The Function of the Three Planes of Junos Network OS

By Walter J. Goralski, Cathy Gadecki, Michael Bushong

The architecture of the Junos operating system cleanly divides the functions of control, services, and forwarding into different planes. Each of the planes of Junos OS provides a critical set of functionality in the operation of the network.

image0.jpg

Control plane of Junos network operating system (NOS)

All the functions of the control plane run on the Routing Engine (RE) whether you have a router, switch, or security platform running Junos.

The high-level design of the control plane consists of a set of modules, with clean interfaces between them, and an underlying kernel that controls the modules and manages all the needed communication back and forth among all the components.

The kernel also handles the RE communications with the Packet Forwarding Engine (PFE) and the services. Each of the different modules provides a different control process, such as control for the chassis components, Ethernet switching, routing protocols, interfaces, management, and so on.

The basis of the Junos kernel comes from the FreeBSD UNIX operating system, an open source software system. This mature, general-purpose system provides many of the essential functions of an operating system, such as the scheduling of resources. To transform it into a network operating system, the Juniper engineers extensively modified and hardened the code for the specialized requirements of networking.

You may be wondering if you have a way in Junos OS to protect the control plane itself from a security attack. Yes, you can configure filters and rate-limit the traffic that reaches your RE.

Packet Forwarding plane of Junos NOS

The Packet Forwarding Engine (PFE) is the central processing element of the forwarding plane, systematically moving the packets in and out of the device. In the Junos OS, the PFE has a locally stored forwarding table.

The forwarding table is a synchronized copy of all the information from the RE that the forwarding plane needs to handle each packet, including outgoing interfaces, addresses, and so on. Storing a local copy of this information allows the PFE to get its job done without going to the control plane every time that it needs to process a packet.

Another benefit to having a local copy is that the PFE can continue forwarding packets, even when a disruption occurs to the control plane, such as when a routing or other process issue happens.

Junos Service plane supports variety of service types

The services plane provides special handling required by many different types of packets. By separating the processing of services from other functions of the operating systems, Junos OS is able to support a wide variety of different service types in different kinds of platforms.

These services might include prioritizing a packet carrying time-sensitive information, such as a voice call, ahead of others on a congested link; guarding which users can get to what sections or applications of the network; translating addresses where one network meets another; or mediating how the network serves video content.