1IRTT-SERVER(1)                    IRTT Manual                   IRTT-SERVER(1)
2
3
4

NAME

6       irtt-server - Isochronous Round-Trip Time Server
7

SYNOPSIS

9       irtt server [args]
10

DESCRIPTION

12       irtt server is the server for irtt(1).
13

OPTIONS

15       -b addresses
16              Bind addresses (default “:2112”), comma separated list of:
17
18              Format        Address Type
19              ─────────────────────────────────────────
20              :port         unspecified  address  with
21                            port, use with care
22              host          host  with  default   port
23                            2112, see Host formats be‐
24                            low
25              host:port     host with specified  port,
26                            see Host formats below
27              %iface        all addresses on interface
28                            iface  with  default  port
29                            2112
30              %iface:port   all addresses on interface
31                            iface with port
32
33              Note: iface strings may contain * to match multiple interfaces
34
35       -d duration
36              Max test duration, or 0 for no maximum (default 0s, see Duration
37              units below)
38
39       -i interval
40              Min  send interval, or 0 for no minimum (default 10ms, see Dura‐
41              tion units below)
42
43       -l length
44              Max packet length (default 0), or 0  for  no  maximum.   Numbers
45              less than size of required headers will cause test packets to be
46              dropped.
47
48       --hmac=key
49              Add HMAC with key (0x for hex) to all packets, provides:
50
51              • Dropping of all packets without a correct HMAC
52
53              • Protection for server against unauthorized discovery and use
54
55       --syslog=uri
56              Log events to syslog (default don’t use  syslog).   URI  format:
57              protocol://host:port/tag.  Examples:
58
59              URI                        Result
60              ──────────────────────────────────────────────────────
61              local:                     Log  to  local syslog, de‐
62                                         fault tag irtt
63              local:/irttsrv             Log to local  syslog,  tag
64                                         irttsrv
65
66
67              udp://logsrv:514/irttsrv   UDP   to  logsrv:514,  tag
68                                         irttsrv
69              tcp://logsrv:8514/         TCP  to  logsrv:8514,  de‐
70                                         fault tag irtt
71
72              Note: not available on Windows, Plan 9 or Google Native Client
73
74       --timeout=duration
75              Timeout  for  closing  connections  if no requests received on a
76              connection (default 1m0s, see Duration units below).  0 means no
77              timeout  (not  recommended,  especially on public servers).  Max
78              client interval will be restricted to timeout/4.
79
80       --pburst=#
81              Packet burst allowed before enforcing minimum interval  (default
82              5)
83
84       --fill=fill
85              Payload  fill if not requested (default pattern:69727474).  Pos‐
86              sible values include:
87
88              Value        Fill
89              ────────────────────────────────────────
90              none         Echo client payload (inse‐
91                           cure on public servers)
92              rand         Use random bytes from Go’s
93                           math.rand
94              pattern:XX   Use repeating  pattern  of
95                           hex (default 69727474)
96
97       --allow-fills=fills
98              Comma  separated  patterns  of  fill  requests to allow (default
99              rand).  See options for –fill.  Notes:
100
101              • Patterns may contain * for matching
102
103              • Allowing non-random fills insecure on public servers
104
105              • Use --allow-fills="" to disallow all fill requests
106
107       --tstamp=modes
108              Timestamp modes to allow (default dual).  Possible values:
109
110              Value    Allowed Timestamps
111              ────────────────────────────────────
112              none     Don’t allow any timestamps
113              single   Allow a  single  timestamp
114                       (send,   receive  or  mid‐
115                       point)
116              dual     Allow dual timestamps
117
118       --no-dscp
119              Don’t allow setting dscp (default false)
120
121       --set-src-ip
122              Set source IP address on all outgoing packets from listeners  on
123              unspecified  IP  addresses (use for more reliable reply routing,
124              but increases per-packet heap allocations)
125
126       --thread
127              Lock request handling goroutines to OS threads
128
129       -h     Show help
130
131       -v     Show version
132
133   Host formats
134       Hosts may be either hostnames (for IPv4 or IPv6) or IP addresses.  IPv6
135       addresses  must  be surrounded by brackets and may include a zone after
136       the % character.  Examples:
137
138       Type              Example
139       ──────────────────────────────────────
140       IPv4 IP           192.168.1.10
141       IPv6 IP           [2001:db8:8f::2/32]
142       IPv4/6 hostname   localhost
143
144       Note: IPv6 addresses must be quoted in most shells.
145
146   Duration units
147       Durations are a sequence of decimal numbers, each with  optional  frac‐
148       tion, and unit suffix, such as: “300ms”, “1m30s” or “2.5m”.  Sanity not
149       enforced.
150
151       Suffix   Unit
152       ──────────────────────
153       h        hours
154       m        minutes
155       s        seconds
156       ms       milliseconds
157       ns       nanoseconds
158

SECURITY

160       Running an IRTT server that’s open to the outside world  requires  some
161       additional  attention.   For starters, the command line flags should be
162       used to, at a minimum:
163
164       • Restrict the duration (-d), interval (-i) and length (-l)  of  tests,
165         particularly for public servers
166
167       • Set  an HMAC key (--hmac) for private servers to prevent unauthorized
168         discovery and use
169
170       In addition, there are various systemd(1) options available for  secur‐
171       ing  services.   The  irtt.service  file included with the distribution
172       sets some commonly used options, but should not be  considered  exhaus‐
173       tive.
174
175       To  secure  a server for public use, additional steps may be taken that
176       are outside of the scope of this documentation, including but not  lim‐
177       ited to:
178
179       • Installing irtt in an unprivileged container
180
181       • Setting up an iptables firewall (only UDP port 2112 must be open)
182
183       • Setting up a chroot jail
184
185       It  should be noted that there are no known security vulnerabilities in
186       the Go language at this time, and the steps above,  in  particular  the
187       chroot  jail, may or may not serve to enhance security in any way.  Go-
188       based servers are generally regarded as safe because of Go’s high-level
189       language  constructs for memory management, and at this time IRTT makes
190       no use of Go’s unsafe (https://golang.org/pkg/unsafe/) package.
191

EXIT STATUS

193       irtt server exits with one of the following status codes:
194
195       Code   Meaning
196       ──────────────────────────────────
197       0      Success
198
199       1      Runtime error
200       2      Command line error
201       3      Two interrupt signals  re‐
202              ceived
203

EXAMPLES

205       $ irtt server
206              Starts  the server and listens on all addresses (unspecified ad‐
207              dress)
208
209       $ irtt server -d 30s -i 20ms -l 256 --fill=rand --allow-fills=""
210              Starts the server and listens on all addresses, setting the max‐
211              imum test duration to 30 seconds, minimum interval to 20 ms, and
212              maximum packet length to 256 bytes.  Disallows fill requests and
213              forces all return packets to be filled with random data.
214
215       $ irtt server -b 192.168.100.11:64381 --hmac=secret
216              Starts the server and binds to IPv4 address 192.168.100.11, port
217              64381.  Requires a valid HMAC on all packets with  the  key  se‐
218              cret, otherwise packets are dropped.
219

SEE ALSO

221       irtt(1), irtt-client(1)
222
223       IRTT GitHub repository (https://github.com/heistp/irtt/)
224
225
226
227v0.9.0                         February 11, 2018                IRTT-SERVER(1)
Impressum