There are some situations when network and system administrator(s) may need to UDP flood network devices with the purpose of testing them under stress. The preferred method I use is by means of a Perl script created by Ivan Pepelnjak from ioshints.info. The script is highly configurable allowing the user to dictate the amount of bandwidth to be used during the flood, and the port to name a few. Note: Windows users will need to install either ActivePerl or Strawberry Perl.
flood.pl –port port –size bytes –time seconds –bandwidth kbps –delay msec target-ip-address
In its simplest form you can ignore the extra parameters and issue:
script_name.pl 192.168.1.10
For an explanation of the parameters visit wiki.nil.com/UDP_flood_in_Perl.
#!/usr/bin/perl
#####################################################
######################################################
use Socket;
use strict;
use Getopt::Long;
use Time::HiRes qw( usleep gettimeofday ) ;
our $port = 0;
our $size = 0;
our $time = 0;
our $bw = 0;
our $help = 0;
our $delay= 0;
GetOptions(
“port=i” => $port, # UDP port to use, numeric, 0=random
“size=i” => $size, # packet size, number, 0=random
“bandwidth=i” => $bw, # bandwidth to consume
“time=i” => $time, # time to run
“delay=f”=> $delay, # inter-packet delay
“help|?” => $help); # help
my ($ip) = @ARGV;
if ($help || !$ip) {
print <<’EOL’;
flood.pl –port=dst-port –size=pkt-size –time=secs
–bandwidth=kbps –delay=msec ip-address
Defaults:
* random destination UDP ports are used unless –port is specified
* random-sized packets are sent unless –size or –bandwidth is specified
* flood is continuous unless –time is specified
* flood is sent at line speed unless –bandwidth or –delay is specified
Usage guidelines:
–size parameter is ignored if both the –bandwidth and the –delay
parameters are specified.
Packet size is set to 256 bytes if the –bandwidth parameter is used
without the –size parameter
The specified packet size is the size of the IP datagram (including IP and
UDP headers). Interface packet sizes might vary due to layer-2 encapsulation.
Warnings and Disclaimers:
Flooding third-party hosts or networks is commonly considered a criminal activity.
Flooding your own hosts or networks is usually a bad idea
Higher-performace flooding solutions should be used for stress/performance tests
Use primarily in lab environments for QoS tests
EOL
exit(1);
}
if ($bw && $delay) {
print “WARNING: computed packet size overwrites the –size parameter ignoredn”;
$size = int($bw * $delay / 8);
} elsif ($bw) {
$delay = (8 * $size) / $bw;
}
$size = 256 if $bw && !$size;
($bw = int($size / $delay * 8)) if ($delay && $size);
my ($iaddr,$endtime,$psize,$pport);
$iaddr = inet_aton(“$ip”) or die “Cannot resolve hostname $ipn”;
$endtime = time() + ($time ? $time : 1000000);
socket(flood, PF_INET, SOCK_DGRAM, 17);
print “Flooding $ip “ . ($port ? $port : “random”) . “ port with “ .
($size ? “$size-byte” : “random size”) . “ packets” . ($time ? “ for $time seconds” : “”) . “n”;
print “Interpacket delay $delay msecn” if $delay;
print “total IP bandwidth $bw kbpsn” if $bw;
print “Break with Ctrl-Cn” unless $time;
die “Invalid packet size requested: $sizen” if $size && ($size < 64 || $size > 1500);
$size -= 28 if $size;
for (;time() <= $endtime;) {
$psize = $size ? $size : int(rand(1024-64)+64) ;
$pport = $port ? $port : int(rand(65500))+1;
send(flood, pack(“a$psize”,”flood”), 0, pack_sockaddr_in($pport, $iaddr));
usleep(1000 * $delay) if $delay;
}