Hello, I'm trying to set up hardware filtering on an Intel X520 board. I wanted to check how many filters I could set on this board so I started from the example pfcount_82599.c file and added a loop to add filters sequentially. The function pfring_add_hw_rule fails after ~ 8K filters.
On the PF_RING packets filtering page ( https://www.ntop.org/products/packet-capture/pf_ring/hardware-packet-filtering/), the FAQ mentions that 32K filters are supported: Q. How many filters a 82599-based card typically supports? A. You can have up to 32K hardware filters. I checked the Intel 82599 data sheet and the chapter "Flow Director Filters" mentions both a limit of ~8K filters (the one I seem to hit) and ~32K filters: The 82599 support two types of filtering modes (static setting by the FDIRCTRL.PerfectMatch bit): • Perfect match filters — The hardware checks a match between the masked fields of the received packets and the programmed filters. Masked fields should be programmed as zeros in the filter context. The 82599 support up to 8 K - 2 perfect match filters. • Signature filters — The hardware checks a match between a hash-based signature of the masked fields of the received packet. The 82599 supports up to 32 K - 2 signature filters. Do you know if there is a way to have access to these ~ 32K filters through PF_RING? Best Regards, Raphael
_______________________________________________ Ntop-misc mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop-misc
