Claude Code was prompted to act as a userspace IP stack on a TUN device, parsing raw IPv4/ICMP packets and computing checksums manually to reply to pings.
Key Takeaways
The prompt ping-respond.md instructs Claude to read hex packets from /dev/tun0 via a Python FIFO helper, parse IPv4 and ICMP headers byte by byte, and write a valid echo reply.
All arithmetic, including one’s complement IP and ICMP checksum calculations, is done by the model with no Python or calculator tools.
Running on Claude Haiku 4.5, round-trip time was 42,593 ms – functional but ~700x slower than a software IP stack.
The author is Adam Dunkels, creator of lwIP, uIP, and the Contiki OS networking stack.
Hacker News Comment Review
Commenters note the stunt has near-zero practical value but raised a real question: reliability at scale – one commenter asked how many pings would be correctly ponged across 1,000 trials with possible model drift.
A practical adjacent use was proposed: pairing LLMs with tshark and pcap files for network troubleshooting, which commenters considered more defensible than real-time packet processing.
Skepticism around using LLMs for any hot-path network task (IDS, packet inspection) was strong; BPF was cited as the correct tool.
Notable Comments
@whizzter: Contextualizes the author as the developer of lwIP, uIP, and Contiki – making this a deliberate expert joke, not naive experimentation.
@twoodfin: Raises reliability question: across 1,000 pings with potential Anthropic load-mitigation changes, how stable is the correct-reply rate?
