Main Content

UDP Flood Script

There are some situations when network and system administrator(s) may need to UDP flood network devices with the purpose of testing them under stress.

The preferred method I use is by means of a Perl script created by Ivan Pepelnjak from ioshints.info. The script is highly configurable allowing the user to dictate the amount of bandwidth to be used during the flood, and the port to name a few.

Note: Windows users will need to install either ActivePerl or Strawberry Perl.

Use

flood.pl --port port --size bytes --time seconds --bandwidth kbps --delay msec target-ip-address

In its simplest form you can ignore the extra parameters and issue:

script_name.pl 192.168.1.10

For an explanation of the parameters visit wiki.nil.com/UDP_flood_in_Perl.

Script Source Code

#!/usr/bin/perl
#####################################################
# udp flood.
######################################################

use Socket;
use strict;
use Getopt::Long;
use Time::HiRes qw( usleep gettimeofday ) ;

our $port = 0;
our $size = 0;
our $time = 0;
our $bw   = 0;
our $help = 0;
our $delay= 0;

GetOptions(
	"port=i" => $port,		# UDP port to use, numeric, 0=random
	"size=i" => $size,		# packet size, number, 0=random
	"bandwidth=i" => $bw,		# bandwidth to consume
	"time=i" => $time,		# time to run
	"delay=f"=> $delay,		# inter-packet delay
	"help|?" => $help);		# help


my ($ip) = @ARGV;

if ($help || !$ip) {
  print <<'EOL';
flood.pl --port=dst-port --size=pkt-size --time=secs
         --bandwidth=kbps --delay=msec ip-address

Defaults:
  * random destination UDP ports are used unless --port is specified
  * random-sized packets are sent unless --size or --bandwidth is specified
  * flood is continuous unless --time is specified
  * flood is sent at line speed unless --bandwidth or --delay is specified

Usage guidelines:
  --size parameter is ignored if both the --bandwidth and the --delay
    parameters are specified.

  Packet size is set to 256 bytes if the --bandwidth parameter is used
    without the --size parameter

  The specified packet size is the size of the IP datagram (including IP and
  UDP headers). Interface packet sizes might vary due to layer-2 encapsulation.

Warnings and Disclaimers:
  Flooding third-party hosts or networks is commonly considered a criminal activity.
  Flooding your own hosts or networks is usually a bad idea
  Higher-performace flooding solutions should be used for stress/performance tests
  Use primarily in lab environments for QoS tests
EOL
  exit(1);
}

if ($bw && $delay) {
  print "WARNING: computed packet size overwrites the --size parameter ignoredn";
  $size = int($bw * $delay / 8);
} elsif ($bw) {
  $delay = (8 * $size) / $bw;
}

$size = 256 if $bw && !$size;

($bw = int($size / $delay * 8)) if ($delay && $size);

my ($iaddr,$endtime,$psize,$pport);
$iaddr = inet_aton("$ip") or die "Cannot resolve hostname $ipn";
$endtime = time() + ($time ? $time : 1000000);
socket(flood, PF_INET, SOCK_DGRAM, 17);

print "Flooding $ip " . ($port ? $port : "random") . " port with " .
  ($size ? "$size-byte" : "random size") . " packets" . ($time ? " for $time seconds" : "") . "n";
print "Interpacket delay $delay msecn" if $delay;
print "total IP bandwidth $bw kbpsn" if $bw;
print "Break with Ctrl-Cn" unless $time;

die "Invalid packet size requested: $sizen" if $size && ($size < 64 || $size > 1500);
$size -= 28 if $size;
for (;time() <= $endtime;) {
  $psize = $size ? $size : int(rand(1024-64)+64) ;
  $pport = $port ? $port : int(rand(65500))+1;

  send(flood, pack("a$psize","flood"), 0, pack_sockaddr_in($pport, $iaddr));
  usleep(1000 * $delay) if $delay;
}