Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
303
Views
3
Helpful
7
Replies

Simulate DoS Attack in CML

Go to solution
Joy3
Level 1
Level 1

‎05-07-2024 11:07 AM

Hallo,

Is there a way to simulate a DoS attack in CML? I am doing a lab on CoPP and an attack is required but I am unable to generate this. Thanks.

0 Helpful
1 Accepted Solution

Accepted Solutions
7 Replies 7

Go to solution
MHM Cisco World
VIP
VIP

‎05-07-2024 11:08 AM

Config CoPP rate 

And ping the device 10000 

This will test your CoPP ' it must drop this high rate of ping traffic 

MHM

0 Helpful

Go to solution
Joy3
Level 1
Level 1
In response to MHM Cisco World

‎05-07-2024 11:15 AM

Joy3_0-1715105588808.png

Hi @MHM Cisco World Thanks for the quick response but I don't quite understand what you mean. Above is the simple topology and the attcket should be from extern. Could you clarify more. 

0 Helpful

Go to solution
MHM Cisco World
VIP
VIP
In response to Joy3

‎05-07-2024 11:28 PM

From extern ping 10000 to R1

MHM

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame

‎05-07-2024 11:10 PM

you can use like kali linux as attacker:

check kali Linux integration with CML

https://community.cisco.com/t5/cisco-modeling-labs-discussions/kali-server-on-cml2/td-p/4450129

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Go to solution
Joy3
Level 1
Level 1

‎05-08-2024 04:38 AM

@MHM Cisco World Thank you, I have used a router to send many icmp packets and a few are dropping , which is what I wanted to test. Thanks so much for always being helpful.

@balaji.bandi Thanks for the suggestion. It will require a bit of effort to get it done but I have found a workaround.

0 Helpful

Go to solution
Joy3
Level 1
Level 1

‎05-08-2024 05:00 AM

@MHM Cisco World Just a curious question. I have explicitly denied icmp packets in the access-list on R2 and applied it in the control plane. However, when R1 pings R2, it only drops a few packets. Why is that so? Part of the config is below:

Joy3_0-1715169347275.png

-------on R2-----------

ip access-list extended ICMP
deny icmp any any

class-map match-all ICMPC
match access-group name ICMP

policy-map ICMPP
class ICMPC
police 8000 conform-action transmit exceed-action drop

control-plane
service-policy input ICMPP
_______________________________________________________________________

R1#ping 192.168.12.2 repeat 100
Type escape sequence to abort.
Sending 100, 100-byte ICMP Echos to 192.168.12.2, timeout is 2 seconds:
!!!!!!!!!!!!!.!!!!!!!!!!!!!.!!!!!!!!!!!!!.!!!!!!!!!!!!!.!!!!!!!!!!!!!.
!!!!!!!!!!!!!.!!!!!!!!!!!!!.!!
Success rate is 93 percent (93/100), round-trip min/avg/max = 1/1/1 ms
R1#

 

Go to solution
MHM Cisco World
VIP
VIP
In response to Joy3

‎05-10-2024 03:16 AM

Hi friend 

policy-map ICMPP
class ICMPC
police 4000 conform-action transmit exceed-action drop

Change the police to be 4000 and check ping loss you need to see now more ping loss 

MHM

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card