Spoofing the origination IP address of an HTTP request

Corey Goldberg picture Corey Goldberg · Jul 25, 2009 · Viewed 33.7k times · Source

This only needs to work on a single subnet and is not for malicious use.

I have a load testing tool written in Python that basically blasts HTTP requests at a URL. I need to run performance tests against an IP-based load balancer, so the requests must come from a range of IP's. Most commercial performance tools provide this functionality, but I want to build it into my own.

The tool uses Python's urllib2 for transport. Is it possible to send HTTP requests with spoofed IP addresses for the packets making up the request?

Answer

Unknown picture Unknown · Jul 25, 2009

This is a misunderstanding of HTTP. The HTTP protocol is based on top of TCP. The TCP protocol relies on a 3 way handshake to initialize requests.

alt text http://upload.wikimedia.org/wikipedia/commons/archive/c/c7/20051221162333!300px-Tcp-handshake.png

Needless to say, if you spoof your originating IP address, you will never get past the synchronization stage and no HTTP information will be sent (the server can't send it to a legal host).

If you need to test an IP load balancer, this is not the way to do it.