How engineers design a network operating system impacts the reliability, security, scalability and performance of not just the devices, but also the overall network, particularly in large-scale systems. The operating system must handle the many different processes essential to running today’s global networks, while also assuring fair sharing of resources so that no process or service can starve out others.
The architecture of the Junos operating system cleanly divides the functions of control, services, and forwarding into different planes. The control and services planes include many different processes that run in different modules of the operating system.
The explicit division of responsibility allows the software to run on different engines of processing, memory, and other resources. This division of labor is what enables Junos to run all types of platforms in all matter of sizes, from a small box in a home office to the largest boxes in the world handling terabits of data every second.
The Junos OS software architecture features three functional processing planes:
- The control plane runs on what is known as the Routing Engine (RE) of the Juniper device.
- The packet forwarding plane runs on a separate Packet Forwarding Engine (PFE) in larger Juniper platforms.
- The services plane provides specialized processing, such as for quality classification and security.
Do you want faster platforms in your network? That’s like asking if you’d like to have today off (with pay, of course). Yes, it would be good to have the network go a little faster. Faster, faster, faster is a constant drumbeat for networks.
In over ten years of product delivery, Juniper has scaled the throughput of its fastest devices from 40GB per second to multiple terabits per second with a fast expanding set of services. The use of separate processors for the RE, the PFE, and services cards has been the essential architecture element to each performance breakthrough.
In particular, separation lets the PFE and services throughput follow in lock-step with the increasing speeds of the custom Application-Specific Integrated Circuits (ASICs) on which the PFE and services run in the largest platforms.
Separating the engines also reduces interdependencies between them. Not only does this separation help preserve the operation of each when another is experiencing problems, it also gives the Juniper engineers more ways to provide system redundancy and failover. For example, you find dual REs in some platforms, whereas the EX Series Ethernet Switches offer a capability called Virtual Chassis to provide redundancy, among other benefits.