This is to announce the availability of PF_RING DNA (Direct NIC Access) that significantly increments performance (up to 80%) when compared with Linux packet capture and PF_RING (non DNA).
PF_RING is polling packets from NICs by means of Linux NAPI. This means that NAPI copies packets from the NIC to the PF_RING circular buffer, and then the userland application reads packets from ring. In this scenario, there are two pollers, both the application and NAPI and this results in CPU cycles used for this polling; the advantage is that PF_RING can distribute incoming packets to multiple rings (hence multiple applications) simultaneously.
PF_RING DNA (Direct NIC Access) is a way to map NIC memory and registers to userland so that packet copy from the NIC to the DMA ring is done by the NIC NPU (Network Process Unit) and not by NAPI. This results in better performance as CPU cycles are used uniquely for consuming packets and not for moving them off the adapter. The drawback is that only one application at time can open the DMA ring, or in other words that applications in userland need to talk each other in order to distribute packets.
In a nutshell if you like flexibility you should use PF_RING, if you want pure speed PF_RING DNA is the solution. Please note that in DNA mode NAPI polling does not take place, hence PF_RING features such as reflection and packet filtering are not supported.
For more information, please have a look at the PF_RING home page.