless LAN interface in use CDRouter retains the pre 11.1 behavior. [LH #4066]
The lanMac can no longer be specified for wireless interfaces if more than one wireless interface is configured. [LH #4066]

If more than one wireless interface is in use, the following tests and modules will now be skipped [LH #4066]:

Test Cases	Test Modules
cdrouter_dhcp_server_3	mac-filter.tcl
static_1	dmz.tcl
static_2	vservice.tcl
static_10	triggerp.tcl
static_20
arp_10
arp_11
arp_12
arp_13
cdrouter_app_220
cdrouter_app_225
cdrouter_app_227
static_v6_1
static_v6_2

CDRouter IPv6

Improved the TCP behavior associated with the IPv6 https and http2 test cases to better handle packets received out of order and also delayed closing the session to ensure receiving the TCP FIN. [LH #3846]

CDRouter TR-069

Updated the tr69_1 test case to verify the MaxEnvelopes and CurrentTime fields in Inform messages [LH #3948]
Updated the tr69_320 test case to include the cwmp:ID header in the Fault response sent by the ACS. [LH #4053]
The new testvar acsStrictSyntaxChecking can be used to enable or disable the additional XML syntax validation of array lengths on all CWMP messages received from the DUT. This additional XML syntax check was originally added in CDRouter 11.1 and enabled by default. Setting this testvar to “off” will disable this. [LH #4064] [LH #3929]
Updated tests ir181_test_5.6.9, ir181_test_5.6.11, and ir181_test_5.6.13. The tests now set the RadiusServerIPAddr parameter properly and no longer report an error when the DUT the RadiusSecret parameter with an empty string [LH #3890]

March 4, 2019

Bug Fixes and Notes

CDRouter

A new testvar dhcpRelayServer has been added. This testvar specifies the IPv4 address of the DHCP relay server and is only needed in setups where the relay server is on a different subnet than the address being assigned to the DUT. This testvar is equivalent to the IPv6 testvar dhcpv6RelayServer which was added in CDRouter 10.7.4. [LH #4082]
The generic HTTP server used by CDRouter in various test cases now utilizes the native Linux TCP stack for improved performance and robustness. Certain test cases that require specific non-standard HTTP or TCP behavior will continue to use CDRouter’s built-in TCP stack. [LH #2244]

CDRouter IPv6

All CDRouter stacks that are directly connected to the DUT now perform IPv6 Duplicate Address Detection (DAD) on all link-local, unique-local, and global unicast addresses before configuring and using them.

This change impacts CDRouter’s primary WAN stack and all IPv6 enabled LAN clients. If conflicts are detected during DAD, a warning will be displayed in the log file. Additionally, if privacy addresses are used on the LAN CDRouter will automatically assign a new, random privacy address and attempt DAD again.

Note that this enhancement has resulted in changes to the underlying pktsrc API that may impact custom tests. Please refer to the pktsrc API notification section below for more information. [LH #3955]
Updated the dhcpv6_pd_62 test case so that it no longer sends unnecessary IPv6 ping requests after the WAN link has been brought down. [LH #4092]
Update the rip-ng and rip-ng-wan test modules to wait up to 50 seconds for RIPng updates from the DUT, in accordance with Section 2.3 of RFC 2080. RFC 2083 states that the DUT’s RIPng timer should trigger every 30 seconds +/- 15 seconds. By waiting up to 50 seconds CDRouter ensures that all RIPng updates sent by the DUT should have been received. Previously these tests waited up to 40 seconds, which was not adequate in some cases. [LH #4103]
The ipv6_ripng_200 test case is now properly skipped if the testvar ripAcceptWanUpdate is set to a value of no. [LH #4101]
Updated the ipv6_ndp_wan_16 test case to resolve a fatal error that occurred while running in static WAN mode. [LH #4091]
The testvar supportsULA now defaults to a value of no. [LH #4102]

CDRouter TR-069

Updated the tr69_80 and tr69_81 test cases to ignore authentication failures (if present) during the clean portion of the test. This allows CDRouter to always restore the DUT’s original connection request username and password regardless of the final result of the test. [LH #4079]
Resolved an issue with the tr69_64 test cases in which LeaseDuration parameter was being set to two conflicting values in the same SetParameterValues call. [LH #4094]

Pktsrc API Notifications

As a result of ticket #3955 detailed above, the following pktsrc API modifications have been made and may impact custom tests.

The IPv6_set proc supports a new, optional argument nodad which will disable DAD when setting an address on a stack.
The following pktsrc API calls now have an optional packet argument which is used for retrieving a DHCPv6 packet from a callback. The optional packet argument should be used instead of calling Stack_get_protocol s DHCPv6 <packet> which is no longer guaranteed to work with DAD enabled.
- DHCPv6_client
- DHCPv6_client_decline
- DHCPv6_client_release
- DHCPv6_confirm
- DHCPv6_information_request
- DHCPv6_rebind
- DHCPv6_renew
- DHCPv6_request
- DHCPv6_server_wait_for_event

CDRouter 11.1

Release Type	Release Number	Release Date
Original	CDRouter 11.1 Build 1	December 4, 2018
Maintenance Release 1	CDRouter 11.1 Build 2	December 20, 2018

Note: CDRouter 11.1 includes many new features and configuration testvars. Old config files can be automatically upgraded to include all new CDRouter 11.1 testvars using the config upgrade utility.

Attention: Operating System Deprecation Notice

December 4, 2018

New Features and Enhancements

CDRouter

Support for generating 802.11 wireless packet captures

CDRouter now has the ability to create 802.11 wireless packet captures during a test run. This feature can be enabled using the new wifiCapture testvar. When enabled, CDRouter will automatically create a monitor interface and generate 802.11 wireless captures for each WiFi interface that is in use.

