Spirent Avalanche 5.46 February 29, 2024
Use the Subnets tab to configure subnet profiles. The tab contains a table that you maintain by adding and removing rows, whereby each row defines a different subnet profile. Below the table are several sub-tabs that you can use to define static routing, IP fragmentation, realism, PPP/PPPoE, DHCP, GTP, DS-Lite, PilotPkt, IPv6OverIPv4, IPSec, SSL VPN, VLAN, and VxLAN for one or more selected profiles. For information about flat subnets, see Generating Flat Subnets.
NOTES:
|
IMPORTANT: You can specify some of the fields that appear in the Subnets tab by selecting Subnet Profiles preferences in the Preferences Tool. You can also use the VLAN, MAC, and IPSec checkboxes that appear on the tab to cause the associated fields to appear. Your selections update the settings in both locations. |
The Subnets tab contains information about the following:
TIP: When editing the Subnets table, double-click a field to edit an individual entry, or take advantage of right-click commands to add, delete, and copy rows in the table. Additionally, you can select a range of rows and then right-click a column and use the Fill Increment or Fill Decrement commands to automatically enter values for various fields. See Subnets Tab Right-Click Short-Cuts for more information. |
Field | Description | ||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Table: | |||||||||||||||||||||||||||||||||||||||||||||||||||||
Show Subnet Profiles using | Select either IPv4 or IPv6 based on the IP version of your subnets. The Subnets table columns will vary depending on your selection. (The Field column in this documentation indicates "IPv4 only" or "IPv6 only" where appropriate.) Refer to the following RFCs for more information on IPv6:
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
VLAN | Select to display the VLAN subtab and configuration fields. You can also choose to display these fields by using the Subnet Profiles preferences. | ||||||||||||||||||||||||||||||||||||||||||||||||||||
MAC |
Select to display MAC configuration fields. You can also choose to display these fields by using the Subnet Profiles preferences. |
||||||||||||||||||||||||||||||||||||||||||||||||||||
IPSec | Select to display the IPSec subtab and configuration fields. You can also choose to display these fields by using the Subnet Profiles preferences. | ||||||||||||||||||||||||||||||||||||||||||||||||||||
Buttons |
Use the Global Settings button to launch the IPSec Global Rekey Settings window, in which you can specify global settings to initiate IPSec re-key connections across all tunnels simultaneously. Use the Policy Generator button (Client Subnet only) to launch the IPSec Policy Generator Wizard, which simplifies the task of creating a large number of subnets with varying IPSec policy settings. Use the following buttons to select a specific row in a range of rows selected in the table. The selected row is the one to which tab settings, such as Static Routing are applied.
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
RowID | Incremental row number. (This field is read-only.) | ||||||||||||||||||||||||||||||||||||||||||||||||||||
Subnet Name | The name uniquely identifies the subnet configuration. To add a new profile, right-click the blank row, and select Add Row, or click the Add Subnet button. A row with default entries appears.
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
IPv4 Fields: | |||||||||||||||||||||||||||||||||||||||||||||||||||||
IP Address (Range) (IPv4 only) | (Client Subnet only) Enter an IPv4 address or a range of IPv4 addresses from which you want to generate traffic for your test ports. Use CIDR notation. To change a range of rows, select the rows, right-click and use the commands that appear.
ExampleThe ranges 192.168.1.1-192.168.1.10 and 192.168.1.11-192.168.1.20 do not overlap, but subnets 192.168.1.1-192.168.1.10/24 and 192.168.1.11-192.168.1.20/24 actually belong to the same subnet because of the netmask bits, and are therefore bound to the same interface. If you generate a flat subnet, the second range is acceptable. |
||||||||||||||||||||||||||||||||||||||||||||||||||||
Netmask (IPv4 only) | Enter the number of bits in the network part of the address. For example, /24 represents 255.255.255.0, while /16 represents 255.255.0.0. You do not need to enter the slash (/). | ||||||||||||||||||||||||||||||||||||||||||||||||||||
Network (IPv4 only) | Enter the network address of your subnet, using CIDR notation. To change a range of rows, select the rows, right-click and use the commands that appear. | ||||||||||||||||||||||||||||||||||||||||||||||||||||
Default Gateway (IPv4 or IPv6) |
Select to enable the Default Gateway option. By default, the first address of the IP range associated with the subnet appears in the Gateway Address field after you select this option. (See the next field.) Selecting Default Gateway also enables the Enable Static Routing Checkbox in the Static Routing tab.
