Title

  Test IKEv2.EN.R.2.1.1.1: Sending IKE_AUTH request
  Part A: IKE Header Format (BASIC)
  Part B: Encrypted Payload Format (BASIC)
  Part C: IDr Payload Format (BASIC)
  Part D: AUTH Payload Format (BASIC)
  Part E: SA Payload Format (BASIC)
  Part F: TSi Payload Format (BASIC)
  Part G: TSr Payload Format (BASIC)


Purpose

  To verify an IKEv2 device transmits IKE_AUTH request using properly Header and
  Payloads format


References

  * [RFC 4306] - Sections 1.2, 2.15, 3.1, 3.2, 3.3, 3.5, 3.8, 3.10, 3.13 and 3.14


Test Setup

  * Network Topology
     Connect the devices according to the Common Topology.
  * Configuration
     In each part, configure the devices according to the Common Configuration.
  * Pre-Sequence and Cleanup Sequence
     IKEv2 on the NUT is disabled after each part.


Procedure

   NUT                  TN1
(End-Node)           (End-Node)
    |                    |
    |<-------------------| IKE_SA_INIT request (HDR, SAi1, KEi, Ni)
    |                    | (Packet #1)
    |------------------->| IKE_SA_INIT response (HDR, SAr1, KEr, Nr)
    |                    | (Judgement #1)
    |                    |
    |<-------------------| IKE_AUTH request (HDR, SK {IDi, AUTH, SAi2, TSi, TSr})
    |                    | (Packet #2)
    |------------------->| IKE_AUTH response (HDR, SK {IDr, AUTH, SAr2, TSi, TSr})
    |                    | (Judgement #2)
    |                    |
    V                    V

Packet #1 See Common Packet #1
Packet #2 See Common Packet #5

  Part A: IKE Header Format (BASIC)
     1. TN1 transmits an IKE_SA_INIT request to NUT.
     2. Observe the messages transmitted on Link A.
     3. TN1 transmits an IKE_SA_INIT request to NUT.
     4. Observe the messages transmitted on Link A.
  Part B: Encrypted Payload Format (BASIC)
     5. TN1 transmits an IKE_SA_INIT request to NUT.
     6. Observe the messages transmitted on Link A.
     7. TN1 transmits an IKE_SA_INIT request to NUT.
     8. Observe the messages transmitted on Link A.
  Part C: IDr Payload Format (BASIC)
     9. TN1 transmits an IKE_SA_INIT request to NUT.
     10. Observe the messages transmitted on Link A.
     11. TN1 transmits an IKE_SA_INIT request to NUT.
     12. Observe the messages transmitted on Link A.
  Part D: AUTH Payload Format (BASIC)
     13. TN1 transmits an IKE_SA_INIT request to NUT.
     14. Observe the messages transmitted on Link A.
     15. TN1 transmits an IKE_SA_INIT request to NUT.
     16. Observe the messages transmitted on Link A.
  Part E: SA Payload Format (BASIC)
     17. TN1 transmits an IKE_SA_INIT request to NUT.
     18. Observe the messages transmitted on Link A.
     19. TN1 transmits an IKE_SA_INIT request to NUT.
     20. Observe the messages transmitted on Link A.
  Part F: TSi Payload Format (BASIC)
     21. TN1 transmits an IKE_SA_INIT request to NUT.
     22. Observe the messages transmitted on Link A.
     23. TN1 transmits an IKE_SA_INIT request to NUT.
     24. Observe the messages transmitted on Link A.
  Part G: TSr Payload Format (BASIC)
     25. TN1 transmits an IKE_SA_INIT request to NUT.
     26. Observe the messages transmitted on Link A.
     27. TN1 transmits an IKE_SA_INIT request to NUT.
     28. Observe the messages transmitted on Link A.


