Training

Cloudflare's 1.1.1.1 DNS service and the effect on broadband gateways

4 min read

In the world of the Internet, it’s vitally important that technologies keep evolving. Change is a rule of all technology, even if it comes slowly to fundamental systems like DNS (Domain Name Service). The company Cloudflare is an infrastructure provider for web applications and networks that has solutions for performance, security, and reliability - including DNS. In April of 2018, Cloudflare launched a new publicly facing DNS resolver at 1. Keep reading

Testing tips

Automating your test environment with the CDRouter web API

3 min read

Though CDRouter contains thousands of test cases, much of its power comes from being a fully capable automation platform for your entire test process. In addition to automating CDRouter test cases, you can use the CDRouter API to connect with your continuous integration, external test tools, or other applications to make your testing even easier. How to interact with CDRouter CDRouter contains three methods for interacting with its automation engine, configuration, and test packages. Keep reading

Training

Testing Wifi Association Behavior

2 min read

Wifi delays have a big effect on user experience Delays from Wifi are one of the biggest reasons why end users end up having a bad experience when trying to use the network. In addition to the latency caused by retransmissions, the speed at which devices associate and re-associate is a factor that is mostly unseen by the end user but can result in serious frustration. Testing Wifi association behavior is one of the most basic metrics to gain about your DUT at this layer. Keep reading

Testing tips

Testing ARP issues in CDRouter

11 min read

Earlier we posted about new issues we’ve discovered with ARP implementations in the areas of security and robustness. In CDRouter 10.5 we added new tests to handle these discoveries. Here’s how they work: Testing These Issues with CDRouter Basic Tests The first three tests in the new ARP module, arp_1, arp_2, and arp_3, are basic tests that are designed to verify that the Device Under Test (DUT) responds to different types of ARP requests from clients on the LAN. Keep reading

Training

Revisiting ARP for security and robustness

3 min read

by Joe McEachern & Matt Langlois What is old is new again In today’s security-focused world, every protocol is a potential attack point, even a protocol as old and localized as ARP. ARP was originally defined in 1982 as RFC 826. Despite its age, Linux kernel code for ARP is still being actively developed. There have been more than 10 commits (11 as of October 2017) made to the net/ipv4/arp. Keep reading

Training

Experimenting with SIP and call timing on a gateway

4 min read

One of the fundamental functions of many home and business gateways is to act as a SIP ALG (Application Layer Gateway) for setting up, routing, and terminating VoIP telephone calls. This presents some difficulty with Network Address Translation (NAT) functionality that we’ve covered before. However, there’s other functional behavior when it comes to SIP call setup and the resulting RTP streams that can be missed without some rigorous experimentation. Keep reading

Training

Testing SIP Aware Routers

8 min read

Testing SIP aware CPE routers is a critical part of an over-all Voice over IP test strategy. CDRouter is perfect for testing SIP aware routers using a real world test setup. Using the CDRouter SIP test module, network and QA engineers can quickly verify the behavior of a SIP aware device and avoid costly interoperability problems. SIP and NAT SIP has become the leading signaling protocol for establishing Voice over IP calls between soft-phones and other VoIP applications. Keep reading

Training

9 Most Common Router Bugs

5 min read

QA Cafe has been testing CPE routers since 2002 trying to test as many routers as we can find. During this time we have learned that the quality level of home and business routers/gateways on the market varies considerably. The following are some of the common problems that are exposed by testing with the CDRouter test suite. Packet Loss During the DHCP Renewal Process The CDRouter test suite can force a router to renew its DHCP lease at short intervals. Keep reading

Training

DHCPv6 Prefix Delegation in Edge Routers

4 min read

In the course of developing the test suite for DHCPv6 prefix delegation, QA Cafe encountered a number of implementation issues that impact the functionality of IPv6 connectivity. Some of these potential implementation issues are discussed below. Implementation Issues with IPv6 Prefix Delegation in DHCP Now that IPv6 is moving out of the core and into residential networks, DHCPv6 prefix delegation has emerged as the leading technique to provision IPv6 CPE devices. Keep reading

Training

Multi-service gateway testing with CDRouter

6 min read

Multi-service gateways are typically configured with two or more independent, logical WAN connections, or channels, for different services, such as voice, video, and data. These service channels are then aggregated onto a single physical WAN connection through the use of VLANs. This allows operators to easily manage, route, and prioritize traffic from a large number of subscribers. CDRouter can easily test gateways that are configured for multiple services, ensuring that your products can deliver them effectively to subscribers and businesses. Keep reading

Training

Testing Wifi Scalability with Wireless Station Virtualization

3 min read

Nearly every home device has Wifi capability, and with the emergence of the Internet of Things, that number is likely to increase exponentially. It will be more important than ever to ensure that Wifi routers and access points can handle the load and the applications that are likely to be accessed by all of these Wifi enabled devices. CDRouter 9.2 introduced the ability to simulate many wireless stations from a single wlan interface. Keep reading

Training

Router Bugs - IKE NAT Traversal

2 min read

QA Cafe is constantly testing as many home networking devices as we can find, both to make sure CDRouter is the best testing product around and to find new and interesting tests to write. During that time, we have learned that the quality level of home and business routers/gateways on the market varies considerably. We know the world of networking protocols is complex and nuanced, and often a slight oversight in a standard or interpretation of a standard can mean the difference between a functioning home networking product and a high-tech paperweight. Keep reading

Testing tips

Test Setup for Dual-Stack Router Providing IPv6 Connectivity via 6to4 Tunnels Over the IPv4 WAN

