DEV.co
Open-Source Testing · Shopify

toxiproxy

Toxiproxy is a TCP proxy tool that simulates network failures and degradation for testing application resilience. It lets you inject latency, packet loss, timeouts, and outages into connections during development and testing without requiring root access or platform-specific tools.

Source: GitHub — github.com/Shopify/toxiproxy
12.1k
GitHub stars
503
Forks
Go
Primary language
MIT
License (OSI-approved)

Key facts

Objective fields from the source. Values we can't verify are shown as “Unknown” rather than guessed.

FieldValue
RepositoryShopify/toxiproxy
OwnerShopify
Primary languageGo
LicenseMIT — OSI-approved
Stars12.1k
Forks503
Open issues105
Latest releasev2.12.0 (2025-03-18)
Last updated2026-07-06
Sourcehttps://github.com/Shopify/toxiproxy

What toxiproxy is

Written in Go, Toxiproxy intercepts TCP connections and applies configurable "toxics" (latency, bandwidth limits, reset, slicer, timeout, down, slow_close, packet_loss, limit_data) via an HTTP API. It supports deterministic tampering for unit tests and randomized chaos for integration tests, with client libraries available in Ruby, Python, Java, Node.js, Go, Rust, Elixir, Haskell, and PHP.

Quickstart

Get the toxiproxy source

Clone the repository and explore it locally.

terminalbash
git clone https://github.com/Shopify/toxiproxy.gitcd toxiproxy# follow the project's README for install & configuration

Need it deployed, integrated, or customized instead? DEV.co ships production installs.

Best use cases

Resilience Testing in CI/CD

Verify applications handle network faults gracefully (timeouts, connection drops, latency spikes) before production deployment. Integrates directly into test suites without root or platform-specific dependencies.

Chaos Engineering for Multi-Service Systems

Simulate failure modes in microservices architectures: database disconnects, downstream service lag, partial outages. Deterministic failures enable repeatable test cases; randomized chaos enables exploratory testing.

Local Development & Debugging

Reproduce production failure scenarios locally by proxying connections to databases, message queues, or external services through Toxiproxy and applying controlled faults.

Implementation considerations

  • Client library selection must match Toxiproxy server version (2.x servers require 2.x clients); breaking API changes exist between major versions.
  • Populate proxy routes in application boot code before establishing connections; routing must be configured before tests/scenarios run.
  • Toxics are scoped to individual proxies and can be applied upstream (client→proxy) or downstream (proxy→upstream); ensure toxic direction matches test intent.
  • Memory and CPU overhead scales with connection count and data volume; monitor when proxying high-throughput services.
  • HTTP API access should be restricted to localhost or trusted networks in test environments; no built-in authentication.

When to avoid it — and what to weigh

  • Requires Protocol-Level Inspection — Toxiproxy operates at the TCP layer and applies generic network conditions. It cannot parse or selectively corrupt application-level protocol data (e.g., specific HTTP endpoints or message fields).
  • Production Traffic Manipulation — Toxiproxy is designed for testing/CI/dev environments. Using it in production to proxy live traffic introduces latency, memory overhead, and a single point of failure without security hardening.
  • High-Frequency, Low-Latency Scenarios — Toxiproxy adds measurable overhead. Applications requiring microsecond-level latency or extremely high throughput may find the proxy introduces too much jitter or becomes a bottleneck.
  • UDP or Non-TCP Protocols — Toxiproxy is TCP-only. Applications using UDP, gRPC over HTTP/2 with connection reuse, or custom binary protocols may require alternative tooling or integration patterns.

License & commercial use

Licensed under MIT (MIT License), a permissive OSI-approved license allowing commercial use, modification, and distribution with minimal restrictions.

MIT license permits commercial use without restrictions. Shopify maintains and uses Toxiproxy internally in production development and CI environments. No license fees or commercial support obligations; support and contributions are community-driven via GitHub.

DEV.co evaluation signals

Editorial assessment — not user reviews. Directional, with an explicit confidence level.

SignalAssessment
MaintenanceActive
DocumentationStrong
License clarityClear
Deployment complexityLow
DEV.co fitStrong
Assessment confidenceHigh
Security considerations

Toxiproxy is designed for test/dev/CI use, not production. HTTP API lacks authentication; access should be restricted to localhost or trusted networks. No encryption of traffic between Toxiproxy and upstream services. Code has been maintained since 2014 by Shopify; specific security audit status unknown. No known CVEs from the data provided, but formal security review requires explicit vendor statement.

Alternatives to consider

Linux tc (traffic control) / NetEm

Native kernel-level network emulation; lower overhead. Drawback: Linux-only, requires root, not suitable for CI/containerized environments, steeper learning curve.

Pumba / Gremlin

Container-native chaos tools for orchestrated fault injection. Drawback: container-focused; less fine-grained TCP-level control, typically require more infrastructure setup.

Mock/Stub Libraries (e.g., Mockito, unittest.mock)

Lightweight, language-native; no external process needed. Drawback: application-level mocks cannot simulate realistic network behavior (jitter, partial data arrival, race conditions).

Software development agency

Build on toxiproxy with DEV.co software developers

Toxiproxy is open-source and ready to integrate into your test suite. Start with the GitHub repository, choose a client library in your language, and begin injecting faults into your development and CI pipelines.

Talk to DEV.co

Related open-source tools

Surfaced by semantic similarity across the DEV.co open-source index.

Related on DEV.co

Explore the category and the services that help you build with it.

toxiproxy FAQ

Does Toxiproxy support TLS/HTTPS?
Toxiproxy proxies at the TCP layer and passes encrypted traffic through unchanged. It can inject network faults (latency, drops) on TLS connections, but cannot inspect or modify encrypted payloads.
Can I use Toxiproxy in production?
Not recommended. Toxiproxy is designed and tested for development, test, and CI environments. Production use introduces a single point of failure, unvetted latency overhead, and lack of security hardening (no auth, encryption, or DDoS protection).
What's the difference between upstream and downstream toxics?
Downstream toxics affect data from client→proxy (simulating client-side issues). Upstream toxics affect data from proxy→upstream (simulating service-side issues). Choose the direction based on which party's failure you want to test.
Do I need to restart Toxiproxy to change toxics during a test?
No. Toxics are applied and removed via the HTTP API at runtime. Most client libraries provide context managers or closures to apply toxics for a test block and clean up automatically.

Work with a software development agency

From first prototype to production, DEV.co delivers software development services around tools like toxiproxy. Our software development agency staffs experienced software developers and web developers for custom software development, web development, integrations, and ongoing support across open-source testing and beyond.

Ready to Test Your Resilience?

Toxiproxy is open-source and ready to integrate into your test suite. Start with the GitHub repository, choose a client library in your language, and begin injecting faults into your development and CI pipelines.