Whenever software switching nerds get together and start discussing the challenges of high-speed x86-based switching, someone inevitably mentions PF_RING, an open-source library that gives you blazingly fast packet processing performance on a Linux server.

I started recording a podcast with Luca Deri, the author of PF_RING, but we diverted into discussing ntopng, Luca’s network monitoring software. We quickly fixed that and recorded another podcast – this time, it’s all about PF_RING, and we discussed these topics:

• What is the difference between PF_RING and the Linux built-in packet capturing module;
• How can you process over 10 million packets per second per CPU core?
• Do you need special device drivers for PF_RING or can you use the standard Linux NIC drivers?
• How does a packet processing application interact with the PF_RING library?
• How do you spread packets across multiple cores, multiple copies of monitoring application, or even multiple monitoring applications?

To learn more about PF_RING, listen to Episode 30 of Software Gone Wild.