"The Codenomicon tools are amazing. Using them is like being attacked by the most relentless adversary who uses every possible method to find flaws in your code
We fixed subtle crash bugs in Samba that had been in the code for over ten years. We would never have found those bugs without the Codenomicon tools.
If you're serious about implementing protocols correctly, you need the Codenomicon tools."
-- Jeremy Allison,
Co Creator of Samba
Products by Protocol
ICMPv6 Data Sheet
- Test Suite: ICMPv6
- Direction: Server
Internet Control Message Protocol (ICMPv6) for the Internet Protocol Version 6 (IPv6) specifies a set of control messages for IPv6. The messages are used for procedures like Neighbor Discovery, Path MTU discovery. ICMPv6 Test Suite can be used for evaluating IPv6 implementations for security flaws and robustness problems in ICMPv6.
Used specifications
| Specification | Title |
|---|---|
| RFC894 | A Standard for the Transmission of IP Datagrams over Ethernet Networks |
| RFC2104 | HMAC: Keyed-Hashing for Message Authentication |
| RFC2375 | IPv6 Multicast Address Assignments |
| RFC2403 | The Use of HMAC-MD5-96 within ESP and AH |
| RFC2404 | The Use of HMAC-SHA1-96 within ESP and AH |
| RFC2405 | The ESP DES-CBC Cipher Algorithm With Explicit IV |
| RFC2410 | The NULL Encryption Algorithm and Its Use With IPsec |
| RFC2451 | The ESP CBC-Mode Cipher Algorithms |
| RFC2460 | Internet Protocol, Version 6 (IPv6) Specification |
| RFC2462 | IPv6 Stateless Address Autoconfiguration |
| RFC2464 | Transmission of IPv6 Packets over Ethernet Networks |
| RFC2710 | Multicast Listener Discovery (MLD) for IPv6 |
| RFC2894 | Router Renumbering for IPv6 |
| RFC3041 | Privacy Extensions for Stateless Address Autoconfiguration in IPv6 |
| RFC3122 | Extensions to IPv6 Neighbor Discovery for Inverse Discovery Specification |
| RFC3590 | Source Address Selection for the Multicast Listener Discovery (MLD) Protocol |
| RFC3602 | The AES-CBC Cipher Algorithm and Its Use with IPsec |
| RFC3756 | IPv6 Neighbor Discovery (ND) Trust Models and Threats |
| RFC3810 | Multicast Listener Discovery Version 2 (MLDv2) for IPv6 |
| RFC3956 | Embedding the Rendezvous Point (RP) Address in an IPv6 Multicast Address |
| RFC3971 | SEcure Neighbor Discovery |
| RFC3972 | Cryptographically Generated Addresses (CGA) |
| RFC4065 | Seamoby IANA Allocations |
| RFC4066 | Candidate Access Router Discovery (CARD) |
| RFC4068 | Fast Handovers for Mobile IPv6 |
| RFC4140 | HMIPv6 |
| RFC4191 | Router Preferences and More-Specific Routes |
| RFC4193 | Unique Local IPv6 Unicast Addresses |
| RFC4286 | Multicast Router Discovery |
| RFC4301 | Security Architecture for the Internet Protocol |
| RFC4302 | IP Authentication Header |
| RFC4303 | IP Encapsulating Security Payload |
| RFC4308 | Cryptographic Suites for IPsec |
| RFC4389 | Neighbor Discovery Proxies (ND Proxy) |
| RFC4429 | Optimistic Duplicate Address Detection (DAD) for IPv6 |
| RFC4443 | Internet Control Message Protocol (ICMPv6) for the Internet Protocol Version 6 (IPv6) Specification |
| RFC4604 | Using Internet Group Management Protocol Version 3 (IGMPv3) and Multicast Listener Discovery Protocol Version 2 (MLDv2) for Source-Specific Multicast |
| RFC4620 | IPv6 Node Information Queries |
| RFC4727 | Experimental Values in IPv4, IPv6, ICMPv6, UDP and TCP Headers |
| RFC4835 | Cryptographic Algorithm Implementation Requirements for Encapsulating Security Payload (ESP) and Authentication Header (AH) |
