cisco 2801 & 2621XM load testing with iperf

I just wanted to see what would happen to the CPU of a few Cisco routers if I flooded them with traffic using iperf.  Specifically, I wondered if it was possible to ‘weaponize’ iperf by setting up multiple clients sending tons of traffic across a network to an iperf sink.

I set up an iperf server on a 10.3 FreeBSD machine like so:

iperf -s

freeBSD iperf server

As you can see, the client at sent 444MB in 60 seconds.  What was really interesting to me was the CPU load on the Cisco 2621XM router that is connected to the network……… nearly 90%!!!

From what I understand, the Cisco 2621XM router has an MPC860 processor capable of 88MIPS at 66MHz.  I would posit that is is possible to disable a router such as this with an iperf attack coming from multiple devices.  I mean, only one iperf client nearly maxed it out.

Now for the more powerful Cisco 2801.  CPU utilization hovers near 50%.

Even with multiple clients sending traffic to the iperf server, the CPU utilization never increases.  I assume this is due to the CEF (cisco express forwarding) functionality of the router, but I am not for sure.

replacing static routes with quagga rip v2 on ubuntu

I have been experimenting with the network traffic generation tool iperf in my home networking lab to load test a few Cisco routers.  I was curious what the CPU load would be on the routers with multiple PC’s sending traffic across several routed subnets.  I configured two PC’s on my workstation segment,,  as iperf clients and set up a dual-core Pentium 4 FreeBSD 10.3 machine as the iperf server that spanned  a Cisco 2801 and a Cisco 2621XM like so:

iperf load testing
iperf lab load test setup

The routers use RIP v2 routing protocol to learn all of the configured routes they have consisting of several VLSM 10.X.X.X and 192.168.X.X networks.   I was initially using static routing on my iperf client PC’s to send packets to the iperf sink PC on the network like so:

sudo route add -net gw

This got somewhat tedious after time, having to run this on multiple machines before I could do any testing.  A few years ago, I had done some experimentation with quagga.  Quagga is a software defined networking utility that can change an x-nix PC into a router that can learn IP routes using protocols like RIPv2, OSPF,  BGP,  I used RIPv2 for simplicity.

FYI: this is not a tutorial on installing or configuring quagga or iperf.  There are many tutorials out there for that.

After configuring quagga and the ripd daemon on my iperf client PC’s,  they automatically learned the routes to all the 10 and 192.168 networks in my lab with no manual configuration on my part.

To see the routes my PC learned via ripd + quagga, run the following command:

telnet localhost zebra
show ip route

Here, you can see the routes the PC learned via RIPv2 from the Cisco routers.

The following tcpdump command can view the RIPv2 packets coming from the PC’s neighboring router:

sudo tcpdump -i eth2 udp port 520 -XX -#

Now, each time I turn on my PC’s, they learn the routes in my lab automatically with no configuration on my part.

Next time, I will post the results of the CPU load on the Cisco routers using iperf testing.