I'm working on an upgrade of a RADIUS server and I need the ability to verify that my changes won't alter the behavior of the server. So what would be really nice is a way to record all the network traffic going to my RADIUS server with a tool like tcpdump and then resend it to my test server and compare the results. As luck would have it, there is such a tool and it's named tcpreplay.

While I haven't run the full tests on my RADIUS server, I have done a few simple tests with ICMP and UDP packets just to verify that it will work with protocols other than TCP, despite its name. It does. Here's an example.

In on root shell, run the following command to capture packets:

# tcpdump -np -s0 -i eth1 -w icmp.pcap icmp and dst host 192.0.20.1

Then, in another shell, start a ping to the IP address in question:

$ ping -c 5 192.0.20.1
PING 192.0.20.1 (192.0.20.1) 56(84) bytes of data.
64 bytes from 192.0.20.1: icmp_seq=2 ttl=64 time=1.63 ms
64 bytes from 192.0.20.1: icmp_seq=3 ttl=64 time=1.49 ms
64 bytes from 192.0.20.1: icmp_seq=4 ttl=64 time=1.55 ms
64 bytes from 192.0.20.1: icmp_seq=5 ttl=64 time=1.55 ms

--- 192.0.20.1 ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4021ms
rtt min/avg/max/mdev = 1.490/1.567/1.639/0.049 ms

Now you've got a PCAP file that you can feed to tcprelay. This is a very basic, and fun, way to run tcprelay so that you can watch and confirm each packet. There are many other options for how you can alter the replay.

# tcpreplay --intf1=eth1 --oneatatime --verbose icmp.pcap
sending out eth1
processing file: icmp.pcap
reading from file -, link-type EN10MB (Ethernet)
15:45:37.376377 IP 192.0.20.189 > 192.0.20.1: ICMP echo request, id 58216, seq 1, length 64
**** Next packet #1 out eth1. How many packets do you wish to send? 1
Sending packet 1 out: eth1
15:45:38.383298 IP 192.0.20.189 > 192.0.20.1: ICMP echo request, id 58216, seq 2, length 64
**** Next packet #2 out eth1. How many packets do you wish to send? 1
Sending packet 2 out: eth1
15:45:39.391925 IP 192.0.20.189 > 192.0.20.1: ICMP echo request, id 58216, seq 3, length 64
**** Next packet #3 out eth1. How many packets do you wish to send? 1
Sending packet 3 out: eth1
15:45:40.394081 IP 192.0.20.189 > 192.0.20.1: ICMP echo request, id 58216, seq 4, length 64
**** Next packet #4 out eth1. How many packets do you wish to send? 1
Sending packet 4 out: eth1
15:45:41.398076 IP 192.0.20.189 > 192.0.20.1: ICMP echo request, id 58216, seq 5, length 64
**** Next packet #5 out eth1. How many packets do you wish to send? 1
Sending packet 5 out: eth1
Actual: 5 packets (490 bytes) sent in 15.14 seconds
Rated: 32.4 bps, 0.00 Mbps/sec, 0.33 pps

Statistics for network device: eth1
Attempted packets: 5
Successful packets: 5
Failed packets: 0
Retried packets (ENOBUFS): 0
Retried packets (EAGAIN): 0