A default capture filter will be applied when this testvar is set to a value of on. The default capture filter is dynamic based on the association state of the first wireless client on each physical WiFi interface.

Optionally, a user defined capture filter can be defined, in standard pcap-filter syntax, using the new wifiCaptureFilter testvar. User defined filters are applied by setting the wifiCapture to a value of filter.

All 802.11 packet captures generated by CDRouter will be available in the result directory on disk or via the Files dropdown within CDRouter’s web UI log viewer.
Improved packet capture viewer through TraceFrame

CDRouter’s packet capture viewer that allows users to perform deep packet analysis on the captures generated during testing has been dramatically improved through its integration with TraceFrame, the technology behind QA Cafe’s CloudShark Enterprise packet capture repository and analysis tool. Some of the key features include:
- An unlimited number of packets can be viewed at one time. This eliminates CDRouter’s 2000 packet limit on capture logs
- Faster and more efficient processing of packet views
- Sortable columns for each packet field
- The ability to drag-and-drop packet filters from the decode view into the filter box
And more! Use this new feature when looking at the packet captures generated while testing.
Security test list automatically included

With the advent of many broadband gateway security issues over the past few years, CDRouter now includes a security package that combines many security related test cases into a ready to use package to run against your devices. This package is also marked as a test list, so it can be included automatically in any other CDRouter test packages that you build. You can read more about the security test list in our quick start guide.

CDRouter Multiport

Support for virtual LAN test interfaces

This feature allows users to define logical LAN test interfaces that utilize a shared Linux system device, provided the MAC addresses are unique. This feature relaxes the one-to-one requirement between test interfaces and system devices that was enforced in earlier versions of CDRouter.

Virtual LAN test interfaces are defined with testvar_groups just like traditional test interfaces in earlier versions. Any test interface that supports virtualization can have virtual LAN test interfaces attached to it. For example, configurations like this are now possible with the Multiport expansion:
```
# -- main LAN
testvar lanInterface wlan1

testvar_group lan2 {
    testvar lanInterface eth2
}

testvar_group lan3 {
    testvar lanInterface wlan1
    testvar lanMac 00:00:00:22:22:22
}

testvar_group lan4 {
    testvar lanInterface eth2
    testvar lanMac 00:00:00:33:33:33
}
```
Support for additional LAN clients

This feature allows users to configure additional LAN clients on each non-unique LAN test interface (any test interface that doesn’t have a hard-coded MAC address) using the new lanClients testvar.

This feature makes it possible to easily create a large number of additional, persistent test clients without having to define LAN test interfaces or virtual LAN test interfaces using individual testvar_groups. For example, a simple but very powerful configuration that incorporates both the virtual LAN test interfaces and additional LAN clients features to create six test clients might look like this:
```
# -- main LAN
testvar lanInterface wlan1
testvar lanClients   2

testvar_group lan2 {
    testvar lanInterface eth2
    testvar lanClients   2
}

testvar_group lan3 {
    testvar lanInterface wlan1
    testvar lanMac 00:00:00:22:22:22
}

testvar_group lan4 {
    testvar lanInterface eth2
    testvar lanMac 00:00:00:33:33:33
}
```
The combination of LAN test interfaces and additional LAN clients determine how many unique test clients will be created by CDRouter. Any test clients that are the result of the additional LAN clients feature are named using a sub-interface type convention, ie lan.1, lan.2, lan2.1, lan2.2, etc. Test interfaces that have no additional LAN clients are simply referred to by their interface name, ie lan3, lan4, etc.

CDRouter IPv6

Support for MAP-E

CDRouter now includes support for RFC7597, Mapping of Address and Port with Encapsulation (MAP-E). MAP-E is a stateless NAT64 technique that is designed to deliver IPv4 services over native IPv6 connections without having to deploy a full dual-stack network infrastructure. It also incorporates some carrier grade NAT (CGN) concepts by allowing multiple end user devices to share a single public IPv4 address.

For more information please see our Knowledge Base article on MAP testing with CDRouter.

CDRouter TR-069

New TR-069 Diagnotstic Tools test module

A new test module has been added to verify that the ACS can configure the DUT to run various diagnostic tests over the network. The module defines 30 new tests using the diagnostics provided by the IPPing, UDPEcho, and UDPEchoPlus service profiles in the DUT’s data model. The tests check whether the DUT is able to execute the requested diagnostics and report the correct results back to the ACS.
New ‘Event’ command for CWMP Scenario scripts

The CWMP Scenario Testing feature now supports an Event command to have the ACS wait for the DUT to send an Inform message containing a specific Event Code such as 4 VALUE CHANGE or 8 DIAGNOSTICS COMPLETE. This provides greater control over the flow of the scenario script by ensuring the ACS does not send subsequent commands until a specific event code has been received.

Please see the CDRouter TR-069 User Guide for more details and examples of how to use this feature.
New tests in od128 test module to verify additional ChangeDUState operations

Four new tests have been added to verify that the ACS can install and update software components on the DUT using the ChangeDUState RPC method. The new tests provide additional coverage to ensure the DUT processes ChangeDUState requests with different combinations of arguments.
New tests in tr69 test module to verify changes across reboots

Two new tests, tr69_101 and tr69_102, have been added to verify that changes made by the ACS to the DUT’s data model are still in effect after the device is rebooted.
New testvar for specifying the DUT’s supported data model and profiles

A new testvar cwmpSupportedDataModel has been added to this release. This new testvar obsoletes the tr69FakeDeviceSummary and tr69ProfileMatch testvars and provides a host of new features and functionality that were not available previously.

There are now many different ways to specify the root and service data model profiles supported by the DUT. In addition, CDRouter now also has the ability to verify the DUT’s supported data model against a specific version of the data model published by the Broadband Forum.

