I have a cluster that perform DDoS test. And my slaves in containers.
So when I start attack from inside container with hping3 as spoofed source ip, cannot send packet. But when not spoofed can send packets.
Actually when I spoofed source IP address target machine can get some packets that have source ip as attacker machine host ip.
And target machine get number of packets less than number of not spoofed attack. I think kernel dropping packets while converting spoofed source ip to host ip.
My container is in privileged mode and bridged network.
How can I handle this ? Any ideas ?