Observable Result

  Part A
       Step 2: Judgment #1
       The NUT transmits an IKE_SA_INIT response including "ENCR_3DES",
       "PRF_HMAC_SHA1", "AUTH_HMAC_SHA1_96" and "D-H group 2" as proposed
       algorithms.
       Step 4: Judgment #2
       The NUT transmits an IKE_AUTH response including properly formatted IKE Header
       containing following values:
                           1                   2                   3
       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      !                      IKE_SA Initiator s SPI                   !
      !                                                               !
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      !                      IKE_SA Responder s SPI                   !
      !                                                               !
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      !  Next Payload ! MjVer ! MnVer ! Exchange Type !     Flags     !
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      !                            Message ID                         !
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      !                              Length                           !
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

                              Figure 87 Header format
* An IKE_SA Initiator's SPI field set to same as the IKE_SA_INIT request's IKE_SA Initiator's SPI field value. * An IKE_SA Responder's SPI field set to same as the IKE_SA_INIT response's IKE_SA Responder's SPI field value. * A Next Payload field set to Encrypted Payload (46). * A Major Version field set to 2. * A Minor Version field set to zero. * An Exchange Type field set to IKE_AUTH (35). * A Flags field set to (00010000)2 = (16)10. * A Message ID field set to 1. * A Length field set to the length of the message (header + payloads) in octets.
  
  
  Part B
       Step 6: Judgment #1
       The NUT transmits an IKE_SA_INIT response including "ENCR_3DES",
       "PRF_HMAC_SHA1", "AUTH_HMAC_SHA1_96" and "D-H group 2" as proposed
       algorithms.
       Step 8: Judgment #2
       The NUT transmits an IKE_AUTH response including properly formatted Encrypted Payload
       containing following values:

                           1                   2                   3
       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      ! Next Payload  !C!  RESERVED   !         Payload Length        !
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      !                     Initialization Vector                     !
      !         (length is block size for encryption algorithm)       !
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      ~                    Encrypted IKE Payloads                     ~
      +               +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      !               !             Padding (0-255 octets)            !
      +-+-+-+-+-+-+-+-+                               --+-+-+-+-+-+-+-+
      !                                               !  Pad Length   !
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      ~                    Integrity Checksum Data                    ~   
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

Figure 88 Encrypted payload
* A Next Payload field set to IDr Payload (36). * A Critical field set to zero. * A RESERVED field set to zero. * A Payload Length field set to length in octets of the header, IV, Encrypted IKE * Payloads, Padding, Pad Length, and Integrity Check sum Data. * An Initialization Vector field set to a randomly chosen value whose length is equal to the block length of the underlying encryption algorithm. * An Encrypted IKE Payloads field set to encrypted IKE Payloads * A Padding field set to any value which to be a multiple of the encryption block size. * A Pad Length field set to the length of the Padding field. * An Integrity Checksum Data set to the cryptographic checksum of the entire message. The checksum must be valid.
  
  
  Part C
       Step 10: Judgment #1
       The NUT transmits an IKE_SA_INIT response including "ENCR_3DES",
       "PRF_HMAC_SHA1", "AUTH_HMAC_SHA1_96" and "D-H group 2" as proposed
       algorithms.
       Step 12: Judgment #2
       The NUT transmits an IKE_AUTH response including properly formatted ID Payload
       containing following values:

                           1                   2                   3
       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      ! Next Payload  !C!  RESERVED   !         Payload Length        ! 
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      !   ID Type     !              RESERVED                         !
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      !                                                               !
      ~                   Identification Data                         ~ 
      !                                                               !
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

Figure 89 ID Payload format

* A Next Payload field set to AUTH Payload (39). * A Critical field set to zero. * A RESERVED field set to zero. * A Payload Length field set to length of the current payload. * An ID Type field set to ID_IPV6_ADDR (5). * A RESERVED field set to zero. * An Identification Data field set to the NUT address.
  