Please see the TR-069 User Guide for more information.

New Test Modules and Test Cases

CDRouter IPv6

New test module for verifying MAP-E functionality

MODULE: mape.tcl
DESCRIPTION: MAP-E tests for mapping IPv4 to IPv6
NEW TEST CASES: 19

CDRouter TR-069

New test module to run network diagnostic tests from the DUT

MODULE: tr69_diagnostics.tcl
DESCRIPTION: TR-069 tests for diagnostic tools
NEW TEST CASES: 30

New tests to verify ChangeDUState operations

TEST: od128_test_35.2
MODULE: od128.tcl
DESCRIPTION: OD-128 Test 35 Part 2: Change DU State - Install with Execution Environment Reference

TEST: od128_test_35.3
MODULE: od128.tcl
DESCRIPTION: OD-128 Test 35 Part 3: Change DU State - Update with only UUID

TEST: od128_test_35.4
MODULE: od128.tcl
DESCRIPTION: OD-128 Test 35 Part 4: Change DU State - Update with only URL

TEST: od128_test_35.5
MODULE: od128.tcl
DESCRIPTION: OD-128 Test 35 Part 5: Change DU State - Update with UUID and URL

New tests to verify ACS changes persist across reboot

TEST: tr69_101
MODULE: tr69.tcl
DESCRIPTION: Verify values set by SetParameterValues are persistent across Reboot

TEST: tr69_102
MODULE: tr69.tcl
DESCRIPTION: Verify objects created by AddObject are persistent across Reboot

Bug Fixes and Notes

CDRouter

The default value of the testvar wifiBeaconPhy has been changed from n to n a ac. [LH #3977]
Removed PPPoE as an option for testvars lanMode and ipv6LanMode. This was a legacy option used for internal testing at QA Cafe. We have not run into any instances where PPPoE was needed for testing with simulated LAN clients. [LH #3934]
As a result of the new virtual LAN test interfaces and additional LAN clients features added in this release, the naming convention for device capture files has changed.

In previous releases, all device captures were named using the convention:

<test name>-<test interface>.cap

In 11.1 a single device capture is generated for each wireless test client using the convention:

<test name>-<test interface>.<client>.cap

Whereas all Ethernet test clients are aggregated into a single device capture file using the convention:

<test name>-<lan or wan>-<device name>.cap

Within the web UI for all releases, the test name is omitted from the device capture file name in the Files drop down on the Results page.
This release also introduces the wifi capture feature which creates a new 802.11 capture for each wireless Linux system device in use:

<test name>-<lan or wan>-<device name>.cap
The cdrouter_esp_400, cdrouter_scale_1, and cdrouter_scale_2 tests now allow up to 10 seconds for HTTP reads. Previously this was 5 seconds. [LH #3985]
The cdrouter_upnp_igd2_400 and ipv6_upnp_igd2_400 test cases are now skipped when using a configuration file that has the testvar upnpDevice set to a value of InternetGatewayDevice:1. [LH #3995]
Resolved a fatal error associated with the establishment and testing of manually keyed IPv4 IPSec tunnels on systems do not have the IPv6 expansion. This issue was introduced in release 11.0.1 and does not impact earlier versions of CDRouter. [LH #4011]
Due to incompatibilities with certain wireless drivers, the cdrouter_dos_10 test case will now only run on Ethernet LAN interfaces. [LH #4026]

CDRouter IPv6

The icmpv6_10 and icmpv6_32 test cases have been updated to verify the DUT’s behavior when receiving IPv6 packets with Hop Limits of 0 and 1. Previously these tests only verified the case where the Hop Limit was 1. [LH #3886]
The ipv6_esp_400, ipv6_scale_1, and ipv6_scale_2 tests now allow up to 10 seconds for HTTP reads. Previously this was 5 seconds. [LH #3985]
The cdrouter_pptppt_2, cdrouter_pptppt_100, and cdrouter_scale_20 test cases have been updated to bring up a full PPP session within the PPTP connections that are established. [LH #3920]

CDRouter TR-069

Additional XML syntax validation is now performed on all CWMP messages received from the DUT. Any message containing a variable number of elements, such as an Inform or GetParameterValuesResponse, must indicate the correct number of elements or leave the number of elements unspecified.

Example: The GetParameterValuesResponse below is encoded with the ParameterList XML tag specifying an array of 2 ParameterValuesStruct elements, but actually contains 3 parameters:
```
<SOAP-ENV:Body>
    <cwmp:GetParameterValuesResponse>
        <ParameterList SOAP-ENC:arrayType="cwmp:ParameterValueStruct[2]">
            <ParameterValueStruct> ..... </ParameterValueStruct>
            <ParameterValueStruct> ..... </ParameterValueStruct>
            <ParameterValueStruct> ..... </ParameterValueStruct>
        </ParameterList>
    </cwmp:GetParameterValuesResponse>
</SOAP-ENV:Body>
```
The ACS now will log a Warning message and ignore any message with incorrect element syntax.
```
WARNING(tr69): Malformed array length in SOAP message. 3 elements in ParameterList, but arrayType attribute reads 'cwmp:ParameterValueStruct[2]'  
```
This may result in test failures if the ACS does not receive a message with the correct syntax. [LH #3929]
Updated the Set-Cookie header sent by the ACS to ensure invalid characters are not included. The Set-Cookie header is composed from the OUI and SerialNumber arguments in the DUT’s Inform message, which could potentially contain characters that are not permitted in the Set-Cookie header. [LH #2327]
The acsDiscoveryUrl testvar default value has been updated. The default value is now built using the value of acsDomain instead of the acsIp. As a result, the default ACS discovery URL provided by CDRouter’s DHCP/DHCPv6 servers is http://acs.qacafe.com:80. [LH #3952]
Tests that verify ChangeDUState operations (od128_test_35.1 through od128_test_35.6) will now be skipped if the testvars tr69DUChangeExecEnvRef, tr69DUInstallImage, and tr69DUInstallUUID are not configured. [LH #3974]
The Tcl interpreter shipped with CDRouter has been patched to fix a problem with the ACS message handler. TR-069 responses containing unusual combinations of characters with special meaning in TCL were not being parsed correctly by the Tcl interpreter. [LH #3991]
Fixed the capitalization of the ExecutionEnvRef tag in ChangeDUState SOAP messages during uninstall operations. [LH #4001]
The tr69FakeDeviceSummary and tr69ProfileMatch and have been deprecated and replaced by the new cwmpSupportedDataModel testvar. [LH #3856]

