[c-nsp] Acceptance Test Procedure for New Cisco Devices
Luan Nguyen
luan at netcraftsmen.net
Tue Jan 20 08:19:48 EST 2009
Going a bit further...how's about looking at those benchmarking RFCs
http://www.ietf.org/html.charters/bmwg-charter.html
In particular
http://www.ietf.org/rfc/rfc2544.txt
for the 1861 and
http://www.ietf.org/rfc/rfc3511.txt
for the ASA
Regards,
Luan Nguyen
Chesapeake NetCraftsmen, LLC.
[W] http://www.netcraftsmen.net
[M] luan at netcraftsmen.net
[Blog] http://cnc-networksecurity.blogspot.com/
-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Phil Mayers
Sent: Tuesday, January 20, 2009 8:06 AM
To: Ziv Leyes
Cc: cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] Acceptance Test Procedure for New Cisco Devices
Ziv Leyes wrote:
> Ok, let me be more specific When we buy devices for our own use, we
> just open it, plug it, and start using them, if there are any
> problems, we call the provider and they fix the problem (RMA or
> whatever) In this case, we're going to sell the equipment as a kind
> of turn-key project, and the customer asked us to provide them with
> "our" ATP, which we don't really use for ourselves, so I'd like to
> implement one sort of testing procedure from now on for this type of
> cases. We're going to attach this to a legal statement so we can't
> just type some BS there and that's it, we want to actually implement
> it, and if we write we do a,b,c,d then we'll going to do a,b,c,d
> procedure for real. I was thinking some of you guys may already use
> this kind of test routines and can help me creating one. I don't need
> some really serious stuff, I can imagine I'll check the delivery
> status of the package, open it, check all the contents that need to
> be there are there, to plug the device and see it works, perhaps load
> some configuration, plug the hardware that is planned to hold if any
> (HWICS and so), perform some soft and hard reboots, see the device
> responds, there are links on all interfaces, and pack it back exactly
> as it was. The problem is I don't know how exactly write it down on a
> kind of form that there's a checkbox for each test. Does anybody have
> some ready to go stuff?
Well, it's going to depend very much on the kind of equipment.
For example, a mandatory step when we get anything for our 6500s is a
complete run passing all GOLD tests (including the disruptive tests). We
maintain a spare chassis specifically for this.
I don't know if ASA5510 and 1861 have diagnostics, but I don't think so.
In that case, you're probably going to want something like:
* Build a standard config involving (at least) your ASA & 18xx router,
which all or a large subset of the features are enabled
* For each pair of devices you distribute, load the standard config on
and run some test traffic
* Leave it powered up for long enough to count as "burn in" i.e. 7 days?
So you'd write something like:
"""Party X will undertake to:
* Unpack all equipment and check inventory
* Check that equipment will power up
* Load on a standard config, which tests:
* OSPF routing
* BGP routing
* Packet forwarding
* IPSec
* Coffee making
* Run test traffic for 48 hours, to ensure the devices compare to a
known-good platform
* Leave the config running for 7 days, to eliminate early-life failure
...before shipping to Customer Y"""
_______________________________________________
cisco-nsp mailing list cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list