Data plane

Some security policies, however, dictate that the router should drop the packet silently, in order that a potential attacker does not become aware that a target is being protected.

While the Internet Protocol (IP) specification indicates that an Internet Control Message Protocol (ICMP) time exceeded message should be sent to the originator of the packet (i.e. the node indicated by the source address), the router may be configured to drop the packet silently (again according to security policies).

If the packet needs significant processing, such as segmentation or encryption, it may go onto a slower path, which is sometimes called the services plane of the router.

Service planes can make forwarding or processing decisions based on higher-layer information, such as a Web URL contained in the packet payload.

Design of routers intended for home use, perhaps supporting several PCs and VoIP telephony, is driven by keeping the cost as low as possible.

Routers for more demanding applications accept greater cost and complexity to get higher throughput in their forwarding planes.

Higher-performance routers invariably have multiple processing elements, which may be general-purpose processor chips or specialized application-specific integrated circuits (ASIC).

In such designs, the main processor does not participate in forwarding, but only in control plane and management processing.

In the Internet Engineering Task Force, two working groups in the Operations & Maintenance Area deal with aspects of performance.

Early uniprocessing routers usually organized the FIB as a hash table, while the RIB might be a linked list.

A cache miss condition might result in the packet being sent back to the main processor, to be looked up in a slow path that had access to the full routing table.

While well-known general-purpose data structures were first used, such as hash tables, specialized algorithms, optimized for IP addresses, emerged.

These platforms facilitate the use of a software architecture in which the high-performance packet processing is performed within a fast path environment on dedicated cores, in order to maximize system throughput.

[9] Various forms of fast RAM and, eventually, basic content-addressable memory (CAM) were used to speed lookup.

As forwarding bandwidth increased, even with the elimination of cache miss overhead, the shared paths limited throughput.

Cisco VIP 2-40, from an older generation of routers.
Performance Route Processor, from the high-end Cisco 12000 series.