Introduction PF_RING filters have been designed to be efficient and versatile. PF_RING-based applications can use them for both reducing the amount of packets they need to process, and passing incoming packets to kernel plugins for further processing. Years ago, hardware … Continue reading
Released PF_RING 5.1 and TNAPIv2
PF_RING 5.1 is a maintenance release that addresses some issues we identified in 5.0 that we released early this month. We have listen to your comments and tried to improve our software applications both in terms of stability and speed. … Continue reading
PF_RING 5.0 Introduced: DNA 1/10 Gbit and vPF_RING
We’ve just cut the code of PF_RING 5.0. As it contains many changes with respect to the previous version, it deserved a major version number. We refreshed our DNA drivers to 1 Gbit Intel NICs (e1000e and igb families) in … Continue reading
Packet Capture Performance at 10 Gbit: PF_RING vs TNAPI
Many of you are using PF_RING and TNAPI for accelerating packet capture performance, but have probably not tested the code for a while. In the past month we have tuned PF_RING performance and squeezed some extra packets captured implementing the … Continue reading
ntop and Silicom Inc join the forces
Since a few months ntop and Silicom have started to work together on various network-related topics. The idea is to enhance PF_RING and TNAPI in order to offer better products and support for both the community and Silicom customers. Furthermore, … Continue reading
10 Gbit Hardware Packet Filtering Using Commodity Network Adapters
The promise of filtering packets in hardware is not new. Unfortunately filtering network adapters are pretty expensive, not to mention if they run at 10 Gbit. Furthermore many commercial FPGA-based NICs feature hardware packet filtering, but often require card reconfiguration … Continue reading
10 Gbit PF_RING-based Hardware Packet Filtering and Balancing Previewed at the Intel Europe Conference
Intel Research Europe Conference, Bruxelles, May 4th 2010 Luca Deri and Joseph Gasparakis, senior Intel engineer, have previewed a new PF_RING-based technology they have co-developed that allows Linux users to fully exploit the hardware capabilities of the newest Intel X520 … Continue reading
PF_RING and Transparent Mode
PF_RING has been designed for enhancing packet capture performance. This means that the RX path must be accelerated, and in particular a way to accelerate this is by reducing the journey of the packet from the adapter to userland. This … Continue reading
Exploiting Commodity Multi-core Systems for Network Traffic Analysis
This article Improvement of libpcap for lossless packet capturing in Linux using PF_RING kernel patch positions PF_RING (3.x, so some changes are needed when using version 4) against the Linux standard PF_PACKET packet capture facility. In PF_RING v4, due to … Continue reading
Port Mirror vs Network Tap
In order to analyze network traffic, it’s necessary to feed ntop/nProbe with network packets. There are two solutions to the problem: port mirror (also called SPAN in Cisco parlance) network tap Prior to explain the differences between these two solutions, … Continue reading