skyBuilders.com skyPipes Manual Index
The Berkeley tcpdump command
The GNU grep command

Testing Manual
  This page is a description of how to determine whether the Advanced Router is performing properly. Currently only the Network Address Translation and Static Alternative Routes features have had a test sequence designed. At a later date, sequences for testing Dead Gateway Detection and Tandem Failover will be designed.

Testing Network Address Translation and Static Alternative Routing
  The method for testing these features consists of the simple analysis of network traffic at the packet level on each of the interfaces of the Advanced Router. This analysis can be performed by any number of ip traffic analysis tools, such as iptraf, ethereal, netsaint, WebTrends, etc. Feel free to substitute any of those tools. In these simple tests, the Berkeley command line tool tcpdump is used to output TCP/IP headers so that they can simply be read. It is used in conjunction with the GNU command line tool called grep (defined), which "finds lines that match an entered pattern", and is used to filter the output of tcpdump to just the packets that mention a desired IP address.

  The command to start this filtered output looks like:
  # tcpdump -n -i eth0 | grep <a routable IP address>
  "-n" is an option that tells tcpdump not to perform reverse domain name lookup, included in order to speed the output. "-i" is an option that allows the specification of an interface from which to output traffic. "A routable IP address" is the address of the internet host where the test requests will originate.

  To begin the test, open one shell (a command line terminal) for each interface on the Advanced Router host. In each of these shells, prepare the above command to generate output from each of the interfaces, filtering for the IP address of a machine in a routable subnet elsewhere on the internet (so that all requests will be coming from outside the IP spaces connected to the Advanced Router host). Then open one more shell, this time on the external host. From there, execute a set of ping commands and telnet or ssh commands, to view ICMP and TCP traffic. Choose a host in the internal LAN/DMZ that requires testing. Execute a ping and an ssh command for each of the external addresses associated with the internal host. Carefully examine the output of each tcpdump process during each of these executions.
  The proper sequence is for requests to appear on an external interface's output with the external host address as source address and the external address of the internal host as the destination, then both request and response should appear on the output of the internal interface with the request having the external host address as source address and the internal, translated address of the internal host as the destination and the reponse having the internal, translated address of the internal host as source address and the external host address as the destination, then the responses should appear back on the external interface's output having the originally requested external address of the internal host as source address and the external host address as the destination.

  Here's an example which consists of an external host in a routable IP space somewhere else on the internet, the Advanced Router host, with external interfaces on each of three routable IP spaces and an internal interface on the DMZ, and a DMZ host.

External Host
208.177.192.203
The Internet
206.253.4.30
206.253.4.4
64.119.133.30
64.119.133.4
64.2.134.190
64.2.134.164
External Interfaces
Advanced Router
Internal Interface
10.10.40.1
10.10.40.4

DMZ Host

The external host IP address 208.177.192.201
 
The DMZ host
The nonroutable DMZ IP address 10.10.40.4
  A translated routable IP address 206.253.4.4
  A translated routable IP address 64.119.133.4
  A translated routable IP address 64.2.134.164

  The following commands took place on five separate shells simultaneously.

An ssh test against an internal host, 10.10.40.4, which has external addresses 206.253.4.4, 64.119.133.4, and 64.2.134.164:
eth0:

[root@externalhost root]# ssh 206.253.4.4
root@206.253.4.4's password:

