A network service provider offers services to subscribers that access a service provider core network using an access network. Services offered may include, for example, traditional Internet access, Voice-over-Internet Protocol (VoIP), video and multimedia services, and security services. The service provider network may support multiple types of access network infrastructures that connect to service provider network access gateways to provide access to the offered services.
Because the access gateways are positioned near the edge of the service provider network directly upstream from the subscribers and operate to provide an operational endpoint (i.e., terminate) the subscriber connections (e.g., digital subscriber line- or cable-based connections) into the service provider network, the access gateways typically provide mechanisms for identifying subscriber traffic and providing subscriber-specific services. The access gateways apply subscriber policies to manage subscriber traffic on a per-subscriber basis as such traffic traverses the service provider core network boundary.
Network devices, such as access gateways, often include a control unit that provides control plane functionality for the network device. In some cases, the network devices may also include a plurality of forwarding components, such as packet forwarding engines (PFEs), and a switch fabric that collectively provide a forwarding plane for forwarding network traffic.
The control plane functions provided by the control unit include storing network topologies in the form of routing tables, executing routing protocols to communicate with peer routing devices to maintain and update the routing tables, and providing a management interface to allow user access and configuration of the network device. The control unit maintains routing information that represents the overall topology of the network and defines routes to destination prefixes within the network.
The control unit derives a forwarding information base (FIB) that includes a number of service objects generated and/or allocated by the control unit in accordance with the routing information and control information and installs the service objects to the forwarding components. The data and instructions that constitute the service objects define an internal processing and forwarding path for each incoming packet received by the network device. For example, to generate a route table lookup service object, the control unit selects routes defined by the network topology and maps packet key information (e.g., destination information and other select information from a packet header) to one or more specific next hop network devices and ultimately to one or more specific output interfaces of interface cards of the network device. Typically, the control unit installs the service objects into each of the forwarding components to update the FIB and control traffic processing and forwarding within the forwarding plane. Bifurcating control and forwarding plane functionality allows the FIB in each of forwarding components to be updated without degrading packet forwarding performance of the network device.