Bug 363501 - TAHI--IPSECv6--When having IPsecv6 tests, TN received no echo reply from HOST-1(TN) to HOST-3(TN) via SGW(NUT)
TAHI--IPSECv6--When having IPsecv6 tests, TN received no echo reply from HOST...
Status: CLOSED DUPLICATE of bug 435803
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: ipsec-tools (Show other bugs)
5.0
All Linux
medium Severity medium
: rc
: ---
Assigned To: Thomas Graf
Martin Jenner
:
Depends On:
Blocks: 253764
  Show dependency treegraph
 
Reported: 2007-11-02 04:53 EDT by Zhiyong Wu
Modified: 2014-06-18 04:29 EDT (History)
9 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-04-08 12:42:23 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
test result about IPsec Host transport mode, ESP=3DES-CBC NULL (18.46 KB, text/html)
2008-05-06 05:49 EDT, shangyanfeng
no flags Details
test result for ipsec Host transport mode, ESP=AES-CTR HMAC-SHA1 (18.92 KB, text/html)
2008-05-06 05:50 EDT, shangyanfeng
no flags Details
ps format result (191.52 KB, application/octet-stream)
2008-05-08 00:59 EDT, shangyanfeng
no flags Details
ps format result (191.52 KB, application/octet-stream)
2008-05-08 01:00 EDT, shangyanfeng
no flags Details

  None (edit)
Description Zhiyong Wu 2007-11-02 04:53:25 EDT
Description of problem:

  When having ipsecv6 tests for the software gateway mode,we found that 

TN received no echo reply from HOST-1(TN) to HOST-3(TN) via SGW(NUT) in some 

scenarios.

Version-Release number of selected component (if applicable):

  kernel-2.6.18-43.el5

Software Environment:   
  Testee(NUT):   
    RHEL5 
    Kernel:2.6.18-43.el5 
   
  Tester(TN):   
    FreeBSD6.2
    v6eval-3.0.12.tar.gz
   
TAHI package:    
  IPsec_Self_Test_P2_1-1-1.tar.gz

How reproducible:
  every time

Steps to Reproduce:    
  1. Configure TAHI test environment.     
  2. Run the TAHI test suite     
  3. After the test completes, check for the results 
  
Actual results:

   TN received no echo reply from HOST-1(TN) to HOST-3(TN) via SGW(NUT)

Expected results:

   TN should receive echo reply from HOST-1(TN) to HOST-3(TN) via SGW(NUT)  

Additional info:
  
   please refer to 

http://focus.brisbane.redhat.com/~zwu/ipsec_sgw/20071022/IPsec_Self_Test_P2_1-1-1_sgw/ipsec.p2/index.html

   (1) 16	6.1.14 ICV (ESN), ESP=3DES-CBC HMAC-SHA1

   (2) 19	6.2.2 SGW tunnel mode, ESP=3DES-CBC AES-XCBC-MAC

   (3) 20	6.2.3 SGW tunnel mode, ESP=3DES-CBC HMAC-NULL

   (4) 22	6.2.5 SGW tunnel mode, ESP=AES-CTR HMAC-SHA1
Comment 1 Zhiyong Wu 2007-11-02 05:23:45 EDT
   Also about it:

   when NUT is set to the host mode,

   pls refer to the url below:

http://focus.brisbane.redhat.com/~zwu/ipsec_endnode/20071028/IPsec_Self_Test_P2_1-1-1_end_node/ipsec.p2/index.html