3 min read

What is dual-stack? Dual-stack CPE devices typically enable IPv6 connectivity via native IPv6 connections on the WAN or via tunneling protocols that transmit encapsulated IPv6 packets over the IPv4 WAN. Protocols such as DHCPv6 (with and without prefix delegation), PPPoE (running DHCPv6 or autoconf for address resolution), autoconf, or static IPv6 addressing can be used to provide native IPv6 connectivity on the WAN, whereas the most common tunneling protocols are 6to4 and 6rd. Keep reading

Testing tips

Testing 6to4 and 6rd IPv6 Islands with CDRouter

7 min read

The world has spent a long time on the road to native IPv6. Fortunately, protocol advancements have mitigated the arduous task of deploying the next generation Internet. Essentially the software counterpart to the last-mile problem, deploying IPv6 to the CPE is “the last 90%” of the work. The core Service Provider networks have always been easier, and thus earlier, to receive both hardware and software upgrades. One idea that has gained momentum is to use the IPv4 Internet as a point-to-point network connecting IPv6 “islands” through stateless, automatic tunnels. Keep reading

Testing tips

Static NAT Testing with CDRouter

5 min read

The CDRouter Multiport add-on includes support for static NAT configurations. CPE devices that support this functionality will have two or more public IPv4 addresses. One public address is typically assigned to the primary WAN connection and one or more additional public IPv4 addresses are also assigned. These additional IPv4 addresses are used to allow a host on the LAN side of CPE to have its own public IPv4 address on the WAN. Keep reading

Testing tips

Bridge mode testing with CDRouter

7 min read

CDRouter includes support for testing basic Layer 2 bridging devices including wireless access points, broadband access devices, and Ethernet switches. CDRouter can be used to verify the following functionality of a DUT operating in bridge mode: IPv4 and IPv6 forwarding TR-069 client 802.1x port based authentication VLAN functionality Basic Configuration To enable bridge mode within CDRouter, set the testvar forwardingMode to bridge. This testvar supports two values, route for routing devices or bridge for Layer 2 bridging devices. Keep reading

Training

Configuring CDRouter for 802.1x Authentication on the WAN

8 min read

CDRouter includes support for configurations involving 802.1X authentication on the WAN. 802.1X is typically used by service providers to authenticate a client or device and open a port on an 802.1X enabled DSLAM or switch for CPE traffic. CPE devices that support 802.1X on the WAN must include 802.1X supplicant functionality in addition to common IPv4 and IPv6 WAN connectivity options such as DHCP and PPPoE. About IEEE 802.1x IEEE 802. Keep reading

Training

DHCP Server Testing with CDRouter

8 min read

CDRouter’s pre-defined test modules make it easy to quickly test and evaluate a CPE implementation’s integrated DHCP server. In addition, CDRouter’s flexible configuration options allow a wide variety of DHCP server scenarios to be simulated and tested in a consistent and repeatable fashion. The base version of CDRouter includes two test modules designed specifically for verifying a CPE’s DHCP server functionality. The first module, dhcp-s.tcl, includes targeted functional test cases while the second module, scaling. Keep reading

Training

Why does my 802.1x RADIUS session stop after the first packet?

1 min read

Some 802.1x/EAPOL authenticator implementations expect to find the RADIUS “State” attribute in any RADIUS response from the server. Some RADIUS servers use the State attribute to maintain sessions and some RADIUS clients check for it. However, when these implementations do not find the State attribute, the RADIUS packet may be dropped. The packet trace would look as follows: INFO(setup): 16:41:36' Sending EAP-Start to initiate authorization process O>>>(lan): 16:41:36' 00:15:e9:30:8b:7e 00:0c:41:6d:e8:09 EAPOL EAPOL-Start INFO(setup): 16:41:36' Starting DHCP client on LAN interface eth2 O>>>(lan): 16:41:36' 0. Keep reading

Training

Port Scanning Test Configuration for IPv4 and IPv6

6 min read

CDRouter includes port scanning test cases in the firewall.tcl module which will probe the WAN interface of the DUT for open TCP and UDP ports over IPv4. These open ports provide services either by the DUT or forwarded to internal LAN clients. Users of the CDRouter IPv6 add-on will find they can also perform similar tests over IPv6. Although there are certainly legitimate uses of port scanning, the vast majority of it occurs on the public Internet and is directed toward the WAN ports of random CPEs. Keep reading

Training

Storage name resolution methods and protocol caveats

3 min read

Several methods to resolve storage service hosts CDRouter Storage allows a test engineer to execute various storage protocol tests against a storage-enabled device. In order for CDRouter to know the IP address of the storage service to be tested, it must either be told with an explicit IP address, or be given a DNS or NetBIOS name, or discover it using multicast DNS (disabled by default, with instructions to enable it included below). Keep reading

Training

IPSEC pass through testing

2 min read

IPSEC pass through is a technique for allowing IPSEC packets to pass through a NAT router. By itself, IPSEC does not work when it travels through NAT. Newer IKE and IPSEC implementations support NAT-Traversal which is a technique to detect NAT and switch to UDP encapsultion for IPSEC ESP packets. However, many router vendors have developed a “pass through” technique that allows IPSEC packets to pass through NAT without NAT-T support. Keep reading

Training

Testing dual-stack lite (DS-Lite) B4 CPE devices

8 min read

CDRouter makes it easy to test dual-stack lite B4 CPE implementations on a functional level, and when combined with the many LAN modes of operation available, can help identify issues that are not visible by iterative conformance testing. Dealing with IPv6 transitioning Many IPv6 transition strategies have been provided. Some, such as 6to4, have been available to end users for years now, since ISPs have no prerequisite of IPv6 routing to support the 6to4 protocol. Keep reading