Hello! My machines have 16GB of memory but traffic generator uses about ~1GB of memory for 10GE link.
On Tue, Jul 28, 2015 at 12:36 AM, alvin nanog <nano...@mail.ddos-mitigator.net> wrote: > > hi pavel > > On 07/28/15 at 12:02am, Pavel Odintsov wrote: >> It's poor man's traffic generator :) > > that's the best kind :-) > as long as it gets the job done and you get to control what it does > >> My test lab is i7 2600 with 2 port Intel X520 10GE and Intel Xeon E5 >> 2604 witj 2 port Intel X520 10GE. > > nice cpu hw > > trick questions for those thinking of generating ddos traffic for testing > > - ?? how much memory was needed to run the traffic generator > > i assume around 1GB of memory for 1gigE interface and i still > can purposely run out of memory while some apps are running > > at 10gigE pci card, > you'd probably want at least 12GB - 16GB of memory > > - some "poor mans apps" to generate traffic ... start w/ nping or hping > > # generate 1,000 Mbit/sec of junk .. floodig is trivial ... > ping -i 0.001 -s 2000 victimIP# > nping --data-length 2000 --rate 1000 victimIP# > socat > iperf ... > # > # generate udp or icmp or arp or tcp traffic > # > # add options to generate large-sized packets > # add options to generate 10Gbit/sec ( number of packet/sec ) > # > # play around with tcp headers > # add options to send MTU=1501 byte but NOT set DF > # add options to send ACK but no request > # > # add options to spoof source and desitination address and ports > > # > # if the host machine become un-available, you've got a problem > # > for host in gw dns ntp http smtp > for protocol in arp icmp udp tcp > nping --protocol [ options ] host.example.com > # hping is nice too > done > done > > # for bonus arp fun ... > attacker# arpspoof gateway victim > attacker# arpspoof victim gateway > > # prevent mitm with: use hard coded arp "/etc/ethers" for linux > > use OpenSSL certs to flag a warning when "attacker" inserted > itself in between gateway and un-aware victim > > pixie dust > alvin > - DDoS-Mitigator.net > >> On Mon, Jul 27, 2015 at 11:59 PM, <valdis.kletni...@vt.edu> wrote: >> > On Mon, 27 Jul 2015 23:32:56 +0300, Pavel Odintsov said: >> > >> >> I would like to recommend MoonGen for generating very high speed >> >> attacks (I have generated up to 56 mpps/40GE with it). >> > >> > OK, I'll bite - what hardware were you using to inject that many packets? -- Sincerely yours, Pavel Odintsov