Internet Draft                                 L. Yang
    Expiration: February April 2004                              Intel R&D Labs
    File: draft-ietf-forces-model-00.txt draft-ietf-forces-model-01.txt           J. Halpern
    Working Group: ForCES                               Megisto Systems
                                                   R. Gopal
                                                        Nokia
                                                   A. DeKok
                                                        IDT Inc.
                                                      August
                                                   Z. Haraszti
                                                   S. Blake
                                                        Ericsson
                                                   October 2003

                      ForCES Forwarding Element Functional Model

                       draft-ietf-forces-model-00.txt

                       draft-ietf-forces-model-01.txt

    Status of this Memo

    This document is an Internet-Draft and is in full conformance with
    all provisions of Section 10 of RFC2026.  Internet-Drafts are
    working documents of the Internet Engineering Task Force (IETF),
    its areas, and its working groups.  Note that other groups may also
    distribute working documents as Internet-Drafts.

    Internet-Drafts are draft documents valid for a maximum of six
    months and may be updated, replaced, or obsoleted by other
    documents at any time.  It is inappropriate to use Internet-Drafts
    as reference material or to cite them other than as ``work in
    progress.''

    The list of current Internet-Drafts can be accessed at
    http://www.ietf.org/ietf/1id-abstracts.txt.

    The list of Internet-Draft Shadow Directories can be accessed at
    http://www.ietf.org/shadow.html.

 Abstract

    This document defines a functional model for the forwarding elements
    (FEs) element (FE) model used in the
    Forwarding and Control Plane Separation (ForCES) protocol.  This  The
    model is used to describe represents the capabilities,
    capacities, state and configuration of ForCES
    forwarding elements within the context of the ForCES protocol, so
    that ForCES control elements (CEs) can control the FEs accordingly. The  More
    specifically, the model is to
    specify what describes the logical functions that are
    present in the FEs, an FE, what capabilities these functions support, and
    how these functions are or can be interconnected. The forwarding element This FE model defined
    herein is
    intended to satisfy the model requirements specified in the ForCES
    requirements draft [FORCES-REQ].  Using this model,
    predefined or vendor specific logical functions can be expressed
    and configured. However, the definition [1].  A list of these individual
    functions are not described and the basic logical functional
    blocks (LFBs) is also defined in this document. the LFB class library to aid the
    effort in defining individual LFBs.

 Table of Contents

    Abstract.........................................................1
    1. Definitions...................................................3
    2. Motivation and Introduction..................................................5
       2.1. Requirements of on the FE model.......................4
    3. State Model versus Capability Model...........................4
    4. model.............................6
       2.2. The FE Model Concepts: in Relation to FE Block and Implementations...........6
       2.3. The FE Block Topology.............7
       4.1. Model in Relation to the ForCES Protocol..........6
       2.4. Modeling Language for FE Blocks................................................7
       4.2. Model...........................7
       2.5. Document Structure.......................................8
    3. FE Block Topology........................................9
          4.2.1. Configuring Model Concepts.............................................8
       3.1. State Model and Capability Model.........................8
       3.2. LFB Modeling............................................11
          3.2.1. LFB Input and Input Group..........................13
          3.2.2. LFB Output and Output Group........................15
          3.2.3. Packet Type........................................16
          3.2.4. Metadata...........................................16
          3.2.5. LFB Versioning.....................................18
          3.2.6. LFB Inheritance....................................18
       3.3. FE Block Topology......................11
          4.2.2. Datapath Modeling....................................19
          3.3.1. Alternative Approaches for Modeling FE Block Topology.........................16 Datapaths...19
          3.3.2. Configuring the LFB Topology.......................23
    4. LFB Model -- LFB and Associated Data Definitions.............27
       4.1. General Data Type Definitions...........................28
          4.1.1. Arrays.............................................29
          4.1.2. Structures.........................................29
          4.1.3. Augmentations......................................30
       4.2. Metadata Definitions....................................30
       4.3. Frame Format Definitions................................30
       4.4. LFB Class Definitions...................................31
          4.4.1. LFB Inheritance....................................31
          4.4.2. LFB Inputs.........................................31
          4.4.3. LFB Outputs........................................32
          4.4.4. LFB Attributes.....................................33
          4.4.5. LFB Operational Specification......................34
    5. Logical LFB Topology Model (To be written)...........................34
    6. FE Block Library.....................................21
       5.1. FE Input/Output Block Characterization..................21
          5.1.1. Source Block.......................................21
          5.1.2. Sink Block.........................................22
          5.1.3. Level Attributes (To be written)..........................35
    7. LFB Class Library............................................35
       7.1. Port Block.........................................22
          5.1.4. LFB................................................35
       7.2. Dropper Block......................................22
          5.1.5. MUX Block..........................................23
          5.1.6. LFB.............................................36
       7.3. Redirector (de-MUX) Block..........................23
          5.1.7. Shaper Block.......................................23
       5.2. FE Processing Blocks....................................23
          5.2.1. LFB.................................36
       7.4. Scheduler LFB...........................................36
       7.5. Queue LFB...............................................36
       7.6. Counter Block......................................24
          5.2.2. LFB.............................................37
       7.7. Meter Block........................................24
          5.2.3. Filter Block.......................................24
          5.2.4. Classifier Block...................................24
          5.2.5. Redirecting LFB and Policer LFB...............................37
       7.8. Classifier Block.......................25
          5.2.6. LFB..........................................37
       7.9. Modifier Block.....................................25
          5.2.7. LFB............................................38
       7.10. Packet Header Rewriter Block.......................26
          5.2.8. Packet Compression/Decompression Block.............26
          5.2.9. Packet Encryption/Decryption Block.................26
          5.2.10. Packet Encapsulation/Decapsulation Block..........26
    6. Minimal Set of Logical Functions Required for LFB.............................38
    8. Satisfying the Requirements on FE Model.......27
       6.1. Model......................39
       8.1. Port Functions..........................................39
       8.2. Forwarding Functions....................................40
       8.3. QoS Functions...........................................27
          6.1.1. Classifier.........................................27
          6.1.2. Meter..............................................28
          6.1.3. Marker.............................................28
          6.1.4. Dropper............................................28
          6.1.5. Counter............................................28
          6.1.6. Queue and Scheduler (?)............................28
          6.1.7. Shaper.............................................28
       6.2. Functions...........................................41
       8.4. Generic Filtering Functions.............................28
       6.3. Functions.............................41
       8.5. Vendor Specific Functions...............................29
       6.4. Port Functions..........................................29
       6.5. Forwarding Functions....................................29
       6.6. Functions...............................42
       8.6. High-Touch Functions....................................30
       6.7. Functions....................................42
       8.7. Security Functions......................................31
       6.8. Functions......................................42
       8.8. Off-loaded Functions....................................31
    7. Cascading Multiple FEs.......................................31
    8. Data Modeling and Representation.............................32 Functions....................................43
       8.9. IPFLOW/PSAMP Functions..................................43
    9. Security Considerations......................................33 Using the FE model in the ForCES Protocol....................43
       9.1. FE Topology Query.......................................45
       9.2. FE Capability Declarations..............................46
       9.3. LFB Topology and Topology Configurability Query.........47
       9.4. LFB Capability Declarations.............................47
       9.5. State Query of LFB Attributes...........................48
       9.6. LFB Attribute Manipulation..............................48
       9.7. LFB Topology Re-configuration...........................49
    10. Intellectual Property Right.................................33 Acknowledgments.............................................49
    11. IANA consideration..........................................34 Security Considerations.....................................49
    12. Normative References........................................34 References........................................49
    13. Informative References......................................34 References......................................50
    14. Acknowledgments.............................................35
    15. Authors' Addresses..........................................35 Addresses..........................................50
    15. Intellectual Property Right.................................51
    16. IANA consideration..........................................51

 Conventions used in this document

    The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
    "SHOULD", "SHOULD NOT", "RECOMMENDED",  "MAY", and "OPTIONAL" in
    this document are to be interpreted as described in [RFC-2119].

