The data plane, sometimes referred to as the forwarding plane, is responsible for handling the actual process of sending packets from one place to another within a network. In contrast to the control plane which decides the path the data should take, the data plane carries out the action of sending the data along that path. Here’s a closer look:


  • The data plane takes care of transmitting user data.
  • It’s concerned with moving packets from a network device’s input to the appropriate output.


  • Packet Forwarding: Based on the information provided by the control plane (like routing tables), the data plane decides how to handle and forward packets to the next hop or destination.
  • Packet Filtering: In devices such as firewalls, the data plane decides which packets to allow or block based on set policies.
  • Queueing and Quality of Service (QoS): The data plane may prioritize certain packets over others to ensure critical traffic gets the necessary bandwidth and timely delivery.

Hardware vs. Software:

  • Historically, data plane tasks were performed by dedicated hardware for speed and efficiency. ASICs (Application-Specific Integrated Circuits) are a common hardware choice for these tasks.
  • However, with the advent of Network Function Virtualization (NFV) and other technologies, software implementations of data plane functions have become more common. This allows for more flexibility but often at the cost of raw performance.

Separation from Control Plane:

  • While the control plane focuses on making decisions about the packet’s path, the data plane executes those decisions.
  • The separation of these planes allows for greater flexibility and scalability in modern network designs, especially in Software-Defined Networking (SDN).

In Software-Defined Networking (SDN):

  • In SDN, the data plane is decoupled from the control plane. Physical devices (like switches) in the data plane take instructions from a centralized SDN controller (part of the control plane).
  • This separation allows for dynamic reconfiguration of the network and more centralized management.

Security Considerations:

  • As the data plane deals with actual data packets, it’s essential to ensure its integrity and reliability. This can include mechanisms to detect and manage malicious or malformed packets, ensuring service continuity.

In essence, the data plane is the “worker” that carries out the decisions made by the control plane. It plays a crucial role in ensuring that data is transmitted efficiently and reliably across the network.