A network service provider offers services to subscribers that access a service provider core network using an access network. Services offered may include, for example, traditional Internet access, Voice-over-Internet Protocol (VoIP), video and multimedia services, and security services. The service provider network may support multiple types of access network infrastructures that connect to service provider network access gateways to provide access to the offered services.
Because the access gateways are positioned near the edge of the service provider network directly upstream from the subscribers and operate to provide an operational endpoint (i.e., terminate) the subscriber connections (e.g., digital subscriber line- or cable-based connections) into the service provider network, the access gateways typically provide mechanisms for identifying subscriber traffic and providing subscriber-specific services. The access gateways apply subscriber policies to manage subscriber traffic on a per-subscriber basis as such traffic traverses the service provider core network boundary.
Network devices, such as access gateways, often include a control unit (e.g., one or more programmable processors and/or circuitry) that provides control plane functionality for the network device. In some cases, the network devices may also include a plurality of forwarding components, such as packet forwarding engines (PFEs), and an internal switch fabric that collectively provide a forwarding plane for forwarding network traffic.
Moreover, a network device may provide client devices with access to private or public layer 3 (L3) networks, such as an L3 virtual private network, the Internet, or other network. Client devices seeking to access the L3 networks address set destination layer 2 network addresses (e.g., Media Access Control (MAC) addresses) of the packets to a gateway MAC address of the network device, which identifies such packets as L3 routable and forwards the packets based on the L3 destination address.