NAME

  RTU_A_Out_hmacsha1 - Router Tunnel Mode AH Outbound with HMAC-SHA1


TARGET

  Router


SYNOPSIS

  RTU_A_Out_hmacsha1.seq [-tooloption ...] -pkt RTU_A_hmacsha1.def
    -tooloption : v6eval tool option
  See also HTR_A_common.def and HTR_common.def


INITIALIZATION

For details of Network Topology, see 00README

Set NUT's SAD and SPD as following:

                           (Link0)  (Link1)
            NET4   NET2      NET0   NET1
  HOST1_NET4 -> SG1 -> Router -> NUT -> HOST1_NET1
                 <====tunnel=======

Security Association Database (SAD)

source address NUT_NET0
destination address SG1_NET2
SPI 0x1000
mode tunnel
protocol AH
AH algorithm HMAC-SHA1
AH algorithm key TAHITEST89ABCDEF0123

Security Policy Database (SPD)

tunnel source address NUT_NET0
tunnel destination address SG1_NET2
source address NET1
destination address NET4
upper spec any
direction out
protocol AH
mode tunnel


TEST PROCEDURE

 Tester                      Target                      Tester
              (Link0)                     (Link1)
   |                           |                           |
   |                           |<--------------------------|
   |                           |      ICMP Echo Reply      |
   |                           |                           |
   |<--------------------------|                           |
   |      ICMP Echo Reply      |                           |
   |     (within AH tunnel)    |                           |
   |                           |                           |
   |                           |                           |
   v                           v                           v
  1. Send ICMP Echo Reply to Link1
  2. Receive ICMP Echo Reply within AH tunnel from Link0

ICMP Echo Reply to Link1

IP Header Source Address HOST1_NET1
Destination Address HOST1_NET4
ICMP Type 129 (Echo Reply)

ICMP Echo Reply within AH tunnel from Link0

IP Header Source Address NUT_NET0
Destination Address SG1_NET2
AH SPI 0x1000
Algorithm HMAC-SHA1
Key TAHITEST89ABCDEF0123
IP Header Source Address HOST1_NET1
Destination Address HOST1_NET4
ICMP Type 129 (Echo Reply)


JUDGMENT

  PASS: ICMP Echo Reply within AH tunnel received


SEE ALSO

  perldoc V6evalTool
  IPSEC.html IPsec Test Common Utility