The poor man’s IOS Traffic Generator

CHARGEN

There is a feature that is built-in to TCP known as CHARGEN, whci is short for CHARacter GENerator and it used to be a standard feature in most verions of *nix. Today this feature is disabled for security reasons (detailed in rfc864).There are a few other services in the same feature set of TCP, such as Echo, Discard and Daytime (RFC 862, 863, 867 respectively) and these are also useful.In IOS, Cisco calls all of these ‘small-servers’ and from about Version 12.2 or so, they are disabled by default. So first thing is to enable the service.

Enabling TCP Small Server on IOS


r2#conf t
Enter configuration commands, one per line.
End with CNTL/Z.
r2(config)#service tcp-small-servers
r2(config)#^Z
r2#
000120: *Mar 1 00:28:35.183 UTC: %SYS-5-CONFIG_I: Configured from console by console

You have now enabled a service that is listening for requests. Go to an adjacent router that can reach an IP address on the first router, and telnet to port 19 and a bunch of characters will display on the screen.


r1#telnet 198.18.0.2 19
Trying 198.18.0.2, 19 ...
Open
!"#$%&'()*+,-./0123456789:;?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[]^_`abcdefg
!"#$%&'()*+,-./0123456789:;?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[]^_`abcdefg
h"#$%&'()*+,-./0123456789:;?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[]^_`abcdefg
hi#$%&'()*+,-./0123456789:;?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[]^_`abcdefg
hij$%&'()*+,-./0123456789:;?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[]^_`abcdefg
hijk%&'()*+,-./0123456789:;?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[]^_`abcdefg
hijkl&'()*+,-./0123456789:;?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[]^_`abcdefg
hijklm'()*+,-./0123456789:;?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[]^_`abcdefghijk
lmn()*+,-./0123456789:;?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[]^_`abcdefghijklmno
)*+,-./0123456789:;?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[]^_`abcdefghijklmnop*+,
-./0123456789:;?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[]^_`abcdefghijklmnopq+,-./0
123456789:;?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[]^_`abcdefghijklmnopqr,-./01234
56789:;?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[]^_`abcdefghijklmnopqrs-./012345678
9:;?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[]^_`abcdefghijklmnopqrst./0123456789:;?
@ABCDEFGHIJKLMNOPQRSTUVWXYZ[]^_`abcdefghijklmnopqrstu/0123456789:;?@ABC
DEFGHIJKLMNOPQRSTUVWXYZ[]^_`abcdefghijklmnopqrstuv0123456789:;?@ABCDEFG
HIJKLMNOPQRSTUVWXYZ[]^_`abcdefghijklmnopqrstuvw123456789:;?@ABCDEFGHIJK
LMNOPQRSTUVWXYZ[]^_`abcdefghijklmnopqrstuvwx23456789:;?@ABCDEFGHIJKLMNO
PQRSTUVWXYZ[]^_`abcdefghijklmnopqrstuvwxy3456789:;?@ABCDEFGHIJKLMNOPQRS
TUVWXYZ[]^_`abcdefghijklmnopqrstuvwxyz456789:;?@ABCDEFGHIJKLMNOPQRSTUVW
XYZ[]^_`abcdefghijklmnopqrstuvwxyz{56789:;?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[
]^_`abcdefghijklmnopqrstuvwxyz{|6789:;?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[]^_
`abcdefghijklmnopqrstuvwxyz{|}789:;?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[]^_`abc
defghijklmnopqrstuvwxyz{|}~89:;?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[]^_`abcdefg
hijklmnopqrstuvwxyz{|}~9:;?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[]^_`abcdefghijkl
mnopqrstuvwxyz{|}~ !:;?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[]^_`abcdefghijklmnop
qrstuvwxyz{|}~ !";?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[]^_`abcdefghijklmnopqrst
uvwxyz{|}~ !"#?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[]^_`abcdefghijklmnopqrstuvwx
yz{|}~ !"#$=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[]^_`abcdefghijklmnopqrstuv
wxyz{|}~ !"#$%>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[]^_`abcdefghijklmnopqrst
uvwxyz{|}~ !"#$%&?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[]^_`abcdefghijklmnopq
rstuvwxyz{|}~ !"#$%&'
--SNIP--

This will continue as long as you keep the session open.

Warning

IOS must generate the characters, and this is done by the CPU and is very CPU intensive on a high speed link. You should take some care only do this in the direction that you can terminate the telnet session. Thus do this on a router that is ‘nearest to you’. If you telnet from the far side back to yourself you can flood the connection and cause the router to reload (or worse).I strongly recommend that you practice this in a test environment before you do this in a live environment.

Stop the session

Enter Ctrl-Shift-6 and then x to return to the main console. Then enter ‘disc 1′ to terminate the background connection.


!"#$%&'()*+,-./0123456789:;?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[]^_`abcdefg
h"#$%&'()*+,-./0123456789:;?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[]^_`abcdefg
hi#$%&'()*+,-./0123456789:;?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[]^_`abcdefg
hij$%&'()*+,!

