Search Results

CDRouter 11.2

Release Type Release Number Release Date
Original CDRouter 11.2 Build 1 February 6, 2019
Maintenance Release 1 CDRouter 11.2 Build 2 March 4, 2019

Note: CDRouter 11.2 includes many new features and configuration testvars. Old config files can be automatically upgraded to include all new CDRouter 11.2 testvars using the config upgrade utility.

Attention: Operating System Deprecation Notice

Support for the Ubuntu operating system has been deprecated. CDRouter systems running on Ubuntu will now see warning messages during installation and in the ‘start’ log of a test run. Support for this operating system will be officially removed with the next major version of CDRouter (12.0). Please contact for additional information and assistance in migrating to a supported operating system.

February 6, 2019

New Features and Enhancements


  • 802.11ac Wave 2

    CDRouter now supports 802.11ac Wave 2 connections for both simulated LAN clients and WiFi WAN connections. This support comes through the new NTA1000v6 platform, released alongside CDRouter 11.2. If you are interested in upgrading your system to the NTA1000v6, please reach out to

    In addition, Wi-Fi scaling tests are now supported on all 3 of the NTA1000v6 wireless cards.

  • Support for DNS over HTTPS (DoH)

    CDRouter’s WAN DNS servers now support DNS over HTTPS (DoH) as defined in RFC 8484.

    With the addition of DNS over HTTPS, CDRouter’s DNS servers now support four different transports: traditional DNS over UDP on port 53, DNS over TCP on port 53, DNS over TLS (DoT) on port 853, and DNS over HTTPS on port 443.

    For more information please see our Knowledge Base article on testing DNS over TLS and HTTPS with CDRouter.

CDRouter Multiport

  • Support for layer 2 GRE tunnels on the WAN

    CDRouter now supports layer 2 IPv4 GRE tunnels on the WAN, as defined in RFC 2784. For more information, please see the CDRouter User Guide.

    A new l2gre test module, with 12 test cases, has also been added. This test module can be used to validate layer 2 GRE tunnel behavior on the DUT.

    In addition, two more application style L2GRE tests have been added to apps and apps-v6 test modules. [LH #3260]

CDRouter IPv6

  • Support for IPv6 DNS over HTTPS (DoH)

    CDRouter’s WAN IPv6 DNS servers now also support DNS over HTTPS as a transport. See the announcement above for more information.

CDRouter TR-069

  • New commands added to CWMP Scenario Testing feature

    The CWMP Scenario Testing feature now includes support for GetParameterAttributes and SetParameterAttributes requests to allow scenarios to configure Notifications for any parameter in the CPE’s data model. The Event command has also been updated so that the parameters in Inform messages can be verified when a “Value Change” Event occurs.

    These new commands are documented in the CWMP Scenario Testing section of the CDRouter TR-069 User Guide.

CDRouter ICS

  • Automatically generated capture file for all ICS traffic

    When ICS is enabled CDRouter now automatically generates a separate capture file, per test case, for all ICS traffic. The new capture files can be accessed by clicking on the file labeled ics in the Files drop-down within the web UI.

    ICS capture files allow users to quickly and easily see exactly what cloud service or resources a device is communicating with. This information is very helpful in understanding the behavior of a device and assessing its overall security.

New Test Modules and Test Cases


  • New L2GRE application tests

    TEST: cdrouter_app_140
    MODULE: apps.tcl
    DESCRIPTION: Verify IPv4 L2GRE session through the router

CDRouter Multiport

  • New GRE test module

    MODULE: l2gre.tcl
    DESCRIPTION: L2 over GRE related test cases


  • New IPv6 L2GRE application tests

    TEST: ipv6_app_140
    MODULE: apps-v6.tcl
    DESCRIPTION: Verify IPv6 L2GRE session through the router

CDRouter TR-069

  • New ACS redirection test cases

    TEST: tr69_35
    MODULE: tr69.tcl
    DESCRIPTION: Verify CPE follows 302 redirects to new ACS server with a specified port number
    TEST: tr69_36
    MODULE: tr69.tcl
    DESCRIPTION: Verify CPE follows 307 redirects to new ACS server with a specified port number

