Table of Contents


tcpreplay - replay traffic from a saved tcpdump file


tcpreplay [ -i intf ] [ -l loop count ] [ -r rate | -m multiplier ] file ...


Tcpreplay is a program for replaying network traffic saved in packet-trace files generated using tcpdump(8) 's -w flag.

The basic operation of tcpreplay is to resend all packets from its input file(s) at the speed at which they were recorded, at some specified data rate , or as fast as the hardware is capable of. If no rate or multiplier are given, tcpreplay will replay packets as fast as the hardware will allow. If no file is given, tcpreplay will accept packet data from stdin .


Specify the interface to send packets out on.
Resend the packets at the rate specified (in Mbps).
Resend the packets at a multiple of the speed at which they were recorded.
Resend the pcap file(s) loop count times.

See Also



Matt Undy, Anzen Computing.

The current version is available via HTTP:


tcpreplay can only send packets as fast as your machine's interface, processor, and disk will allow.

``N write attempts failed from full buffers and were repeated'' does not indicate that these packets were not sent, but that the send was retried N times until it succeeded.

Looping captured traffic may simulate odd conditions on a network. For example, opening the same TCP connection multiple times may exhaust resources on machines tracking the connection. The -l flag is provided to allow faster sending on machines with greater I/O constraints.

On BSD-based systems, kernel modifications are required to preserve outgoing link layer source addresses. Refer to the libnet(3) documentation for more information on how to do this.

Please send bug reports to

Table of Contents