Router Architecture and Forwarding
Routers are the core devices that move packets between networks. Understanding how a router is built internally, and how it processes each packet, is essential for grasping how the network layer actually works. This section covers the physical components inside a router, how packets flow through them, and the critical distinction between the control plane and data plane.
Router Architecture
Components of Router Architecture
A router has several distinct functional blocks, each handling a different part of the forwarding pipeline.
Routing processor: This is the router's CPU. It runs routing protocols like OSPF and BGP, builds and maintains the routing table, and handles network management tasks (SNMP, CLI access, etc.). Think of it as the "brain" that makes decisions about where traffic should go, but it doesn't touch most packets directly during forwarding.
Switching fabric: The internal interconnect that physically moves packets from an input port to the correct output port. Three common designs exist:
- Memory-based: Packets are copied into the routing processor's memory and then written out to the output port. Simple but slow, since memory bandwidth is the bottleneck.
- Bus-based: A shared bus connects all ports. Only one packet can cross the bus at a time, so the bus speed limits throughput.
- Crossbar (interconnection network): Multiple input-output transfers can happen simultaneously. This is what modern high-speed routers use because it avoids the single-bottleneck problem.
Input ports: Each input port terminates a physical link, handles link-layer processing (e.g., Ethernet frame decapsulation), and performs the forwarding table lookup. The lookup happens here, at line rate, so the packet can be sent to the switching fabric as quickly as possible.
Output ports: These store packets received from the switching fabric, perform link-layer encapsulation, and transmit them onto the outgoing link. Output ports also handle queueing and scheduling when packets arrive faster than the outgoing link can transmit them.
Forwarding engine: The hardware (often a TCAM or similar lookup structure) that consults the forwarding table and determines which output port each packet should be sent to. This runs at each input port to enable per-packet decisions at wire speed.
Process of Packet Forwarding
Here's what happens to a single packet as it passes through a router:
- Arrival and link-layer processing: The packet arrives on a physical link at an input port. The input port strips the link-layer header (e.g., Ethernet frame) and extracts the IP datagram.
- Forwarding table lookup: The forwarding engine at the input port examines the packet's destination IP address and performs a longest prefix match against the forwarding table. This determines the correct output port (and next-hop address).
- Switching: The packet is transferred from the input port to the determined output port through the switching fabric.
- Output processing: The packet is queued at the output port if the outgoing link is busy. Link-layer encapsulation is applied (new Ethernet header with the next-hop's MAC address), and the packet is transmitted on the outgoing link.
If packets arrive at the switching fabric faster than it can transfer them, input queueing occurs. A particularly nasty problem here is head-of-line (HOL) blocking, where a packet at the front of an input queue destined for a busy output port blocks packets behind it, even if those packets could be forwarded to free output ports.
Control Plane and Data Plane
Control Plane vs. Data Plane
This separation is one of the most important architectural ideas in networking.
The data plane handles the per-packet forwarding decision. When a packet arrives, the data plane looks up the destination in the forwarding table and sends the packet to the right output port. This is the fast path, implemented in specialized hardware (ASICs, TCAMs) so it can operate at line rate, processing millions of packets per second.
The control plane figures out what should go in those forwarding tables. It runs routing protocols, exchanges reachability information with neighboring routers, and computes best paths. This is the slow path, implemented in software on the routing processor. It doesn't need to be fast on a per-packet basis because it only updates when the network topology changes.
Why separate them? Because forwarding needs to be extremely fast (nanoseconds per packet), while routing decisions can afford to take milliseconds or longer. Mixing the two would force a tradeoff that hurts both.
Routing Table vs. Forwarding Table
These are related but distinct structures, and confusing them is a common mistake.
| Routing Table | Forwarding Table | |
|---|---|---|
| Built by | Routing protocols (OSPF, BGP) on the routing processor | Derived from the routing table |
| Contains | Full topology info, multiple possible paths, metrics, policy data | Only what's needed for forwarding: destination IP prefix, output port, next-hop address |
| Optimized for | Completeness and correctness | Speed of lookup (longest prefix match) |
| Used by | Routing processor (control plane) | Forwarding engine at each input port (data plane) |
The routing table is the "master record" of everything the router knows about the network. The forwarding table is a streamlined, hardware-friendly version of that information, built specifically so the data plane can make forwarding decisions as fast as possible.