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Gateway Address (IPv4 or IPv6) | The IP address of the default gateway for the selected subnet. This address is based on the IP address range of the subnet. The address also appears as an read-only entry in the Static Routing table. To specify additional static routes for the subnet, use the Static Routing fields. | ||||||||||||||||||||||||||||||||||||||||||||||||||||
MAC Byte 1 Byte 2 (IPv4 only) |
Select the MAC option to enable MAC masquerading. Enter HEX values in the Byte 1 and Byte 2 fields, to use a separate MAC address for each emulated client or server. The first two bytes are as configured. The remaining four bytes are equivalent to the IP address of the client or server.
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Randomize IP (IPv4 only) | (Client Subnet only) Select if you want Avalanche to randomly select an IP address from the IP address range. If you do not select this option, Avalanche selects the IP address sequentially. | ||||||||||||||||||||||||||||||||||||||||||||||||||||
IPv6 Fields: (Use the Show Subnet Profiles using field to define an IPv6 subnet.) | |||||||||||||||||||||||||||||||||||||||||||||||||||||
Static Addressing (IPv6 only) | Select to specify an IPv6 address (or range). This enables the IPv6 Address (Range) field below.
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
IPv6 Address (Range) (IPv6 only) | Enter an IPv6 address or a range of IPv6 addresses from which you want to generate traffic for your test ports. Use colon hexadecimal notation. Example 3FFE::0200:FF:FE00:1-3FFE::0200:FF:FE00:FF |
||||||||||||||||||||||||||||||||||||||||||||||||||||
Assign Prefix (IPv6 only) |
An IPv6 prefix indicates the fixed part of the address. (As in IPv4 CIDR notation, this defines the network portion of the address.) Select to specify an IPv6 address range using an IPv6 prefix address and prefix length. This enables the Prefix Address and Prefix Length fields.
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Prefix Address (IPv6 only) |
Enter an IPv6 prefix address using colon hexadecimal notation. Example Prefix Address = 3FFE::0 Interface ID = 200:FF:FE00:101-200:FF:FE00:1FF Prefix Length = 64 bits The first address in the range would be 3FFE::200:FF:FE00:101. |
||||||||||||||||||||||||||||||||||||||||||||||||||||
Prefix Length (IPv6 only) | Enter an IPv6 prefix length in bits, from 0 to 128. (See the example for the Prefix Address field.) | ||||||||||||||||||||||||||||||||||||||||||||||||||||
MAC Start Address (IPv6 only) |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
# Host (IPv6 only) | The number of IPv6 hosts. | ||||||||||||||||||||||||||||||||||||||||||||||||||||
MAC End Address (IPv6 only) | The ending MAC address in the range used for generating IPv6 host addresses. | ||||||||||||||||||||||||||||||||||||||||||||||||||||
MLD Version (Client IPv6 only) | The version of Multicast Listener Discovery (MLD) that controls multicast channels for IPv6. This version will be used in Video On Demand (VoD) Multicast tests. The available versions are 1 and 2.
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Disable DAD (IPv6 only) | Select to omit the Duplicate Address Detection (DAD) function for IPv6 when a host attempts to claim an IPv6 address. This will avoid delays that occur with the DAD protocol, which specifies that the host send two inquiries before the host can claim the address for itself. | ||||||||||||||||||||||||||||||||||||||||||||||||||||
VLAN Fields: | |||||||||||||||||||||||||||||||||||||||||||||||||||||
VLAN Inner VLAN ID |
Select the VLAN option and enter a VLAN ID to include a VLAN tag with the specified ID in every packet transmitted from this subnet. If you use VLAN stacking via the VLAN subtab, this field is the inner VLAN ID, and the field displays "(QinQ)" next to the value.
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
SSL VPN Fields: | |||||||||||||||||||||||||||||||||||||||||||||||||||||
Enable SSL VPN |
Select to enable SSL VPN for this subnet. You enter additional SSL VPN parameters in the SSL VPN tab.
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
VxLAN Fields: | |||||||||||||||||||||||||||||||||||||||||||||||||||||
Enable VxLAN |
A Virtual eXtensible Local Area Network (VXLAN) provides an encapsulation scheme, whereby a Layer 2 network overlays a Layer 3 network. This encapsulation means a VXLAN is also considered a tunneling scheme. Select to enable VXLAN for this subnet. You enter additional VXLAN parameters in the VxLAN tab.
