HTR_A_In_Fragment - Host Transport Mode AH Inbound Header Order (Fragment Header vs AH)
Host
HTR_A_In_Fragment.seq [-tooloption ...] -pkt HTR_A_Fragment.def
-tooloption : v6eval tool option
See also HTR_A_common.def and HTR_common.def
For details of Network Topology, see 00README
Set NUT's SAD and SPD as following:
NET5 NET3
HOST1_NET5 -- Router -- NUT
----transport----->
Security Association Database (SAD)
| source address | HOST1_NET5 |
| destination address | NUT_NET3 |
| SPI | 0x1000 |
| mode | transport |
| protocol | AH |
| AH algorithm | HMAC-MD5 |
| AH algorithm key | TAHITEST89ABCDEF |
Security Policy Database (SPD)
| source address | HOST1_NET5 |
| destination address | NUT_NET3 |
| upper spec | any |
| direction | in |
| protocol | AH |
| mode | transport |
Update Neighbor Cache
Tester Target | | |-------------------------->| | ICMP Echo Request | | 1st/2nd fragment | | (with AH) | | | |<--------------------------| | ICMP Echo Reply | | 1st/2nd fragment | | | v v
ICMP Echo Request with AH (original)
| IP Header | Source Address | HOST1_NET5 |
| Destination Address | NUT_NET3 | |
| AH | SPI | 0x1000 |
| Algorithm | HAMC-MD5 | |
| Key | TAHITEST89ABCDEF | |
| ICMP | Type | 128 (Echo Request) |
ICMP Echo Request with AH (1st fragment)
| IP Header | Source Address | HOST1_NET5 |
| Destination Address | NUT_NET3 | |
| Fragment Header | Next Header | 51 (AH) |
| Offset | 0 | |
| MFlag | 1 | |
| Payload | data | 1st fragment of ICMP Echo Request with AH |
ICMP Echo Request with AH (2nd fragment)
| IP Header | Source Address | HOST1_NET5 |
| Destination Address | NUT_NET3 | |
| Fragment Header | Next Header | 51 (AH) |
| Offset | 181 | |
| MFlag | 0 | |
| Payload | data | 2nd fragment of ICMP Echo Request with AH |
ICMP Echo Reply (original)
| IP Header | Source Address | NUT_NET3 |
| Destination Address | HOST1_NET5 | |
| ICMP | Type | 129 (Echo Reply) |
ICMP Echo Reply (1st fragment)
| IP Header | Source Address | NUT_NET3 |
| Destination Address | HOST1_NET5 | |
| Fragment Header | Next Header | 58 (ICMP) |
| Offset | 0 | |
| MFlag | 1 | |
| Payload | data | 1st fragment of ICMP Echo Reply |
ICMP Echo Reply (2nd fragment)
| IP Header | Source Address | NUT_NET3 |
| Destination Address | HOST1_NET5 | |
| Fragment Header | Next Header | 58 (ICMP) |
| Offset | 181 | |
| MFlag | 0 | |
| Payload | data | 2nd fragment of ICMP Echo Reply |
PASS: Both ICMP Echo Reply 1st and 2nd fragment received
perldoc V6evalTool
IPSEC.html IPsec Test Common Utility