  
  Part D
       Step 14: Judgment #1
       The NUT transmits an IKE_SA_INIT response including "ENCR_3DES",
       "PRF_HMAC_SHA1", "AUTH_HMAC_SHA1_96" and "D-H group 2" as proposed
       algorithms.
       Step 16: Judgment #2
       The NUT transmits an IKE_AUTH response including properly formatted AUTH Payload
       containing following values:
                           1                   2                   3
       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      ! Next Payload  !C!  RESERVED   !         Payload Length        !
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      ! Auth Method   !              RESERVED                         !
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      !                                                               !
      ~                    Authentication  Data                       ~  
      !                                                               !
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+  

Figure 90 AUTH Payload format * A Next Payload field set to SA Payload (33). * A Critical field set to zero. * A RESERVED field set to zero. * A Payload Length field set to length of the current payload. * An Auth Method field set to Shared Key Message Integrity Code (2). * A RESERVED field set to zero. * An Authentication Data field set to correct authentication value.
  
  
  Part E
       Step 18: Judgment #1
       The NUT transmits an IKE_SA_INIT response including "ENCR_3DES",
       "PRF_HMAC_SHA1", "AUTH_HMAC_SHA1_96" and "D-H group 2" as proposed
       algorithms.
       Step 20: Judgment #2
                                   1                   2                   3
               0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
              +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+--------------
              ! Next    44    !0!      0      ! Length          40            !             |
              +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+---          |
              !       0       !       0       ! Length          36            !  |          |
              +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+  |          |
              ! Number    1   ! Prot ID   3   ! SPI Size  4   ! Trans Cnt  3  !  |          |
              +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+  |          |
              ! SPI value                                                     !  |          |
          --- +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+  |          |
           |  !       3       !       0       ! Length           8            !  |          | 
 Transform |  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+  |          |SA Payload 
           |  ! Type  1  (EN) !       0       ! Transform ID     3     (3DES) !  | Proposal |
          --- +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+  |          |
           |  !       3       !       0       ! Length           8            !  |          |
 Transform |  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+  |          |
           |  ! Type  3  (IN) !       0       ! Transform ID     2     (SHA1) !  |          |
          --- +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+  |          |
           |  !       0       !       0       ! Length           8            !  |          |
 Transform |  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+  |          |
           |  ! Type  5  (ESN)!       0       ! Transform ID     0       (No) !  |          |
          --- +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+  |          |
Figure 91 SA Payload contents
       The NUT transmits an IKE_AUTH response including properly formatted SA Payload
       containing following values (refer following figures):
                                  1                   2                   3
              0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
             +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
             ! Next Payload  !C!  RESERVED   !         Payload Length        !
             +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
             !                                                               !
             ~                        <Proposals>                            ~
             !                                                               !
             +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 92 SA Payload format
* A Next Payload field set to TSi Payload (44). * A Critical field set to zero. * A RESERVED field set to zero. * A Payload Length field set to length of the current payload.
       A Proposals field set to following.
                                 1                   2                   3
             0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
            +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
            ! 0 (last) or 2 !   RESERVED    !         Proposal Length       !
            +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
            ! Proposal #    !  Protocol ID  !    SPI Size   !# of Transforms!
            +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
            !                        SPI (variable)                         !
            +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
            !                                                               !
            ~                         <Transforms>                          ~
            !                                                               !
            +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 93 Proposal sub-structure format
* A 0 or 2 field set to zero (last). * A RESREVD field set to zero. * A Proposal Length field set to length of this proposal, including all transforms and attributes. * A Proposal # field set to 1. * A Protocol ID field set to ESP (3). * A SPI Size field set to 4. * A # of Transforms field set to 3. * A SPI field set to the sending entity's SPI (4 octets value)
       Transform field set to following (There are 3 Transform Structures).
                                 1                   2                   3
             0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
            +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
            ! 0 (last) or 3 !   RESERVED    !       Transform Length        !
            +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
            !Transform Type !   RESERVED    !          Transform ID         !
            +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
            !                                                               !
            ~                      Transform Attributes                     !
            !                                                               !
            +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 94 Transform sub-structure format
* A 0 or 3 field set to 3. * A RESERVED field set to zero. * A Transform Length set to length of the Transform Substructure including Header and Attribute. * A Transform Type field set to ENCR (1). * A RESERVED field set to zero. * A Transform ID set to ENCR_3DES (3). * A 0 or 3 field set to 3. * A RESERVED field set to zero. * A Transform Length set to length of the Transform Substructure including Header and Attribute. * A Transform Type field set to INTEG (3). * A RESERVED field set to zero. * A Transform ID set to AUTH_HMAC_SHA1 (2). * A 0 or 3 field set to zero. * A RESERVED field set to zero. * A Transform Length set to length of the Transform Substructure including Header and Attribute. * A Transform Type field set to ESN (5). * A RESERVED field set to zero. * A Transform ID set to No Extended Sequence Numbers (0).
  