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GTP Fields: | |||||||||||||||||||||||||||||||||||||||||||||||||||||
Enable GTP |
GPRS Tunneling Protocol (GTP) is a group of IP-based communications protocols used to carry general packet radio service (GPRS). It allows end users of a GSM (Global System for Mobile Communications) or UMTS (Universal Mobile Telecommunications System) network to move from place to place, while continuing to connect to the Internet, as if from one location at the GGSN (gateway GPRS support node). The Avalanche GTP implementation allows you to test your Layer 4-7 devices that are running in GPRS core networks, such as firewalls, intrusion detection and prevention systems (IDS/IPS), deep packet inspectors (DPI), and load balancers. The Avalanche client emulates SGSN (serving GPRS support node) Gn interface functionality, and the Avalanche server emulates GGSN Gn interface functionality. Select to enable GTP for this subnet. You enter additional GTP parameters in the GTP tab.
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
DS-Lite Fields: | |||||||||||||||||||||||||||||||||||||||||||||||||||||
Enable DS-Lite |
Dual Stack Lite (DS-Lite) supports IPv4 over IPv6 network stacks. That is, it creates IPv4 clients over an IPv6 link. Avalanche simulates two gateways to send and receive DS-Lite packets, using a tunneling method. Select to enable Dual Stack Lite (DS-Lite) for this subnet. You enter additional DS-Lite parameters in the DS-Lite tab.
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
IPv6OverIPv4 Fields: | |||||||||||||||||||||||||||||||||||||||||||||||||||||
Enable IPv6OverIPv4 (IPv6 only) |
IPv6 rapid deployment (6rd) is a mechanism used by an Internet service provider (ISP) to rapidly deploy IPv6 unicast service to IPv4 sites to which it provides customer-premises equipment (CPE). It is derived from 6to4, a preexisting mechanism to transfer IPv6 packets over the IPv4 network.
The Avalanche IPv6OverIPv4 implementation creates a tunnel to encapsulate IPv6 packets. It supports both 6rd and 6to4 methods of calculating the IPv6 addresses. IPv6OverIPv4 supports most application layer protocols that Avalanche supports. Select to enable IPv6OverIPv4 for this subnet. You enter additional IPv6OverIPv4 parameters in the IPv6OverIPv4 tab.
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
IPSec Fields: | |||||||||||||||||||||||||||||||||||||||||||||||||||||
Enable IPSec |
Select to enable IPSec for this subnet. You enter additional Avalanche VPN parameters in the IPSec tab.
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Remote Access | Select to specify a Remote Access scenario. Deselect to specify a Site-to-Site scenario. | ||||||||||||||||||||||||||||||||||||||||||||||||||||
Vendor ID |
Select to enable the Vendor ID options in the IPSec tab. The Vendor ID Payload contains a vendor-defined constant. Vendors use this constant to identify and recognize remote instances of their implementations. See the following RFCs for more information:
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Gateway Version |
The IP version of the gateways. (Enabled only for the Site-to-Site tunnel.) Select to display a drop-down menu with these options:
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Local Gateway | The IP address of the local gateway. (Enabled only for the Site-to-Site tunnel.)
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
MAC Address | The MAC address of the local gateway. (Enabled only for the Site-to-Site tunnel.) | ||||||||||||||||||||||||||||||||||||||||||||||||||||
Remote Gateway | The IP address of the remote gateway.
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
IKE Version |
The version of IKE to use to establish SAs. Select to display a drop-down menu with these options:
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
ISAKMP ID Type |
The type of ISAKMP (Internet Security Association and Key Management Protocol) identification payload that corresponds to the ISAKMP ID field.
Select to display a drop-down menu with these options:
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
ISAKMP ID | A string representing the ISAKMP identification payload, used as an identifier.
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
D-H Group |
The Diffie-Hellman group for Phase 1. The size of the group determines the level of security of the Diffie-Hellman key exchange. (The higher the group number, the greater the security.) The groups use traditional exponentiation over a prime modulus (MODP). These options are key exchanges only, and do not encrypt the data. Select to display a drop-down menu with the following options for both IKEv1 and IKEv2:
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Hash |
The hash authentication method used for Phase 1 to verify that the packets being received were sent by the stated source. Select to display a drop-down menu with the following options, depending on the IKE Version:
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Encryption |
The encryption method used for Phase 1 to transform the payload data in the packets from an intelligible form (plaintext) into an unintelligible form (ciphertext), and back. Select to display a drop-down menu with these options, depending on the IKE Version:
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Authentication |
The authentication method for Phase 1. (Enabled for both the Site-to-Site and Remote Access scenarios.) Select to display a drop-down menu with these options:
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Preshared Key | The key string to be used when doing Preshared Key authentication (above). | ||||||||||||||||||||||||||||||||||||||||||||||||||||
XAuth (IKEv1 only) |
The type of XAuth (Extended Authentication) for Phase 1. (Enabled only for the Remote Access scenario.) Select to display a drop-down menu with these options:
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Forms DB |
(Client Subnet only) Select to use a forms database instead of the following fields. (These fields are disabled when you select this checkbox.)
