session-replay-tools/tcpcopy

TCPCopy is a tool that copies live network traffic from a production server and replays it against a test or staging server. The problem it solves is realistic testing: synthetic test traffic rarely reflects the actual mix of requests, timing, and behavior that real users produce. By mirroring production traffic onto a separate server in real time, teams can observe how a new version of an application behaves under conditions that closely match what it will face once deployed. The setup involves three servers. The production server, where real users are currently making requests, runs the TCPCopy component. A separate target server, which might be running a new version of the application being tested, receives the copied requests. A third assistant server runs a companion component called intercept, which captures the responses the target server sends and relays just the header information back to TCPCopy. The target server's responses are routed to the assistant server rather than back to users, acting as a dead end so real users are unaffected. Common uses include stress testing by replaying high-traffic periods, regression testing to check that code changes have not broken anything, pre-warming a new server's caches before it goes live, and comparing performance between two versions of an application side by side. TCPCopy is written in C and runs on Linux with kernel version 2.6 or newer. It requires root permissions or a specific network capability to capture raw packets. The tool does not support SSL/TLS traffic and may drop some packets, which means some requests might not be replicated. It is widely used by companies in China according to the README. Installation follows a standard configure, make, make install sequence for both the tcpcopy and intercept components. Additional documentation covering architecture, usage examples, and pre-warming is linked from the README. The full README is longer than what was shown.