This version of the test sample IPv6 system is based on Fedora 14. Again, this choice is simply for convenience and concreteness, and does not represent any specific endorsement.
Here are the version numbers of the most relevant packages installed:
kernel 18.104.22.168-83 dhcp 12:4.2.0-19.P2 dnssec-tools 1.8-4 httpd 2.2.17-1 iputils 20100418-3 net-snmp 1:5.5-21 openssh 5.5p1-24 openssl 1.0.0d-1 quagga 0.99.17-1 radvd 1.6-2 strongSwan 4.5.1 (non-RPM - not part of Fedora) tcpdump 14:4.1.1-1 wireshark 1.4.4-1The following packages are installed, but disabled in the supplied configuration. They have been (minimally) tested and should be functional, provided you have a need for them:
iptables 1.4.9-1 snort 22.214.171.124-1 NetworkManager 1:0.8.3.997-1 SELinux (lib 2.0.96-6, policy 3.9.7-31)The complete package list, as produced by "yum list installed": sample1/yumsample1.txt
The sample this time is a virtual machine image, produced by VirtualBox, specifically VirtualBox 4.0.4 with Guest Additions. The image is in Open Virtualization Archive (OVA) format, which should, theoretically at least, work with any product supporting OVF/OVA.
The virtual machine used to create the image was configured with a 32-bit (i686 type) processor, 800 MB of RAM, 8 GB of disk space, a 12 MB "generic" display adapter, and three network adapters, set up as follows:
This virtual machine is admittedly quite constrained; this is due to the limitations of the host machines I had to work with and not any other factor. If your systems have sufficient available resources, you will find it more pleasant to expand at least the amount of RAM allocated to the VM.
While the virtual machine image was, to an extent, "cleaned," it is likely some remnants of the local testing configuration remain. Please ignore/overwrite these when setting up the system for your own testing.
The system was configured with two accounts: admin and root, both with password "ipv6@usg" (without the quotes). The admin account is authorized to use sudo.
IPsec with IKEv2 functionality is provided by StrongSwan, v4.5.1. Since this is not included in Fedora 14, it was built and installed from source, on the VM itself. The source code and configuration used may be found in the VM, in
/usr/src/strongswanNote in particular that this was built with charon (IKEv2 daemon) but without pluto (IKEv1 daemon). This configuration was tested and found to work in both tunnel and transport mode. It was built with the intent of supporting all the required cryptographic algorithms, but this has not yet been tested in detail.
An instrumented test configuration of the above, with certain selected defects introduced, is forthcoming.
Point Of Contact:
Last update: Mon 14 Mar 2011