First, create a forms database file, and then select the forms database name that you created in the File field in the IPSec tab. (Enabled only for the Remote Access scenario.)
Example1 You configure a test to use Remote Access with three IPs/hosts in the subnet range. You select Generic XAuth, and you want to use different Preshared Key values, different usernames and passwords, different ISAKMP ID values, but the same ISAKMP ID Type for each IP in the subnet. Enter the values in the forms database as follows:
You configure a test to use Remote Access (with any type of XAuth) and four IPs/hosts in the subnet range. You want to use unique digital certificates, keys, and CA certificates for each IP in the subnet. Manually copy all the digital certificate and key files under the C:\Documents and Settings\...\Application Data\Avalanche\ProjectName\certs\ directory. Manually copy all the CA certificate files under the C:\Documents and Settings\...\Application Data\Avalanche\ProjectName\cacerts\ directory. Then enter the corresponding values in the forms database as follows: ,,,,,,,certfile1,keyfile1,cacert1 ,,,,,,,certfile2,keyfile2,cacert2 ,,,,,,,certfile3,keyfile3,cacert3 ,,,,,,,certfile4,keyfile4,cacert4
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Group Name (IPv4 only) | (Client Subnet only) The group name when the gateway is being used for multiple users. This is supported when the authentication mode is XAuth and set to RemoteVPN. (Enabled only for the Remote Access scenario.) | ||||||||||||||||||||||||||||||||||||||||||||||||||||
Group Password (IPv4 only) | (Client Subnet only) The group password when the gateway is being used for multiple users. This is supported when the authentication mode is XAuth and set to RemoteVPN. (Enabled only for the Remote Access scenario.) | ||||||||||||||||||||||||||||||||||||||||||||||||||||
User Name | The string base from which the user names are generated (e.g., User####) when the authentication mode is XAuth. (Enabled only for the Remote Access scenario.)
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Password | The string base from which the passwords are generated (e.g., Password####) when the authentication mode is XAuth. (Enabled only for the Remote Access scenario.)
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Remote Network Ver (IPv6 only) |
The IP version of the remote network. (Enabled only for the Remote Access scenario.) Select to display a drop-down menu with these options:
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Internal Addresses (IPv4 only) | (Server Subnet only) An IPv4 address or range used for generating IPv4 addresses, depending on the IKE Version as follows:
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Internal Netmask (IPv4 only) | (Server Subnet only) The subnet mask for Internal Addresses. | ||||||||||||||||||||||||||||||||||||||||||||||||||||
Internal DNS1 (IPv4 only) | (Server Subnet only) The primary DNS server's IP address for Internal Addresses. | ||||||||||||||||||||||||||||||||||||||||||||||||||||
Internal DNS2 (IPv4 only) | (Server Subnet only) The secondary DNS server's IP address for Internal Addresses. | ||||||||||||||||||||||||||||||||||||||||||||||||||||
Internal IPv6 Prefix (IPv6 only) |
(Server Subnet only) Enter an IPv6 prefix address using colon hexadecimal notation for the network specified by Internal IPv6 Addresses. Example Prefix Address = 3FFE::0 Interface ID = 200:FF:FE00:101-200:FF:FE00:1FF Prefix Length = 64 bits The first address in the range would be 3FFE::200:FF:FE00:101. |
||||||||||||||||||||||||||||||||||||||||||||||||||||
Internal Bits (IPv6 only) | (Server Subnet only) Enter an IPv6 prefix length in bits, from 0 to 128 for the network specified by Internal IPv6 Addresses. (See the example for the Internal IPv6 Prefix field.) | ||||||||||||||||||||||||||||||||||||||||||||||||||||
Internal IPv6 Addresses (IPv6 only) | (Server Subnet only) The MAC address or range used for generating IPv6 addresses, depending on the IKE Version as follows:
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Internal IPv6 DNS1 (IPv6 only) | (Server Subnet only) The primary DNS server's IP address for the network specified by Internal IPv6 Addresses. | ||||||||||||||||||||||||||||||||||||||||||||||||||||
Internal IPv6 DNS2 (IPv6 only) | (Server Subnet only) The secondary DNS server's IP address for the network specified by Internal IPv6 Addresses. | ||||||||||||||||||||||||||||||||||||||||||||||||||||
Static Routing Tab Fields (supported for IPv4 and IPv6, as specified by the Show Subnet Profiles using field, and indicated in the Field column below): | |||||||||||||||||||||||||||||||||||||||||||||||||||||
Enable Static Routing | Select to emulate a router for this subnet.
