Performance Testing: WinPcap versus Npcap
Wireshark for Windows users are probably familiar with WinPcap. WinPcap is basically the driver that Wireshark and other applications use to communicate with their network adapters.
WinPcap is automatically installed by Wireshark, but few people know that you also could use Npcap. Npcap has a few advantages over WinPcap including:
- Support for Windows 10
- Libpcap version 1.8.1 vs WinPcap (1.0.0)
- You can create and inject loopback traffic
- You can capture raw 802.11 frames from more adapters
Those who read my articles know it was just a matter of time before I put Npcap through its paces. Since WinPcap and Npcap are both drivers, I wanted to see if there were any performance differences.
I decided to set up my traffic generator and measured how many packets Wireshark can capture with either driver.
In my tests, I decided to use Windows 8.1 since WinPcap officially supports it and the GUI interface, rather than the CLI tools. Here is the video of my test:
In conclusion, Npcap outperformed WinPcap, but I always recommend using hardware-based analyzers on ‘busy’ links.
Recommended For You
Most successful IBN deployments focus on the network verification process. Not only is it safe, it also can easily integrate into existing networks and workflows.
Continuous monitoring and baselining of net performance monitoring metrics can reveal problems before users do and prevent complaints on performance degradation.
It's time to move past some common misconceptions and fears about SD-WAN. Here are three common myths you can ignore.
As the routing protocol that runs the Internet, BGP is a key piece of the puzzle that helps you understand how your customers get to you.
From a network planning and design perspective, manually created diagrams drawn by a human architect will continue to be the go-to method for years to come.