Bug 363501
| Summary: | TAHI--IPSECv6--When having IPsecv6 tests, TN received no echo reply from HOST-1(TN) to HOST-3(TN) via SGW(NUT) | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 5 | Reporter: | Zhiyong Wu <zwu> | ||||||||||
| Component: | ipsec-tools | Assignee: | Thomas Graf <tgraf> | ||||||||||
| Status: | CLOSED DUPLICATE | QA Contact: | Martin Jenner <mjenner> | ||||||||||
| Severity: | medium | Docs Contact: | |||||||||||
| Priority: | medium | ||||||||||||
| Version: | 5.0 | CC: | davem, desktop-bugs, iboverma, llim, nhorman, rkhan, sghosh, tgraf, yshang | ||||||||||
| Target Milestone: | rc | ||||||||||||
| Target Release: | --- | ||||||||||||
| Hardware: | All | ||||||||||||
| OS: | Linux | ||||||||||||
| Whiteboard: | |||||||||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||||||||
| Doc Text: | Story Points: | --- | |||||||||||
| Clone Of: | Environment: | ||||||||||||
| Last Closed: | 2008-04-08 16:42:23 UTC | Type: | --- | ||||||||||
| Regression: | --- | Mount Type: | --- | ||||||||||
| Documentation: | --- | CRM: | |||||||||||
| Verified Versions: | Category: | --- | |||||||||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||||||||
| Embargoed: | |||||||||||||
| Bug Depends On: | |||||||||||||
| Bug Blocks: | 253764 | ||||||||||||
| Attachments: |
|
||||||||||||
Also about it: when NUT is set to the host mode, pls refer to the url below: http://focus.brisbane.redhat.com/~zwu/ipsec_endnode/20071028/IPsec_Self_Test_P2_1-1-1_end_node/ipsec.p2/index.html (1) 14 5.1.12 ICV calculation (ESN), ESP=3DES-CBC HMAC-SHA1 (2) 16 5.2.2 Host transport mode, ESP=3DES-CBC AES-XCBC-MAC (3) 17 5.2.3 Host transport mode, ESP=3DES-CBC NULL (4) 19 5.2.5 Host transport mode, ESP=AES-CTR HMAC-SHA1 the test cases still FAIL On RHEL5.2 for more details, pls refer to http://focus.brisbane.redhat.com/~zwu/RHEL5.2-Server-20080212.0/20080220/IPsec_Self_Test_P2_1-1-2_end_node/ipsec.p2/index.html the test cases still FAIL On RHEL5.2 for more details, pls refer to http://focus.brisbane.redhat.com/~zwu/RHEL5.2-Server-20080212.0/20080220/IPsec_Self_Test_P2_1-1-2_end_node/ipsec.p2/16.html the test cases still FAIL On RHEL5.2 for more details, pls refer to http://focus.brisbane.redhat.com/~zwu/RHEL5.2-Server-20080212.0/20080220/IPsec_Self_Test_P2_1-1-2_end_node/ipsec.p2/15.html http://focus.brisbane.redhat.com/~zwu/RHEL5.2-Server-20080212.0/20080220/IPsec_Self_Test_P2_1-1-2_end_node/ipsec.p2/18.html 5.2.2 Host transport mode, ESP=3DES-CBC AES-XCBC-MAC this bug pass in new tree RHEL52-Server-20080402 version: ipsec-tools-0.6.5-8.el5 kernel-2.6.18-88.el5 for more details,pls refer to http://focus.bne.redhat.com/~yshang/RHEL520402/i386noxen/IPsec_Self_Test_P2_1-1-2_end_node/ipsec.p2/index.html http://focus.bne.redhat.com/~yshang/RHEL520402/i386xen/IPsec_Self_Test_P2_1-1-2_end_node/ipsec.p2/index.html http://focus.bne.redhat.com/~yshang/RHEL520402/x86_64_noxen/IPsec_Self_Test_P2_1-1-2_end_node/ipsec.p2/index.html http://focus.bne.redhat.com/~yshang/RHEL520402/x86_64_xen/IPsec_Self_Test_P2_1-1-2_end_node/ipsec.p2/index.html