Introducing Tcpreplay 4.0
by January 24, 2014

Filed under: Networking Technology, Performance Monitoring

Today, we’re excited to annouce another major milestone in open-sourcing our technology: Fred Klassen has officially accepted maintainership of Tcpreplay. After a major overhaul of the internals, we’re excited to release version 4.0.0, to which Fred has contributed extensively.

Tcpreplay is a suite of Free (GPLv3) utilities for editing and replaying previously captured network traffic. Originally designed to replay malicious traffic patterns to Intrusion Detection/Prevention Systems, it has seen many evolutions including capabilities to replay to web servers. Here’s an example of it in action:

    root@pw29:~# tcpreplay -i eth7 -tK --loop 5000 --unique-ip smallFlows.pcap
    File Cache is enabled
    Actual: 71305000 packets (46082655000 bytes) sent in 38.05 seconds.
    Rated: 1194330011.6 Bps, 9554.64 Mbps, 1848020.72 pps
    Flows: 6045000 flows, 156669.03 fps, 71215000 flow packets, 90000 non-flow
    Statistics for network device: eth7
        Attempted packets:         71305000
        Successful packets:        71305000
        Failed packets:            0
        Truncated packets:         0
        Retried packets (ENOBUFS): 0
        Retried packets (EAGAIN):  0

This example takes a network capture (smallFlows.pcap) and replays it back, editing the source IPs on the fly for a more realistic traffic pattern. With this latest version, Tcpreplay can actually saturate the outbound network from a standard laptop or desktop, making it ideal for testing networking monitoring tools or other tools that work with a fully saturated 10G network pipe.

With over 30 years of experience in many aspects of networking and application performance, Fred is currently the VP of Advanced Technology at AppNeta. He is as comfortable tackling some of the world’s most challenging performance issues as he is improving network drivers. Fred holds several patents, and is the inventor of several end-to-end network performance algorithms found in AppNeta’s PathView product. I can’t think of a better person to take over for Tcpreplay, and I’m excited to see how application developers and network engineers alike can do with this tool.

In future posts, Fred will tell you exactly what he did to make Tcpreplay 4.0 so fast, and how we use it internally. If you’re curious right now, go ahead and download Tcpreplay!