Training

How do you test TR-069 enabled devices?

Are you developing a device or deployment that uses the CPE WAN Management Protocol (TR-069), like managed Wifi or other services? When testing TR-069, what should you test for? What are the benefits of automating it with a dedicated test platform? What are the benefits of getting certified or asking your vendors to certify? Join the QA Cafe team as we show you: The different parts of TR-069 and what can and should be tested. Read more...

Automated home gateway security testing

Test your devices before attackers do. It’s no question now - malicious attackers are targeting the home network, and the gateway in particular. Testing for security vulnerabilities can be tedious and ineffective if you don’t have a controlled, repeatable, and fully automated test environment. Join the CDRouter team as we show you: How to test the functional performance of your security tools like parental controls, firewalls, and the security of your user interfaces. Read more...

Verifying TR-069 real-world scenarios with a native ACS

When it comes to testing TR-069, there are three main stages: Testing that your device handles CWMP and the underlying protocols Testing that your data model objects and parameters are valid Testing that your CPE will behave as expected in production CDRouter’s automation platform can make it very easy to do all of these, and do them repeatedly from firmware to firmware. However, this third point involves two things: verifying that your device makes the internal changes that were configured via CWMP, and testing in your actual production network. Read more...

Test Setup for LTE Gateway or Mobile Hotspot

Now that mobile data connections have reached speeds acceptable for broadband access, more and more devices are using LTE as either their primary or backup WAN connection. As more devices get pushed into the home, this number will likely increase by quite a bit. How do you test routers and gateways with LTE WAN connections, that have all of the same testing needs as other home and enterprise broadband gateways? Read more...

DOCSIS Cable Gateway Testing in a Shared Lab Enviroment

With the DOCSIS add-on, CDRouter is perfectly suited for testing and verifying the higher layer network functionality of a DOCSIS-based device under test (DUT). The basic CDRouter test setup for cable gateways is very similar to the test setup for DSL-based gateways. Like the DSL test setup, CDRouter does not have the ability to terminate a cable gateway’s HFC WAN connection directly. As a result, a CMTS must be included in a cable gateway test setup, as opposed to a DSLAM for DSL gateways. Read more...

Webinar - Testing DOCSIS eRouters and Cable Modems in CDRouter

CDRouter can automate an entire DOCSIS provisioning system. Focus on testing your cable modem and eRouter in a single test environment that can test every aspect of your devices from management to routing to performance. Learn more…

Best Practices for Securing TR-069

For our article on the alleged TR-069 vulnerability during the Mirai bot scare, go here. As one of the most largely deployed broadband management protocols in the world, TR-069 has quite a footprint, and a compromised system could potentially affect many broadband subscribers adversely. Luckily, TR-069 is built to operate on secure transport protocols. While there is nothing inherently insecure to the protocol itself, improper implementation of TR-069 clients and servers may expose problems that can be exploited by malicious attackers, as is the case with any web service. Read more...

Testing TR-069 Devices in CDRouter 10

As the official test platform for TR-069 certification, CDRouter’s TR-069 add-on turns CDRouter into a scriptable ACS simulator with test cases for protocol functionality, data model validation, and security. Join the QA Cafe team as we show you: Building a configuration to run TR-069 testing The different TR-069 test cases CDRouter TR-069 vs. BBF.069 tests Testing the different TR-069 data models Setting up SSL certificates for testing

Testing Residential IPv6 with CDRouter

While IPv6 has been in development for more than a decade, the availability of residential IPv6 is still in its infancy. Traditional CPE devices running IPv4 with NAT are now adding IPv6 capabilities and 6to4 transition techniques even before native IPv6 connections are commonly available. CDRouter is IPv6 capable and provides vendors, ISPs, and test labs with a set of functional test cases to verify the IPv6 readiness of CPE devices. Read more...

TR-069 Connection Request Timing

In CWMP, the CPE is always the initiator of sessions. It begins each session with a call to the Inform RPC, which contains EVENT codes that specify to the ACS the reason for the session. One way the that ACS can entice a CPE to begin a session is with the Connection Request mechanism. In TR-069 Amendment 4 and earlier, this was done exclusively with HTTP, though an option for XMPP Connection Requests was added in Amendment 5. Read more...

Is your TR-069 implementation vulnerable to code injection attacks?

Updates in CDRouter 10.3 The scenarios below are serious, and so we’ve added a series of tests to our tr60_conn_req.tcl module to cover your DUT’s TR-069 security and tests for code injection in TR-069 parameters. More on the Mirai worm attack in 2016 In 2016, a distributed denial of service (DDoS) attack dubbed the “Mirai worm” expanded its reach by exploiting a vulnerability in an exposed Broadband Forum TR-064 service (a deprecated service which we’ve written about here). Read more...