 1. Definitions

    A set of terminology associated with the ForCES requirements is
    defined in [FORCES-REQ] [1] and is not copied here. The following list of
    terminology is relevant to the FE model defined in this document.

    Datapath

    FE Model -- A conceptual path taken by packets within The FE model is designed to model the
    forwarding plane, inside an FE. There might exist more than one
    datapath within logical
    processing functions of an FE.

    Forwarding Element (FE) Block -- An abstraction of  The FE model proposed in this
    document includes three components: the basic packet
    processing modeling of individual
    logical functions in functional blocks (LFB model), the datapath. It is logical interconnection
    between LFBs (LFB topology) and the building
    block of FE functionality. This concept abstracts away
    implementation details from level attributes including
    FE capabilities.  The FE model provides the parameters of interest for
    configuration, control basis to define the
    information elements exchanged between the CE and management by CE.

    Forwarding Element (FE) Stage -- Representation of an the FE block
    instance in the
    ForCES protocol.

    Datapath -- A conceptual path taken by packets within the
    forwarding plane, inside an FE. There might exist more than one
    datapath within an FE.

    LFB (Logical Function Block) class (or type) -- A template
    representing a FE's fine-grained, logically separable and well-defined
    packet processing operation in the datapath.  LFB classes are the
    basic building blocks of the FE model.

    LFB (Logical Function Block) Instance -- As a packet flows through
    an FE along a datapath, it flows through one or multiple distinct stages, LFB
    instances, with each stage implementing an instance of a certain logical function
    block. LFB
    class.  There may be multiple instances of the same functional
    block LFB in a an FE's
    datapath.

    FE Topology  Note that we often refer to LFBs without distinguishing
    between LFB class and LFB instance when we believe the implied
    reference is obvious for the given context.

    LFB Model -- Representation of how The LFB model describes the multiple FEs content and structures in a single
    NE
    LFB and associated data definition.  There are interconnected.  Sometimes it four types of
    information defined in the LFB model. The core part of the LFB
    model is called inter-FE topology, LFB class definitions while the other three are to be distinguished define
    the associated data including common data types, supported frame
    formats and metadata.

    LFB Metadata -- Metadata is used to communicate per-packet state
    from intra-FE (block) topology. one LFB to another, but is not sent across the network.  The
    FE Block Topology model defines how such metadata is identified, produced and
    consumed by the LFBs, but not how metadata is encoded within an
    implementation.

    LFB Attribute -- Representation Operational parameters of how the FE stages LFBs that must be
    visible to the CEs are
    interconnected conceptualized in the FE model as the LFB
    attributes. The LFB attributes include, for example, flags, single
    parameter arguments, complex arguments, and placed along tables that the datapath within CE can
    read or/and write via the ForCES protocol.

    LFB Topology -- Representation of how the LFB instances are
    logically interconnected and placed along the datapath within one
    FE.  Sometimes it is also called intra-FE topology, to be
    distinguished from inter-FE topology.  LFB topology is outside of
    the LFB model, but part of the FE model.

    FE Topology -- Representation of how the multiple FEs in a single
    NE are interconnected.  Sometimes it is called inter-FE topology,
    to be distinguished from intra-FE topology (i.e., LFB topology).
    Individual FE may not have the global knowledge of full FE
    topology, but the local view of its connectivity with other FEs are
    considered part of the FE model.  FE topology is discovered by the
    ForCES base protocol or some other means.

    Inter-FE Topology ű -- See FE Topology.

    Intra-FE Topology ű -- See FE Block LFB Topology.

    LFB class library -- A set of LFB classes that are identified as
    the most common functions found in most FEs and hence should be
    defined first by the ForCES Working Group.

 2.     Motivation Introduction

    [2] specifies a framework by which control elements (CEs) can
    configure and Requirements of FE model manage one or more separate forwarding elements (FEs)
    within a networking element (NE) using the ForCES protocol.  The
    ForCES architecture allows Forwarding Elements (FEs) of varying
    functionality to participate in a ForCES network element (NE). element.  The
    implication of this varying functionality is that CEs can make only
    minimal assumptions about the functionality provided by its FEs. FEs in a
    NE.  Before CEs can configure and control the forwarding behavior
    of FEs, CEs need to query and discover the capabilities and states
    of their FEs.  [FORCES-REQ]  [1] mandates that this capabilities and the capabilities, states and
    configuration information be expressed in the form of an FE model, model.

    RFC 3444 [11] made the observation that information models (IMs)
    and this data models (DMs) are different because they serve different
    purposes.  "The main purpose of an IM is to model
    will be used as the basis managed objects
    at a conceptual level, independent of any specific implementations
    or protocols used".  "DMs, conversely, are defined at a lower level
    of abstraction and include many details.  They are intended for CEs to control
    implementors and manipulate FEs'
    behavior via ForCES protocol.

    [FORCES-REQ] describes all the requirements placed on include protocol-specific constructs."  Sometimes
    it is difficult to draw a clear line between the two.  The FE model
    described in detail. We provide a brief summary here to highlight some this document is first and foremost an information
    model, but it also has a flavor of a data model as it contains
    explicit definition of the
    design issues we face.
       . The LFB class schema and other data
    structures.  It is expected that this FE model MUST express what logical functions can will be
         applied to packets used as they pass through an FE.
       . The the
    basis to define the payload for information exchange between the CE
    and FE model MUST be capable of supporting/allowing variations in the way logical functions are implemented ForCES protocol.

 2.1. Requirements on the FE model

    [1] defines requirements which must be satisfied by a ForCES FE
    model.  To summarize, an FE. FE model must define:
       . Logically separable and distinct packet forwarding operations
         in an FE datapath (logical functional blocks or LFBs);
       . The model MUST be capable possible topological relationships (and hence the sequence
         of describing packet forwarding operations) between the order in which
         these logical functions are applied in a FE. various LFBs;
       . The FE model SHOULD possible operational capabilities (e.g., capacity limits,
         constraints, optional features, granularity of configuration)
         of each type of LFB;
       . The possible configurable parameters (i.e., attributes) of
         each type of LFB;
       . Metadata that may be extendable and should have provision exchanged between LFBs.

 2.2. The FE Model in Relation to
         express new or vendor specific logical functions.
       . FE Implementations

    The FE model SHOULD be able to support minimal set proposed here is based on an abstraction of distinct
    logical
         functions functional blocks (LFBs), interconnected in a directed
    graph, and receiving, processing, modifying, and transmitting
    packets along with metadata.  Note that are already identified, such as port functions, a real forwarding functions, QoS functions, filtering functions,
         high-touch functions, security functions, vendor-specific
         functions and off-loaded functions.

 3.     State Model versus Capability Model

    Since datapath
    implementation should not be constrained by the model.  On the
    contrary, the motivation of an FE model is to allow the CEs later to
    control and configure the FEs' behavior via ForCES protocol, it
    becomes essential to examine and understand what kind should be designed such that different
    implementations of control
    and configuration the CEs might do to forwarding datapath can all be logically
    mapped onto the FEs. It is also equally
    essential to understand how configurable or programmable FEs are
    today model with the functionality and will be in sequence of
    operations correctly captured.  However, the near future.

    To understand model itself does not
    directly address the issue better, it is helpful to make a distinction
    between two different kinds of FE models ű how a particular implementation maps
    to an LFB topology.  This is left to the forwarding plane vendors
    as to how the FE state model and functionality is represented using the FE
    capability model.

    An
    Nevertheless, we do strive to design the FE state model describes such that it is
    flexible enough to accommodate most common implementations.