   (1) 14	5.1.12 ICV calculation (ESN), ESP=3DES-CBC HMAC-SHA1

   (2) 16	5.2.2 Host transport mode, ESP=3DES-CBC AES-XCBC-MAC

   (3) 17	5.2.3 Host transport mode, ESP=3DES-CBC NULL

   (4) 19	5.2.5 Host transport mode, ESP=AES-CTR HMAC-SHA1
Comment 3 Zhiyong Wu 2008-02-20 04:19:36 EST
the test cases still FAIL On RHEL5.2

for more details, pls refer to 

http://focus.brisbane.redhat.com/~zwu/RHEL5.2-Server-20080212.0/20080220/IPsec_Self_Test_P2_1-1-2_end_node/ipsec.p2/index.html
Comment 4 Zhiyong Wu 2008-02-25 02:10:01 EST
the test cases still FAIL On RHEL5.2

for more details, pls refer to 

http://focus.brisbane.redhat.com/~zwu/RHEL5.2-Server-20080212.0/20080220/IPsec_Self_Test_P2_1-1-2_end_node/ipsec.p2/16.html

Comment 9 Lawrence Lim 2008-04-07 22:42:24 EDT
The latest version for ipsec-tools on errata is 0.6.5-9.el5. Should we include
this bug in kernel/ipsec-tools errata? Or we are good to resolve the bug?
Comment 10 shangyanfeng 2008-04-08 01:16:27 EDT
sorry,"ipsec-tools-0.6.5-8.el5" shouble be "ipsec-tools-0.6.5-9.el5" 
ipsec-tools-0.6.5-8-el5 isn't pass
--------------------------------------------------------------
(In reply to comment #8)
>  5.2.2 Host transport mode, ESP=3DES-CBC AES-XCBC-MAC
> this bug pass in new tree RHEL52-Server-20080402
> version:
> ipsec-tools-0.6.5-8.el5 
> kernel-2.6.18-88.el5
> for more details,pls refer to
>
http://focus.bne.redhat.com/~yshang/RHEL520402/i386noxen/IPsec_Self_Test_P2_1-1-2_end_node/ipsec.p2/index.html
>
http://focus.bne.redhat.com/~yshang/RHEL520402/i386xen/IPsec_Self_Test_P2_1-1-2_end_node/ipsec.p2/index.html
>
http://focus.bne.redhat.com/~yshang/RHEL520402/x86_64_noxen/IPsec_Self_Test_P2_1-1-2_end_node/ipsec.p2/index.html
>
http://focus.bne.redhat.com/~yshang/RHEL520402/x86_64_xen/IPsec_Self_Test_P2_1-1-2_end_node/ipsec.p2/index.html

Comment 11 Linda Wang 2008-04-08 12:42:23 EDT
Verifed based on comment#9.  Therefore, dup'ed to bug 435803.

*** This bug has been marked as a duplicate of 435803 ***
Comment 12 shangyanfeng 2008-05-06 05:49:24 EDT
Created attachment 304617 [details]
test result about IPsec Host transport mode, ESP=3DES-CBC NULL

this is the test for RHEL520430
ipsec-tools-0.6.5-9.el5 kernel 2.6.18-92.el5 on an i686
Host transport mode, ESP=3DES-CBC NULL
fail
Comment 13 shangyanfeng 2008-05-06 05:50:36 EDT
Created attachment 304618 [details]
test result for ipsec Host transport mode, ESP=AES-CTR HMAC-SHA1

this is the test for RHEL520430
ipsec-tools-0.6.5-9.el5 kernel 2.6.18-92.el5 on an i686
Host transport mode, ESP=AES-CTR HMAC-SHA1
fail
Comment 14 shangyanfeng 2008-05-08 00:59:09 EDT
Created attachment 304834 [details]
ps format result

test result about IPsec Host transport mode, ESP=3DES-CBC NULL

kernel 2.6.18-92.el5 ipsec-tools-0.6.5-9.el5
Comment 15 shangyanfeng 2008-05-08 01:00:43 EDT
Created attachment 304835 [details]
ps format result

test result for ipsec Host transport mode, ESP=AES-CTR HMAC-SHA1

ipsec-tools-0.6.5-9.el5 kernel:2.6.18-92.el5

Note You need to log in before you can comment on or make changes to this bug.