CDRouter IPv6 Test Summaries
Test Case Summaries
- Modules: 44
- Test Cases: 732
Below is a summary of the testcases in each module
ecn-v6.tcl
IPv6 ECN Forwarding Tests
| Test Name | Synopsis |
|---|---|
ipv6_ecn_tcp_1 |
TCP Download with ECN Capable Transport, ECN unaware DUT, ECT(0) |
ipv6_ecn_tcp_2 |
TCP Download with ECN Capable Transport, ECN unaware DUT, ECT(1) |
ipv6_ecn_tcp_3 |
TCP Download with ECN Capable Transport, ECN unaware DUT, Congestion Encountered |
ipv6_ecn_tcp_4 |
TCP Upload with ECN Capable Transport, ECN unaware DUT, ECT(0) |
ipv6_ecn_tcp_5 |
TCP Upload with ECN Capable Transport, ECN unaware DUT, ECT(1) |
ipv6_ecn_tcp_6 |
TCP Upload with ECN Capable Transport, ECN unaware DUT, ECT(0), Congestion Encountered |
basic-v6.tcl
Basic IPv6 extension header processing tests
| Test Name | Synopsis |
|---|---|
ipv6_basic_1 |
Verify DUT forwards packets with multiple extension headers |
ipv6_basic_2 |
Verify DUT responds to packets with multiple extension headers |
ipv6_basic_3 |
Verify DUT discards packets with unknown extension headers |
ipv6_basic_4 |
Verify DUT discards packets with Next Header value of zero in extension header |
ipv6_basic_5 |
Verify DUT ignores packets with extension header containing 'No Next Header' |
ipv6_basic_6 |
Verify DUT forwards packets with extension headers containing 'No Next Header' |
ipv6_basic_10 |
Verify DUT properly processes unknown Option Type identifiers with 00 high order bits |
ipv6_basic_11 |
Verify DUT properly processes unknown Option Type identifiers with 01 high order bits |
ipv6_basic_12 |
Verify DUT properly processes unknown Option Type identifiers with 10 high order bits - unicast destination |
ipv6_basic_13 |
Verify DUT properly processes unknown Option Type identifiers with 10 high order bits - multicast destination |
ipv6_basic_14 |
Verify DUT properly processes unknown Option Type identifiers with 11 high order bits - unicast destination |
ipv6_basic_15 |
Verify DUT properly processes unknown Option Type identifiers with 11 high order bits - multicast destination |
ipv6_basic_20 |
Verify DUT discards packets with Type 0 Routing Extension Header as an Intermediary Node |
ipv6_basic_21 |
Verify DUT processes packets with Type 0 Routing Extension Header as an End Node |
ipv6_basic_22 |
Verify DUT discards packets with Unknown Routing Extension Header as an Intermediary Node |
ipv6_basic_23 |
Verify DUT processes packets with Unknown Routing Extension Header as an End Node |
frag-v6.tcl
IPv6 fragmentation tests
| Test Name | Synopsis |
|---|---|
ipv6_frag_1 |
Verify DUT responds to fragmented ICMPv6 Echo Requests |
ipv6_frag_2 |
Verify DUT forwards fragmented ICMPv6 packets |
ipv6_frag_3 |
Verify DUT forwards fragmented UDP packets |
ndp.tcl
Neighbor Discovery Protocol and Router Advertisement tests for IPv6 devices
| Test Name | Synopsis |
|---|---|
ipv6_ndp_1 |
Verify DUT responds to Router Solicitations on the LAN |
ipv6_ndp_2 |
Verify DUT periodically sends unsolicited Router Advertisements |
ipv6_ndp_10 |
Verify DUT responds to Neighbor Solicitations for its link-local address |
ipv6_ndp_11 |
Verify DUT responds to Neighbor Solicitations for its global IPv6 address |
ipv6_ndp_12 |
Verify DUT ignores Neighbor Solicitations with an invalid hop-count |
ipv6_ndp_13 |
Verify DUT responds to DAD-style Neighbor Solicitations for link-local address on LAN |
ipv6_ndp_14 |
Verify DUT ignores Neighbor Solicitations with a different target than itself |
ipv6_ndp_15 |
Verify DUT ignores Neighbor Solicitations sent to the wrong Solicited-Node Multicast Address |
ipv6_ndp_16 |
Verify DUT responds to DAD-style Neighbor Solicitations for global address on LAN |
ipv6_ndp_20 |
Verify DUT sends ICMPv6 Redirect messages for neighbor traffic forwarded to it |
ipv6_ndp_30 |
Verify Router Advertisements contain M bit and O bit based on LAN mode |
ipv6_ndp_31 |
Verify Router Advertisements contain valid prefix, A bit, and L bit based on LAN settings |
ipv6_ndp_32 |
Verify Router Advertisements contain RDNSS option |
ipv6_ndp_33 |
Verify Router Advertisements contain DNSSL option |
ipv6_ndp_34 |
Verify DUT does not advertise itself as a default router when WAN RA lifetime is 0 |
ipv6_ndp_40 |
Verify Neighbor Unreachability Detection |
ipv6_ndp_41 |
Verify ICMPv6 Destination Unreachable sent on address resolution failure |
ndp-wan.tcl
Neighbor Discovery Protocol and Router Advertisement tests for the WAN side of IPv6 devices
| Test Name | Synopsis |
|---|---|
ipv6_ndp_wan_1 |
Verify if DUT responds to Router Solicitations on the WAN |
ipv6_ndp_wan_2 |
Verify if DUT periodically sends unsolicited Router Advertisements |
ipv6_ndp_wan_3 |
Verify DUT can switch to a new default router after the original default router is invalidated |
ipv6_ndp_wan_4 |
Verify DUT can switch to a new default router after the original default router expires |
ipv6_ndp_wan_5 |
Verify DUT follows the Default Router Selection recommendations when it has one router in its Neighbor Cache |
ipv6_ndp_wan_6 |
Verify DUT follows the Default Router Selection recommendations when it has two routers in its Default Router List |
ipv6_ndp_wan_10 |
Verify DUT responds to Neighbor Solicitations on the WAN for its link-local address |
ipv6_ndp_wan_11 |
Verify DUT responds to Neighbor Solicitations on the WAN for its global IPv6 address |
ipv6_ndp_wan_12 |
Verify DUT ignores invalid Neighbor Solicitations sent on the WAN |
ipv6_ndp_wan_13 |
Verify DUT responds to DAD-style Neighbor Solicitations on the WAN for its link local address |
ipv6_ndp_wan_14 |
Verify DUT ignores Neighbor Solicitations with a different target than itself |
ipv6_ndp_wan_15 |
Verify DUT ignores Neighbor Solicitations sent to the wrong Solicited-Node Multicast Address |
ipv6_ndp_wan_16 |
Verify DUT responds to DAD-style Neighbor Solicitations on the WAN for its global IPv6 address |
dhcpv6-c.tcl
DHCPv6 client tests for the WAN side of the router
| Test Name | Synopsis |
|---|---|
dhcpv6_1 |
Verify client requests the assignment of a non-temporary address |
dhcpv6_2 |
Verify client renews non-temporary address when current binding expires |
dhcpv6_4 |
Verify client obtains address from server using various undefined server DUID values |
dhcpv6_5 |
Verify client sends a DHCPv6 Decline message |
dhcpv6_10 |
Verify client ignores replies with mismatched client DUID |
dhcpv6_11 |
Verify client ignores unknown or invalid DHCPv6 packets |
dhcpv6_14 |
Verify client handles fragmented IPv6 packets |
dhcpv6_15 |
Verify client ignores server messages with invalid UDP checksum |
dhcpv6_16 |
Verify client composes DUID correctly |
dhcpv6_20 |
Verify client restarts when NoBinding failure occurs during Renew |
dhcpv6_21 |
Verify client restarts when UnspecFail failure occurs during Renew |
dhcpv6_22 |
Verify client restarts DHCPv6 when Reply to Request contains IA lifetimes set to 0 |
dhcpv6_23 |
Verify client restarts DHCPv6 when Reply to Renew contains IA lifetimes set to 0 |
dhcpv6_24 |
Verify client restarts DHCPv6 when Reply to Rebind contains IA lifetimes set to 0 |
dhcpv6_30 |
Verify client sends Rebind message if Renew for non-temporary address fails |
dhcpv6_31 |
Verify client sends Solicit message if Renew and Rebind for non-temporary address fails |
dhcpv6_32 |
Verify client supports DHCPv6 Reconfigure Key Authentication |
dhcpv6_33 |
Verify client ignores DHCPv6 Reconfigure without Authentication option |
dhcpv6_34 |
Verify client ignores DHCPv6 Reconfigure with incorrect Reconfigure Key |
dhcpv6_35 |
Verify client supports DHCPv6 Reconfigure with Rebind request |
dhcpv6_36 |
Verify client ignores DHCPv6 Reconfigure requesting a Solicit |
dhcpv6_50 |
Verify client retransmits DHCPv6 Solicit messages for non-temporary address |
dhcpv6_51 |
Verify client retransmits DHCPv6 Request messages for non-temporary address |
dhcpv6_52 |
Verify DHCPv6 Solicit retransmission times for IA_NA address bindings |
dhcpv6_53 |
Verify DHCPv6 Request retransmission times for IA_NA address bindings |
dhcpv6_54 |
Verify DHCPv6 Renew retransmission times for IA_NA address bindings |
dhcpv6_55 |
Verify DHCPv6 Rebind retransmission times for IA_NA address bindings |
