UDP flood in Perl

From CT3

This PERL script provides a simple UDP flood generator. It can flood a single port or random UDP ports on the target host with fixed or varying packet sizes. Alternatively, you can specify the target bandwidth or inter-packet delay to generate controlled constant load in a QoS lab.

Installation

Copy the source file into flood.pl.

Prerequisites

PERL 5.8 distribution, usually pre-installed on a Unix/Linux system. Download the Windows port of PERL from www.activestate.com. No PERL modules not included in the standard PERL distribution are used.

Additional information

Calibration in a QoS lab

Usage guidelines

Usage:

flood.pl --port port --size bytes --time seconds --bandwidth kbps --delay msec target-ip-address

Command line parameters:

port: specifies the destination port. Random port is used if the port parameter is not specified.

Random destination ports might make your life miserable in a QoS lab as each packet generates an independent conversation in the Cisco's fair queuing model, resulting in extremely long show queueing printouts

size: specifies the packet size. Random-sized packets are sent if the size or bandwidth and delay are not specified.
time: duration of the flood (continuous if omitted)
bandwidth: target IP bandwidth
delay: inter-packet delay in miliseconds. Flooding is performed at line/CPU speed if this parameter is not specified.

The program tries to compute meaningful values for the size and delay parameters:

If the bandwidth is specified, but delay and size are not, the size is set to 256 bytes and the delay is computed;
If the bandwidth and delay are specified, the packet size is computed and overrides the size settings (if present);
If the size and delay are specified, the IP bandwidth is computed and reported before the flooding starts;
If only the delay parameter is specified, random-sized packets are sent at the specified intervals.

The delay parameter specifies the packet generation rate, not the inter-packet gap, which might vary based on actual line speeds.

Warnings and Disclaimers

Flooding third-party hosts or networks is commonly considered a criminal activity.
Flooding your own hosts or networks is usually a bad idea.
Higher-performace flooding solutions should be used for stress/performance tests
Accuracy of the flooding degrades as the delay goes below a few milliseconds. It also depends on the CPU load of the flooding host and its operating system (usleep function in PERL is not very precise on Windows platforms).
This tool should be used primarily in lab environments for QoS tests.

Author

Source code

#!/usr/bin/perl
#####################################################
# udp flood.
######################################################

use Socket;
use strict;
use Getopt::Long;
use Time::HiRes qw( usleep gettimeofday ) ;

our $port = 0;
our $size = 0;
our $time = 0;
our $bw   = 0;
our $help = 0;
our $delay= 0;

GetOptions(
	"port=i" => \$port,		# UDP port to use, numeric, 0=random
	"size=i" => \$size,		# packet size, number, 0=random
	"bandwidth=i" => \$bw,		# bandwidth to consume
	"time=i" => \$time,		# time to run
	"delay=f"=> \$delay,		# inter-packet delay
	"help|?" => \$help);		# help
	

my ($ip) = @ARGV;

if ($help || !$ip) {
  print <<'EOL';
flood.pl --port=dst-port --size=pkt-size --time=secs
         --bandwidth=kbps --delay=msec ip-address

Defaults:
  * random destination UDP ports are used unless --port is specified
  * random-sized packets are sent unless --size or --bandwidth is specified
  * flood is continuous unless --time is specified
  * flood is sent at line speed unless --bandwidth or --delay is specified

Usage guidelines:
  --size parameter is ignored if both the --bandwidth and the --delay 
    parameters are specified.

  Packet size is set to 256 bytes if the --bandwidth parameter is used 
    without the --size parameter

  The specified packet size is the size of the IP datagram (including IP and
  UDP headers). Interface packet sizes might vary due to layer-2 encapsulation.

Warnings and Disclaimers:
  Flooding third-party hosts or networks is commonly considered a criminal activity.
  Flooding your own hosts or networks is usually a bad idea
  Higher-performace flooding solutions should be used for stress/performance tests
  Use primarily in lab environments for QoS tests
EOL
  exit(1);
}

if ($bw && $delay) {
  print "WARNING: computed packet size overwrites the --size parameter ignored\n";
  $size = int($bw * $delay / 8);
} elsif ($bw) {
  $delay = (8 * $size) / $bw;
}

$size = 256 if $bw && !$size;

($bw = int($size / $delay * 8)) if ($delay && $size);

my ($iaddr,$endtime,$psize,$pport);
$iaddr = inet_aton("$ip") or die "Cannot resolve hostname $ip\n";
$endtime = time() + ($time ? $time : 1000000);
socket(flood, PF_INET, SOCK_DGRAM, 17);

print "Flooding $ip " . ($port ? $port : "random") . " port with " . 
  ($size ? "$size-byte" : "random size") . " packets" . ($time ? " for $time seconds" : "") . "\n";
print "Interpacket delay $delay msec\n" if $delay;
print "total IP bandwidth $bw kbps\n" if $bw;
print "Break with Ctrl-C\n" unless $time;

die "Invalid packet size requested: $size\n" if $size && ($size < 64 || $size > 1500);
$size -= 28 if $size;
for (;time() <= $endtime;) {
  $psize = $size ? $size : int(rand(1024-64)+64) ;
  $pport = $port ? $port : int(rand(65500))+1;

  send(flood, pack("a$psize","flood"), 0, pack_sockaddr_in($pport, $iaddr));
  usleep(1000 * $delay) if $delay;
}