The latest version for ipsec-tools on errata is 0.6.5-9.el5. Should we include this bug in kernel/ipsec-tools errata? Or we are good to resolve the bug? sorry,"ipsec-tools-0.6.5-8.el5" shouble be "ipsec-tools-0.6.5-9.el5" ipsec-tools-0.6.5-8-el5 isn't pass -------------------------------------------------------------- (In reply to comment #8) > 5.2.2 Host transport mode, ESP=3DES-CBC AES-XCBC-MAC > this bug pass in new tree RHEL52-Server-20080402 > version: > ipsec-tools-0.6.5-8.el5 > kernel-2.6.18-88.el5 > for more details,pls refer to > http://focus.bne.redhat.com/~yshang/RHEL520402/i386noxen/IPsec_Self_Test_P2_1-1-2_end_node/ipsec.p2/index.html > http://focus.bne.redhat.com/~yshang/RHEL520402/i386xen/IPsec_Self_Test_P2_1-1-2_end_node/ipsec.p2/index.html > http://focus.bne.redhat.com/~yshang/RHEL520402/x86_64_noxen/IPsec_Self_Test_P2_1-1-2_end_node/ipsec.p2/index.html > http://focus.bne.redhat.com/~yshang/RHEL520402/x86_64_xen/IPsec_Self_Test_P2_1-1-2_end_node/ipsec.p2/index.html Verifed based on comment#9. Therefore, dup'ed to bug 435803. *** This bug has been marked as a duplicate of 435803 *** Created attachment 304617 [details]
test result about IPsec Host transport mode, ESP=3DES-CBC NULL
this is the test for RHEL520430
ipsec-tools-0.6.5-9.el5 kernel 2.6.18-92.el5 on an i686
Host transport mode, ESP=3DES-CBC NULL
fail
Created attachment 304618 [details]
test result for ipsec Host transport mode, ESP=AES-CTR HMAC-SHA1
this is the test for RHEL520430
ipsec-tools-0.6.5-9.el5 kernel 2.6.18-92.el5 on an i686
Host transport mode, ESP=AES-CTR HMAC-SHA1
fail
Created attachment 304834 [details]
ps format result
test result about IPsec Host transport mode, ESP=3DES-CBC NULL
kernel 2.6.18-92.el5 ipsec-tools-0.6.5-9.el5
Created attachment 304835 [details]
ps format result
test result for ipsec Host transport mode, ESP=AES-CTR HMAC-SHA1
ipsec-tools-0.6.5-9.el5 kernel:2.6.18-92.el5
|
Description of problem: When having ipsecv6 tests for the software gateway mode,we found that TN received no echo reply from HOST-1(TN) to HOST-3(TN) via SGW(NUT) in some scenarios. Version-Release number of selected component (if applicable): kernel-2.6.18-43.el5 Software Environment: Testee(NUT): RHEL5 Kernel:2.6.18-43.el5 Tester(TN): FreeBSD6.2 v6eval-3.0.12.tar.gz TAHI package: IPsec_Self_Test_P2_1-1-1.tar.gz How reproducible: every time Steps to Reproduce: 1. Configure TAHI test environment. 2. Run the TAHI test suite 3. After the test completes, check for the results Actual results: TN received no echo reply from HOST-1(TN) to HOST-3(TN) via SGW(NUT) Expected results: TN should receive echo reply from HOST-1(TN) to HOST-3(TN) via SGW(NUT) Additional info: please refer to http://focus.brisbane.redhat.com/~zwu/ipsec_sgw/20071022/IPsec_Self_Test_P2_1-1-1_sgw/ipsec.p2/index.html (1) 16 6.1.14 ICV (ESN), ESP=3DES-CBC HMAC-SHA1 (2) 19 6.2.2 SGW tunnel mode, ESP=3DES-CBC AES-XCBC-MAC (3) 20 6.2.3 SGW tunnel mode, ESP=3DES-CBC HMAC-NULL (4) 22 6.2.5 SGW tunnel mode, ESP=AES-CTR HMAC-SHA1