dhcpv6_56 |
Verify DHCPv6 Decline retransmission times for IA_NA address bindings |
dhcpv6_57 |
Verify all DHCPv6 times for IA_NA address bindings |
dhcpv6_60 |
Verify client learns new non-temporary address when WAN DHCPv6 server renumbers |
dhcpv6_100 |
Verify client obtains IPv6 address when server uses unknown DHCPv6 options |
dhcpv6_101 |
Verify client ignores DHCPv6 messages with unknown options and invalid option length |
dhcpv6_102 |
Verify client includes the Elapsed Time option with value 0 in first message |
dhcpv6_103 |
Verify client increases value of Elapsed Time option when Solicit is retransmitted |
dhcpv6_130 |
Verify client handles Server Unicast Option |
dhcpv6_140 |
Verify client handles SOL_MAX_RT Option |
dhcpv6_150 |
Verify DHCPv6 client includes vendor defined options |
dhcpv6_160 |
Verify client supports DHCPv6 Rapid Commit option |
dhcpv6-pd.tcl
DHCPv6 prefix delegation tests for WAN to LAN IPv6 configuration
| Test Name | Synopsis |
|---|---|
dhcpv6_pd_1 |
Verify client requests the assignment of an IPv6 prefix |
dhcpv6_pd_2 |
Verify client renews prefix when current binding expires |
dhcpv6_pd_10 |
Verify client sends router advertisements on LAN with delegated prefix |
dhcpv6_pd_11 |
Verify client sends router advertisements on LAN with prefix lifetimes based on IA_PD lifetimes |
dhcpv6_pd_12 |
Verify LAN side DHCPv6 client address is based on WAN side delegated prefix |
dhcpv6_pd_13 |
Verify LAN side DHCPv6 client lifetime is based on WAN side IA_PD prefix lifetimes |
dhcpv6_pd_14 |
Verify client router advertisements on LAN include expected subnet ID |
dhcpv6_pd_15 |
Verify DUT does not advertise itself as a default router when WAN link is down |
dhcpv6_pd_20 |
Verify client restarts when NoBinding failure occurs during IA_PD Renew |
dhcpv6_pd_21 |
Verify client restarts when UnspecFail failure occurs during IA_PD Renew |
dhcpv6_pd_22 |
Verify client restarts DHCPv6 when Reply to Request contains IA lifetimes set to 0 |
dhcpv6_pd_23 |
Verify client restarts DHCPv6 when Reply to Renew contains IA lifetimes set to 0 |
dhcpv6_pd_24 |
Verify client restarts DHCPv6 when Reply to Rebind contains IA lifetimes set to 0 |
dhcpv6_pd_30 |
Verify client sends Rebind message if Renew for prefix fails |
dhcpv6_pd_31 |
Verify client sends Solicit message if Renew and Rebind for prefix fails |
dhcpv6_pd_52 |
Verify DHCPv6 Solicit retransmission times for IA_PD prefix bindings |
dhcpv6_pd_53 |
Verify DHCPv6 Request retransmission times for IA_PD prefix bindings |
dhcpv6_pd_54 |
Verify DHCPv6 Renew retransmission times for IA_PD prefix bindings |
dhcpv6_pd_55 |
Verify DHCPv6 Rebind retransmission times for IA_PD prefix bindings |
dhcpv6_pd_57 |
Verify all DHCPv6 times for IA_PD address bindings |
dhcpv6_pd_60 |
Verify client learns new IPv6 prefix when WAN DHCPv6 server renumbers |
dhcpv6_pd_61 |
Verify LAN side DHCPv6 server switches to new IPv6 prefix when WAN DHCPv6 server renumbers |
dhcpv6_pd_62 |
Verify DUT ages out prefix on LAN when WAN DHCPv6 server renumbers |
dhcpv6_pd_63 |
Verify DUT performs Duplicate Address Detection on global LAN address |
dhcpv6_pd_100 |
Verify client attempts to learn non-temporary address and prefix in a single DHCPv6 session |
dhcpv6_pd_110 |
Verify packets to unreachable subnets in the delegated prefix are dropped |
dhcpv6_pd_120 |
Verify LAN side DHCPv6 client address includes SLA ID |
dhcpv6_pd_130 |
Verify Route Information option is advertised for delegated prefix |
dhcpv6-s.tcl
DHCPv6 server tests for the LAN side of the router
| Test Name | Synopsis |
|---|---|
dhcpv6_server_1 |
Verify server assigns same address after client restart |
dhcpv6_server_2 |
Verify server returns address within configured pool |
dhcpv6_server_3 |
Verify server returns IP address with expected valid lifetime |
dhcpv6_server_5 |
Verify server assigns address to client using undefined client DUID values |
dhcpv6_server_8 |
Verify server ignores Solicits sent to unicast address |
dhcpv6_server_9 |
Verify server provides DNS and domain information to clients |
dhcpv6_server_10 |
Verify server ignores requests with mismatched server DUID |
dhcpv6_server_11 |
Verify server ignores unknown or invalid DHCPv6 packets |
dhcpv6_server_12 |
Verify server assigns address when IA_NA request from client does not contain an IPv6 address |
dhcpv6_server_13 |
Verify server assigns multiple addresses to client using multiple IA_NA identifiers |
dhcpv6_server_14 |
Verify server handles fragmented IPv6 packets |
dhcpv6_server_15 |
Verify server ignores client request with invalid UDP checksum |
dhcpv6_server_16 |
Verify server composes DUID correctly |
dhcpv6_server_20 |
Verify server assigns same IPv6 address after DHCPv6 Request from client |
dhcpv6_server_21 |
Verify server sends UseMulticast status code when client sends a unicast Request |
dhcpv6_server_22 |
Verify server sends NotOnLink status code when client sends Request with invalid link address |
dhcpv6_server_30 |
Verify server assigns same IPv6 address after DHCPv6 Confirm from client |
dhcpv6_server_31 |
Verify server sends NotOnLink status code when client sends Confirm with invalid link address |
dhcpv6_server_32 |
Verify server silently discards client Confirm messages that do not contain any addresses |
dhcpv6_server_40 |
Verify server assigns same IPv6 address after DHCPv6 Renew from client |
dhcpv6_server_41 |
Verify server sends UseMulticast status code when client sends unicast Renew |
dhcpv6_server_42 |
Verify server sends NoBinding status code when client attempts to renew unknown IAID |
dhcpv6_server_43 |
Verify server sends Reply with lifetimes of 0 when client attempts to renew unknown address |
dhcpv6_server_50 |
Verify server assigns same IPv6 address after DHCPv6 Rebind from client |
dhcpv6_server_52 |
Verify server sends Reply with lifetimes of 0 when client attempts to rebind with unknown address |
dhcpv6_server_60 |
Verify server responds to an Information-request message from client |
dhcpv6_server_70 |
Verify server assigns same IPv6 address after DHCPv6 Release from client |
dhcpv6_server_71 |
Verify server sends UseMulticast status code when clients sends unicast DHCPv6 Release |
dhcpv6_server_72 |
Verify server sends NoBinding status code when client attempts to release unknown IAID |
dhcpv6_server_80 |
Verify server assigns IPv6 address after DHCPv6 Decline from client |
dhcpv6_server_81 |
Verify server sends UseMulticast status code when client sends unicast DHCPv6 Decline |
dhcpv6_server_82 |
Verify server sends NoBinding status code when client attempts to decline unknown IAID |
dhcpv6_server_100 |
Verify server assigns IPv6 address when client uses unknown DHCPv6 options |
dhcpv6_server_101 |
Verify server ignores client requests with invalid option length |
dhcpv6_server_102 |
Verify server supports Rapid Commit option |
dhcpv6_server_110 |
Verify server assigns same IPv6 address when client requests both IA_NA and IA_PD |
dhcpv6_server_111 |
Verify server assigns same IPv6 address when client requests both IA_NA and IA_TA |
dhcpv6_server_120 |
Verify server responds to Relay-Forward requests sent to the All_DHCP_Servers multicast address |
dhcpv6_server_121 |
Verify server responds to Relay-Forward requests sent to server unicast address |
dhcpv6_server_122 |
Verify server includes Interface-Id option in Relay-Reply if included by relay agent |
pppoe-c-v6.tcl
PPPoE client tests with IPv6 on the WAN side of the router
| Test Name | Synopsis |
|---|---|
ipv6_pppoe_client_1 |
PPPoE client restarts PPPoE Discovery when PPP LCP Echo-Requests fail |
ipv6_pppoe_client_10 |
PPPoE client restarts PPPoE Discovery when PPP LCP terminates PPP link |
ipv6_pppoe_client_50 |
PPPoE PPP client replies to LCP Echo-Requests |
ipv6_pppoe_client_60 |
PPPoE PPP client maintains LCP Magic Number during session |
ipv6_pppoe_client_70 |
IPv6CP Configure-Requests include Interface Identifier option |
ipv6_pppoe_client_200 |
PPPoE/PPP restarts if PPP authentication fails |
ipv6_pppoe_client_210 |
PPPoE/PPP can recover if LCP renegotiation is attempted |
ipv6_pppoe_client_230 |