CDRouter Performance

Fixed the allowed range of values for perfStreamIncr to match the max values supported by CDRouter. [LH #3963]

December 20, 2018

New Features and Enhancements

CDRouter

Update to the Bulk Edit tool for test packages

The Bulk Edit tool on the Packages page of the web interface has been updated to support Config file selection. This change makes it possible to change the config file of multiple packages with a single operation. [LH #4031]

CDRouter TR-069

New TR-069 wireless test case

A new test case, tr69_wireless_50, has been added to the tr69_wireless test module. The purpose of this test is to verify that the DUT can be configured to use all of the wifi channels that it supports based on the value of the PossibleChannels parameter. This test queries the DUT for the value of the PossibleChannels parameter and walks through each returned value attempting to configure the DUT to use that channel, associate to the DUT on that channel, and pass traffic.

New Test Modules and Test Cases

CDRouter TR-069

New test case for verifying that all supported wifi channels can be enabled and used

TEST: tr69_wireless_50
MODULE: tr69_wireless.tcl
DESCRIPTION: Verify that all supported channels can be configured and used (IGD & Device:2)

Bug Fixes and Notes

CDRouter

The testvar staticHost has been deprecated. [LH #4050]
Resolved a problem in the vservice.tcl module that was causing a non-fatal “Can’t find suitable LAN stack” error in some configurations. [LH #3980]
Resolved a fatal error during start when testvars dhcpv6ClientOptionCode and dhcpv6ClientOptionData were configured with non default values. [LH #4047]

CDRouter Nmap

Resolved a fatal error when running Nmap tests on the WAN using config a file in which the testvar lanInterface was set to a value of none. [LH #3833]

CDRouter TR-069

Resolved a fatal error in the ir181_test_5.3.3 test case. [LH #4040]
Updated the tr69_wireless test module and the ir181_test_5.6.1 through ir181_test_5.6.15 test cases to properly restore auto channel selection at the end of the tests based on the value of the AutoChannelEnable parameter returned by the DUT at the start of the test. [LH #4023]
The tr69_wireless test module, od128_test_19.1 test case, and ir181_test_5.6.1 through ir181_test_5.6.15 test cases have been updated to be compatible with configurations that utilize multiple wireless clients. [LH #3552]

CDRouter Performance

Resolved a problem in the perf_mcast_lan_2 test that caused it to report zero throughput even though multicast traffic was actually received. [LH #3894]

CDRouter 11.0

Release Type	Release Number	Release Date
Original	CDRouter 11.0 Build 1	September 4, 2018
Maintenance Release 1	CDRouter 11.0 Build 2	October 4, 2018
Maintenance Release 2	CDRouter 11.0 Build 5	November 13, 2018

Note: CDRouter 11.0 includes many new features and configuration testvars. Old config files can be automatically upgraded to include all new CDRouter 11.0 testvars using the config upgrade utility.

Attention: Operating System Deprecation Notice

September 4, 2018

New Features and Enhancements

CDRouter

New USP expansion!

We are pleased to announce CDRouter USP - a brand new expansion for testing the Broadband Forum’s User Services Platform (USP) protocol as defined in TR-369!

The USP expansion includes a powerful new USP controller with support for all three MTPs with and without MTP and USP layer encryption. A number of new USP specific test modules for verifying core functionality and profile support for the Device:2.12, FAPService:2.1, STBService:1.4, StorageService:1.2, and VoiceService:2.0 data models have also been developed.

Please see our website and the CDRouter USP User Guide for more information.
Updated WAN DHCP and DHCPv6 server

CDRouter’s WAN DHCP and DHCPv6 servers have been updated to better support testing of non-routing devices such as Ethernet switches and wireless access points. Specifically, CDRouter’s DHCP and DHCPv6 servers now serve addresses from a pool when the forwardingMode is bridge. This allows CDRouter to provide addresses to multiple clients when testing switches and APs. In standard routing configurations where the testvar forwardingMode is set to route these updates should be transparent.

For more information, please see this Knowledge Base article .
Update to the ‘Results Diff’ tool

The Results Diff tool has been updated with a filter to only display test cases that did not produce the same result in all test runs being compared. For more information, please see the “How can I compare multiple test results?” article in our Knowledge Base.

CDRouter IPv6

Support for IPsec site-to-site VPN tunnels over IPv6

CDRouter now supports the testing of IPsec site-to-site (ie tunnel mode) VPN tunnels over IPv6 on the WAN. This new feature allows users to define, terminate, and test a mix of IPv4 and IPv6 IPsec VPN tunnels on the WAN with CDRouter.

Support for manually keyed IPv6 IPsec tunnels is included with the CDRouter IPv6 expansion. Support for dynamic IKEv1 IPv6 IPsec tunnels requires both the CDRouter IKE and CDRouter IPv6 expansions.

IKEv1 based IPv6 IPsec tunnels can be tested using the existing ike and ike-natt (if NAT-T is enabled) test modules.