  
  Part F
       Step 22: Judgment #1
       The NUT transmits an IKE_SA_INIT response including "ENCR_3DES",
       "PRF_HMAC_SHA1", "AUTH_HMAC_SHA1_96" and "D-H group 2" as proposed
       algorithms.
       Step 24: Judgment #2
       The NUT transmits an IKE_AUTH response including properly formatted TSi Payload
       containing following values:
                           1                   2                   3
       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      ! Next Payload  !C!  RESERVED   !         Payload Length        !
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      ! Number of TSs !                 RESERVED                      !
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      !                                                               !
      ~                       <Traffic Selector>                      ~
      !                                                               !
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 95 TSi Payload format
* A Next Payload field set to TSr Payload (45). * A Critical field set to zero. * A RESERVED field set to zero. * A Payload Length field set to length of the current payload. * A Number of TSs field set to 1. * A RESERVED field set to zero.
       Traffic Selectors field set to following.
                           1                   2                   3
       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      !   TS Type     !IP Protocol ID*|       Selector  Length        | 
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      !           Start Port*         |            End Port*          |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      !                                                               !
      ~                       Starting Address*                       ~ 
      !                                                               !
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      !                                                               !
      ~                         Ending Address*                       ~ 
      !                                                               !
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 96 Traffic Selector
* A TS Type set to TS_IPV6_ADDR_RANGE (8). * An IP Protocol ID field set to zero. * A Selector Length field set to length of this Traffic Selector Substructure including the header. * A Start Port field set to zero. * An End Port field set to 65535. * A Starting Address field set to NUT address. * A Ending Address field set to NUT address.
  
  
  Part G
       Step 26: Judgment #1
       The NUT transmits an IKE_SA_INIT response including "ENCR_3DES",
       "PRF_HMAC_SHA1", "AUTH_HMAC_SHA1_96" and "D-H group 2" as proposed
       algorithms.
       Step 28: Judgment #2
       The NUT transmits an IKE_AUTH response including properly formatted TSr Payload
       containing following values:
                           1                   2                   3
       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      ! Next Payload  !C!  RESERVED   !         Payload Length        !
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      ! Number of TSs !                 RESERVED                      !
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      !                                                               !
      ~                       <Traffic Selectors>                     ~
      !                                                               !
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 97 TSr Payload format
* A Next Payload field set to zero. * A Critical field set to zero. * A RESERVED field set to zero. * A Payload Length field set to length of the current payload. * A Number of TSs field set to 1. * A RESERVED field set to zero.
       Traffic Selectors field set to following.
                           1                   2                   3
       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      !   TS Type     !IP Protocol ID*|       Selector  Length        | 
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      !           Start Port*         |            End Port*          |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      !                                                               !
      ~                       Starting Address*                       ~ 
      !                                                               !
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      !                                                               !
      ~                         Ending Address*                       ~ 
      !                                                               !
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 98 Traffic Selector
* A TS Type set to TS_IPV6_ADDR_RANGE (8). * An IP Protocol ID field set to zero. * A Selector Length field set to length of this Traffic Selector Substructure including the header. * A Start Port field set to zero. * An End Port field set to 65535. * A Starting Address field set to TN1 address. * An Ending Address field set to TN1 address.


Possible Problems

  * None.