PPPoE/PPP can recover if LCP Echo-Request contains bad length |
ipv6_pppoe_client_300 |
PPPoE client recovers if PPPoE server drops PADR from PPPoE client |
ipv6_pppoe_client_310 |
PPPoE client returns AC-Cookie in PADR when server sends AC-Cookie in PADO |
ipv6_pppoe_client_320 |
PPPoE client maintains Relay-Session-Id during PPPoE session establishment |
ipv6_pppoe_client_330 |
PPPoE client reconnects to server after 15 minute WAN disconnect |
ipv6_pppoe_client_331 |
PPPoE client reconnects to server after 30 minute WAN disconnect |
ipv6_pppoe_client_332 |
PPPoE client reconnects to server after 60 minute WAN disconnect |
slaac-wan.tcl
Autoconf / SLAAC client tests for the WAN side of the router
| Test Name | Synopsis |
|---|---|
ipv6_slaac_wan_1 |
Verify DUT configures a new address using SLAAC when a new prefix is advertised on the WAN |
ipv6_slaac_wan_10 |
Verify DUT sends DAD-style Neighbor Solicitations when configuring an address |
ipv6_slaac_wan_11 |
Verify DUT does not configure an address when a DAD collision occurs |
ipv6_slaac_wan_12 |
Verify DUT responds to Neighbor Solicitations for new configured address on WAN |
ipv6_slaac_wan_13 |
Verify DUT responds to DAD-style Neighbor Solicitations for new configured address on WAN |
ipv6_slaac_wan_20 |
Verify DUT does not configure an address when the A-bit is not set |
ipv6_slaac_wan_21 |
Verify DUT does not configure an address when the advertised prefix is a link-local prefix |
ipv6_slaac_wan_22 |
Verify DUT does not configure an address when the valid lifetime is 0 |
6to4.tcl
6to4 tunnel tests for connecting IPv6 hosts over IPv4 networks
| Test Name | Synopsis |
|---|---|
ipv6_6to4_1 |
Verify IPv6 Router Advertisements include 6to4 prefix based on IPv4 WAN |
ipv6_6to4_2 |
Verify DUT assigns itself a global address on the LAN side 6to4 network |
ipv6_6to4_3 |
Verify IPv6 Router Advertisements include SLA ID |
ipv6_6to4_10 |
Verify packets to 6to4 addresses are tunneled directly to IPv4 address |
ipv6_6to4_11 |
Verify packets to non 6to4 addresses are tunneled to 6to4 relay server |
ipv6_6to4_12 |
Verify IPv4 src address of tunneled 6to4 packets matches WAN IPv4 address |
ipv6_6to4_13 |
Verify encapsulating IPv4 header for 6to4 has the DF flag set correctly |
ipv6_6to4_14 |
Verify DUT handles incoming 6to4 fragmented packets |
ipv6_6to4_100 |
Verify IPv6 Router Advertisements announce new 6to4 prefix when IPv4 WAN changes |
ipv6_6to4_101 |
Verify DUT updates global IPv6 address after IPv4 WAN change |
ipv6_6to4_102 |
Verify DUT forwards tunneled IPv6 traffic after IPv4 WAN change |
ipv6_6to4_103 |
Verify IPv6 router advertisements age out 6to4 prefix when IPv4 WAN link is down |
ipv6_6to4_150 |
Verify LAN side DHCPv6 client address contains a 6to4 prefix based on IPv4 WAN |
ipv6_6to4_160 |
Verify LAN side DHCPv6 client address contains a 6to4 prefix which includes SLA ID |
6rd.tcl
6rd tunnel tests for connecting IPv6 hosts over IPv4 networks
| Test Name | Synopsis |
|---|---|
ipv6_6rd_1 |
Verify IPv6 Router Advertisements include 6rd prefix based on IPv4 WAN |
ipv6_6rd_2 |
Verify DUT assigns itself a global address on the LAN side 6rd network |
ipv6_6rd_3 |
Verify IPv6 Router Advertisements include subnet ID |
ipv6_6rd_10 |
Verify packets to 6rd addresses are tunneled directly to IPv4 address |
ipv6_6rd_11 |
Verify packets to non 6rd addresses are tunneled to 6rd relay server |
ipv6_6rd_12 |
Verify IPv4 src address of tunneled 6rd packets matches WAN IPv4 address |
ipv6_6rd_13 |
Verify encapsulating IPv4 header for 6rd has the DF flag set correctly |
ipv6_6rd_14 |
Verify DUT handles incoming 6rd fragmented packets |
ipv6_6rd_100 |
Verify IPv6 Router Advertisements announce new 6rd prefix when IPv4 WAN changes |
ipv6_6rd_101 |
Verify DUT updates global IPv6 address after IPv4 WAN change |
ipv6_6rd_102 |
Verify DUT forwards tunneled IPv6 traffic after IPv4 WAN change |
ipv6_6rd_103 |
Verify IPv6 router advertisements age out 6rd prefix when IPv4 WAN link is down |
ipv6_6rd_150 |
Verify LAN side DHCPv6 client address contains a 6rd prefix based on IPv4 WAN |
ipv6_6rd_160 |
Verify LAN side DHCPv6 client address contains a 6rd prefix which includes SLA ID |
icmp-v6.tcl
ICMPv6 tests for baseline ICMPv6 not including Neighbor Discovery
| Test Name | Synopsis |
|---|---|
icmpv6_1 |
Verify ICMPv6 Echo Requests work through DUT |
icmpv6_2 |
Verify ICMPv6 Echo Requests from multiple LAN clients work through DUT |
icmpv6_3 |
Verify DUT responds to ICMPv6 Echo Requests to its global IPv6 address from LAN |
icmpv6_4 |
Verify DUT responds to ICMPv6 Echo Requests to its link-local address |
icmpv6_5 |
Verify ICMPv6 Echo Requests to DUT's global IPv6 address behave as expected |
icmpv6_6 |
Verify DUT responds to ICMPv6 Echo Requests sent to the All-Routers multicast group |
icmpv6_7 |
Verify DUT responds to ICMPv6 Echo Requests to the All-Routers group from a global prefix |
icmpv6_8 |
Verify DUT responds to ICMPv6 Echo Requests sent to the All-Nodes group from a link-local address |
icmpv6_9 |
Verify DUT responds to ICMPv6 Echo Requests to the All-Nodes group from a global IPv6 address |
icmpv6_10 |
Verify ICMPv6 Time Exceeded packet is sent when incoming Hop Limit is 0 or 1 on LAN |
icmpv6_11 |
Verify DUT forwards inbound ICMPv6 Time Exceeded |
icmpv6_12 |
Verify DUT forwards inbound ICMPv6 Destination Unreachable |
icmpv6_13 |
Verify DUT forwards inbound ICMPv6 Packet Too Big messages |
icmpv6_14 |
Verify DUT forwards inbound ICMPv6 Parameter Problem |
icmpv6_20 |
Verify DUT supports Path MTU Discovery over WAN interface |
icmpv6_30 |
Verify Path MTU value is consistent with Router Advertisement MTU value |
icmpv6_31 |
Verify Packet Too Big messages as IPv6 WAN MTU changes |
icmpv6_32 |
Verify ICMPv6 Time Exceeded packet is sent when incoming Hop Limit is 0 or 1 on WAN |
icmpv6_33 |
Verify DUT responds to ICMPv6 Echo Request with Hop Limit of 0 on the LAN |
icmpv6_34 |
Verify DUT responds to ICMPv6 Echo Request with Hop Limit of 0 on the WAN |
firewall-v6.tcl
IPv6 Firewall tests including port scans
| Test Name | Synopsis |
|---|---|
ipv6_firewall_1 |
Inbound TCP connections to public side HTTP port are blocked |
ipv6_firewall_2 |
Inbound TCP connections to LAN hosts are blocked |
ipv6_firewall_100 |
TCP port scan the LAN Client from WAN to verify the DUT does not forward unsolicited packets |
ipv6_firewall_101 |
UDP port scan the LAN Client from WAN to verify the DUT does not forward unsolicited packets |
ipv6_firewall_110 |
TCP fragmentation port scan test to verify the DUT does not forward unsolicited packets |
ipv6_firewall_301 |
Verify firewall blocks/accepts piggyback TCP SYN connections from WAN |
ipv6_firewall_505 |
Verify outbound packets with forbidden source addresses are not forwarded onto the WAN |
ipv6_firewall_506 |
Verify inbound packets with forbidden source addresses are not forwarded onto the LAN |
ipv6_firewall_508 |
Verify outbound packets are not forwarded if the source address is not a prefix of the interior network |
ipv6_firewall_509 |
Verify inbound packets are not forwarded if the source address is assigned for use on the interior network |
ipv6_firewall_510 |
Verify outbound packets with link local source addresses are not forwarded to the WAN |
ipv6_firewall_511 |
Verify inbound packets with link local source addresses are not forwarded to the LAN |
ipv6_firewall_512 |
Verify inbound IPv6 DNS queries on the WAN are not processed by DNS proxy |
ipv6_firewall_513 |
Verify inbound DHCPv6 discovery packets on the WAN are not processed by DHCPv6 server |
ipv6_firewall_540 |
Verify ICMPv6 Destination Unreachable message from WAN does not destroy UDP firewall state |
ipv6_firewall_541 |
Verify ICMPv6 Destination Unreachable message from WAN does not destroy TCP firewall state |
ipv6_firewall_542 |
Verify ICMPv6 Packet Too Big message from WAN does not destroy UDP firewall state |
ipv6_firewall_543 |
Verify ICMPv6 Packet Too Big message from WAN does not destroy TCP firewall state |
firewall-out-v6.tcl
IPv6 Firewall tests for limiting outbound access to services
| Test Name | Synopsis |
|---|---|
ipv6_firewall_outbound_1 |
Verify CPE does not forward outbound TCP packets to ports that have been administratively blocked |
ipv6_firewall_outbound_2 |
Verify CPE does not forward outbound UDP packets to ports that have been administratively blocked |
ipv6_firewall_outbound_3 |
Verify CPE does not forward outbound IP packets for protocols that have been administratively blocked |
apps-v6.tcl
Application tests for IPv6
| Test Name | Synopsis |
|---|---|
ipv6_app_100 |
Verify IPv6 HTTP session through the router |
ipv6_app_110 |
Verify IPv6 HTTPS session through the router |
ipv6_app_112 |
Verify IPv6 DNS query through the router |
ipv6_app_114 |
Verify IPv6 FTP session through the router |
ipv6_app_120 |
Verify IPv6 SMTP session through the router |
ipv6_app_122 |
Verify IPv6 POP3 session through the router |
ipv6_app_124 |
Verify IPv6 TFTP session through the router |
ipv6_app_126 |
Verify IPv6 NTP session through the router |
ipv6_app_130 |
Verify IPv6 STUN session through the router |
ipv6_app_131 |
Verify IPv6 authenticated STUN session through the router |
ipv6_app_140 |
Verify IPv6 L2GRE session through the router |
ipv6_mptcp_1 |
Verify a Multipath TCP connection can be opened (IPv6) |
ipv6_mptcp_2 |
Verify a Multipath TCP connection with two subflows can be opened (IPv6) |
forward-v6.tcl
IPv6 forwarding tests with different packet sizes and directions
| Test Name | Synopsis |
|---|---|
ipv6_forward_1 |
Verify IPv6 Hop Limit is decremented for forwarded packets |
ipv6_forward_2 |
Verify IPv6 packet is not forwarded when IPv6 Hop Limit is 1 or 0 |
ipv6_forward_3 |
Verify IPv6 packet can be forwarded back through incoming LAN interface |
ipv6_forward_10 |
Forward IPv6 UDP packets with various packet lengths (LAN to WAN) |
ipv6_forward_11 |
Forward IPv6 UDP packets with various packet lengths (WAN to LAN) |
jumbo-v6.tcl
Jumbo MTU IPv6 forwarding tests with different packet sizes and directions
| Test Name | Synopsis |
|---|---|
ipv6_jumbo_1 |
Verify IPv6 Hop Limit is decremented for forwarded jumbo MTU packets |
ipv6_jumbo_2 |
Verify jumbo MTU IPv6 packet is not forwarded when IPv6 Hop Limit is 1 or 0 |
ipv6_jumbo_3 |
Verify jumbo MTU IPv6 packet can be forwarded back through incoming LAN interface |
ipv6_jumbo_10 |
Forward jumbo MTU IPv6 UDP packets with various packet lengths (LAN to WAN) |
ipv6_jumbo_11 |
Forward jumbo MTU IPv6 UDP packets with various packet lengths (WAN to LAN) |
scaling-v6.tcl
Scaling tests for maximum number of IPv6 clients and connections (TCP, HTTP, etc)
| Test Name | Synopsis |
|---|---|
ipv6_scale_1 |
Verify all IPv6 clients obtain an IPv6 address via autoconf or DHCPv6 and are operational |
ipv6_scale_2 |
Verify all IPv6 clients with multiple TCP connections |
ipv6_scale_3 |
Verify all IPv6 clients with single UDP connection |
dslite.tcl
DS-Lite tests for tunneling IPv4 over IPv6
| Test Name | Synopsis |
|---|---|
dslite_1 |
Verify NAT is not enabled on DS-Lite B4 interface |
dslite_10 |
Verify B4 Element announces itself as the IPv4 default gateway using DHCPv4 |
dslite_11 |
Verify B4 Element announces itself as the IPv4 DNS server using DHCPv4 |
dslite_20 |
Verify DS-Lite packet fragmentation occurs at IPv6 layer and not the IPv4 layer |
dslite_21 |
Verify IPv4 ICMP Unreachable is generated if DF=1 and packet would fragment |
dslite_22 |
Verify IPv4 packet is dropped if DF=1 and packet would fragment |
dslite_30 |
Verify DNS queries sent to router over IPv4 are forwarded to IPv6 DNS server |
dslite_40 |
Verify LAN clients can reach the IPv4 address of DS-Lite AFTR |
dslite_41 |
Verify LAN clients can reach the IPv4 address of DS-Lite B4 |
dslite_42 |
Verify IPv4 TOS is copied to IPv6 Traffic Class |
dns-v6.tcl
IPv6 DNS proxy and DNS failover related tests
| Test Name | Synopsis |
|---|---|
ipv6_dns_10 |
Verify IPv6 DNS proxy does not cache DNS entry when DNS TTL is 0 |
ipv6_dns_11 |
Verify IPv6 DNS proxy returns TTL of 0 when returned DNS TTL is 0 |
ipv6_dns_40 |
Verify AAAA IPv6 DNS queries to router are forwarded to real DNS server |
ipv6_dns_41 |
Verify AAAA IPv6 DNS queries can return no address for IPv6 to IPv4 failover |
ipv6_dns_45 |
Verify IPv6 DNS failover when non-zero error codes are received in non-authoritative DNS response |
ipv6_dns_46 |
Verify IPv6 DNS failover when non-zero error codes are received in authoritative DNS response |
ipv6_dns_50 |
Verify Reverse PTR DNS queries to router are forwarded to real DNS server |
ipv6_dns_51 |
Verify Reverse AAAA IPv6 DNS queries to router are forwarded to real DNS server |
ipv6_dns_60 |
Verify IPv6 DNS proxy fails over when new primary DNS server is learned |
ipv6_dns_70 |
Verify IPv6 DNS lookups with multiple IPv4 responses |
ipv6_dns_100 |
Verify IPv6 DNS proxy recovers after DNS server outage |
ipv6_dns_110 |
Verify IPv6 DNS queries including the EDNS0 option |
ipv6_dns_120 |
Verify large DNS responses using EDNS0 option |
ipv6_dns_121 |
Verify maximum UDP payload value in EDNS0 option |
ipv6_dns_130 |
Verify IPv6 DNS queries for TXT records |
ipv6_dns_132 |
Verify DNS queries for CNAME records |
ipv6_dns_133 |
Verify DNS queries for responses returning both CNAME and A records |
ipv6_dns_134 |
Verify DNS queries for responses returning both CNAME and AAAA records |
ipv6_dns_140 |
Verify IPv6 DNS queries for SPF records |
ipv6_dns_141 |
Verify IPv6 DNS queries for SRV records |
ipv6_dns_150 |
Verify DNS proxy behavior for DNS server status requests |
ipv6_dns_200 |
Verify IPv6 DNS proxy does not mangle DNSSEC queries |
ipv6_dns_201 |
Verify IPv6 DNS proxy does not mangle large DNSSEC responses |
ipv6_dns_300 |
Verify IPv6 DNS proxy honors TTL values when caching responses |
ipv6_dns_301 |
Verify maximum number of cached DNS responses |
ipv6_dns_400 |
Verify parallel DNS queries |
ipv6_dns_410 |
Verify DNS does not deploy NXDOMAIN hijacking for type A records |
ipv6_dns_411 |
Verify DNS does not deploy NXDOMAIN hijacking for type AAAA records |
ipv6_dns_420 |
Verify DNS proxy handles use of bit 0x20 in DNS labels |
ipv6_dns_500 |
Verify DNS proxy enforces DNS strict privacy usage profile |
dns-https-v6.tcl
IPv6 DNS over HTTPS (DoH) proxy and DNS failover related tests
| Test Name | Synopsis |
|---|---|
ipv6_dns_https_10 |
Verify IPv6 DNS proxy does not cache DNS entry when DNS TTL is 0 |
ipv6_dns_https_11 |
Verify IPv6 DNS proxy returns TTL of 0 when returned DNS TTL is 0 |
ipv6_dns_https_40 |
Verify AAAA IPv6 DNS queries to router are forwarded to real DNS server |
ipv6_dns_https_41 |
Verify AAAA IPv6 DNS queries can return no address for IPv6 to IPv4 failover |
ipv6_dns_https_45 |
Verify IPv6 DNS failover when non-zero error codes are received in non-authoritative DNS response |
ipv6_dns_https_46 |
Verify IPv6 DNS failover when non-zero error codes are received in authoritative DNS response |
ipv6_dns_https_50 |
Verify Reverse PTR DNS queries to router are forwarded to real DNS server |
ipv6_dns_https_51 |
Verify Reverse AAAA IPv6 DNS queries to router are forwarded to real DNS server |
ipv6_dns_https_60 |
Verify IPv6 DNS proxy fails over when new primary DNS server is learned |
ipv6_dns_https_70 |
Verify IPv6 DNS lookups with multiple IPv4 responses |
ipv6_dns_https_100 |
Verify IPv6 DNS proxy recovers after DNS server outage |
ipv6_dns_https_110 |
Verify IPv6 DNS queries including the EDNS0 option |
ipv6_dns_https_120 |
Verify large DNS responses using EDNS0 option |
ipv6_dns_https_121 |
Verify maximum UDP payload value in EDNS0 option |
ipv6_dns_https_130 |
Verify IPv6 DNS queries for TXT records |
ipv6_dns_https_132 |
Verify DNS queries for CNAME records |
ipv6_dns_https_133 |
Verify DNS queries for responses returning both CNAME and A records |
ipv6_dns_https_134 |
Verify DNS queries for responses returning both CNAME and AAAA records |
ipv6_dns_https_140 |
Verify IPv6 DNS queries for SPF records |
ipv6_dns_https_141 |
Verify IPv6 DNS queries for SRV records |
ipv6_dns_https_150 |
Verify DNS proxy behavior for DNS server status requests |
ipv6_dns_https_200 |
Verify IPv6 DNS proxy does not mangle DNSSEC queries |
ipv6_dns_https_201 |
Verify IPv6 DNS proxy does not mangle large DNSSEC responses |
ipv6_dns_https_300 |
