What is the control plane?
The control plane is the part of a network that carries signaling traffic and is responsible for network routing. Control packets originate from or are destined for a router. The concept of planes first originated in the 1980s to address the need to logically separate the functions of an Integrated Services Digital Network framework.
The control plane performs the following functions:
Types of networking planes
Both traditional and cloud-based networks are based on the following three dimensions of network planes:
- The control plane decides all the functions and processes that determine which path data must take by using routing protocols.
- The data plane controls all the functions and processes that determine how to forward packets from one interface to another.
- The management plane controls all the functions related to the control and monitoring of devices.
The control plane and management plane serve the data plane, which bears the traffic that the network carries. The management plane, which carries administrative traffic, is considered a subset of the control plane.
Control plane in networking
In conventional networking, all three planes are installed in the firmware of routers and switches. Software-defined networking decouples the data and control planes, removes the control plane from network hardware and sets it up instead in software. This enables programmatic access control, which makes network administration much more flexible.
Moving the control plane to software enables dynamic access and administration. A network administrator can shape traffic from a centralized control console without having to touch individual switches. The administrator can change any network switch's rules when necessary -- prioritizing, deprioritizing or even blocking specific types of packets with a granular level of control.
Comparing the control plane vs. data plane
Also known as a forwarding plane, the main function of a data plane is to forward packets out of the router. It isn't responsible for determining the best route the packets need to take or the logistics of their transport, which is the job of the control plane.
To understand the relationship and the differences between a control plane and a data plane, visualize stoplights at a city intersection. The control plane is similar to stoplights operating at the intersection, whereas the data plane is comparable to the cars that obey the stoplights and forward the traffic on the road.
The following highlights the main functions and features of a control plane and a data plane.
- manages network topology, security and load balancing;
- maintains the IP routing table;
- performs tasks independently;
- acts as a decision-maker in forwarding data; and
- uses Spanning Tree Protocol, Address Resolution Protocol, Routing Information Protocol and Dynamic Host Configuration Protocol.
What is a cloud control plane?
Similar to a control plane in traditional networking, a cloud-based control plane provides management, routing and orchestration of cloud infrastructure. It can be thought of as the air traffic control of applications that enable the configuration of system baselines and user access roles, as well as how they execute with different systems in the cloud ecosystem.
Cloud architects generally use a cloud plane to interconnect the services, computing power and regions of various cloud providers, such as Amazon Web Services, Google Cloud and Microsoft Azure. Developers can use a control plane for both public and private networks to build flexible and globally accessible back-end apps and services.
As organizations transition to cloud services, the importance of having a secure cloud control plane can't be ignored. Learn the steps to a secure cloud control plane.