Definition

data plane

Rahul Awati

By

Rahul Awati

What is the data plane?

The data plane -- sometimes known as the user plane, forwarding plane, carrier plane or bearer plane -- is the part of a network that carries user traffic. The data plane, the control plane and the management plane are the three basic components of a telecommunications architecture.

In networking, a plane is not a physical component, but an intangible idea that helps conceptualize traffic flows through a network. It refers to a part of the physical network architecture -- or an area of operations -- where certain activities and processes take place.

The control plane and management plane serve the data plane, which bears the traffic that the network is designed to carry. The data plane enables data transfer to and from clients, handling multiple conversations through multiple protocols, and manages conversations with remote peers. In addition, it dictates application behavior and executes everything from service-level agreements and policies to retries and keepalives to ensure network links are available and other scaling or behavior triggers. Data plane traffic travels through routers, rather than to or from them.

Control plane vs. data plane

The control plane is the network component that carries information about the network and programs actions for the data plane. It defines the network topology and controls all activities related to traffic routing and packet forwarding.

This plane is also where routing tables are created by routers -- after processing the packets and using various protocols such as Open Shortest Path First (OSPF), Border Gateway Protocol (BGP) or Intermediate System to Intermediate System -- and where quality of service and virtual LAN are implemented. The routing table provides path details for the data packets. The router will refer to these details to determine where the packet should go. The control panel makes all routing decisions.

Control plane vs. data plane illustration of cars and traffic lights at an intersection. — The stoplights at the intersection represent the control plane, and the cars that obey the stoplights and forward the traffic on the road represent the data plane.

Once the control plane determines how and to which ports packets should be forwarded, the data plane refers to the logic and actually forwards the packets. This is why it is also known as the forwarding plane. Thus, the network layer handles all traffic and moves packets from source to destination based on the actions and logic programmed and supplied to it by the control plane.

After sourcing the traffic, the data plane sends it on to other network-supported devices. Routers then forward the packets downstream to their appropriate destinations. All data plane packets go through routers, and the traffic is tightly controlled to protect the network from malicious network traffic.

In any network, both the data plane and control plane are required in order to move traffic. The data plane cannot function without the control plane because it requires the logic created by the control plane to determine where traffic should go. In contrast, the control plane works independently and doesn't depend on the data plane to determine how and where packets will be transported.

Data plane vs. management plane

The management plane is the area where the network's operations are configured, managed and monitored. It can be considered a subset of the control plane, although it has its own distinct functions, particularly related to configuration and monitoring. Also, the management plane uses protocols such as Simple Network Management Protocol, Secure Shell and Telnet for its configuration and management tasks, whereas the control plane uses protocols such as OSPF and BGP to allow network devices to exchange information.

The management plane is where devices and tools such as switches, routers, command-line interfaces and shells are configured. Their performance is also monitored in the management plane. This plane defines the traffic that will be used to manage and monitor the various network elements. It also ensures the network operates efficiently and securely, blocks unauthorized access, prevents traffic compromise and makes software updates as required.

Both the control and management planes can be considered the high-level planes of a network architecture due to their higher-level functions and also because they operate at a higher layer of the Open Systems Interconnection, or OSI, model. The data plane is considered a low-level plane since it is mainly responsible for forwarding data packets rather than managing and optimizing the network's operations.

Diagram of the OSI model. — The seven layers of the OSI model, where the data plane is considered a low-level plane as it is mainly responsible for forwarding data packets, while the control and management planes can be considered the high-level network architecture planes.

What is SDN and decoupling of control and data planes?

In conventional networking, all three planes in the network topology are implemented in the firmware of routers and switches. Packets travel through routers and are forwarded by the data plane based on information provided by the routing tables -- created in the control plane -- and with the help of routing protocols.

Software-defined networking (SDN) decouples the data and control planes and implements the data plane in software instead, which enables programmatic access to make network administration much more flexible.

Software-defined networking diagram. — SDN architecture separates the network into three distinguishable layers, connected via northbound and southbound APIs. It decouples the data and control planes, implementing the former in software instead.

Decoupling means that the two planes function autonomously and are unaware of each other. Doing so allows dynamic access and administration. A network administrator can shape traffic from a centralized control console without having to touch individual switches. The administrator can change any network switch's rules when necessary -- prioritizing, deprioritizing or even blocking specific types of packets with a very granular level of control.

Decoupling also makes it easier to troubleshoot the network architecture. Further, it helps with the creation of a more scalable and flexible infrastructure that can more easily keep up with evolving business requirements.

Read about the five different types of network management and network management tasks and best practices. Explore the importance of unified, end-to-end network management and how to plan a network management strategy for multiple tools. Learn what SDN data center controllers do in a network and what software-defined LAN means for campus virtualization. Check out three factors involved in SDN security and how SD-WAN technology uses SDN concepts to distribute network traffic across a wide area network.

This was last updated in October 2023

Continue Reading About data plane

Ultimate guide to network management in the enterprise

The control plane has landed

Types of network topologies

Software-based routing on its way to become the new normal

Dig Deeper on Network infrastructure

Search Unified Communications

UCaaS vs. CCaaS vs. CPaaS: What's the difference?
It can be difficult to make sense of popular cloud communications service models. Compare UCaaS vs. CCaaS vs. CPaaS to understand...
5 steps to address hybrid meeting equity
Taking the steps necessary to ensure that employees can attend meetings, regardless of location, takes time, but new tools can ...
Hybrid meeting technology helps AV teams address equity
Ensuring remote and in-office workers share the same meeting experience is a constant challenge. Vendors are helping companies ...

Search Mobile Computing

5 top mobile security courses and certifications for IT
To stay on top of new threats, IT pros can test their skills with mobile security training. Explore the top programs to learn ...
How to incorporate smishing into security awareness training
Smishing is a major threat on enterprise smartphones, but users might not know how it compares to traditional email phishing. IT ...
Building mobile security awareness training for end users
Do concerns of malware, social engineering and unpatched software on employee mobile devices have you up at night? One good place...

Search Data Center

Single-tenant vs. multi-tenant cloud architecture
Single-tenant and multi-tenant cloud architecture offer unique advantages and disadvantages. Understanding both is crucial for ...
Nutanix platform may benefit from VMware customer unrest
Nutanix's Next 2025 conference attendees are jumping ship to the platform after Broadcom's VMware buy, as Nutanix executives plan...
Nutanix CEO talks customer challenges and platform updates
Many customers are still looking for a VMware exit and need a modernized platform, Nutanix President and CEO Rajiv Ramaswami says...

Search ITChannel

AWS Marketplace channel partners rev software, service sales
Partners are building a new route to market on AWS Marketplace. One has surpassed $1 billion in total sales and another expects ...
Guide to building and executing an MSP business model
This managed service guide provides an overview of the business model, covers the basics of building a service provider business ...
Partner's Apple Watch referee app lets NHL stripes keep focus
Presidio designed the NHL Watch Comms App to sync with a hockey arena's game and penalty clocks and use haptic notifications to ...

Close