When I first studied IP I came across a term whose meaning I didn’t quite fully understand. That term was “traffic plane”. It was a relatively unclear concept and it didn’t make a lot of sense for a beginner. However, after some reading and some experience its meaning  became apparent.

So, in a few words, what is a traffic plane?

The traffic on a network usually performs more than one function. Packets with similar function are said to belong to the same traffic plane. Therefore a plane is a term that identifies the class that the traffic is a member of.  There are at least 4 traffic planes: 

The Control Plane class of traffic consists of packets that are part of routing and other protocols that are exchanged between network devices for the purpose (i.e. function) of building the network and maintaining the topology. Protocols include BGP, OSPF, IS-IS, ICMP, HSRP, PIM, LDP etc.

The Management Plane class of traffic consists of packets that are part of protocols used to manage, monitor and access network devices. Protocols in this plane include SSH, SNMP, TFTP, Syslog, ROMMON, Netflow etc.

The Data Plane class of traffic consists of packets that originate from and are destined to end hosts. It’s safe to say that network elements (routers, switches, firewalls etc) are almost never a destination for such traffic.  In other words this type of traffic is what routers are designed to quickly forward out towards end users (i.e. transit traffic).

The term Services Plane is used to describe a very specific type of traffic normally found in (large) service provider networks. This type of traffic consists of customer packets that have (customer) network related functions. These packets are also transited through the network but unlike data plane packets they’re processed a bit differently based on enforcing policies and service types. MPLS VPN, SSL/IPSec, QoS  in service provider networks are common examples service plane traffic.