Versions Compared

Old Version 16

changes.mady.by.user Marek Pondel

Saved on

compared with

New Version 17

changes.mady.by.user Marek Pondel

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Based on gathered cap file check if TLS connection was established during message sending to HV-VES :

Image Removed

TC1 : Authenticate Connection

Spec flow1.
StatusNo run
TesterMarek Pondel
Precondition

ONAP setup with : consul , dcaegen2 , dmaap , msb .

TLS activated in HV-VES

XNF simulator

(

https://wiki.onap.org/display/DW/

HV-VES

+simulator) integrated to ONAP.

simulator#VESsimulator-HV-VESwithtlsenabled)

Steps1.

Check if HV-VES component supports TLS using nmap command , e.g. :

No Format
nopaneltrue
nmap --script ssl-enum-ciphers -p6061 172.18.0.5p30222 k8s_node_ip
Expected results1.

HV-VES supports TCP and TLS connections :

No Format
nopaneltrue
root@marekpl-rtpmsim:~# nmap --script ssl-enum-ciphers -p6061 172.18.0.5

Starting Nmap 7.01 ( https://nmap.org ) at 2018-0810-3015 1112:3956 UTC
Nmap scan report for 172.18.0.5 10-183-35-200.es-si-os-ohn-30.eecloud.nsn-net.net (10.183.35.200)
Host is up (0.000026s00079s latency).
PORT      STATE SERVICE
606130222/tcp open  unknown
| ssl-enum-ciphers: 
|   TLSv1.0: 
|     ciphers: 
|       TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (secp256r1secp256k1) - A
|       TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (secp256r1secp256k1) - A
|       TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A
|       TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A
|     compressors: 
|       NULL
|     cipher preference: serverclient
|   TLSv1.1: 
|     ciphers: 
|       TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (secp256r1secp256k1) - A
|       TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (secp256r1secp256k1) - A
|       TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A
|       TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A
|     compressors: 
|       NULL
|     cipher preference: serverclient
|   TLSv1.2: 
|     ciphers: 
|       TLS_ECDHE_RSA_WITH_AES_128_GCMCBC_SHA256SHA (secp256r1secp256k1) - A
|       TLS_ECDHE_RSA_WITH_AES_128_CBCGCM_SHASHA256 (secp256r1secp256k1) - A
|       TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (secp256r1secp256k1) - A
|       TLS_RSA_WITH_AES_128_GCMCBC_SHA256SHA (rsa 2048) - A
|       TLS_RSA_WITH_AES_128_CBCGCM_SHASHA256 (rsa 2048) - A
|       TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A
|     compressors: 
|       NULL
|     cipher preference: serverclient
|_  least strength: A
MAC Address: 02:42:AC:12:00:05 (Unknown)

Nmap done: 1 IP address (1 host up) scanned in 01.78 seconds
root@marekpl-rtpmsim:~#
2.

Gather TCP traffic during event is sent to HV-VES via XNF simulator, e.g. :

No Format
nopaneltrue
tcpdump -i br-2663c4bf9ffd -X tcp portrange 6060-6061 -w ~/ssl.cap
2.
08 seconds

TC2 : NF sends Real Time PM event and HV-VES Collector validates Event

...