An atomic bomb from p4lang howto, basically

popcorn time 4 u all… this stuff really rocks!!! pls pls keep the spirit alive!!!

and no, it looks alike a switch in a pizzabox, acts like a router, but a single bad command to the router interface and it nukes a country from the internet 'till you pull all the power cords…

btw it was doable without this if u knew / read rfcs as deep and used your barin as otherz doo… but with this, it just floods the protocols 2 the hell… its a command that will never ever happen, but heyyy, it’s a howto that is not safe 4 work u know… :)))))

and the worst part, if tofino3/barefoot falls somehow (should not as it’s amost complete!!!) then it’s already in the stuff ooor, basically in libpcap already… <— a random yet another one dataplane that the same api can program… already…

^^^^ khmm… a random internet repairman had spoken here…

“a programmable asic, at it’s finest”

basically smaller than your cell phones and it can do that on it’s single lane… :)))) now imagine what happens if i connect “accidentally” all of the 64 ports and “point” them toward and from 300 random locations around this planet?!.. XDDDDD

these pizzaboxes goes 4 bucks on ebay u know… basically a flat is more expensive than do this alone from my county… just sayin’… :((((((

so good news who had the feeling that do dododooooo, so doable but without an rfc complaint bgp stack and a good typesafe-c knowledge u simply wont be able to code it imho… rare/freertr nuked itself on a biig compute node at the bgp-packgen–>openjdk test in 10-15 minutes of warmup 1000/1000 so i just shift+deled the diff and unplugged the node for a while to cool down/etc…:))))))

but in bmv2, and with an , real-bgp.update — [1-10000]*bgp.keepalives-from-p4lang — real-bgp.withdrawal real-bgp.notify imho it’s a fun challenge in mininet and a fun pcap to remember and be that all green in wireshark… :)))))

the packet generator stays in the dpdk and i refuse to understand how to do this in tofino*/barefoot… be that a separate kind of a box; reasoning: so undersea short period of 1-10gbps waste is worth the effort sometimes but 10gbps or above does not most of the use cases…

So I appreciate your enthusiasm, but I have to say that your style of communication makes it difficult to understand whether you have questions for the community, and if so, what are those question? Or if you have an announcement of some project that you would like people to take a look at, what is that project? Or if you are just expressing great enthusiasm over some product or project you have found and tried, and if so, what product or project is that you would like to call attention to?


here basically nothing news 4 u all, just that as is, the howto is in the challenge part of the message, the rest is about the ones who have the barefoot tofino and know how to turn on the packet generator within that… i refuse to tell more at this point…

There are already Tofino-based traffic generators around, e.g., P4TG: 1 Tb/s Traffic Generation for Ethernet/IP Networks | IEEE Journals & Magazine | IEEE Xplore

They are capable of 1 Tb/s + traffic generation.

once again, exactly this is the problem…

11tbps user traffic, colorful optics *wdm, wdwm, cwdm, xpon

mixed with 1tbps attack traffic that the big vendors asics cannot remove and reaches both the routers cards of them

edgecore wedge and 11tbps legit and 1tbps up to the xeon cpu…

allt the protocols time out and the box dies eating 2x800w once i coded this 1-10 loc… :((((

it was the rfc (twamp) but as it’s a cleartext api here that programs openwrts up to tofino3 soon nplang…

u know the rest what i think about this all… :((((

a month of silence 4 me, because the shame i feel now…

ps normally the user cannot abuse nor in dpdk nor on tofino but u know… the possibility is there, and they’re creative…

not to mention the linerate replication (multicast already shipping) and that one is 1 packet in , tofino puts that out to 32x the ports, and as soon as i configure a subinterface to the 400g optics like a vlan then
i packet in 11111111111 packets out… :(((((((

bier… bit indexed explicit replication (rfc) was the feature and we unrolled the loop as there is no inter-packet-knowledge (for loop)

rumors says this year it hits the juniper ptx10k and next year cisco asr9k and cisco8000…

now you see the big picture… :(((((

that 1tbps is nothing compared to abuse multicast (iptv ipradio) or bgp or igp… kabooms the “where to send the packet” protocols of the internet on a router, both the cards in 1-10 seconds of running the abused code… :(((((

now, a tier1 and i can send mpls (address the target interface) from china to usa, and they do have undersea 100gs… :(((((

and no it wont be geant but the universities when they replace their routers to this basically for a hour on 1th jan 2666.