Click the Add Route and Delete Route buttons to add and remove rows from the table that appear below the Static Routing tab; use the table to define static routing entries for IPv4 or IPv6 addresses as described below. |
||||||||||||||||||||||||||||||||||||||||||||||||||||
Network Address (IPv4 only) | The IPv4 address of the network for which this routing table entry applies. | ||||||||||||||||||||||||||||||||||||||||||||||||||||
Netmask Bits (IPv4 only) | The number of bits in the specified network that comprise the network part of the IPv4 address. | ||||||||||||||||||||||||||||||||||||||||||||||||||||
Prefix Address (IPv6 only) |
The IPv6 prefix address of the network for which this routing table entry applies. Use colon hexadecimal notation. Example 3FFE::FF:FE:00:00 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
Prefix Length (IPv6 only) | Enter the IPv6 prefix length in bits, from 0 to 128. | ||||||||||||||||||||||||||||||||||||||||||||||||||||
Static Routing Gateway | The IPv4 or IPv6 address of the gateway to which packets destined to the specified network should be sent. | ||||||||||||||||||||||||||||||||||||||||||||||||||||
Buttons |
Add Route: Adds a row to the Static Routing table. Delete Route: Deletes a selected row from the Static Routing table. |
||||||||||||||||||||||||||||||||||||||||||||||||||||
IP Fragmentation Tab Fields (supported for IPv4 and IPv6, as specified by the Show Subnet Profiles using field): | |||||||||||||||||||||||||||||||||||||||||||||||||||||
Enable IP Fragmentation | Select to fragment all datagrams transmitted from this subnet. | ||||||||||||||||||||||||||||||||||||||||||||||||||||
Send Fragments in Reverse Order | Select to transmit fragments in reverse order. This allows testing of worst-case reassembly scenarios. | ||||||||||||||||||||||||||||||||||||||||||||||||||||
IP Payload Fragment Size (bytes) | The number of bytes contained in each fragment for the IP data only.
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Fragmentation Percentage | Select the percentage of IP datagrams whose size exceeds the IP Payload Fragment Size from the drop-down menu. These datagrams are fragmented, before being sent to the destination, from TCP/UDP layers above the IP layer. | ||||||||||||||||||||||||||||||||||||||||||||||||||||
Error Generation | Select the type of error generation.
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Realism Tab Fields: The fields in the Realism tab include the variables for both the Receiver side and Sender side. | |||||||||||||||||||||||||||||||||||||||||||||||||||||
Line Speed |
Select the bit rate (bits per second) that a simulated user will use to connect to a network, or link speed. Select Max Speed (default), a predefined value, or User Defined from the drop-down menu. For the latter, enter the number of bits per second in the text field. For the client, you configure Line Speed on a per-host basis. For the server, you configure Line Speed across all servers in the subnet. Example If you have three hosts on the client subnet, and set the Line Speed to 10 kbps, you will see that traffic is generated at 30 kbps in the client statistics. So, if you want traffic generated from the client at only 10 kbps, you should have one host on the client subnet with 10 kbps Line Speed.
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Packet Loss Frequency | Select the frequency at which you want the Packet Loss condition to occur from the drop-down menu. A value of 0.01% emulates a Packet Loss condition approximately once for every 10,000 packets. This entry emulates conditions, such as noisy network traffic or a DUT (device under test) dropping packets, by deliberately dropping a certain number of packets at random. | ||||||||||||||||||||||||||||||||||||||||||||||||||||
Number of Packets to Drop | When a Packet Loss condition occurs, a block of packets are dropped. Enter the number of packets that you want to drop when the emulated Packet Loss condition occurs. A value of 5 for Number of Packets to Drop and a value of 0.01% for Packet Loss Frequency will drop approximately 5 consecutive packets for every 10,000 packets. | ||||||||||||||||||||||||||||||||||||||||||||||||||||
Delay Time | Enter a fixed link propagation delay (in milliseconds) that emulates the distance of the subnets involved. To this delay, you can also add a delay Variation that emulates the queuing and processing delay at intermediate hops in the internet/network. The sum of these two delays is the total delay used per packet. You can configure these delays on a per subnet basis for outgoing and incoming traffic separately (that is, receive side and send side of the interface). | ||||||||||||||||||||||||||||||||||||||||||||||||||||
Variation | Select the type of delay variation and the values that determine it. This delay variation gets added to the Delay Time.