[root@advancedrouter root]# tcpdump -n -i eth0 | grep 208.177.192.201
tcpdump: listening on eth0
13:07:41.101206 208.177.192.201.49107 > 206.253.4.4.ssh: S 2345892692:2345892692(0) win 5840 <mss 1460,sackOK,timestamp 96349466 0,nop,wscale 0> (DF)
13:07:41.101673 206.253.4.4.ssh > 208.177.192.201.49107: S 3272877966:3272877966(0) ack 2345892693 win 5792 <mss 1460,sackOK,timestamp 700322737 96349466,nop,wscale 0> (DF)
13:07:41.128022 208.177.192.201.49107 > 206.253.4.4.ssh: . ack 1 win 5840 <nop,nop,timestamp 96349469 700322737> (DF)
13:07:41.130647 206.253.4.4.ssh > 208.177.192.201.49107: P 1:24(23) ack 1 win 5792 <nop,nop,timestamp 700322740 96349469> (DF)
13:07:41.157813 208.177.192.201.49107 > 206.253.4.4.ssh: . ack 24 win 5840 <nop,nop,timestamp 96349472 700322740> (DF)
13:07:41.159673 208.177.192.201.49107 > 206.253.4.4.ssh: P 1:23(22) ack 24 win 5840 <nop,nop,timestamp 96349472 700322740> (DF)
13:07:41.159860 206.253.4.4.ssh > 208.177.192.201.49107: . ack 23 win 5792 <nop,nop,timestamp 700322743 96349472> (DF)
13:07:41.160979 206.253.4.4.ssh > 208.177.192.201.49107: P 24:512(488) ack 23 win 5792 <nop,nop,timestamp 700322743 96349472> (DF)
13:07:41.197841 208.177.192.201.49107 > 206.253.4.4.ssh: P 23:503(480) ack 24 win 5840 <nop,nop,timestamp 96349475 700322743> (DF)
13:07:41.234387 208.177.192.201.49107 > 206.253.4.4.ssh: . ack 512 win 6432 <nop,nop,timestamp 96349480 700322743> (DF)
13:07:41.234601 206.253.4.4.ssh > 208.177.192.201.49107: . ack 503 win 6432 <nop,nop,timestamp 700322750 96349475> (DF)
13:07:41.261714 208.177.192.201.49107 > 206.253.4.4.ssh: P 503:527(24) ack 512 win 6432 <nop,nop,timestamp 96349482 700322750> (DF)
13:07:41.270166 206.253.4.4.ssh > 208.177.192.201.49107: P 512:936(424) ack 527 win 6432 <nop,nop,timestamp 700322754 96349482> (DF)
13:07:41.304254 208.177.192.201.49107 > 206.253.4.4.ssh: . ack 936 win 7504 <nop,nop,timestamp 96349487 700322754> (DF)
13:07:41.344308 208.177.192.201.49107 > 206.253.4.4.ssh: P 527:943(416) ack 936 win 7504 <nop,nop,timestamp 96349489 700322754> (DF)
13:07:41.376223 206.253.4.4.ssh > 208.177.192.201.49107: . ack 943 win 7504 <nop,nop,timestamp 700322765 96349489> (DF)
13:07:41.424168 206.253.4.4.ssh > 208.177.192.201.49107: P 936:1672(736) ack 943 win 7504 <nop,nop,timestamp 700322769 96349489> (DF)
