Login
[x]
Log in using an account from:
Fedora Account System
Red Hat Associate
Red Hat Customer
Or login using a Red Hat Bugzilla account
Forgot Password
Login:
Hide Forgot
Create an Account
Red Hat Bugzilla – Attachment 916986 Details for
Bug 1118121
[TAHI][IKEv2] IKEv2.EN.R.1.1.11.4: IKEv2 device should ignore an IKE request message whose Response bit is set.
[?]
New
Simple Search
Advanced Search
My Links
Browse
Requests
Reports
Current State
Search
Tabular reports
Graphical reports
Duplicates
Other Reports
User Changes
Plotly Reports
Bug Status
Bug Severity
Non-Defaults
|
Product Dashboard
Help
Page Help!
Bug Writing Guidelines
What's new
Browser Support Policy
5.0.4.rh83 Release notes
FAQ
Guides index
User guide
Web Services
Contact
Legal
This site requires JavaScript to be enabled to function correctly, please enable it.
test log
70.html (text/html), 52.20 KB, created by
Hangbin Liu
on 2014-07-10 03:19:21 UTC
(
hide
)
Description:
test log
Filename:
MIME Type:
Creator:
Hangbin Liu
Created:
2014-07-10 03:19:21 UTC
Size:
52.20 KB
patch
obsolete
><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN""http://www.w3c.org/TR/REC-html40/strict.dtd"> ><HTML> ><HEAD> ><TITLE>IPv6 Conformance Test Report</TITLE> ><META NAME="GENERATOR" CONTENT="TAHI IPv6 Conformance Test Kit"> ><script type="text/javascript"> > >var packets = new Array(); > >var POP_ID_PREFIX = "pop"; >var PACKET_INFO_PREFIX = "koiPacketInfo"; > >var COLOR_BG = "#ffdddd"; > >var WINDOW_HEIGHT = 300; >var WINDOW_WIDTH = 300; >var OFFSET_HEIGHT = 5; >var OFFSET_WIDTH = 20; > >var IE = false; >var FF = false; >var NN4 = false; >if (document.all) { > IE = true; >} >else if (document.getElementById) { > FF = true; >} >else if (document.layers) { > NN4 = true; >} > >function popup(id, event) { > var header, footer, pos_x, pos_y, str; > > if (NN4) { > return; > } > > header = '<div style="'; > // header += 'width:' + WINDOW_WIDTH + ';'; > header += 'background-color:' + COLOR_BG + ';'; > header += 'border-width:3pt;'; > header += 'border-style:solid;'; > header += 'border-color:' + COLOR_BG + ';'; > //header += 'padding:0;' > //header += 'margin:0;'; > header += '">'; > > footer = '</div>'; > > str = header; > str += '<pre style="line-height:90%">'; > str += getPacket(id); > str += '</pre>'; > str += footer; > > key = POP_ID_PREFIX + id; > > if (IE) { > pos_x = document.body.scrollLeft+event.clientX; > pos_y = document.body.scrollTop+event.clientY; > document.all(key).style.pixelLeft = pos_x+OFFSET_WIDTH; > document.all(key).style.pixelTop = pos_y+OFFSET_HEIGHT; > document.all(key).innerHTML = str; > document.all(key).style.visibility = 'visible'; > } > else if (FF) { > pos_x = event.pageX; > pos_y = event.pageY; > document.getElementById(key).style.left = pos_x+OFFSET_WIDTH + 'px'; > document.getElementById(key).style.top = pos_y+OFFSET_HEIGHT + 'px'; > document.getElementById(key).innerHTML = str; > document.getElementById(key).style.visibility = 'visible'; > } > else if (NN4) { > pos_x = event.pageX; > pos_y = event.pageY; > document.layers[key].moveTo(pos_x+OFFSET_WIDTH, pos_y+OFFSET_HEIGHT); > document.layers[key].document.open(); > document.layers[key].document.write(str); > document.layers[key].document.close(); > document.layers[key].visibility = 'show'; > } >} > >function popdown(id) { > key = POP_ID_PREFIX + id; > if (IE) { > document.all(key).style.visibility = "hidden"; > } > else if (FF) { > document.getElementById(key).style.visibility = "hidden"; > } > else if (NN4) { > document.layers[key].visibility = "hidden"; > } >} > >function getPacket(id) { > if (packets[id]) { > return packets[id]; > } > > var str = getInnerHTML(PACKET_INFO_PREFIX + id); > str = trimTag(str, 'pre'); > packets[id] = str; > return str; >} > >function getInnerHTML(id) { > if (IE) { > return document.all(id).innerHTML; > } > else if (FF) { > return document.getElementById(id).innerHTML; > } >} > >function trimTag(str, tagName) { > var index = str.indexOf('<' + tagName); > index = str.indexOf('>', index + 1); > > var lastIndex = str.lastIndexOf('</' + tagName + '>'); > lastIndex = (lastIndex < 0) ? str.length : lastIndex; > > return str.substring(index + 1, lastIndex); >} > ></script> ></HEAD> > ><BODY BGCOLOR="#F0F0F0"> ><H1>Test Information</H1> ><TABLE BORDER=1> ><TR><TD>Title</TD><TD>Test IKEv2.EN.R.1.1.11.4: Response bit is set</TD></TR> ><TR><TD>CommandLine</TD><TD>./2-EN-R/IKEv2-EN-R-1-1-11-4-A.seq -log 70.html -ti Test IKEv2.EN.R.1.1.11.4: Response bit is set</TD></TR> ><TR><TD>Script</TD><TD><A HREF="./2-EN-R/IKEv2-EN-R-1-1-11-4-A.seq">./2-EN-R/IKEv2-EN-R-1-1-11-4-A.seq</A></TD></TR> ><TR><TD>TestVersion</TD><TD>REL_1_1_1</TD></TR> ><TR><TD>ToolVersion</TD><TD>REL_2_2_0</TD></TR> ><TR><TD>Start</TD><TD>2014/01/10 16:37:02</TD></TR> ><TR><TD>Tn</TD><TD>/usr/local/koi//etc//tn.def</TD></TR> ><TR><TD>Nu</TD><TD>/usr/local/koi//etc//nut.def</TD></TR> ></TABLE> > ><HR><H1>Test Sequence Execution Log</H1> ><TABLE BORDER=1> ><TR><TD>16:37:02</TD><TD>Start</TD></TR> ><TR><TD><br></TD><TD> ><FONT COLOR="#FF0000" SIZE="+1"><U><B>TEST SETUP</B></U></FONT><tr VALIGN="top"> ><td></td> ><td width="100%">initializing IKEv2 module ...</td> ></tr> ><tr VALIGN="top"> ><td></td> ><td width="100%">configuring Common Topology for End-Node: End-Node to End-Node ...</td> ></tr> ><tr VALIGN="top"> ><td></td> ><td width="100%">parsing ./config.pl ...</td> ></tr> ><tr VALIGN="top"> ><td></td> ><td width="100%"><TABLE BORDER><TR><TH BGCOLOR="#a8b5d8">key</TH><TH BGCOLOR="#a8b5d8">value</TH></TR><TR><TD>Link A prefix</TD><TD>2001:0db8:0001:0001</TD></TR><TR><TD>Link X prefix</TD><TD>2001:0db8:000f:0001</TD></TR><TR><TD>Link A link-local address (TR1)</TD><TD>fe80::f</TD></TR><TR><TD>Link A global address (NUT)</TD><TD>2001:0db8:0001:0001::1234</TD></TR><TR><TD>pre-shared key (TN)</TD><TD>IKETEST12345678!</TD></TR><TR><TD>pre-shared key (NUT)</TD><TD>IKETEST12345678!</TD></TR><TR><TD>IKE_SA Lifetime</TD><TD>64</TD></TR><TR><TD>CHILD_SA Lifetime</TD><TD>128</TD></TR><TR><TD>IKE_SA_INIT Request RetransTimer</TD><TD>16</TD></TR><TR><TD>IKE_AUTH Request RetransTimer</TD><TD>16</TD></TR><TR><TD>CREATE_CHILD_SA Request RetransTimer</TD><TD>16</TD></TR><TR><TD>INFORMATIONAL Request RetransTimer</TD><TD>16</TD></TR><TR><TD>Liveness Check Timer</TD><TD>32</TD></TR><TR><TD># of Half-Open IKE_SAs to contain N(COOKIE)</TD><TD>32</TD></TR></TABLE></td> ></tr> ><tr VALIGN="top"> ><td></td> ><td width="100%">setting up TN ...</td> ></tr> ><TR VALIGN="top"> ><TD>16:37:03</TD> ><TD width="100%"> >ikev2Local("/sbin/sysctl -w net.inet6.ip6.forwarding=1")<BR> ><PRE>net.inet6.ip6.forwarding: 0 -> 1 ></PRE></TD> ></TR><TR VALIGN="top"> ><TD>16:37:03</TD> ><TD width="100%"> >ikev2Local("/sbin/ifconfig -a")<BR> ><PRE>em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 > options=4219b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,TSO4,WOL_MAGIC,VLAN_HWTSO> > ether 00:23:ae:7a:6e:cc > inet6 fe80::223:aeff:fe7a:6ecc%em0 prefixlen 64 scopeid 0x1 > inet 10.66.13.78 netmask 0xfffffe00 broadcast 10.66.13.255 > nd6 options=3<PERFORMNUD,ACCEPT_RTADV> > media: Ethernet autoselect (1000baseT <full-duplex>) > status: active >em1: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500 > options=209b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC> > ether 00:1b:21:1c:58:fa > inet 192.168.0.20 netmask 0xffffff00 broadcast 192.168.0.255 > inet6 fe80::21b:21ff:fe1c:58fa%em1 prefixlen 64 scopeid 0xa > inet6 3ffe:501:ffff:100::20 prefixlen 64 > nd6 options=3<PERFORMNUD,ACCEPT_RTADV> > media: Ethernet autoselect (1000baseT <full-duplex>) > status: active >em2: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500 > options=209b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC> > ether 00:1b:21:1c:5d:d1 > inet6 fe80::21b:21ff:fe1c:5dd1%em2 prefixlen 64 scopeid 0xb > inet6 3ffe:501:ffff:101::20 prefixlen 64 > nd6 options=3<PERFORMNUD,ACCEPT_RTADV> > media: Ethernet autoselect > status: no carrier >plip0: flags=8810<POINTOPOINT,SIMPLEX,MULTICAST> metric 0 mtu 1500 >lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384 > options=3<RXCSUM,TXCSUM> > inet 127.0.0.1 netmask 0xff000000 > inet6 ::1 prefixlen 128 > inet6 fe80::1%lo0 prefixlen 64 scopeid 0xd > nd6 options=3<PERFORMNUD,ACCEPT_RTADV> ></PRE></TD> ></TR><TR VALIGN="top"> ><TD>16:37:03</TD> ><TD width="100%"> >ikev2Local("/sbin/ifconfig em1 inet6 fe80::f%em1/64")<BR> ><PRE></PRE></TD> ></TR><TR VALIGN="top"> ><TD>16:37:03</TD> ><TD width="100%"> >ikev2Local("/sbin/ifconfig em1 inet6 2001:0db8:0001:0001::f/64")<BR> ><PRE></PRE></TD> ></TR><TR VALIGN="top"> ><TD>16:37:03</TD> ><TD width="100%"> >ikev2Local("/sbin/ifconfig lo1 create")<BR> ><PRE></PRE></TD> ></TR><TR VALIGN="top"> ><TD>16:37:03</TD> ><TD width="100%"> >ikev2Local("/sbin/ifconfig lo1 up")<BR> ><PRE></PRE></TD> ></TR><TR VALIGN="top"> ><TD>16:37:03</TD> ><TD width="100%"> >ikev2Local("/sbin/ifconfig lo1 inet6 2001:0db8:000f:0001::1/64")<BR> ><PRE></PRE></TD> ></TR><TR VALIGN="top"> ><TD>16:37:06</TD> ><TD width="100%"> >ikev2Local("/sbin/ifconfig -a")<BR> ><PRE>em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 > options=4219b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,TSO4,WOL_MAGIC,VLAN_HWTSO> > ether 00:23:ae:7a:6e:cc > inet6 fe80::223:aeff:fe7a:6ecc%em0 prefixlen 64 scopeid 0x1 > inet 10.66.13.78 netmask 0xfffffe00 broadcast 10.66.13.255 > nd6 options=3<PERFORMNUD,ACCEPT_RTADV> > media: Ethernet autoselect (1000baseT <full-duplex>) > status: active >em1: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500 > options=209b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC> > ether 00:1b:21:1c:58:fa > inet 192.168.0.20 netmask 0xffffff00 broadcast 192.168.0.255 > inet6 fe80::21b:21ff:fe1c:58fa%em1 prefixlen 64 scopeid 0xa > inet6 3ffe:501:ffff:100::20 prefixlen 64 > inet6 fe80::f%em1 prefixlen 64 scopeid 0xa > inet6 2001:db8:1:1::f prefixlen 64 > nd6 options=3<PERFORMNUD,ACCEPT_RTADV> > media: Ethernet autoselect (1000baseT <full-duplex>) > status: active >em2: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500 > options=209b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC> > ether 00:1b:21:1c:5d:d1 > inet6 fe80::21b:21ff:fe1c:5dd1%em2 prefixlen 64 scopeid 0xb > inet6 3ffe:501:ffff:101::20 prefixlen 64 > nd6 options=3<PERFORMNUD,ACCEPT_RTADV> > media: Ethernet autoselect > status: no carrier >plip0: flags=8810<POINTOPOINT,SIMPLEX,MULTICAST> metric 0 mtu 1500 >lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384 > options=3<RXCSUM,TXCSUM> > inet 127.0.0.1 netmask 0xff000000 > inet6 ::1 prefixlen 128 > inet6 fe80::1%lo0 prefixlen 64 scopeid 0xd > nd6 options=3<PERFORMNUD,ACCEPT_RTADV> >lo1: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384 > options=3<RXCSUM,TXCSUM> > inet6 2001:db8:f:1::1 prefixlen 64 > nd6 options=3<PERFORMNUD,ACCEPT_RTADV> ></PRE></TD> ></TR><TR VALIGN="top"> ><TD>16:37:06</TD> ><TD width="100%"> >ikev2Local("/sbin/setkey -D")<BR> ><PRE>No SAD entries. ></PRE></TD> ></TR><TR VALIGN="top"> ><TD>16:37:06</TD> ><TD width="100%"> >ikev2Local("/sbin/setkey -F")<BR> ><PRE></PRE></TD> ></TR><TR VALIGN="top"> ><TD>16:37:09</TD> ><TD width="100%"> >ikev2Local("/sbin/setkey -D")<BR> ><PRE>No SAD entries. ></PRE></TD> ></TR><TR VALIGN="top"> ><TD>16:37:09</TD> ><TD width="100%"> >ikev2Local("/sbin/setkey -DP")<BR> ><PRE>No SPD entries. ></PRE></TD> ></TR><TR VALIGN="top"> ><TD>16:37:09</TD> ><TD width="100%"> >ikev2Local("/sbin/setkey -FP")<BR> ><PRE></PRE></TD> ></TR><TR VALIGN="top"> ><TD>16:37:12</TD> ><TD width="100%"> >ikev2Local("/sbin/setkey -DP")<BR> ><PRE>No SPD entries. ></PRE></TD> ></TR><tr VALIGN="top"> ><td></td> ><td width="100%">setting up NUT ...