The ESP protocol for all defined IPv6 IPsec tunnels (manually keyed or keyed with IKEv1) can be tested with the new ipsec-esp-v6 test module which includes 10 new test cases.
New Duplicate Address Detection (DAD) test in the ndp test module

A new test, ipv6_ndp_16, has been added to the ndp test module. This test verifies that the DUT responds to DAD-style Neighbor Solicitations for its global IPv6 address on the LAN.
New test in ndp test module to verify behavior when IPv6 default route is lost

A new test, ipv6_ndp_34, has been added to the ndp test module. This test verifies that the DUT stops advertising itself as a router on the LAN when it receives Router Advertisements on the WAN with a router lifetime of zero. This test is designed to verify requirements G-4 and G-5 in RFC 7084.
Unique Local Address (ULA) tests

Two new tests, ula_13 and ula_14 have been added to the ula test module. These tests verify the DUT’s behavior with respect to ULA provisioning of LAN clients when it loses its default router on the WAN. This condition is simulated by sending Router Advertisements with a router lifetime of zero on the WAN.
New IPSEC pass-through module for IPv6

A new test module, ipsecpt-v6, adds six new test cases that can be used to verify the DUT’s functionality with respect to IPSEC pass-through connections from LAN to WAN and vice-versa over IPv6.

CDRouter TR-069

Updated CWMP profiles

CDRouter’s Device2_profiles test module has been updated to support version 2.12 of the Device:2 data model published by the Broadband Forum. All profiles defined in the following data models are now supported:

Data Model	Version
InternetGatewayDevice:1	1.14
Device:1	1.14
Device:2	2.12
STBService:1	1.4
VoiceService:1	1.1
VoiceService:2	2.0
StorageService:1	1.2
FAPService:1	1.1
FAPService:2	2.1

This update adds support for the new Device:2 profiles listed below:

Test Module	Profile
Device2_profiles	L2TPBasic:1
Device2_profiles	L2TPv3Adv:1
Device2_profiles	VXLANBasic:1
Device2_profiles	VXLANAdv:1
Device2_profiles	LMAPPreconfiguration:1
Device2_profiles	LMAPController:1
Device2_profiles	BASAPM:1
Device2_profiles	TWAMPReflectorBasic:1

New TR-069 Wireless configuration test cases

The tr69_wireless module has been updated with new tests to verify wireless LAN configuration with WPA/WPA2 Enterprise security settings. In addition to configuring the DUT with various combinations of WPA, WPA2, and WPA/WPA2, each test also verifies that CDRouter’s wireless client can connect to and pass traffic through the DUT in the specified configuration.

CDRouter IKE

Support for IKEv1 IPsec site-to-site VPN tunnels over IPv6

The CDRouter IKE expansion now supports configuration of IPv6 IKEv1 based IPsec VPN tunnels. Please see the note in the CDRouter IPv6 section above for more information.

CDRouter SNMP

New SNMPWalk command for SNMP scenario testing

The [SNMP Scenario Testing] (/cdrouter/user-guide/cdrouter-snmp-user-guide/#snmp-scenario-testing) feature has been updated to support SNMPWalk commands to retrieve multiple OID values at one time. SNMPWalk requests allow you to get all OID instances that exist at a particular node in the MIB hierarchy, and verify the value returned by the DUT.
Improved SNMP Scenario capabilities

Two new ways to check the DUT’s response to SNMP commands have been added to SNMP Scenario Testing:
- Commands in SNMP Scenarios now support an 'expr' argument to allow you to verify whether an OID’s value is less than, greater than, or equal to a specific value.
- A new 'contains' argument to the SNMPTable command allows you to check the results of a table column as an single unit as opposed to checking each individual row.

New Test Modules and Test Cases

CDRouter IPv6

New test module for verifying IPsec site-to-site VPN tunnels over IPv6

MODULE: ipsec-esp-v6.tcl
DESCRIPTION: IPv6 IPSEC ESP tests for IPSEC based VPNs
NEW TEST CASES: 10

New Duplicate Address Detection test case

TEST: ipv6_ndp_16
MODULE: ndp.tcl
DESCRIPTION: Verify DUT responds to DAD-style Neighbor Solicitations for global address on LAN

New test to verify behavior when DUT loses default IPv6 route on WAN

TEST: ipv6_ndp_34
MODULE: ndp.tcl
DESCRIPTION: Verify DUT does not advertise itself as a default router when WAN RA lifetime is 0

New ULA test cases

TEST: ula_13
MODULE: ula.tcl
DESCRIPTION: Verify unique local prefix is advertised when WAN RA lifetime is 0

TEST: ula_14
MODULE: ula.tcl
DESCRIPTION: Verify Route Information option for unique local prefix is valid when WAN RA lifetime is 0

New IPsec pass-through module for IPv6

MODULE: ipsecpt-v6.tcl
DESCRIPTION: IPv6 IPSEC based VPN pass through from the LAN to the WAN
NEW TEST CASES: 6

CDRouter TR-069

Three new test cases to verify “WPA/WPA2 Enterprise” wireless LAN security configurations

TEST: tr69_wireless_40
MODULE: tr69_wireless.tcl
DESCRIPTION: Verify WPA-Enterprise configuration (Device:2 Only)

TEST: tr69_wireless_41
MODULE: tr69_wireless.tcl
DESCRIPTION: Verify WPA2-Enterprise configuration (Device:2 Only)

TEST: tr69_wireless_42
MODULE: tr69_wireless.tcl
DESCRIPTION: Verify WPA/WPA2-Enterprise configuration (Device:2 Only)