    The LFB topology model for a particular datapath implementation
    MUST correctly capture the current state sequence of operations on the FE, packet.
    Metadata generation (by certain LFBs) must always precede any use
    of that is, metadata (by subsequent LFBs in the instantaneous values or operational behavior topology graph); this
    is required for logically consistent operation.  Further,
    modifications of packet fields that are subsequently used as inputs
    for further processing must occur in the FE. order specified in the
    model for that particular implementation to ensure correctness.

 2.3. The FE
    state model presents Model in Relation to the snapshot view of ForCES Protocol

    The ForCES base protocol is used by the FE CEs and FEs to maintain the CE. For
    example, using an FE state model, an FE
    communication channel between the CEs and FEs.  The ForCES protocol
    may be described used to its CE
    as query and discover the following:
    - on inter-FE topology. The
    details of a given port particular datapath implementation inside an FE
    including the packets are classified using a given
    classification filter;
    - LFB topology, along with the given classifier results in packets being metered in a
    certain way, operational capabilities
    and then marked in a certain way;
    - the packets coming from specific markers are delivered into a
    shared queue for handling, while other packets attributes of each individual LFB, are delivered conveyed to a
    different queue;
    - a specific scheduler with specific behavior and parameters will
    service these collected queues.

    On the other hand, CE
    within information elements in the FE capability ForCES protocol.  The model describes the
    configurable capabilities and capacities of
    an FE in terms of
    variations LFB class should define all of functions supported or limitations contained.
    Conceptually FE capability model presents the many possible states
    allowed on an FE with capacity information indicating certain
    quantitative limits or constraints.  For example, that would need
    to be exchanged between an FE capability
    model may describe the FE at a coarse level such as:
    - this FE can handle IPv4 and IPv6 forwarding;
    - this FE can perform classification on a CE for the following fields:
    source IP address, destination IP address, source port number,
    destination port number, etc;
    - this FE can perform metering;
    - this FE can handle up to N queues (capacity);
    - this FE can add proper configuration
    and remove encapsulating headers management of types
    including IPSec, GRE, L2TP.

    The information on the capabilities and capacities that LFB.

    Definition of the FE helps
    the CE understand various payloads of ForCES messages (irrespective
    of the flexibility transport protocol ultimately selected) cannot proceed in a
    systematic fashion until a formal definition of the objects being
    configured and managed (the FE functions.  Where it
    gets more complicated and the LFBs within) is undertaken.
    The FE Model document defines a set of classes and attributes for
    describing and manipulating the capability model to cope with the
    detailed limits, issues such as how many classifiers state of the FE can
    handle, how many queues, and LFBs of an FE.  These
    class definitions themselves will generally not appear in the
    Forces protocol.  Rather, Forces protocol operations will
    references classes defined in this model, including relevant
    attributes (and operations if such are defined).

    Section 9 provides more detailed discussion on how many buffer pools the FE can
    support, how many meters model
    should be used by the ForCES protocol.

 2.4. Modeling Language for FE can provide.

    While one could try Model

    Even though not absolutely required, it is beneficial to build an object use a
    formal data modeling language to represent the conceptual FE model for representing
    capabilities
    described in full, other efforts have found this to document and a full specification will be written
    using such a
    significant undertaking. A middle data modeling language.  Using a formal language can
    help in enforcing consistency and logical compatibility among LFBs.
    In addition, formal definition of the road approach is to define
    coarse-grained capabilities and simple capacity measures.  Then, if LFB classes has the CE attempts potential
    to instruct facilitate the FE to set up eventual automation of some specific behavior
    it part of the code
    generation process and the functional validation of arbitrary LFB
    topologies.

    The modeling language is used for writing the specification but not capable of,
    necessarily for encoding the FE will return an error indicating data over-the-wire between FEs and
    CEs. When selecting the
    problem.  Such an approach specification language, human readability
    is taken by RFC3318 in defining a set of
    Provisioning Classes (PRCs) very important, while there are no performance requirements on
    the language for Framework Policy Information Base
    (PIB). For example, in Section 4.1 of RFC3318, a ˘Component
    Limitations Table÷ encoding, decoding, and transmission on the
    language.  XML is described so that ˘the PEP can report some
    limitations used as the specification language in this
    document, because XML has the advantage of attribute values and/or classes being human and possibly
    guidance values machine
    readable with widely available tools support.

    The encoding method for over the attribute÷. Similar approach wire transport is also taken
    in Differentiated Services QoS Policy Information Base [RFC3317].
    The DiffServ QoS PIB includes capability reporting classes for
    individual devices, like classification capabilities, metering
    capabilities, etc. Two additional classes are also defined to allow an issue
    independent of the specification language chosen here.  It is
    outside the scope of this document and up to the element linkage capabilities ForCES protocol to
    define.

 2.5. Document Structure

    Section 3 provides conceptual overview of the PEP: FE model, laying the
    dsIfElmDepthCaps PRC indicates
    foundation for the maximum number of functional
    datapath elements that can be linked consecutively more detailed discussion and specifications in a datapath;
    while
    the dsIfElmLinkCaps PRC indicates what functional datapath
    elements may follow a specific type sections that follow. Section 4, 5, and 6 together constitute
    the core of element the FE model, detailing the three major components in
    the FE model: LFB model, LFB topology, and FE level attributes
    including capability.  Section 7 presents a datapath.  Such
    capability reporting list of LFB classes in
    the DiffServ and Framework PIB are
    all meant to allow the PEP to indicate some general guidelines
    about what the device can do.  They are intended to LFB class library that will be an aid further specified according to
    the PDP when it constructs policy for the PEP.  These classes do
    not necessarily allow FE model presented in earlier Sections (4, 5 and 6).  Section 8
    directly addresses the PEP to indicate every possible
    configuration that it can or cannot support.  If a PEP receives a
    policy that it cannot implement, it must notify model requirements imposed by the PDP with a
    failure report.

    Figure 1 shows ForCES
    requirement draft [1] while Section 9 explains how the concepts of FE state, capabilities, capacities
    and configuration model
    should be used in the context of CE-FE communication via ForCES protocol.

    It is clear to us that

 3. FE Model Concepts

    Some of the most important concepts used throughout this document
    are introduced in this section.  Section 3.1 explains the context of ForCES,
    difference between a state model is
    definitely necessary but not sufficient.  A simple state model
    without any capability flavor will severely limit ForCESĂs ability
    to take advantage of the flexibility offered by programmable FEs.
    The question is how much of the capability model is needed in
    addition to the state model.  As we discussed previously, a
    detailed capability model is difficult to develop and may impose
    unnecessary overhead for those FEs that donĂt have much flexibility
    in their capability.  We believe that a good balance between
    simplicity capability model, and flexibility how
    the two can be achieved for ForCES combined in the FE model by
    taking model.  Section 3.2 introduces
    the similar approach concept of LFBs (Logical Functional Blocks) as demonstrated by DiffServ
    PIB[RFC3317] and Framework PIB[RFC3318] ű that is, by combining the
    coarse level capability reporting mechanism for both basic
    functional building blocks in the individual FE functions model.  Section 3.3 discusses
    the logical inter-connection and linkage constraints with ordering between LFB instances
    within an FE, that is, the error reporting
    mechanism.

         +-------+                                          +-------+
         |       | FE capabilities/capacity: what it can be.|       |
         |       |<-------------------------------------- --|       |
         |       |                                          |       |
         |   CE  | LFB topology.

    The FE state: what it model proposed in this document is now.                |  FE   |
         |       |<-----------------------------------------|       |
         |       |                                          |       |
         |       | FE configuration: what it should be.     |       |
         |       |----------------------------------------->|       |
         +-------+                                          +-------+

      Figure 1. Illustration comprised of FE state, capabilities, capacities these three
    components: LFB model, LFB topology and
      configuration in the context of CE-FE communication via ForCES.