Verify IPv6 DNS proxy honors TTL values when caching responses |
ipv6_dns_https_301 |
Verify maximum number of cached DNS responses |
ipv6_dns_https_400 |
Verify parallel DNS queries |
ipv6_dns_https_410 |
Verify DNS does not deploy NXDOMAIN hijacking for type A records |
ipv6_dns_https_411 |
Verify DNS does not deploy NXDOMAIN hijacking for type AAAA records |
ipv6_dns_https_420 |
Verify DNS proxy handles use of bit 0x20 in DNS labels |
ipv6_dns_https_500 |
Verify DNS proxy enforces DNS strict privacy usage profile |
dns-tcp-v6.tcl
IPv6 DNS over TCP proxy and DNS failover related tests
| Test Name | Synopsis |
|---|---|
ipv6_dns_tcp_10 |
Verify IPv6 DNS proxy does not cache DNS entry when DNS TTL is 0 |
ipv6_dns_tcp_11 |
Verify IPv6 DNS proxy returns TTL of 0 when returned DNS TTL is 0 |
ipv6_dns_tcp_40 |
Verify AAAA IPv6 DNS queries to router are forwarded to real DNS server |
ipv6_dns_tcp_41 |
Verify AAAA IPv6 DNS queries can return no address for IPv6 to IPv4 failover |
ipv6_dns_tcp_45 |
Verify IPv6 DNS failover when non-zero error codes are received in non-authoritative DNS response |
ipv6_dns_tcp_46 |
Verify IPv6 DNS failover when non-zero error codes are received in authoritative DNS response |
ipv6_dns_tcp_50 |
Verify Reverse PTR DNS queries to router are forwarded to real DNS server |
ipv6_dns_tcp_51 |
Verify Reverse AAAA IPv6 DNS queries to router are forwarded to real DNS server |
ipv6_dns_tcp_60 |
Verify IPv6 DNS proxy fails over when new primary DNS server is learned |
ipv6_dns_tcp_70 |
Verify IPv6 DNS lookups with multiple IPv4 responses |
ipv6_dns_tcp_100 |
Verify IPv6 DNS proxy recovers after DNS server outage |
ipv6_dns_tcp_110 |
Verify IPv6 DNS queries including the EDNS0 option |
ipv6_dns_tcp_120 |
Verify large DNS responses using EDNS0 option |
ipv6_dns_tcp_121 |
Verify maximum UDP payload value in EDNS0 option |
ipv6_dns_tcp_130 |
Verify IPv6 DNS queries for TXT records |
ipv6_dns_tcp_132 |
Verify DNS queries for CNAME records |
ipv6_dns_tcp_133 |
Verify DNS queries for responses returning both CNAME and A records |
ipv6_dns_tcp_134 |
Verify DNS queries for responses returning both CNAME and AAAA records |
ipv6_dns_tcp_140 |
Verify IPv6 DNS queries for SPF records |
ipv6_dns_tcp_141 |
Verify IPv6 DNS queries for SRV records |
ipv6_dns_tcp_150 |
Verify DNS proxy behavior for DNS server status requests |
ipv6_dns_tcp_200 |
Verify IPv6 DNS proxy does not mangle DNSSEC queries |
ipv6_dns_tcp_201 |
Verify IPv6 DNS proxy does not mangle large DNSSEC responses |
ipv6_dns_tcp_300 |
Verify IPv6 DNS proxy honors TTL values when caching responses |
ipv6_dns_tcp_301 |
Verify maximum number of cached DNS responses |
ipv6_dns_tcp_400 |
Verify parallel DNS queries |
ipv6_dns_tcp_410 |
Verify DNS does not deploy NXDOMAIN hijacking for type A records |
ipv6_dns_tcp_411 |
Verify DNS does not deploy NXDOMAIN hijacking for type AAAA records |
ipv6_dns_tcp_420 |
Verify DNS proxy handles use of bit 0x20 in DNS labels |
ipv6_dns_tcp_500 |
Verify DNS proxy enforces DNS strict privacy usage profile |
dns-tls-v6.tcl
IPv6 DNS over TLS proxy and DNS failover related tests
| Test Name | Synopsis |
|---|---|
ipv6_dns_tls_10 |
Verify IPv6 DNS proxy does not cache DNS entry when DNS TTL is 0 |
ipv6_dns_tls_11 |
Verify IPv6 DNS proxy returns TTL of 0 when returned DNS TTL is 0 |
ipv6_dns_tls_40 |
Verify AAAA IPv6 DNS queries to router are forwarded to real DNS server |
ipv6_dns_tls_41 |
Verify AAAA IPv6 DNS queries can return no address for IPv6 to IPv4 failover |
ipv6_dns_tls_45 |
Verify IPv6 DNS failover when non-zero error codes are received in non-authoritative DNS response |
ipv6_dns_tls_46 |
Verify IPv6 DNS failover when non-zero error codes are received in authoritative DNS response |
ipv6_dns_tls_50 |
Verify Reverse PTR DNS queries to router are forwarded to real DNS server |
ipv6_dns_tls_51 |
Verify Reverse AAAA IPv6 DNS queries to router are forwarded to real DNS server |
ipv6_dns_tls_60 |
Verify IPv6 DNS proxy fails over when new primary DNS server is learned |
ipv6_dns_tls_70 |
Verify IPv6 DNS lookups with multiple IPv4 responses |
ipv6_dns_tls_100 |
Verify IPv6 DNS proxy recovers after DNS server outage |
ipv6_dns_tls_110 |
Verify IPv6 DNS queries including the EDNS0 option |
ipv6_dns_tls_120 |
Verify large DNS responses using EDNS0 option |
ipv6_dns_tls_121 |
Verify maximum UDP payload value in EDNS0 option |
ipv6_dns_tls_130 |
Verify IPv6 DNS queries for TXT records |
ipv6_dns_tls_132 |
Verify DNS queries for CNAME records |
ipv6_dns_tls_133 |
Verify DNS queries for responses returning both CNAME and A records |
ipv6_dns_tls_134 |
Verify DNS queries for responses returning both CNAME and AAAA records |
ipv6_dns_tls_140 |
Verify IPv6 DNS queries for SPF records |
ipv6_dns_tls_141 |
Verify IPv6 DNS queries for SRV records |
ipv6_dns_tls_150 |
Verify DNS proxy behavior for DNS server status requests |
ipv6_dns_tls_200 |
Verify IPv6 DNS proxy does not mangle DNSSEC queries |
ipv6_dns_tls_201 |
Verify IPv6 DNS proxy does not mangle large DNSSEC responses |
ipv6_dns_tls_300 |
Verify IPv6 DNS proxy honors TTL values when caching responses |
ipv6_dns_tls_301 |
Verify maximum number of cached DNS responses |
ipv6_dns_tls_400 |
Verify parallel DNS queries |
ipv6_dns_tls_410 |
Verify DNS does not deploy NXDOMAIN hijacking for type A records |
ipv6_dns_tls_411 |
Verify DNS does not deploy NXDOMAIN hijacking for type AAAA records |
ipv6_dns_tls_420 |
Verify DNS proxy handles use of bit 0x20 in DNS labels |
ipv6_dns_tls_500 |
Verify DNS proxy enforces DNS strict privacy usage profile |
url-filter-v6.tcl
IPv6 URL filtering tests for LAN side HTTP clients
| Test Name | Synopsis |
|---|---|
ipv6_urlfilter_10 |
Verify HTTP GETs to filtered URLs over IPv6 are blocked |
ipv6_urlfilter_12 |
Verify HTTP GETs to filtered URLs over IPv6 are blocked without DNS lookups |
ipv6_urlfilter_15 |
Verify HTTP HEADs to filtered URLs over IPv6 are blocked |
ipv6_urlfilter_20 |
Verify HTTP POSTs to filtered URLs over IPv6 are blocked |
ipv6_urlfilter_30 |
Verify URL filtering over IPv6 does not look at Cookie data |
ipv6_urlfilter_40 |
Verify HTTPS GETs to filtered URLs over IPv6 are blocked |
mcast-v6.tcl
MLDv1/v2 and multicast data tests for IPv6 MLD proxy
| Test Name | Synopsis |
|---|---|
ipv6_mcast_1 |
MLD packets from LAN are proxied to WAN interface |
ipv6_mcast_2 |
Verify IPv6 Hop-Limit is decremented for multicast packets |
ipv6_mcast_11 |
Forward Multicast IPv6 UDP packets with various packet lengths (LAN to WAN) |
ipv6_mcast_12 |
Forward Multicast IPv6 UDP packets with various packet lengths (WAN to LAN) |
ipv6_mcast_20 |
Verify MLD router periodically sends general MLD Query on LAN interface |
ipv6_mcast_50 |
Multicast streams are not forwarded if no group members exist |
ipv6_mcast_51 |
Multicast streams are not forwarded after last member leaves group |
ipv6_mcast_52 |
Multicast streams are not forwarded after last member ages out |
ipv6_mcast_53 |
MLD proxy interface answers MLD general query requests |
ipv6_mcast_54 |
MLD proxy interface answers MLD specific query requests |
ipv6_mcast_60 |
Verify MLD router sends MLD Group Specific Query after last member leaves group |
ipv6_mcast_70 |
Verify MLD router sends MLD Leave after last group member ages out |
ipv6_mcast_80 |
Verify MLD router accepts reports with unspecified source address |
ipv6_mcast_81 |
Verify MLD snooping switch scenario with unspecified source address |
ipv6_mcast_100 |
Verify the maximum number of multicast groups received on the LAN |
ipv6_mcast_110 |
Verify IPTV channel change test scenario 1 (no overlap) |
ipv6_mcast_120 |
Verify IPTV channel change test scenario 2 (overlap) |
ipv6_mcast_200 |
Verify MLDv2 membership with source specific ALLOW_NEW_SOURCES/BLOCK_OLD_SOURCES |
ipv6_mcast_210 |
Verify MLDv2 router blocks incoming multicast sources that do not match the source list |
ipv6_mcast_220 |
Verify MLDv2 router blocks incoming sources on a per group basis |
ipv6_mcast_230 |
Verify MLDv2 source specific group with multiple sources |
ipv6_mcast_240 |
Verify MLDv2 general query requests with source specific memberships |
ipv6_mcast_250 |