Experimenting with SIP and call timing on a gateway

One of the fundamental functions of many home and business gateways is to act as a SIP ALG (Application Layer Gateway) for setting up, routing, and terminating VoIP telephone calls. This presents some difficulty with Network Address Translation (NAT) functionality that we’ve covered before. However, there’s other functional behavior when it comes to SIP call setup and the resulting RTP streams that can be missed without some rigorous experimentation. Read more...

Mirai attack on home routers and alleged TR-069 vulnerability

Update: Learn more about how this attack could be used against TR-069 devices here. The week of November 28 2016 saw a massive attack on certain home routers deployed by several European service providers. The attack was based on the Mirai Malware attack several weeks previous that affected the dynamic DNS services provided by Dyn, Inc.. The attack focused on sending certain SOAP commands based on the Broadband Forum’s older TR-064 protocol, through port 7547. Read more...

Testing LAN clients with Public IP addresses in CDRouter

In a typical home network, the ISP assigns a single Public IPv4 address to the CPE device that can be reached from the global Internet. The device assigns Private IPv4 addresses to CDRouter’s LAN clients and acts as an Internet gateway to them by mapping all of the Private addresses to the one Public address using Network Address Translation (NAT). (Private IPv4 addresses are described in RFC 1918, eg. 192. Read more...

Testing SIP Aware Routers

Testing SIP aware CPE routers is a critical part of an over-all Voice over IP test strategy. CDRouter is perfect for testing SIP aware routers using a real world test setup. Using the CDRouter SIP test module, network and QA engineers can quickly verify the behavior of a SIP aware device and avoid costly interoperability problems. SIP and NAT SIP has become the leading signaling protocol for establishing Voice over IP calls between soft-phones and other VoIP applications. Read more...

Testing devices with wireless WAN connections

At QA Cafe we continuously see new consumer broadband and home network devices come into the market and into our lab. One of the newest class of devices are “travel routers” - routers that are popular with people who frequently connect to public Wifi networks or those offered by hotels, restaurants, or hospitals. These devices let you preserve network settings that your devices need, let you set up default connections to VPNs or other secure networks, and act as an additional level of firewall security when connecting to public networks. Read more...

How Should an ACS Treat Missing CWMP Data Model Objects?

TR-069 (CWMP) provides a mechanism for service providers to remotely provision a subscriber’s home network devices, including home gateways, set-top boxes, WiFi, etc. It does this by allowing the service provider’s ACS (Auto Configuration Server) to operate on a device’s “data model” - a conceptual framework containing the set of objects and parameters that describe the CPE’s configuration and capabilities. What happens when those objects or parameters aren’t implemented or don’t exist? Read more...

How do I get a device TR-069 Certified?

Is your device TR-069 certified? CDRouter is the official test platform of the certification program for TR-069, called BBF.069. You can perform this testing using CDRouter before seeking certification at an approved test laboratory. What does certification mean? TR-069 certified devices can claim complete conformance to the TR-069 protocol. If the device supports one or more optional features, those tests are performed and included when the device is listed on the Broadband Forum certified device list. Read more...

9 Most Common Router Bugs

QA Cafe has been testing CPE routers since 2002 trying to test as many routers as we can find. During this time we have learned that the quality level of home and business routers/gateways on the market varies considerably. The following are some of the common problems that are exposed by testing with the CDRouter test suite. Packet Loss During the DHCP Renewal Process The CDRouter test suite can force a router to renew its DHCP lease at short intervals. Read more...

Testing a Wifi Range Extender or Wifi Mesh System

Devices that enhance consumer Wifi are becoming more and more prevalent, both off the shelf and deployed by service providers. A Wifi booster or Wifi range extender is sometimes a simple repeater, but more often they act as layer 2 bridges, and can still be tested for performance and management via TR-069 or SNMP. Isolating a node in a Wifi mesh When there are multiple repeaters forming a mesh, as is the case with a lot of consumer Wifi systems , it’s best to isolate the DUT that you want by telling CDRouter which BSSID in the mesh to connect to. Read more...

Known Gateway Bugs - Ignoring Credentials

Holes in home gateway security allow for a malicious hacker to take over a gateway in the way they would any other computer system. While the holes in most cases have been complex and deep seated bugs that would be hard to find without a lot of work, there are some easy to find bugs that seem obvious but would be missed without negative testing. The Problem Most application protocols use some method of authentication to ensure security and control identity management of users of the service. Read more...

DHCPv6 Prefix Delegation in Edge Routers

In the course of developing the test suite for DHCPv6 prefix delegation, QA Cafe encountered a number of implementation issues that impact the functionality of IPv6 connectivity. Some of these potential implementation issues are discussed below. Implementation Issues with IPv6 Prefix Delegation in DHCP Now that IPv6 is moving out of the core and into residential networks, DHCPv6 prefix delegation has emerged as the leading technique to provision IPv6 CPE devices. Read more...

Webinar - SNMP Scenario Testing

CDRouter 10.1 adds the ability to build custom “scenario” tests to exercise the behavior of a DUT’s SNMP stack and MIB. Similar to our TR-069 scenarios test cases, this allows you to set up tests that perform SNMP get requests, set requests, etc. on MIB objects specific to your DUT to see if the correct information can be set and retrieved and that your DUT behaves as expected after configuration. Read more...

Webinar - CDRouter 10 Basics

Have you just started using CDRouter as a new customer or demo user, or want to know some immediate tips and tricks you can use to get testing quickly? Join our CDRouter support team as they show you the basics specific to CDRouter 10: How to create an initial test configuration How to create a test package for your test run Using the upcoming device manager How to run, loop, and monitor tests in progress

What should you test in Wifi mesh enabled routers?

Of all of the things about broadband service that is most keenly felt by the end user, it’s the quality of their Wifi networks. Wifi is unique in that it is a complex networking system that users are aware of, and make purchasing decisions for consumer electronics and for broadband service around it. Realizing this, many companies are building Wifi products that specifically target the consumer rather than relying on the provider to deploy Wifi service, using Wifi mesh technology to deploy quality, reliable Wifi throughout the user’s home or business. Read more...

Webinar - Using the CDRouter Web Services API

CDRouter includes an advanced web services API to interact with your tests, packages, and more. With a few simple calls, you can fully integrate CDRouter with your test environment, continuous integration tools like Jenkins, or even build new alert and monitoring systems. Join the CDRouter team as we show you: An overview of the new web services API in CDRouter 10 Using the API with continuous integration tools like Jenkins Example uses of the API to gather statistics, send emails or texts, and more

Webinar - Testing Wifi Guest Mode

One of the most common use cases for Wifi is the ability to set up a guest network alongside another network that is used by the home user, business, or other organization. It’s also a source of a lot of problems: guaranteeing that the Wifi router or AP can handle the number of clients connecting; making sure that the security in place for the guest network and other networks works correctly; and ensuring the policies you’ve put in place for guest access vs. Read more...

TR-069 Training Series - Data Model Parameters

Most objects contain a set of elements containing sub-objects and parameters. Parameters are defined using the parameter element, and, like Objects, have a set of attributes and elements that describe how the parameter is to be used and its requirements. Data Model attributes for Parameter Elements include: Name: Unlike object names, the parameter name is just the literal name of the parameter, not the full path. Access: Describes whether or not a parameter can be the subject of the SetParameterValues RPC. Read more...

TR-069 Training Series - Looking at Data Models and Objects

Every data model in TR-069 contains the objects and parameters that represent the functions of a broadband CPE or other device. This includes their addressable name, syntax, data types, and a normative description of how they are to be used. The Data Model Document Let’s look at an actual data model XML document for Device:2. First you’ll see a set of comments. These will name the most recent editors and give you an overview of the updates in each version. Read more...

TR-069 Training Series - Navigating Broadband Forum Data Models

Intrinsic to the operation of CWMP are the objects and parameters made available to an ACS by a CWMP endpoint. These maps of a CPE’s capabilities and state are referred to as “data models”. This term is somewhat overloaded. The term “data model” refers to both the representation of the state of a CWMP endpoint, or its “instantiated data model”, and to the official, standardized set of objects and parameters defined by the Broadband Forum. Read more...

Exploring scaling tests - Is your home gateway IoT ready?

By now we’ve all heard of the coming flood of network aware devices collectively referred to as the “Internet of Things”. While the term encompasses a wide variety of use cases that are not all clearly defined, we can come up with some rudimentary expectations on how this influx of connections will affect networks. For the home gateway, the most significant impact is how to handle an order of magnitude more connections than most are traditionally designed for - how well does it scale? Read more...

TR-069 Training Series - Reboot and FactoryReset

The Reboot RPC is used by the ACS to explicitly cause the device hardware to restart. This could be for any number of reasons, though should never be used as a means to force the CPE to upgrade itself. The Reboot RPC takes only one argument - CommandKey - used as it is elsewhere. The response contains no arguments. When the device reboots, it must initiate a session with the ACS as soon as it is able to do so. Read more...

TR-069 Training Series - Upgrading CPE Firmware with the Download and TransferComplete RPCs

Perhaps the biggest use case for TR-069 is managing a CPE’s firmware, allowing service providers to remotely upgrade their install base without needing to send the firmware to the customer or send an engineer. TR-069 has several mechanism for doing this - the first is using the Download RPC to directly upload firmware. Optional RPCs that extend this capability include RequestDownload and ScheduleDownload. There is also a newer “firmware bank” mechanism in TR-069 Amendment 6. Read more...

