SlideShare a Scribd company logo

Why we didn't catch that

Download as PPT, PDF
G
gaoliang641

This document discusses several bugs found in various networking devices and products. For each bug, it provides details about the issue and asks how test cases could be designed to catch the bug, why it was not caught internally, and what test strategies could cover it. It aims to analyze customer-found bugs to improve testing methods.

Technology
1 of 45
Catch Me If You Can Customer Fund Bug Analysis Liang Gao
Analysis Customer Found Bug is Good • Why we didn’t find it through our internal testing • What test case can be designed to catch that • What kind of test strategy can cover that • How can we make sure we can catch this kind if bug from now on
Bug • Title: 在向某防火墙发送 version 字段为 0 的 IPv6 报文时,打开防火墙的 snoop ,会造 成防火墙重启 . • How would you design test case? • Why it was not caught internally • What kind of test strategy can cover this?
Bug • 处理 IPv6 分片 ICMP 大包 . 防火墙上结果是 未通过 • How would you design test case? • Why it was not caught internally • What kind of test strategy can cover this?
Bug • 某网络安全代理产品:当访问已有代理的 Web 服务器时候访问不了 • How would you design test case? • Why it was not caught internally • What kind of test strategy can cover this?Content secure gateway Proxy Web Server
Bug • 配置了 65535 个 RP 和 1785 个 vlan 的 IP 地址后, wr ,死机,重新断电启动, 等待 10 分钟后仍然无法启动 • How would you design test case? • Why it was not caught internally • What kind of test strategy can cover this?
Bug • 当使用 BGP PEER GROUP 时,当邻居 实际 AS 与配置的 AS 不同时,仍能建 立连接
Bugs • A Cisco Secure Access Control Server (ACS) that is configured to use Extensible Authentication Protocol- Transport Layer Security (EAP-TLS) to authenticate users to the network will allow access to any user that uses a cryptographically correct certificate which can be expired, or come from an untrusted Certificate Authority (CA) and still be cryptographically correct. • CSCse58195. The WLC contains a bug when processing WLAN ACLs that causes the WLANvACL configuration to be saved with an invalid checksum. When the configuration is subsequently reloaded at boot time, the checksum fails and the WLAN ACLs are not installed.
Bugs • CSCdv24925 It is possible to read stored configuration file from the Storage Router without any authorization. • CSCdu45417 It is possible to halt the Storage Router by sending a fragmented packet over the Gigabit interface. • CSCdv24925 An unauthorized person may read the configuration of the Storage Router. That may lead to unauthorized access of a storage space.
Bugs • Versions of the Cisco ACE 4710 Application Control Engine appliance prior to software version A1(8a) use default administrator, web management, and device management account credentials. The appliance and module do not prompt users to modify system account passwords during the initial configuration process. • Crafted SSH Packet Vulnerability • Crafted SNMPv2c Packet Vulnerability
Bugs • Phone number displayed as 214-748-3647 in some occasion.
Boundary Testing Bugs 13  214-748-3647 Most popular phone number in US  Largest 32 bit signed number  Store phone number in a signed 32 bits and didn’t check buffer overflow
Bugs • 某上网行为管理产品:早上 9 点左右时候 系统重启 . • 某交换机产品:每两年左右自动重启一次
Bugs • WLC ARP Storm • A vulnerable WLC may mishandle unicast ARP requests from a wireless client leading to an ARP storm. In order for the vulnerability to be exposed, two WLCs attached to the same set of Layer-2 VLANs must each have a context for the wireless client. This can occur after a Layer-3 (cross- subnet) roam or when guest WLAN (auto- anchor) is in use.
Bugs • In a topology that uses VLAN interfaces for intermediate router connections, PIM register and PIM register stop messages might loop between the intermediate routers until the TTL count expires. (CSCea51320 ) • Hardware failures on the WS-X6548-RJ-45 module are not detected. (CSCea17192) • A reload might occur if you configure an IP address that is a duplicate of an IP address
Bugs • With PIM dense mode configured, multicast traffic might get dropped when all routers have the multicast group in a pruned state even though interested receivers are present. (CSCea26993) • An interface that is defined in an Enhanced Interior Gateway Routing Protocol (EIGRP) network statement may fail to come up in the EIGRP topology table. This symptom is observed after a system reload. The occurrence of the symptom depends on the
Bugs • UP and DOWN status messages may be displayed on the console. This symptom is observed when a leased-line configuration is in the UP state, but the peer is not responding. This symptom occurs because PPP calls the interface reset vector regularly if the peer is not responding to the PPP attempts to communicate. This problem is resolved in Release 12.1(19)E. (CSCdx55880) • A redundant supervisor engine might not reload if you enter the reload command on the redundant supervisor engine's console or
Bugs • MPLS does not work if you configure fall- back bridging on the MPLS subinterface. This problem is resolved in Release 12.1(19)E. (CSCdz75507 • Cisco routers and switches running Cisco IOS software and configured to process Internet Protocol version 4 (IPv4) packets are vulnerable to a Denial of Service (DoS) attack. A rare sequence of crafted IPv4 packets sent directly to the device may cause the input interface to stop processing traffic once the input queue is full. No
Bugs • When an OSPF topology change occurs, an MPLS provider edge (PE) router might not forward IP-to-Tag traffic to some IP destinations when it has equal cost load- sharing paths to the IP destinations. This problem is resolved in Release 12.1(20)E. (CSCeb52169) • An E3 link to an OC-12 channelized OSM might not come up. This problem is resolved in Release 12.1(20)E. (CSCec39689)
Bugs • If you delete and recreate Frame Relay subinterfaces in random order on OSM POS interfaces, some traffic might be sent to the wrong subinterface. This problem is resolved in Release 12.1(20)E2. (CSCec67501) • An OC-12 POS OSM might reset as a result of memory corruption. This problem is resolved in Release 12.1(20)E2. (CSCec59550) • A Catalyst 6509 switch with a Supervisor Engine 1 and an MSFC2 repeatedly reboots
Bugs • After a few weeks of normal operation, an interface on a PA- MC-8E1 port adapter begins flapping and finally pauses with the output queue stuck as follows: • You can attach a service policy that contains invalid configuration to an interface. If you apply a Frame Relay map-class with both input policing and output queuing to a DLCI twice, the FlexWAN module might reload. This problem is resolved in Release 12.1(20)E. (CSCin52060) • Ignore messages from a 1-port multichannel STM-1 port adapter (PA- MC-STM-1) that reports a large number of degraded minutes on an E1 controller. For example, after 15 minutes of operation since startup, 35,000,000 degraded minutes might be reported and these values might increase every second. Code violations might also be reported. This problem is resolved in Release 12.1(20)E. (CSCec08973)
Bugs • Illegal memory accesses when a dGRE test is configured on HSSI Frame Relay encapsulation for a FlexWAN module might cause a reload. This problem is resolved in Release 12.1(20)E2. (CSCin29514) • An administratively shut-down subinterface that is configured for Frame-Relay encapsulation might forward packets. This problem is resolved in Release 12.1(20)E3. (CSCed78803) • With a high traffic load, PA-A3-OC3, PA-A3-T3, and PA-A3-E3 port adapters might display an increasing "rx_no_buffer" counter in the output of the show controllers atm privileged EXEC command and some PVCs configured on the PA-A3 port adapter might stop receiving traffic. This problem is resolved in Release 12.1(20)E3. (CSCin49458)
Bugs • With a large number of static multicast entries configured (approximately 8,000), some entries might not propagate to DFCs. This problem is resolved in Release 12.1(20)E. (CSCec50577) • With EoMPLS configured, a reload might occur if you configure a different access VLAN on the CE-facing port. This problem is resolved in Release 12.1(20)E. (CSCec23787) • With QoS and Cisco IOS server load balancing (Cisco IOS SLB) configured on a Supervisor Engine 1, a VACL configured to filter multicast traffic on one VLAN might incorrectly be applied to multicast traffic on other VLANs. This problem is resolved in Release 12.1(20)E. (CSCeb69582)
Bugs • On WS-X6548-GE-TX and WS-X6548V-GE-TX modules, CEF-switched Ethernet egress packets that are less than 64-bytes long are not padded correctly. This problem is resolved in Release 12.1(20)E. (CSCeb47640) • With EoMPLS configured, a reload might occur if you configure a different access VLAN on the CE-facing port. This problem is resolved in Release 12.1(20)E. (CSCec23787) • The running configuration does not show changes in the network time protocol (NTP) password. This problem is resolved in
Bugs • When there is insufficient memory, crash information is not generated after a Supervisor Engine reload. This problem is resolved in Release 12.1(20)E. (CSCeb51785) • When you enter the show policy-map interface [interface] command on a system with a Supervisor Engine 2 and MSFC2, a system reload may occur. This problem is resolved in Release 12.1(20)E. (CSCeb49634) • Occasionally a bus error and reload might occur if an MPLS packet triggers the sending of an Internet Control Message Protocol (ICMP) packet. This problem is resolved in Release 12.1(20)E. (CSCeb27452)
Bugs • An OSPF designated router does not generate a network link-state advertisement (LSA) for a broadcast network when another interface on the designated router has an administratively shut down interface with a duplicate address configured with the OSPF passive-interface command. This problem is resolved in Release 12.1(20)E. (CSCea35186) • With Internet Group Management Protocol (IGMP) and IP Protocol Independent Multicast (PIM) enabled, continual tracebacks might occur when you perform an online insertion and removal (OIR) of a module. This problem is resolved in Release 12.1(20)E. (CSCec13278) • A reload might occur if you delete a VPN routing and forwarding (VRF) instance while the show ip vrf vrf_name EXEC command executes. This problem is resolved in Release 12.1(20)E. (CSCea83675)