so title as says, popcorn time and bounce the pcaps… i’ll grade them all with a meme… XDDDDDDDDDDDDDDDDD

fun challenge to have the pcap



bmv2 have 2 bgp4 ( neighbors

router bgp 2
niegh frrouting remote-as 1
niegh bird remote-as 3

thenn the above bgp hack… do do do learn internet…

but in bmv2, and with an , real-bgp.update — [1-10000]*bgp.keepalives-from-p4lang — real-bgp.withdrawal real-bgp.notify imho it’s a fun challenge in mininet and a fun pcap to remember and be that all green in wireshark… :)))))

if the tcp sequences are not green its not an issue u know yet… XDDDD

here real means that could be from anywhere, a static hex dump much like the others… just the pcaps, not the codes… or github the codes, it’s a fun challenge… isnt it? atomic bomb from a router, hmmmm… 10 times the cat5e call pulliing systems, anything, u know… (yesterday i had to do that, the snow and the high torque and was not able to leave my flat for a dinner basically…) XDDDD

edit: in the meanwhile, still bgp4 but a different safi/afi than ipv4 unicast:

Multicast routing loops have always been a nightmare to avoid on every hardware target, Tofino or otherwise, P4-programmable or otherwise. Every good engineer can figure this out in a minute when you present the scenario to them. The fact that it happens so rarely is that people try very hard to avoid it if the possibility ever gets close to arising.

now guess what happens 1st of january on an iptv enabled isps not to mention the content provider headends to the satellites, and mostly every evening, and no they just copy-paste… :(((

no get back to the pcaps pls as a challenge, it’s another (funny) way to kill internet…

and yess ships mcast its all the kinds, even the bier one, where you have a 256bit header and we unroll for the asic the bmv2 dpdk ebpf/xdp and the pcap forwarders through the same api… for a year or two or imho 3 now…

ppcaps, pcaps, pcaps… route views, bgp dump, ripe also have similar stuff… it started as a small demo from my on a ripe bof but nowadays you can even replay and compare bgp feeds…

for you in bmv2 it’s 100-200 loc to start a packet generator and send 1 then N then 1 of random hash… hmmmm!!! its just a kind of multicast, and we also do that here: GitHub - rare-freertr/RARE-bmv2: RARE for P4Lang bmv2 dataplane target

but own codes pls, own codes… mininet labs, pcaps, etc…

edit: if you need i can generate a valid bgp handshake with some pings afterwards in 3 minutes?!

imho i can generate a 5+ grade pcap too for 10+ years now… but i would not give you bad ideas, its #nsfw imho… XDDDDDDDDDDD

i mean the first pcap is a must imho, the 2nd one is just the pcap and not the idea…hmmm??

and no no not the packet generator nor multicast but a lazy netadmin against our spaghetty… XDDDDDDDDDDDD

edit, trying to generate the pcaps a minute of popcorn timeeee… XDDDDD

General purpose programming tools can be dangerous. This includes P4, if used unwisely. Here is the gun. There is your foot. Aim to miss your foot when you pull the trigger.

Nothing new here that is specific to P4, right? I can deploy foot-guns in web sites in SQL, in JavaScript, in C, in C++, etc. We call them bugs. They tend to get fixed, more or less.

i dont think soooo…

just popcorn time 4 u all till my next reply… XDDDD

ps: thx for alllowing my comment in, my tests are running for 5-15 more minutes and you’lll see

tilllt hat,

noti#show version | include tool
info command noti#show version | include tool from local:telnet 23 → 36590
2023-06-23 15:16:56.848
quote4: every tool could be used good or bad equally


unatomic bomb for the srv6 telcos…

same exists for mpls btw…

same for the most of the protocols normally…

edit: how to attach a pcap about the bgp challenge 4 u all???!?!?!?

Please do not attach big files in the forum here. I would recommend that if you have a P4 program, test case, and/or pcap files of interest to you, post a single link to a public code repository that contains it.

