C Python C++ Shell Makefile CMake
EgorBlagov and hhaim Fixed empty templates list issue
- Added scapy_service_dir property to ScapyService, because this path is used in several places (protocols.json, field_engine.json)
- Removed os.chdir, changed to relative paths
- Added test to check if get_templates returns same tempaltes list in several calls

Signed-off-by: Egor Blagov <e.m.blagov@gmail.com>
Latest commit 55fc1ed Jul 30, 2018


TRex Low-Cost, High-Speed Stateful Traffic Generator

TRex is a traffic generator for Stateful and Stateless use cases.

Traditionally, network infrastructure devices have been tested using commercial traffic generators, while performance was measured using metrics like packets per second (PPS) and No Drop Rate (NDR). As the network infrastructure functionality has become more complex, stateful traffic generators have become necessary in order to test with more realistic application traffic pattern scenarios. Realistic and Stateful traffic generators are needed in order to:

  • Test and provide more realistic performance numbers

  • Design and architecture of SW and HW based on realistic use cases

Current Challenges

  • Cost : Commercial State-full traffic generators are expensive

  • Scale : Bandwidth does not scale up well with features complexity

  • Standardization : Lack of standardization of traffic patterns and methodologies

  • Flexibility : Commercial tools do not allow agility when flexibility and changes are needed


  • High capital expenditure (capex) spent by different teams

  • Testing in low scale and extrapolation became a common practice, it is not accurate, and hides real life bottlenecks and quality issues

  • Different feature / platform teams benchmark and results methodology

  • Delays in development and testing due to testing tools features dependency

  • Resource and effort investment in developing different ad hoc tools and test methodologies

TRex addresses these problems through an innovative and extendable software implementation and by leveraging standard and open SW and working on COTS x86/ARM server.

TRex Stateful/Stateless in a Nutshell

  • Fueled by DPDK

  • Generates L3-7 traffic and able to provide in one tool capabilities provided by commercial tools.

  • Stateful/Stateless traffic generator.

  • Scale to 200Gb/sec

  • Python automation API

  • Low cost

  • Virtualization support. Enable TRex to be used in a fully virtual environment without physical NICs and the following example use cases:

    • Amazon AWS

    • TRex on your laptop

    • Docker

    • Self-contained packaging

  • Cisco Pioneer Award Winner 2015

Current TRex DPDK interaces supported

  • Support Physical DPDK 1/2.5/10/25/50/40/100Gbps interfaces (Intel/Mellanox/Cisco VIC/Napatech/Amazon ENA)

  • Virtualization interfaces support (virtio/VMXNET3/E1000)

  • SR-IOV support for best performance

Current Stateful TRex Feature sets (STF)

This feature is for stateful features that inspect the traffic.

  • High scale of realistic traffic (number of clients, number of server, bandwidth)

  • Latency/Jitter measurements

  • Flow ordering checks

  • NAT, PAT dynamic translation learning

  • Learn TCP SYN sequence randomization - vASA/Firepower use case

  • Cluster mode for Controller tests

  • IPV6 inline replacement

  • Some cross flow support (e.g RTSP/SIP)

TRex Stateless feature sets (STL)

This feature is for Stateless features that do routing/switching e.g. Cisco VPP/OVS . It is more packet based.

  • Large scale - Supports about 10-30 million packets per second (mpps) per core, scalable with the number of cores

  • Profile can support multiple streams, scalable to 10K parallel streams

  • Supported for each stream:

    • Packet template - ability to build any packet (including malformed) using Scapy (example: MPLS/IPv4/Ipv6/GRE/VXLAN/NSH)

    • Field engine program

      • Ability to change any field inside the packet (example: src_ip =

      • Ability to change the packet size (example: random packet size 64-9K)

    • Mode - Continuous/Burst/Multi-burst support

    • Rate can be specified as:

      • Packets per second (example: 14MPPS)

      • L1/L2 bandwidth (example: 500Mb/sec)

      • Interface link percentage (example: 10%)

    • Support for basic HLTAPI-like profile definition

    • Action - stream can trigger a stream

  • Interactive support - Fast Console, GUI

  • Statistics per interface

  • Statistics per stream done in hardware/software

  • Latency and Jitter per stream

  • Blazingly fast Python automation API

  • L2 Emulation Python event driven framework with examples of ARP/ICMP/ICMPv6/IPv6ND/DHCP and more. The framework can be extendable with new protocols

  • Capture/Monitor traffic with BPF filters - no need for Wireshark

  • Capture network traffic by redirect the traffic to Wireshark

  • Functional tests

  • PCAP file import/export

  • Huge pcap file transmission (e.g. 1TB pcap file) for DPI

  • Multi-user support

The following example shows three streams configured for Continuous, Burst, and Multi-burst traffic.

stl streams example 02
Figure 1.

A new JSON-RPC2 Architecture provides support for interactive mode

trex architecture 01
Figure 2.

more info can be found here Documentation

TRex Advance Stateful feature sets (ASTF)

With the new advanced scalable TCP/UDP support, TRex uses TCP/UDP layer for generating the L7 data. This open the following new capabilities:

  • Ability to work when the DUT terminates the TCP stack (e.g. compress/uncompress). In this case there is a different TCP session on each side, but L7 data are almost the same.

  • Ability to work in either client mode or server mode. This way TRex client side could be installed in one physical location on the network and TRex server in another.

  • Performance and scale

    • High bandwidth - 200gb/sec with many realistic flows (not one elephant flow )

    • High connection rate - order of MCPS

    • Scale to millions of active established flows

  • Emulate L7 application, e.g. HTTP/HTTPS/Citrix- there is no need to implement the exact protocol.

  • Accurate TCP implementation

  • Ability to change fields in the L7 application - for example, change HTTP User-Agent field

more information can be found here:

What it is not

  • Routing protocol support integration for BGP/ISIS (routem) is internal.

What you can do with it


  • Benchmark/Stress stateful features :

    • NAT

    • DPI

    • Load Balancer

    • Network cache devices

    • FireWall

    • IPS/IDS

  • Mixing Application level traffic/profile (HTTP/SIP/Video)

  • Unlimited concurrent flows, limited only by memory


  • Benchmark/Stress vSwitch RFC2544



Internal Wiki

How to build

Internal Wiki


Report bug/request feature YouTrack


blogs can be found TRex blog

Stateless Client GUI

  • Cross-Platform - runs on Windows, Linux, Mac OS X

  • Written in JavaFx use TRex RPC API

  • Scapy base packet builder to build any type of packet using GUI

    • very easy to add new protocols builders (using scapy)

  • Open and edit PCAP files, replay and save back

  • visual latency/jitter/per stream statistic

  • Free

Github is here trex-stateless-gui

t g1
Figure 3.

Sandbox for evaluation

Try the new Devnet Sandbox TRex Sandbox

Who is using TRex?


  • Improve advanced Stateful capability

    • Simulate latency/jitter/drop in high rate

    • Integration with OpenSSL. Work on top of TLS

  • Stateless

    • scalable and more flexible per stream statistic

    • mini L2 emulation services. Will run in server side for emulation protocols in paralel to traffic