-
Notifications
You must be signed in to change notification settings - Fork 1
/
INSTALL.ct
416 lines (291 loc) · 11.2 KB
/
INSTALL.ct
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
Installing IPv6 Conformance Test Package
TAHI Project
$Date: 2003/04/23 08:55:15 $
Terminology
===========
Tester Node (TN)
A tester node for the conformance tests.
Node Under Test (NUT)
A testee node for the conformance tests.
Network Under Test
The network where the conformance tests are executed.
Tester Interface
The network interface of TN
hooked up to the Network Under Test.
Interface Under Test
The network interface of NUT
hooked up to the Network Under Test.
Prerequisites
=============
Prerequisites for TN:
- The package supports only FreeBSD 4.6 or higher.
- The package can also coexist with FreeBSD version of KAME.
- It is mandatory to install IPv6 Conformance Test Platform
"v6eval" that is also written by TAHI project. For more
information, please refer to 00README.v6eval.
Installing the package onto TN
==============================
0. Before Starting
Make sure that you completed installing "v6eval" package.
Please refer to 00README.v6eval for more information.
1. Extracting ct package
% tar zxvf ct-X.X.tar.gz
2. Installing ct package
% cd ct-X.X
% su
# make install
With the above steps, you can install ct package into
/usr/local/v6eval/ct directory.
Be sure not to run the tests within this directory.
3. Copying ct package
Copy ct directory to any directory you like.
% cp -pR /usr/local/v6eval/ct $SOMEWHERE/ct
% chmod -R +w $SOMEWHERE/ct
Configuration
============
1. Physical Configurations
1.1. Network Under Test
Hook up the Tester Interface of TN to the Network Under Test.
Tester Interface of TN can be configured for IPv4 and for IPv6 as well.
Hook up the Interface Under Test of NUT to the Network Under Test.
Interface Under Test of NUT must be configured for IPv6, while it can
be configured for IPv4 too.
Make sure that any other nodes are not hooked up to the network
because their packets would disturb the conformance tests.
Example: (If NUT is host implementation)
TN NUT
|the Tester I/f: ed1 |the I/f Under Test: fxp0
| |
| |
-+-----------------------+- Link0
the Network Under Test
Example: (If NUT is router implementation)
-+-----------------------+- Link1
| |
| |
|the Tester I/f: ed2 |the I/f Under Test: fxp1
TN NUT
|the Tester I/f: ed1 |the I/f Under Test: fxp0
| |
| |
-+-----------------------+- Link0
the Network Under Test
1.2. Serial line
Connect both COM ports of TN and NUT with
a Null-modem cable (or a RS232C cross cable).
Example:
COM1 COM1
TN -------------------- NUT
serial line
(Null-modem cable)
The following Null-modem cable is required to connect TN and NUT
if a cable is DSUB-9 pins.
1 DCD ********** open ********* 1 DCD
2 RXD ------------------------- 3 TXD
3 TXD ------------------------- 2 RSD
4 DTR ------------------------- 6 DSR
6 DSR ------------------------- 4 DTR
5 GND ------------------------- 5 GND
7 RTS ------------------------- 8 CTS
8 CTS ------------------------- 7 RTS
9 CE ********** open ********* 9 CE
For details, please read "Serial Communications" of the handbook of FreeBSD:
http://www.freebsd.org/handbook/
2. Configuration of NUT (example)
2.1. FreeBSD 4.7-RELEASE
2.1.1. /etc/resolv.conf
Remove /etc/resolv.conf to prevent NUT from issuing unnecessary packets
that would disturb the tests.
2.1.2. Default route
It is recommended to remove IPv4 default route, though it is not mandatory.
2.1.3. Account of the super user
It is set as a prerequisite for NUT that TN has the following account:
- user-name: root
- password: v6eval
- login shell: /bin/csh
- prompt: #
2.1.4. /etc/rc.conf
If NUT is a host, at least, you must need the following line to rc.conf.
ipv6_enable="YES"
Example: /etc/rc.conf
==========================================================
ipv6_enable="YES"
ipv6_network_interfaces="fxp0"
ipv6_default_interface="fxp0"
==========================================================
If NUT is a router, you need more modification to rc.conf.
Important points:
- Do not run any kind of routing daemon
which packets would disturb the tests.
- Assign a prefix "3ffe:501:ffff:100/64" and "3ffe:501:ffff:101/64"
on Interface Under Test.
Example: /etc/rc.conf
==========================================================
ipv6_enable="YES"
ipv6_default_interface="fxp0"
ipv6_gateway_enable="YES"
ipv6_network_interfaces="fxp0 fxp1"
ipv6_prefix_fxp0="3ffe:501:ffff:100"
ipv6_prefix_fxp1="3ffe:501:ffff:101"
rtadvd_enable="NO"
==========================================================
- If you would like to test IPsec for IPv4,
you must configure NUT as router for IPv4.
Example: /etc/rc.conf
==========================================================
gateway_enable="YES"
==========================================================
2.1.5. /etc/rtadvd.conf
The current version of the tests does not require you to run a rtadvd daemon
even if NUT is a router.
2.1.6. /etc/ttys
TN requires you to log into NUT as a super user.
To log into NUT, modify /etc/ttys.