 4. FE Model Concepts: attributes including FE Block
    capabilities.  The LFB model provides the content and FE Block Topology

    Conceptually, data
    structures to define each individual LFB class; LFB topology
    provides a mean to express the FE model presents two levels of information about logical inter-connection between the FE.  At
    LFB instances along the first level are datapath(s) within the individual FE functions.  We
    call these individual FE functions FE; and FE blocks.  The second level of
    attributes provide information that at the FE model should present is about how these
    individual function are ordered level and placed along the datapath to
    deliver capabilities
    about what the FE can or cannot do at a complete forwarding plane service.  The interconnection coarse level.   Details on
    each of the FE functions is called ˘FE block topology÷.

 4.1. FE Blocks

    A new terminology ˘FE Functional Block÷ three components are described in Section 4, 5 and 6,
    respectively.  The intention of this section is used to refer to discuss these
    concepts at the
    individual FE functions that constitute high level and lay the very basic units foundation for FE
    models.  Each FE functional block performs a well-defined action or
    computation on the packets passing through it.  Upon completion of
    such function, either the packets are modified detailed
    description in certain ways
    (like decapsulator, marker), or some results are generated the following sections.

 3.1. State Model and
    stored, probably in Capability Model

    The FE capability model describes the form capabilities and capacities
    of meta-data (like classifier).  Each an FE Block typically does one thing and one thing only.  Classifiers,
    shapers, meters are all examples in terms of variations of functions supported or
    limitations contained.  Conceptually, the FE blocks.  Modeling capability model
    presents the many possible states allowed on an FE blocks
    at such fine granularity allows us to use a small number of with capacity
    information indicating certain quantitative limits or constraints.

    For example, an FE
    blocks to create capability model may describe the higher-order FE functions (like Ipv4
    forwarder) precisely, which in turn at a coarse
    level such as:
       . this FE can describe more complex
    networking functions and vendor implementations of software handle IPv4 and
    hardware.

                                 +----------+
                                 |    CE    |
                                 +----------+
                                    |    ^
                                    |    |
                                    v    |
                                 +----------+
                     Inputs ---> | IPv6 forwarding;
       . this FE Block | ---> Outputs
                         (P,M)   |          |         (PĂ,MĂ)
                                 |    S     |
                                 +----------+

                      Figure 2. Generic can perform classification on the following fields:
         source IP address, destination IP address, source port number,
         destination port number, etc;
       . this FE Block Layout

    An can perform metering;
       . this FE Block has inputs, outputs, and a connection can handle up to N queues (capacity);
       . this FE can add and from the
    CE, as shown in Figure 2.  The horizontal axis is in the forwarding
    plane, and the vertical axis denotes interaction between remove encapsulating headers of types
         including IPSec, GRE, L2TP.

    On the
    forwarding and control planes.  An other hand, an FE block contains internal state
    S, composed of one or both CE->FE configuration; and data created
    and managed by model describes the FE itself.  An FE Block also has one or more
    inputs, each current state of which takes a packet P, and optionally metadata M;
    and produces one
    the FE, that is, the instantaneous values or more outputs, each operational behavior
    of which carries a packet
    PĂ, and optionally metadata MĂ.

    Meta-data is data which is associated with the packet in FE. The FE state model presents the
    network processing device (router, switch, etc), but which is not
    sent across snapshot view of the network.  CE to FE communication is for
    configuration, control and packet injection while FE
    to CE is for
    packet re-direction to the control plane, rmon, accounting
    information, errors, etc.

    The FE model defines a generic CE. For example, using an FE block akin to state model, an abstract base
    class in object-oriented terminology. The generic FE block contains
    basic information like block type and textual description of the
    block function. A namespace is used may be
    described to associate its CE as the following:
       . on a unique name or
    ID given port the packets are classified using a given
         classification filter;
       . the given classifier results in packets being metered in a
         certain way, and then marked in a certain way;
       . the packets coming from specific markers are delivered into a
         shared queue for handling, while other packets are delivered
         to a different queue;
       . a specific scheduler with each type specific behavior and parameters
         will service these collected queues.

    The information on the capabilities and capacities of the FE block. The namespace must be extensible helps
    the CE understand the flexibility and limitations of the FE
    functions, so that new logical functions can also be added later the CE knows at a coarse level what
    configurations are applicable to accommodate
    future innovation in the forwarding plane.

    Based on this generic FE block, each FE logical function is defined
    with additional state FEs and capability information pertinent to each
    specific function.  Typically what are not.  Where
    it gets more complicated is important for the capability model to specify
    information cope with
    the detailed limits, issues such as:
    - as how many inputs it takes and what kinds of packets and meta data
    it takes for each input;
    - classifiers the FE can
    handle, how many outputs it produces and what kind of packets queues, and meta
    data it emits for each output;
    - how many buffer pools the packet processing (such as modification) behavior;
    - what information is programmed into it (e.g., LPM list, next hop
    list, WRED parameters, etc.) and what parameters among them are
    configurable;
    - what statistics it keeps (e.g., drop count, CRC error count,
    etc.);
    - what events it can throw (e.g., table miss, port down, etc.).
    These parameters are further described in Section 5, below.

 4.2. FE Block Topology

    Packets coming into can
    support, how many meters the FE from ingress ports generally flow
    through multiple functional blocks before leaving out can provide.

    While one could try to build an object model for representing
    capabilities in full, other efforts have found this to be a
    significant undertaking. A middle of the egress
    ports. Different packets (or packets from different flows) may take
    different datapath inside the same FE road approach is to define
    coarse-grained capabilities and hence perform different
    sequences of FE blocks. Such interconnection of the FE blocks as
    traversed by simple capacity measures.  Then, if
    the packets is referred CE attempts to as instruct the FE block topology.

    It is important to point out that set up some specific behavior
    it is not capable of, the FE block topology here is will return an error indicating the
    logical topology that
    problem.  Examples of such approach include Framework Policy
    Information Base (PIB) [RFC3318) and Differentiated Services QoS
    Policy Information Base [4]. The capability reporting classes in
    the packets flow through, not DiffServ and Framework PIBs are all meant to allow the physical
    topology as determined device
    to indicate some general guidelines about what it can or cannot do,
    but do not necessarily allow it to indicate every possible
    configuration that it can or cannot support.  If a device receives
    a configuration that it cannot implement, it can reject such
    configuration by how the FE hardware is laid out. replying with a failure report.

    Figure
    3(a) 1 shows part of the block topology concepts of one simple FE example.
    Three ingress ports are present state, capabilities and
    configuration in the FE and these ports may be context of
    different type with different characteristics.  If we model a
    single ingress port function as an CE-FE communication via ForCES
    protocol.

         +-------+                                          +-------+
         |       | FE block, clearly we need a way
    to model multiple instances of one FE block with each instance
    having separate set of parameters allowed for independent
    configuration.

                          +-------------------------------------------+
                          |                                           |
         +-----------+    |     +-----------+            +--------+   |
         |           |    v capabilities: what it can/cannot do.  |           |if IP-in-IP       |
         |       |<-----------------------------------------|       |
    ---->| ingress   |--------->|classifier |----------->|Decap.  |-->+
         | ports       |                                          |           |----+       |
         |
         +-----------+          +-----------+    |others +--------+   CE  |
                                                 V
         (a)  The FE block topology example with a logical loop

     instance tables
    =================
           ingress port         classifier                Decapsulator
    +---+--------+--+   +---+--------+--+         +---+-----------+
    |id |IP Addr |Ó |   |id |#filters|Ó |         |id | Ó         |
    +---+--------+--+   +---+--------+--+         +---+-----------+
    |1  |x.x.x.x |Ó |   |1  |10      |Ó |         |1  | Ó         |
    +---+--------+--+   +---+--------+--+         +---+-----------+
    |2  |x.x.x.x |Ó |   |2  |10      |Ó |
    +---+--------+--+   +---+--------+--+
    |3  |x.x.x.x |Ó state: what it is now.                |
    +---+--------+--+

         (b)  The block instance tables used for such an  FE block
              topology

        +-------+   +-----------+            +------+   +-----------+
        |   |
         |           |if IP-in-IP       |<-----------------------------------------|       |
         |       |                                          |
    --->|ingress|-->|classifier1|----------->|Decap.|-->+classifier2|->       | ports
         |       |           |----+ FE configuration: what it should be.     |       |
         |       |----------------------------------------->|       |
         +-------+   +-----------+    |others +------+   +-----------+
                                     |
                                     V
         (c)  The FE block topology equivalent of (a) without the loop                                          +-------+

     Figure 3. An 1. Illustration of FE block topology example with block instance
    tables.