13:07:41.505283 208.177.192.201.49107 > 206.253.4.4.ssh: . ack 1672 win 8832 <nop,nop,timestamp 96349507 700322769> (DF)
13:07:46.059072 208.177.192.201.49107 > 206.253.4.4.ssh: P 943:959(16) ack 1672 win 8832 <nop,nop,timestamp 96349962 700322769> (DF)
13:07:46.059340 206.253.4.4.ssh > 208.177.192.201.49107: . ack 959 win 7504 <nop,nop,timestamp 700323233 96349962> (DF)
13:07:46.086034 208.177.192.201.49107 > 206.253.4.4.ssh: P 959:1007(48) ack 1672 win 8832 <nop,nop,timestamp 96349965 700323233> (DF)
13:07:46.086235 206.253.4.4.ssh > 208.177.192.201.49107: . ack 1007 win 7504 <nop,nop,timestamp 700323235 96349965> (DF)
13:07:46.086537 206.253.4.4.ssh > 208.177.192.201.49107: P 1672:1720(48) ack 1007 win 7504 <nop,nop,timestamp 700323236 96349965> (DF)
13:07:46.113920 208.177.192.201.49107 > 206.253.4.4.ssh: . ack 1720 win 8832 <nop,nop,timestamp 96349967 700323236> (DF)
13:07:46.117785 208.177.192.201.49107 > 206.253.4.4.ssh: P 1007:1071(64) ack 1720 win 8832 <nop,nop,timestamp 96349967 700323236> (DF)
13:07:46.156468 206.253.4.4.ssh > 208.177.192.201.49107: . ack 1071 win 7504 <nop,nop,timestamp 700323243 96349967> (DF)
13:07:56.143289 206.253.4.4.ssh > 208.177.192.201.49107: P 1720:1800(80) ack 1071 win 7504 <nop,nop,timestamp 700324241 96349967> (DF)
13:07:56.175265 208.177.192.201.49107 > 206.253.4.4.ssh: P 1071:1167(96) ack 1800 win 8832 <nop,nop,timestamp 96350974 700324241> (DF)
13:07:56.175504 206.253.4.4.ssh > 208.177.192.201.49107: . ack 1167 win 7504 <nop,nop,timestamp 700324244 96350974> (DF)
13:07:56.176516 206.253.4.4.ssh > 208.177.192.201.49107: P 1800:1880(80) ack 1167 win 7504 <nop,nop,timestamp 700324244 96350974> (DF)
13:07:56.257671 208.177.192.201.49107 > 206.253.4.4.ssh: . ack 1880 win 8832 <nop,nop,timestamp 96350981 700324244> (DF)
13:07:59.482198 208.177.192.201.49107 > 206.253.4.4.ssh: F 1167:1167(0) ack 1880 win 8832 <nop,nop,timestamp 96351304 700324244> (DF)
13:07:59.483107 206.253.4.4.ssh > 208.177.192.201.49107: F 1880:1880(0) ack 1168 win 7504 <nop,nop,timestamp 700324575 96351304> (DF)
13:07:59.509396 208.177.192.201.49107 > 206.253.4.4.ssh: . ack 1881 win 8832 <nop,nop,timestamp 96351307 700324575> (DF)