</td> ></tr> ></TD> ></TR> ><TR VALIGN="TOP"><TD>16:37:12</TD> ><TD width="100%"> >kRemote(ifconfig.rmt) ``/usr/local/koi/bin/remotes/libreswan//ifconfig.rmt ifconfig.address=2001:0db8:0001:0001::1234/64 ifconfig.address_family=inet6 ifconfig.interface=p6p1''<br> >kRemote()... /usr/local/koi/bin/remotes/libreswan//ifconfig.rmt ifconfig.address=2001:0db8:0001:0001::1234/64 ifconfig.address_family=inet6 ifconfig.interface=p6p1 > ><PRE>DEBUG : start kRemoteLogin >Connected > >[root@dhcp12-166 ~]# >[root@dhcp12-166 ~]# ip addr >1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN > link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 > inet 127.0.0.1/8 scope host lo > valid_lft forever preferred_lft forever > inet6 ::1/128 scope host > valid_lft forever preferred_lft forever >2: p7p1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000 > link/ether 00:22:19:30:20:d5 brd ff:ff:ff:ff:ff:ff > inet 10.66.12.166/23 brd 10.66.13.255 scope global dynamic p7p1 > valid_lft 61311sec preferred_lft 61311sec > inet6 fe80::222:19ff:fe30:20d5/64 scope link > valid_lft forever preferred_lft forever >3: p6p1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc netem state UP qlen 1000 > link/ether 00:15:17:3c:c6:68 brd ff:ff:ff:ff:ff:ff > inet 192.168.0.10/24 brd 192.168.0.255 scope global p6p1 > valid_lft forever preferred_lft forever > inet6 3ffe:501:ffff:100:215:17ff:fe3c:c668/64 scope global > valid_lft forever preferred_lft forever > inet6 fe80::215:17ff:fe3c:c668/64 scope link > valid_lft forever preferred_lft forever >4: p6p2: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000 > link/ether 00:15:17:3c:c6:69 brd ff:ff:ff:ff:ff:ff >[root@dhcp12-166 ~]# >[root@dhcp12-166 ~]# ip -f inet6 addr add 2001:0db8:0001:0001::1234/64 dev p6p1 >[root@dhcp12-166 ~]# >[root@dhcp12-166 ~]# ip addr >1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN > link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 > inet 127.0.0.1/8 scope host lo > valid_lft forever preferred_lft forever > inet6 ::1/128 scope host > valid_lft forever preferred_lft forever >2: p7p1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000 > link/ether 00:22:19:30:20:d5 brd ff:ff:ff:ff:ff:ff > inet 10.66.12.166/23 brd 10.66.13.255 scope global dynamic p7p1 > valid_lft 61307sec preferred_lft 61307sec > inet6 fe80::222:19ff:fe30:20d5/64 scope link > valid_lft forever preferred_lft forever >3: p6p1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc netem state UP qlen 1000 > link/ether 00:15:17:3c:c6:68 brd ff:ff:ff:ff:ff:ff > inet 192.168.0.10/24 brd 192.168.0.255 scope global p6p1 > valid_lft forever preferred_lft forever > inet6 2001:db8:1:1::1234/64 scope global tentative > valid_lft forever preferred_lft forever > inet6 3ffe:501:ffff:100:215:17ff:fe3c:c668/64 scope global > valid_lft forever preferred_lft forever > inet6 fe80::215:17ff:fe3c:c668/64 scope link > valid_lft forever preferred_lft forever >4: p6p2: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000 > link/ether 00:15:17:3c:c6:69 brd ff:ff:ff:ff:ff:ff >[root@dhcp12-166 ~]# ></PRE> ></TD></TR> > ><TR VALIGN="TOP"><TD>16:37:34</TD> ><TD width="100%"> >kRemote(route.rmt) ``/usr/local/koi/bin/remotes/libreswan//route.rmt route.0.address_family=inet6 route.0.gateway=fe80::f%p6p1 route.0.interface=p6p1 route.0.network=2001:0db8:000f:0001::/64 route.num=1''<br> >kRemote()... /usr/local/koi/bin/remotes/libreswan//route.rmt route.0.address_family=inet6 route.0.gateway=fe80::f%p6p1 route.0.interface=p6p1 route.0.network=2001:0db8:000f:0001::/64 route.num=1 > ><PRE>DEBUG : start kRemoteLogin >Connected > >[root@dhcp12-166 ~]# >[root@dhcp12-166 ~]# ip -6 route show >unreachable ::/96 dev lo metric 1024 error -101 >unreachable ::ffff:0.0.0.0/96 dev lo metric 1024 error -101 >2001:db8:1:1::/64 dev p6p1 proto kernel metric 256 >unreachable 2002:a00::/24 dev lo metric 1024 error -101 >unreachable 2002:7f00::/24 dev lo metric 1024 error -101 >unreachable 2002:a9fe::/32 dev lo metric 1024 error -101 >unreachable 2002:ac10::/28 dev lo metric 1024 error -101 >unreachable 2002:c0a8::/32 dev lo metric 1024 error -101 >unreachable 2002:e000::/19 dev lo metric 1024 error -101 >3ffe:501:ffff:100::/64 dev p6p1 proto kernel metric 256 >unreachable 3ffe:ffff::/32 dev lo metric 1024 error -101 >fe80::/64 dev p6p1 proto kernel metric 256 >fe80::/64 dev p7p1 proto kernel metric 256 >[root@dhcp12-166 ~]# >[root@dhcp12-166 ~]# ip -6 route add 2001:0db8:000f:0001::/64 via fe80::f dev p6 p1 >[root@dhcp12-166 ~]# sendMessagesSync: never got ip -6 route add 2001:0db8:000f:0001::/64 via fe80::f dev p6p1 >[root@dhcp12-166 ~]# ip -6 route show >unreachable ::/96 dev lo metric 1024 error -101 >unreachable ::ffff:0.0.0.0/96 dev lo metric 1024 error -101 >2001:db8:1:1::/64 dev p6p1 proto kernel metric 256 >2001:db8:f:1::/64 via fe80::f dev p6p1 metric 1024 >unreachable 2002:a00::/24 dev lo metric 1024 error -101 >unreachable 2002:7f00::/24 dev lo metric 1024 error -101 >unreachable 2002:a9fe::/32 dev lo metric 1024 error -101 >unreachable 2002:ac10::/28 dev lo metric 1024 error -101 >unreachable 2002:c0a8::/32 dev lo metric 1024 error -101 >unreachable 2002:e000::/19 dev lo metric 1024 error -101 >3ffe:501:ffff:100::/64 dev p6p1 proto kernel metric 256 >unreachable 3ffe:ffff::/32 dev lo metric 1024 error -101 >fe80::/64 dev p6p1 proto kernel metric 256 >fe80::/64 dev p7p1 proto kernel metric 256 >[root@dhcp12-166 ~]# ></PRE> ></TD></TR> > ><TR VALIGN="TOP"><TD>16:37:58</TD> ><TD width="100%"> >kRemote(ikev2.rmt) ``/usr/local/koi/bin/remotes/libreswan//ikev2.rmt operation=stop''<br> >kRemote()... /usr/local/koi/bin/remotes/libreswan//ikev2.rmt operation=stop > ><PRE>DEBUG : start kRemoteLogin >Connected > >[root@dhcp12-166 ~]# >[root@dhcp12-166 ~]# ipsec setup stop >Redirecting to: systemctl stop ipsec.service >[root@dhcp12-166 ~]# >[root@dhcp12-166 ~]# ip xfrm state list >[root@dhcp12-166 ~]# >[root@dhcp12-166 ~]# ip xfrm policy list >[root@dhcp12-166 ~]# ></PRE> ></TD></TR> > ><TR VALIGN="TOP"><TD>16:38:18</TD> ><TD width="100%"> >kRemote(ikev2.rmt) ``/usr/local/koi/bin/remotes/libreswan//ikev2.rmt ikev2.addresspool.0.eaddr= ikev2.addresspool.0.saddr= ikev2.addresspool.num=1 ikev2.interface.ike.0.address=2001:0db8:0001:0001::1234 ikev2.interface.ike.0.port=500 ikev2.interface.ike.num=1 ikev2.ipsec.0.ext_sequence=off ikev2.ipsec.0.ipsec_index=common_ipsec_index ikev2.ipsec.0.ipsec_sa_lifetime_time=128 ikev2.ipsec.0.sa_index.0=common_sa_index ikev2.ipsec.0.sa_index.num=1 ikev2.ipsec.num=1 ikev2.policy.0.ipsec_index.0=common_ipsec_index ikev2.policy.0.ipsec_index.num=1 ikev2.policy.0.ipsec_mode=transport ikev2.policy.0.policy_index=common_policy_index ikev2.policy.0.remote_index=common_remote_index ikev2.policy.num=1 ikev2.remote.0.ikev2.initial_contact.initial_contact=off ikev2.remote.0.ikev2.kmp_auth_method.0=psk ikev2.remote.0.ikev2.kmp_auth_method.num=1 ikev2.remote.0.ikev2.kmp_dh_group.0=modp1024 ikev2.remote.0.ikev2.kmp_dh_group.num=1 ikev2.remote.0.ikev2.kmp_enc_alg.0=3des_cbc ikev2.remote.0.ikev2.kmp_enc_alg.num=1 ikev2.remote.0.ikev2.kmp_hash_alg.0=hmac_sha1 ikev2.remote.0.ikev2.kmp_hash_alg.num=1 ikev2.remote.0.ikev2.kmp_prf_alg.0=hmac_sha1 ikev2.remote.0.ikev2.kmp_prf_alg.num=1 ikev2.remote.0.ikev2.kmp_sa_lifetime_time=64 ikev2.remote.0.ikev2.my_id.fqdn.num=0 ikev2.remote.0.ikev2.my_id.ipaddr.0=2001:0db8:0001:0001::1234 ikev2.remote.0.ikev2.my_id.ipaddr.num=1 ikev2.remote.0.ikev2.my_id.keyid.num=0 ikev2.remote.0.ikev2.my_id.rfc822addr.num=0 ikev2.remote.0.ikev2.need_pfs=off ikev2.remote.0.ikev2.peers_id.fqdn.num=0 ikev2.remote.0.ikev2.peers_id.ipaddr.0=2001:0db8:000f:0001::1 ikev2.remote.0.ikev2.peers_id.ipaddr.num=1 ikev2.remote.0.ikev2.peers_id.keyid.num=0 ikev2.remote.0.ikev2.peers_id.rfc822addr.num=0 ikev2.remote.0.ikev2.peers_ipaddr.address=2001:0db8:000f:0001::1 ikev2.remote.0.ikev2.peers_ipaddr.port=500 ikev2.remote.0.ikev2.pre_shared_key.local=IKETEST12345678! ikev2.remote.0.ikev2.pre_shared_key.remote=IKETEST12345678! ikev2.remote.0.ikev2.send_cert_req.send_cert_req=on ikev2.remote.0.remote_index=common_remote_index ikev2.remote.num=1 ikev2.sa.0.esp_auth_alg.0=hmac_sha1 ikev2.sa.0.esp_auth_alg.num=1 ikev2.sa.0.esp_enc_alg.0=3des_cbc ikev2.sa.0.esp_enc_alg.num=1 ikev2.sa.0.sa_index=common_sa_index ikev2.sa.0.sa_protocol=esp ikev2.sa.num=1 ikev2.selector.0.direction=outbound ikev2.selector.0.dst.address=2001:0db8:000f:0001::1 ikev2.selector.0.dst.address_family=inet6 ikev2.selector.0.policy_index=common_policy_index ikev2.selector.0.selector_index=common_selector_index_outbound ikev2.selector.0.src.address=2001:0db8:0001:0001::1234 ikev2.selector.0.src.address_family=inet6 ikev2.selector.0.upper_layer_protocol.protocol=any ikev2.selector.1.direction=inbound ikev2.selector.1.dst.address=2001:0db8:0001:0001::1234 ikev2.selector.1.dst.address_family=inet6 ikev2.selector.1.policy_index=common_policy_index ikev2.selector.1.selector_index=common_selector_index_inbound ikev2.selector.1.src.address=2001:0db8:000f:0001::1 ikev2.selector.1.src.address_family=inet6 ikev2.selector.1.upper_layer_protocol.protocol=any ikev2.selector.num=2''<br> >kRemote()... /usr/local/koi/bin/remotes/libreswan//ikev2.rmt ikev2.addresspool.0.eaddr= ikev2.addresspool.0.saddr= ikev2.addresspool.num=1 ikev2.interface.ike.0.address=2001:0db8:0001:0001::1234 ikev2.interface.ike.0.port=500 ikev2.interface.ike.num=1 ikev2.ipsec.0.ext_sequence=off ikev2.ipsec.0.ipsec_index=common_ipsec_index ikev2.ipsec.0.ipsec_sa_lifetime_time=128 ikev2.ipsec.0.sa_index.0=common_sa_index ikev2.ipsec.0.sa_index.num=1 ikev2.ipsec.num=1 ikev2.policy.0.ipsec_index.0=common_ipsec_index ikev2.policy.0.ipsec_index.num=1 ikev2.policy.0.ipsec_mode=transport ikev2.policy.0.policy_index=common_policy_index ikev2.policy.0.remote_index=common_remote_index ikev2.policy.num=1 ikev2.remote.0.ikev2.initial_contact.initial_contact=off ikev2.remote.0.ikev2.kmp_auth_method.0=psk ikev2.remote.0.ikev2.kmp_auth_method.num=1 ikev2.remote.0.ikev2.kmp_dh_group.0=modp1024 ikev2.remote.0.ikev2.kmp_dh_group.num=1 ikev2.remote.0.ikev2.kmp_enc_alg.0=3des_cbc ikev2.remote.0.ikev2.kmp_enc_alg.num=1 ikev2.remote.0.ikev2.kmp_hash_alg.0=hmac_sha1 ikev2.remote.0.ikev2.kmp_hash_alg.num=1 ikev2.remote.0.ikev2.kmp_prf_alg.0=hmac_sha1 ikev2.remote.0.ikev2.kmp_prf_alg.num=1 ikev2.remote.0.ikev2.kmp_sa_lifetime_time=64 ikev2.remote.0.ikev2.my_id.fqdn.num=0 ikev2.remote.0.ikev2.my_id.ipaddr.0=2001:0db8:0001:0001::1234 ikev2.remote.0.ikev2.my_id.ipaddr.num=1 ikev2.remote.0.ikev2.my_id.keyid.num=0 ikev2.remote.0.ikev2.my_id.rfc822addr.num=0 ikev2.remote.0.ikev2.need_pfs=off ikev2.remote.0.ikev2.peers_id.fqdn.num=0 ikev2.remote.0.ikev2.peers_id.ipaddr.0=2001:0db8:000f:0001::1 ikev2.remote.0.ikev2.peers_id.ipaddr.num=1 ikev2.remote.0.ikev2.peers_id.keyid.num=0 ikev2.remote.0.ikev2.peers_id.rfc822addr.num=0 ikev2.remote.0.ikev2.peers_ipaddr.address=2001:0db8:000f:0001::1 ikev2.remote.0.ikev2.peers_ipaddr.port=500 ikev2.remote.0.ikev2.pre_shared_key.local=IKETEST12345678! ikev2.remote.0.ikev2.pre_shared_key.remote=IKETEST12345678! ikev2.remote.0.ikev2.send_cert_req.send_cert_req=on ikev2.remote.0.remote_index=common_remote_index ikev2.remote.num=1 ikev2.sa.0.esp_auth_alg.0=hmac_sha1 ikev2.sa.0.esp_auth_alg.num=1 ikev2.sa.0.esp_enc_alg.0=3des_cbc ikev2.sa.0.esp_enc_alg.num=1 ikev2.sa.0.sa_index=common_sa_index ikev2.sa.0.sa_protocol=esp ikev2.sa.num=1 ikev2.selector.0.direction=outbound ikev2.selector.0.dst.address=2001:0db8:000f:0001::1 ikev2.selector.0.dst.address_family=inet6 ikev2.selector.0.policy_index=common_policy_index ikev2.selector.0.selector_index=common_selector_index_outbound ikev2.selector.0.src.address=2001:0db8:0001:0001::1234 ikev2.selector.0.src.address_family=inet6 ikev2.selector.0.upper_layer_protocol.protocol=any ikev2.selector.1.direction=inbound ikev2.selector.1.dst.address=2001:0db8:0001:0001::1234 ikev2.selector.1.dst.address_family=inet6 ikev2.selector.1.policy_index=common_policy_index ikev2.selector.1.selector_index=common_selector_index_inbound ikev2.selector.1.src.address=2001:0db8:000f:0001::1 ikev2.selector.1.src.address_family=inet6 ikev2.selector.1.upper_layer_protocol.protocol=any ikev2.selector.num=2 > ><PRE>DEBUG : start kRemoteLogin >Connected > >[root@dhcp12-166 ~]# >[root@dhcp12-166 ~]# cat > /etc/ipsec.secrets << EOF >> 2001:0db8:000f:0001::1 2001:0db8:0001:0001::1234 : PSK 'IKETEST12345678!' >> EOF >[root@dhcp12-166 ~]# cat -n /etc/ipsec.secrets > 1 2001:0db8:000f:0001::1 2001:0db8:0001:0001::1234 : PSK 'IKETEST12345678!' >[root@dhcp12-166 ~]# >[root@dhcp12-166 ~]# cat -n /etc/ipsec.secrets > 1 2001:0db8:000f:0001::1 2001:0db8:0001:0001::1234 : PSK 'IKETEST12345678!' >[root@dhcp12-166 ~]# >[root@dhcp12-166 ~]# chown root:wheel /etc/ipsec.secrets >[root@dhcp12-166 ~]# >[root@dhcp12-166 ~]# chmod 0600 /etc/ipsec.secrets >[root@dhcp12-166 ~]# >[root@dhcp12-166 ~]# ls -l /etc/ipsec.secrets >-rw------- 1 root wheel 74 Jan 11 00:26 /etc/ipsec.secrets >[root@dhcp12-166 ~]# >[root@dhcp12-166 ~]# cat > /etc/ipsec.conf << EOF >> config setup >> protostack=netkey >> nat_traversal=yes >> plutostderrlog="/tmp/pluto.log" >> conn ikev2 >> left=2001:0db8:0001:0001::1234 >> right=2001:0db8:000f:0001::1 >> leftid=2001:0db8:0001:0001::1234 >> rightid=2001:0db8:000f:0001::1 >> type=transport >> auto=start >> connaddrfamily=ipv6 >> authby=secret >> phase2=esp >> ike=3des-sha1;modp1024 >> ikev2=insist >> EOF >[root@dhcp12-166 ~]# cat -n /etc/ipsec.conf > 1 config setup > 2 protostack=netkey > 3 nat_traversal=yes > 4 plutostderrlog="/tmp/pluto.log" > 5 conn ikev2 > 6 left=2001:0db8:0001:0001::1234 > 7 right=2001:0db8:000f:0001::1 > 8 leftid=2001:0db8:0001:0001::1234 > 9 rightid=2001:0db8:000f:0001::1 > 10 type=transport > 11 auto=start > 12 connaddrfamily=ipv6 > 13 authby=secret > 14 phase2=esp > 15 ike=3des-sha1;modp1024 > 16 ikev2=insist >[root@dhcp12-166 ~]# >[root@dhcp12-166 ~]# chown root:wheel /etc/ipsec.conf >[root@dhcp12-166 ~]# >[root@dhcp12-166 ~]# chmod 0600 /etc/ipsec.conf >[root@dhcp12-166 ~]# >[root@dhcp12-166 ~]# ls -l /etc/ipsec.conf >-rw------- 1 root wheel 435 Jan 11 00:26 /etc/ipsec.conf >[root@dhcp12-166 ~]# >[root@dhcp12-166 ~]# ipsec setup start >Redirecting to: systemctl start ipsec.service >[root@dhcp12-166 ~]# >[root@dhcp12-166 ~]# ip xfrm state list >[root@dhcp12-166 ~]# >[root@dhcp12-166 ~]# ip xfrm policy list >src ::/0 dst ::/0 > socket out priority 0 ptype main >src ::/0 dst ::/0 > socket in priority 0 ptype main >src ::/0 dst ::/0 > socket out priority 0 ptype main >src ::/0 dst ::/0 > socket in priority 0 ptype main >src ::/0 dst ::/0 > socket out priority 0 ptype main >src ::/0 dst ::/0 > socket in priority 0 ptype main >src 0.0.0.0/0 dst 0.0.0.0/0 > socket out priority 0 ptype main >src 0.0.0.0/0 dst 0.0.0.0/0 > socket in priority 0 ptype main >src 0.0.0.0/0 dst 0.0.0.0/0 > socket out priority 0 ptype main >src 0.0.0.0/0 dst 0.0.0.0/0 > socket in priority 0 ptype main >src 0.0.0.0/0 dst 0.0.0.0/0 > socket out priority 0 ptype main >src 0.0.0.0/0 dst 0.0.0.0/0 > socket in priority 0 ptype main >src 0.0.0.0/0 dst 0.0.0.0/0 > socket out priority 0 ptype main >src 0.0.0.0/0 dst 0.0.0.0/0 > socket in priority 0 ptype main >src 0.0.0.0/0 dst 0.0.0.0/0 > socket out priority 0 ptype main >src 0.0.0.0/0 dst 0.0.0.0/0 > socket in priority 0 ptype main >src 0.0.0.0/0 dst 0.0.0.0/0 > socket out priority 0 ptype main >src 0.0.0.0/0 dst 0.0.0.0/0 > socket in priority 0 ptype main >[root@dhcp12-166 ~]# ></PRE> ></TD></TR> > ><TR><TD><br></TD><TD> ><FONT COLOR="#FF0000" SIZE="+1"><U><B>TEST PROCEDURE</B></U></FONT><PRE> (R) (I) > NUT TN1 > | | > |<--------------| IKE_SA_INIT request (HDR, SAi1, KEi, Ni) > | | > V V</PRE><TR VALIGN="TOP"> ><TD>16:38:42</TD><TD> >Clear Buffer<BR> >done<BR> ></TD> ></TR> > > ><TR VALIGN="TOP"> ><TD>16:38:42</TD><TD> >Connect<br> SrcAddr:2001:0db8:000f:0001::1 SrcPort:500<br> DstAddr:2001:0db8:0001:0001::1234 DstPort:500<br> >done<br> > connected to SocketID:3<br> > sent to SocketID:3<br> ><A NAME="koiPacket1"></A> ><A HREF="#koiPacketDump1" onmouseover="popup(1,event);"onmouseout="popdown(1);">send packet #1</A> ><div id="pop1" style="position:absolute; visibility:hidden;"></div> ><BR> ></TD> ></TR> > ><TR><TD><br></TD><TD> ><PRE> (R) (I) > NUT TN1 > | | > |-------------->| IKE_SA_INIT response (HDR, SAr1, KEr, Nr) > | | > V V</PRE><TR VALIGN="TOP"> ><TD>16:38:42</TD><TD> >Receive<BR> > SrcAddr:2001:db8:1:1::1234 SrcPort:500<br> DstAddr:2001:db8:f:1::1 DstPort:500<br> >done<BR> > received from SocketID:3<br> ><A NAME="koiPacket2"></A> ><A HREF="#koiPacketDump2" onmouseover="popup(2,event);"onmouseout="popdown(2);">receive packet #2</A> ><div id="pop2" style="position:absolute; visibility:hidden;"></div> ><BR> ></TD> ></TR> > ><tr VALIGN="top"> ><td></td> ><td width="100%">Compare the received packet with packets('common_remote_index')</td> ></tr> ><TR VALIGN="top"> ><TD></TD><TD><B>Payload Order (HDR, SA(P(T, T, T, T)), KE, Ni, Nr)</B></TD></TR><tr VALIGN="top"> ><td></td> ><td width="100%"><pre> ><b>IKE Header</b> ><font color='#ff0000'><b>NG</b></font> initSPI: (received: 90c39f02b80d9ab0, expected: 0000000000000000, comp: eq) ><b>OK</b> respSPI: (received: 4521278d22418e5e, expected: 0000000000000000, comp: ne) ><b>OK</b> nexttype: (received: SA, expected: SA, comp: eq) ><b>OK</b> major: (received: 2, expected: 2, comp: eq) ><b>OK</b> minor: (received: 0, expected: 0, comp: eq) ><b>OK</b> exchType: (received: IKE_SA_INIT, expected: IKE_SA_INIT, comp: eq) ><b>OK</b> reserved1: (received: 0, expected: 0, comp: eq) ><b>OK</b> initiator: (received: 0, expected: 0, comp: eq) ><b>OK</b> higher: (received: 0, expected: 0, comp: eq) ><b>OK</b> response: (received: 1, expected: 1, comp: eq) ><b>OK</b> reserved2: (received: 0, expected: 0, comp: eq) ><b>OK</b> messID: (received: 0, expected: 0, comp: eq) ><b>OK</b> length: (received: 228, expected: any, comp: already checked) ></pre></td> ></tr> ><tr VALIGN="top"> ><td></td> ><td width="100%"><pre> ><b>Security Association Payload</b> ><b>OK</b> nexttype: (received: KE, expected: any, comp: already checked) ><b>OK</b> critical: (received: 0, expected: 0, comp: eq) ><b>OK</b> reserved: (received: 0, expected: 0, comp: eq) ><b>OK</b> length: (received: 44, expected: any, comp: already checked) ></pre></td> ></tr> ><tr VALIGN="top"> ><td></td> ><td width="100%"><pre> ><b>SA Proposal Comparison</b> ><b>OK</b> ENCR: (received:ENCR_3DES, expected:ENCR_3DES) ><b>OK</b> PRF: (received:PRF_HMAC_SHA1, expected:PRF_HMAC_SHA1) ><b>OK</b> INTEG: (received:INTEG_HMAC_SHA1_96, expected:INTEG_HMAC_SHA1_96) ><b>OK</b> D-H: (received:D-H_1024 MODP Group, expected:D-H_1024 MODP Group) ><b>OK</b> ESN: (received:, expected:) ></pre></td> ></tr> ><tr VALIGN="top"> ><td></td> ><td width="100%"><pre> ><b>Proposal Substructure</b> ><b>OK</b> nexttype: (received: 0, expected: any, comp: already checked) ><b>OK</b> reserved: (received: 0, expected: 0, comp: eq) ><b>OK</b> proposalLen: (received: 40, expected: any, comp: already checked) ><b>OK</b> number: (received: 1, expected: 1, comp: eq) ><b>OK</b> id: (received: IKE, expected: IKE, comp: eq) ><b>OK</b> spiSize: (received: 0, expected: 0, comp: eq) ><b>OK</b> transformCount: (received: 4, expected: 4, comp: eq) ><b>OK</b> spi: (received: , expected: , comp: eq) ></pre></td> ></tr> ><tr VALIGN="top"> ><td></td> ><td width="100%"><pre> ><b>Transform Substructure</b> ><b>OK</b> nexttype: (received: 3, expected: any, comp: already checked) ><b>OK</b> reserved1: (received: 0, expected: 0, comp: eq) ><b>OK</b> transformLen: (received: 8, expected: any, comp: already checked) ><b>OK</b> type: (received: ENCR, expected: ENCR, comp: eq) ><b>OK</b> reserved2: (received: 0, expected: 0, comp: eq) ><b>OK</b> id: (received: 3DES, expected: 3DES, comp: eq) ></pre></td> ></tr> ><tr VALIGN="top"> ><td></td> ><td width="100%"><pre> ><b>Transform Substructure</b> ><b>OK</b> nexttype: (received: 3, expected: any, comp: already checked) ><b>OK</b> reserved1: (received: 0, expected: 0, comp: eq) ><b>OK</b> transformLen: (received: 8, expected: any, comp: already checked) ><b>OK</b> type: (received: PRF, expected: PRF, comp: eq) ><b>OK</b> reserved2: (received: 0, expected: 0, comp: eq) ><b>OK</b> id: (received: HMAC_SHA1, expected: HMAC_SHA1, comp: eq) ></pre></td> ></tr> ><tr VALIGN="top"> ><td></td> ><td width="100%"><pre> ><b>Transform Substructure</b> ><b>OK</b> nexttype: (received: 3, expected: any, comp: already checked) ><b>OK</b> reserved1: (received: 0, expected: 0, comp: eq) ><b>OK</b> transformLen: (received: 8, expected: any, comp: already checked) ><b>OK</b> type: (received: INTEG, expected: INTEG, comp: eq) ><b>OK</b> reserved2: (received: 0, expected: 0, comp: eq) ><b>OK</b> id: (received: HMAC_SHA1_96, expected: HMAC_SHA1_96, comp: eq) ></pre></td> ></tr> ><tr VALIGN="top"> ><td></td> ><td width="100%"><pre> ><b>Transform Substructure</b> ><b>OK</b> nexttype: (received: 0, expected: any, comp: already checked) ><b>OK</b> reserved1: (received: 0, expected: 0, comp: eq) ><b>OK</b> transformLen: (received: 8, expected: any, comp: already checked) ><b>OK</b> type: (received: D-H, expected: D-H, comp: eq) ><b>OK</b> reserved2: (received: 0, expected: 0, comp: eq) ><b>OK</b> id: (received: 1024 MODP Group, expected: 1024 MODP Group, comp: eq) ></pre></td> ></tr> ><tr VALIGN="top"> ><td></td> ><td width="100%"><pre> ><b>Key Exchange Payload</b> ><b>OK</b> nexttype: (received: Ni, Nr, expected: any, comp: already checked) ><b>OK</b> critical: (received: 0, expected: 0, comp: eq) ><b>OK</b> reserved: (received: 0, expected: 0, comp: eq) ><b>OK</b> length: (received: 136, expected: any, comp: already checked) ><b>OK</b> group: (received: 2, expected: 2, comp: eq) ><b>OK</b> reserved1: (received: 0, expected: 0, comp: eq) ><b>OK</b> publicKey: (received: 130072364162185196983434191432924059246078481237816125383063116748728378821455661384145605321581415676508963722131996327742215909472796316744785727115058275676451593067721502883658727817804140584847962784655261110101341924542583392451553196596614910823109820451042671870888513856439057253451198987731894027330, expected: any, comp: any) ></pre></td> ></tr> ><tr VALIGN="top"> ><td></td> ><td width="100%"><pre> ><b>Nonce Payload</b> ><b>OK</b> nexttype: (received: 0, expected: any, comp: already checked) ><b>OK</b> critical: (received: 0, expected: 0, comp: eq) ><b>OK</b> reserved: (received: 0, expected: 0, comp: eq) ><b>OK</b> length: (received: 20, expected: (20, 260), comp: range) ><b>OK</b> nonce: (received: 109598838473527759926000755568031469911, expected: any, comp: any) ></pre></td> ></tr> ><tr VALIGN="top"> ><td></td> ><td width="100%"><b>Not match with packet('common_remote_index')</b></td> ></tr> ><tr VALIGN="top"> ><td></td> ><td width="100%"><FONT COLOR="#FF0000" SIZE="+1"><U><B>TEST CLEANUP</B></U></FONT></td> ></tr> ><tr VALIGN="top"> ><td></td> ><td width="100%">cleaning up NUT ...</td> ></tr> ><TR VALIGN="TOP"><TD>16:38:42</TD> ><TD width="100%"> >kRemote(ikev2.rmt) ``/usr/local/koi/bin/remotes/libreswan//ikev2.rmt operation=stop''<br> >kRemote()... /usr/local/koi/bin/remotes/libreswan//ikev2.rmt operation=stop > ><PRE>DEBUG : start kRemoteLogin >Connected > >[root@dhcp12-166 ~]# >[root@dhcp12-166 ~]# ipsec setup stop >Redirecting to: systemctl stop ipsec.service >[root@dhcp12-166 ~]# >[root@dhcp12-166 ~]# ip xfrm state list >[root@dhcp12-166 ~]# >[root@dhcp12-166 ~]# ip xfrm policy list >[root@dhcp12-166 ~]# ></PRE> ></TD></TR> > ><TR VALIGN="TOP"><TD>16:39:02</TD> ><TD width="100%"> >kRemote(route.rmt) ``/usr/local/koi/bin/remotes/libreswan//route.rmt operation=delete route.0.address_family=inet6 route.0.gateway=fe80::f%p6p1 route.0.interface=p6p1 route.0.network=2001:0db8:000f:0001::/64 route.num=1''<br> >kRemote()... /usr/local/koi/bin/remotes/libreswan//route.rmt operation=delete route.0.address_family=inet6 route.0.gateway=fe80::f%p6p1 route.0.interface=p6p1 route.0.network=2001:0db8:000f:0001::/64 route.num=1 > ><PRE>DEBUG : start kRemoteLogin >Connected > >[root@dhcp12-166 ~]# >[root@dhcp12-166 ~]# ip -6 route show >unreachable ::/96 dev lo metric 1024 error -101 >unreachable ::ffff:0.0.0.0/96 dev lo metric 1024 error -101 >2001:db8:1:1::/64 dev p6p1 proto kernel metric 256 >2001:db8:f:1::1 via fe80::f dev p6p1 metric 0 > cache >2001:db8:f:1::/64 via fe80::f dev p6p1 metric 1024 >unreachable 2002:a00::/24 dev lo metric 1024 error -101 >unreachable 2002:7f00::/24 dev lo metric 1024 error -101 >unreachable 2002:a9fe::/32 dev lo metric 1024 error -101 >unreachable 2002:ac10::/28 dev lo metric 1024 error -101 >unreachable 2002:c0a8::/32 dev lo metric 1024 error -101 >unreachable 2002:e000::/19 dev lo metric 1024 error -101 >3ffe:501:ffff:100::/64 dev p6p1 proto kernel metric 256 >unreachable 3ffe:ffff::/32 dev lo metric 1024 error -101 >fe80::/64 dev p6p1 proto kernel metric 256 >fe80::/64 dev p7p1 proto kernel metric 256 >[root@dhcp12-166 ~]# >[root@dhcp12-166 ~]# ip -6 route del 2001:0db8:000f:0001::/64 >[root@dhcp12-166 ~]# >[root@dhcp12-166 ~]# ip -6 route show >unreachable ::/96 dev lo metric 1024 error -101 >unreachable ::ffff:0.0.0.0/96 dev lo metric 1024 error -101 >2001:db8:1:1::/64 dev p6p1 proto kernel metric 256 >unreachable 2002:a00::/24 dev lo metric 1024 error -101 >unreachable 2002:7f00::/24 