skip to Main Content

Napatech Link Capture Software

for Intel® Programmable Acceleration Card with Intel® Arria® 10 GX FPGA

Product Brief

An increasing number of enterprises are exploring the option of building their own network monitoring and cybersecurity solutions. These are based on off-the-shelf servers with standard network interface cards (NICs) and come at a fraction of the cost of custom hardware.

As many monitoring and cybersecurity applications deliver functions that are CPU-bound and computationally intense, however, their performance is directly related to the number of packets the application must process. For such deployments, a standard NIC will typically prove insufficient, causing reduced application performance and potentially a critical loss of packets.

In helping enterprises overcome this challenge, Napatech has made its Link™ Capture Software available for the Intel® Programmable Acceleration Card with Intel Arria® 10 GX FPGA. With this technology, it is now possible to build high-performance, lossless solutions based on standard servers.
Napatech Link™ Capture Software is designed to support a wide range of applications including popular open source tools, such as Suricata and Snort for cybersecurity, Wireshark for network performance monitoring and TRex for traffic generation.

With Napatech Link™ Capture Software on the Intel® Programmable Acceleration Card, we guarantee maximum throughput with zero packet-loss performance and extreme precision, all of which are essential for reliable network performance, test and security analysis.

The solution has been benchmarked across a wide range of third-party, commercial and open source networking and cybersecurity applications, delivering more than triple the performance over servers with standard NIC configurations. This means a third of the required server resources to run the same application. By using fewer servers to achieve target performance, operational costs of rack space, power, cooling and management are significantly reduced.

In addition to the obvious cost benefits, the advantage of building your own solution is that it can provide exactly the level of visibility and insight that you need, as well as include precisely the features you require for your network – nothing more, nothing less.

Intel Arria® 10 GX

The Intel® Programmable Acceleration Card is a PCIe Network Interface Card based on the Intel Arria® 10 GX FPGA. This provides a powerful platform for high-speed, real-time data processing with deterministic and low-latency performance. Designed for integration in standard servers, it supports line-rates up to 40 Gbps.

When combined with Napatech LinkTM Capture Software on a standard server, a powerful, reconfigurable computing platform can be provided to support a broad range of applications, such as Intrusion Detection and Prevention Systems (IDS/IPS), Advanced Threat Detection (ATD), Network Recording, Network and Security Forensics, Network Performance Monitoring (NPM), Lawful Interception, Quality of Experience (QoE) Assurance, Advanced Network Testing and Ethernet Traffic Generation.

• Full theoretical throughput up to 40 Gbps bi-directional
• Supports both 10 Gbps and 40 Gbps line-rates
• Zero packet loss under all conditions
• Deterministic performance
• Precise timestamping of all packets
• PCAP and DPDK API support

FEATURES Link Capture Software
Network Port Support Link speeds:
• 1x 40 Gbps
• 4x 10 Gbps
Pluggable modules • QSFP+ 40GBASE-LR4
• QSFP+ breakout to 4x 10GBASE-SR
• QSFP+ breakout to 4x 10GBASE-CR
Performance • Line rate Rx 40 Gbps for packet size 64 – 10.000 bytes, zero packet loss
• Line rate Tx 40 Gbps for packet size 64 – 10.000 bytes
• Rx burst buffer capacity: 600 ms at 40 Gbps
Host Buffers and Queues • Rx queues: 64
• Tx queues: 128
• Rx buffer size: 1 MB – 1 TB
• Tx buffer size: 4 MB
Rx Packet Processing • HW time stamping with 1 ns resolution
• Multi-port packet merge sequenced in time stamp order
• L2, L3 and L4 protocol classification:
– L2: Ether II, IEEE 802.3 LLC, IEEE 802.3/802.2 SNAP
– L2: PPPoE Discovery, PPPoE Session, Raw Novell
– L2: ISL, 3x VLAN, 7x MPLS
– L3: IPv4, IPv6
• Tunneling support: GTP, IP-in-IP, GRE, NVGRE, VxLAN, Pseudowire
• Filter match conditions:
– Network port, protocol, length check and error condition filters
– Configurable flow definitions, based on 2, 3, 4 or 5-tupple
– Up to 36000 IPv4 or up to 7500 IPv6 2-tupple flows
• Filter actions:
– Drop
– Forward to port
– Forward to specific host Rx queue
– Load distribute over host Rx queues
– Select packet descriptor type
– Optional flow ID in packet descriptor
– Slice
• Hash keys:
– Custom 2 x 128 bits and 2 x 32 bits with separate bit masks
– Symmetric hash keys
– Protocol field from inner or outer headers
• CPU load distribution: Hash key and filter-based
• Packet descriptors:
– PCAP and Napatech descriptor formats
– Time stamp and network port ID
– Header offsets
– Hash key
– Color/tag
– Correlation key
– Protocol and error information
• IP fragment handling:
– First level IP fragmentation
– Filter actions on inner header fields applied to all fragments
• Correlation key (packet finger print)
• Slicing at dynamic offset or fixed offset from start or end of packet
Tx Packet Processing • Replay as captured with nanoseconds precision
• Per port traffic shaping
• Port to any port forwarding
Advanced Statistics • Extended RMON1 per port
• Packets and bytes per filter/color
• Packets and bytes per stream/queue
Time Precision • OS time synchronization
• Time stamp formats: Unix 10 ns, Unix 1 ns, PCAP 1 us, PCAP 1 ns
Monitoring sensors • FPGA temperature level with alarm and software shutdown
Supported OS • Linux kernel 3.10 through 4.7Supported API’s
Supported API’s • PCAP v. 1.8.1
• DPDK v. 18.08
• NTAPI (Napatech API)
Supported Hardware • Intel Programmable Accelerator Card A10 GX
Back To Top