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Type of Service (Hex) |
(Sender side only) The Type of Service (ToS) value is an 8-bit hex value that is inserted in the IP header of all outgoing segments from the subnet. ToS is useful for device, application, and application infrastructure testing. Example Use Cases You can use ToS with Device testing to measure a device's ability to honor QoS settings:
Use the TOS calculator (click the icon next to the field) to obtain a ToS value.
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
PPP/PPPoE Tab Fields: | |||||||||||||||||||||||||||||||||||||||||||||||||||||
Use PPP (client only) Enable PPP (server only) |
You configure PPP groups in the PPP Group window. Then, you can apply a PPP group to a subnet. Select Use PPP and PPPoE, and then choose the PPP Group Name that you want to apply to the subnet. Select the PPP Group Name that you want to use, or use the buttons in the pane to create, copy, edit, or delete a configuration. Create a new configuration. Copy the configuration selected in the drop-down menu. Edit the configuration selected in the drop-down menu. Delete the configuration selected in the associated drop-down menu. Note that if you delete a configuration associated with an advanced test, it becomes unavailable to other tests within the project. (Server Subnet only)Select Enable PPP. You can select Negotiation IP Range (IPv4 only) to enable IP negotiation from the PPP server through IPCP. The PPP client will be assigned an IPv4 address from the pool that you specify here (range or single address). You can also specify a Primary DNS Server IP and Secondary DNS Server IP (IPv4 only).
Additional settings and limitations
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Use PPPoE (client only) Enable PPPoE (server only) |
(Client Subnet only)
You configure PPPoE groups in the PPPoE Group window. Then, you can apply a PPPoE group to a subnet. Select Use PPP and PPPoE, and then choose the PPPoE Group Name that you want to apply to the subnet. Select the PPPoE Group Name that you want to use, or use the buttons in the pane to create, copy, edit, or delete a configuration. Create a new configuration. Copy the configuration selected in the drop-down menu. Edit the configuration selected in the drop-down menu. Delete the configuration selected in the associated drop-down menu. Note that if you delete a configuration associated with an advanced test, it becomes unavailable to other tests within the project. (Server Subnet only)Select Enable PPPoE, and then enter an AC Name (access concentrator name) and Service Name based on the characteristics that apply to the PPPoE connection. |
||||||||||||||||||||||||||||||||||||||||||||||||||||
DHCP Tab, Request Configuration Parameters (Client Subnet only): | |||||||||||||||||||||||||||||||||||||||||||||||||||||
Enable DHCP | For an IPv4 subnet, select to enable DHCPv4, so that Avalanche requests one IPv4 address from a DHCPv4 server, and does not use the IP Address field on the Subnets tab. (The IP Address field is disabled after you enable DHCP.)
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
DHCP-PD Option (IPv6 only) | Select to enable DHCP-PD (prefix delegation), so that Avalanche requests an IPv6 prefix from a DHCPv6 server instead of requesting an IPv6 address. | ||||||||||||||||||||||||||||||||||||||||||||||||||||
Timeout | The time in milliseconds that Avalanche waits for the DHCP server to supply an IP address, if the first attempt is unsuccessful. | ||||||||||||||||||||||||||||||||||||||||||||||||||||
Retries | The number of retries that Avalanche performs to request an IP address from the DHCP server, if the first attempt is unsuccessful. | ||||||||||||||||||||||||||||||||||||||||||||||||||||
Number of IP Addresses | The number of IP addresses from which you want to generate traffic. (The actual IP addresses are assigned by the DHCP server.) | ||||||||||||||||||||||||||||||||||||||||||||||||||||
DHCP Tab, Vendor Options (Client Subnet only, IPv4 only): | |||||||||||||||||||||||||||||||||||||||||||||||||||||
Option 60 (RFC 2131) |
The value of option 60 (Vendor Class Identifier). This option identifies the vendor's equipment, for example, a set-top box manufacturer and software version. Enter a string, such as "Spirent."
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Option 82 (RFC 3046) | The value of option 82 (Agent Information Option). This option identifies the user, for example, a unique ID that is assigned to each user and sent to the service provider, so that it can validate to which services the user has subscribed. Enter a value pair, such as "3000" and "3333," in the adjacent fields.