Bugs • When more than 12 VLOUs are used in a policy attached to an interface, the entries are expanded. If the expanded entries are for a non-deny ACE, the entries are not accurate. The resulting ACEs for the policy are also inaccurate. This problem is resolved in Release 12.1(20)E2. (CSCed47753) • The ip pim register source command is not supported in Release 12.1E. This problem is resolved in Release 12.1(20)E2. (CSCec70483) • When fragmenting MPLS traffic, a reload
Bugs • An IGMP packet flood might cause a reload. This problem is resolved in Release 12.1(20)E2. (CSCec39132) • The ip pim register source command is not supported in Release 12.1E. This problem is resolved in Release 12.1(20)E2. (CSCec70483) • When fragmenting MPLS traffic, a reload might occur after display of a "SYS-2- GETBUF" message. This problem is resolved
Bugs • With both static and dynamic Port Address Translation (PAT) configured and if the ip nat pool inside_pool_name command has been entered for only one IP address, the IP addresses that are used for overloading might be used as one-to-one translations. This problem is resolved in Release 12.1(20)E3. (CSCdx19396) • Following a reload with a large number of active interfaces, an Open Shortest Path First (OSPF) interface might be in the down state while the port and the line protocol might be in the up state, which causes missing OSPF neighbor adjacencies on the OSPF interface that is in the down state. This problem is resolved in Release 12.1(20)E3. (CSCeb04048) • A reload might occur if you establish an SSHv2 session immediately after the "Press RETURN to get started!" message appears on the console. This problem is resolved in Release 12.1(20)E3. (CSCin48676)
Bugs • OSPF area border routers (ABRs) might continue to generate summary link-state advertisements (LSAs) for obsolete nonbackbone intra-area routes. This problem is resolved in Release 12.1(20)E6. (CSCee36622) • If you add VLANs 1002-1005 to the allowed VLAN list for an SSL module, the SSL module might have a connectivity problem. This problem is resolved in Release 12.1(22)E. (CSCec60933)
Bugs • With ISIS routing configured, an E3 or T3 port adapter might have its neighbors flap after a reload. This problem is resolved in Release 12.1(22)E. (CSCeb01905) • TCP FIN and RST packets might be dropped, which causes a 3 to 4 second delay in retrieving web content, if a hardware-switched TCP connection carrying more than 1,000 packets per second is load balanced through IOS Firewall Load Balancing or Cisco IOS server load balancing. This problem is resolved in Release 12.1(22)E. (CSCed38956) • A reload because of memory corruption might occur when an IP Security (IPsec) generic routing encapsulation (GRE) tunnel carries multicast traffic. This problem is resolved in Release 12.1(22)E. (CSCec06341)
Bugs • HSRP packets are sent with the IP TTL field set to 2 instead of 1. This does not affect HSRP operation because HSRP packets are sent to a Layer 2 multicast address. This problem is resolved in Release 12.1(22)E. (CSCuk31498) • A reload might occur if you enter the interface loopback interface_number interface configuration command and the value of theinterface_number argument is a 9-digit number that starts with 10. This problem is resolved in Release 12.1(22)E. (CSCec03907) • With high traffic levels and when the reverse forwarding path (RPF) towards the rendezvous point and the multicast source are different, partially hardware-switched multicast flows might not be forwarded correctly. This problem is resolved in Release 12.1(22)E. (CSCec80654)
Bugs • In IP packets with the IP options field populated, the IP type-of-service (ToS) byte might be truncated to a 3-bit long field. This problem deletes 3 bits of the 6-bit DSCP value and causes incorrect QoS operation. This problem is resolved in Release 12.1(22)E4. (CSCed93264) • Multicast 127-byte UDP packets that egress from OSM-2OC12-POS interfaces have invalid checksums. This problem is resolved in Release 12.1(23)E. (CSCec72798) • The SNMP slbStickyObjectTableEntry MIB
Bugs • A reload might occur if you do the following on a FlexWAN module interface: – – Attach an egress queueing policy – – Attach an ingress policy that uses the same policy-map class – – Remove the ingress policy – – Update a queueing feature in the egress policy • A response time reporter (RTR) probe does not report input or output packets for serial interfaces of PA-MC-8T1, PA-MC-8E1, and PA-MC-8TE1+ port adapters. This problem is resolved in Release 12.1(23)E. (CSCee82681) • When a Multicast Source Discovery Protocol (MSDP)-enabled rendezvous point (RP) for a multicast group fails and an incoming (*,G) join message is received, the RP does not build an (S,G) state from its Source-Active (SA) cache when it should do so. Depending on the topology and if a Shortest Path Tree (SPT) threshold is configured as infinite, this situation might result in a multicast forwarding interruption of up to 2 minutes. This problem is resolved in Release 12.1(23)E. (CSCee89438)
Bugs • If there are more than 50 files on the flash card, access from CiscoView Device Manager (CVDM) might cause a reload. This problem is resolved in Release 12.1(23)E. (CSCef07965) • If you change the STP root bridge, a Layer 2 loop might exist very briefly. This problem is resolved in Release 12.1(23)E. (CSCed85411) • Following switchover to a redundant supervisor engine, any EtherChannels on the newly active supervisor engine are not active and the newly redundant supervisor engine
Bugs • High traffic flow rates (for example, 60 percent or more of capacity) through a PA- A3 ATM port adapter might cause a reload. This problem is resolved in Release 12.1(26)E. (CSCdy46272) • A reload might occur if you apply egress WAN QoS features to an ingress WAN interface. This problem is resolved in Release 12.1(23)E. (CSCin77116) • When the number of routing table entries exceeds the capacity of the hardware- forwarding information base (FIB), the
Bugs • If you enable PIM on a VLAN interface and configure a bridge group on the VLAN interface, and then remove the PIM configuration from the VLAN interface, EIGRP neighborships are lost. This problem is resolved in Release 12.1(26)E. (CSCed12722) • When an OSPF neighbor on a local IP segment has multiple interfaces on that IP segment, OSPF installs only a single next-hop entry to routes reachable through the OSPF neighbor, instead of multiple next-hop entries, as required by RFC 2328. This problem is resolved in Release 12.1(26)E. (CSCee21928) • Policing might not be accurate for packets smaller than 82 bytes. This problem is resolved in Release 12.1(26)E. (CSCee78451)
Bugs • When you configure a static PIM rendezvous point (RP) IP address with an ACL that specifies the groups for the RP, and there is also another RP IP address configured without an ACL, you cannot remove the first RP IP address from the configuration. This problem is resolved in Release 12.1(26)E. (CSCee93574) • When the BGP table is full on an MPLS backbone router, routing updates or configuring additional routes might cause a reload. This problem is resolved in Release 12.1(26)E. (CSCef49199) • After a switchover to a redundant supervisor engine, aggregate policers might not be applied to the interfaces where they are configured. This problem is resolved in Release 12.1(26)E. (CSCin83227)
Bugs • When an EXEC session is at the "More" prompt, the session fails to time out. This problem is resolved in Release 12.1(26)E. (CSCef35192) • If you are using the Open Shortest Path First (OSPF) protocol and the Catalyst 6500 series switch or the Cisco 7600 series router is an Area Border Router (ABR) attached to one or more not-so-stubby areas (NSSAs), the configuration of "summary-address 0.0.0.0 0.0.0.0" can result in the ABR default summary Link State Advertisement (LSA) being repeatedly flushed and reoriginated in each attached NSSA. This problem is resolved in Release 12.1(26)E2. (CSCdx83438) • If an intermittent multicast source is inactive for 3.5 minutes, (S,G) entries in the MSDP cache might become inconsistent with a neighbor's cache which can cause multicast packet loss. This problem is resolved in Release 12.1(26)E4. (CSCsb23433)
Bugs • An autonomous system boundary router (ASBR) that is running open shortest path first (OSPF) and is configured with the area area_idnssa default-information-originate command, might continue to advertise a default route in a not-so-stubby area (NSSA) even after the default Border Gateway Protocol (BGP) route has been withdrawn and removed from the routing table. This problem is resolved in Release 12.1(26)E5. (CSCsc03828) • Static routes that are redistributed into BGP display an incorrect next hop address. This situation might cause a routing loop. This problem is resolved in Release 12.1(26)E7. (CSCeg41727) • A very slow memory leak might occur in the medium buffers. This problem occurs on a system configured with a distributed EtherChannel (DEC). When this problem occurs, MALLOCFAIL messages are displayed in the switch processor log. This problem is resolved in Release 12.1(26)E8. (CSCsf31542)
Bugs • With a tunnel configured to use an ATM interface, one end of the tunnel cannot ping the other end until you bring either end of the tunnel interface down and up. This problem is resolved in Release 12.1(26)E8. (CSCse40423) • Port 2 or port 4 on a WS-X6816-GBIC switching module might go up and down when port 1 is enabled, not connected, and set to autonegotiate. This problem occurs if a 1000BASE-T GBIC was ever inserted since the last time the module was reloaded. This problem is resolved in Release 12.1(26)E8. (CSCse12195) • A Multilink PPP (MLP) link does not forward traffic when MLP is configured on an interface of a FlexWAN port adapter, or an Enhanced FlexWAN PA. This problem is resolved in Release 12.1(27b)E. (CSCeb07656)
Bugs • A reload occurs when you delete a policy map that was attached in both the in and out direction. This problem is resolved in Release 12.1(27b)E. (CSCsb29774) • For multicast flows, the PFC does not provide Layer 3 switching on output interfaces with MTU sizes smaller than the flow's input interface MTU size. • When a redundant supervisor engine is in standby mode, the Ethernet ports on the
Bugs • You cannot configure the MTU size on VLAN interfaces. For Supervisor Engine 2, this problem is resolved in Release 12.1(8a)E. For Supervisor Engine 1, this problem is resolved in Release 12.1(7)E. (CSCdr62024) • For multicast flows, the PFC does not provide Layer 3 switching on output interfaces with MTU sizes smaller than the flow's input interface MTU size. • When a redundant supervisor engine is in
Why we didn't catch that