    Figure 3(a) also shows that it is possible for a packet to flow
    through a certain function more than once state, capabilities and hence create a
    logical loop configuration
         exchange in the context of CE-FE communication via ForCES.

    The ForCES FE block topology. For example, an IP-in-IP
    packet from an IPSec application like VPN may go to the classifier
    first model must include both a state model and have the classification done based on the outer IP
    header; upon being classified as an IP-in-IP packet, the packet is
    then sent to some flavor
    of a decapsulator to strip off capability model.  We believe that a good balance between
    simplicity and flexibility can be achieved for the outer IP header,
    followed FE model by
    combining the classifier again to perform classification on coarse level capability reporting with the
    inner IP header. error
    reporting mechanism.  Examples of similar approach include DiffServ
    PIB [4] and Framework PIB [5].

    The concepts of LFB and LFB topology will be discussed in the rest
    of this section.  It is will become clear from Figure 3(a) that such a logical
    loop some flavor of
    capability model is sometimes necessary and must be properly modeled in needed at both the FE
    block topology.

    To represent level and LFB level.

    Capability information at the FE block instances, we define LFB level is an ˘FE block
    instance table÷ associated with each FE block ű each row of the
    table corresponds to one instance integral part of the block. An instance ID
    LFB model, and is
    needed to distinguish different instances of one block. Multiple
    instances of modeled the same block can way as the other operational
    parameters inside an LFB.  For example, certain features of an LFB
    class may be configured independently with
    different parameters. Figure 3(b) shows optional, in which case it must be possible for the FE block CE
    to determine if an optional feature is supported by a given LFB
    instance
    tables or not.  Such capability information can be modeled as a
    read-only attribute in the LFB instance.  See Section 4.4.4 for
    more details on LFB attributes.

    Capability information at the FE block topology in (a). The instance table of level may describe what LFB
    classes the
    ingress ports has 3 rows because there are 3 ingress ports. The
    classifier block has two rows, one corresponding to FE can instantiate; how many instances of each can be
    created; the classifier
    instance after topological (i.e., linkage) limitations between these
    LFB instances, etc.  Section 6 defines the ingress port, while FE level attributes
    including capability information.

    Once the other row corresponding FE capability is described to the instance after CE, the decapsulator. FE state
    information can be represented by two levels.  The decapsulator has only
    one row in its instance table since only one instance of
    decapsulator first level is used.  Each row in
    the instance table has its own
    parameters logically separable and so each instance can be configured independently.

    A way to model the logical loop to the classifier in Figure 3(a) is
    to treat it as if there are two different instances distinctive packet processing
    functions, and we call these individual functions Logical
    Functional Blocks (LFBs).  The second level of classifier,
    as shown in Figure 3(c).

    While there information is little doubt that the about
    how these individual FE blocks must be
    configurable, the configurability question becomes complicated LFBs are ordered and
    controversial for FE block topology.  To discuss placed along the issue further,
    we need datapath
    to answer the following questions:
    1) Is the FE block topology configurable at all?  Is that feasible
       with todayĂs deliver a complete forwarding plane technology?  Even if the CE can
       dynamically configure an FE block topology, how can the CE
       interpret an arbitrary FE block topology service.  The
    interconnection and know what to do
       with it?
    2) If the FE block topology can be configured by the CE, how do we
       model ordering of the FE block topology?
    LetĂs LFBs is called LFB Topology.
    Section 3.2 discuss these questions in high level concepts around LFBs while Section
    3.3 discuss issues around LFB topology.

 3.2. LFB Modeling

    Each LFB (Logical Functional Block) performs a well-defined action
    or computation on the rest packets passing through it.  Upon completion
    of such function, either the section.

 4.2.1. Configuring FE Block Topology

    We believe that the FE block topology should be configurable with
    ForCES model because even todayĂs forwarding plane technology can
    potentially allow that. As network processors packets are being used
    increasingly modified in certain ways
    (like decapsulator, marker), or some results are generated and
    stored, probably in the forwarding plane, much form of the packet processing
    functions on the FE is implemented in software.  As such, the FE
    can afford much flexibility metadata (like classifier). Each
    LFB typically does one thing and programmability one thing only.  Classifiers,
    shapers, meters are all examples of its
    functionality by configuring the software either LFB.  Modeling LFB at runtime or
    compile time.  It is conceivably feasible for the FE such fine
    granularity allows us to change its
    FE block topology by recompiling the set use a small number of LFBs to create the
    higher-order FE functions (like IPv4 forwarder) precisely, which in
    turn can describe more complex networking functions and vendor
    implementations of software components and their chaining order along the datapath.  It might be possible hardware.

    (Editor's note: We need to achieve some of revisit the reconfiguration at runtime.  Therefore, we
    argue that it is necessary for ForCES granularity issue around LFB
    later and provide a practical design guideline as how to allow FE block topology
    configurable in its partition
    the FE model since it is technically feasible.

    For example, a NAT-enabled router may have several line cards (FEs)
    that are capable of both NAT (Network Address Translator) functions
    and IPv4 Forwarding. Such an FE contain two FE blocks in it: NAT
    and IPv4 Forwarder.  Depends on where into LFB classes.  We will gain more insight on
    the network this router is
    deployed, the network administrator may decide subject once we debate and settle on different
    configuration for the CE to configure LFB list in the FEs. If LFB
    class library, described in Section 7.  So the router sits
    on text around
    granularity here might be revised to reflect the edge lessons we learn.)

    An LFB has one or more inputs, each of which takes a private address domain, the CE may want to
    configure the FEs to perform NAT first packet P, and IPv4 Forwarder later so
    that the forwarding
    optionally metadata M; and produces one or more outputs, each of
    which carries a packet P', and optionally metadata M'.  Metadata is done
    data associated with the correct address space. On the
    other hand, if the router sits inside the private address domain, packet in the CE may want network processing device
    (router, switch, etc.) and passed between one LFB to configure the FEs to perform only next, but
    not sent across the IPv4
    forwarding function network.  It is most likely that there are
    multiple LFBs within one FE, as shown in Figure 2, and bypass all the NAT because LFBs
    share the address space is
    already translated by same ForCES protocol termination point that implements
    the edge router.  Therefore, ForCES protocol logic and maintains the FEs might be
    asked communication channel
    to configure and from the NAT block CE.

    An LFB, as an optional stage shown in Figure 2, has inputs, outputs and attributes
    that can be queried and manipulated by the FE
    topologies to accommodate CE indirectly via Fp
    reference point (defined in [2]) and the two deployment scenarios. This ForCES protocol
    termination point.  The horizontal axis is a
    very simple example in the forwarding plane
    for connecting the inputs and outputs of LFBs within the same FE.
    The vertical axis between the CE and the switch FE denotes the Fp
    reference point where bidirectional communication between these two topologies
    could be easily done with a runtime flag in the CE
    and FE software.
    However simple as it is, it does demonstrate happens: the need CE to allow FE communication is for configuration,
    control and packet injection while the FE block topology configuration.

                 +-------------+         +--------------+ to CE is for packet re-
    direction to the control plane, monitoring and accounting
    information, errors, etc.  Note that the interaction between the CE
    and the LFB is only abstract and indirect.  The result of such
    interaction is for the CE to indirectly manipulate the attributes
    of the LFB instances.

