I need to measure IPTables/inline Snort impact on performance, so need to put my test server under a good load.
Unfortunately, no hardware traffic generator is available, thus connections must be real - e.g. come from other machines (have some in same network) and use some daemon. It's not like sending 1000's of packets to see how they go rejected and dropped, the connections must be over a minute long and carry some data.
Any good solutions to simulate a thousand of long connections from a Linux machine?
I would probably just setup a lightweight HTTP server like nginx. Have it serve up a large file that will make the connection last a while, and then just use any of standard HTTP testing utilitles like
ab
.If you really want to test IPTables, you would want a lot of different source IPs as well. But, unless you have a very complex ruleset I wouldn't bother with that step -- 2000 connections is nothing for iptables.
You don't need a hardware traffic generator in order to generate heavy load, any packet crafting tool should suffice. I'll post a few links to some tools I have used for similar functions.
Hping http://www.hping.org/ and a tutorial for your case http://www.security-forums.com/viewtopic.php?p=43074
Nemesis http://nemesis.sourceforge.net/
Ftester http://www.inversepath.com/ftester.html
Wget http://www.gnu.org/software/wget/ Script opening up 500-2000 connections
I could think of a number of other ways to expand on above, but it would be ideal if we knew what kind of servers you had for actual test logins. I could see doing this with a simple database(server) and login script(client).
Mh, scripting netcat? One of my first hits on "traffic simulator" in Google was this here (please don't beat).
Do you have any specific protocols to be handled? There are a multitude of load testers for things like SMB performance or SQL queries, but your question does not even state if you are aiming for TCP only or if you have significant UDP loads, multicast traffic or other rather specific things in mind.
IxChariot, http://www.ixchariot.com/
I don't sell it. I don't get compensation for its sale. I did once work for the manufacturer of it (1998) and wrote the first training class for it.
You should be able to license it for a term use through one of the IxChariot partners for the term of your testing effort. Scales easily to 10,000 concurrent connections and it is easy to use for those with either a networking or performance testing background.