dev lo metric 1024 error -101 >unreachable 2002:a9fe::/32 dev lo metric 1024 error -101 >unreachable 2002:ac10::/28 dev lo metric 1024 error -101 >unreachable 2002:c0a8::/32 dev lo metric 1024 error -101 >unreachable 2002:e000::/19 dev lo metric 1024 error -101 >3ffe:501:ffff:100::/64 dev p6p1 proto kernel metric 256 >unreachable 3ffe:ffff::/32 dev lo metric 1024 error -101 >fe80::/64 dev p6p1 proto kernel metric 256 >fe80::/64 dev p7p1 proto kernel metric 256 >[root@dhcp12-166 ~]# ></PRE> ></TD></TR> > ><TR VALIGN="TOP"><TD>16:39:23</TD> ><TD width="100%"> >kRemote(ifconfig.rmt) ``/usr/local/koi/bin/remotes/libreswan//ifconfig.rmt operation=delete ifconfig.address=2001:0db8:0001:0001::1234/64 ifconfig.address_family=inet6 ifconfig.interface=p6p1''<br> >kRemote()... /usr/local/koi/bin/remotes/libreswan//ifconfig.rmt operation=delete ifconfig.address=2001:0db8:0001:0001::1234/64 ifconfig.address_family=inet6 ifconfig.interface=p6p1 > ><PRE>DEBUG : start kRemoteLogin >Connected > >[root@dhcp12-166 ~]# >[root@dhcp12-166 ~]# ip addr >1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN > link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 > inet 127.0.0.1/8 scope host lo > valid_lft forever preferred_lft forever > inet6 ::1/128 scope host > valid_lft forever preferred_lft forever >2: p7p1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000 > link/ether 00:22:19:30:20:d5 brd ff:ff:ff:ff:ff:ff > inet 10.66.12.166/23 brd 10.66.13.255 scope global dynamic p7p1 > valid_lft 61180sec preferred_lft 61180sec > inet6 fe80::222:19ff:fe30:20d5/64 scope link > valid_lft forever preferred_lft forever >3: p6p1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc netem state UP qlen 1000 > link/ether 00:15:17:3c:c6:68 brd ff:ff:ff:ff:ff:ff > inet 192.168.0.10/24 brd 192.168.0.255 scope global p6p1 > valid_lft forever preferred_lft forever > inet6 2001:db8:1:1::1234/64 scope global > valid_lft forever preferred_lft forever > inet6 3ffe:501:ffff:100:215:17ff:fe3c:c668/64 scope global > valid_lft forever preferred_lft forever > inet6 fe80::215:17ff:fe3c:c668/64 scope link > valid_lft forever preferred_lft forever >4: p6p2: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000 > link/ether 00:15:17:3c:c6:69 brd ff:ff:ff:ff:ff:ff >[root@dhcp12-166 ~]# >[root@dhcp12-166 ~]# ip -f inet6 addr del 2001:0db8:0001:0001::1234/64 dev p6p1 >[root@dhcp12-166 ~]# >[root@dhcp12-166 ~]# ip addr >1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN > link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 > inet 127.0.0.1/8 scope host lo > valid_lft forever preferred_lft forever > inet6 ::1/128 scope host > valid_lft forever preferred_lft forever >2: p7p1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000 > link/ether 00:22:19:30:20:d5 brd ff:ff:ff:ff:ff:ff > inet 10.66.12.166/23 brd 10.66.13.255 scope global dynamic p7p1 > valid_lft 61175sec preferred_lft 61175sec > inet6 fe80::222:19ff:fe30:20d5/64 scope link > valid_lft forever preferred_lft forever >3: p6p1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc netem state UP qlen 1000 > link/ether 00:15:17:3c:c6:68 brd ff:ff:ff:ff:ff:ff > inet 192.168.0.10/24 brd 192.168.0.255 scope global p6p1 > valid_lft forever preferred_lft forever > inet6 3ffe:501:ffff:100:215:17ff:fe3c:c668/64 scope global > valid_lft forever preferred_lft forever > inet6 fe80::215:17ff:fe3c:c668/64 scope link > valid_lft forever preferred_lft forever >4: p6p2: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000 > link/ether 00:15:17:3c:c6:69 brd ff:ff:ff:ff:ff:ff >[root@dhcp12-166 ~]# ></PRE> ></TD></TR> > ><tr VALIGN="top"> ><td></td> ><td width="100%">cleaning up TN ...</td> ></tr> ><TR VALIGN="top"> ><TD>16:39:45</TD> ><TD width="100%"> >ikev2Local("/sbin/sysctl -w net.inet6.ip6.forwarding=0")<BR> ><PRE>net.inet6.ip6.forwarding: 1 -> 0 ></PRE></TD> ></TR><TR VALIGN="top"> ><TD>16:39:45</TD> ><TD width="100%"> >ikev2Local("/sbin/ifconfig -a")<BR> ><PRE>em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 > options=4219b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,TSO4,WOL_MAGIC,VLAN_HWTSO> > ether 00:23:ae:7a:6e:cc > inet6 fe80::223:aeff:fe7a:6ecc%em0 prefixlen 64 scopeid 0x1 > inet 10.66.13.78 netmask 0xfffffe00 broadcast 10.66.13.255 > nd6 options=3<PERFORMNUD,ACCEPT_RTADV> > media: Ethernet autoselect (1000baseT <full-duplex>) > status: active >em1: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500 > options=209b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC> > ether 00:1b:21:1c:58:fa > inet 192.168.0.20 netmask 0xffffff00 broadcast 192.168.0.255 > inet6 fe80::21b:21ff:fe1c:58fa%em1 prefixlen 64 scopeid 0xa > inet6 3ffe:501:ffff:100::20 prefixlen 64 > inet6 fe80::f%em1 prefixlen 64 scopeid 0xa > inet6 2001:db8:1:1::f prefixlen 64 > nd6 options=3<PERFORMNUD,ACCEPT_RTADV> > media: Ethernet autoselect (1000baseT <full-duplex>) > status: active >em2: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500 > options=209b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC> > ether 00:1b:21:1c:5d:d1 > inet6 fe80::21b:21ff:fe1c:5dd1%em2 prefixlen 64 scopeid 0xb > inet6 3ffe:501:ffff:101::20 prefixlen 64 > nd6 options=3<PERFORMNUD,ACCEPT_RTADV> > media: Ethernet autoselect > status: no carrier >plip0: flags=8810<POINTOPOINT,SIMPLEX,MULTICAST> metric 0 mtu 1500 >lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384 > options=3<RXCSUM,TXCSUM> > inet 127.0.0.1 netmask 0xff000000 > inet6 ::1 prefixlen 128 > inet6 fe80::1%lo0 prefixlen 64 scopeid 0xd > nd6 options=3<PERFORMNUD,ACCEPT_RTADV> >lo1: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384 > options=3<RXCSUM,TXCSUM> > inet6 2001:db8:f:1::1 prefixlen 64 > nd6 options=3<PERFORMNUD,ACCEPT_RTADV> ></PRE></TD> ></TR><TR VALIGN="top"> ><TD>16:39:45</TD> ><TD width="100%"> >ikev2Local("/sbin/ifconfig lo1 inet6 2001:0db8:000f:0001::1/64 delete")<BR> ><PRE></PRE></TD> ></TR><TR VALIGN="top"> ><TD>16:39:45</TD> ><TD width="100%"> >ikev2Local("/sbin/ifconfig lo1 down")<BR> ><PRE></PRE></TD> ></TR><TR VALIGN="top"> ><TD>16:39:45</TD> ><TD width="100%"> >ikev2Local("/sbin/ifconfig lo1 destroy")<BR> ><PRE></PRE></TD> ></TR><TR VALIGN="top"> ><TD>16:39:45</TD> ><TD width="100%"> >ikev2Local("/sbin/ifconfig em1 inet6 2001:0db8:0001:0001::f/64 delete")<BR> ><PRE></PRE></TD> ></TR><TR VALIGN="top"> ><TD>16:39:45</TD> ><TD width="100%"> >ikev2Local("/sbin/ifconfig em1 inet6 fe80::f%em1/64 delete")<BR> ><PRE></PRE></TD> ></TR><TR VALIGN="top"> ><TD>16:39:48</TD> ><TD width="100%"> >ikev2Local("/sbin/ifconfig -a")<BR> ><PRE>em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 > options=4219b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,TSO4,WOL_MAGIC,VLAN_HWTSO> > ether 00:23:ae:7a:6e:cc > inet6 fe80::223:aeff:fe7a:6ecc%em0 prefixlen 64 scopeid 0x1 > inet 10.66.13.78 netmask 0xfffffe00 broadcast 10.66.13.255 > nd6 options=3<PERFORMNUD,ACCEPT_RTADV> > media: Ethernet autoselect (1000baseT <full-duplex>) > status: active >em1: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500 > options=209b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC> > ether 00:1b:21:1c:58:fa > inet 192.168.0.20 netmask 0xffffff00 broadcast 192.168.0.255 > inet6 fe80::21b:21ff:fe1c:58fa%em1 prefixlen 64 scopeid 0xa > inet6 3ffe:501:ffff:100::20 prefixlen 64 > nd6 options=3<PERFORMNUD,ACCEPT_RTADV> > media: Ethernet autoselect (1000baseT <full-duplex>) > status: active >em2: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500 > options=209b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC> > ether 00:1b:21:1c:5d:d1 > inet6 fe80::21b:21ff:fe1c:5dd1%em2 prefixlen 64 scopeid 0xb > inet6 3ffe:501:ffff:101::20 prefixlen 64 > nd6 options=3<PERFORMNUD,ACCEPT_RTADV> > media: Ethernet autoselect > status: no carrier >plip0: flags=8810<POINTOPOINT,SIMPLEX,MULTICAST> metric 0 mtu 1500 >lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384 > options=3<RXCSUM,TXCSUM> > inet 127.0.0.1 netmask 0xff000000 > inet6 ::1 prefixlen 128 > inet6 fe80::1%lo0 prefixlen 64 scopeid 0xd > nd6 options=3<PERFORMNUD,ACCEPT_RTADV> ></PRE></TD> ></TR><tr VALIGN="top"> ><td></td> ><td width="100%">PASS</td> ></tr> ></TABLE> > ><HR><H1>Packet Reverse Log</H1> ><UL> ><A NAME="koiPacketDump1"></A><A HREF="#koiPacket1">packet #1 at 16:38:42</A> ><div id="koiPacketInfo1"> ><pre>IP Packet >| IP Header >| | Version = 6 >| | Source Address = 2001:db8:f:1::1 >| | Destination Address = 2001:db8:1:1::1234 >| UDP Header >| | Source Port = 500 >| | Destination Port = 500 >| Internet Security Association and Key Management Protocol Payload >| | IKE Header >| | | IKE_SA Initiator's SPI = 90c39f02b80d9ab0 >| | | IKE_SA Responder's SPI = 0000000000000000 >| | | Next Payload = 33 (SA) >| | | Major Version = 2 >| | | Minor Version = 0 >| | | Exchange Type = 34 (IKE_SA_INIT) >| | | Flags = 40 (0b00101000) >| | | | Reserved (XX000000) = 0 >| | | | Response (00R00000) = 1 >| | | | Version (000V0000) = 0 >| | | | Initiator (0000I000) = 1 >| | | | Reserved (00000XXX) = 0 >| | | Message ID = 0 (0x0) >| | | Length = 312 (0x138) >| | | SA Payload >| | | | Next Payload = 34 (KE) >| | | | Critical = 0 >| | | | Reserved = 0 >| | | | Payload Length = 44 (0x2c) >| | | | Proposal #1 >| | | | | Next Payload = 0 (last) >| | | | | RESERVED = 0 >| | | | | Proposal Length = 40 >| | | | | Proposal # = 1 >| | | | | Proposal ID = IKE >| | | | | SPI Size = 0 >| | | | | # of Transforms = 4 >| | | | | Transfrom >| | | | | | Next Payload = 3 (Transform) >| | | | | | RESERVED = 0 >| | | | | | Transform Length = 8 >| | | | | | Transform Type = 1 (ENCR) >| | | | | | RESERVED = 0 >| | | | | | Transform ID = 3 (3DES) >| | | | | Transfrom >| | | | | | Next Payload = 3 (Transform) >| | | | | | RESERVED = 0 >| | | | | | Transform Length = 8 >| | | | | | Transform Type = 2 (PRF) >| | | | | | RESERVED = 0 >| | | | | | Transform ID = 2 (HMAC_SHA1) >| | | | | Transfrom >| | | | | | Next Payload = 3 (Transform) >| | | | | | RESERVED = 0 >| | | | | | Transform Length = 8 >| | | | | | Transform Type = 3 (INTEG) >| | | | | | RESERVED = 0 >| | | | | | Transform ID = 2 (HMAC_SHA1_96) >| | | | | Transfrom >| | | | | | Next Payload = 0 (last) >| | | | | | RESERVED = 0 >| | | | | | Transform Length = 8 >| | | | | | Transform Type = 4 (D-H) >| | | | | | RESERVED = 0 >| | | | | | Transform ID = 2 (1024 MODP Group) >| | | KE Payload >| | | | Next Payload = 40 (Ni, Nr) >| | | | Critical = 0 >| | | | Reserved = 0 >| | | | Payload Length = 136 (0x88) >| | | | DH Group # = 2 >| | | | RESERVED = 0 >| | | | Key Exchange Data = 0xd33a287ea3dfe4480a4f19bd83cc3077ed70f520468c9029621ef8f9d7f2a760a51fd3fd1fd74d916549260784a48bd02ca9800ab25363d49326514c67f05b54152d680785182ca7e49a265c06b530902df378326987d5ac15ec5734f143a778c040e688453ff2c32854c6afd4fd0a5dc5e8f5cb2abbc528fbd9f574a67e07bd >| | | Ni, Nr Payload >| | | | Next Payload = 0 (0) >| | | | Critical = 0 >| | | | Reserved = 0 >| | | | Payload Length = 104 (0x68) >| | | | Nonce Data = aaccf2e0d5ce2621aa356f02dbe6c10e41004ca586109d010abd446cbe96ba3250144aac50fe8ee84b570bce0ae03bd87aa0e3db2ce028e0456616e8eb5ed3a9a010133312c66232057008ae3b45e62e002ef9676728a1fcc19ed4f771359479a633d855 ></pre> ></div> ><hr> > ><A NAME="koiPacketDump2"></A><A HREF="#koiPacket2">packet #2 at 16:38:42</A> ><div id="koiPacketInfo2"> ><pre>IP Packet >| IP Header >| | Version = 6 >| | Source Address = 2001:db8:1:1::1234 >| | Destination Address = 2001:db8:f:1::1 >| UDP Header >| | Source Port = 500 >| | Destination Port = 500 >| Internet Security Association and Key Management Protocol Payload >| | IKE Header >| | | IKE_SA Initiator's SPI = 90c39f02b80d9ab0 >| | | IKE_SA Responder's SPI = 4521278d22418e5e >| | | Next Payload = 33 (SA) >| | | Major Version = 2 >| | | Minor Version = 0 >| | | Exchange Type = 34 (IKE_SA_INIT) >| | | Flags = 32 (0b00100000) >| | | | Reserved (XX000000) = 0 >| | | | Response (00R00000) = 1 >| | | | Version (000V0000) = 0 >| | | | Initiator (0000I000) = 0 >| | | | Reserved (00000XXX) = 0 >| | | Message ID = 0 (0x0) >| | | Length = 228 (0xe4) >| | | SA Payload >| | | | Next Payload = 34 (KE) >| | | | Critical = 0 >| | | | Reserved = 0 >| | | | Payload Length = 44 (0x2c) >| | | | Proposal #1 >| | | | | Next Payload = 0 (last) >| | | | | RESERVED = 0 >| | | | | Proposal Length = 40 >| | | | | Proposal # = 1 >| | | | | Proposal ID = IKE >| | | | | SPI Size = 0 >| | | | | # of Transforms = 4 >| | | | | Transfrom >| | | | | | Next Payload = 3 (Transform) >| | | | | | RESERVED = 0 >| | | | | | Transform Length = 8 >| | | | | | Transform Type = 1 (ENCR) >| | | | | | RESERVED = 0 >| | | | | | Transform ID = 3 (3DES) >| | | | | Transfrom >| | | | | | Next Payload = 3 (Transform) >| | | | | | RESERVED = 0 >| | | | | | Transform Length = 8 >| | | | | | Transform Type = 3 (INTEG) >| | | | | | RESERVED = 0 >| | | | | | Transform ID = 2 (HMAC_SHA1_96) >| | | | | Transfrom >| | | | | | Next Payload = 3 (Transform) >| | | | | | RESERVED = 0 >| | | | | | Transform Length = 8 >| | | | | | Transform Type = 2 (PRF) >| | | | | | RESERVED = 0 >| | | | | | Transform ID = 2 (HMAC_SHA1) >| | | | | Transfrom >| | | | | | Next Payload = 0 (last) >| | | | | | RESERVED = 0 >| | | | | | Transform Length = 8 >| | | | | | Transform Type = 4 (D-H) >| | | | | | RESERVED = 0 >| | | | | | Transform ID = 2 (1024 MODP Group) >| | | KE Payload >| | | | Next Payload = 40 (Ni, Nr) >| | | | Critical = 0 >| | | | Reserved = 0 >| | | | Payload Length = 136 (0x88) >| | | | DH Group # = 2 >| | | | RESERVED = 0 >| | | | Key Exchange Data = 0xb93aac864765b623ec4e4f77a45f6b2f36bd8549f6e6b5e52b1e634a372239d9a3bd6514fe31440e28610c3e9bed5d9b9b4c3f3855097ccf485c9cc56b61cb8c2941a1bc77791a19f325a2cbdaf082c280fee27d36e4e14e96609637735907d138e257788b6006770022b77c71b630c5bd0a5b05f4042acb02619f814c804442 >| | | Ni, Nr Payload >| | | | Next Payload = 0 (0) >| | | | Critical = 0 >| | | | Reserved = 0 >| | | | Payload Length = 20 (0x14) >| | | | Nonce Data = 5273f7eeded10770c05ec05e83369157 ></pre> ></div> ><hr> > ></UL> > ></BODY> ></HTML> ><!-- 769d83646db645b8e17f802cce991282 --> ><!-- 84e63c846d86e78d0870a0e3c072703d -->