                           +-----------+
                           |     CE    |
                           +-----------+
                                 ^
                                 | Fp reference point
                                 |
         ------->|    NAT      |-------->|IPv4 Forwarder|------>
      +--------------------------|-----------------------------------+
      | FE                       |                                   |
      |
                 +-------------+         +--------------+

         (a)  NAT followed by IPv4 Forwarder

                 +-------------+         +--------------+                          v                                   |
      | +----------------------------------------------------------+ |
      |
         --->-+ |    NAT                ForCES protocol                           |   +---->|IPv4 Forwarder|------> |
      | |                   termination point                      | |
      | +----------------------------------------------------------+ |  +-------------+
      |     +--------------+           ^                           ^                      |
      |
              +----------->--------+

         (b)  NAT is skipped and only the forwarder is used           :                           : Internal control     |
      |           :                           :                      |
      |       +---:----------+             +---:----------+          |
      |       |   :LFB1      |             |   :     LFB2 |          |
      | =====>|   v          |============>|   v          |======>...|
      | Inputs| +----------+ |Outputs      | +----------+ |          |
      | (P,M) | |Attributes| |(P',M')      | |Attributes| |(P",M")   |
      |       | +----------+ |             | +----------+ |          |
      |       +--------------+             +--------------+          |
      |                                                              |
      +--------------------------------------------------------------+

                       Figure 4. 2. Generic LFB Diagram

    A simple example to configure different FE
              topologies.

    We want namespace is used to point out associate a unique name or ID with each LFB
    class. The namespace must be extensible so that allowing configurable FE block topology new LFB class can
    also be added later to accommodate future innovation in FE model does not mandate that all FEs the
    forwarding plane.

    LFB operation must have such
    capability.  Even if be specified in the FE elects to support block topology
    reconfiguration, it is entirely up model to allow the FE designers CE to decide
    how
    understand the FE actually implements such reconfiguration.  Whether it behavior of the forwarding datapath.  For instance,
    the CE must understand at what point in the datapath the IPv4
    header TTL is
    only a simple runtime switch decremented (i.e., it needs to allow know if a few choices like in Figure
    4, control
    packet could be delivered to the CE either before or a much more elaborate reconfiguration as shown later after this
    point in
    Figure 5 possibly supported by recompilation is all implementation
    details internal to the FE but outside datapath).  In addition, the scope CE must understand where
    and what type of header modifications (e.g., tunnel header append
    or strip) are performed by the FEs.  Further, the CE must verify
    that various LFB along a datapath within an FE model.  The
    purpose of this discussion are compatible to
    link together.

    There is value to justify vendors if the motivation and
    necessity operation of supporting FE block topology configuration LFB classes can be
    expressed in the sufficient detail so that physical devices
    implementing different LFB functions can be integrated easily into
    a FE
    model, design.  Therefore, semi-formal specification is needed; that
    is, a text description of the LFB operation (human readable), but not
    sufficiently specific and unambiguous to dictate how this should allow conformance testing
    and efficient design (i.e., eliminate guess-work), so that
    interoperability between different CEs and FEs can be done inside the FEs.

    WeĂve just answered the questions achieved.

    The LFB class model specifies information like:
       . number of ˘Is it possible to configure inputs and outputs (and whether they are
         configurable)
       . metadata read/consumed from inputs;
       . metadata produced at the FE block topology with todayĂs forwarding plane technology÷.
    Now it is time to look outputs;
       . packet type(s) accepted at the other related question: ˘Even if it
    is feasible to configure an FE block topology, how can inputs and emitted at the CE
    interpret
         outputs;
       . packet content modifications (including encapsulation or
         decapsulation);
       . packet routing criteria (when multiple outputs on an arbitrary FE block topology (presented to it by LFB are
         present);
       . packet timing modifications;
       . packet flow ordering modifications;
       . LFB capability information;
       . LFB operational attributes, etc.

    Section 5 of this document provides detailed discussion on the
    FE) and know what to do LFB
    model with it?  Alternatively, how does the CE
    know what kind of FE block topology it should use to implement a
    particular NE service or application?÷ formal specification of LFB class schema.  The example in Figure 4 is too trivial rest of
    Section 3.2 here only intends to require much intelligence
    at provide conceptual overview of
    some important issues in LFB modeling, without covering all the CE.  Figure 5 shows
    specific details.

 3.2.1. LFB Input and Input Group

    An LFB input is a more comlex example conceptual port of the LFB where the LFB can
    receive information from other LFBs. The information is typically a QoS-
    enabled router has several line cards that have a few ingress ports
    packet (or frame in general) and egress ports, a specialized classification chip, a network
    processor containing codes for FE blocks like meter, marker,
    dropper, counter, mux, queue, scheduler and Ipv4 forwarder. Some associated metadata, although in
    some cases it might consist of
    the FE block topology only metadata, i.e., with a Null-
    packet.

    It is already fixed and has to remain static due
    to inevitable that there will be LFB instances that will receive
    packets from more than one other LFB instances (fan-in).  If these
    fan-in links all carry the physical layout same type of information (packet type
    and set of metadata) and require the line cards. For example, all same processing within the
    ingress ports might
    LFB, then one input should be already hard wired into sufficient.  If, however, the classification
    chip LFB
    class can receive two or more very different types of input, and so all packets must follow from
    the ingress port into the
    classification engine. On processing of these inputs are also very distinct, then that
    may justify the other hand, definition of multiple inputs.  But in these cases
    splitting the blocks on LFB class into two LFB classes should always be
    considered as an alternative.  In intermediate cases, e.g., where
    the network
    processor inputs are programmable and somewhat different but they require very similar
    processing, the order shared input solution should be preferred.  For
    example, if an Ethernet framer LFB is capable of receiving IPv4 and
    IPv6 packets, these blocks can be
    changed served by recompilation of the codes. There might exist certain
    capacity limits and linkage constraints between these blocks.
    Examples of same LFB input.

    Note that we assume the capacity limits might be: there can be no more than
    8 meters; there can be no model allows for connecting more than 16 queues in one FE;
    LFB output to a single LFB input directly.  There is no restriction
    on the
    scheduler can handle at most up number of up-stream LFBs connecting their outputs to 16 queues; etc. The linkage
    constraints might dictate the
    same input of a single LFB instance.  Note that classification engine may be
    followed by meter, marker, dropper, counter, queue or Ipv4
    forwarder, but the behavior of the
    system when multiple packets arrive at such an input simultaneously
    is not scheduler; queues defined by the model.  If such behavior needs to be
    described, it can only be followed done either by
    scheduler; scheduler must be followed separating the single input to
    become multiple inputs (one per output), or by inserting other
    appropriate LFBs (such as Queues and possibly Schedulers) between
    the Ipv4 forwarder; multiple outputs and the
    last block single input.

    If there are multiple inputs with the same input type, we model
    them as an input group, that is, multiple instances of the same
    input type.  In general, an input group is useful to allow an LFB
    to differentiate packet treatment based on where the packet came
    from.

      +----+                                +----+
      |LFB1+---+                            |LFB1+---+
      +----+   |    +---------+             +----+   |    +-----------+
               +--->|in  LFB3 |            input   / +--->|in:1  LFB3 |
      +----+   |    +---------+            group   \ +--->|in:2       |
      |LFB2+---+                            +----+   |    +-----------+
      +----+                                |LFB2+---+
                                            +----+

         (a) without input group            (b) with input group

                   Figure 3. An example of using input group.

    Consider the following two cases in Figure 3(a) and (b).  In Figure
    3(a), the datapath before going output from two LFBs are directly connected into one
    input of LFB3, assuming that it can be guaranteed no two packets
    arrive at the egress ports same time instance.  If LFB3 must
    be do something
    different based on the Ipv4 forwarder, etc.