Bug Fixes and Notes


  • The CDRouter Customer Lounge website has been redesigned and no longer supports password authentication. Instead, registered users can log in by entering their email address to receive a single-use login token via email. Consequently, the Automatic Upgrade feature on the /system/upgrade page of CDRouter’s web interface no longer requires a password. A valid, registered email address must still be entered for users to be able to automatically upgrade CDRouter to the latest version, however. Please contact if you have any questions about the CDRouter customer Lounge. [LH #3998]

  • The renum-dhcp, renum-l2tp, renum-pptp, and renum-pppoe test modules have been updated. Many of the tests in these modules have been updated with an additional test metric to explicitly verify that the original IP is properly restored and that traffic is flowing at the end of the test. The following table list the test cases affected: [LH #4062]

    renum-dhcp renum-l2tp renum-pppoe renum-pptp
    cdrouter_renumber_1 cdrouter_renum_l2tp_1 cdrouter_renum_pppoe_1 cdrouter_renum_pptp_1
    cdrouter_renumber_2 cdrouter_renum_l2tp_2 cdrouter_renum_pppoe_2 cdrouter_renum_pptp_2
    cdrouter_renumber_3 cdrouter_renum_l2tp_3 cdrouter_renum_pppoe_3 cdrouter_renum_pptp_3
    cdrouter_renumber_4 cdrouter_renum_l2tp_6 cdrouter_renum_pppoe_6 cdrouter_renum_pptp_6
    cdrouter_renumber_5 cdrouter_renum_l2tp_50 cdrouter_renum_pppoe_50 cdrouter_renum_pptp_50
  • The dhcp-c.tcl modules can now be run when CDRouter is in “bridge mode” (testvar forwardingMode is set to “bridge”). [LH #3954]

  • Improved the TCP behavior associated with the IPv4 https and http2 test cases to better handle packets received out of order and also delayed closing the session to ensure receiving the TCP FIN. [LH #3846]

  • The version of TCL that CDRouter uses has been upgraded to 8.6.9.

  • The version of the wpa_supplicant driver that CDRouter uses has been upgraded to 2.7.

  • Resolved a memory leak leading to system unresponsiveness. This issue was triggered when an OSPFv3 LS Update packet was received by CDRouter. [LH #4081]

  • Resolved an issue with the NTP server option provided by CDRouter’s DHCP server on the WAN. In previous releases if two NTP servers were defined, the DHCP option would contain only the information for the second NTP server. Both NTP servers are now included in the DHCP option, if specified. [LH #4059]

CDRouter Multiport

  • The interface rotation logic for failure retries has been modified. Prior to this release, if the test retry package option was enabled in a configuration with multiple LAN interfaces, CDRouter would rotate to the next test interface when a test failed. Now, when a test fails under these conditions, all test retries will utilize the same test interface rather than rotating to the next test interface. [LH #4045]

  • Prior to this release, the scheme for automatically generating MAC addresses for wireless clients involved appending a 24-bit client identifier to the 24-bit cdrouterOui :

    <24-bit OUI><24-bit Client ID>

    This scheme is not sufficient for certain configurations where some additional uniqueness, per wireless interface, is required.

    If there is more than one wireless LAN interface in use, CDRouter now ensures that all wireless LAN interfaces have a unique 32-bit MAC prefix which is composed by appending an 8-bit random interface identifier to the 24-bit cdrouterOui .

    The scheme for automatically generating MAC addresses for wireless clients now involves appending a 16-bit random client identifier to the unique 32-bit interface prefix:

    <24-bit OUI><8-bit Interface ID><16-bit Client ID>

    Note that this change applies only to wireless clients when there are more than one wireless LAN interface in use. If there is only a single wireless LAN interface in use CDRouter retains the pre 11.1 behavior. [LH #4066]

  • The lanMac can no longer be specified for wireless interfaces if more than one wireless interface is configured. [LH #4066]

  • If more than one wireless interface is in use, the following tests and modules will now be skipped [LH #4066]:

    Test Cases Test Modules
    cdrouter_dhcp_server_3 mac-filter.tcl
    static_1 dmz.tcl
    static_2 vservice.tcl
    static_10 triggerp.tcl

CDRouter IPv6

  • Improved the TCP behavior associated with the IPv6 https and http2 test cases to better handle packets received out of order and also delayed closing the session to ensure receiving the TCP FIN. [LH #3846]

