Routing

Hi all,

As we know that transit traffic is handled or processed by the Forwarding Table throught the Forwarding Plane (Packet Forwarding Engine -PFE) in device running Junos OS.

Secondly, Packets addressed to chassis, such as routing protocol information updates, telnet sessions, pings, traceroutes etc are replied from the RE.

Some questions:

1-) What reason(s) does Junos architecture divided into 2 planes?

2-) When there is no entry in the Forwarding Table at the Forwarding Plane, which of RE or PFE does handle or generate the ICMP reply?

3-) Which one of those engines RE/PFE generates the TTL expired messages to packet's source?

4-) Which one of those planes does dealt with unicast and multicast traffic?

My point here is to well understand the RE and PFE...

Thanks,

Ar.

1-) What reason(s) does Junos architecture divided into 2 planes?

Junos (and other vendors too) separate the control and data planes for performance and security. The PFE is specially designed to forward transit packet as fast as possible; The RE would only slow it down.

The RE, on the other hand, can get overwhelmed if it gets too much exception traffic. This could be a form of DoS attack.

2-) When there is no entry in the Forwarding Table at the Forwarding Plane, which of RE or PFE does handle or generate the ICMP reply?

The RE will send ICMP responses when needed for any traffic that was sent to the router.

For transit traffic, if there is no entry in the forwarding plane (the PFE), then the RE may get involved (eg, to send an ARP request).

3-) Which one of those engines RE/PFE generates the TTL expired messages to packet's source?

Traditionally the RE would do this, but in modern routers, (as far as I am aware) this is offloaded to the PFE

4-) Which one of those planes does dealt with unicast and multicast traffic?

That will depend on whether the traffic is sent to the router or through the router.

If the traffic is passing through the router (transit traffic), whether it's multicast or unicast, the PFE will handle it

If the traffic is to the router (exception traffic), it will mostly be handled by the RE

(I say mostly, as some features like CoS and stateless firewall filters can be offloaded to the PFE on a modern router)

Try this video. It looks at control vs data plane (not Juniper specific though)

https://www.youtube.com/watch?v=P9ZMugAf9lU

Thanks for the replies...

How about Syslog for Event Mode and Stream Mode on Junos?

There is Event Mode and Stream Mode Syslog configurations can be enabled on device running Junos as you know....

Can I ask which engine (RE, PFE) does handling Stream or Event Mode traffic?

Secondly, via cli or shell how to determine handling by RE or PFE? Is this possible to see or not?

And thirdly,  there is Trio architecture Chipset on the MX router we can see. Can I ask where this Trio Chipset sits? on the Control or Data Plane? If the performance archieves with separation Control and Data plane, why does Juniper need this Trio Chipset?

Thanks

Ar

Hi,

- stream mode logging is only applicable to SRX devices: Here the services plane can be configured to not send "events" up to the RE to have it do the logging for it, but to insert log directly into the forwarding plane for delivery to the syslog server. https://www.juniper.net/documentation/en_US/junos/topics/concept/security-stream-log-category-overview.html

- Trio is the chipset architecture that makes up the forwarding plane / PFE

Regards

Ulf