TR-069 Training Series - AddObject and DeleteObject

An “object” in a CPE data model is an element of functionality that can be configured by an ACS. While an object’s parameters are configured using the SetParameterValues RPC, Objects that are able to be created by the ACS can be added to a device using the AddObject RPC, and removed using the DeleteObject RPC. AddObject The AddObject RPC takes two arguments. The first is Object name, which must contain a path reference to an Object; that is a path that ends in a “dot”. Read more...

Multi-service gateway testing with CDRouter

Multi-service gateways are typically configured with two or more independent, logical WAN connections, or channels, for different services, such as voice, video, and data. These service channels are then aggregated onto a single physical WAN connection through the use of VLANs. This allows operators to easily manage, route, and prioritize traffic from a large number of subscribers. CDRouter can easily test gateways that are configured for multiple services, ensuring that your products can deliver them effectively to subscribers and businesses. Read more...

TR-069 Training - Parameter Attributes

Every parameter a CPE’s CWMP data model contains metadata known as “attributes”. These attributes include the “Notification” attribute and “AccessList” attribute. The access attribute was defined early on in TR-069 to provide a method for assigning an access control rule identifier to each individual parameter, but this was never defined to more than one value, “Subscriber”, meaning that the subscriber is allowed to change the parameter through some other mechanism. Read more...

Get/Set Parameter Values and the Status argument

The fundamental purpose of TR-069 is to allow an ACS to interact with the CPE’s instantiated data model, that is, the representation of its current state. The RPCs that form the basis of this include the Get and Set Parameter Values methods. The SetParameterValues RPC takes two arguments. The first is a ParameterList, an array of ParameterValueStruct, a collection of name/value pairs. These list the parameters an ACS wants to change, and the new values for those parameters. Read more...

TR-069 Training - GetParameterNames and Parameter Paths

When an ACS wants to learn what objects exist on a CPE and what parameters they support, it can use the GetParameterNames RPC. Like other RPCs, GetParameterNames makes use of the ParameterPaths argument, so let’s take a minute to understand parameter paths. All of the objects and parameters in a CWMP endpoint’s data model are addressed by a parameter path. A parameter path includes objects, sub-objects, identifiers for multi-instance objects, and the parameters of those objects. Read more...

IP Multicast Testing with CDRouter

This guide describes the IP multicast testing features in CDRouter and the role of IGMP (Internet Group Management Protocol) in CPE networks. CDRouter supports multicast testing using IGMP version 3. Although many CPE devices have support for IP multicast and IGMP, new functional requirements for set-top boxes and other IPTV multicast applications are pushing the adoption of IGMPv3 into the CPE networking space. IGMPv3 in CPE Networks Several different industry technology bodies including the Broadband Forum and CableLabs (DOCSIS) have defined the use of IGMPv3 for CPE devices. Read more...

TR-069 Training - The GetRPCMethods RPC

The GetRPCMethods argument is used by both the CPE and the ACS to request a list of the RPCs supported by either endpoint to better understand the endpoint’s capabilities. It’s one of the simpler RPCs in that it contains no arguments. In the response, the ACS or CPE MUST include all of the required RPCs specified in TR-069, and may include additional optional RPCs or vendor defined RPCs. Read more...

Understanding Performance Results

We get a lot of feedback from our users discovering new and interesting results when combining functional testing with throughput, latency, and loss testing. Having a good understanding of how performance tests work and the caveats around their results can help you determine how your functional tests are impacting performance, and visa-versa. Understanding the theoretical maximum of application data What is “line rate”? CDRouter Performance is designed to measure “application level” throughput. Read more...

TR-069 Training - The Inform RPC

TR-069 uses several remote procedure calls whose definition determine the types of TR-069 messages that are sent and received by an ACS or CPE. Every RPC is defined in the TR-069 base XML schema which can be found on the Broadband Forum website. Each one consists of the call itself, with a number of defined arguments that may or may not be required, and the appropriate response, with its required arguments. Read more...

TR-069 Training Series - Session Retry Mechanism

Every TR-069 session is initiated by a CWMP endpoint that is looking to deliver an event. These events have different delivery requirements, using language such as “must not discard”, “must retry until reboot”, “may retry” and “must not retry”. What happens when the CPE tries to deliver an event but cannot reach the ACS? TR-069 defines an explicit session retry policy to deal with this scenario. An unsuccessful session is considered equivalent with an undelivered event. Read more...

TR-069 Training Series - Notifications

In TR-069, the 4 Value Change event code is used when a parameter set for notification is changed by any mechanism other than the ACS. These conditions are set using the SetParameterAttributes RPC. There are three different notification states. None, Passive, and Active. As arguments in the SetParameterAttributes RPC, these are noted as 0, 1, and 2, respectively. Setting a parameter for “None” or “No” notification removes any previous notification settings. Read more...