CDRouter TR-069

  • Updated the tr69_1 test case to verify the MaxEnvelopes and CurrentTime fields in Inform messages [LH #3948]

  • Updated the tr69_320 test case to include the cwmp:ID header in the Fault response sent by the ACS. [LH #4053]

  • The new testvar acsStrictSyntaxChecking can be used to enable or disable the additional XML syntax validation of array lengths on all CWMP messages received from the DUT. This additional XML syntax check was originally added in CDRouter 11.1 and enabled by default. Setting this testvar to “off” will disable this. [LH #4064] [LH #3929]

  • Updated tests ir181_test_5.6.9, ir181_test_5.6.11, and ir181_test_5.6.13. The tests now set the RadiusServerIPAddr parameter properly and no longer report an error when the DUT the RadiusSecret parameter with an empty string [LH #3890]

March 4, 2019

Bug Fixes and Notes


  • A new testvar dhcpRelayServer has been added. This testvar specifies the IPv4 address of the DHCP relay server and is only needed in setups where the relay server is on a different subnet than the address being assigned to the DUT. This testvar is equivalent to the IPv6 testvar dhcpv6RelayServer which was added in CDRouter 10.7.4. [LH #4082]

  • The generic HTTP server used by CDRouter in various test cases now utilizes the native Linux TCP stack for improved performance and robustness. Certain test cases that require specific non-standard HTTP or TCP behavior will continue to use CDRouter’s built-in TCP stack. [LH #2244]

CDRouter IPv6

  • All CDRouter stacks that are directly connected to the DUT now perform IPv6 Duplicate Address Detection (DAD) on all link-local, unique-local, and global unicast addresses before configuring and using them.

    This change impacts CDRouter’s primary WAN stack and all IPv6 enabled LAN clients. If conflicts are detected during DAD, a warning will be displayed in the log file. Additionally, if privacy addresses are used on the LAN CDRouter will automatically assign a new, random privacy address and attempt DAD again.

    Note that this enhancement has resulted in changes to the underlying pktsrc API that may impact custom tests. Please refer to the pktsrc API notification section below for more information. [LH #3955]

  • Updated the dhcpv6_pd_62 test case so that it no longer sends unnecessary IPv6 ping requests after the WAN link has been brought down. [LH #4092]

  • Update the rip-ng and rip-ng-wan test modules to wait up to 50 seconds for RIPng updates from the DUT, in accordance with Section 2.3 of RFC 2080. RFC 2083 states that the DUT’s RIPng timer should trigger every 30 seconds +/- 15 seconds. By waiting up to 50 seconds CDRouter ensures that all RIPng updates sent by the DUT should have been received. Previously these tests waited up to 40 seconds, which was not adequate in some cases. [LH #4103]

  • The ipv6_ripng_200 test case is now properly skipped if the testvar ripAcceptWanUpdate is set to a value of no. [LH #4101]

  • Updated the ipv6_ndp_wan_16 test case to resolve a fatal error that occurred while running in static WAN mode. [LH #4091]

  • The testvar supportsULA now defaults to a value of no. [LH #4102]

CDRouter TR-069

  • Updated the tr69_80 and tr69_81 test cases to ignore authentication failures (if present) during the clean portion of the test. This allows CDRouter to always restore the DUT’s original connection request username and password regardless of the final result of the test. [LH #4079]

  • Resolved an issue with the tr69_64 test cases in which LeaseDuration parameter was being set to two conflicting values in the same SetParameterValues call. [LH #4094]

Pktsrc API Notifications

As a result of ticket #3955 detailed above, the following pktsrc API modifications have been made and may impact custom tests.

  • The IPv6_set proc supports a new, optional argument nodad which will disable DAD when setting an address on a stack.

  • The following pktsrc API calls now have an optional packet argument which is used for retrieving a DHCPv6 packet from a callback. The optional packet argument should be used instead of calling Stack_get_protocol s DHCPv6 <packet> which is no longer guaranteed to work with DAD enabled.

    • DHCPv6_client
    • DHCPv6_client_decline
    • DHCPv6_client_release
    • DHCPv6_confirm
    • DHCPv6_information_request
    • DHCPv6_rebind
    • DHCPv6_renew
    • DHCPv6_request
    • DHCPv6_server_wait_for_event