Example: /etc/ttys
==========================================================
--- ttys.orig Fri Oct 12 13:32:01 2001
+++ ttys Fri Oct 12 13:32:54 2001
@@ -42,6 +42,7 @@
ttyv8 "/usr/X11R6/bin/xdm -nodaemon" xterm off secure
# Serial terminals
# The 'dialup' keyword identifies dialin lines to login, fingerd etc.
+cuaa0 "/usr/libexec/getty std.9600" unknown on secure
ttyd0 "/usr/libexec/getty std.9600" dialup off secure
ttyd1 "/usr/libexec/getty std.9600" dialup off secure
ttyd2 "/usr/libexec/getty std.9600" dialup off secure
==========================================================
NOTE: The cuaa* drivers are safer than the ttyd* drivers
because the cuaa* drivers can work with a Null-modem cable
that drops CD signals.
For more information, please read "Serial Communications"
of the handbook of FreeBSD:
http://www.freebsd.org/handbook/
2.1.7. /etc/inetd.conf
If you want to execute the test 'IPSec AH and ESP for IPv4(UDP)',
you need to open the port echo/udp.
/etc/inetd.conf
================================================================
--- inetd.conf.orig Thu Oct 3 10:29:34 2002
+++ inetd.conf Thu Oct 3 10:29:57 2002
@@ -42,10 +42,10 @@
#time stream tcp6 nowait root internal
#time dgram udp wait root internal
#time dgram udp6 wait root internal
-#echo stream tcp nowait root internal
+echo stream tcp nowait root internal
echo dgram udp6 wait root internal
echo dgram udp wait root internal
-#echo stream tcp6 nowait root internal
+echo stream tcp6 nowait root internal
#discard stream tcp nowait root internal
#discard stream tcp6 nowait root internal
#discard dgram udp wait root internal
================================================================
2.1.8. kernel configuration
If you want to execute IPsec test,
you need to re-compile the kernel.
/usr/src/sys/i386/conf/GENERIC
================================================================
--- GENERIC.orig Fri Oct 12 14:19:16 2001
+++ GENERIC Fri Oct 12 14:22:55 2001
@@ -30,6 +30,8 @@
options MATH_EMULATE #Support for x87 emulation
options INET #InterNETworking
options INET6 #IPv6 communications protocols
+options IPSEC #IP security
+options IPSEC_ESP #IP security (crypto; define w/ IPSEC)
options FFS #Berkeley Fast Filesystem
options FFS_ROOT #FFS usable as root device [keep this!]
options SOFTUPDATES #Enable FFS soft updates support
================================================================
# cd /usr/src/sys/i386/conf/
# /usr/sbin/config GENERIC
# cd ../../compile/GENERIC/
# make depend
# make
# make install
3. Configuration of TN
3.1. /etc/resolv.conf
It is recommended to remove /etc/resolv.conf, though it is not mandatory.
3.2. Default route
It is recommended to remove IPv4 default route, though it is not mandatory.
3.3. /usr/local/v6eval/etc/tn.def
You can copy any entry except "Link0" from the sample file.
/usr/local/v6eval/etc/tn.def.sample.
"Link0" entry MUST have:
- the EXACT name of Tester Interface.
- a BOGUS MAC address.
It is important that the Tool can impersonate other nodes.
"LinkX" entries are required only for a router test.
Example: /usr/local/v6eval/etc/tn.def
==========================================================
RemoteDevice cuaa0
RemoteDebug 0
RemoteIntDebug 0
RemoteLog 0
RemoteSpeed 0
RemoteLogout 0
RemoteMethod serial
Link0 ed1 00:00:00:00:01:00
==========================================================
3.4. /usr/local/v6eval/etc/nut.def
You can copy both "System" and "TargetName" from the sample file
/usr/local/v6eval/etc/nut.def.sample.
"HostName" entry SHOULD be a host name of NUT.
"Type" entry MUST be:
- "host" if NUT is configured as a host.
- "router" if NUT is configured as a router.
"User" entry MUST be a name of a super user account of NUT.
"Password" entry MUST be a password of a super user account of
NUT.
"Link0" entry MUST have:
- the EXACT name of the Interface Under Test.
- the EXACT MAC address of the Interface Under Test.
"LinkX" entries are required only for a router test.
Example: /usr/local/v6eval/etc/nut.def
==========================================================
System freebsd-i386
TargetName FreeBSD 4.7-RELEASE
HostName target.tahi.org
Type host
User root
Password v6eval
Link0 fxp0 00:90:27:14:ce:da
==========================================================
3.5. cu command
To run cu command, set up the following.
# touch /var/log/aculog
# chmod a+rw /var/log/aculog
HINT: /etc/fbtab is another way to adjust file permission.
The package uses "/dev/cuaa0" as the default line name
(see /usr/local/v6eval/etc/tn.def).
If TN requires a different line name, modify the following files,
depending on the setups of your machine:
- /etc/remote or else
- "RemoteDevice" entry in /usr/local/v6eval/etc/tn.def
DIAG: If "cu" related customization is not properly performed,
the following command can not be executed successfully:
%cu -l /dev/cuaa0
user: root
password: v6eval
root@NUT#
If /usr/local/v6eval/etc/{nut,tn}.def is not correct,
the following command can not be executed successfully.
%/usr/local/v6eval/bin/kame-freebsd/loginout.rmt -o1
Run the Tests
=============
% cd $SOMEWHERE/ct
% make clean
% make test
It will take a few hours to run the tests. When all tests are completed,
you can see the test results at $SOMEWHERE/ct/index.html.
Note that running the tests clears the previous test results.
If you do not want to lose them, you should make a new copy of ct package
in a different directory.
HINT: To see the test results with Netscape, follow the next steps:
1. Install ethereal of KAME/ports.
2. Register application in Netscape:
MIME Type: application/x-tcpdump
Extension: dump
Action/Application: ethereal -r %s
[End of INSTALL]