TR-069 Training Series - XML and SOAP in TR-069

TR-069 uses the extensible markup language in three different ways: To define the syntax of its message calls and responses, message ID, and faults To define its remote procedure calls and their arguments and To define the data model of CWMP endpoint objects While XML is used most often to define and describe information, TR-069 also uses it directly over the wire when transmitting messages. This means that the ACS and CPE pass XML documents back and forth over HTTP during a TR-069 session. Read more...

TR-069 Training Series - XMPP Connection Request Mechanism

There’s one caveat to ConnectionRequests - they require that the CPE can be reached by the ACS over HTTP. For endpoints that may reside behind a Gateway, this is not the case, thanks to Network Address Translation or Firewall rules. To get around this, TR-069 Annex K defines a way to perform Connection Requests over XMPP. To enable the XMPP Connection Request feature on the CPE, the ACS first configures a new XMPP. Read more...

TR-069 Training Series - Connection Request Basics

Though every TR-069 session is initiated by the CPE endpoint, sometimes it’s necessary for the ACS to request that the CPE contact it immediately. To do this, TR-069 defines a Connection Request mechanism in CWMP, which allows the ACS to stimulate the CPE to begin a session. The most basic Connection Request is a simple HTTP GET on a URL defined by the CPE, defined in the ConnectionRequestURL parameter of the ManagementServer object in the CPE data model. Read more...

TR-069 Training - ACS Discovery

In TR-069, the CPE is always initiates a session. When making first contact with an ACS, how does it know the ACS URL it is supposed to contact? There are 3 mechanisms suggested in TR-069 to do this. The first is that the CPE has its bootstrap ACS pre-configured by factory default. This is usually the case with CPE that are deployed by a service provider. The second mechanism involves the ACS URL being configured through a local protocol that has access to the CWMP data model, such as UPnP as defined in TR-064. Read more...

TR-069 Training Series - Event Basics

Every TR-069 session is initiated by a CWMP Endpoint on a CPE. These sessions always occur for a specific reason, called an “Event”. All of the Events that have yet to be delivered to the ACS are contained as arguments in the Inform RPC at the start of every TR-069 session. Here’s a CDRouter Log of a TR-069 session. You can see that the Inform sent by the CPE contains an array of type “EventStruct”. Read more...

Overview of a TR-069 Session

TR-069 refers to the Technical Report published by the Broadband Forum that defines the CPE WAN Management Protocol, or CWMP. CWMP was developed to allow providers of broadband services to deploy and manage customer premises equipment in home and business networks. In the beginning, TR-069 was targeted towards the home router or business gateway. It has evolved to cover all manner of home network devices, including enterprise VoIP products, video set top boxes, network attached storage, femto cells, and an unlimited number of network aware products through TR-069’s proxy function. Read more...

Protecting Against Vulnerabilities in SSL

Well, it’s official, the IETF is deprecating SSL version 3.0. This means that it will no longer be standard to fall back to SSL 3.0 in protocol negotiations, and for good reason: there have been a host of vulnerabilities in Secure Socket Layer, some of which are of particular concern to home networking devices that have web-based configuration tools or support TR-069. We hadn’t brought up the POODLE vulnerability before, but it, along with other vulnerabilities found in older versions of SSL and TLS, can be exploited even if your DUT is using the most recent versions of these protocols. Read more...

Testing Wifi Scalability with Wireless Station Virtualization

Nearly every home device has Wifi capability, and with the emergence of the Internet of Things, that number is likely to increase exponentially. It will be more important than ever to ensure that Wifi routers and access points can handle the load and the applications that are likely to be accessed by all of these Wifi enabled devices. CDRouter 9.2 introduced the ability to simulate many wireless stations from a single wlan interface. Read more...

Using XMPP for TR-069 Connection Requests

Watch our training on connection request basics and XMPP connection requests in our TR-069 training series. Though one of the fundamental principles of CWMP (TR-069) is that the CPE endpoint is always the one to initiate a connection, Autoconfiguration Servers (ACS) can use the TR-069 Connection Request feature to stimulate a CPE to begin a session. This is often used when the ACS must contact the CPE immediately, such as when configuring the device for a new service after it has already been bootstrapped by the system. Read more...

Is your device using valid TR-069 data models?

The CPE WAN Management Protocol described by Broadband Forum TR-069 is a remote procedure call (RPC) based protocol. That is, it consists of two applications that interact directly with each other through a set of defined methods - in the case of TR-069, this includes device functions like Reboot, Download, etc., as well as operations that affect the device’s data model - a set of objects and parameters and the metadata surrounding them. Read more...