CDRouter USP

Three new test modules for verifying core USP functionality

MODULE: usp_basic
DESCRIPTION: Basic USP functionality tests
NEW TEST CASES: 4

MODULE: usp
DESCRIPTION: Extended USP functionality tests
NEW TEST CASES: 30

MODULE: usp_conformance
DESCRIPTION: Broadband Forum ID-369 USP conformance tests
NEW TEST CASES: 62

MODULE: usp_scenarios
DESCRIPTION: General USP configuration testing for user defined USP scenarios
NEW TEST CASES: 1

Six new test modules for verifying USP profiles

MODULE: USP_Device2_profiles
DESCRIPTION: TR-181 Issue 2 USP profile testing for Device:2 root data model
NEW TEST CASES: 768

MODULE: USP_FAPService2_profiles
DESCRIPTION: TR-196 Issue 2 USP profile testing for FAPService:2 data model
NEW TEST CASES: 293

MODULE: USP_STBService1_profiles
DESCRIPTION: TR-135 USP profile testing for STBService:1 data model
NEW TEST CASES: 96

MODULE: USP_StorageService1_profiles
DESCRIPTION: TR-140 USP profile testing for StorageService:1 data model
NEW TEST CASES: 53

MODULE: USP_VoiceService2_profiles
DESCRIPTION: TR-104 Issue 2 USP profile testing for VoiceService:2 data model
NEW TEST CASES: 90

MODULE: usp_profiles
DESCRIPTION: USP profile testing for user defined CWMP profiles
NEW TEST CASES: 5

Bug Fixes and Notes

CDRouter

ATM support has been removed from CDRouter. This includes support for PPPoA as a WAN mode and the associated pppoa-c and renum-pppoa test modules. [LH #1530]
Support for 802.1X-WEP, also known as Dynamic WEP, as a wireless security mode has been removed from CDRouter. [LH #3700]
The data migration tools included with CDRouter 10.x have been removed. These tools were included to help migrate data from older systems to the new database introduced in CDRouter 10.0. Users running versions of CDRouter prior to 10.0 must upgrade to a 10.x release in order to preserve and migrate any old results. Please contact support@qacafe.com for more information or assistance. [LH #3715]
Resolved a display inconsistency with CDRouter’s web UI associated with the bulk edit feature. If the bulk edit feature was used to change the ‘device’ associated with one or more test results, the change was not reflected correctly on the Home page. The edited result(s) on the Home page and the Results page now match. [LH #3873]
Resolved an issue with the cdrouter_dhcp_32 test case in which CDRouter was sending the FORCERENEW message to the DUT on the server port (port 68). CDRouter now sends the message on the correct client port (port 67). [LH #3731]
Resolved an issue that caused a fatal error when CDRouter’s LAN client unexpectedly failed to connect to the DUT in a “Hotspot” configuration. [LH #3866]

Added a wifi hotspot sub-section to the “LAN->802.11 Wireless” configuration section of a default CDRouter configuration file. These testvars existed previously, but were not made visible in a default CDRouter configuration file [LH #3851]:

        SECTION "Hotspot Router Settings" {

            testvar browserLoginUrl1
            testvar browserLogoutUrl1

            SECTION "Hotspot Clients" {

                testvar clientLoginName1
                testvar clientLoginPassword1

            }

            SECTION "Advanced Hotspot Settings" {

                testvar browserLoginProc
                testvar browserLogoutProc
                testvar browserScriptsPath

            }

        }

Added a new testvar browserScriptsPath to specify the name of the file that contains custom login and logout Tcl procs for “hotspot” configuration. [LH #3876]
The custom login and logout scripts for “hotspot” scenarios are loaded into the ‘global’ Tcl namespace, so that specifying the buddy namespace (buddy::<proc_name>) to locate the custom procs is no longer required. [LH #3876]
Updated CDRouter to ensure that LAN clients with a designated IP address in the config file are allocated a static MAC address that is used throughout the test run. Test modules that create LAN clients with a designated address include: apps.tcl (inboundH323Host), dmz.tcl (lanDmzHost), mac-filter.tcl ( filteredMacIp , unfilteredMacIp), static.tcl (staticRouteLanNextHop), static-v6.tcl (staticIpv6RouteLanNextHop), vservice.tcl (virtualTcpServiceHost, virtualUdpServiceHost). [LH #3855]
Updated the cdrouter_tport_10 test case to work when the DUT is configured to forward unknown traffic to a designated “DMZ” host on the LAN. [LH #3823]
CDRouter now waits up to startTimeout seconds for the DUT to contact the XMPP server during start when XMPP is enabled. Previously this value was hardcoded to a value of 65 seconds which might be too short for some DUTs. [LH #3878]

CDRouter IPv6

The looping logic and associated log messages in the dhcpv6_pd_15 test case have been cleaned up. This change allows the test to run faster and produces a more descriptive log file. [LH #3788]
Improved the logging of test case dhcpv6_140 to be more explicit about the expected timings of received DHCPv6 Solicit messages. [LH #3711]
Improved filtering to suppress excessive and unnecessary logging of received packets in the scaling and scaling-v6 modules. Broadcast and multicast packets sent by CDRouter’s LAN clients are already displayed in the log. The log files will not redundantly display messages from every other client on the LAN that receives these packets. [LH #3844]
The url-filter-v6 module is no longer skipped if the supportsDnsProxy testvar is set to “no”. [LH #3838]

