A computer network is a collection of interconnected network devices that can exchange data and share resources. In a packet-based network, such as an Ethernet network, the network devices communicate data by dividing the data into small blocks called packets, which are individually routed across the network from a source device to a destination device. The destination device extracts the data from the packets and assembles the data into its original form.
The network devices may include routers, security appliances, network switches, wireless access points, or the like. Routers, for example, maintain tables of routing information that describe routes through the network. A “route” can generally be defined as a path between two locations on the network. Upon receiving an incoming data packet, the router examines destination information within the packet to identify the destination for the packet. Based on the destination, the router forwards the packet in accordance with the routing table.
A network device, such as a router, may include two separate processing planes, a control plane and a forwarding plane. The control plane includes a routing engine that provides an operating environment for a host operating system (OS) and control processes that run network management software, execute routing protocols to communicate with peer routers, maintain and update one or more routing tables, create one or more forwarding tables for installation in the forwarding plane, and manage packet forwarding components, among other functions. For example, a management daemon (MGD), a device configuration daemon (DCD), a routing protocol daemon (RPD), and a chassis management daemon (ChassisD) may all execute in the routing engine using the same kernel. If a kernel panic, error, or trap occurs, which is typically caused by a routing control portion of the code executed by the routing engine, operation of all of the control processes executing in the routing engine may be halted. That is, in this case, a kernel panic caused by a software failure may cause a complete loss of functionality provided by the hardware processing environment in the routing engine and may even trigger a switchover to backup hardware components included in the routing engine.
One solution is to execute the separate control processes in hardware-independent routing engines within a control system physically coupled to a standalone router in a root system domain (RSD)-protected system domain (PSD) system. Each of the routing engines of the control system includes a separate kernel over which to run a separate OS and control processes, such as one or more of MGD, DCD, RPD and ChassisD. In this case, the packet forwarding components of the standalone router are logically partitioned into multiple groups, and each group is assigned to a different one of the routing engines of the control system to form a separate PSD. The routing engine of the standalone router, often referred to as a RSD, maintains control over any remaining forwarding components of the standalone router that are not assigned to one of the PSDs. The RSD-PSD system, however, require a separate physical switch to facilitate communication between the standalone router and the plurality of routing engines located out-of-box in the control system.