Using CDRouter in an FTTdp Deployment with G.fast

New broadband access topologies come along every day that are making it easier for service providers to provide fiber quality broadband services without running fiber all the way to the home. One of these topologies is referred to as “Fiber to the Drop Point (FTTP)”, and does precisely this: allowing fiber to be run to a Drop Point Unit, where it is broken out into VDSL2 or G.fast (the lastest and fastest DSL based transition technology. Read more...

Testing to reduce the big three broadband customer support problems

The most well understood case for product testing is in quality assurance while a home networking product is in development, or testing its integrity between firmware revisions. But testing before, during, and after deployment can also ensure that service providers reduce costly support calls and truck rolls. We asked some of our customers, some in the service provider world and others who develop management and support services for service providers, what the most common causes of service calls are. Read more...

Open SSL Heartbleed Bug in the Home Gateway

You may have recently heard of a major bug in the OpenSSL implementation, widely used to provide secure communications on the web. This vulnerability is fairly widespread, but has been corrected and will be fixed as more systems are patched. We also made an example capture and explanation of the bug and a packet capture of the attack in action at our CloudShark Appliance website. The security community quickly moved on this vulnerability, and in addition to the OpenSSL patch that is available to fix the problem, there have been several tools built to test servers for the Heartbleed vulnerability. Read more...

Router Bugs - IKE NAT Traversal

QA Cafe is constantly testing as many home networking devices as we can find, both to make sure CDRouter is the best testing product around and to find new and interesting tests to write. During that time, we have learned that the quality level of home and business routers/gateways on the market varies considerably. We know the world of networking protocols is complex and nuanced, and often a slight oversight in a standard or interpretation of a standard can mean the difference between a functioning home networking product and a high-tech paperweight. Read more...

Prefix Exclude Option for DHCPv6-based Prefix Delegation

RFC 6603(https://tools.ietf.org/html/rfc6603) (Prefix Exclude Option for DHCPv6-based Prefix Delegation) introduced a new DHCPv6 option OPTION_PD_EXCLUDE to allow exclusion of one specific prefix from a delegated prefix set when using DHCPv6-based prefix delegation. RFC 6603 Section 1 states: The prefix exclusion mechanism is targeted at deployments where DHCPv6-based prefix delegation is used, but a single aggregated route/prefix has to represent one customer, instead of using one prefix for the link between the delegating router and the requesting router and another prefix for the customer network. Read more...

Test Setup for Dual-Stack Router Providing IPv6 Connectivity via 6to4 Tunnels Over the IPv4 WAN

What is dual-stack? Dual-stack CPE devices typically enable IPv6 connectivity via native IPv6 connections on the WAN or via tunneling protocols that transmit encapsulated IPv6 packets over the IPv4 WAN. Protocols such as DHCPv6 (with and without prefix delegation), PPPoE (running DHCPv6 or autoconf for address resolution), autoconf, or static IPv6 addressing can be used to provide native IPv6 connectivity on the WAN, whereas the most common tunneling protocols are 6to4 and 6rd. Read more...

Testing TR-069 LAN side CPE with CDRouter

The CDRouter TR-069 add-on module for CDRouter has the ability to test LAN-side devices, as defined in TR-181i1. TR-069 LAN-side devices are typically set-top boxes or VoIP endpoints that reside on the LAN side of the customer’s Internet Gateway Device (IGD) which may or may not support TR-069. The CDRouter TR-069 add-on supports automated testing for LAN-side devices. You can use this test setup to: Easily test TR-069 enabled LAN-side devices such as set-top boxes (STB) or voice-over-IP (VoIP) endpoints Can be used to test devices that are operating in both load-balancing mode or failover mode Automated PD-128 and data model profile testing for LAN-side devices CDRouter can test LAN devices that support Broadband Forum TR-104 (VoIPService data model), TR-135 (STBService data model), TR-196 (FAPService data model), TR-140 (StoargeService data model), and TR-181i1/i2 (Device root data models). Read more...

Testing Setup for a Gateway with a MoCA Bridge WAN

CDRouter can be used with routers that have a Multimedia over Coax Alliance (MoCA) interface through the use of an external MoCA bridge. the MoCA bridge is essentially a media converter with Ethernet on one side and MoCA on the other. It bridges packets from a MoCA network to Ethernet and vice-versa. ] In this setup CDRouter connects directly to DUT’s LAN interface and the MoCA bridge via Ethernet. The MoCA bridge is then connected to the DUT’s MoCA WAN interface. Read more...

Testing 6to4 and 6rd IPv6 Islands with CDRouter

The world has spent a long time on the road to native IPv6. Fortunately, protocol advancements have mitigated the arduous task of deploying the next generation Internet. Essentially the software counterpart to the last-mile problem, deploying IPv6 to the CPE is “the last 90%” of the work. The core Service Provider networks have always been easier, and thus earlier, to receive both hardware and software upgrades. One idea that has gained momentum is to use the IPv4 Internet as a point-to-point network connecting IPv6 “islands” through stateless, automatic tunnels. Read more...