Recommended

Why we didn't catch that application bugs
Why we didn't catch that application bugsWhy we didn't catch that application bugs
Why we didn't catch that application bugs
gaoliang641
 
Distributed and Scalable JMeter
Distributed and Scalable JMeterDistributed and Scalable JMeter
Distributed and Scalable JMeter
Hepsiburada
 
NVMe and NVMe-oF Plugfest Webinar 9
NVMe and NVMe-oF Plugfest Webinar 9NVMe and NVMe-oF Plugfest Webinar 9
NVMe and NVMe-oF Plugfest Webinar 9
UNH InterOperability Lab
 
Joomla Code Quality Control and Automation Testing
Joomla Code Quality Control and Automation TestingJoomla Code Quality Control and Automation Testing
Joomla Code Quality Control and Automation Testing
Shyam Sunder Verma
 
Continuous Integration - Mobile Practice
Continuous Integration - Mobile PracticeContinuous Integration - Mobile Practice
Continuous Integration - Mobile Practice
HARMAN Services
 
Spring Testing, Fight for the Context
Spring Testing, Fight for the ContextSpring Testing, Fight for the Context
Spring Testing, Fight for the Context
GlobalLogic Ukraine
 
Test parallelization using Jenkins
Test parallelization using JenkinsTest parallelization using Jenkins
Test parallelization using Jenkins
Rogue Wave Software
 
On Software Release Engineering (Bram Adams)
On Software Release Engineering (Bram Adams)On Software Release Engineering (Bram Adams)
On Software Release Engineering (Bram Adams)
Bram Adams
 

Recommended

Why we didn't catch that application bugs
Why we didn't catch that application bugsWhy we didn't catch that application bugs
Why we didn't catch that application bugs
gaoliang641
 
Distributed and Scalable JMeter
Distributed and Scalable JMeterDistributed and Scalable JMeter
Distributed and Scalable JMeter
Hepsiburada
 
NVMe and NVMe-oF Plugfest Webinar 9
NVMe and NVMe-oF Plugfest Webinar 9NVMe and NVMe-oF Plugfest Webinar 9
NVMe and NVMe-oF Plugfest Webinar 9
UNH InterOperability Lab
 
Joomla Code Quality Control and Automation Testing
Joomla Code Quality Control and Automation TestingJoomla Code Quality Control and Automation Testing
Joomla Code Quality Control and Automation Testing
Shyam Sunder Verma
 
Continuous Integration - Mobile Practice
Continuous Integration - Mobile PracticeContinuous Integration - Mobile Practice
Continuous Integration - Mobile Practice
HARMAN Services
 
Spring Testing, Fight for the Context
Spring Testing, Fight for the ContextSpring Testing, Fight for the Context
Spring Testing, Fight for the Context
GlobalLogic Ukraine
 
Test parallelization using Jenkins
Test parallelization using JenkinsTest parallelization using Jenkins
Test parallelization using Jenkins
Rogue Wave Software
 
On Software Release Engineering (Bram Adams)
On Software Release Engineering (Bram Adams)On Software Release Engineering (Bram Adams)
On Software Release Engineering (Bram Adams)
Bram Adams
 
Continuous Development Pipeline
Continuous Development PipelineContinuous Development Pipeline
Continuous Development Pipeline
Izzet Mustafaiev
 
Modern Release Engineering in a Nutshell - Why Researchers should Care!
Modern Release Engineering in a Nutshell - Why Researchers should Care!Modern Release Engineering in a Nutshell - Why Researchers should Care!
Modern Release Engineering in a Nutshell - Why Researchers should Care!
Bram Adams
 
Continuous Integration, Continuous Quality, Continuous Delivery
Continuous Integration, Continuous Quality, Continuous DeliveryContinuous Integration, Continuous Quality, Continuous Delivery
Continuous Integration, Continuous Quality, Continuous Delivery
John Ferguson Smart Limited
 
Hp fortify source code analyzer(sca)
Hp fortify source code analyzer(sca)Hp fortify source code analyzer(sca)
Hp fortify source code analyzer(sca)
Nagaraju Repala
 
Agile Engineering Sparker GLASScon 2015
Agile Engineering Sparker GLASScon 2015Agile Engineering Sparker GLASScon 2015
Agile Engineering Sparker GLASScon 2015
Stephen Ritchie
 
DSL, Gfast and Wireless Test Software: Test Sentinel
DSL, Gfast and Wireless Test Software: Test SentinelDSL, Gfast and Wireless Test Software: Test Sentinel
DSL, Gfast and Wireless Test Software: Test Sentinel
UNH InterOperability Lab
 
NIWeek 2012: Fire and Forget / Bulletproof Builds Using Continuous Integratio...
NIWeek 2012: Fire and Forget / Bulletproof Builds Using Continuous Integratio...NIWeek 2012: Fire and Forget / Bulletproof Builds Using Continuous Integratio...
NIWeek 2012: Fire and Forget / Bulletproof Builds Using Continuous Integratio...
JKI
 
Agile Engineering Best Practices by Richard Cheng
Agile Engineering Best Practices by Richard ChengAgile Engineering Best Practices by Richard Cheng
Agile Engineering Best Practices by Richard Cheng
Excella
 
The 10 Commandments of Release Engineering
The 10 Commandments of Release EngineeringThe 10 Commandments of Release Engineering
The 10 Commandments of Release Engineering
Solano Labs
 
UNH-IOL NVMe Plugfest #12 Webinar
UNH-IOL NVMe Plugfest #12 WebinarUNH-IOL NVMe Plugfest #12 Webinar
UNH-IOL NVMe Plugfest #12 Webinar
UNH InterOperability Lab
 
Система мониторинга Zabbix
Система мониторинга ZabbixСистема мониторинга Zabbix
Система мониторинга Zabbix
ITCrowd Almaty
 
How to work with Selenium Grid: a quick walkthrough
How to work with Selenium Grid: a quick walkthroughHow to work with Selenium Grid: a quick walkthrough
How to work with Selenium Grid: a quick walkthrough
Noam Zakai
 
[AMD] Novel Use of Perforce for Software Auto-updates and File Transfer
[AMD] Novel Use of Perforce for Software Auto-updates and File Transfer[AMD] Novel Use of Perforce for Software Auto-updates and File Transfer
[AMD] Novel Use of Perforce for Software Auto-updates and File Transfer
Perforce
 
Continuous delivery @wcap 5-09-2013
Continuous delivery @wcap 5-09-2013Continuous delivery @wcap 5-09-2013
Continuous delivery @wcap 5-09-2013
David Funaro
 
The Continuous delivery Value @ codemotion 2014
The Continuous delivery Value @ codemotion 2014The Continuous delivery Value @ codemotion 2014
The Continuous delivery Value @ codemotion 2014
David Funaro
 
Continuous delivery applied
Continuous delivery appliedContinuous delivery applied
Continuous delivery applied
Mike McGarr
 
UNH-IOL NVMe Plugfest Webinar #11
UNH-IOL NVMe Plugfest Webinar #11UNH-IOL NVMe Plugfest Webinar #11
UNH-IOL NVMe Plugfest Webinar #11
UNH InterOperability Lab
 
Rapid software testing and conformance with static code analysis
Rapid software testing and conformance with static code analysisRapid software testing and conformance with static code analysis
Rapid software testing and conformance with static code analysis
Rogue Wave Software
 
Better Security Testing: Using the Cloud and Continuous Delivery
Better Security Testing: Using the Cloud and Continuous DeliveryBetter Security Testing: Using the Cloud and Continuous Delivery
Better Security Testing: Using the Cloud and Continuous Delivery
Gene Gotimer
 
Successful testing continuous delivery - coding serbia 2013
Successful testing continuous delivery - coding serbia 2013Successful testing continuous delivery - coding serbia 2013
Successful testing continuous delivery - coding serbia 2013
Miel Donkers
 
VMworld 2015: Networking Virtual SAN's Backbone
VMworld 2015: Networking Virtual SAN's BackboneVMworld 2015: Networking Virtual SAN's Backbone
VMworld 2015: Networking Virtual SAN's Backbone
VMworld
 
200-301-demo.pdf
200-301-demo.pdf200-301-demo.pdf
200-301-demo.pdf
CiscoExamDumpsarticl1
 

More Related Content

What's hot

Modern Release Engineering in a Nutshell - Why Researchers should Care!
Modern Release Engineering in a Nutshell - Why Researchers should Care!Modern Release Engineering in a Nutshell - Why Researchers should Care!
Modern Release Engineering in a Nutshell - Why Researchers should Care!
Bram Adams
 
Agile Engineering Best Practices by Richard Cheng
Agile Engineering Best Practices by Richard ChengAgile Engineering Best Practices by Richard Cheng
Agile Engineering Best Practices by Richard Cheng
Excella
 
The 10 Commandments of Release Engineering
The 10 Commandments of Release EngineeringThe 10 Commandments of Release Engineering
The 10 Commandments of Release Engineering
Solano Labs
 
Continuous delivery applied
Continuous delivery appliedContinuous delivery applied
Continuous delivery applied
Mike McGarr
 
Rapid software testing and conformance with static code analysis
Rapid software testing and conformance with static code analysisRapid software testing and conformance with static code analysis
Rapid software testing and conformance with static code analysis
Rogue Wave Software
 
Better Security Testing: Using the Cloud and Continuous Delivery
Better Security Testing: Using the Cloud and Continuous DeliveryBetter Security Testing: Using the Cloud and Continuous Delivery
Better Security Testing: Using the Cloud and Continuous Delivery
Gene Gotimer
 
Successful testing continuous delivery - coding serbia 2013
Successful testing continuous delivery - coding serbia 2013Successful testing continuous delivery - coding serbia 2013
Successful testing continuous delivery - coding serbia 2013
Miel Donkers
 

What's hot (20)

Continuous Development Pipeline
Continuous Development PipelineContinuous Development Pipeline
Continuous Development Pipeline
 
Modern Release Engineering in a Nutshell - Why Researchers should Care!
Modern Release Engineering in a Nutshell - Why Researchers should Care!Modern Release Engineering in a Nutshell - Why Researchers should Care!
Modern Release Engineering in a Nutshell - Why Researchers should Care!
 
Continuous Integration, Continuous Quality, Continuous Delivery
Continuous Integration, Continuous Quality, Continuous DeliveryContinuous Integration, Continuous Quality, Continuous Delivery
Continuous Integration, Continuous Quality, Continuous Delivery
 
Hp fortify source code analyzer(sca)
Hp fortify source code analyzer(sca)Hp fortify source code analyzer(sca)
Hp fortify source code analyzer(sca)
 
Agile Engineering Sparker GLASScon 2015
Agile Engineering Sparker GLASScon 2015Agile Engineering Sparker GLASScon 2015
Agile Engineering Sparker GLASScon 2015
 
DSL, Gfast and Wireless Test Software: Test Sentinel
DSL, Gfast and Wireless Test Software: Test SentinelDSL, Gfast and Wireless Test Software: Test Sentinel
DSL, Gfast and Wireless Test Software: Test Sentinel
 
NIWeek 2012: Fire and Forget / Bulletproof Builds Using Continuous Integratio...
NIWeek 2012: Fire and Forget / Bulletproof Builds Using Continuous Integratio...NIWeek 2012: Fire and Forget / Bulletproof Builds Using Continuous Integratio...
NIWeek 2012: Fire and Forget / Bulletproof Builds Using Continuous Integratio...
 
Agile Engineering Best Practices by Richard Cheng
Agile Engineering Best Practices by Richard ChengAgile Engineering Best Practices by Richard Cheng
Agile Engineering Best Practices by Richard Cheng
 
The 10 Commandments of Release Engineering
The 10 Commandments of Release EngineeringThe 10 Commandments of Release Engineering
The 10 Commandments of Release Engineering
 
UNH-IOL NVMe Plugfest #12 Webinar
UNH-IOL NVMe Plugfest #12 WebinarUNH-IOL NVMe Plugfest #12 Webinar
UNH-IOL NVMe Plugfest #12 Webinar
 
Система мониторинга Zabbix
Система мониторинга ZabbixСистема мониторинга Zabbix
Система мониторинга Zabbix
 
How to work with Selenium Grid: a quick walkthrough
How to work with Selenium Grid: a quick walkthroughHow to work with Selenium Grid: a quick walkthrough
How to work with Selenium Grid: a quick walkthrough
 
[AMD] Novel Use of Perforce for Software Auto-updates and File Transfer
[AMD] Novel Use of Perforce for Software Auto-updates and File Transfer[AMD] Novel Use of Perforce for Software Auto-updates and File Transfer
[AMD] Novel Use of Perforce for Software Auto-updates and File Transfer
 
Continuous delivery @wcap 5-09-2013
Continuous delivery @wcap 5-09-2013Continuous delivery @wcap 5-09-2013
Continuous delivery @wcap 5-09-2013
 
The Continuous delivery Value @ codemotion 2014
The Continuous delivery Value @ codemotion 2014The Continuous delivery Value @ codemotion 2014
The Continuous delivery Value @ codemotion 2014
 
Continuous delivery applied
Continuous delivery appliedContinuous delivery applied
Continuous delivery applied
 
UNH-IOL NVMe Plugfest Webinar #11
UNH-IOL NVMe Plugfest Webinar #11UNH-IOL NVMe Plugfest Webinar #11
UNH-IOL NVMe Plugfest Webinar #11
 
Rapid software testing and conformance with static code analysis
Rapid software testing and conformance with static code analysisRapid software testing and conformance with static code analysis
Rapid software testing and conformance with static code analysis
 
Better Security Testing: Using the Cloud and Continuous Delivery
Better Security Testing: Using the Cloud and Continuous DeliveryBetter Security Testing: Using the Cloud and Continuous Delivery
Better Security Testing: Using the Cloud and Continuous Delivery
 
Successful testing continuous delivery - coding serbia 2013
Successful testing continuous delivery - coding serbia 2013Successful testing continuous delivery - coding serbia 2013
Successful testing continuous delivery - coding serbia 2013
 

Similar to Why we didn't catch that

VMworld 2015: Networking Virtual SAN's Backbone
VMworld 2015: Networking Virtual SAN's BackboneVMworld 2015: Networking Virtual SAN's Backbone
VMworld 2015: Networking Virtual SAN's Backbone
VMworld
 
640 802 exam
640 802 exam640 802 exam
640 802 exam
liemgpc2
 
configuring_cisco_stackwise_virtual.pdf
configuring_cisco_stackwise_virtual.pdfconfiguring_cisco_stackwise_virtual.pdf
configuring_cisco_stackwise_virtual.pdf
AbdulfattahAssad
 
Oow2007 performance
Oow2007 performanceOow2007 performance
Oow2007 performance
Ricky Zhu
 
Www ccnav5 net_ccna_3_v5_final_exam_answers_2014
Www ccnav5 net_ccna_3_v5_final_exam_answers_2014Www ccnav5 net_ccna_3_v5_final_exam_answers_2014
Www ccnav5 net_ccna_3_v5_final_exam_answers_2014
Đồng Quốc Vương
 
Best practices for catalyst 4500 4000, 5500-5000, and 6500-6000 series switch...
Best practices for catalyst 4500 4000, 5500-5000, and 6500-6000 series switch...Best practices for catalyst 4500 4000, 5500-5000, and 6500-6000 series switch...
Best practices for catalyst 4500 4000, 5500-5000, and 6500-6000 series switch...
abdenour boussioud
 
Ccna 1 practice final exam answer v5
Ccna 1 practice final exam answer v5Ccna 1 practice final exam answer v5
Ccna 1 practice final exam answer v5
friv4schoolgames
 

Similar to Why we didn't catch that (20)

VMworld 2015: Networking Virtual SAN's Backbone
VMworld 2015: Networking Virtual SAN's BackboneVMworld 2015: Networking Virtual SAN's Backbone
VMworld 2015: Networking Virtual SAN's Backbone
 
200-301-demo.pdf
200-301-demo.pdf200-301-demo.pdf
200-301-demo.pdf
 
Cisco 200-301 Exam Dumps
Cisco 200-301 Exam DumpsCisco 200-301 Exam Dumps
Cisco 200-301 Exam Dumps
 
Cisco 200-301 Exam Dumps
Cisco 200-301 Exam DumpsCisco 200-301 Exam Dumps
Cisco 200-301 Exam Dumps
 
Ccna 4 Final 4 Version 4.0 Answers
Ccna 4 Final 4 Version 4.0 AnswersCcna 4 Final 4 Version 4.0 Answers
Ccna 4 Final 4 Version 4.0 Answers
 
Resume_ApparaoC
Resume_ApparaoCResume_ApparaoC
Resume_ApparaoC
 
Cloud Networking is not Virtual Networking - London VMUG 20130425
Cloud Networking is not Virtual Networking - London VMUG 20130425Cloud Networking is not Virtual Networking - London VMUG 20130425
Cloud Networking is not Virtual Networking - London VMUG 20130425
 
Exam viewer2
Exam viewer2Exam viewer2
Exam viewer2
 
640 802 exam
640 802 exam640 802 exam
640 802 exam
 
configuring_cisco_stackwise_virtual.pdf
configuring_cisco_stackwise_virtual.pdfconfiguring_cisco_stackwise_virtual.pdf
configuring_cisco_stackwise_virtual.pdf
 
Đề Thi Trắc Nghiệm CCNA Full
Đề Thi Trắc Nghiệm CCNA Full Đề Thi Trắc Nghiệm CCNA Full
Đề Thi Trắc Nghiệm CCNA Full
 
Avaya VoIP on Cisco Best Practices by PacketBase
Avaya VoIP on Cisco Best Practices by PacketBaseAvaya VoIP on Cisco Best Practices by PacketBase
Avaya VoIP on Cisco Best Practices by PacketBase
 
Virtualizing the Network to enable a Software Defined Infrastructure (SDI)
Virtualizing the Network to enable a Software Defined Infrastructure (SDI)Virtualizing the Network to enable a Software Defined Infrastructure (SDI)
Virtualizing the Network to enable a Software Defined Infrastructure (SDI)
 
lecciones ccna3
lecciones ccna3lecciones ccna3
lecciones ccna3
 
Oow2007 performance
Oow2007 performanceOow2007 performance
Oow2007 performance
 
New Generation Oracle RAC Performance
New Generation Oracle RAC PerformanceNew Generation Oracle RAC Performance
New Generation Oracle RAC Performance
 
VMware ESXi - Intel and Qlogic NIC throughput difference v0.6
VMware ESXi - Intel and Qlogic NIC throughput difference v0.6VMware ESXi - Intel and Qlogic NIC throughput difference v0.6
VMware ESXi - Intel and Qlogic NIC throughput difference v0.6
 
Www ccnav5 net_ccna_3_v5_final_exam_answers_2014
Www ccnav5 net_ccna_3_v5_final_exam_answers_2014Www ccnav5 net_ccna_3_v5_final_exam_answers_2014
Www ccnav5 net_ccna_3_v5_final_exam_answers_2014
 
Best practices for catalyst 4500 4000, 5500-5000, and 6500-6000 series switch...
Best practices for catalyst 4500 4000, 5500-5000, and 6500-6000 series switch...Best practices for catalyst 4500 4000, 5500-5000, and 6500-6000 series switch...
Best practices for catalyst 4500 4000, 5500-5000, and 6500-6000 series switch...
 
