Some networking equipment has both control and data planes. The control plane constitutes the logical and physical interfaces that do not themselves transport network data but that set up, monitor, and control the activities of silicon that does. In some designs for network processing units (NPUs), an application executes on an operating system such as Linux on the control-plane CPU, governing the operation and performing housekeeping activities on behalf of packet engines, e.g., multi-core processors that receive and forward Internet Protocol packets. The connection between the control-plane CPU and the data/forwarding plane packet engines can be as intimate as a local-bus connection to a coprocessor, as straightforward as standard PCI, or as arm's length as Ethernet or application-specific network fabric.
In the case of a local bus or of PCI, the control processor can treat the forwarding/data plane processors as specialized peripherals that present, superficially, regular memory-mapped interfaces. In the case of a networked connection between the planes, the fabric interface requires a generic driver (for Ethernet, asynchronous transfer mode, etc.), over which specialized command packets are sent to control the packet processor.
Off-the-shelf NPUs strive to integrate high networking functionality closely tied to the control CPU with local connections. Some early designs, however, have suffered from bandwidth limitations at the control point and in the data plane—data packets can face significant bottlenecks in moving both to and from the control plane, as well as among parallel packet engines within the NPU. Moreover, NPUs with powerful and complex packet-engine sets have proven to be difficult to program. See generally, “Linux is on the NPU Control Plane” by Bill Weinberg, EETimes (posted Feb. 5, 2004).
A “partition” is a term used in network traffic shaping. A partition manages bandwidth for a traffic class' aggregate flows, so that all of the flows for the class are controlled together as one. A “flow” is a specific instance of a connection, session, or packet-exchange activity between hosts. And a “traffic class” is a logical grouping of traffic flows that share the same characteristics—a specific application, protocol, address, or set of addresses.
One can use partitions to: (a) protect mission-critical traffic by guaranteeing that a traffic class always gets a defined amount of bandwidth; (b) limit aggressive, non-critical traffic by allowing that traffic class to consume only a defined amount of bandwidth; (c) divide capacity; and (d) assign bandwidth dynamically to users. All partitions are defined as hierarchical—that is, partitions can contain partitions. This hierarchical approach enables application management for multiple groups, while controlling the group as a whole. For example, an ISP can subdivide a subscriber's partition with child partitions for each of the subscriber's departments.