PF_RING is a great open-source project that enables extremely fast packet processing on x86 servers, so I was more than delighted when Paolo Lucente of the pmacct fame introduced me to Luca Deri, the author of PF_RING.
When we started chatting, we couldn’t resist mentioning ntopng, another open-source project Luca is working on.
- How it all started and why did Luca decide to start the ntop (and PF_RING) project?
- What is ntopng (next-generation ntop) and why did they rewrite the product?
- What are nprobe and nbox?
- The distributed architecture of ntopng, including probes, data sources, collectors, and the central analyzing engine;
- Combining ntop and elastic search;
- Why it makes sense to convert all data into JSON format?
- What are the problems of 40GE packet capture?
- How can you do high-speed DDoS prevention with ntopng?
Not surprisingly, we never got to PF_RING (but don’t worry about that, it’s already in the recording pipeline ;).