| RFC4861 | Neighbor Discovery for IP Version 6 (IPv6) |
| RFC4884 | Extended ICMP to Support Multi-Part Messages |
| RFC5006 | IPv6 RA Option for DNS Configuration |
| RFC5175 | IPv6 RA Option for DNS Configuration |
Test tool general features
- Fully automated black-box negative testing
- Ready-made test cases
- Written in Java(tm)
- GUI, command line, remote interface modes
- Instrumentation (health-check) capability
- Support and maintenance
- Comprehensive user documentation
- Results reporting and analysis
Tool-specific information
| Tested ICMPv6 messages | Specifications | Notes |
|---|---|---|
| Destination Unreachable | RFC4443 | |
| Packet Too Big | RFC4443 | |
| Time Exceeded | RFC4443 | |
| Parameter Problem | RFC4443 | |
| Echo Request | RFC4443 | |
| Echo Reply | RFC4443 | |
| Multicast Listener Discovery | RFC2710 | Also MLDv2 discovery supported (RFC3810) |
| Multicast Listener Report | RFC2710 | |
| Multicast Listener Done | RFC2710 | |
| Router Solicitation | RFC4861 | |
| Router Advertisement | RFC4861 | |
| Neighbor Solicitation | RFC4861 | |
| Neighbor Advertisement | RFC4861 | |
| Redirect | RFC4861 | |
| Router Renumbering | RFC2894 | |
| Node Information Query | RFC4620 | |
| Node Information Reply | RFC4620 | |
| Inverse Neighbor Solicitation | RFC3122 | |
| Inverse Neighbor Advertisement | RFC3122 | |
| MLDv2 Report | RFC3810 | |
| Certification Path Solicitation | RFC3971 | |
| Certification Path Solicitation | RFC3971 | |
| Multicast Router Advertisement | RFC4286 | |
| Multicast Router Solicitation | RFC4286 | |
| Multicast Router Termination | RFC4286 | Tested Neighbor Discovery options | Specifications | Notes |
| Source Link-layer Address | RFC4861 | |
| Target Link-layer Address | RFC4861 | |
| Prefix Information | RFC4861 | |
| Redirected Header | RFC4861 | |
| MTU | RFC4861 | |
| NBMA Shortcut Limit Option | IPV6-NBMA | |
| Advertisement Interval Option | RFC3775 | |
| Home Agent Information Option | RFC3775 | |
| Source Address List | RFC3122 | |
| Target Address List | RFC3122 | |
| Timestamp option | RFC3971 | |
| Nonce option | RFC3971 | |
| Trust Anchor option | RFC3971 | |
| Certificate option | RFC3971 | |
| RFC3692-style Experiment 1 and 2 | RFC4727 | Tested as unexpected options |
| CGA option | RFC3971 | |
| RSA Signature option | RFC3971 | |
| IP Address Option | RFC4068 | |
| New Router Prefix Information Option | RFC4068 | |
| Link-layer Address Option | RFC4068 | |
| Neighbor Advertisement Acknowledgment | RFC4068 | |
| CARD Request option | RFC4065 | MIPv6 option |
| CARD Reply option | RFC4065 | MIPv6 option |
| MAP Option | RFC4140 | MIPv6 option |
| Route Information Option | RFC4191 | |
| Recursive DNS Server Option | RFC5006 | |
| RA Flags Extension Option | RFC5175 | Other features |
| Selectable IPsec mode: IPv6 without security headers, IPv6 with AH, ESP and AH+ESP either in transport or tunnel mode | ||
| Supported AH authentication algorithms and ESP integrity algorithms: NULL, HMAC_SHA1-96, HMAC_MD5-96 | ||
| Supported ESP crypto algorithms: ESP-NULL, ESP-DES-CBC, ESP-DES3-CBC, ESP-AES-CBC128, ESP-AES-CBC192, ESP-AES-CBC256 | ||
| IPsec SA can be negotiated with ISAKMP Server Test Suite 3.0.1 or later. | ||
| Configurable destination Ethernet MAC address solicitation mode: Neighbor solicitation for nodes in same subnet, Router solicitation and User-specified target MAC address. |
List of available test suites. Please note that the information in these sheets is subject to periodical change.
Test Tool Datasheet: