nanog mailing list archives
Re: DDOS Simulation
From: Pavel Odintsov <pavel.odintsov () gmail com>
Date: Tue, 28 Jul 2015 10:15:45 +0300
Hello! My machines have 16GB of memory but traffic generator uses about ~1GB of memory for 10GE link. On Tue, Jul 28, 2015 at 12:36 AM, alvin nanog <nanogml () mail ddos-mitigator net> wrote:
hi pavel On 07/28/15 at 12:02am, Pavel Odintsov wrote:It's poor man's traffic generator :)that's the best kind :-) as long as it gets the job done and you get to control what it doesMy test lab is i7 2600 with 2 port Intel X520 10GE and Intel Xeon E5 2604 witj 2 port Intel X520 10GE.nice cpu hw trick questions for those thinking of generating ddos traffic for testing - ?? how much memory was needed to run the traffic generator i assume around 1GB of memory for 1gigE interface and i still can purposely run out of memory while some apps are running at 10gigE pci card, you'd probably want at least 12GB - 16GB of memory - some "poor mans apps" to generate traffic ... start w/ nping or hping # generate 1,000 Mbit/sec of junk .. floodig is trivial ... ping -i 0.001 -s 2000 victimIP# nping --data-length 2000 --rate 1000 victimIP# socat iperf ... # # generate udp or icmp or arp or tcp traffic # # add options to generate large-sized packets # add options to generate 10Gbit/sec ( number of packet/sec ) # # play around with tcp headers # add options to send MTU=1501 byte but NOT set DF # add options to send ACK but no request # # add options to spoof source and desitination address and ports # # if the host machine become un-available, you've got a problem # for host in gw dns ntp http smtp for protocol in arp icmp udp tcp nping --protocol [ options ] host.example.com # hping is nice too done done # for bonus arp fun ... attacker# arpspoof gateway victim attacker# arpspoof victim gateway # prevent mitm with: use hard coded arp "/etc/ethers" for linux use OpenSSL certs to flag a warning when "attacker" inserted itself in between gateway and un-aware victim pixie dust alvin - DDoS-Mitigator.netOn Mon, Jul 27, 2015 at 11:59 PM, <Valdis.Kletnieks () vt edu> wrote:On Mon, 27 Jul 2015 23:32:56 +0300, Pavel Odintsov said:I would like to recommend MoonGen for generating very high speed attacks (I have generated up to 56 mpps/40GE with it).OK, I'll bite - what hardware were you using to inject that many packets?
-- Sincerely yours, Pavel Odintsov
Current thread:
- Re: DDOS Simulation, (continued)
- Re: DDOS Simulation Roland Dobbins (Jul 28)
- Re: DDOS Simulation alvin nanog (Jul 29)
- Re: DDOS Simulation Roland Dobbins (Jul 29)
- Re: DDOS Simulation alvin nanog (Jul 30)
- Re: DDOS Simulation Valdis . Kletnieks (Jul 30)
- Re: DDOS Simulation Pavel Odintsov (Jul 27)
- Re: DDOS Simulation Valdis . Kletnieks (Jul 27)
- Re: DDOS Simulation Pavel Odintsov (Jul 27)
- Re: DDOS Simulation alvin nanog (Jul 27)
- Re: DDOS Simulation Pavel Odintsov (Jul 28)
- Re: DDOS Simulation jim deleskie (Jul 28)
- Re: DDOS Simulation Brett Watson (Jul 28)
- RE: DDOS Simulation frnkblk (Jul 29)