Note: We don’t need an update every 15 minutes, or even every hour. If you are going to give us a blow-by-blow description of how it is possible to write P4 code that can make it easier to have a denial of service attack on your network, then I think most or all people here already know that. It is NOT news. It is same-old same-old “bugs lead to bad things happening, so try to prevent bugs in the first place, or eliminate them after you find them”.

hmm a .pcap.zstd or .pcap.gz then?

and its still not the packet generator nor the mcast trick (hmmm that is way too uggly instead of the packet generator imho…)

just the software and the bad-admin, but the challenge for you is to make a similar capture but with only p4lang with the above 2 ideas… ip.chksum && tcp.chksum optional… v4 and v6 both is a more fun if you can do both on the same program… right?

edit… well someone have to convert this whole thread to a challenge thread and bounce me there maybe, but imho you’ll get the idea… XDDD

Sorry, the file you are trying to upload is not authorized (authorized extensions: jpg, jpeg, png, gif, heic, heif, webp, avif).

edit: maybe an external link thenn?

edit2: renaming gzip to png maybe?!?!?!?

okk thenn

a directory listing, lynx/links/elinks can browse and download just fine

a pcap and 2 compressed pcaps, 100k max to get them…

to reproduce:

cd src
./ rout-bgp001.tst capture r1 eth1

its a controller functional test for ebgp on 4 autonomous systems

dataplanes that the controller can teach bgp ospf isis mpls etc:

bmv2 through the same api:

cd misc/p4lang in the zip

fofino through the same api:

cd misc/p4bf in the zip

emulated targets for openwrts (ebpf/xdp) libpcap, dpdk through the same api:

cd misc/native in the zip

topology that it starts up and function tests bgp on:

asn1—asn2–asn3—asn4 and each advertise something…

r1—r2–r3—r4 and each advertise something…

think about it all as eu-isp——us-isp

then wireshark and filter to “bgp” (tcp.port==179)

after 2 minutes or so asn2 decides to have the pre-agreed maintenance…

asn1 shortly after notices / starts the work, but first bad copy-paste…

no internet at this point behind eu-isp…

soo he copy-pastes again, and now the log of keepalives…

hmmm it is a more fun pcap than the original idea… XDDDD

for you to have the fun, if you can convert this thread to a challenge thread somehow…

just the bgp messages and be them configurable and so on from a hex dump is fineee btw… and with p4 at least the keepalive replication…

So as far as I can tell, your chosen handle is mc36mc (and you would prefer not to use your name here), and you have worked for quite a number of years on the FreeRtr project:

This looks like an impressive piece of work. Congratulations.

But your style of messages here is often very confusing, or mentioning things that aren’t safe for work. I wish you could make brief clear points that contribute to the discussion, and leave out anything not safe for work. We’d like this to be a place for civil and professional discussion about P4 and networking, and if you have things to say about that, excellent, and welcome.

I gather some of your points are:

  • I (mc36mc) have bought a large variety of equipment and implemented lots of useful networking stuff. Me (Andy): Awesome. Great work.
  • mc36mc: I like to point out how easy denial of service attacks are when you misconfigure or misimplement multicast forwarding in a router. Andy: I grant you that. Yes, it is interesting when you first realize it, but then it becomes just one of the many ways a network can have a denial of service attack.
  • mc36mc: FreeRtr implements features on a general purpose CPU that cannot be implemented in P4 on most devices that are P4-programmable. Andy: Agreed. P4 isn’t trying to be a general purpose programming language. It is trying to be a programming language with limited capabilities that fit well on devices that beat general purpose CPUs by an order of magnitude or more in their packet forwarding capabilities and price/power/performance ratios for that purpose. That is the reason GPUs exist (to beat general purpose CPUs by a large factor at what GPUs are good at), and that is the reason P4 exists.

“once you fixed the previous post” - If you want me to edit something in my previous post, please state exactly how you want me to edit it. Your last message was unclear (to me) on this point.

I will honor your wish, but on your comment of “then i’ll shift+del all my and normally you should tooo…”

the intent of this forum is to say things that you mean, and intend to be heard by anyone in the world who might be reading, not to say things briefly and then delete them. Creating a searchable archive of discussions about P4 is one of the main REASONS that this forum exists.

1 Like

This is not a good place to post files directly. Post links to places they are published. It’s a simple rule to remember.

I don’t think most people here are interested in looking at a pcap file, unless there is some particular REASON that they are told it is an interesting pcap file to look at. I haven’t read anything you’ve written, where I believe I’ve understood what you meant, that has motivated me to want to look at any pcap file you have mentioned. Be clear, concise, and to the point, and explain the relevance or importance of what you are talking about.

1 Like