Direct NIC Access
Gigabit and 10 Gigabit Ethernet Line-Rate Packet Capture and Injection
PF_RING DNA (Direct NIC Access) is a way to map NIC memory and registers to userland so that there is no additional packet copy besides the DMA transfer done by the NIC NPU (Network Process Unit), unlike what happens with NAPI. This results in better performance as CPU cycles are used uniquely for consuming packets and not for moving them off the adapter. The drawback is that only one application at time can open the DMA ring (note that modern NICs can have multiple RX/TX queues thus you can start simultaneously one application per queue), or in other words that applications in userland need to talk each other in order to distribute packets.
In a nutshell if you like flexibility you should use PF_RING, if you want pure speed PF_RING DNA is the solution. Please note that in DNA mode NAPI polling does not take place, hence PF_RING features such as reflection and packet filtering are not supported.
DNA Performance
We are constantly improving the DNA performance by continuously adding new components and libraries on top of it. You can find some DNA benchmarks here:
Testing DNA
The DNA driver is available for Intel-based 1 and 10 Gbit adapters in source format.
If you want to test the DNA driver, you just need to replace the driver you are using with a DNA driver you can find in the PF_RING/drivers/DNA directory and run your application. Example “pfcount -i dna:dna0″.
DNA DAQ for Snort
Snort users can also benefit of DNA speed when using Snort, one of the most popular IDS/IPS. The native PF_RING DNA DAQ (Snort Data AcQuisition) library is from 20% to 50% faster than the standard PF_RING DAQ part of PF_RING, and it can operate in both IPS and IDS mode.
You can get PF_RING DNA DAQ on the ntop shop site for a little fee that allows us to maintain and develop the code. Universities and research institutions can contact us to get it at no cost.
Get It
If after testing the DNA driver, you decide to use it permanently, you need a license. The DNA driver is available from the ntop web site as specified on the table below. If you are interested in large quantities or if you need a volume discount please contact us.
We are very grateful to Silicom who has subsidized the development of the 10 Gbit DNA driver. In case you want to use the DNA driver and you need a NIC, you can also contact Silicom for getting a free evaluation card. If you need a license for the 10 Gbit DNA driver please click on the link on the table below, or contact us.
| e1000/e1000e | igb | ixgbe | ||
|---|---|---|---|---|
 |
||||
| Capture Rate (Line-Rate) | 1 Gbit/s | 10 Gbit/sec | ||
| Supported Cards | Intel 8254x/8256x/8257x (non igb)/ 8258x (non igb)-based |
Intel 82575/82576/ 82580/I350-based |
Intel 82598/82599 -based |
|
| Operating System | Linux (kernel 2.6.32 or better) | |||
| Traffic Reception |  |
|||
| Traffic Injection | |
|||
| Hw packet filtering | Intel 82599-based/Silicom Director only |
|||
| Hw timestamping (nsec) | Intel 82580/I350-based only |
|||