[root@advancedrouter root]# tcpdump -n -i eth1 | grep 208.177.192.201
tcpdump: listening on eth1

[root@advancedrouter root]# tcpdump -n -i eth2 | grep 208.177.192.201
tcpdump: listening on eth2

[root@advancedrouter root]# tcpdump -n -i eth3 | grep 208.177.192.201
tcpdump: listening on eth3
13:07:41.101380 208.177.192.201.49107 > 10.10.40.4.ssh: S 2345892692:2345892692(0) win 5840 <mss 1460,sackOK,timestamp 96349466 0,nop,wscale 0> (DF)
13:07:41.101633 10.10.40.4.ssh > 208.177.192.201.49107: S 3272877966:3272877966(0) ack 2345892693 win 5792 <mss 1460,sackOK,timestamp 700322737 96349466,nop,wscale 0> (DF)
13:07:41.128096 208.177.192.201.49107 > 10.10.40.4.ssh: . ack 1 win 5840 <nop,nop,timestamp 96349469 700322737> (DF)
13:07:41.130614 10.10.40.4.ssh > 208.177.192.201.49107: P 1:24(23) ack 1 win 5792 <nop,nop,timestamp 700322740 96349469> (DF)
13:07:41.157868 208.177.192.201.49107 > 10.10.40.4.ssh: . ack 24 win 5840 <nop,nop,timestamp 96349472 700322740> (DF)
13:07:41.159732 208.177.192.201.49107 > 10.10.40.4.ssh: P 1:23(22) ack 24 win 5840 <nop,nop,timestamp 96349472 700322740> (DF)
13:07:41.159840 10.10.40.4.ssh > 208.177.192.201.49107: . ack 23 win 5792 <nop,nop,timestamp 700322743 96349472> (DF)
13:07:41.160945 10.10.40.4.ssh > 208.177.192.201.49107: P 24:512(488) ack 23 win 5792 <nop,nop,timestamp 700322743 96349472> (DF)
13:07:41.197920 208.177.192.201.49107 > 10.10.40.4.ssh: P 23:503(480) ack 24 win 5840 <nop,nop,timestamp 96349475 700322743> (DF)
13:07:41.234454 208.177.192.201.49107 > 10.10.40.4.ssh: . ack 512 win 6432 <nop,nop,timestamp 96349480 700322743> (DF)
13:07:41.234585 10.10.40.4.ssh > 208.177.192.201.49107: . ack 503 win 6432 <nop,nop,timestamp 700322750 96349475> (DF)
13:07:41.261784 208.177.192.201.49107 > 10.10.40.4.ssh: P 503:527(24) ack 512 win 6432 <nop,nop,timestamp 96349482 700322750> (DF)
13:07:41.270135 10.10.40.4.ssh > 208.177.192.201.49107: P 512:936(424) ack 527 win 6432 <nop,nop,timestamp 700322754 96349482> (DF)
13:07:41.304330 208.177.192.201.49107 > 10.10.40.4.ssh: . ack 936 win 7504 <nop,nop,timestamp 96349487 700322754> (DF)
13:07:41.344381 208.177.192.201.49107 > 10.10.40.4.ssh: P 527:943(416) ack 936 win 7504 <nop,nop,timestamp 96349489 700322754> (DF)
13:07:41.376191 10.10.40.4.ssh > 208.177.192.201.49107: . ack 943 win 7504 <nop,nop,timestamp 700322765 96349489> (DF)
13:07:41.424132 10.10.40.4.ssh > 208.177.192.201.49107: P 936:1672(736) ack 943 win 7504 <nop,nop,timestamp 700322769 96349489> (DF)
13:07:41.505351 208.177.192.201.49107 > 10.10.40.4.ssh: . ack 1672 win 8832 <nop,nop,timestamp 96349507 700322769> (DF)
13:07:46.059146 208.177.192.201.49107 > 10.10.40.4.ssh: P 943:959(16) ack 1672 win 8832 <nop,nop,timestamp 96349962 700322769> (DF)
13:07:46.059322 10.10.40.4.ssh > 208.177.192.201.49107: . ack 959 win 7504 <nop,nop,timestamp 700323233 96349962> (DF)
13:07:46.086104 208.177.192.201.49107 > 10.10.40.4.ssh: P 959:1007(48) ack 1672 win 8832 <nop,nop,timestamp 96349965 700323233> (DF)
13:07:46.086218 10.10.40.4.ssh > 208.177.192.201.49107: . ack 1007 win 7504 <nop,nop,timestamp 700323235 96349965> (DF)
13:07:46.086513 10.10.40.4.ssh > 208.177.192.201.49107: P 1672:1720(48) ack 1007 win 7504 <nop,nop,timestamp 700323236 96349965> (DF)
13:07:46.113982 208.177.192.201.49107 > 10.10.40.4.ssh: . ack 1720 win 8832 <nop,nop,timestamp 96349967 700323236> (DF)
13:07:46.117860 208.177.192.201.49107 > 10.10.40.4.ssh: P 1007:1071(64) ack 1720 win 8832 <nop,nop,timestamp 96349967 700323236> (DF)
13:07:46.156436 10.10.40.4.ssh > 208.177.192.201.49107: . ack 1071 win 7504 <nop,nop,timestamp 700323243 96349967> (DF)
13:07:56.143254 10.10.40.4.ssh > 208.177.192.201.49107: P 1720:1800(80) ack 1071 win 7504 <nop,nop,timestamp 700324241 96349967> (DF)
13:07:56.175319 208.177.192.201.49107 > 10.10.40.4.ssh: P 1071:1167(96) ack 1800 win 8832 <nop,nop,timestamp 96350974 700324241> (DF)

Edit  |  workFlow  |  Subscribe  |
 Comments (0)
Language: fr  | it  | de  | es  | pt  | ar  | he  | da  | nl  | zh  | ja  | ko  | none 
Author: dtd

This Version:
This version is archived at: http://www.skypipes.com/manual/testing.20031211130915.html

Requests
 Version: 11184 | Series: 11184 

Search: Site | Web | Groups
0 of 0 Comments on http://www.skypipes.com/manual/testing.html
New Post | Comment By Email
View by: Date | Thread
Search
Any Date | Date In Range
Start: 
Submit Post
Name or Email:
Password:
Subject: