SONATA - SCTP Over NAT Adaptation
Testing
Testing the NAT implementation comes in two flavours. If is not enough to
verify that the NAT algorithm/implementation be functionally correct, it is also
essential that the final solution be efficient in resource usage. Efficiency
concerns are important to ensure that the solution is scalable to large-scale
NAT implementations and also to enable it to efficiently run on low-powered
routers as might be found in a home-access situation.
The functionality of the NAT implementation needs to be considered under a
number of different scenarios that includes:
- End-host failure - The NAT must continue to operate correctly
during an abrupt failure of one or both of the association end-hosts
- NAT failure - The SCTP session should properly terminate in the
event of the NAT box failing and coming back online
- Multiple NAT boxes -This includes an end-host being behind multiple
NAT boxes and the situation where both end-hosts are hidden behind
a NAT
- Multiple end-points - Need to be considered to verify NAT
functionality
- Collision Scenarios - While the SCTP protocol caters for a number
of collision scenarios, it is essential to ensure that this functionality
is not broken by the NAT implementation
Testbed Information
A flexible testbed will be built with sperate machines being used to server
as each end-host and as the NAT implementation. Multi-homing will be implemented
using IP-based tunnels and VTun coupled
with appropriate routing table configuration. This will allow flexibility in
bringing links and networks up and down easily by terminating the tunnels as
required.
Generating Traffic
The SCTP test application will be modified to generate a continuous, low-rate
data stream over an association using multiple IP addresses. A continuous
stream allows the NAT implementation to see a continuous stream of packets for
working on while the low-rate stream ensures that the packet rate is slow enough
for debugging purposes. When performance testing of the NAT implementation is
required the data rate will need to be increased.
Capturing and Analysing Traffic
To ensure that all traffic is captured, we need to capture on the physical
interface rather than the virtual tunnel interfaces. However this makes it more
difficult to decode the SCTP packets being transmitted over each individual
tunnel. We aim to develop a plug-in module for
Ethereal to decode the VTun datagrams and
allow the existing IP/SCTP modules to decode the payload contents
SCTP NAT Test Tools
Tools to test an SCTP NAT (both functionality and performance testing) can be
downloaded here. These tools are designed
to test generic SCTP NAT implementations and can be used on both the
SONATA NAT implementation as well as
other black-box NAT implementations.
|