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN""http://www.w3c.org/TR/REC-html40/strict.dtd"> <HTML> <HEAD> <TITLE>IPv6 Conformance Test Report</TITLE> <META NAME="GENERATOR" CONTENT="TAHI IPv6 Conformance Test Kit"> <script type="text/javascript"> var packets = new Array(); var POP_ID_PREFIX = "pop"; var PACKET_INFO_PREFIX = "koiPacketInfo"; var COLOR_BG = "#ffdddd"; var WINDOW_HEIGHT = 300; var WINDOW_WIDTH = 300; var OFFSET_HEIGHT = 5; var OFFSET_WIDTH = 20; var IE = false; var FF = false; var NN4 = false; if (document.all) { IE = true; } else if (document.getElementById) { FF = true; } else if (document.layers) { NN4 = true; } function popup(id, event) { var header, footer, pos_x, pos_y, str; if (NN4) { return; } header = '<div style="'; // header += 'width:' + WINDOW_WIDTH + ';'; header += 'background-color:' + COLOR_BG + ';'; header += 'border-width:3pt;'; header += 'border-style:solid;'; header += 'border-color:' + COLOR_BG + ';'; //header += 'padding:0;' //header += 'margin:0;'; header += '">'; footer = '</div>'; str = header; str += '<pre style="line-height:90%">'; str += getPacket(id); str += '</pre>'; str += footer; key = POP_ID_PREFIX + id; if (IE) { pos_x = document.body.scrollLeft+event.clientX; pos_y = document.body.scrollTop+event.clientY; document.all(key).style.pixelLeft = pos_x+OFFSET_WIDTH; document.all(key).style.pixelTop = pos_y+OFFSET_HEIGHT; document.all(key).innerHTML = str; document.all(key).style.visibility = 'visible'; } else if (FF) { pos_x = event.pageX; pos_y = event.pageY; document.getElementById(key).style.left = pos_x+OFFSET_WIDTH + 'px'; document.getElementById(key).style.top = pos_y+OFFSET_HEIGHT + 'px'; document.getElementById(key).innerHTML = str; document.getElementById(key).style.visibility = 'visible'; } else if (NN4) { pos_x = event.pageX; pos_y = event.pageY; document.layers[key].moveTo(pos_x+OFFSET_WIDTH, pos_y+OFFSET_HEIGHT); document.layers[key].document.open(); document.layers[key].document.write(str); document.layers[key].document.close(); document.layers[key].visibility = 'show'; } } function popdown(id) { key = POP_ID_PREFIX + id; if (IE) { document.all(key).style.visibility = "hidden"; } else if (FF) { document.getElementById(key).style.visibility = "hidden"; } else if (NN4) { document.layers[key].visibility = "hidden"; } } function getPacket(id) { if (packets[id]) { return packets[id]; } var str = getInnerHTML(PACKET_INFO_PREFIX + id); str = trimTag(str, 'pre'); packets[id] = str; return str; } function getInnerHTML(id) { if (IE) { return document.all(id).innerHTML; } else if (FF) { return document.getElementById(id).innerHTML; } } function trimTag(str, tagName) { var index = str.indexOf('<' + tagName); index = str.indexOf('>', index + 1); var lastIndex = str.lastIndexOf('</' + tagName + '>'); lastIndex = (lastIndex < 0) ? str.length : lastIndex; return str.substring(index + 1, lastIndex); } </script> </HEAD> <BODY BGCOLOR="#F0F0F0"> <H1>Test Information</H1> <TABLE BORDER=1> <TR><TD>Title</TD><TD>Test IKEv2.EN.R.1.1.11.4: Response bit is set</TD></TR> <TR><TD>CommandLine</TD><TD>./2-EN-R/IKEv2-EN-R-1-1-11-4-A.seq -log 70.html -ti Test IKEv2.EN.R.1.1.11.4: Response bit is set</TD></TR> <TR><TD>Script</TD><TD><A HREF="./2-EN-R/IKEv2-EN-R-1-1-11-4-A.seq">./2-EN-R/IKEv2-EN-R-1-1-11-4-A.seq</A></TD></TR> <TR><TD>TestVersion</TD><TD>REL_1_1_1</TD></TR> <TR><TD>ToolVersion</TD><TD>REL_2_2_0</TD></TR> <TR><TD>Start</TD><TD>2014/01/10 16:37:02</TD></TR> <TR><TD>Tn</TD><TD>/usr/local/koi//etc//tn.def</TD></TR> <TR><TD>Nu</TD><TD>/usr/local/koi//etc//nut.def</TD></TR> </TABLE> <HR><H1>Test Sequence Execution Log</H1> <TABLE BORDER=1> <TR><TD>16:37:02</TD><TD>Start</TD></TR> <TR><TD><br></TD><TD> <FONT COLOR="#FF0000" SIZE="+1"><U><B>TEST SETUP</B></U></FONT><tr VALIGN="top"> <td></td> <td width="100%">initializing IKEv2 module ...</td> </tr> <tr VALIGN="top"> <td></td> <td width="100%">configuring Common Topology for End-Node: End-Node to End-Node ...</td> </tr> <tr VALIGN="top"> <td></td> <td width="100%">parsing ./config.pl ...</td> </tr> <tr VALIGN="top"> <td></td> <td width="100%"><TABLE BORDER><TR><TH BGCOLOR="#a8b5d8">key</TH><TH BGCOLOR="#a8b5d8">value</TH></TR><TR><TD>Link A prefix</TD><TD>2001:0db8:0001:0001</TD></TR><TR><TD>Link X prefix</TD><TD>2001:0db8:000f:0001</TD></TR><TR><TD>Link A link-local address (TR1)</TD><TD>fe80::f</TD></TR><TR><TD>Link A global address (NUT)</TD><TD>2001:0db8:0001:0001::1234</TD></TR><TR><TD>pre-shared key (TN)</TD><TD>IKETEST12345678!</TD></TR><TR><TD>pre-shared key (NUT)</TD><TD>IKETEST12345678!</TD></TR><TR><TD>IKE_SA Lifetime</TD><TD>64</TD></TR><TR><TD>CHILD_SA Lifetime</TD><TD>128</TD></TR><TR><TD>IKE_SA_INIT Request RetransTimer</TD><TD>16</TD></TR><TR><TD>IKE_AUTH Request RetransTimer</TD><TD>16</TD></TR><TR><TD>CREATE_CHILD_SA Request RetransTimer</TD><TD>16</TD></TR><TR><TD>INFORMATIONAL Request RetransTimer</TD><TD>16</TD></TR><TR><TD>Liveness Check Timer</TD><TD>32</TD></TR><TR><TD># of Half-Open IKE_SAs to contain N(COOKIE)</TD><TD>32</TD></TR></TABLE></td> </tr> <tr VALIGN="top"> <td></td> <td width="100%">setting up TN ...</td> </tr> <TR VALIGN="top"> <TD>16:37:03</TD> <TD width="100%"> ikev2Local("/sbin/sysctl -w net.inet6.ip6.forwarding=1")<BR> <PRE>net.inet6.ip6.forwarding: 0 -> 1 </PRE></TD> </TR><TR VALIGN="top"> <TD>16:37:03</TD> <TD width="100%"> ikev2Local("/sbin/ifconfig -a")<BR> <PRE>em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=4219b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,TSO4,WOL_MAGIC,VLAN_HWTSO> ether 00:23:ae:7a:6e:cc inet6 fe80::223:aeff:fe7a:6ecc%em0 prefixlen 64 scopeid 0x1 inet 10.66.13.78 netmask 0xfffffe00 broadcast 10.66.13.255 nd6 options=3<PERFORMNUD,ACCEPT_RTADV> media: Ethernet autoselect (1000baseT <full-duplex>) status: active em1: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=209b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC> ether 00:1b:21:1c:58:fa inet 192.168.0.20 netmask 0xffffff00 broadcast 192.168.0.255 inet6 fe80::21b:21ff:fe1c:58fa%em1 prefixlen 64 scopeid 0xa inet6 3ffe:501:ffff:100::20 prefixlen 64 nd6 options=3<PERFORMNUD,ACCEPT_RTADV> media: Ethernet autoselect (1000baseT <full-duplex>) status: active em2: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=209b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC> ether 00:1b:21:1c:5d:d1 inet6 fe80::21b:21ff:fe1c:5dd1%em2 prefixlen 64 scopeid 0xb inet6 3ffe:501:ffff:101::20 prefixlen 64 nd6 options=3<PERFORMNUD,ACCEPT_RTADV> media: Ethernet autoselect status: no carrier plip0: flags=8810<POINTOPOINT,SIMPLEX,MULTICAST> metric 0 mtu 1500 lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384 options=3<RXCSUM,TXCSUM> inet 127.0.0.1 netmask 0xff000000 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0xd nd6 options=3<PERFORMNUD,ACCEPT_RTADV> </PRE></TD> </TR><TR VALIGN="top"> <TD>16:37:03</TD> <TD width="100%"> ikev2Local("/sbin/ifconfig em1 inet6 fe80::f%em1/64")<BR> <PRE></PRE></TD> </TR><TR VALIGN="top"> <TD>16:37:03</TD> <TD width="100%"> ikev2Local("/sbin/ifconfig em1 inet6 2001:0db8:0001:0001::f/64")<BR> <PRE></PRE></TD> </TR><TR VALIGN="top"> <TD>16:37:03</TD> <TD width="100%"> ikev2Local("/sbin/ifconfig lo1 create")<BR> <PRE></PRE></TD> </TR><TR VALIGN="top"> <TD>16:37:03</TD> <TD width="100%"> ikev2Local("/sbin/ifconfig lo1 up")<BR> <PRE></PRE></TD> </TR><TR VALIGN="top"> <TD>16:37:03</TD> <TD width="100%"> ikev2Local("/sbin/ifconfig lo1 inet6 2001:0db8:000f:0001::1/64")<BR> <PRE></PRE></TD> </TR><TR VALIGN="top"> <TD>16:37:06</TD> <TD width="100%"> ikev2Local("/sbin/ifconfig -a")<BR> <PRE>em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=4219b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,TSO4,WOL_MAGIC,VLAN_HWTSO> ether 00:23:ae:7a:6e:cc inet6 fe80::223:aeff:fe7a:6ecc%em0 prefixlen 64 scopeid 0x1 inet 10.66.13.78 netmask 0xfffffe00 broadcast 10.66.13.255 nd6 options=3<PERFORMNUD,ACCEPT_RTADV> media: Ethernet autoselect (1000baseT <full-duplex>) status: active em1: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=209b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC> ether 00:1b:21:1c:58:fa inet 192.168.0.20 netmask 0xffffff00 broadcast 192.168.0.255 inet6 fe80::21b:21ff:fe1c:58fa%em1 prefixlen 64 scopeid 0xa inet6 3ffe:501:ffff:100::20 prefixlen 64 inet6 fe80::f%em1 prefixlen 64 scopeid 0xa inet6 2001:db8:1:1::f prefixlen 64 nd6 options=3<PERFORMNUD,ACCEPT_RTADV> media: Ethernet autoselect (1000baseT <full-duplex>) status: active em2: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=209b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC> ether 00:1b:21:1c:5d:d1 inet6 fe80::21b:21ff:fe1c:5dd1%em2 prefixlen 64 scopeid 0xb inet6 3ffe:501:ffff:101::20 prefixlen 64 nd6 options=3<PERFORMNUD,ACCEPT_RTADV> media: Ethernet autoselect status: no carrier plip0: flags=8810<POINTOPOINT,SIMPLEX,MULTICAST> metric 0 mtu 1500 lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384 options=3<RXCSUM,TXCSUM> inet 127.0.0.1 netmask 0xff000000 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0xd nd6 options=3<PERFORMNUD,ACCEPT_RTADV> lo1: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384 options=3<RXCSUM,TXCSUM> inet6 2001:db8:f:1::1 prefixlen 64 nd6 options=3<PERFORMNUD,ACCEPT_RTADV> </PRE></TD> </TR><TR VALIGN="top"> <TD>16:37:06</TD> <TD width="100%"> ikev2Local("/sbin/setkey -D")<BR> <PRE>No SAD entries. </PRE></TD> </TR><TR VALIGN="top"> <TD>16:37:06</TD> <TD width="100%"> ikev2Local("/sbin/setkey -F")<BR> <PRE></PRE></TD> </TR><TR VALIGN="top"> <TD>16:37:09</TD> <TD width="100%"> ikev2Local("/sbin/setkey -D")<BR> <PRE>No SAD entries. </PRE></TD> </TR><TR VALIGN="top"> <TD>16:37:09</TD> <TD width="100%"> ikev2Local("/sbin/setkey -DP")<BR> <PRE>No SPD entries. </PRE></TD> </TR><TR VALIGN="top"> <TD>16:37:09</TD> <TD width="100%"> ikev2Local("/sbin/setkey -FP")<BR> <PRE></PRE></TD> </TR><TR VALIGN="top"> <TD>16:37:12</TD> <TD width="100%"> ikev2Local("/sbin/setkey -DP")<BR> <PRE>No SPD entries. </PRE></TD> </TR><tr VALIGN="top"> <td></td> <td width="100%">setting up NUT ...