Test SDWAN using application traffic

1 minute read

Did you know that you could generate application traffic using Ostinato to test your SDWAN and application aware routing deployments?

In this post, I’m going to show you how.

Note that the application traffic generated by Ostinato will be stateless, synthetic traffic for the purpose of allowing your SDWAN edge nodes to detect the application and trigger the right policy — so you can verify your policies.

Ostinato is not stateful, does not support TCP connections and cannot generate fake traffic to websites to increase ad impressions etc.

Let’s generate Facebook traffic -

  1. Create a new stream
    create new stream

  2. Change packet size to 1500
    set packet size

  3. Select protocols - Mac | Untagged | Ethernet | IPv4 | TCP | Text | Pattern
    set application protocols

  4. Go to Protocol Data tab, click on Internet Protocol ver 4 (IPv4) section and set source and destination IP addresses
    set ip address

  5. Go to Transmission Control Protocol (TCP) section, override the source port and enter any value between 1024 and 65535 (this value MUST be unique for each application flow)
    set source tcp port

  6. Go to the Text Protocol section, change line-ending to CRLF (as required by the HTTP standard) and enter GET / HTTP/1.1<Enter>Host: facebook.com<Enter><Enter><Enter>. Note the multiple enters at the end to insert blank lines - those are REQUIRED - HTTP requests end with two CRLF (0D 0A 0D 0A) - you can verify this in the Packet view tab
    set http request

  7. Go to stream control and set the rates etc.
    set stream rates

To verify if the traffic is generated correctly, I used ntopng which uses nDPI - an open-source deep packet inspection library

ntop detects facebook traffic

Want to generate YouTube traffic instead? Just change Host: facebook.com to Host: youtube.com or any other application as required in the Text Protocol configuration. Remember if you are generating traffic for multiple applications, you MUST give each application a different TCP source port value.

ntop detects application traffic

Not working for you? Double-check the following -

  • Make sure source/destination mac are resolved; otherwise set mode to Fixed and set them manually
  • Make sure the HTTP text ends with at least two CRLF (0D 0A 0D 0A)
  • If sending traffic for multiple applications/protocols, make sure you change the source TCP port numbers so that each flow is unique

I’ve used ntopng/nDPI here for application detection. This procedure should work with other application detection libraries and devices as well. If it doesn’t, let me know and we can try to figure it out together.

Leave a Comment