I just wanted to see what would happen to the CPU of a few Cisco routers if I flooded them with traffic using iperf. Specifically, I wondered if it was possible to ‘weaponize’ iperf by setting up multiple clients sending tons of traffic across a network to an iperf sink.
I set up an iperf server on a 10.3 FreeBSD machine like so:
As you can see, the client at 192.168.0.3 sent 444MB in 60 seconds. What was really interesting to me was the CPU load on the Cisco 2621XM router that is connected to the 10.30.30.0 network……… nearly 90%!!!
From what I understand, the Cisco 2621XM router has an MPC860 processor capable of 88MIPS at 66MHz. I would posit that is is possible to disable a router such as this with an iperf attack coming from multiple devices. I mean, only one iperf client nearly maxed it out.
Now for the more powerful Cisco 2801. CPU utilization hovers near 50%.
Even with multiple clients sending traffic to the iperf server, the CPU utilization never increases. I assume this is due to the CEF (cisco express forwarding) functionality of the router, but I am not for sure.