Ctrl-Shift-6 and x was pressed here, you must use the ‘disconnect’ command to clear the session as it will still be running in the background.


rs#disc 1
Closing connection to 198.18.0.1 [confirm]r2#

Some Considerations

While this will definitely generate some traffic, it will not generate large volumes of traffic. Some performance considerations that should think about:

  • the CPU of the remote router to generate the character stream
  • the ability of the WAN link to send traffic
  • the speed at which the router can send the characters to a terminal session.

Specifically, a console session with a 9600 bps rate will not generate a lot of traffic, but a telnet session directly connected at 100Mbps will generate a lot more because the transmission rate between the router and the terminal window is very fast. SSH will be slower since the encryption adds some delay to the process.

Stupid Alert: Think before start

It certainly possible that if you do this on a production network that you could cause a loss of service. You should take some time to think about the implications to your bandwidth, and make sure you know how to stop the CHARGEN, BEFORE YOU START.

You are warned.

Other Posts in A Series On The Same Topic

  1. Cisco IOS CLI Regex: sh ip bgp in (2nd May 2012)
  2. IOS CLI Tip: More accurate pipe commands (1st May 2012)
  3. Cisco Nexus NXOS and Fixing broken “switchto” syntax with alias (18th December 2011)
  4. show ip eigrp topology all (22nd May 2011)
  5. Cisco IOS CLI Shortcuts (6th February 2011)
  6. The poor man's IOS Traffic Generator (19th September 2009)
  7. IOS: "terminal monitor" on, off - logging to your terminal (17th September 2009)
  8. IOS: Console, Terminal, Monitor, VTY - what is what ? (16th September 2009)
  9. IOS: Clearing an interface configuration (13th September 2009)
  10. IOS: Setting Terminal Window Length (10th September 2009)
  11. IOS CLI: show run linenum (9th September 2009)
  12. IOS: Setting the TCP timeout on IOS (14th August 2008)
  13. IOS: enable and .... disable ? (20th July 2008)
  14. IOS: Reverse SSH console access - Part 2 (25th June 2008)
  15. IOS:Open Source Lab DNS and IP addressing (2nd June 2008)
  16. IOS: Reverse SSH console access (29th May 2008)
  17. ip tcp timestamp (14th April 2008)
  18. Cisco ASA and IOS command tip - test aaa-server (18th February 2008)
About Greg Ferro

Greg Ferro is a Network Engineer/Architect, mostly focussed on Data Centre, Security Infrastructure, and recently Virtualization. He has over 20 years in IT, in wide range of employers working as a freelance consultant including Finance, Service Providers and Online Companies. He is CCIE#6920 and has a few ideas about the world, but not enough to really count.

He is a host on the Packet Pushers Podcast, blogger at EtherealMind.com and on Twitter @etherealmind and Google Plus

You can contact Greg via the site contact page.

  • Pingback: My Etherealmind · ip tcp timestamp

  • Mike Fratto

    Greg, why would you want to do this? If you can ping a router, you know it’s up. If you want to load test it, using something like iperf (http://sourceforge.net/projects/iperf/) is going to me much more useful, yah?

    • http://etherealmind.com Greg Ferro

      Let’s see:
      1) It would be very rare that I would have access to a server and be able to run a traffic generation routine. Doubly so for secure networks (and I mean properly secure, not enterprise or business networks).
      2) if you want to test a given link that is between two towns in another country, using iperf isn’t an option. You would break the links in between.
      3) it’s quick and dirty. See the bit about ‘poor mans traffic generator’. Sometimes good enough is enough.

      • Don McClintock

        I have always used tftp transfers of large (or small) files to generate traffic on demand. You can use your laptop or IOS to do it, and turn it on and off easily with a client tool.

  • http://blog.ioshints.info Ivan Pepelnjak

    Some IOS releases have (had?) the ttcp command which is way more efficient than CHARGEN.

    http://www.cisco.com/en/US/tech/tk801/tk36/technologies_tech_note09186a0080094694.shtml

    • http://etherealmind.com Greg Ferro

      Not reliable enough for me to consider. Also, using a server to solve network problems is soft. Real engineers are purists.

      ha ha ha ha ha……just kidding. Whatever works. I actually have a Java implementation for TTCP somewhere.

      • http://blog.ioshints.info Ivan Pepelnjak

        IOS contains TTCP client and server, so you can run it between two routers. Unfortunately the router’s CPU is not powerful enough to fill a high-speed link; we had to deploy dedicated probes for NIL Monitor.

  • apep

    Not for a poor man, but a Pagent IOS image could be sufficient :)

  • Pingback: ip tcp timestamp — My Etherealmind

  • Pingback: Generating traffic from a router | DEVILWAH's BLOG

Subscribe For Weekly Updates by Email

Get a Weekly Summary of Latest Articles and Posts to your Email Inbox Every Sunday

Thanks for signing up. Look for the email from MailChimp & make sure you confirm your email address. You may need to check your spam or gmail settings to be sure of receiving the email.

Note: You can unsubscribe at any time using the link at the bottom of every email.