</td> </tr> </TD> </TR> <TR VALIGN="TOP"><TD>16:37:12</TD> <TD width="100%"> kRemote(ifconfig.rmt) ``/usr/local/koi/bin/remotes/libreswan//ifconfig.rmt ifconfig.address=2001:0db8:0001:0001::1234/64 ifconfig.address_family=inet6 ifconfig.interface=p6p1''<br> kRemote()... /usr/local/koi/bin/remotes/libreswan//ifconfig.rmt ifconfig.address=2001:0db8:0001:0001::1234/64 ifconfig.address_family=inet6 ifconfig.interface=p6p1 <PRE>DEBUG : start kRemoteLogin Connected [root@dhcp12-166 ~]# [root@dhcp12-166 ~]# ip addr 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: p7p1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000 link/ether 00:22:19:30:20:d5 brd ff:ff:ff:ff:ff:ff inet 10.66.12.166/23 brd 10.66.13.255 scope global dynamic p7p1 valid_lft 61311sec preferred_lft 61311sec inet6 fe80::222:19ff:fe30:20d5/64 scope link valid_lft forever preferred_lft forever 3: p6p1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc netem state UP qlen 1000 link/ether 00:15:17:3c:c6:68 brd ff:ff:ff:ff:ff:ff inet 192.168.0.10/24 brd 192.168.0.255 scope global p6p1 valid_lft forever preferred_lft forever inet6 3ffe:501:ffff:100:215:17ff:fe3c:c668/64 scope global valid_lft forever preferred_lft forever inet6 fe80::215:17ff:fe3c:c668/64 scope link valid_lft forever preferred_lft forever 4: p6p2: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000 link/ether 00:15:17:3c:c6:69 brd ff:ff:ff:ff:ff:ff [root@dhcp12-166 ~]# [root@dhcp12-166 ~]# ip -f inet6 addr add 2001:0db8:0001:0001::1234/64 dev p6p1 [root@dhcp12-166 ~]# [root@dhcp12-166 ~]# ip addr 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: p7p1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000 link/ether 00:22:19:30:20:d5 brd ff:ff:ff:ff:ff:ff inet 10.66.12.166/23 brd 10.66.13.255 scope global dynamic p7p1 valid_lft 61307sec preferred_lft 61307sec inet6 fe80::222:19ff:fe30:20d5/64 scope link valid_lft forever preferred_lft forever 3: p6p1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc netem state UP qlen 1000 link/ether 00:15:17:3c:c6:68 brd ff:ff:ff:ff:ff:ff inet 192.168.0.10/24 brd 192.168.0.255 scope global p6p1 valid_lft forever preferred_lft forever inet6 2001:db8:1:1::1234/64 scope global tentative valid_lft forever preferred_lft forever inet6 3ffe:501:ffff:100:215:17ff:fe3c:c668/64 scope global valid_lft forever preferred_lft forever inet6 fe80::215:17ff:fe3c:c668/64 scope link valid_lft forever preferred_lft forever 4: p6p2: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000 link/ether 00:15:17:3c:c6:69 brd ff:ff:ff:ff:ff:ff [root@dhcp12-166 ~]# </PRE> </TD></TR> <TR VALIGN="TOP"><TD>16:37:34</TD> <TD width="100%"> kRemote(route.rmt) ``/usr/local/koi/bin/remotes/libreswan//route.rmt route.0.address_family=inet6 route.0.gateway=fe80::f%p6p1 route.0.interface=p6p1 route.0.network=2001:0db8:000f:0001::/64 route.num=1''<br> kRemote()... /usr/local/koi/bin/remotes/libreswan//route.rmt route.0.address_family=inet6 route.0.gateway=fe80::f%p6p1 route.0.interface=p6p1 route.0.network=2001:0db8:000f:0001::/64 route.num=1 <PRE>DEBUG : start kRemoteLogin Connected [root@dhcp12-166 ~]# [root@dhcp12-166 ~]# ip -6 route show unreachable ::/96 dev lo metric 1024 error -101 unreachable ::ffff:0.0.0.0/96 dev lo metric 1024 error -101 2001:db8:1:1::/64 dev p6p1 proto kernel metric 256 unreachable 2002:a00::/24 dev lo metric 1024 error -101 unreachable 2002:7f00::/24 dev lo metric 1024 error -101 unreachable 2002:a9fe::/32 dev lo metric 1024 error -101 unreachable 2002:ac10::/28 dev lo metric 1024 error -101 unreachable 2002:c0a8::/32 dev lo metric 1024 error -101 unreachable 2002:e000::/19 dev lo metric 1024 error -101 3ffe:501:ffff:100::/64 dev p6p1 proto kernel metric 256 unreachable 3ffe:ffff::/32 dev lo metric 1024 error -101 fe80::/64 dev p6p1 proto kernel metric 256 fe80::/64 dev p7p1 proto kernel metric 256 [root@dhcp12-166 ~]# [root@dhcp12-166 ~]# ip -6 route add 2001:0db8:000f:0001::/64 via fe80::f dev p6 p1 [root@dhcp12-166 ~]# sendMessagesSync: never got ip -6 route add 2001:0db8:000f:0001::/64 via fe80::f dev p6p1 [root@dhcp12-166 ~]# ip -6 route show unreachable ::/96 dev lo metric 1024 error -101 unreachable ::ffff:0.0.0.0/96 dev lo metric 1024 error -101 2001:db8:1:1::/64 dev p6p1 proto kernel metric 256 2001:db8:f:1::/64 via fe80::f dev p6p1 metric 1024 unreachable 2002:a00::/24 dev lo metric 1024 error -101 unreachable 2002:7f00::/24 dev lo metric 1024 error -101 unreachable 2002:a9fe::/32 dev lo metric 1024 error -101 unreachable 2002:ac10::/28 dev lo metric 1024 error -101 unreachable 2002:c0a8::/32 dev lo metric 1024 error -101 unreachable 2002:e000::/19 dev lo metric 1024 error -101 3ffe:501:ffff:100::/64 dev p6p1 proto kernel metric 256 unreachable 3ffe:ffff::/32 dev lo metric 1024 error -101 fe80::/64 dev p6p1 proto kernel metric 256 fe80::/64 dev p7p1 proto kernel metric 256 [root@dhcp12-166 ~]# </PRE> </TD></TR> <TR VALIGN="TOP"><TD>16:37:58</TD> <TD width="100%"> kRemote(ikev2.rmt) ``/usr/local/koi/bin/remotes/libreswan//ikev2.rmt operation=stop''<br> kRemote()... /usr/local/koi/bin/remotes/libreswan//ikev2.rmt operation=stop <PRE>DEBUG : start kRemoteLogin Connected [root@dhcp12-166 ~]# [root@dhcp12-166 ~]# ipsec setup stop Redirecting to: systemctl stop ipsec.service [root@dhcp12-166 ~]# [root@dhcp12-166 ~]# ip xfrm state list [root@dhcp12-166 ~]# [root@dhcp12-166 ~]# ip xfrm policy list [root@dhcp12-166 ~]# </PRE> </TD></TR> <TR VALIGN="TOP"><TD>16:38:18</TD> <TD width="100%"> kRemote(ikev2.rmt) ``/usr/local/koi/bin/remotes/libreswan//ikev2.rmt ikev2.addresspool.0.eaddr= ikev2.addresspool.0.saddr= ikev2.addresspool.num=1 ikev2.interface.ike.0.address=2001:0db8:0001:0001::1234 ikev2.interface.ike.0.port=500 ikev2.interface.ike.num=1 ikev2.ipsec.0.ext_sequence=off ikev2.ipsec.0.ipsec_index=common_ipsec_index ikev2.ipsec.0.ipsec_sa_lifetime_time=128 ikev2.ipsec.0.sa_index.0=common_sa_index ikev2.ipsec.0.sa_index.num=1 ikev2.ipsec.num=1 ikev2.policy.0.ipsec_index.0=common_ipsec_index ikev2.policy.0.ipsec_index.num=1 ikev2.policy.0.ipsec_mode=transport ikev2.policy.0.policy_index=common_policy_index ikev2.policy.0.remote_index=common_remote_index ikev2.policy.num=1 ikev2.remote.0.ikev2.initial_contact.initial_contact=off ikev2.remote.0.ikev2.kmp_auth_method.0=psk ikev2.remote.0.ikev2.kmp_auth_method.num=1 ikev2.remote.0.ikev2.kmp_dh_group.0=modp1024 ikev2.remote.0.ikev2.kmp_dh_group.num=1 ikev2.remote.0.ikev2.kmp_enc_alg.0=3des_cbc ikev2.remote.0.ikev2.kmp_enc_alg.num=1 ikev2.remote.0.ikev2.kmp_hash_alg.0=hmac_sha1 ikev2.remote.0.ikev2.kmp_hash_alg.num=1 ikev2.remote.0.ikev2.kmp_prf_alg.0=hmac_sha1 ikev2.remote.0.ikev2.kmp_prf_alg.num=1 ikev2.remote.0.ikev2.kmp_sa_lifetime_time=64 ikev2.remote.0.ikev2.my_id.fqdn.num=0 ikev2.remote.0.ikev2.my_id.ipaddr.0=2001:0db8:0001:0001::1234 ikev2.remote.0.ikev2.my_id.ipaddr.num=1 ikev2.remote.0.ikev2.my_id.keyid.num=0 ikev2.remote.0.ikev2.my_id.rfc822addr.num=0 ikev2.remote.0.ikev2.need_pfs=off ikev2.remote.0.ikev2.peers_id.fqdn.num=0 ikev2.remote.0.ikev2.peers_id.ipaddr.0=2001:0db8:000f:0001::1 ikev2.remote.0.ikev2.peers_id.ipaddr.num=1 ikev2.remote.0.ikev2.peers_id.keyid.num=0 ikev2.remote.0.ikev2.peers_id.rfc822addr.num=0 ikev2.remote.0.ikev2.peers_ipaddr.address=2001:0db8:000f:0001::1 ikev2.remote.0.ikev2.peers_ipaddr.port=500 ikev2.remote.0.ikev2.pre_shared_key.local=IKETEST12345678! ikev2.remote.0.ikev2.pre_shared_key.remote=IKETEST12345678! ikev2.remote.0.ikev2.send_cert_req.send_cert_req=on ikev2.remote.0.remote_index=common_remote_index ikev2.remote.num=1 ikev2.sa.0.esp_auth_alg.0=hmac_sha1 ikev2.sa.0.esp_auth_alg.num=1 ikev2.sa.0.esp_enc_alg.0=3des_cbc ikev2.sa.0.esp_enc_alg.num=1 ikev2.sa.0.sa_index=common_sa_index ikev2.sa.0.sa_protocol=esp ikev2.sa.num=1 ikev2.selector.0.direction=outbound ikev2.selector.0.dst.address=2001:0db8:000f:0001::1 ikev2.selector.0.dst.address_family=inet6 ikev2.selector.0.policy_index=common_policy_index ikev2.selector.0.selector_index=common_selector_index_outbound ikev2.selector.0.src.address=2001:0db8:0001:0001::1234 ikev2.selector.0.src.address_family=inet6 ikev2.selector.0.upper_layer_protocol.protocol=any ikev2.selector.1.direction=inbound ikev2.selector.1.dst.address=2001:0db8:0001:0001::1234 ikev2.selector.1.dst.address_family=inet6 ikev2.selector.1.policy_index=common_policy_index ikev2.selector.1.selector_index=common_selector_index_inbound ikev2.selector.1.src.address=2001:0db8:000f:0001::1 ikev2.selector.1.src.address_family=inet6 ikev2.selector.1.upper_layer_protocol.protocol=any ikev2.selector.num=2''<br> kRemote()... /usr/local/koi/bin/remotes/libreswan//ikev2.rmt ikev2.addresspool.0.eaddr= ikev2.addresspool.0.saddr= ikev2.addresspool.num=1 ikev2.interface.ike.0.address=2001:0db8:0001:0001::1234 ikev2.interface.ike.0.port=500 ikev2.interface.ike.num=1 ikev2.ipsec.0.ext_sequence=off ikev2.ipsec.0.ipsec_index=common_ipsec_index ikev2.ipsec.0.ipsec_sa_lifetime_time=128 ikev2.ipsec.0.sa_index.0=common_sa_index ikev2.ipsec.0.sa_index.num=1 ikev2.ipsec.num=1 ikev2.policy.0.ipsec_index.0=common_ipsec_index ikev2.policy.0.ipsec_index.num=1 ikev2.policy.0.ipsec_mode=transport ikev2.policy.0.policy_index=common_policy_index ikev2.policy.0.remote_index=common_remote_index ikev2.policy.num=1 ikev2.remote.0.ikev2.initial_contact.initial_contact=off ikev2.remote.0.ikev2.kmp_auth_method.0=psk ikev2.remote.0.ikev2.kmp_auth_method.num=1 ikev2.remote.0.ikev2.kmp_dh_group.0=modp1024 ikev2.remote.0.ikev2.kmp_dh_group.num=1 ikev2.remote.0.ikev2.kmp_enc_alg.0=3des_cbc ikev2.remote.0.ikev2.kmp_enc_alg.num=1 ikev2.remote.0.ikev2.kmp_hash_alg.0=hmac_sha1 ikev2.remote.0.ikev2.kmp_hash_alg.num=1 ikev2.remote.0.ikev2.kmp_prf_alg.0=hmac_sha1 ikev2.remote.0.ikev2.kmp_prf_alg.num=1 ikev2.remote.0.ikev2.kmp_sa_lifetime_time=64 ikev2.remote.0.ikev2.my_id.fqdn.num=0 ikev2.remote.0.ikev2.my_id.ipaddr.0=2001:0db8:0001:0001::1234 ikev2.remote.0.ikev2.my_id.ipaddr.num=1 ikev2.remote.0.ikev2.my_id.keyid.num=0 ikev2.remote.0.ikev2.my_id.rfc822addr.num=0 ikev2.remote.0.ikev2.need_pfs=off ikev2.remote.0.ikev2.peers_id.fqdn.num=0 ikev2.remote.0.ikev2.peers_id.ipaddr.0=2001:0db8:000f:0001::1 ikev2.remote.0.ikev2.peers_id.ipaddr.num=1 ikev2.remote.0.ikev2.peers_id.keyid.num=0 ikev2.remote.0.ikev2.peers_id.rfc822addr.num=0 ikev2.remote.0.ikev2.peers_ipaddr.address=2001:0db8:000f:0001::1 ikev2.remote.0.ikev2.peers_ipaddr.port=500 ikev2.remote.0.ikev2.pre_shared_key.local=IKETEST12345678! ikev2.remote.0.ikev2.pre_shared_key.remote=IKETEST12345678! ikev2.remote.0.ikev2.send_cert_req.send_cert_req=on ikev2.remote.0.remote_index=common_remote_index ikev2.remote.num=1 ikev2.sa.0.esp_auth_alg.0=hmac_sha1 ikev2.sa.0.esp_auth_alg.num=1 ikev2.sa.0.esp_enc_alg.0=3des_cbc ikev2.sa.0.esp_enc_alg.num=1 ikev2.sa.0.sa_index=common_sa_index ikev2.sa.0.sa_protocol=esp ikev2.sa.num=1 ikev2.selector.0.direction=outbound ikev2.selector.0.dst.address=2001:0db8:000f:0001::1 ikev2.selector.0.dst.address_family=inet6 ikev2.selector.0.policy_index=common_policy_index ikev2.selector.0.selector_index=common_selector_index_outbound ikev2.selector.0.src.address=2001:0db8:0001:0001::1234 ikev2.selector.0.src.address_family=inet6 ikev2.selector.0.upper_layer_protocol.protocol=any ikev2.selector.1.direction=inbound ikev2.selector.1.dst.address=2001:0db8:0001:0001::1234 ikev2.selector.1.dst.address_family=inet6 ikev2.selector.1.policy_index=common_policy_index ikev2.selector.1.selector_index=common_selector_index_inbound ikev2.selector.1.src.address=2001:0db8:000f:0001::1 ikev2.selector.1.src.address_family=inet6 ikev2.selector.1.upper_layer_protocol.protocol=any ikev2.selector.num=2 <PRE>DEBUG : start kRemoteLogin Connected [root@dhcp12-166 ~]# [root@dhcp12-166 ~]# cat > /etc/ipsec.secrets << EOF > 2001:0db8:000f:0001::1 2001:0db8:0001:0001::1234 : PSK 'IKETEST12345678!' > EOF [root@dhcp12-166 ~]# cat -n /etc/ipsec.secrets 1 2001:0db8:000f:0001::1 2001:0db8:0001:0001::1234 : PSK 'IKETEST12345678!' [root@dhcp12-166 ~]# [root@dhcp12-166 ~]# cat -n /etc/ipsec.secrets 1 2001:0db8:000f:0001::1 2001:0db8:0001:0001::1234 : PSK 'IKETEST12345678!' [root@dhcp12-166 ~]# [root@dhcp12-166 ~]# chown root:wheel /etc/ipsec.secrets [root@dhcp12-166 ~]# [root@dhcp12-166 ~]# chmod 0600 /etc/ipsec.secrets [root@dhcp12-166 ~]# [root@dhcp12-166 ~]# ls -l /etc/ipsec.secrets -rw------- 1 root wheel 74 Jan 11 00:26 /etc/ipsec.secrets [root@dhcp12-166 ~]# [root@dhcp12-166 ~]# cat > /etc/ipsec.conf << EOF > config setup > protostack=netkey > nat_traversal=yes > plutostderrlog="/tmp/pluto.log" > conn ikev2 > left=2001:0db8:0001:0001::1234 > right=2001:0db8:000f:0001::1 > leftid=2001:0db8:0001:0001::1234 > rightid=2001:0db8:000f:0001::1 > type=transport > auto=start > connaddrfamily=ipv6 > authby=secret > phase2=esp > ike=3des-sha1;modp1024 > ikev2=insist > EOF [root@dhcp12-166 ~]# cat -n /etc/ipsec.conf 1 config setup 2 protostack=netkey 