Testing IPv6 over PPPoE and PPPoA with CDRouter

The IPv6 Over PPPoE Model There are two distinct phases required to establish a successful IPv6 connection over a PPPoE tunnel. The first phase involves establishment of the point-to-point link. The second phase deals with IPv6 addressing. In the IPv4 world, IP addresses are typically negotiated between the client and server using various IP Control Protocol (IPCP) options. IPCP is a PPP Network Control Protocol (NCP) formally defined in RFC 1332. Read more...

Static NAT Testing with CDRouter

The CDRouter Multiport add-on includes support for static NAT configurations. CPE devices that support this functionality will have two or more public IPv4 addresses. One public address is typically assigned to the primary WAN connection and one or more additional public IPv4 addresses are also assigned. These additional IPv4 addresses are used to allow a host on the LAN side of CPE to have its own public IPv4 address on the WAN. Read more...

DSL CPE Testing with CDRouter

CDRouter is the ideal tool for testing the higher layer functionality of DSL based CPE. With a few additions to the basic test setup, CDRouter can be used to test CPE utilizing any type of DSL or G.fast devices. Overview The test setup for DSL CPE devices is similar to the test setup for typical Ethernet-to-Ethernet routers, with one exception. Since CDRouter does not have the ability to terminate the CPE device’s DSL connection directly, a dedicated DSLAM must be included in the test setup. Read more...

Bridge mode testing with CDRouter

CDRouter includes support for testing basic Layer 2 bridging devices including wireless access points, broadband access devices, and Ethernet switches. CDRouter can be used to verify the following functionality of a DUT operating in bridge mode: IPv4 and IPv6 forwarding TR-069 client 802.1x port based authentication VLAN functionality Basic Configuration To enable bridge mode within CDRouter, set the testvar forwardingMode to bridge. This testvar supports two values, route for routing devices or bridge for Layer 2 bridging devices. Read more...

Configuring CDRouter for 802.1x Authentication on the WAN

CDRouter includes support for configurations involving 802.1X authentication on the WAN. 802.1X is typically used by service providers to authenticate a client or device and open a port on an 802.1X enabled DSLAM or switch for CPE traffic. CPE devices that support 802.1X on the WAN must include 802.1X supplicant functionality in addition to common IPv4 and IPv6 WAN connectivity options such as DHCP and PPPoE. About IEEE 802.1x IEEE 802. Read more...

Can I use CDRouter if my router has a built in xDSL interface?

Yes, although CDRouter does not support the termination of DSL interfaces directly. If the WAN interface on your router is DSL-based (ADSL/2/2+, VDSL/2, SDSL, SHDSL/SHDSL.bis, G.fast, etc.) as opposed to Ethernet-based, you have two main options. Option 1: Use an Ethernet/IP DSLAM and connect the Ethernet uplink port of the DSLAM directly to CDRouter’s designated WAN interface. In this configuration the DSLAM must be configured to terminate the ATM connection on the DSL interface and bridge all network traffic from the DSL interface to the uplink port. Read more...

Common testing issues with TR-069 and SSL

Here are solutions to a few common TR-069 SSL-related issues. The CPE does not have a time source Some CPE devices will not validate a SSL/TLS certificate from the ACS until a time source is established. TR-069 states that devices should skip date validation of certificates if a time source is not established. However, in practice some CPE devices simple end the SSL connection. A common symptom of this problem are DNS requests to an NTP server which is not configured. Read more...

DHCP Server Testing with CDRouter

CDRouter’s pre-defined test modules make it easy to quickly test and evaluate a CPE implementation’s integrated DHCP server. In addition, CDRouter’s flexible configuration options allow a wide variety of DHCP server scenarios to be simulated and tested in a consistent and repeatable fashion. The base version of CDRouter includes two test modules designed specifically for verifying a CPE’s DHCP server functionality. The first module, dhcp-s.tcl, includes targeted functional test cases while the second module, scaling. Read more...

How do I convert from a Java keystore certificate to .pem format?

To convert a Java keystore certificate to .pem format, follow these steps: Download and run the KeyTool IUI. Export the private key and certificate chains file from the keystore to a .pem file. This can be done by selecting Export > Keystore’s Entry > Private Key from the KeyTool IUI. Choose a target private key file and a target certificate chains file, and select .pem as the export format for both. Read more...

How do I create a reliable test setup for wireless testing?

When testing with a wireless interface, the link quality between the access point and the wireless adapter can impact test results. Some test cases are not tolerant of packet loss. Any packets dropped by the access point could lead to a test failure. When purely testing functionality and not the reliability of the over air connection, QA Cafe recommends directly connecting the antenna of the wireless card to the access point antenna using an adapter cable with the appropriate terminations. Read more...

