I would like to simulate packets reordering for UDP packets on Linux to measure the performance and fault tolerance of my application.
Is there a simple way to do this?
look into WANEM
WANem thus allows the application
development team to setup a
transparent application gateway which
can be used to simulate WAN
characteristics like Network delay,
Packet loss, Packet corruption,
Disconnections, Packet re-ordering,
Jitter, etc.
You can use the "netem" feature built-into the Linux kernel. It is shipped with most modern distributions. netem is a traffic control discipline module which deliberately delays, drops and reorders packets and is highly configurable.
This only works for sending packets (because the queues are outbound only), so you may wish to place a router host with netem between the two test machines, and run netem on both interfaces (with differing parameters if you like).
The easiest way to achieve this is to run netem in a VM to route between two VM networks. I've found this to be quite handy.
You could try scapy. It's a python library to manipulate packets. You could capture a pcap session, with tcpdump, wireshark, whatever, and then replay the captured packets in arbitrary order with scapy.
a=rdpcap("/spare/captures/isakmp.cap")
for pkt in a.reverse():
sendp(pkt)
Depending on how you catpured the packets you may need send(layer 3) rather than sendp(layer 2)
Related
I have 3.8 linux kernel. I have created /sys/class/net in my device to receive control packets i.e. protocol related packets from other devices. However, sometime these protocol messages are too big to receive. Thus, my device gets fragmented data. However, when I did a packet capture, I could see some Frame check sequence errors. My guess is that some packets were lost due to the fragmented data. My protocol relies on IP layer to handle fragmentation rather than handle by itself.
My question is how do I enable or check IP fragmentation support is enabled or not in the linux kernel? The MTU of my network device is 1500 and I am sending 1590 bytes from other host.
AFAIN, there is no way to disable linux IP fragmentation explicitly, for more information ,you can refer to http://lxr.free-electrons.com/source/Documentation/networking/ip-sysctl.txt
is it possible to bond (aggregate) multiple connections over GPRS (usb stick) and use it as one link in linux?
It is technically possible. Linux has a module called bonding which can assemble several interfaces into one logical interface. If you set the mode of the bonding interface to balance-rr, it will distribute the packets between the two interfaces. You will also need a server somewhere to reassemble the traffic that will come from your two links.
However, in practice the results with such setups are awful, especially with high latency and high jitter links like GPRS. The main reason is that you get a lot of out of order delivery and protocols like TCP become crazy in these conditions. So the resulting throughput will never reach the total throughput of the two links.
I am looking for some hints to build a network packet splitter. What i want is some sort of tools/code that split the packets of a logic link (tcp/ip connection for ex.) over several network interfaces.
I used with success the Linux bonding driver, however the best performance is only achieved when the bandwidth/latency of the several network interfaces is similar, since the bonding driver uses round robin packet splitting.
Anyone know any tool that can effectively split packets (not logical links) over network interfaces using a weighted manner, instead of round robin manner?
You can use sysfs to change your bonding mode to a more effective choice for your setup.
/sys/class/net/bond0/bonding/mode
You may have some luck also changing the queue_id in the same place to make different adapters more important.
Take a look at the Linux bonding documentation for information about the settings.
I've been playing around with an ethernet protocol (not IP) constructed using
socket(PF_PACKET, SOCK_RAW, ether_type)
I have a small problem. I've got a packet constructed that has the source and destination mac set to my local cards mac that I've also bound the socket to with bind.
I can receive packets fine from the network.
I'm able to send packets to the degree where I see them appear in wireshark.
However, my listening app doesn't see those packets. It is able to see packets from other sources on the network however.
I should point out that my mac addresses do appear to be being sent in the correct byte order.
Can you send packets to yourself?
Do network cards not loopback?
Does the linux kernel do something special at the IP level for loopback and because I'm below that, ignore me?
Yes, IP "loopback" packets, as you put it, are treated specially. They're looped back internally, not sent out through the interface. So ethernet-level loopback, in this sense, is a special case that doesn't normally need to be supported. Some old 10Mbit ethernet cards were even half-duplex, so it couldn't have worked on that hardware :).
On the other hand, you can buy/make loopback adaptor cables to test network cards. So it must be possible on (hopefully all) modern hardware. And people have used them under linux with AF_PACKET (evidence, though no more details, here).
I guess the next question would be whether your switch supports this. A dumb hub would have to support it, but there's room for a modern switch to get confused. Or maybe disallowing it in fear of an infinite loop of packets.
I'm new on work with linux. I want capture the ethernet packets above the device drivers layer.
I know that all the packets pass through the functions "dev_queue_xmit" to transmit the packet to the upper layer and the function "netfi_rx" for recieving the packet.
How can i "hook" this function to control the ethernet traffic?
what should i work with to accomplish this task?
You might want to check out libpcap (a portable C/C++ library for network traffic capture). There is also an example.
You might want to use raw sockets. http://aschauf.landshut.org/fh/linux/udp_vs_raw/ch01s03.html
See also this question