Show HN: Blitzping – A far faster nping/hping3 SYN-flood alternative with CIDR I found hping3 and nmap's nping to be far too slow in terms of sending individual, bare-minimum (40-byte) TCP SYN packets; other than inefficient socket I/O, they were also attempting to do far too much unnecessary processing in what should have otherwise been a tight execution loop. Furthermore, none of them were able to handle CIDR notations (i.e., a range of IP addresses) as their source IP parameter. Being intended for embedded devices (e.g., low-power MIPS/Arm-based routers), Blitzping only depends on standard POSIX headers and C11's libc (whether musl or gnu). To that end, even when supporting CIDR prefixes, Blitzping is significantly faster compared to hping3, nping, and whatever else that was hosted on GitHub. Here are some of the performance optimizations specifically done on Blitzping: * Pre-Generation : All the static parts of the packet buffer get generated once, outside of the sendto() tightloop; * Asynchronous : Configuring raw sockets to be non-blocking by default; * Multithreading : Polling the same socket in sendto() from multiple threads; and * Compiler Flags : Compiling with -Ofast, -flto, and -march=native (though these actually had little effect; by this point, the bottleneck is on the Kernel's own sendto() routine). Shown below are comparisons between the three software across two CPUs (more details at the GitHub repository): # Quad-Core "Rockchip RK3328" CPU @ 1.3 GHz. (ARMv8-A) # +--------------------+--------------+--------------+---------------+ | ARM (4 x 1.3 GHz) | nping | hping3 | Blitzping | +--------------------+ -------------+--------------+---------------+ | Num. Instances | 4 (1 thread) | 4 (1 thread) | 1 (4 threads) | | Pkts. per Second | ~65,000 | ~80,000 | ~275,000 | | Bandwidth (MiB/s) | ~2.50 | ~3.00 | ~10.50 | +--------------------+--------------+--------------+---------------+ # Single-Core "Qualcomm Atheros QCA9533" SoC @ 650 MHz. (MIPS32r2) # +--------------------+--------------+--------------+---------------+ | MIPS (1 x 650 MHz) | nping | hping3 | Blitzping | +----------------------+------------+--------------+---------------+ | Num. Instances | 1 (1 thread) | 1 (1 thread) | 1 (1 thread) | | Pkts. per Second | ~5,000 | ~10,000 | ~25,000 | | Bandwidth (MiB/s) | ~0.20 | ~0.40 | ~1.00 | +--------------------+--------------+--------------+---------------+ I tested Blitzping against both hpign3 and nping on two different routers, both running OpenWRT 23.05.03 (Linux Kernel v5.15.150) with the "masquerading" option (i.e., NAT) turned off in firewall; one device was a single-core 32-bit MIPS SoC, and another was a 64-bit quad-core ARMv8 CPU. On the quad-core CPU, because both hping3 and nping were designed without multithreading capabilities (unlike Blitzping), I made the competition "fairer" by launching them as four individual processes, as opposed to Blitzping only using one. Across all runs and on both devices, CPU usage remained at 100%, entirely dedicated to the currently running program. Finally, the connection speed itself was not a bottleneck: both devices were connected to an otherwise-unused 200 Mb/s (23.8419 MiB/s) download/upload line through a WAN ethernet interface. It is important to note that Blitzping was not doing any less than hping3 and nping; in fact, it was doing more. While hping3 and nping only randomized the source IP and port of each packet to a fixed address, Blitzping randomized not only the source port but also the IP within an CIDR range---a capability that is more computionally intensive and a feature that both hping3 and nping lacked in the first place. Lastly, hping3 and nping were both launched with the "best-case" command-line parameters as to maximize their speed and disable runtime stdio logging. https://ift.tt/u58M1sK July 15, 2024 at 02:28PM
Show HN: Blitzping – A far faster nping/hping3 SYN-flood alternative with CIDR https://ift.tt/1eDY4EM
Related Articles
Show HN: Railway – Configless Software Infrastructure https://ift.tt/3m4CuSyShow HN: Railway – Configless Software Infrastructure https://railway.… Read More
Show HN: Built Codegame for developers to create programming games with Markdown https://ift.tt/3zOGQlvShow HN: Built Codegame for developers to create programming games wit… Read More
Show HN: See HN, Twitter discussions and posts mentioning the page you are on https://ift.tt/3upSKRVShow HN: See HN, Twitter discussions and posts mentioning the page you… Read More
Show HN: Pepper – Find Low Carbon Food https://ift.tt/3olQA4NShow HN: Pepper – Find Low Carbon Food https://ift.tt/3B0Sqvv October … Read More
Show HN: Automate Job Application Process https://ift.tt/3oiPU05Show HN: Automate Job Application Process https://lazyapply.com Septem… Read More
Show HN: New Oberon+ IDE based on the Mono CLR – lean and fast https://ift.tt/3mjTcgHShow HN: New Oberon+ IDE based on the Mono CLR – lean and fast https:/… Read More
Show HN: NeutronSync encrypted dot/config file synchronization https://ift.tt/3F82OUtShow HN: NeutronSync encrypted dot/config file synchronization https:/… Read More
Show HN: AirSS is a web-based feed reader that put your privacy first https://ift.tt/3ux5eagShow HN: AirSS is a web-based feed reader that put your privacy first … Read More
0 Comments: