MOTOROLA SOLUTIONS

MOTOTRBOTM

Procedure for Testing Router Configuration Compatibility for LCP Systems

MOTOROLA SOLUTIONS

LCP Router Test Procedure

DOCUMENT REVISION HISTORY

Version
1.0

Date
October 5, 2012

Revised By

Description of Changes
Original creation of the document

Motorola Solutions

MOTOROLA SOLUTIONS

LCP Router Test Procedure

TABLE OF CONTENTS
DOCUMENT REVISION HISTORY ............................................................................................................................. 2 TABLE OF CONTENTS.............................................................................................................................................. 3 USER MANUAL ....................................................................................................................................................... 4 PREREQUISITES ..........................................................................................................................................................4 IP TOPOLOGY CONFIGURATION .........................................................................................................................................4

Motorola Solutions

MOTOROLA SOLUTIONS

LCP Router Test Procedure

USER MANUAL
PREREQUISITES
The test procedure involves running an executable on a windows machine attached to a network topology that emulates an LCP environment. Therefore you will need the following: Windows PC running XP or later OS 3 Ethernet interfaces on the above PC. Most PCs have one Ethernet interface so you may need to purchase 2 USB to Ethernet adaptors. IP Networking Equipment: o Test Router o 3 Supporting Routers, or 2 Routers and a switch will work as well.

IP Topology Configuration
This section highlights the IP topology that must be created and the connections that are necessary.

Motorola Solutions

MOTOROLA SOLUTIONS

LCP Router Test Procedure

1. Create the above IP networking topology and set the relevant interface IP addresses as specified Note: The 3 interfaces on the test computer must all be in different subnets and have different gateways. 2. Open up a cmd prompt and cd to the directory containing the nat.exe executable. 3. Type nat.exe and hit enter to see usage and other configuration requirements. The following will be displayed: ############################################################ # NAT Loopback and Full Cone NAT Tester: Version 1.0 # ############################################################ usage: nat [Interface0 IP] [Port0] [Interface1 IP] [port1] [Interface2 IP] [Port2] [TestRouter1 Uplink IP] [Router2 Uplink IP] example: nat 192.168.0.2 50000 192.168.1.3 50001 192.168.2.4 50002 1.1.1.7 1.1.1.8 . . 1. Port1 must be port forwarded on TestRouter1 to Interface1 IP address 2. Port2 must be port forwarded on Router2 to Interface2 IP address 3. A route for the TestRouter1 and Router2 uplinks must be added to go via the Interface0 IP Example: route add 1.1.1.7 mask 255.255.255.255 192.168.0.1 route add 1.1.1.8 mask 255.255.255.255 192.168.0.1 4. Plan out your IP address topology, for this example we will use the IP addresses in the topology diagram, and the Ports specified in the example usage. 5. Port1 must be port forwarded on TestRouter1 to Interface1 IP address 6. Port2 must be port forwarded on Router2 to Interface2 IP address 7. Add in the necessary route to direct the test traffic through the correct ports by typing the following commands (or copy paste) in the cmd line. a. route add 1.1.1.7 mask 255.255.255.255 192.168.0.1 b. route add 1.1.1.8 mask 255.255.255.255 192.168.0.1 8. Ensure you IP topology is configured as in the diagram and then run the following command: a. nat.exe 192.168.0.2 50000 192.168.1.3 50001 192.168.2.4 50002 1.1.1.7 1.1.1.8 TEST DESCRIPTION: The nat executable runs a Hair-Pin/NAT loopback test by sending a UDP message from INT0 to the Uplink IP address of the TestRouter that should be received by INT1 via the HairPin/NAT-Loopback and port forwarding rules of the TestRouter. The nat executable also runs a Full Cone NAT test by sending a second UDP message from INT0 to the Uplink IP address of Router2 via the port forward route setup in the router to be received by INT2. For the test to pass both messages must be received and the source IP address and source port of both messages must match, if they do not, the test fails and this router is not compatible with an LCP system. If you need to trouble shoot your system you can download an IP sniffing utility called Wireshark and run it on all three Ethernet interfaces on your PC to ensure the messages are being sent and everything is setup properly. Below are the possible output results of the test and what they mean. 1. Sending NAT Loopback test to 1.1.1.7 50001 Sending Full Cone NAT test to 1.1.1.8 50002 Received Full Cone NAT message from 1.1.1.7 2403 One or both messages were NOT received! Please check your IP topology and configuration as well as the routing table! TEST FAILED! This error message indicates that 1 or both of the 2 test messages was not received. This can be due to a miss configuration of the IP topology, not updating your routing table before running the tool, or not configuring port forwarding on the Test Router or Router 2. This would be a good

Motorola Solutions

MOTOROLA SOLUTIONS

LCP Router Test Procedure

place to run wireshark on the 3 interfaces to make sure the messages are being sent and received properly. In the above example the full cone NAT message was received however, the NAT loop back message was not. This is because the router does not support the loopback mechanism and thus would not work in an LCP topology. Some routers will not be able to route the first test message at all as in this case. 2. Sending NAT Loopback test to 1.1.1.7 50001 Received NAT Loopback from 192.168.1.99 50000 Sending Full Cone NAT test to 1.1.1.8 50002 Received Full Cone NAT message from 1.1.1.7 50000 192.168.1.99 DOES NOT EQUAL 1.1.1.7 Your routers configuration DOES NOT SUPPORT NAT LOOPBACK!! This error message shows that both test messages were received however they were received from different IP addresses and thus violates the LCP requirements as the router is NOT properly supporting NAT loopback. 3. Sending NAT Loopback test to 1.1.1.7 50001 Received NAT Loopback from 1.1.1.7 50010 Sending Full Cone NAT test to 1.1.1.8 50002 Received Full Cone NAT message from 1.1.1.7 50020 1.1.1.7 EQUALS 1.1.1.7 50010 DOES NOT EQUAL 50020 Your routers configuration DOES NOT SUPPORT Full Cone NAT!! This error message shows that the port of INT0 sends is not seen as the same from the internal NAT loopback and the external full cone NAT sends. Both port should be the same for full cone NAT. Therefore this indicates that Full Cone is not supported in the router 4. Sending NAT Loopback test to 1.1.1.7 50001 Received NAT Loopback from 192.168.1.99 50000 Sending Full Cone NAT test to 1.1.1.8 50002 Received Full Cone NAT message from 1.1.1.7 50000 192.168.1.99 DOES NOT EQUAL 1.1.1.7 Your routers configuration DOES NOT SUPPORT NAT!! This error message indicates that while both test messages were received, the NAT Loopback message did not go through NAT, and its IP address is still an internal address. This configuration would not work in an LCP system. 5. Sending NAT Loopback test to 1.1.1.7 50001 Received NAT Loopback from 1.1.1.7 50000 Sending Full Cone NAT test to 1.1.1.8 50002 Received Full Cone NAT message from 1.1.1.7 50000 1.1.1.7 EQUALS 1.1.1.7 50000 EQUALS 50000 Your routers configuration looks to support LCP requirements Here is an example where all the tests pass. This is the message that will be seen for a router that passes the tests.

Motorola Solutions