    Once source of the FE reports such capability and capacity to packet (LFB1 or LFB2), the CE, it
    only way to model that is
    now up to the CE make LFB1 and LFB2 to translate pass some
    metadata with different values so that LFB3 can make the QoS policy into
    differentiation based on the desirable
    configuration for metadata.  In Figure 3(b), that
    differentiation can be elegantly expressed within LFB3 using the FE.  Now
    input group concept where the question arises instance id can server as to whether or
    not the CE has the ultimate intelligence to translate high level
    QoS policy into
    differentiating key.  For example, a scheduler LFB can potentially
    use an input group consisting of a variable number of inputs to
    differentiate the configuration data for queues from which the FEs. We argue that
    this question packets are coming.

 3.2.2. LFB Output and Output Group

    An LFB output is outside a conceptual port of the scope of FE model itself.  It is
    possible that LFB where it can send
    information to some human intervention other LFBs.  The information is still necessary.  For
    example, the network administrator typically a
    packet (or frame in general) and associated metadata, although in
    some cases it might emit only metadata,, i.e., with a Null-packet.

    We assume that a single LFB output can be called upon connected to
    translate the high level QoS policy into the configurable FE data
    (including only one LFB
    input (this is required to make the block topology) that packet flow through the CE uses LFB
    topology unambiguous).  Therefore, to configure allow any non-trivial
    topology, multiple outputs must be allowed for an LFB class.  If
    there are multiple outputs with the
    line cards.  It is also conceivable same output type, we model them
    as output group, that within a given network
    service domain (like DiffServ), certain amount is, multiple instances of intelligence can
    be programmed into the CE such that same output
    type.  For illustration of output group, consider the CE hypothetical
    LFB in Figure 4.  The LFB has a general
    understanding two types of the FE blocks involved and so the translation from
    high level QoS policy to the low level FE configuration outputs, one of which
    can be done
    automatically.  In any event, this is considered implementation
    issue internal instantiated to the control plane only and outside the scope form an output group.

                             +------------------+
                             |           UNPROC +-->
                             |                  |
                             |         PKTOUT:1 +-->   \
                           --> PKTIN   PKTOUT:2 +-->   |
                             |            .     + .    | Output group
                             |            .     + .    |
                             |         PKTOUT:N +-->   /
                             +------------------+

                Figure 4. An example of an LFB with output group.

    Multiple outputs should mainly be used for functional separation
    where the FE model. Therefore, it is not discussed any further in this
    draft.

    Figure 5(a) depicts the FE capability while 4(b) and 4(c) depict
    two outputs are connected to very different topologies that the FE might be asked types of LFBs.
    For example, an IPv4 LPM (Longest-Prefix-Matching) LFB may have one
    default output to configure
    into. Note that both ingress and egress are omitted in (b) send those packets for which look-up was
    successful (passing a META_ROUTEID as metadata); and (c) have another
    output for simplicity in sending packets for which the figures. look-up failed.  The topology in (b) is considerably
    more complex than (c) but both are feasible with
    former output may be connected to a route handler LFB, while the FE
    capabilities, and so
    latter can be connected to an ICMP response generator LFB or to a
    packet handler LFB that passes the FE should accept either configuration
    request from packet up to the CE.

    As demonstrated in

 3.2.3. Packet Type

    When LFB classes are defined, the example shown in Figure 5, many variants of input and output packet formats
    (e.g., IPv4, IPv6, Ethernet, etc.) must be specified: these are the FE block topology come directly from
    types of packets a given LFB input is capable of receiving and
    processing, or a given LFB output is capable of producing.  This
    requires that distinct frame types be uniquely labeled with a
    symbolic name and/or ID.

    Note that each LFB has a set of packet types that it operates on,
    but it does not care about whether the configuration underlying implementation is
    passing a greater portion of the
    individual FE blocks. packets.  For example, an IPv4 LFB
    might only operate on IPv4 packets, but the number of datapath branches
    from underlying
    implementation may or may not be stripping the classifier L2 header before
    handing it over -- whether that is determined by happening or not is opaque to
    the number of filters CE.

 3.2.4. Metadata

    Metadata is used by to communicate per-packet state from one LFB to
    another.  To ensure inter-operability among LFBs, the classifier. Figure 5(b) uses four filters so there are four
    main datapath branches fan out LFB class
    specification must define what metadata the LFB class "reads" or
    "consumes" on its input(s) and what metadata it "produces" on its
    output(s).  For that purpose, metadata types must be identified.
    For example, an META_IFID, passed from a port LFB to an IPv4
    processing LFB (with the classifier while 4(c) uses
    only two filters resulting two datapath fan-out. Each datapath is
    further configured by configuring IP packet) can be one of the FE blocks along defined
    metadata types.

    Symbolic names can be assigned for common metadata types.  In
    addition, additional information such as numeric data type, maximum
    and minimum accepted values, and special values should be defined
    for each metadata value.  Some of these constraints will be defined
    in the path.

         +----------+     +-----------+
         |          |     |           |
    ---->| Ingress  |---->|classifier |--------------+
         |          |     |chip       |              |
         +----------+     +-----------+              |
                                                     |
                                                     v
                         +-------------------------------------------+
                         |   Network Processor                       |
           +--------+    |                                           |
      <----| Egress |    |   +------+    +------+   +-------+  +---+ |
           +--------+    |   |Meter |    |Marker|   |Dropper|  |Mux| |
                 ^       |   +------+    +------+   +-------+  +---+ |
                 |       |                                           |
      +----------+-------+                                           |
      |          |                                                   |
      |    +---------+       +---------+   +------+    +---------+   |
      |    |Forwarder|<------|Scheduler|<--|Queue |    |Counter  |   |
      |    +---------+       +---------+   +------+    +---------+   |
      |                                                              |
      |--------------------------------------------------------------+

                 (a)  The Capability LFB class model, and some of them may be specific
    capabilities of a particular LFB instance.

    While it is important to define the FE, reported metadata passing between LFB in
    terms of its name, value and interpretation, it is not necessary to
    define the CE

                                                  Queue1
                       +---+                    +--+
                       |  A|------------------->|  |--+
                    +->|   |                    |  |  |
                    |  |  B|--+  +--+   +--+    +--+  |
                    |  +---+  |  |  |   |  |          |
                    | Meter1  +->|  |-->|  |          |
                    |            |  |   |  |          | exact encoding mechanism used by LFBs for metadata.
    Different implementations are allowed to use different encoding
    mechanisms for metadata.  For example, one implementation may store
    metadata in registers or shared memory, while another
    implementation may encode metadata in-band as preamble in the
    packets.

    A given LFB may require a certain metadata at its inputs for its
    internal processing.  What should happen with the metadata after it
    is read by the LFB?  In particular, should the metadata be
    propagated along with the packet when the packet is forwarded from
    the LFB to the next LFB, or should it be removed (consumed) by the
    LFB?

    In certain cases, passing the metadata along is desirable.  For
    example, a META_CLASSID metadata may denote the result of a
    classification LFB and used in more than one downstream LFBs to
    trigger the proper operation on the packet.  In this case the first
    LFB that uses the META_CLASSID should also allow the META_CLASSID
    to be passed with the packet to the next LFB, and so on.  On the
    other hand, it is easy to see that if metadata is never consumed by
    LFBs, then as the packet trickles through the datapath, a large
    number of metadata will potentially be accumulated by the packet.

    We believe that one way to accommodate both scenarios is to specify
    the propagation mode for each element of metadata utilized by an
    LFB class.  Metadata elements which are not propagated are
    specified with the CONSUME mode, while elements which are
    propagated are specified with the PROPAGATE mode.

    However, whether a metadata is useful beyond an LFB may depend on
    the actual LFB topology, i.e., what other LFBs are placed
    downstream.  So the propagation mode of metadata should be
    configurable.

    A packet may arrive to an LFB with metadata that is not meaningful
    to that LFB, but may be important to some other downstream LFBs.
    To cater to such cases it should be the assumed (default) behavior
    of all LFB classes that they transparently propagate any metadata
    elements that they do not utilize internally.

