Test Sample System Configuration v2.0

1. Base configuration (v2.0-0)

The test sample image, FedoraLinux14-1.ova (2.159 GB)

This version of the test sample IPv6 system is based on Fedora 14. Again, this choice is simply for convenience and concreteness, and does not represent any specific endorsement.

a. Test sample contents

Here are the version numbers of the most relevant packages installed:

	kernel		2.6.35.11-83
	dhcp		12:4.2.0-19.P2
	dnssec-tools	1.8-4
	httpd		2.2.17-1
	iputils		20100418-3
	net-snmp	1:5.5-21
	openssh		5.5p1-24
	openssl		1.0.0d-1
	quagga		0.99.17-1
	radvd		1.6-2
	strongSwan	4.5.1 (non-RPM - not part of Fedora)

	tcpdump		14:4.1.1-1
	wireshark	1.4.4-1

The following packages are installed, but disabled in the supplied configuration. They have been (minimally) tested and should be functional, provided you have a need for them:

	iptables	1.4.9-1
	snort		2.8.5.1-1
	NetworkManager	1:0.8.3.997-1
	SELinux		(lib 2.0.96-6, policy 3.9.7-31)

The complete package list, as produced by "yum list installed": sample1/yumsample1.txt

b. Test sample format

The sample this time is a virtual machine image, produced by VirtualBox, specifically VirtualBox 4.0.4 with Guest Additions. The image is in Open Virtualization Archive (OVA) format, which should, theoretically at least, work with any product supporting OVF/OVA.

The virtual machine used to create the image was configured with a 32-bit (i686 type) processor, 800 MB of RAM, 8 GB of disk space, a 12 MB "generic" display adapter, and three network adapters, set up as follows:

eth0 - attached to the VirtualBox NAT; not visible to outside networks. This is intended for external connectivity for software installation and the like, and not for testing purposes.
eth1 - bridged to the host system's eth0 adapter.
eth2 - bridged to the host system's eth1 adapter.

All the adapters are set up to be configured by DHCP (v4 and/or v6); this can of course be changed as desired.

This virtual machine is admittedly quite constrained; this is due to the limitations of the host machines I had to work with and not any other factor. If your systems have sufficient available resources, you will find it more pleasant to expand at least the amount of RAM allocated to the VM.

c. Additional notes

While the virtual machine image was, to an extent, "cleaned," it is likely some remnants of the local testing configuration remain. Please ignore/overwrite these when setting up the system for your own testing.

The system was configured with two accounts: admin and root, both with password "ipv6@usg" (without the quotes). The admin account is authorized to use sudo.

IPsec with IKEv2 functionality is provided by StrongSwan, v4.5.1. Since this is not included in Fedora 14, it was built and installed from source, on the VM itself. The source code and configuration used may be found in the VM, in

/usr/src/strongswan

Note in particular that this was built with charon (IKEv2 daemon) but without pluto (IKEv1 daemon). This configuration was tested and found to work in both tunnel and transport mode. It was built with the intent of supporting all the required cryptographic algorithms, but this has not yet been tested in detail.

2. Testing instrumentation (v2.0-1)

An instrumented test configuration of the above, with certain selected defects introduced, is forthcoming.

To return to the IPv6 software distribution main page:
https://www-x.antd.nist.gov/ipv6

Point Of Contact:
webmaster@antd.nist.gov

Last update: Mon 14 Mar 2011