Ccna 1 practice final exam answer v5
Ccna 1 practice final exam answer v5Ccna 1 practice final exam answer v5
Ccna 1 practice final exam answer v5
 

More from gaoliang641

Understand release engineering
Understand release engineeringUnderstand release engineering
Understand release engineering
gaoliang641
 
Understand regression testing
Understand regression testingUnderstand regression testing
Understand regression testing
gaoliang641
 
The art of system and solution testing
The art of system and solution testingThe art of system and solution testing
The art of system and solution testing
gaoliang641
 
Tester performance evaluation
Tester performance evaluationTester performance evaluation
Tester performance evaluation
gaoliang641
 
Tester developer interaction
Tester developer interactionTester developer interaction
Tester developer interaction
gaoliang641
 
Tester career path
Tester career pathTester career path
Tester career path
gaoliang641
 
Agile testing for large projects
Agile testing for large projectsAgile testing for large projects
Agile testing for large projects
gaoliang641
 
Project management for qa manager
Project management for qa managerProject management for qa manager
Project management for qa manager
gaoliang641
 
Make good use of explortary testing
Make good use of explortary testingMake good use of explortary testing
Make good use of explortary testing
gaoliang641
 
Bug best practice
Bug best practiceBug best practice
Bug best practice
gaoliang641
 
Lessons learned on localization testing
Lessons learned on localization testingLessons learned on localization testing
Lessons learned on localization testing
gaoliang641
 
How to become a testing expert
How to become a testing expertHow to become a testing expert
How to become a testing expert
gaoliang641
 
Functionality testing techniqu
Functionality testing techniquFunctionality testing techniqu
Functionality testing techniqu
gaoliang641
 

More from gaoliang641 (19)

Understand release engineering
Understand release engineeringUnderstand release engineering
Understand release engineering
 
Understand regression testing
Understand regression testingUnderstand regression testing
Understand regression testing
 
The art of system and solution testing
The art of system and solution testingThe art of system and solution testing
The art of system and solution testing
 
Tester performance evaluation
Tester performance evaluationTester performance evaluation
Tester performance evaluation
 
Tester developer interaction
Tester developer interactionTester developer interaction
Tester developer interaction
 
Tester career path
Tester career pathTester career path
Tester career path
 
Agile testing for large projects
Agile testing for large projectsAgile testing for large projects
Agile testing for large projects
 
Project management for qa manager
Project management for qa managerProject management for qa manager
Project management for qa manager
 
Make good use of explortary testing
Make good use of explortary testingMake good use of explortary testing
Make good use of explortary testing
 
Bug best practice
Bug best practiceBug best practice
Bug best practice
 
Lessons learned on localization testing
Lessons learned on localization testingLessons learned on localization testing
Lessons learned on localization testing
 
Lessons learned on software testing automation
Lessons learned on software testing automationLessons learned on software testing automation
Lessons learned on software testing automation
 
How to become a testing expert
How to become a testing expertHow to become a testing expert
How to become a testing expert
 
Functionality testing techniqu
Functionality testing techniquFunctionality testing techniqu
Functionality testing techniqu
 
Protocol Security Testing best practice
Protocol Security Testing best practiceProtocol Security Testing best practice
Protocol Security Testing best practice
 
Backward thinking design qa system for quality goals
Backward thinking design qa system for quality goalsBackward thinking design qa system for quality goals
Backward thinking design qa system for quality goals
 
Automation framework design and implementation
Automation framework design and implementationAutomation framework design and implementation
Automation framework design and implementation
 
Automation from start to finish
Automation from start to finishAutomation from start to finish
Automation from start to finish
 
Agile testing for large projects
Agile testing for large projectsAgile testing for large projects
Agile testing for large projects
 

Recently uploaded

Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 

Recently uploaded (20)

Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 

Why we didn't catch that

  • 1. Catch Me If You Can Customer Fund Bug Analysis Liang Gao
  • 2.
  • 3. Analysis Customer Found Bug is Good • Why we didn’t find it through our internal testing • What test case can be designed to catch that • What kind of test strategy can cover that • How can we make sure we can catch this kind if bug from now on
  • 4. Bug • Title: 在向某防火墙发送 version 字段为 0 的 IPv6 报文时,打开防火墙的 snoop ,会造 成防火墙重启 . • How would you design test case? • Why it was not caught internally • What kind of test strategy can cover this?
  • 5. Bug • 处理 IPv6 分片 ICMP 大包 . 防火墙上结果是 未通过 • How would you design test case? • Why it was not caught internally • What kind of test strategy can cover this?
  • 6. Bug • 某网络安全代理产品:当访问已有代理的 Web 服务器时候访问不了 • How would you design test case? • Why it was not caught internally • What kind of test strategy can cover this?Content secure gateway Proxy Web Server
  • 7. Bug • 配置了 65535 个 RP 和 1785 个 vlan 的 IP 地址后, wr ,死机,重新断电启动, 等待 10 分钟后仍然无法启动 • How would you design test case? • Why it was not caught internally • What kind of test strategy can cover this?
  • 8. Bug • 当使用 BGP PEER GROUP 时,当邻居 实际 AS 与配置的 AS 不同时,仍能建 立连接
  • 9. Bugs • A Cisco Secure Access Control Server (ACS) that is configured to use Extensible Authentication Protocol- Transport Layer Security (EAP-TLS) to authenticate users to the network will allow access to any user that uses a cryptographically correct certificate which can be expired, or come from an untrusted Certificate Authority (CA) and still be cryptographically correct. • CSCse58195. The WLC contains a bug when processing WLAN ACLs that causes the WLANvACL configuration to be saved with an invalid checksum. When the configuration is subsequently reloaded at boot time, the checksum fails and the WLAN ACLs are not installed.
  • 10. Bugs • CSCdv24925 It is possible to read stored configuration file from the Storage Router without any authorization. • CSCdu45417 It is possible to halt the Storage Router by sending a fragmented packet over the Gigabit interface. • CSCdv24925 An unauthorized person may read the configuration of the Storage Router. That may lead to unauthorized access of a storage space.
  • 11. Bugs • Versions of the Cisco ACE 4710 Application Control Engine appliance prior to software version A1(8a) use default administrator, web management, and device management account credentials. The appliance and module do not prompt users to modify system account passwords during the initial configuration process. • Crafted SSH Packet Vulnerability • Crafted SNMPv2c Packet Vulnerability
  • 12. Bugs • Phone number displayed as 214-748-3647 in some occasion.
  • 13. Boundary Testing Bugs 13  214-748-3647 Most popular phone number in US  Largest 32 bit signed number  Store phone number in a signed 32 bits and didn’t check buffer overflow
  • 14. Bugs • 某上网行为管理产品:早上 9 点左右时候 系统重启 . • 某交换机产品:每两年左右自动重启一次
  • 15. Bugs • WLC ARP Storm • A vulnerable WLC may mishandle unicast ARP requests from a wireless client leading to an ARP storm. In order for the vulnerability to be exposed, two WLCs attached to the same set of Layer-2 VLANs must each have a context for the wireless client. This can occur after a Layer-3 (cross- subnet) roam or when guest WLAN (auto- anchor) is in use.
  • 16. Bugs • In a topology that uses VLAN interfaces for intermediate router connections, PIM register and PIM register stop messages might loop between the intermediate routers until the TTL count expires. (CSCea51320 ) • Hardware failures on the WS-X6548-RJ-45 module are not detected. (CSCea17192) • A reload might occur if you configure an IP address that is a duplicate of an IP address
  • 17. Bugs • With PIM dense mode configured, multicast traffic might get dropped when all routers have the multicast group in a pruned state even though interested receivers are present. (CSCea26993) • An interface that is defined in an Enhanced Interior Gateway Routing Protocol (EIGRP) network statement may fail to come up in the EIGRP topology table. This symptom is observed after a system reload. The occurrence of the symptom depends on the
  • 18. Bugs • UP and DOWN status messages may be displayed on the console. This symptom is observed when a leased-line configuration is in the UP state, but the peer is not responding. This symptom occurs because PPP calls the interface reset vector regularly if the peer is not responding to the PPP attempts to communicate. This problem is resolved in Release 12.1(19)E. (CSCdx55880) • A redundant supervisor engine might not reload if you enter the reload command on the redundant supervisor engine's console or
  • 19. Bugs • MPLS does not work if you configure fall- back bridging on the MPLS subinterface. This problem is resolved in Release 12.1(19)E. (CSCdz75507 • Cisco routers and switches running Cisco IOS software and configured to process Internet Protocol version 4 (IPv4) packets are vulnerable to a Denial of Service (DoS) attack. A rare sequence of crafted IPv4 packets sent directly to the device may cause the input interface to stop processing traffic once the input queue is full. No
  • 20. Bugs • When an OSPF topology change occurs, an MPLS provider edge (PE) router might not forward IP-to-Tag traffic to some IP destinations when it has equal cost load- sharing paths to the IP destinations. This problem is resolved in Release 12.1(20)E. (CSCeb52169) • An E3 link to an OC-12 channelized OSM might not come up. This problem is resolved in Release 12.1(20)E. (CSCec39689)
  • 21. Bugs • If you delete and recreate Frame Relay subinterfaces in random order on OSM POS interfaces, some traffic might be sent to the wrong subinterface. This problem is resolved in Release 12.1(20)E2. (CSCec67501) • An OC-12 POS OSM might reset as a result of memory corruption. This problem is resolved in Release 12.1(20)E2. (CSCec59550) • A Catalyst 6509 switch with a Supervisor Engine 1 and an MSFC2 repeatedly reboots
  • 22. Bugs • After a few weeks of normal operation, an interface on a PA- MC-8E1 port adapter begins flapping and finally pauses with the output queue stuck as follows: • You can attach a service policy that contains invalid configuration to an interface. If you apply a Frame Relay map-class with both input policing and output queuing to a DLCI twice, the FlexWAN module might reload. This problem is resolved in Release 12.1(20)E. (CSCin52060) • Ignore messages from a 1-port multichannel STM-1 port adapter (PA- MC-STM-1) that reports a large number of degraded minutes on an E1 controller. For example, after 15 minutes of operation since startup, 35,000,000 degraded minutes might be reported and these values might increase every second. Code violations might also be reported. This problem is resolved in Release 12.1(20)E. (CSCec08973)
  • 23. Bugs • Illegal memory accesses when a dGRE test is configured on HSSI Frame Relay encapsulation for a FlexWAN module might cause a reload. This problem is resolved in Release 12.1(20)E2. (CSCin29514) • An administratively shut-down subinterface that is configured for Frame-Relay encapsulation might forward packets. This problem is resolved in Release 12.1(20)E3. (CSCed78803) • With a high traffic load, PA-A3-OC3, PA-A3-T3, and PA-A3-E3 port adapters might display an increasing "rx_no_buffer" counter in the output of the show controllers atm privileged EXEC command and some PVCs configured on the PA-A3 port adapter might stop receiving traffic. This problem is resolved in Release 12.1(20)E3. (CSCin49458)
  • 24. Bugs • With a large number of static multicast entries configured (approximately 8,000), some entries might not propagate to DFCs. This problem is resolved in Release 12.1(20)E. (CSCec50577) • With EoMPLS configured, a reload might occur if you configure a different access VLAN on the CE-facing port. This problem is resolved in Release 12.1(20)E. (CSCec23787) • With QoS and Cisco IOS server load balancing (Cisco IOS SLB) configured on a Supervisor Engine 1, a VACL configured to filter multicast traffic on one VLAN might incorrectly be applied to multicast traffic on other VLANs. This problem is resolved in Release 12.1(20)E. (CSCeb69582)
  • 25. Bugs • On WS-X6548-GE-TX and WS-X6548V-GE-TX modules, CEF-switched Ethernet egress packets that are less than 64-bytes long are not padded correctly. This problem is resolved in Release 12.1(20)E. (CSCeb47640) • With EoMPLS configured, a reload might occur if you configure a different access VLAN on the CE-facing port. This problem is resolved in Release 12.1(20)E. (CSCec23787) • The running configuration does not show changes in the network time protocol (NTP) password. This problem is resolved in
  • 26. Bugs • When there is insufficient memory, crash information is not generated after a Supervisor Engine reload. This problem is resolved in Release 12.1(20)E. (CSCeb51785) • When you enter the show policy-map interface [interface] command on a system with a Supervisor Engine 2 and MSFC2, a system reload may occur. This problem is resolved in Release 12.1(20)E. (CSCeb49634) • Occasionally a bus error and reload might occur if an MPLS packet triggers the sending of an Internet Control Message Protocol (ICMP) packet. This problem is resolved in Release 12.1(20)E. (CSCeb27452)
  • 27. Bugs • An OSPF designated router does not generate a network link-state advertisement (LSA) for a broadcast network when another interface on the designated router has an administratively shut down interface with a duplicate address configured with the OSPF passive-interface command. This problem is resolved in Release 12.1(20)E. (CSCea35186) • With Internet Group Management Protocol (IGMP) and IP Protocol Independent Multicast (PIM) enabled, continual tracebacks might occur when you perform an online insertion and removal (OIR) of a module. This problem is resolved in Release 12.1(20)E. (CSCec13278) • A reload might occur if you delete a VPN routing and forwarding (VRF) instance while the show ip vrf vrf_name EXEC command executes. This problem is resolved in Release 12.1(20)E. (CSCea83675)
  • 28. Bugs • When more than 12 VLOUs are used in a policy attached to an interface, the entries are expanded. If the expanded entries are for a non-deny ACE, the entries are not accurate. The resulting ACEs for the policy are also inaccurate. This problem is resolved in Release 12.1(20)E2. (CSCed47753) • The ip pim register source command is not supported in Release 12.1E. This problem is resolved in Release 12.1(20)E2. (CSCec70483) • When fragmenting MPLS traffic, a reload
