Control Plane Components - ACLs

Hi guys, I am reading on High Availabilty and in order to grasp a concept, I am wondering what else the control plane performs besides routing packets (labeled or unlabled). An activity like filtering packets via ACLs, is it a control plane feature as well? Is there a link listing all activities performed by the control plane? 

 

I hope this is not too ambiguous. 

Comments

  • Hi guys, I am reading on High Availabilty and in order to grasp a concept, I am wondering what else the control plane performs besides routing packets (labeled or unlabled). An activity like filtering packets via ACLs, is it a control plane feature as well? Is there a link listing all activities performed by the control plane? 

    Hi, actually the control-plane is never supposed to route packets unless these packets are not manageable via forwarding engines (FIB in Cisco or FEB in Junos) and are punted to the CPU of the device. This is valid also for multilayer switches because they also do have dedicated forwarding engines.

    this is an old blog post but it could be helpful

    http://blog.ine.com/2011/06/15/control-plane-vs-data-plane/

  • Thanks for your response. I wasn't clear in my question... but from reading the blog post, it would appear to me that the process of verifying a packet through a filter is a control-plane function. Even though the packet isn't destined to the router doing the filtering, the router processes that packet against the filter. Am I right in my assumption? 

  • Thanks for your response. I wasn't clear in my question... but from reading the blog post, it would appear to me that the process of verifying a packet through a filter is a control-plane function. Even though the packet isn't destined to the router doing the filtering, the router processes that packet against the filter. Am I right in my assumption? 

    Hi,

    this depends on router architecture. Normally a router engineer, i mean the project engineer that design machines in terms of hardware and software (code), should avoid as much as possible the interference of data-plane processes into CPU operations because this can severely impact the router performance. Nowadays routers never or rarely processes data plane traffic via CPU, thanks to these guys. If you take high class enterprise or SP devices you will realize that there will be more than one forwarding engine for each kind of traffic (L2 or L3 traffic) thus removing any possible effort made by the RSP.

  • leminhleminh ✭✭

    Control Plane is used to protect the cpu or supervisor of the router/switch. The packets such as BPDU, OSPF, EIGRP, BGP, CDP... are considered as control plane packets and should be prioritized during the transist path to the router/switch.

Sign In or Register to comment.