pf_ring, 32 thousands of rules and Intel X520

it seems that more and more things are landing in our homes. couple of people that created nTop project with cooperation with Intel, built a device driver for Linux that can forward traffic using Intel X520 directly with 32 thousands of rules applied. 32 thousands is quite a number to serve real-life aggregation or core router, but at the same time it’s more than needed to serve as home firewall. similar things were done in the past in NVidia nForce chipset.

1GE and multiples of them are hardly enough these days to accomodate server fan-out traffic, thanks to growing CPU horsepower, and at the same time, there are already some ISPs that are willing to serve such links to homes. it seems then, that 10GE links may be needed in access layer pretty soon :P