RTU_A_In_Order_DSTH - Router Tunnel Mode AH Inbound Header Order (Destination Options Header vs AH)
Router
RTU_A_In_Order_DSTH.seq [-tooloption ...] -pkt RTU_A_Order_DSTH.def
-tooloption : v6eval tool option
See also HTR_A_common.def and HTR_common.def
For details of Network Topology, see 00README
Set NUT's SAD and SPD as following:
(Link0) (Link1)
NET4 NET2 NET0 NET1
HOST1_NET4 -- SG1 -- Router -- NUT -- HOST1_NET1
=====tunnel======>
Security Association Database (SAD)
| source address | SG1_NET2 |
| destination address | NUT_NET0 |
| SPI | 0x1000 |
| mode | tunnel |
| protocol | AH |
| AH algorithm | HMAC-MD5 |
| AH algorithm key | TAHITEST89ABCDEF |
Security Policy Database (SPD)
| No SPD entry |
Tester Target Tester
(Link0) (Link1)
| | |
|-------------------------->| |
| ICMP Echo Request | |
| [DSTH][AH] | |
| (with AH) | |
| |-------------------------->|
| | ICMP Echo Request |
| | |
| | |
|-------------------------->| |
| ICMP Echo Request | |
| [AH][DSTH] | |
| (with AH) | |
| | (---------------------->) |
| | No ICMP Echo Request |
| | |
| | |
| | |
v v v
ICMP Echo Request [DSTH][AH] to Link0
| IP Header | Source Address | SG1_NET2 |
| Destination Address | NUT_NET0 | |
| Destination Options Header | Type | PadN |
| AH | SPI | 0x1000 |
| Algorithm | HMAC-MD5 | |
| Key | TAHITEST89ABCDEF | |
| IP Header | Source Address | HOST1_NET4 |
| Destination Address | HOST1_NET1 | |
| ICMP | Type | 128 (Echo Request) |
ICMP Echo Request from Link1
| IP Header | Source Address | HOST1_NET4 |
| Destination Address | HOST1_NET1 | |
| ICMP | Type | 128 (Echo Request) |
ICMP Echo Request [AH][DSTH] to Link0
| IP Header | Source Address | SG1_NET2 |
| Destination Address | NUT_NET0 | |
| AH | SPI | 0x1000 |
| Algorithm | HMAC-MD5 | |
| Key | TAHITEST89ABCDEF | |
| Destination Options Header | Type | PadN |
| IP Header | Source Address | HOST1_NET4 |
| Destination Address | HOST1_NET1 | |
| ICMP | Type | 128 (Echo Request) |
ICMP Echo Request from Link1
| IP Header | Source Address | HOST1_NET4 |
| Destination Address | HOST1_NET1 | |
| ICMP | Type | 128 (Echo Request) |
PASS: ICMP Echo Request received
perldoc V6evalTool
IPSEC.html IPsec Test Common Utility