NAME

hostRecvRaInvalid - Verifying that NUT discard invalid RAs


TARGET

Host only


SYNOPSIS

  hostRecvRaInvalid.seq [-tooloption ...] -p hostRecvRaInvalid.def


INITIALIZATION

  Clear NC state for TN.


TEST PROCEDURE

hostRecvRaInvalid verifies that NUT discard invalid RAs.

  TN               NUT
  ----------------------

State: NONCE (for TN)
==== invalid RA ===>
Judgment: Examining NUT's neighbor cache state


JUDGMENT


6.1.2. Validation of Router Advertisement Messages
A node must silently discard any received Router Advertisement messages that do not satisfy all of the following validity checks:
- IP Source Address is a link-local address. Routers must use their link-local address as the source for Router Advertisement and Redirect messages so that hosts can uniquely identify routers.
- The IP Hop Limit field has a value of 255, i.e., the packet could not possibly have been forwarded by a router.
- If the message includes an IP Authentication Header, the message authenticates correctly.
- ICMP Checksum is valid.
- ICMP Code is 0.
- ICMP length (derived from the IP length) is 16 or more octets.
- All included options have a length that is greater than zero.
==================================================+==================== Invalid RA | The Neighbor Cache -----------+----------+-------+-------------------+---------+---------- Src | Dst | SLLA | Other | Current | New ===========+==========+=======+===================+=========+========== *global | all-node | exist | N/A | NONCE | unchanged -----------+----------+-------+-------------------+---------+---------- link-local | all-node | exist | *hop limit=2 | NONCE | unchanged -----------+----------+-------+-------------------+---------+---------- link-local | all-node | exist | *invalid checksum | NONCE | unchanged -----------+----------+-------+-------------------+---------+---------- link-local | all-node | exist | *icmp code=1 | NONCE | unchanged ===========+==========+=======+===================+=========+==========


TERMINATION

  N/A


NOTE

  The test does not invoke any remote command.


SEE ALSO

  perldoc V6evalTool
  perldoc V6evalRemote