Verify MLDv2 specific query requests with source specific memberships |
ipv6_mcast_260 |
Verify MLDv2 group and source specific query requests |
ipv6_mcast_300 |
Verify MLDv2 maximum number of multicast groups with multiple group records |
ipv6_mcast_310 |
Verify MLDv2 source specific IPTV channel change test scenario |
ula.tcl
IPv6 unique local address (ULA) test module
| Test Name | Synopsis |
|---|---|
ula_1 |
Verify Router Advertisements include valid unique local prefix |
ula_2 |
Verify Route Information option is advertised for unique local prefix |
ula_3 |
Verify advertised unique local prefix includes A bit and L bit based on LAN settings |
ula_4 |
Verify DUT responds to Neighbor Solicitations for its IPv6 unique local address |
ula_5 |
Verify that DUT does not advertise unique local prefixes on the WAN |
ula_10 |
Verify unique local prefix is advertised when WAN link is down |
ula_11 |
Verify Route Information option for unique local prefix is valid when WAN link is down |
ula_12 |
Verify DUT does not advertise itself as a default router when WAN link is down |
ula_13 |
Verify unique local prefix is advertised when WAN RA lifetime is 0 |
ula_14 |
Verify Route Information option for unique local prefix is valid when WAN RA lifetime is 0 |
ula_20 |
Verify DUT responds to ICMPv6 Echo Requests to its IPv6 unique local address from LAN |
ula_21 |
Verify DUT responds to ICMPv6 Echo Requests to the All-Routers group from a unique local prefix |
ula_22 |
Verify DUT responds to ICMPv6 Echo Requests to the All Nodes group from a unique local IPv6 address |
ula_30 |
Verify packets with IPv6 unique local source addresses are not forwarded to the WAN |
ula_31 |
Verify packets with IPv6 unique local destination addresses are not forwarded to the WAN |
ula_32 |
Verify packets with IPv6 unique local source addresses are not forwarded to the LAN |
ula_33 |
Verify packets with IPv6 unique local destination addresses are not forwarded to the LAN |
static-v6.tcl
IPv6 static route related tests
| Test Name | Synopsis |
|---|---|
static_v6_1 |
Verify all LAN IPv6 static routes with LAN side traffic only |
static_v6_2 |
Verify all LAN IPv6 static routes with LAN to WAN traffic |
static_v6_10 |
Verify all WAN IPv6 static routes |
static_v6_20 |
Verify all WAN IPv6 static routes after WAN ISP address change |
cpe-v6.tcl
Tests to verify requirements in RFC 7084
| Test Name | Synopsis |
|---|---|
cpe_v6_1 |
RA Prefix Information Option L-flag, L-flag=0 without Default Router |
cpe_v6_2 |
RA Prefix Information Option L-flag, L-flag=1 without Default Router |
cpe_v6_3 |
RA Prefix Information Option L-flag, L-flag=0 with Default Router |
cpe_v6_4 |
RA Prefix Information Option L-flag, L-flag=1 with Default Router |
cpe_v6_5 |
DHCPv6 Required Options |
cpe_v6_6 |
RA M-flag is Set |
cpe_v6_7 |
RA M and O flags Effect on DHCP Prefix Delegation, M-flag=1, O-flag=0 |
cpe_v6_8 |
RA M and O flags Effect on DHCP Prefix Delegation, M-flag=0, O-flag=1 |
cpe_v6_9 |
RA M and O flags Effect on DHCP Prefix Delegation, M-flag=1, O-flag=1 |
cpe_v6_10 |
No Global Address is Configured |
cpe_v6_11 |
Different DHCPv6 Prefix Size from Hint |
cpe_v6_12 |
Prevent Forwarding Loops |
cpe_v6_13 |
Assign /64 Prefixes to LAN Interfaces, Prefix Length of /64 |
cpe_v6_14 |
Assign /64 Prefixes to LAN Interfaces, Prefix Length of /48 |
cpe_v6_15 |
Assign /64 Prefixes to LAN Interfaces, Prefix Length of /56 |
cpe_v6_16 |
RA Route Information Option, Having WAN Connectivity |
cpe_v6_17 |
RA Route Information Option, Without WAN Connectivity |
cpe_v6_18 |
No Prefixes Delegated |
cpe_v6_19 |
No Prefixes Delegated, Delegated Prefix Expired |
cpe_v6_20 |
Router Advertisement, Advertising Interface |
cpe_v6_21 |
Delegated Prefix Change |
cpe_v6_22 |
Default Source Address Selection, Prefer Appropriate Scope |
cpe_v6_23 |
Default Source Address Selection, Avoid Deprecated Addresses |
cpe_v6_24 |
Default Source Address Selection, Use Longest Matching Prefix |
cpe_v6_25 |
Default Router Lost |
cpe_v6_26 |
Forwarding before address acquisition - DHCPv6 Leases Expired |
cpe_v6_27 |
Forwarding before address acquisition - Reboot |
cpe_v6_28 |
No Default Router |
cpe_v6_29 |
IPv6 Host on WAN |
cpe_v6_30 |
Duplicate Address Detection before Router Discovery |
cpe_v6_31 |
Persistent DUID |
cpe_v6_32 |
Dual-Stack PPP Encapsulation |
cpe_v6_33 |
Stateless Address Autoconfiguration on the WAN |
cpe_v6_34 |
DHCPv6 on the WAN |
cpe_v6_35 |
DHCPv6 NTP Server Option |
cpe_v6_36 |
DHCPv6 SOL_MAX_RT Option |
cpe_v6_37 |
Unique Local Addresses |
cpe_v6_38 |
ULA Consistency |
cpe_v6_39 |
ULA Site Border |
cpe_v6_40 |
Router Lifetime with only ULA prefixes |
cpe_v6_41 |
Dynamic Routing Protocols |
cpe_v6_42 |
Prefix Exclude Option |
cpe_v6_43 |
LAN DHCPv6 Server |
cpe_v6_44 |
DNS Information in DHCPv6 Messages |
cpe_v6_45 |
DNS Information in Router Advertisements |
cpe_v6_46 |
Ingress Filtering |
cpe_v6_47 |
Processing Router Advertisements on the LAN |
sip-v6.tcl
SIP over IPv6 testing
| Test Name | Synopsis |
|---|---|
ipv6_sip_1 |
Verify SIPv6 registration |
ipv6_sip_2 |
Verify SIPv6 registration with short format SIP headers |
ipv6_sip_10 |
Verify SIPv6 outbound call |
ipv6_sip_11 |
Verify short format SIP headers during outbound SIPv6 call |
ipv6_sip_20 |
Verify SIPv6 inbound call |
ipv6_sip_21 |
Verify short format SIP headers during inbound SIPv6 call |
ipv6_sip_200 |
Verify outbound SIPv6 calls with multiple DHCP LAN clients |
ipv6_sip_201 |
Verify outbound SIPv6 calls with multiple DHCP LAN clients without registering a port |
ipv6_sip_300 |
Verify outbound SIPv6 calls with multiple DHCP LAN clients (TCP) |
ipv6_sip_301 |
Verify outbound SIPv6 calls with multiple DHCP LAN clients (TCP) without registering a port |
triggerp-v6.tcl
Tests to verify configured IPv6 trigger ports on the router
| Test Name | Synopsis |
|---|---|
ipv6_tport_10 |
Verify basic case for each configured IPv6 trigger port application |
ipv6_tport_30 |
Verify multiple LAN hosts can use IPv6 trigger ports after mappings are aged out |
rfc6092.tcl
IETF RFC 6092 simple security in IPv6 gateway CPE tests
| Test Name | Synopsis |
|---|---|
rfc6092_rec_1 |
Section 3.1: Stateless filters, REC-1 |
rfc6092_rec_2 |
Section 3.1: Stateless filters, REC-2 |
rfc6092_rec_3 |
Section 3.1: Stateless filters, REC-3 |
rfc6092_rec_4 |
Section 3.1: Stateless filters, REC-4 |
rfc6092_rec_5 |
Section 3.1: Stateless filters, REC-5 |
rfc6092_rec_6 |
Section 3.1: Stateless filters, REC-6 |
rfc6092_rec_7 |
Section 3.1: Stateless filters, REC-7 |
rfc6092_rec_8 |
Section 3.1: Stateless filters, REC-8 |
rfc6092_rec_9 |
Section 3.1: Stateless filters, REC-9 |
rfc6092_rec_10 |
Section 3.2.1: Internet Control and Management, REC-10 |
rfc6092_rec_12 |
Section 3.2.2: Upper Layer Transport Protocols, REC-12 |
rfc6092_rec_14 |
Section 3.2.3: UDP Filters, REC-14 |
rfc6092_rec_16 |
Section 3.2.3: UDP Filters, REC-16 |
rfc6092_rec_17 |
Section 3.2.3: UDP Filters, REC-17 |
rfc6092_rec_18 |
Section 3.2.3: UDP Filters, REC-18 |
rfc6092_rec_19 |
Section 3.2.3: UDP Filters, REC-19 |
rfc6092_rec_20 |
Section 3.2.3: UDP Filters, REC-20 |
rfc6092_rec_21 |
Section 3.2.4: IPSec and Internet Key Exchange (IKE), REC-21 |
rfc6092_rec_31 |
Section 3.3.1: TCP Filters, REC-31 |
rfc6092_rec_32 |
Section 3.3.1: TCP Filters, REC-32 |
rfc6092_rec_33 |
Section 3.3.1: TCP Filters, REC-33 |
rfc6092_rec_34 |
Section 3.3.1: TCP Filters, REC-34 |
rfc6092_rec_35 |
Section 3.3.1: TCP Filters, REC-35 |
rfc6092_rec_36 |
Section 3.3.1: TCP Filters, REC-36 |
rfc6092_rec_37 |
Section 3.3.1: TCP Filters, REC-37 |
rfc6092_rec_38 |
Section 3.3.2: SCTP Filters, REC-38 |
rfc6092_rec_39 |
Section 3.3.2: SCTP Filters, REC-39 |
rfc6092_rec_40a |
Section 3.3.2: SCTP Filters, REC-40, Part A |
rfc6092_rec_40b |
Section 3.3.2: SCTP Filters, REC-40, Part B |
rfc6092_rec_41 |
Section 3.3.2: SCTP Filters, REC-41 |
rfc6092_rec_42 |
Section 3.3.2: SCTP Filters, REC-42 |
rip-ng.tcl
RIPng tests for LAN side of the router
| Test Name | Synopsis |
|---|---|
ipv6_ripng_1 |
Verify router sends RIPng update on LAN side |
ipv6_ripng_2 |
Verify router learns new RIPng routes from LAN side RIPng router |
ipv6_ripng_5 |
Verify router responds to RIPng requests on LAN interface |
ipv6_ripng_10 |
Verify router selects RIPng route with lowest metric |
ipv6_ripng_12 |
Verify router ignores routes with a metric of 16 |
ipv6_ripng_20 |
Verify router uses split horizon or poison reverse for learned RIPng routes |
ipv6_ripng_30 |
Verify router announces default route on LAN side |
ipv6_ripng_100 |
Verify the maximum number of RIPng routes supported |
ipv6_ripng_200 |
Verify router learns new RIPng routes from WAN side RIPng router |
ipv6_ripng_300 |
Verify router processes Next Hop RTEs in RIPng route list |
mdns-v6.tcl
IPv6 mDNS related test cases
| Test Name | Synopsis |
|---|---|
ipv6_mdns_10 |
Verify DUT responds to IPv6 one-shot mDNS query of its hostname |
ipv6_mdns_11 |
Verify DUT responds to IPv6 one-shot mDNS reverse query of its LAN IP |
ipv6_mdns_12 |
Verify DUT returns DNS-Service Discovery records for its web server over IPv6 using one-shot mDNS |
ipv6_mdns_13 |
Verify DUT does not forward IPv6 LAN one-shot mDNS query onto the WAN |
ipv6_mdns_14 |
Verify DUT returns TXT and SRV records for its web server over IPv6 using one-shot mDNS |
ipv6_mdns_20 |
Verify DUT responds to IPv6 mDNS query of its hostname |
ipv6_mdns_21 |
Verify DUT responds to IPv6 mDNS reverse query of its LAN IP |
ipv6_mdns_22 |
Verify DUT returns DNS-Service Discovery records for its web server over IPv6 |
ipv6_mdns_23 |
Verify DUT does not forward IPv6 LAN mDNS query onto the WAN |
ipv6_mdns_24 |
Verify DUT returns TXT and SRV records for its web server over IPv6 |
http-v6.tcl
IPv6 HTTP related test cases
| Test Name | Synopsis |
|---|---|
ipv6_http_100 |
Verify IPv6 HTTP/1.0 GET connections |
ipv6_http_101 |
Verify IPv6 HTTP/1.0 POST connections |
ipv6_http_102 |
Verify IPv6 HTTP/1.0 HEAD connections |
ipv6_http_103 |
Verify IPv6 HTTP/1.0 GET connections with large number of headers |
ipv6_http_200 |
Verify IPv6 HTTP/1.1 GET connections |
ipv6_http_201 |
Verify IPv6 HTTP/1.1 POST connections |
ipv6_http_202 |
Verify IPv6 HTTP/1.1 HEAD connections |
ipv6_http_203 |
Verify IPv6 HTTP/1.1 PUT connections |
ipv6_http_204 |
Verify IPv6 HTTP/1.1 OPTIONS connections |
ipv6_http_205 |
Verify IPv6 HTTP/1.1 DELETE connections |
ipv6_http_206 |
Verify IPv6 HTTP/1.1 GET connections with large number of headers |
ipv6_http_250 |
Verify IPv6 HTTP/1.1 GET connections with chunked encoding |
ipv6_http_260 |
Verify IPv6 HTTP/1.1 proxy idle timeout |
ipv6_http_300 |
Verify IPv6 HTTP/1.1 WebSocket Ping message |
ipv6_http_301 |
Verify IPv6 HTTP/1.1 WebSocket Text message |
https-v6.tcl
IPv6 HTTPS related test cases
| Test Name | Synopsis |
|---|---|
ipv6_https_100 |
Verify IPv6 HTTPS/1.0 GET connections |
ipv6_https_101 |
Verify IPv6 HTTPS/1.0 POST connections |
ipv6_https_102 |
Verify IPv6 HTTPS/1.0 HEAD connections |
ipv6_https_103 |
Verify IPv6 HTTPS/1.0 GET connections with large number of headers |
ipv6_https_200 |
Verify IPv6 HTTPS/1.1 GET connections |
ipv6_https_201 |
Verify IPv6 HTTPS/1.1 POST connections |
ipv6_https_202 |
Verify IPv6 HTTPS/1.1 HEAD connections |
ipv6_https_203 |
Verify IPv6 HTTPS/1.1 PUT connections |
ipv6_https_204 |
Verify IPv6 HTTPS/1.1 OPTIONS connections |
ipv6_https_205 |
Verify IPv6 HTTPS/1.1 DELETE connections |
ipv6_https_206 |
Verify IPv6 HTTPS/1.1 GET connections with large number of headers |
ipv6_https_250 |
Verify IPv6 HTTPS/1.1 GET connections with chunked encoding |
ipv6_https_300 |
Verify IPv6 HTTPS/1.1 WebSocket Ping message |
ipv6_https_301 |
Verify IPv6 HTTPS/1.1 WebSocket Text message |
http2-v6.tcl
IPv6 HTTP/2 related test cases
| Test Name | Synopsis |
|---|---|
ipv6_http2_100 |
Verify HTTP/2 GET connections |
ipv6_http2_101 |
Verify HTTP/2 POST connections |
ipv6_http2_102 |
Verify HTTP/2 HEAD connections |
ipv6_http2_103 |
Verify HTTP/2 PUT connections |
ipv6_http2_104 |
Verify HTTP/2 OPTIONS connections |
ipv6_http2_105 |
Verify HTTP/2 DELETE connections |
ipv6_http2_106 |
Verify HTTP/2 GET connections with large number of headers |
http2-tls-v6.tcl
IPv6 HTTP/2 over TLS related test cases
| Test Name | Synopsis |
|---|---|
ipv6_http2_tls_100 |
Verify HTTP/2 GET connections over TLS |
ipv6_http2_tls_101 |
Verify HTTP/2 POST connections over TLS |
ipv6_http2_tls_102 |
Verify HTTP/2 HEAD connections over TLS |
ipv6_http2_tls_103 |
Verify HTTP/2 PUT connections over TLS |
ipv6_http2_tls_104 |
Verify HTTP/2 OPTIONS connections over TLS |
ipv6_http2_tls_105 |
Verify HTTP/2 DELETE connections over TLS |
ipv6_http2_tls_106 |
Verify HTTP/2 GET connections over TLS with large number of headers |
upnp-v6.tcl
IPv6 UPnP tests for routers that support IGDv1/IGDv2 devices
| Test Name | Synopsis |
|---|---|
ipv6_ssdp_1 |
Verify UPnP router responds to SSDP Discovery Requests on LAN (IPv6) |
ipv6_ssdp_2 |
Verify UPnP router does not respond to SSDP Discovery Requests on WAN (IPv6) |
ipv6_ssdp_3 |
Verify UPnP router supports discovery of required IGD devices and services (IPv6) |
ipv6_ssdp_4 |
Verify UPnP router does not respond to SSDP Discovery Requests without MX header (IPv6) |
ipv6_ssdp_5 |
Verify UPnP router responds to unicast SSDP Discovery Requests on LAN (IPv6) |
ipv6_ssdp_6 |
Verify required headers of M-SEARCH responses on LAN (IPv6) |
ipv6_upnp_10 |
Verify XML description of IGD root device can be parsed (IPv6) |
ipv6_upnp_12 |
Verify XML descriptions cannot be loaded from the WAN side of router (IPv6) |
ipv6_upnp_20 |
Verify XML description for WANIPConnection or WANPPPConnection service can be parsed (IPv6) |
ipv6_upnp_25 |
Verify router responds to UPnP Query for ConnectionStatus (IPv6) |
ipv6_upnp_30 |
Verify UPnP GetExternalIPAddress Action returns WAN IP address (IPv6) |
ipv6_upnp_31 |
Verify UPnP GetStatusInfo Action returns correct ConnectionStatus information (IPv6) |
ipv6_upnp_32 |
Verify UPnP GetStatusInfo Action returns increasing Uptime value (IPv6) |
ipv6_upnp_35 |
Add/delete dynamic UPnP TCP port mapping for wildcard IP source address (IPv6) |
ipv6_upnp_36 |
Add/delete dynamic UPnP TCP port mapping for specific IP source address (IPv6) |
ipv6_upnp_40 |
Add/delete dynamic UPnP UDP port mapping for wildcard IP source address (IPv6) |
ipv6_upnp_41 |
Add/delete dynamic UPnP UDP port mapping for specific IP source address (IPv6) |
ipv6_upnp_45 |
Verify UPnP Router rejects new port mappings that conflict (IPv6) |
ipv6_upnp_50 |
Verify dynamic UPnP port mapping is deleted when lease expires (IPv6) |
ipv6_upnp_100 |
Maximum number of UPnP TCP dynamic port mappings (IPv6) |
ipv6_upnp_200 |
Verify UPnP clients can subscribe/unsubcribe to events for WANIPConnection or WANPPPConnection (IPv6) |
ipv6_upnp_201 |
Verify UPnP clients can subscribe to events with infinite subscription time (IPv6) |
ipv6_upnp_202 |
Verify UPnP clients can renew NOTIFY events for WANIPConnection or WANPPPConnection (IPv6) |
ipv6_upnp_203 |
Verify router sends UPnP NOTIFY events for ConnectionStatus (IPv6) |
ipv6_upnp_204 |
Verify router sends UPnP NOTIFY events with updated ExternalIPAddress (IPv6) |
ipv6_upnp_210 |
Verify router stops sending NOTIFY events when subscription expires (IPv6) |
ipv6_upnp_220 |
Verify the maximum number of UPnP event subscriptions that can be created (IPv6) |
ipv6_upnp_400 |
Check for UPnP format string vulnerability used by BCMPUPnP_Hunter malware |
ipv6_ssdp_igd2_3 |
Verify UPnP router supports discovery of required IGD devices and services (IGD2,IPv6) |
ipv6_upnp_igd2_10 |
Verify XML description of IGD root device can be parsed (IGD2,IPv6) |
ipv6_upnp_igd2_12 |
Verify XML descriptions cannot be loaded from the WAN side of router (IGD2,IPv6) |
ipv6_upnp_igd2_20 |
Verify XML description for WANIPConnection or WANPPPConnection service can be parsed (IGD2,IPv6) |
ipv6_upnp_igd2_25 |
Verify router responds to UPnP Query for ConnectionStatus (IGD2,IPv6) |
ipv6_upnp_igd2_30 |
Verify UPnP GetExternalIPAddress Action returns WAN IP address (IGD2,IPv6) |
ipv6_upnp_igd2_31 |
Verify UPnP GetStatusInfo Action returns correct ConnectionStatus information (IGD2,IPv6) |
ipv6_upnp_igd2_32 |
Verify UPnP GetStatusInfo Action returns increasing Uptime value (IGD2,IPv6) |
ipv6_upnp_igd2_35 |
