tcpreplay

Replay pcap

$ tcpreplay -i [eth0] [capture.pcap]

$ tcpreplay -i [eth0] -M [100] [capture.pcap]

$ tcpreplay -i [eth0] --loop [10] [capture.pcap]

$ tcpreplay -i [eth0] --topspeed [capture.pcap]

$ tcpreplay -i [eth0] -x [2.0] [capture.pcap]

tcpreplay [-i interface] [-M mbps] [--loop n] [options] pcap

tcpreplay replays previously captured network traffic from pcap files back onto the network. It reads packet captures produced by tools like tcpdump or Wireshark and transmits them through a specified network interface at controlled rates.
The tool provides flexible speed control: traffic can be replayed at the original recorded speed, at a fixed rate in Mbps, at a speed multiplier, or at maximum wire speed with --topspeed. The --loop option repeats the capture file multiple times, and -K preloads the entire file into memory for consistent high-speed replay.
Common use cases include testing network devices like firewalls and IDS/IPS systems, stress-testing network infrastructure, reproducing network issues for debugging, and benchmarking network applications under realistic traffic conditions.

-i IFACE

Output interface.

Rate in Mbps.

Speed multiplier.

Loop count.

Maximum speed.

Preload into memory.

Root required. Raw socket access. May disrupt networks.

tcpreplay was created for replaying captured network traffic for testing network devices and applications.

tcpdump(1), wireshark(1), tcprewrite(1)