CDRouter TR-069

A warning message will now be displayed in SPV profile test logs for any required parameters that are missing within the DUT’s data model. [LH #3847]
Updated support for the Device:2 (TR-181) data model when the acsCreatePortMapOnIGD testvar is set to “yes”. This allows the ACS to send Connection Requests to a TR-069 CPE device connected to the LAN-side of a TR-069 Gateway. Previously, only the InternetGatewayDevice:1 (TR-098) data model was supported. See “LAN Side TR-069 Devices” (Example 3) in the CDRouter TR-069 User Guide for more information and configuration details. [LH #3843]
All of the profile verification modules (Device2_profiles.tcl, InternetGatewayDevice1_profiles.tcl, cwmp_profiles.tcl, etc.) were updated to resolve a problem with the data validation of certain parameters in the data model. These tests will now correctly verify that parameters defined as a list of a particular data type are encoded with syntax type string in the SOAP message sent by the DUT, and not the data type of the individual elements. For example, CDRouter will verify that the Device.Bridging.Bridge.{i}.Port.{i}.PriorityRegeneration parameter (defined in the data model as a list of unsignedInt) is encoded as a string by the DUT, and that each element of that string is an unsignedInt. Note that data validation is only done when the cwmpDataValidation testvar is set to “yes”. [LH #3879]
The tests in the tr69_wireless.tcl and ir181.tcl modules were updated so that they no longer attempt to connect a wireless LAN client if the required wireless settings could not be successfully configured on the DUT. [LH #3868]
The tr69_410 test case has been updated. This test now verifies that the DUT’s NTP client is in the Synchronized state before performing additional validation on the DUT’s current local time. In addition, time validation of the DUT’s current local time has been improved. [LH #3810]
Updated the ACS to handle cases when the DUT sends an Inform with an empty DeviceSummary parameter. [LH #3656]
Resolved an issue in the tr69_30 test case. The host making the connection request to the DUT must now be in the same address family (IPv4/IPv6) as the DUT’s Connection Request URL. [LH #3585]
Resolved a problem in the ir181_test_5.5.1 test which caused a fatal error and halted the test package. [LH #3882]
Updated tests ir181_test_5.6.9, ir181_test_5.6.11, and ir181_test_5.6.13. The tests now set the RadiusServerIPAddr parameter properly and no longer report an error when the DUT the RadiusSecret parameter with an empty string [LH #3890]
The various wireless tests in the ir181 test module have been updated and no longer attempt to set or query the BeaconType parameter on Device:2 systems. This parameter is defined only for IGD:1 and Device:1. [LH #3893]

CDRouter Performance

There is a known issue with CentOS 7.5 systems that may impact performance results. This issue is related to a CentOS bug that has been reported but not yet fixed. Please contact support@qacafe.com for more information and steps to resolve this issue. [LH #3891]
Support for omitting the first n UDP throughput measurements intervals has been removed. The testvar perfOmit may still be specified for TCP throughput tests. Using this testvar for TCP was the original intent to compensate for the ‘slow-start’ mechanism that many TCP implementations use. UDP has no such mechanism, so omitting the first few intervals is not needed. [LH #3750]

CDRouter SNMP

The SNMPTable command has been updated with a new contains argument that checks all rows of a particular table column and produces a single PASS/FAIL result instead of issuing separate PASS/FAIL results for each row. [LH #3815]
A new SNMPWalk command has been added which allows multiple OIDs to be requested at once instead of having to issue separate GetRequest or GetNextRequest commands. [LH #3789]

October 4, 2018

New Test Modules and Test Cases

CDRouter TR-069

New test cases added to TR-069 “ir181” module

Six new test cases have been added to the ir181.tcl module. These tests cover the “Localized Strings” section of the Broadband Forum ID-181 test plan to verify that the CPE correctly handles strings containing non-ASCII and multi-byte characters received from the ACS.

New Test Modules and Test Cases

CDRouter

New TR-069 test cases added to verify “Localized Strings” in CWMP messages

TEST: ir181_test_5.7.1        
MODULE: ir181.tcl
DESCRIPTION: ID-181 Test 5.7.1: Non-ASCII Characters in a SetParameterValues RPC

TEST: ir181_test_5.7.2        
MODULE: ir181.tcl
DESCRIPTION: ID-181 Test 5.7.2: Multi-Byte Encoding in a SetParameterValues RPC

TEST: ir181_test_5.7.3        
MODULE: ir181.tcl
DESCRIPTION: ID-181 Test 5.7.3: Non-ASCII Characters in a ParameterKey

TEST: ir181_test_5.7.4        
MODULE: ir181.tcl
DESCRIPTION: ID-181 Test 5.7.4: Multi-Byte Encoding in ParameterKey

TEST: ir181_test_5.7.5        
MODULE: ir181.tcl
DESCRIPTION: ID-181 Test 5.7.5: Non-ASCII Characters in CommandKey

TEST: ir181_test_5.7.6        
MODULE: ir181.tcl
DESCRIPTION: ID-181 Test 5.7.6: Multi-Byte Encoding in CommandKey

Bug Fixes and Notes

CDRouter

Resolved a fatal error in the cdrouter_dmz_1 test case when configuring a static MAC address using the lanDmzHostMac testvar. [LH #3912]
Resolved a fatal error in the cdrouter_dyndns_1 test case when the final update error code received from the DUT is ’null’. [LH #3901]
Added a warning message if a LAN CLient receives an Information Element (IE) in an Association Response that includes an unexpected capability. [LH #3714]
Resolved an issue in which the values specified for the testvars clientLoginName and clientLoginPassword were not being used. [LH #3918]
Resolved the issue with the test case arp_12 where CDRouter did not send any gratuitous arp after creating lan clients. [LH#3921]
Starting in version 11.0, when CDRouter is running in [“bridge mode”] (/cdrouter/knowledge-base/bridge-mode-testing-with-cdrouter/), CDRouter’s LAN clients now send DHCP requests which the DUT bridge will forward to the WAN link (see the note above for more details). In order for CDRouter’s DHCP server to distinguish the DUT’s client from LAN clients, the wanDutClientID testvar must be set to the hex value that appears in the DUT’s DHCP Client-ID option. Similarly, the ipv6WanDutDuid testvar must be set to the DUT’s DHCPv6 Client-ID option when CDRouter is running in bridge mode. It is no longer necessary to set the wanDutMac testvar when running in bridge mode. [LH #3906]