Add/delete dynamic UPnP TCP port mapping for wildcard IP source address (IGD2,IPv6) |
ipv6_upnp_igd2_36 |
Add/delete dynamic UPnP TCP port mapping for specific IP source address (IGD2,IPv6) |
ipv6_upnp_igd2_40 |
Add/delete dynamic UPnP UDP port mapping for wildcard IP source address (IGD2,IPv6) |
ipv6_upnp_igd2_41 |
Add/delete dynamic UPnP UDP port mapping for specific IP source address (IGD2,IPv6) |
ipv6_upnp_igd2_45 |
Verify UPnP Router rejects new port mappings that conflict (IGD2,IPv6) |
ipv6_upnp_igd2_50 |
Verify dynamic UPnP port mapping is deleted when lease expires (IGD2,IPv6) |
ipv6_upnp_igd2_100 |
Maximum number of UPnP TCP dynamic port mappings (IGD2,IPv6) |
ipv6_upnp_igd2_200 |
Verify UPnP clients can subscribe/unsubcribe to events for WANIPConnection or WANPPPConnection (IGD2,IPv6) |
ipv6_upnp_igd2_201 |
Verify UPnP clients can subscribe to events with infinite subscription time (IGD2,IPv6) |
ipv6_upnp_igd2_202 |
Verify UPnP clients can renew NOTIFY events for WANIPConnection or WANPPPConnection (IGD2,IPv6) |
ipv6_upnp_igd2_203 |
Verify router sends UPnP NOTIFY events for ConnectionStatus (IGD2,IPv6) |
ipv6_upnp_igd2_204 |
Verify router sends UPnP NOTIFY events with updated ExternalIPAddress (IGD2,IPv6) |
ipv6_upnp_igd2_210 |
Verify router stops sending NOTIFY events when subscription expires (IGD2,IPv6) |
ipv6_upnp_igd2_220 |
Verify the maximum number of UPnP event subscriptions that can be created (IGD2,IPv6) |
ipv6_upnp_igd2_230 |
Verify router responds to UPnP GetFirewallStatus action (IGD2,IPv6) |
ipv6_upnp_igd2_300 |
Add/delete dynamic UPnP TCP port mapping for wildcard IPv6 source address (IGD2,IPv6) |
ipv6_upnp_igd2_301 |
Add/delete dynamic UPnP TCP port mapping for specific IPv6 source address (IGD2,IPv6) |
ipv6_upnp_igd2_302 |
Add/delete dynamic UPnP port mapping for wildcard IPv6 source address (IGD2,IPv6) |
ipv6_upnp_igd2_303 |
Add/delete dynamic UPnP port mapping for specific IPv6 source address (IGD2,IPv6) |
ipv6_upnp_igd2_304 |
Verify IPv6 dynamic UPnP port mapping is deleted when lease expires (IGD2,IPv6) |
ipv6_upnp_igd2_305 |
Maximum number of UPnP IPv6 TCP dynamic port mappings (IGD2,IPv6) |
ipv6_upnp_igd2_306 |
Update lease time for UPnP TCP port mapping (IGD2,IPv6) |
ipv6_upnp_igd2_307 |
Verify GetPinholePackets action returns increasing packet count (IGD2,IPv6) |
ipv6_upnp_igd2_400 |
Check for UPnP format string vulnerability used by BCMPUPnP_Hunter malware |
ipv6-mss.tcl
IPv6 MSS tests for routers that support IPv6 TCP MSS clamping
| Test Name | Synopsis |
|---|---|
ipv6_mss_100 |
Verify basic MSS Clamping for TCP sessions |
ipv6_mss_110 |
Verify MSS Clamping with TCP options from different clients |
ipv6_mss_120 |
Verify MSS Clamping does not modify smaller MSS values |
mape.tcl
MAP-E / LW4o6 tests for mapping IPv4 to IPv6
| Test Name | Synopsis |
|---|---|
mape_1 |
Verify MAP-E / LW4o6 CE translates outbound packets to destinations outside the MAP domain |
mape_2 |
Verify MAP-E / LW4o6 CE translates inbound packets from destinations outside the MAP domain |
mape_10 |
Verify MAP-E / LW4o6 CE translates outbound TCP connections with source port inside the PSID set |
mape_11 |
Verify MAP-E / LW4o6 CE translates outbound TCP connections with source port outside the PSID set |
mape_12 |
Verify MAP-E / LW4o6 CE translates outbound UDP connections with source port inside the PSID set |
mape_13 |
Verify MAP-E / LW4o6 CE translates outbound UDP connections with source port outside the PSID set |
mape_14 |
Verify MAP-E / LW4o6 CE does not translate packets with bad source address |
mape_20 |
Verify MAP-E / LW4o6 CE sets IPv6 Hop Limit to correct value when translating packets |
mape_21 |
Verify MAP-E / LW4o6 CE sets IPv6 Traffic Class to correct value when translating packets |
mape_22 |
Verify MAP-E / LW4o6 CE sets IPv6 Flow Label to correct value when translating packets |
mape_23 |
Verify MAP-E / LW4o6 CE sets IPv6 Next Header to correct value when translating packets |
mape_30 |
Verify MAP-E / LW4o6 CE fragments large outbound packets with either IPv4 or IPv6 |
mape_31 |
Verify MAP-E / LW4o6 CE generates ICMPv4 Destination Unreachable if packet needs fragmentation and DF=1 |
mape_32 |
Verify MAP-E / LW4o6 CE properly handles outbound IPv4 fragments originating from LAN |
mape_33 |
Verify MAP-E / LW4o6 CE properly handles outbound IPv4 fragments which require IPv6 fragmentation |
mape_34 |
Verify MAP-E / LW4o6 CE properly handles incoming IPv6 fragments from BR |
mape_35 |
Verify MAP-E / LW4o6 CE properly handles incoming IPv4 fragments from BR |
mape_40 |
Verify MAP-E / LW4o6 CE properly rewrites ICMPv4 Identifier field |
mape_41 |
Verify MAP-E / LW4o6 CE properly handles ICMPv4 error messages |
mapt.tcl
MAP-T tests for mapping IPv4 to IPv6
| Test Name | Synopsis |
|---|---|
mapt_1 |
Verify MAP-T CE translates outbound packets to destinations outside the MAP domain |
mapt_2 |
Verify MAP-T CE translates inbound packets from destinations outside the MAP domain |
mapt_10 |
Verify MAP-T CE translates outbound TCP connections with source port inside the PSID set |
mapt_11 |
Verify MAP-T CE translates outbound TCP connections with source port outside the PSID set |
mapt_12 |
Verify MAP-T CE translates outbound UDP connections with source port inside the PSID set |
mapt_13 |
Verify MAP-T CE translates outbound UDP connections with source port outside the PSID set |
mapt_14 |
Verify MAP-T CE does not translate packets with bad source address |
mapt_20 |
Verify MAP-T CE sets IPv6 Hop Limit to correct value when translating packets |
mapt_21 |
Verify MAP-T CE sets IPv6 Traffic Class to correct value when translating packets |
mapt_22 |
Verify MAP-T CE sets IPv6 Flow Label to correct value when translating packets |
mapt_23 |
Verify MAP-T CE sets IPv6 Next Header to correct value when translating packets |
mapt_24 |
Verify MAP-T CE ignores IPv4 options when translating packets |
mapt_30 |
Verify MAP-T CE fragments large outbound packets with either IPv4 or IPv6 |
mapt_31 |
Verify MAP-T CE generates ICMPv4 Destination Unreachable if packet needs fragmentation and DF=1 |
mapt_32 |
Verify MAP-T CE properly handles outbound IPv4 fragments originating from LAN |
mapt_33 |
Verify MAP-T CE properly handles outbound IPv4 fragments which require IPv6 fragmentation |
mapt_34 |
Verify MAP-T CE properly handles incoming IPv6 fragments from BR |
mapt_40 |
Verify MAP-T CE properly translates ICMPv4 packets |
mapt_41 |
Verify MAP-T CE drops unsupported ICMPv4 message types |
mapt_42 |
Verify MAP-T CE translates ICMPv4 Destination Unreachable codes into ICMPv6 |
ipsec-esp-v6.tcl
IPv6 IPSEC ESP tests for IPSEC based VPNs
| Test Name | Synopsis |
|---|---|
ipv6_esp_1 |
Verify the ESP header sequence number increases with each new IPv6 IPSEC ESP packet |
ipv6_esp_3 |
Verify manual IPv6 IPSEC keys continue to work after ESP sequence number wraps |
ipv6_esp_5 |
Verify no anti-relay techniques are used with manual IPv6 IPSEC keys |
ipv6_esp_8 |
Verify inner IPv6 Hop Limit is decremented for IPSEC tunneled packet |
ipv6_esp_10 |
Verify IPv6 packets with wrong ESP authentication are dropped |
ipv6_esp_20 |
Verify Incoming IPv6 fragments for ESP tunnel are reassembled |
ipv6_esp_21 |
Verify out-of-order IPv6 fragments for ESP tunnel are reassembled |
ipv6_esp_100 |
Verify router supports PMTU discovery for packets sent over IPSEC tunnel |
ipv6_esp_200 |
Verify return IPv6 traffic that does not use IPSEC/ESP is dropped |
ipv6_esp_400 |
Verify all configured IPv6 IPSEC tunnels are operational |
ipsecpt-v6.tcl
IPv6 IPSEC based VPN pass through from the LAN to the WAN
| Test Name | Synopsis |
|---|---|
ipv6_ipsecpt_1 |
Verify IPv6 IKE packets pass through router on UDP port 500 |
ipv6_ipsecpt_2 |
Verify tunnel mode IPv6 IPSEC packets pass through router |
ipv6_ipsecpt_3 |
Fragmented tunnel mode IPv6 IPSEC packets are forwarded between LAN and WAN |
ipv6_ipsecpt_100 |
Verify the maximum number of IPv6 IPSEC connections for a single LAN host |
ipv6_ipsecpt_110 |
Verify IPv6 IPSEC connections with multiple LAN clients using same VPN server |
ipv6_ipsecpt_120 |
Verify IPv6 IKE with multiple LAN clients using same VPN server |