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Use This Forms DB | Alternatively, you can select a forms database to use from the drop-down menu for the Option 60 and Option 82 fields. In this case, you enter $1, $2, $3, as applicable, in the Option 60 and Option 82 text fields. | ||||||||||||||||||||||||||||||||||||||||||||||||||||
DS-Lite Tab Fields:
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
Local Gateway Address |
The IPv6 address of the local gateway. The default is as follows:
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Remote Gateway Address |
The IPv6 address of the remote gateway. The default is as follows:
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Prefix Length | Enter an IPv6 prefix length in bits, from 0 to 128. (See the example for the Prefix Address field.) The default is 64. | ||||||||||||||||||||||||||||||||||||||||||||||||||||
SSL VPN Tab Fields (Client Subnet):
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
SSL VPN HTTPS (Client Subnet): | |||||||||||||||||||||||||||||||||||||||||||||||||||||
The user name used for authentication. | |||||||||||||||||||||||||||||||||||||||||||||||||||||
Password |
The password used for authentication. | ||||||||||||||||||||||||||||||||||||||||||||||||||||
Group Name (Cisco only) |
The region used for authentication. | ||||||||||||||||||||||||||||||||||||||||||||||||||||
Unique ID (Palo Alto only) |
A string to be used to form a unique ID for the subnet/core. Each subnet can be assigned to multiple associations, and thus divided into multiple cores. As an example, if you specify "SSLVPN" for this field, and the subnet is divided into two cores, then the unique ID will become "SSLVPN-Core0" for core 0 and "SSLVPN-Core1" for core 1. | ||||||||||||||||||||||||||||||||||||||||||||||||||||
Use FormsDB |
Select to specify a forms database for the User Name, Password, and Group Name/Unique ID fields, and then select the forms database name from the drop-down menu. An example forms database for the Cisco vendor is as follows: username1,password1,region1username2,password2,region2 username3,password3,region3 An example forms database for the Palo Alto vendor is as follows: username1,password1,subnet1username2,password2,subnet2 username3,password3,subnet3 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
TCP Port |
The TCP port number on the secure gateway. | ||||||||||||||||||||||||||||||||||||||||||||||||||||
Select to specify an FQDN (fully qualified domain name) for the secure gateway. | |||||||||||||||||||||||||||||||||||||||||||||||||||||
SSL VPN HTTPS IP Address/Hostname |
The HTTPS IPv4/IPv6 address or FQDN of the secure gateway. | ||||||||||||||||||||||||||||||||||||||||||||||||||||
Enable DNS Query for Every User |
(Enabled when Enable FQDN is selected.) Select to perform a DNS query for each SimUser. Deselect to perform one DNS query for the subnet (default).
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
TLS Configuration |
See the TLS field descriptions in the Client Profiles TLS/SSL Configuration Fields.
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Tunnel Settings (Client Subnet): | |||||||||||||||||||||||||||||||||||||||||||||||||||||
DTLS
(Cisco only) |
Select to enable the Datagram Transport Layer Security (DTLS) tunnel setup. The DTLS tunnel is set up after the TLS tunnel has been established. All data message traffic over the SSL VPN tunnel is transmitted inside the DTLS tunnel, once established. All control message traffic is transmitted inside the TLS tunnel. If deselected, a TLS tunnel is set up. All data and control message traffic is transmitted inside the TLS tunnel. |
||||||||||||||||||||||||||||||||||||||||||||||||||||
DTLS Version
(Cisco only)
|
Select one of the following versions to use when DTLS is enabled:
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
ESP (Palo Alto only) |
Select to enable Encapsulating Security Payload (ESP) for IPSec. The ESP protocol provides authentication, as well as confidentiality through the use of encryption algorithms.
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Disable ICMP Pings (Palo Alto only) |
Applies to the GlobalProtect VPN. Select to disable sending ICMP ping commands from the client for an ESP tunnel setup.
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Vendor |
The SSL VPN vendor. Select one of the following:
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
User Agent |
A string indicating information to be reflected in the CONNECT request packet in the tunnel connection phase. Select one of the following for Cisco vendor:
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Address Type in Tunnel | The IP address version inside the tunnel (IPv4 or IPv6). | ||||||||||||||||||||||||||||||||||||||||||||||||||||
MTU |
The maximum transmission unit (MTU) inside the tunnel.
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Ciphers Available and Selected |
Available: Lists ciphers from which you can select. Selected: Lists ciphers that you selected from the Available list and want to use with the profile. Select one or more entries in the Available list, and then click the arrow button to move them into the Selected list. If you no longer want to use a cipher, select it in the Selected list, and then click the arrow button to move it back to the Available list. To change the order of ciphers in the Selected list, select the cipher and then click the up or down buttons. |
||||||||||||||||||||||||||||||||||||||||||||||||||||
Signature Hash Algorithms (Palo Alto only) |
The hash algorithms that the client supports for digital signatures.
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
SSL VPN Tab Fields (Server Subnet):
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
SSL VPN HTTPS (Server Subnet): | |||||||||||||||||||||||||||||||||||||||||||||||||||||
Address Version |
The IP address version (IPv4 or IPv6) of the SSL VPN gateway. | ||||||||||||||||||||||||||||||||||||||||||||||||||||
SSL VPN HTTPS IP Address |
The HTTPS IP address of the SSL VPN gateway. | ||||||||||||||||||||||||||||||||||||||||||||||||||||
SSL VPN TLS Configuration (Server Subnet): | |||||||||||||||||||||||||||||||||||||||||||||||||||||
SSL VPN Profile Name |
Select the SSL VPN profile that you want to use from the drop-down menu, or use the buttons as follows: Create a new profile. Configure the SSL VPN profile fields that appear. Copy the currently selected profile, specifying a new name when prompted. Edit the currently selected profile. Configure the SSL VPN profile fields that appear. Delete the currently selected profile, confirming when prompted. |
||||||||||||||||||||||||||||||||||||||||||||||||||||
SSL VPN Profile (Server Subnet): | |||||||||||||||||||||||||||||||||||||||||||||||||||||
Port | The port number on the SSL VPN gateway. | ||||||||||||||||||||||||||||||||||||||||||||||||||||
DTLS (Cisco only) |
Select to enable the Datagram Transport Layer Security (DTLS) tunnel setup. The DTLS tunnel is set up after the TLS tunnel has been established. All data message traffic over the SSL VPN tunnel is transmitted inside the DTLS tunnel, once established. All control message traffic is transmitted inside the TLS tunnel. If deselected, a TLS tunnel is set up. All data and control message traffic is transmitted inside the TLS tunnel. |
||||||||||||||||||||||||||||||||||||||||||||||||||||
Vendor |
The SSL VPN vendor.
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Address Type in Tunnel | The IP address version inside the tunnel (IPv4 or IPv6). | ||||||||||||||||||||||||||||||||||||||||||||||||||||
Address Range in Tunnel | The IP address range inside the tunnel. | ||||||||||||||||||||||||||||||||||||||||||||||||||||
MTU |
The maximum transmission unit (MTU) inside the tunnel.
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
TLS/SSL Configuration |
See the field descriptions in the Server TLS/SSL Configuration.
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
VxLAN Tab Fields:
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
Local VTEP IP | The VXLAN Tunnel End Point (VTEP) local IPv4 address. | ||||||||||||||||||||||||||||||||||||||||||||||||||||
Remote VTEP IP | The VXLAN Tunnel End Point (VTEP) remote IPv4 address. | ||||||||||||||||||||||||||||||||||||||||||||||||||||
VNI |
The VXLAN Network Identifier (VNI) or VXLAN Segment ID. Each VXLAN segment is identified through this 24-bit segment ID. The default value is 100. The valid range is 0 to 16777215. |
||||||||||||||||||||||||||||||||||||||||||||||||||||
DST MAC |
Select to configure the destination MAC address. This will override the outer ethernet destination MAC address. If deselected, the outer ethernet destination MAC address will use the MAC address of the Remote VTEP IP. Default value: FF:FF:FF:FF:FF:FF |
||||||||||||||||||||||||||||||||||||||||||||||||||||
VLAN Tab Fields:
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
VLAN TAG | The VLAN ID. The last entry in this table reflects the Inner VLAN ID for the currently selected row in the Subnets table.
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Start Address | The starting IP address to use for VLAN TAG INCREMENT. For example, you can set this to be the first IP address in the IP Address (Range) field for the subnet.
Example (where Start Address is blank and IPSec is disabled) The VLAN ID of host A (vidA) is derived from the following formula: vidA = startVid + (ipA – networkA) * vidInc Where:
For example:
Result:
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
VLAN TAG INCREMENT | If non-zero, the value by which to increment the VLAN ID for each host.
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
VLAN TAG PROTOCOL ID |
The tag protocol identifier (TPID) for the VLAN. The default value is 0x8100, which indicates that the frame carries 802.1Q/802.1p tag information. Select to display a drop-down menu with these options:
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
VLAN PRIORITY | The user priority for the VLAN. The valid range is 0 to 7. | ||||||||||||||||||||||||||||||||||||||||||||||||||||
VLAN CFI | The one-bit canonical format indicator (CFI) for the VLAN. The default value is 0. | ||||||||||||||||||||||||||||||||||||||||||||||||||||
Buttons |
Delete: Deletes a selected row from the VLAN table. Down: Moves the selected row down to the next entry. Up: Moves the selected row up to the previous entry. Copy: Copies the selected row and appends it to the end of the VLAN table. New: Adds a row to the end of the VLAN table.
|
© 2024 Spirent Communications, Inc. All Rights Reserved.