ACK stress test

Hammers a target with a flood of TCP ACK packets to burn raw bandwidth and stress stateful inspection on firewalls and load balancers.

Run ACK test → All methods

600k pps

peak rate

How it works

An ACK flood sends a high volume of TCP packets carrying only the ACK flag, mimicking traffic from already-established sessions. Stateful firewalls and load balancers must check each packet against their connection tables, so the flood both saturates inbound bandwidth and forces costly per-packet state lookups for connections that do not exist. It is a clean way to confirm your edge can drop out-of-state ACKs at line rate before they reach application servers.

Parameters

pps600k ppsPacket rate that drives the bandwidth and state-lookup load.

duration30-600 sRun length, sized to observe how mitigation ramps and holds.

port1-65535Destination port, usually a live TCP service such as 80 or 443.

sources1-manyNumber of source addresses used to spread the flood and exercise tracking.

Run it from the CLI

retro-cli

$ retro run ack --target 203.0.113.45 --port 443 --duration 120

ACK FAQ

Is ACK testing legal?+

Only against infrastructure you own or are authorized to test. RETRO//STRESS requires authorized targets.

What does ACK stress?+

Hammers a target with a flood of TCP ACK packets to burn raw bandwidth and stress stateful inspection on firewalls and load balancers.

Can I combine it with other methods?+

Yes, add it as a step in a packet chain to sequence it with other protocols.