  • 29. Bugs • An IGMP packet flood might cause a reload. This problem is resolved in Release 12.1(20)E2. (CSCec39132) • The ip pim register source command is not supported in Release 12.1E. This problem is resolved in Release 12.1(20)E2. (CSCec70483) • When fragmenting MPLS traffic, a reload might occur after display of a "SYS-2- GETBUF" message. This problem is resolved
  • 30. Bugs • With both static and dynamic Port Address Translation (PAT) configured and if the ip nat pool inside_pool_name command has been entered for only one IP address, the IP addresses that are used for overloading might be used as one-to-one translations. This problem is resolved in Release 12.1(20)E3. (CSCdx19396) • Following a reload with a large number of active interfaces, an Open Shortest Path First (OSPF) interface might be in the down state while the port and the line protocol might be in the up state, which causes missing OSPF neighbor adjacencies on the OSPF interface that is in the down state. This problem is resolved in Release 12.1(20)E3. (CSCeb04048) • A reload might occur if you establish an SSHv2 session immediately after the "Press RETURN to get started!" message appears on the console. This problem is resolved in Release 12.1(20)E3. (CSCin48676)
  • 31. Bugs • OSPF area border routers (ABRs) might continue to generate summary link-state advertisements (LSAs) for obsolete nonbackbone intra-area routes. This problem is resolved in Release 12.1(20)E6. (CSCee36622) • If you add VLANs 1002-1005 to the allowed VLAN list for an SSL module, the SSL module might have a connectivity problem. This problem is resolved in Release 12.1(22)E. (CSCec60933)
  • 32. Bugs • With ISIS routing configured, an E3 or T3 port adapter might have its neighbors flap after a reload. This problem is resolved in Release 12.1(22)E. (CSCeb01905) • TCP FIN and RST packets might be dropped, which causes a 3 to 4 second delay in retrieving web content, if a hardware-switched TCP connection carrying more than 1,000 packets per second is load balanced through IOS Firewall Load Balancing or Cisco IOS server load balancing. This problem is resolved in Release 12.1(22)E. (CSCed38956) • A reload because of memory corruption might occur when an IP Security (IPsec) generic routing encapsulation (GRE) tunnel carries multicast traffic. This problem is resolved in Release 12.1(22)E. (CSCec06341)
  • 33. Bugs • HSRP packets are sent with the IP TTL field set to 2 instead of 1. This does not affect HSRP operation because HSRP packets are sent to a Layer 2 multicast address. This problem is resolved in Release 12.1(22)E. (CSCuk31498) • A reload might occur if you enter the interface loopback interface_number interface configuration command and the value of theinterface_number argument is a 9-digit number that starts with 10. This problem is resolved in Release 12.1(22)E. (CSCec03907) • With high traffic levels and when the reverse forwarding path (RPF) towards the rendezvous point and the multicast source are different, partially hardware-switched multicast flows might not be forwarded correctly. This problem is resolved in Release 12.1(22)E. (CSCec80654)
  • 34. Bugs • In IP packets with the IP options field populated, the IP type-of-service (ToS) byte might be truncated to a 3-bit long field. This problem deletes 3 bits of the 6-bit DSCP value and causes incorrect QoS operation. This problem is resolved in Release 12.1(22)E4. (CSCed93264) • Multicast 127-byte UDP packets that egress from OSM-2OC12-POS interfaces have invalid checksums. This problem is resolved in Release 12.1(23)E. (CSCec72798) • The SNMP slbStickyObjectTableEntry MIB
  • 35. Bugs • A reload might occur if you do the following on a FlexWAN module interface: – – Attach an egress queueing policy – – Attach an ingress policy that uses the same policy-map class – – Remove the ingress policy – – Update a queueing feature in the egress policy • A response time reporter (RTR) probe does not report input or output packets for serial interfaces of PA-MC-8T1, PA-MC-8E1, and PA-MC-8TE1+ port adapters. This problem is resolved in Release 12.1(23)E. (CSCee82681) • When a Multicast Source Discovery Protocol (MSDP)-enabled rendezvous point (RP) for a multicast group fails and an incoming (*,G) join message is received, the RP does not build an (S,G) state from its Source-Active (SA) cache when it should do so. Depending on the topology and if a Shortest Path Tree (SPT) threshold is configured as infinite, this situation might result in a multicast forwarding interruption of up to 2 minutes. This problem is resolved in Release 12.1(23)E. (CSCee89438)
  • 36. Bugs • If there are more than 50 files on the flash card, access from CiscoView Device Manager (CVDM) might cause a reload. This problem is resolved in Release 12.1(23)E. (CSCef07965) • If you change the STP root bridge, a Layer 2 loop might exist very briefly. This problem is resolved in Release 12.1(23)E. (CSCed85411) • Following switchover to a redundant supervisor engine, any EtherChannels on the newly active supervisor engine are not active and the newly redundant supervisor engine
  • 37. Bugs • High traffic flow rates (for example, 60 percent or more of capacity) through a PA- A3 ATM port adapter might cause a reload. This problem is resolved in Release 12.1(26)E. (CSCdy46272) • A reload might occur if you apply egress WAN QoS features to an ingress WAN interface. This problem is resolved in Release 12.1(23)E. (CSCin77116) • When the number of routing table entries exceeds the capacity of the hardware- forwarding information base (FIB), the
  • 38. Bugs • If you enable PIM on a VLAN interface and configure a bridge group on the VLAN interface, and then remove the PIM configuration from the VLAN interface, EIGRP neighborships are lost. This problem is resolved in Release 12.1(26)E. (CSCed12722) • When an OSPF neighbor on a local IP segment has multiple interfaces on that IP segment, OSPF installs only a single next-hop entry to routes reachable through the OSPF neighbor, instead of multiple next-hop entries, as required by RFC 2328. This problem is resolved in Release 12.1(26)E. (CSCee21928) • Policing might not be accurate for packets smaller than 82 bytes. This problem is resolved in Release 12.1(26)E. (CSCee78451)
  • 39. Bugs • When you configure a static PIM rendezvous point (RP) IP address with an ACL that specifies the groups for the RP, and there is also another RP IP address configured without an ACL, you cannot remove the first RP IP address from the configuration. This problem is resolved in Release 12.1(26)E. (CSCee93574) • When the BGP table is full on an MPLS backbone router, routing updates or configuring additional routes might cause a reload. This problem is resolved in Release 12.1(26)E. (CSCef49199) • After a switchover to a redundant supervisor engine, aggregate policers might not be applied to the interfaces where they are configured. This problem is resolved in Release 12.1(26)E. (CSCin83227)
  • 40. Bugs • When an EXEC session is at the "More" prompt, the session fails to time out. This problem is resolved in Release 12.1(26)E. (CSCef35192) • If you are using the Open Shortest Path First (OSPF) protocol and the Catalyst 6500 series switch or the Cisco 7600 series router is an Area Border Router (ABR) attached to one or more not-so-stubby areas (NSSAs), the configuration of "summary-address 0.0.0.0 0.0.0.0" can result in the ABR default summary Link State Advertisement (LSA) being repeatedly flushed and reoriginated in each attached NSSA. This problem is resolved in Release 12.1(26)E2. (CSCdx83438) • If an intermittent multicast source is inactive for 3.5 minutes, (S,G) entries in the MSDP cache might become inconsistent with a neighbor's cache which can cause multicast packet loss. This problem is resolved in Release 12.1(26)E4. (CSCsb23433)
  • 41. Bugs • An autonomous system boundary router (ASBR) that is running open shortest path first (OSPF) and is configured with the area area_idnssa default-information-originate command, might continue to advertise a default route in a not-so-stubby area (NSSA) even after the default Border Gateway Protocol (BGP) route has been withdrawn and removed from the routing table. This problem is resolved in Release 12.1(26)E5. (CSCsc03828) • Static routes that are redistributed into BGP display an incorrect next hop address. This situation might cause a routing loop. This problem is resolved in Release 12.1(26)E7. (CSCeg41727) • A very slow memory leak might occur in the medium buffers. This problem occurs on a system configured with a distributed EtherChannel (DEC). When this problem occurs, MALLOCFAIL messages are displayed in the switch processor log. This problem is resolved in Release 12.1(26)E8. (CSCsf31542)
  • 42. Bugs • With a tunnel configured to use an ATM interface, one end of the tunnel cannot ping the other end until you bring either end of the tunnel interface down and up. This problem is resolved in Release 12.1(26)E8. (CSCse40423) • Port 2 or port 4 on a WS-X6816-GBIC switching module might go up and down when port 1 is enabled, not connected, and set to autonegotiate. This problem occurs if a 1000BASE-T GBIC was ever inserted since the last time the module was reloaded. This problem is resolved in Release 12.1(26)E8. (CSCse12195) • A Multilink PPP (MLP) link does not forward traffic when MLP is configured on an interface of a FlexWAN port adapter, or an Enhanced FlexWAN PA. This problem is resolved in Release 12.1(27b)E. (CSCeb07656)
  • 43. Bugs • A reload occurs when you delete a policy map that was attached in both the in and out direction. This problem is resolved in Release 12.1(27b)E. (CSCsb29774) • For multicast flows, the PFC does not provide Layer 3 switching on output interfaces with MTU sizes smaller than the flow's input interface MTU size. • When a redundant supervisor engine is in standby mode, the Ethernet ports on the
  • 44. Bugs • You cannot configure the MTU size on VLAN interfaces. For Supervisor Engine 2, this problem is resolved in Release 12.1(8a)E. For Supervisor Engine 1, this problem is resolved in Release 12.1(7)E. (CSCdr62024) • For multicast flows, the PFC does not provide Layer 3 switching on output interfaces with MTU sizes smaller than the flow's input interface MTU size. • When a redundant supervisor engine is in