The traffic flowing into a network device—e.g., a router, switch, bridge, server, and the like—can be logically divided into at least three separate planes: the management plane, control plane, and data plane. In this disclosure, only the control plane and data plane will be discussed. In general, the control plane processes any received or generated data (i.e., control plane data) needed to establish, maintain, or configure the forwarding logic in a network device. Thus, the ultimate destination of control plane data is a network device—either the network device that generated the data or a network device communicatively coupled to the originating network device. In contrast, data plane packets flow through a network device and are forwarded using the forwarding logic established by the control plane. Based on the forwarding logic, the network device forwards the data plane packets to other network devices until the packets reach their ultimate destination, e.g., a user computing device. Accordingly, the data plane is also referred to as the forwarding plane since the destinations of data plane packets are not a network devices.
The manner in which a network device processes a received packet determines whether the packet is data plane traffic or control plane traffic. For example, if a first network device transmits a packet that reconfigures the forwarding logic in a second network device, the packet is considered as part of the control plane in both network devices. However, if that same packet traversed a third network device in order to reach the second network device, because the third network device merely forwarded the packet without processing it further, the packet is part of the data plane of the third network device.
Moreover, traffic flowing in the data and control planes may be divided into a plurality of virtual local access networks (VLANs). A VLAN has the same attributes as a physical local area network (LAN), but allows for end devices to be grouped together even if they are not connected to the same network switch. VLANs are created to provide the segmentation services traditionally provided by routers in LAN configurations. VLANs address issues such as scalability, security, and network management. By using VLANs, a network administrator can control traffic patterns and react quickly to relocations of network devices. VLANs provide the flexibility to adapt to changes in network requirements and allow for simplified administration.
To facilitate understanding, identical reference numerals have been used, where possible, to designate identical elements that are common to the figures. It is contemplated that elements disclosed in one embodiment may be beneficially utilized on other embodiments without specific recitation.