3 nat_traversal=yes 4 plutostderrlog="/tmp/pluto.log" 5 conn ikev2 6 left=2001:0db8:0001:0001::1234 7 right=2001:0db8:000f:0001::1 8 leftid=2001:0db8:0001:0001::1234 9 rightid=2001:0db8:000f:0001::1 10 type=transport 11 auto=start 12 connaddrfamily=ipv6 13 authby=secret 14 phase2=esp 15 ike=3des-sha1;modp1024 16 ikev2=insist [root@dhcp12-166 ~]# [root@dhcp12-166 ~]# chown root:wheel /etc/ipsec.conf [root@dhcp12-166 ~]# [root@dhcp12-166 ~]# chmod 0600 /etc/ipsec.conf [root@dhcp12-166 ~]# [root@dhcp12-166 ~]# ls -l /etc/ipsec.conf -rw------- 1 root wheel 435 Jan 11 00:26 /etc/ipsec.conf [root@dhcp12-166 ~]# [root@dhcp12-166 ~]# ipsec setup start Redirecting to: systemctl start ipsec.service [root@dhcp12-166 ~]# [root@dhcp12-166 ~]# ip xfrm state list [root@dhcp12-166 ~]# [root@dhcp12-166 ~]# ip xfrm policy list src ::/0 dst ::/0 socket out priority 0 ptype main src ::/0 dst ::/0 socket in priority 0 ptype main src ::/0 dst ::/0 socket out priority 0 ptype main src ::/0 dst ::/0 socket in priority 0 ptype main src ::/0 dst ::/0 socket out priority 0 ptype main src ::/0 dst ::/0 socket in priority 0 ptype main src 0.0.0.0/0 dst 0.0.0.0/0 socket out priority 0 ptype main src 0.0.0.0/0 dst 0.0.0.0/0 socket in priority 0 ptype main src 0.0.0.0/0 dst 0.0.0.0/0 socket out priority 0 ptype main src 0.0.0.0/0 dst 0.0.0.0/0 socket in priority 0 ptype main src 0.0.0.0/0 dst 0.0.0.0/0 socket out priority 0 ptype main src 0.0.0.0/0 dst 0.0.0.0/0 socket in priority 0 ptype main src 0.0.0.0/0 dst 0.0.0.0/0 socket out priority 0 ptype main src 0.0.0.0/0 dst 0.0.0.0/0 socket in priority 0 ptype main src 0.0.0.0/0 dst 0.0.0.0/0 socket out priority 0 ptype main src 0.0.0.0/0 dst 0.0.0.0/0 socket in priority 0 ptype main src 0.0.0.0/0 dst 0.0.0.0/0 socket out priority 0 ptype main src 0.0.0.0/0 dst 0.0.0.0/0 socket in priority 0 ptype main [root@dhcp12-166 ~]# </PRE> </TD></TR> <TR><TD><br></TD><TD> <FONT COLOR="#FF0000" SIZE="+1"><U><B>TEST PROCEDURE</B></U></FONT><PRE> (R) (I) NUT TN1 | | |<--------------| IKE_SA_INIT request (HDR, SAi1, KEi, Ni) | | V V</PRE><TR VALIGN="TOP"> <TD>16:38:42</TD><TD> Clear Buffer<BR> done<BR> </TD> </TR> <TR VALIGN="TOP"> <TD>16:38:42</TD><TD> Connect<br> SrcAddr:2001:0db8:000f:0001::1 SrcPort:500<br> DstAddr:2001:0db8:0001:0001::1234 DstPort:500<br> done<br> connected to SocketID:3<br> sent to SocketID:3<br> <A NAME="koiPacket1"></A> <A HREF="#koiPacketDump1" onmouseover="popup(1,event);"onmouseout="popdown(1);">send packet #1</A> <div id="pop1" style="position:absolute; visibility:hidden;"></div> <BR> </TD> </TR> <TR><TD><br></TD><TD> <PRE> (R) (I) NUT TN1 | | |-------------->| IKE_SA_INIT response (HDR, SAr1, KEr, Nr) | | V V</PRE><TR VALIGN="TOP"> <TD>16:38:42</TD><TD> Receive<BR> SrcAddr:2001:db8:1:1::1234 SrcPort:500<br> DstAddr:2001:db8:f:1::1 DstPort:500<br> done<BR> received from SocketID:3<br> <A NAME="koiPacket2"></A> <A HREF="#koiPacketDump2" onmouseover="popup(2,event);"onmouseout="popdown(2);">receive packet #2</A> <div id="pop2" style="position:absolute; visibility:hidden;"></div> <BR> </TD> </TR> <tr VALIGN="top"> <td></td> <td width="100%">Compare the received packet with packets('common_remote_index')</td> </tr> <TR VALIGN="top"> <TD></TD><TD><B>Payload Order (HDR, SA(P(T, T, T, T)), KE, Ni, Nr)</B></TD></TR><tr VALIGN="top"> <td></td> <td width="100%"><pre> <b>IKE Header</b> <font color='#ff0000'><b>NG</b></font> initSPI: (received: 90c39f02b80d9ab0, expected: 0000000000000000, comp: eq) <b>OK</b> respSPI: (received: 4521278d22418e5e, expected: 0000000000000000, comp: ne) <b>OK</b> nexttype: (received: SA, expected: SA, comp: eq) <b>OK</b> major: (received: 2, expected: 2, comp: eq) <b>OK</b> minor: (received: 0, expected: 0, comp: eq) <b>OK</b> exchType: (received: IKE_SA_INIT, expected: IKE_SA_INIT, comp: eq) <b>OK</b> reserved1: (received: 0, expected: 0, comp: eq) <b>OK</b> initiator: (received: 0, expected: 0, comp: eq) <b>OK</b> higher: (received: 0, expected: 0, comp: eq) <b>OK</b> response: (received: 1, expected: 1, comp: eq) <b>OK</b> reserved2: (received: 0, expected: 0, comp: eq) <b>OK</b> messID: (received: 0, expected: 0, comp: eq) <b>OK</b> length: (received: 228, expected: any, comp: already checked) </pre></td> </tr> <tr VALIGN="top"> <td></td> <td width="100%"><pre> <b>Security Association Payload</b> <b>OK</b> nexttype: (received: KE, expected: any, comp: already checked) <b>OK</b> critical: (received: 0, expected: 0, comp: eq) <b>OK</b> reserved: (received: 0, expected: 0, comp: eq) <b>OK</b> length: (received: 44, expected: any, comp: already checked) </pre></td> </tr> <tr VALIGN="top"> <td></td> <td width="100%"><pre> <b>SA Proposal Comparison</b> <b>OK</b> ENCR: (received:ENCR_3DES, expected:ENCR_3DES) <b>OK</b> PRF: (received:PRF_HMAC_SHA1, expected:PRF_HMAC_SHA1) <b>OK</b> INTEG: (received:INTEG_HMAC_SHA1_96, expected:INTEG_HMAC_SHA1_96) <b>OK</b> D-H: (received:D-H_1024 MODP Group, expected:D-H_1024 MODP Group) <b>OK</b> ESN: (received:, expected:) </pre></td> </tr> <tr VALIGN="top"> <td></td> <td width="100%"><pre> <b>Proposal Substructure</b> <b>OK</b> nexttype: (received: 0, expected: any, comp: already checked) <b>OK</b> reserved: (received: 0, expected: 0, comp: eq) <b>OK</b> proposalLen: (received: 40, expected: any, comp: already checked) <b>OK</b> number: (received: 1, expected: 1, comp: eq) <b>OK</b> id: (received: IKE, expected: IKE, comp: eq) <b>OK</b> spiSize: (received: 0, expected: 0, comp: eq) <b>OK</b> transformCount: (received: 4, expected: 4, comp: eq) <b>OK</b> spi: (received: , expected: , comp: eq) </pre></td> </tr> <tr VALIGN="top"> <td></td> <td width="100%"><pre> <b>Transform Substructure</b> <b>OK</b> nexttype: (received: 3, expected: any, comp: already checked) <b>OK</b> reserved1: (received: 0, expected: 0, comp: eq) <b>OK</b> transformLen: (received: 8, expected: any, comp: already checked) <b>OK</b> type: (received: ENCR, expected: ENCR, comp: eq) <b>OK</b> reserved2: (received: 0, expected: 0, comp: eq) <b>OK</b> id: (received: 3DES, expected: 3DES, comp: eq) </pre></td> </tr> <tr VALIGN="top"> <td></td> <td width="100%"><pre> <b>Transform Substructure</b> <b>OK</b> nexttype: (received: 3, expected: any, comp: already checked) <b>OK</b> reserved1: (received: 0, expected: 0, comp: eq) <b>OK</b> transformLen: (received: 8, expected: any, comp: already checked) <b>OK</b> type: (received: PRF, expected: PRF, comp: eq) <b>OK</b> reserved2: (received: 0, expected: 0, comp: eq) <b>OK</b> id: (received: HMAC_SHA1, expected: HMAC_SHA1, comp: eq) </pre></td> </tr> <tr VALIGN="top"> <td></td> <td width="100%"><pre> <b>Transform Substructure</b> <b>OK</b> nexttype: (received: 3, expected: any, comp: already checked) <b>OK</b> reserved1: (received: 0, expected: 0, comp: eq) <b>OK</b> transformLen: (received: 8, expected: any, comp: already checked) <b>OK</b> type: (received: INTEG, expected: INTEG, comp: eq) <b>OK</b> reserved2: (received: 0, expected: 0, comp: eq) <b>OK</b> id: (received: HMAC_SHA1_96, expected: HMAC_SHA1_96, comp: eq) </pre></td> </tr> <tr VALIGN="top"> <td></td> <td width="100%"><pre> <b>Transform Substructure</b> <b>OK</b> nexttype: (received: 0, expected: any, comp: already checked) <b>OK</b> reserved1: (received: 0, expected: 0, comp: eq) <b>OK</b> transformLen: (received: 8, expected: any, comp: already checked) <b>OK</b> type: (received: D-H, expected: D-H, comp: eq) <b>OK</b> reserved2: (received: 0, expected: 0, comp: eq) <b>OK</b> id: (received: 1024 MODP Group, expected: 1024 MODP Group, comp: eq) </pre></td> </tr> <tr VALIGN="top"> <td></td> <td width="100%"><pre> <b>Key Exchange Payload</b> <b>OK</b> nexttype: (received: Ni, Nr, expected: any, comp: already checked) <b>OK</b> critical: (received: 0, expected: 0, comp: eq) <b>OK</b> reserved: (received: 0, expected: 0, comp: eq) <b>OK</b> length: (received: 136, expected: any, comp: already checked) <b>OK</b> group: (received: 2, expected: 2, comp: eq) <b>OK</b> reserved1: (received: 0, expected: 0, comp: eq) <b>OK</b> publicKey: (received: 130072364162185196983434191432924059246078481237816125383063116748728378821455661384145605321581415676508963722131996327742215909472796316744785727115058275676451593067721502883658727817804140584847962784655261110101341924542583392451553196596614910823109820451042671870888513856439057253451198987731894027330, expected: any, comp: any) </pre></td> </tr> <tr VALIGN="top"> <td></td> <td width="100%"><pre> <b>Nonce Payload</b> <b>OK</b> nexttype: (received: 0, expected: any, comp: already checked) <b>OK</b> critical: (received: 0, expected: 0, comp: eq) <b>OK</b> reserved: (received: 0, expected: 0, comp: eq) <b>OK</b> length: (received: 20, expected: (20, 260), comp: range) <b>OK</b> nonce: (received: 109598838473527759926000755568031469911, expected: any, comp: any) </pre></td> </tr> <tr VALIGN="top"> <td></td> <td width="100%"><b>Not match with packet('common_remote_index')</b></td> </tr> <tr VALIGN="top"> <td></td> <td width="100%"><FONT COLOR="#FF0000" SIZE="+1"><U><B>TEST CLEANUP</B></U></FONT></td> </tr> <tr VALIGN="top"> <td></td> <td width="100%">cleaning up NUT ...</td> </tr> <TR VALIGN="TOP"><TD>16:38:42</TD> <TD width="100%"> kRemote(ikev2.rmt) ``/usr/local/koi/bin/remotes/libreswan//ikev2.rmt operation=stop''<br> kRemote()... /usr/local/koi/bin/remotes/libreswan//ikev2.rmt operation=stop <PRE>DEBUG : start kRemoteLogin Connected [root@dhcp12-166 ~]# [root@dhcp12-166 ~]# ipsec setup stop Redirecting to: systemctl stop ipsec.service [root@dhcp12-166 ~]# [root@dhcp12-166 ~]# ip xfrm state list [root@dhcp12-166 ~]# [root@dhcp12-166 ~]# ip xfrm policy list [root@dhcp12-166 ~]# </PRE> </TD></TR> <TR VALIGN="TOP"><TD>16:39:02</TD> <TD width="100%"> kRemote(route.rmt) ``/usr/local/koi/bin/remotes/libreswan//route.rmt operation=delete route.0.address_family=inet6 route.0.gateway=fe80::f%p6p1 route.0.interface=p6p1 route.0.network=2001:0db8:000f:0001::/64 route.num=1''<br> kRemote()... /usr/local/koi/bin/remotes/libreswan//route.rmt operation=delete route.0.address_family=inet6 route.0.gateway=fe80::f%p6p1 route.0.interface=p6p1 route.0.network=2001:0db8:000f:0001::/64 route.num=1 <PRE>DEBUG : start kRemoteLogin Connected [root@dhcp12-166 ~]# [root@dhcp12-166 ~]# ip -6 route show unreachable ::/96 dev lo metric 1024 error -101 unreachable ::ffff:0.0.0.0/96 dev lo metric 1024 error -101 2001:db8:1:1::/64 dev p6p1 proto kernel metric 256 2001:db8:f:1::1 via fe80::f dev p6p1 metric 0 cache 2001:db8:f:1::/64 via fe80::f dev p6p1 metric 1024 unreachable 2002:a00::/24 dev lo metric 1024 error -101 unreachable 2002:7f00::/24 dev lo metric 1024 error -101 unreachable 2002:a9fe::/32 dev lo metric 1024 error -101 unreachable 2002:ac10::/28 dev lo metric 1024 error -101 unreachable 2002:c0a8::/32 dev lo metric 1024 error -101 unreachable 2002:e000::/19 dev lo metric 1024 error -101 3ffe:501:ffff:100::/64 dev p6p1 proto kernel metric 256 unreachable 3ffe:ffff::/32 dev lo metric 1024 error -101 fe80::/64 dev p6p1 proto kernel metric 256 fe80::/64 dev p7p1 proto kernel metric 256 [root@dhcp12-166 ~]# [root@dhcp12-166 ~]# ip -6 route del 2001:0db8:000f:0001::/64 [root@dhcp12-166 ~]# [root@dhcp12-166 ~]# ip -6 route show unreachable ::/96 dev lo metric 1024 error -101 unreachable ::ffff:0.0.0.0/96 dev lo metric 1024 error -101 2001:db8:1:1::/64 dev p6p1 proto kernel metric 256 unreachable 2002:a00::/24 dev lo metric 1024 error -101 unreachable 2002:7f00::/24 dev lo metric 1024 error -101 unreachable 2002:a9fe::/32 dev lo metric 1024 error -101 unreachable 2002:ac10::/28 dev lo metric 1024 error -101 unreachable 2002:c0a8::/32 dev lo metric 1024 error -101 unreachable 2002:e000::/19 dev lo metric 1024 error -101 3ffe:501:ffff:100::/64 dev p6p1 proto kernel metric 256 unreachable 3ffe:ffff::/32 dev lo metric 1024 error -101 fe80::/64 dev p6p1 proto kernel metric 256 fe80::/64 dev p7p1 proto kernel metric 256 [root@dhcp12-166 ~]# </PRE> </TD></TR> <TR VALIGN="TOP"><TD>16:39:23</TD> <TD width="100%"> kRemote(ifconfig.rmt) ``/usr/local/koi/bin/remotes/libreswan//ifconfig.rmt operation=delete ifconfig.address=2001:0db8:0001:0001::1234/64 ifconfig.address_family=inet6 ifconfig.interface=p6p1''<br> kRemote()... /usr/local/koi/bin/remotes/libreswan//ifconfig.rmt operation=delete ifconfig.address=2001:0db8:0001:0001::1234/64 