A customer asked me at some point if we could evaluate how the CoPP DDOS automated filters on a Juniper MX are triggered and how fast they respond to different types of packets. As such I needed to craft custom traffic. I was not very good at coming up with it for Ostinato or Spirent so I used Scapy to craft the packet. Afterward I took the packet hexdump and input it into Spirent / Ostinato as what the streams from there should generate (that hexdump has indeed all data needed, source/dst addresses included which meant of course that it needs to match what Spirent thinks it has on the interface facing the Juniper device).
Examples of generated packets:
- OSPFv3 IPSEC Encrypted Packets
- BGP Open Packet
- BGP IPv6 Open Packet
- IPSEC ESP Packet
- BGP Update Packet
- ICMP Echo Request
- BFD echo