CDRouter TR-069

Resolved an issue in certain od128 and tr69 test cases where CDRouter’s ACS was sending a CommandKey argument that was greater than 32 characters when issuing a Reboot RPC. This caused some DUTs to reject the Reboot PRC request entirely. This issue has been resolved. CDRouter now always sends a valid CommandKey argument that is less than 32 characters. [LH #3903]
Improved the processing of DUStateChangeComplete messages to prevent a fatal error from occurring if the message from the DUT could not be successfully parsed. [LH #3425]
Resolved an issue in CDRouter’s FTP server that caused a fatal error in the ir181_test_5.2.3 and ir181_test_5.2.5 tests when the DUT attempted to download diagnostics data. [LH #3926]

CDRouter IPv6

Resolved an issue that caused CDRouter to send ICMPv6 Router Advertisements with the M-flag set when the WAN addressing mode (ipv6WanMode) was set to “autoconf”. This problem did not occur in CDRouter versions before 11.0 Build 1. [LH #3905]

November 13, 2018

New Features and Enhancements

CDRouter

New test cases to detect presence of BCMUPnP_Hunter malware

Four new UPnP format string vulnerability test cases have been added to CDRouter: cdrouter_upnp_400, cdrouter_upnp_igd2_400, ipv6_upnp_400, and ipv6_upnp_igd2_400. These new tests check to see if the DUT’s UPnP server is susceptible to the UPnP string format vulnerability recently identified within the BCMUPnP_Hunter malware.

For more information on the BCMUPnP_Hunter malware, please see these links:

https://blog.netlab.360.com/bcmpupnp_hunter-a-100k-botnet-turns-home-routers-to-email-spammers-en/ https://arstechnica.com/information-technology/2018/11/a-100000-router-botnet-is-feeding-on-a-5-year-old-upnp-bug-in-broadcom-chips/

New Test Modules and Test Cases

CDRouter

New UPnP test cases for verifying susceptibility to BCMUPnP_Hunter malware

TEST: cdrouter_upnp_400
MODULE: upnp.tcl
DESCRIPTION: Check for UPnP format string vulnerability used by BCMPUPnP_Hunter malware

TEST: cdrouter_upnp_igd2_400
MODULE: upnp.tcl
DESCRIPTION: Check for UPnP format string vulnerability used by BCMPUPnP_Hunter malware

CDRouter IPv6

New UPnP test cases for verifying susceptibility to BCMUPnP_Hunter malware

TEST: ipv6_upnp_400
MODULE: upnp-v6.tcl
DESCRIPTION: Check for UPnP format string vulnerability used by BCMPUPnP_Hunter malware

TEST: ipv6_upnp_igd2_400
MODULE: upn-v6p.tcl
DESCRIPTION: Check for UPnP format string vulnerability used by BCMPUPnP_Hunter malware

Bug Fixes and Notes

CDRouter

Resolved an issue with the dmz test module in which a fatal error would be produced if the testvar lanDmzHostMac was not specified. [LH #3942]
Resolved an issue with the MTU configuration of CDRouter’s WAN DNS servers. The DNS server MTU now takes into account the WAN mode being used (DHCP, PPPoE, etc.). [LH #3981]

CDRouter TR-069

Resolved a problem with one of the parameter paths used when the ACS attempts to add new XMPP entries to the Device.XMPP.Connection. table in the DUT’s data model during the start phase of testing. [LH #3804]
Resolved an issue with setting the LocalTimeZoneName parameter in the test tr69_410. In previous versions of CDRouter, the parameter had a space in the string to set the timezone. This space has been removed to adhere to what is specified in the TR-098 Amendment 2 specification. [LH #3941]

Product

Search Results

CDRouter 11.8

Attention: Operating System Deprecation Notice

Ubuntu and CentOS 6 will not be suported in future releases

New Features and Enhancements

CDRouter

CDRouter TR-069

CDRouter USP

NTA1000

Testvar updates

Testvars added to this release:

Testvars modified or removed in this release:

New Test Modules and Test Cases

CDRouter TR-069

CDRouter USP

Notes

CDRouter

CDRouter TR-069

CDRouter Multiport

CDRouter IPv6

CDRouter Performance

CDRouter USP

New Features and Enhancements

CDRouter Multiport

CDRouter TR-069

CDRouter IPv6

Testvar updates

Testvars added to this release:

Testvars modified or removed in this release:

New Test Modules and Test Cases

CDRouter IPv6

CDRouter Multiport

Notes

CDRouter

CDRouter TR-069

CDRouter BBF.069

CDRouter IPv6

CDRouter Storage

CDRouter USP

CDRouter 11.7

Attention: Operating System Deprecation Notice

New Features and Enhancements

CDRouter

CDRouter USP

CDRouter Performance

Testvar updates

Testvars added to this release:

Testvars modified or removed in this release:

New Test Modules and Test Cases

CDRouter USP

Notes

CDRouter

CDRouter IPv6

CDRouter TR-069

CDRouter BBF.069

CDRouter USP

CDRouter ICS

New Features and Enhancements

CDRouter

New Test Modules and Test Cases

CDRouter

CDRouter IPv6

Notes

CDRouter

CDRouter IPv6

Performance

CDRouter DOCSIS

Pktsrc API Notifications

CDRouter 11.6

Attention: Operating System Deprecation Notice

New Features and Enhancements

CDRouter

CDRouter IPv6

CDRouter USP

CDRouter Nmap

Testvar updates

Testvars added to this release:

Testvars modified or removed in this release:

New Test Modules and Test Cases