ifconfig.address_family=inet6 ifconfig.interface=p6p1 <PRE>DEBUG : start kRemoteLogin Connected [root@dhcp12-166 ~]# [root@dhcp12-166 ~]# ip addr 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: p7p1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000 link/ether 00:22:19:30:20:d5 brd ff:ff:ff:ff:ff:ff inet 10.66.12.166/23 brd 10.66.13.255 scope global dynamic p7p1 valid_lft 61180sec preferred_lft 61180sec inet6 fe80::222:19ff:fe30:20d5/64 scope link valid_lft forever preferred_lft forever 3: p6p1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc netem state UP qlen 1000 link/ether 00:15:17:3c:c6:68 brd ff:ff:ff:ff:ff:ff inet 192.168.0.10/24 brd 192.168.0.255 scope global p6p1 valid_lft forever preferred_lft forever inet6 2001:db8:1:1::1234/64 scope global valid_lft forever preferred_lft forever inet6 3ffe:501:ffff:100:215:17ff:fe3c:c668/64 scope global valid_lft forever preferred_lft forever inet6 fe80::215:17ff:fe3c:c668/64 scope link valid_lft forever preferred_lft forever 4: p6p2: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000 link/ether 00:15:17:3c:c6:69 brd ff:ff:ff:ff:ff:ff [root@dhcp12-166 ~]# [root@dhcp12-166 ~]# ip -f inet6 addr del 2001:0db8:0001:0001::1234/64 dev p6p1 [root@dhcp12-166 ~]# [root@dhcp12-166 ~]# ip addr 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: p7p1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000 link/ether 00:22:19:30:20:d5 brd ff:ff:ff:ff:ff:ff inet 10.66.12.166/23 brd 10.66.13.255 scope global dynamic p7p1 valid_lft 61175sec preferred_lft 61175sec inet6 fe80::222:19ff:fe30:20d5/64 scope link valid_lft forever preferred_lft forever 3: p6p1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc netem state UP qlen 1000 link/ether 00:15:17:3c:c6:68 brd ff:ff:ff:ff:ff:ff inet 192.168.0.10/24 brd 192.168.0.255 scope global p6p1 valid_lft forever preferred_lft forever inet6 3ffe:501:ffff:100:215:17ff:fe3c:c668/64 scope global valid_lft forever preferred_lft forever inet6 fe80::215:17ff:fe3c:c668/64 scope link valid_lft forever preferred_lft forever 4: p6p2: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000 link/ether 00:15:17:3c:c6:69 brd ff:ff:ff:ff:ff:ff [root@dhcp12-166 ~]# </PRE> </TD></TR> <tr VALIGN="top"> <td></td> <td width="100%">cleaning up TN ...</td> </tr> <TR VALIGN="top"> <TD>16:39:45</TD> <TD width="100%"> ikev2Local("/sbin/sysctl -w net.inet6.ip6.forwarding=0")<BR> <PRE>net.inet6.ip6.forwarding: 1 -> 0 </PRE></TD> </TR><TR VALIGN="top"> <TD>16:39:45</TD> <TD width="100%"> ikev2Local("/sbin/ifconfig -a")<BR> <PRE>em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=4219b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,TSO4,WOL_MAGIC,VLAN_HWTSO> ether 00:23:ae:7a:6e:cc inet6 fe80::223:aeff:fe7a:6ecc%em0 prefixlen 64 scopeid 0x1 inet 10.66.13.78 netmask 0xfffffe00 broadcast 10.66.13.255 nd6 options=3<PERFORMNUD,ACCEPT_RTADV> media: Ethernet autoselect (1000baseT <full-duplex>) status: active em1: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=209b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC> ether 00:1b:21:1c:58:fa inet 192.168.0.20 netmask 0xffffff00 broadcast 192.168.0.255 inet6 fe80::21b:21ff:fe1c:58fa%em1 prefixlen 64 scopeid 0xa inet6 3ffe:501:ffff:100::20 prefixlen 64 inet6 fe80::f%em1 prefixlen 64 scopeid 0xa inet6 2001:db8:1:1::f prefixlen 64 nd6 options=3<PERFORMNUD,ACCEPT_RTADV> media: Ethernet autoselect (1000baseT <full-duplex>) status: active em2: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=209b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC> ether 00:1b:21:1c:5d:d1 inet6 fe80::21b:21ff:fe1c:5dd1%em2 prefixlen 64 scopeid 0xb inet6 3ffe:501:ffff:101::20 prefixlen 64 nd6 options=3<PERFORMNUD,ACCEPT_RTADV> media: Ethernet autoselect status: no carrier plip0: flags=8810<POINTOPOINT,SIMPLEX,MULTICAST> metric 0 mtu 1500 lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384 options=3<RXCSUM,TXCSUM> inet 127.0.0.1 netmask 0xff000000 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0xd nd6 options=3<PERFORMNUD,ACCEPT_RTADV> lo1: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384 options=3<RXCSUM,TXCSUM> inet6 2001:db8:f:1::1 prefixlen 64 nd6 options=3<PERFORMNUD,ACCEPT_RTADV> </PRE></TD> </TR><TR VALIGN="top"> <TD>16:39:45</TD> <TD width="100%"> ikev2Local("/sbin/ifconfig lo1 inet6 2001:0db8:000f:0001::1/64 delete")<BR> <PRE></PRE></TD> </TR><TR VALIGN="top"> <TD>16:39:45</TD> <TD width="100%"> ikev2Local("/sbin/ifconfig lo1 down")<BR> <PRE></PRE></TD> </TR><TR VALIGN="top"> <TD>16:39:45</TD> <TD width="100%"> ikev2Local("/sbin/ifconfig lo1 destroy")<BR> <PRE></PRE></TD> </TR><TR VALIGN="top"> <TD>16:39:45</TD> <TD width="100%"> ikev2Local("/sbin/ifconfig em1 inet6 2001:0db8:0001:0001::f/64 delete")<BR> <PRE></PRE></TD> </TR><TR VALIGN="top"> <TD>16:39:45</TD> <TD width="100%"> ikev2Local("/sbin/ifconfig em1 inet6 fe80::f%em1/64 delete")<BR> <PRE></PRE></TD> </TR><TR VALIGN="top"> <TD>16:39:48</TD> <TD width="100%"> ikev2Local("/sbin/ifconfig -a")<BR> <PRE>em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=4219b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,TSO4,WOL_MAGIC,VLAN_HWTSO> ether 00:23:ae:7a:6e:cc inet6 fe80::223:aeff:fe7a:6ecc%em0 prefixlen 64 scopeid 0x1 inet 10.66.13.78 netmask 0xfffffe00 broadcast 10.66.13.255 nd6 options=3<PERFORMNUD,ACCEPT_RTADV> media: Ethernet autoselect (1000baseT <full-duplex>) status: active em1: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=209b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC> ether 00:1b:21:1c:58:fa inet 192.168.0.20 netmask 0xffffff00 broadcast 192.168.0.255 inet6 fe80::21b:21ff:fe1c:58fa%em1 prefixlen 64 scopeid 0xa inet6 3ffe:501:ffff:100::20 prefixlen 64 nd6 options=3<PERFORMNUD,ACCEPT_RTADV> media: Ethernet autoselect (1000baseT <full-duplex>) status: active em2: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=209b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC> ether 00:1b:21:1c:5d:d1 inet6 fe80::21b:21ff:fe1c:5dd1%em2 prefixlen 64 scopeid 0xb inet6 3ffe:501:ffff:101::20 prefixlen 64 nd6 options=3<PERFORMNUD,ACCEPT_RTADV> media: Ethernet autoselect status: no carrier plip0: flags=8810<POINTOPOINT,SIMPLEX,MULTICAST> metric 0 mtu 1500 lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384 options=3<RXCSUM,TXCSUM> inet 127.0.0.1 netmask 0xff000000 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0xd nd6 options=3<PERFORMNUD,ACCEPT_RTADV> </PRE></TD> </TR><tr VALIGN="top"> <td></td> <td width="100%">PASS</td> </tr> </TABLE> <HR><H1>Packet Reverse Log</H1> <UL> <A NAME="koiPacketDump1"></A><A HREF="#koiPacket1">packet #1 at 16:38:42</A> <div id="koiPacketInfo1"> <pre>IP Packet | IP Header | | Version = 6 | | Source Address = 2001:db8:f:1::1 | | Destination Address = 2001:db8:1:1::1234 | UDP Header | | Source Port = 500 | | Destination Port = 500 | Internet Security Association and Key Management Protocol Payload | | IKE Header | | | IKE_SA Initiator's SPI = 90c39f02b80d9ab0 | | | IKE_SA Responder's SPI = 0000000000000000 | | | Next Payload = 33 (SA) | | | Major Version = 2 | | | Minor Version = 0 | | | Exchange Type = 34 (IKE_SA_INIT) | | | Flags = 40 (0b00101000) | | | | Reserved (XX000000) = 0 | | | | Response (00R00000) = 1 | | | | Version (000V0000) = 0 | | | | Initiator (0000I000) = 1 | | | | Reserved (00000XXX) = 0 | | | Message ID = 0 (0x0) | | | Length = 312 (0x138) | | | SA Payload | | | | Next Payload = 34 (KE) | | | | Critical = 0 | | | | Reserved = 0 | | | | Payload Length = 44 (0x2c) | | | | Proposal #1 | | | | | Next Payload = 0 (last) | | | | | RESERVED = 0 | | | | | Proposal Length = 40 | | | | | Proposal # = 1 | | | | | Proposal ID = IKE | | | | | SPI Size = 0 | | | | | # of Transforms = 4 | | | | | Transfrom | | | | | | Next Payload = 3 (Transform) | | | | | | RESERVED = 0 | | | | | | Transform Length = 8 | | | | | | Transform Type = 1 (ENCR) | | | | | | RESERVED = 0 | | | | | | Transform ID = 3 (3DES) | | | | | Transfrom | | | | | | Next Payload = 3 (Transform) | | | | | | RESERVED = 0 | | | | | | Transform Length = 8 | | | | | | Transform Type = 2 (PRF) | | | | | | RESERVED = 0 | | | | | | Transform ID = 2 (HMAC_SHA1) | | | | | Transfrom | | | | | | Next Payload = 3 (Transform) | | | | | | RESERVED = 0 | | | | | | Transform Length = 8 | | | | | | Transform Type = 3 (INTEG) | | | | | | RESERVED = 0 | | | | | | Transform ID = 2 (HMAC_SHA1_96) | | | | | Transfrom | | | | | | Next Payload = 0 (last) | | | | | | RESERVED = 0 | | | | | | Transform Length = 8 | | | | | | Transform Type = 4 (D-H) | | | | | | RESERVED = 0 | | | | | | Transform ID = 2 (1024 MODP Group) | | | KE Payload | | | | Next Payload = 40 (Ni, Nr) | | | | Critical = 0 | | | | Reserved = 0 | | | | Payload Length = 136 (0x88) | | | | DH Group # = 2 | | | | RESERVED = 0 | | | | Key Exchange Data = 0xd33a287ea3dfe4480a4f19bd83cc3077ed70f520468c9029621ef8f9d7f2a760a51fd3fd1fd74d916549260784a48bd02ca9800ab25363d49326514c67f05b54152d680785182ca7e49a265c06b530902df378326987d5ac15ec5734f143a778c040e688453ff2c32854c6afd4fd0a5dc5e8f5cb2abbc528fbd9f574a67e07bd | | | Ni, Nr Payload | | | | Next Payload = 0 (0) | | | | Critical = 0 | | | | Reserved = 0 | | | | Payload Length = 104 (0x68) | | | | Nonce Data = aaccf2e0d5ce2621aa356f02dbe6c10e41004ca586109d010abd446cbe96ba3250144aac50fe8ee84b570bce0ae03bd87aa0e3db2ce028e0456616e8eb5ed3a9a010133312c66232057008ae3b45e62e002ef9676728a1fcc19ed4f771359479a633d855 </pre> </div> <hr> <A NAME="koiPacketDump2"></A><A HREF="#koiPacket2">packet #2 at 16:38:42</A> <div id="koiPacketInfo2"> <pre>IP Packet | IP Header | | Version = 6 | | Source Address = 2001:db8:1:1::1234 | | Destination Address = 2001:db8:f:1::1 | UDP Header | | Source Port = 500 | | Destination Port = 500 | Internet Security Association and Key Management Protocol Payload | | IKE Header | | | IKE_SA Initiator's SPI = 90c39f02b80d9ab0 | | | IKE_SA Responder's SPI = 4521278d22418e5e | | | Next Payload = 33 (SA) | | | Major Version = 2 | | | Minor Version = 0 | | | Exchange Type = 34 (IKE_SA_INIT) | | | Flags = 32 (0b00100000) | | | | Reserved (XX000000) = 0 | | | | Response (00R00000) = 1 | | | | Version (000V0000) = 0 | | | | Initiator (0000I000) = 0 | | | | Reserved (00000XXX) = 0 | | | Message ID = 0 (0x0) | | | Length = 228 (0xe4) | | | SA Payload | | | | Next Payload = 34 (KE) | | | | Critical = 0 | | | | Reserved = 0 | | | | Payload Length = 44 (0x2c) | | | | Proposal #1 | | | | | Next Payload = 0 (last) | | | | | RESERVED = 0 | | | | | Proposal Length = 40 | | | | | Proposal # = 1 | | | | | Proposal ID = IKE | | | | | SPI Size = 0 | | | | | # of Transforms = 4 | | | | | Transfrom | | | | | | Next Payload = 3 (Transform) | | | | | | RESERVED = 0 | | | | | | Transform Length = 8 | | | | | | Transform Type = 1 (ENCR) | | | | | | RESERVED = 0 | | | | | | Transform ID = 3 (3DES) | | | | | Transfrom | | | | | | Next Payload = 3 (Transform) | | | | | | RESERVED = 0 | | | | | | Transform Length = 8 | | | | | | Transform Type = 3 (INTEG) | | | | | | RESERVED = 0 | | | | | | Transform ID = 2 (HMAC_SHA1_96) | | | | | Transfrom | | | | | | Next Payload = 3 (Transform) | | | | | | RESERVED = 0 | | | | | | Transform Length = 8 | | | | | | Transform Type = 2 (PRF) | | | | | | RESERVED = 0 | | | | | | Transform ID = 2 (HMAC_SHA1) | | | | | Transfrom | | | | | | Next Payload = 0 (last) | | | | | | RESERVED = 0 | | | | | | Transform Length = 8 | | | | | | Transform Type = 4 (D-H) | | | | | | RESERVED = 0 | | | | | | Transform ID = 2 (1024 MODP Group) | | | KE Payload | | | | Next Payload = 40 (Ni, Nr) | | | | Critical = 0 | | | | Reserved = 0 | | | | Payload Length = 136 (0x88) | | | | DH Group # = 2 | | | | RESERVED = 0 | | | | Key Exchange Data = 0xb93aac864765b623ec4e4f77a45f6b2f36bd8549f6e6b5e52b1e634a372239d9a3bd6514fe31440e28610c3e9bed5d9b9b4c3f3855097ccf485c9cc56b61cb8c2941a1bc77791a19f325a2cbdaf082c280fee27d36e4e14e96609637735907d138e257788b6006770022b77c71b630c5bd0a5b05f4042acb02619f814c804442 | | | Ni, Nr Payload | | | | Next Payload = 0 (0) | | | | Critical = 0 | | | | Reserved = 0 | | | | Payload Length = 20 (0x14) | | | | Nonce Data = 5273f7eeded10770c05ec05e83369157 </pre> </div> <hr> </UL> </BODY> </HTML> <!-- 769d83646db645b8e17f802cce991282 --> <!-- 84e63c846d86e78d0870a0e3c072703d -->
View Attachment As Raw
Actions:
View
Attachments on
bug 1118121
: 916986