Why does my 802.1x RADIUS session stop after the first packet?

Some 802.1x/EAPOL authenticator implementations expect to find the RADIUS “State” attribute in any RADIUS response from the server. Some RADIUS servers use the State attribute to maintain sessions and some RADIUS clients check for it. However, when these implementations do not find the State attribute, the RADIUS packet may be dropped. The packet trace would look as follows: INFO(setup): 16:41:36' Sending EAP-Start to initiate authorization process O>>>(lan): 16:41:36' 00:15:e9:30:8b:7e 00:0c:41:6d:e8:09 EAPOL EAPOL-Start INFO(setup): 16:41:36' Starting DHCP client on LAN interface eth2 O>>>(lan): 16:41:36' 0. Read more...

What NAT ALGs does CDRouter test?

CDRouter includes test cases for the following NAT ALGs: FTP DNS ICMP H.323 (outbound and inbound) MSN Messenger RTSP SIP IPSEC (IKE and IPSEC ESP) PPTP CDRouter also runs several applications through the device under test that do not require a full NAT ALG. These include: HTTP HTTPS SMTP POP3 TFTP

What is IPSEC SPI Tracking?

SPI tracking is a technique some vendors use to support IPSEC pass through with multiple IPSEC streams. It is not perfect since SPI conflicts can still occur and the router can not change the SPI, but it does work most of the time. The router can look at the SPI to distinguish one IPSEC stream from another. For more information please see http://www.microsoft.com/technet/community/columns/cableguy/cg0802.mspx

Port Scanning Test Configuration for IPv4 and IPv6

CDRouter includes port scanning test cases in the firewall.tcl module which will probe the WAN interface of the DUT for open TCP and UDP ports over IPv4. These open ports provide services either by the DUT or forwarded to internal LAN clients. Users of the CDRouter IPv6 add-on will find they can also perform similar tests over IPv6. Although there are certainly legitimate uses of port scanning, the vast majority of it occurs on the public Internet and is directed toward the WAN ports of random CPEs. Read more...

Storage name resolution methods and protocol caveats

Several methods to resolve storage service hosts CDRouter Storage allows a test engineer to execute various storage protocol tests against a storage-enabled device. In order for CDRouter to know the IP address of the storage service to be tested, it must either be told with an explicit IP address, or be given a DNS or NetBIOS name, or discover it using multicast DNS (disabled by default, with instructions to enable it included below). Read more...

IPSEC pass through testing

IPSEC pass through is a technique for allowing IPSEC packets to pass through a NAT router. By itself, IPSEC does not work when it travels through NAT. Newer IKE and IPSEC implementations support NAT-Traversal which is a technique to detect NAT and switch to UDP encapsultion for IPSEC ESP packets. However, many router vendors have developed a “pass through” technique that allows IPSEC packets to pass through NAT without NAT-T support. Read more...

GPON Testing With CDRouter

ITU-T G.984 defines gigabit-capable passive optical networks (GPON), which are point to multipoint networks that utilize passive optical splitters and wavelength division multiplexing to deliver high speed triple play data connections to homes and businesses. CDRouter is the perfect test tool for verifying the higher layer functionality of devices in a GPON system. Requirements The core gateway functionality of a GPON ONT can be tested with any version of CDRouter or CDRouter Multiport. Read more...

Testing dual-stack lite (DS-Lite) B4 CPE devices

CDRouter makes it easy to test dual-stack lite B4 CPE implementations on a functional level, and when combined with the many LAN modes of operation available, can help identify issues that are not visible by iterative conformance testing. Dealing with IPv6 transitioning Many IPv6 transition strategies have been provided. Some, such as 6to4, have been available to end users for years now, since ISPs have no prerequisite of IPv6 routing to support the 6to4 protocol. Read more...

Displaying the contents of an SSL certificate in Linux

You can display the contents of a PEM formatted certificate under Linux, using openssl: # openssl x509 -in acs.qacafe.com.pem -text The output of the above command should look something like this: cdrouter@linux:/usr/share/doc/cdrouter> openssl x509 -in acs.qacafe.com.pem -text Certificate: Data: Version: 3 (0x2) Serial Number: 73:10:d8:99:cd:08:43:56:57:e0:56:17:84:87:8e:e3 Signature Algorithm: sha1WithRSAEncryption Issuer: C=US, O=RSA Data Security, Inc., OU=Secure Server Certification Authority Validity Not Before: Jun 9 00:00:00 2006 GMT Not After : Jun 9 23:59:59 2007 GMT Subject: C=US, ST=New Hampshire, L=Portsmouth, O=QA Cafe, OU=CDRouter, OU=Terms of use at www. Read more...