    Actual implementations of LFBs in hardware may have limitations on
    how much metadata they can pass through.  The limitation may be
    expressed in terms of total framesize (packet + metadata), metadata
    total size, number of metadata elements, or a combination of these.
    The limitation may be on the FE level or may be specific to LFBs
    within an FE.  The pass-through capabilities of LFB instances and
    FEs can be queried as part of the capability discovery process.

    (Editor's note: The definition of metadata here is only preliminary
    and the authors intend to work on the subject in more detail.
    Input is most welcome.)

 3.2.5. LFB Versioning

    LFB class versioning is a method to enable incremental evolution of
    LFB classes.  Unlike inheritance (discussed next in Section 3.2.6),
    where it assumed that an FE datapath model containing an LFB
    instance of a particular class C could also simultaneously contain
    an LFB instance of a class C' inherited from class C; with
    versioning, an FE would not be allowed to contain an LFB instance
    for more than one version of a particular class.

    LFB class versioning is supported by requiring a version string in
    the class definition.  CEs may support backwards compatibility
    between multiple versions of a particular LFB class, but FEs are
    not allowed to support more than one single version of a particular
    class.

 3.2.6. LFB Inheritance

    LFB class inheritance is supported in the FE model as a means of
    defining new LFB classes.  This also allows FE vendors to add
    vendor-specific extensions to standardized LFBs.  An LFB class
    specification MUST specify the base class (with version number) it
    inherits from (with the default being the base LFB class).
    Multiple-inheritance is not allowed, though, to avoid the
    unnecessary complexity.

    Inheritance should be used only when there is significant reuse of
    the base LFB class definition.  A separate LFB class should be
    defined if there is not enough reuse between the derived and the
    base LFB class.

    An interesting issue related to class inheritance is backward
    compatibility (between a descendant and an ancestor class).
    Consider the following hypothetical scenario where there exists a
    standardized LFB class "L1".  Vendor A builds an FE that implements
    LFB "L1" and vendors B builds a CE that can recognize and operate
    on LFB "L1".  Suppose that a new LFB class, "L2", is defined based
    on the existing "L1" class (for example, by extending its
    capabilities in some incremental way).  Lets first examine the FE
    backward compatibility issue by considering what would happen if
    vendor B upgrades its FE from "L1" to "L2" while vendor C's CE is
    not changed.  The old L1-based CE can interoperate with the new L2-
    based FE if the derived LFB class "L2" is indeed backward
    compatible with the base class "L1".

    The reverse scenario is a much less problematic case, i.e., when CE
    vendor B upgrades to the new LFB class "L2", but the FE is not
    upgraded.  Note that as long as the CE is capable of working with
    older LFB classes, this problem does not affect the model; hence we
    will use the term "backward compatibility" to refer to the first
    scenario concerning FE backward compatibility.

    Inheritance can be designed into the model with backward
    compatibility support by constraining the LFB inheritance such that
    the derived class is always a functional superset of the base
    class, i.e., the derived class can only grow on top of the base
    class, but not shrink from it.   Additionally, the following
    mechanisms are required to support FE backward compatibility:
       1)  When detecting an LFB instance of an LFB type that is
           unknown to the CE, the CE MUST be able to query the base
           class of such an LFB from the FE.
       2)  The LFB instance on the FE SHOULD support a backward
           compatibility mode (meaning the LFB instance reverts itself
           back to the base class instance), and the CE SHOULD be able
           to configure the LFB to run in such mode.

 3.3. FE Datapath Modeling

    Packets coming into the FE from ingress ports generally flow
    through multiple LFBs before leaving out of the egress ports.  How
    an FE treats a packet depends on many factors, such as type of the
    packet (e.g., IPv4, IPv6 or MPLS), actual header values, time of
    arrival, etc.  The result of the operation of an LFB may have an
    impact on how the packet is to be treated in further (downstream)
    LFBs and this differentiation of packet treatment downstream can be
    conceptualized as having alternative datapaths in the FE.  For
    example, the result of a 6-tuple classification (performed by a
    classifier LFB) controls what rate meter is applied to the packet
    (by a rate meter LFB) in a later stage in the datapath.

    LFB topology is a directed graph representation of the logical
    datapaths within an FE, with the nodes representing the LFB
    instances and the directed link the packet flow direction from one
    LFB to the next.  Section 3.3.1 discusses how the FE datapaths can
    be modeled as LFB topology; while Section 3.3.2 focuses on issues
    around LFB topology reconfiguration.

 3.3.1. Alternative Approaches for Modeling FE Datapaths
    There are two basic ways to express the differentiation in packet
    treatment within an FE, one representing the datapath directly and
    graphically (topological approach) and the other utilizing metadata
    (the encoded state approach).

       . Topological Approach

       Using this approach, differential packet treatment is expressed
       via actually splitting the LFB topology into alternative paths.
       In other words, if the result of an LFB must control how the
       packet is further processed, then such an LFB will have separate
       output ports (one for each alternative treatment) connected to
       separate sub-graphs (each expressing the respective treatment
       downstream).

       . Encoded State Approach

       An alternative way of expressing differential treatment is using
       metadata.  The result of the operation of an LFB can be encoded
       in a metadata which is passed along with the packet to
       downstream LFBs.  A downstream LFB, in turn, can use the
       metadata (and its value, e.g., as an index into some table) to
       decide how to treat the packet.

    Theoretically, the two approaches can substitute for each other, so
    one may consider using purely one (or the other) approach to
    describe all datapaths in an FE.  However, neither model by itself
    is very useful for practically relevant cases.  For a given FE with
    certain logical datapaths, applying the two different modeling
    approaches would result in very different looking LFB topology
    graphs.  A model using purely the topological approach may require
    a very large graph with many links (i.e., paths) and nodes (i.e.,
    LFB instances) to express all alternative datapaths.  On the other
    hand, a model using purely the encoded state model would be
    restricted to a string of LFBs, which would make it very
    unintuitive to describe very different datapaths (such as MPLS and
    IPv4).  Therefore, a mix of these two approaches will likely be
    used for a practical model.  In fact, as we illustrate it below,
    the two approaches can be mixed even within the same LFB.

    Using a simple example of a classifier with N classification
    outputs followed by some other LFBs, Figure 5(a) shows what the LFB
    topology looks like by using the purely topological approach.  Each
    output from the classifier goes to one of the N LFBs followed and
    no metadata is needed here.  The topological approach is simple,
    straightforward and graphically intuitive.  However, if N is large
    and the N nodes followed the classifier (LFB#1, LFB#2, ..., LFB#N)
    all belong to the same LFB type (for example, meter) but each with
    its own independent attributes, the encoded state approach gives a
    much simpler topology representation, as shown in Figure 5(b).  The
    encoded state approach requires that a table of N rows of meter
    attributes is provided in the Meter node itself, with each row
    representing the attributes for one meter instance.  A metadata M
    is also needed to pass along with the packet P from the classifier
    to the meter, so that the meter can use M as a look-up key (index)
    to find the corresponding row of the attributes that should be used
    for any particular packet P.

    Now what if all the N nodes (LFB#1, LFB#2, ..., LFB#N) are not of
    the same type? For example, if LFB#1 is a queue while the rest are
    all meters, what is the best way to represent such datapaths?
    While it is still possible to use either the pure topological
    approach or the pure encoded state approach, the natural
    combination of the two seems the best by representing the two
    different functional datapaths using topological approach while
    leaving the N-1 meter instances distinguished by metadata only, as
    shown in Figure 5(c).
                                         +----------+
                                  P      |   LFB#1  |
                              +--------->|(Attrib-1)|
         +-------------+      |          +----------+
         |            1|------+   P      +----------+
         |            2|---------------->|   LFB#2  |
         | classifier 3|                 |(Attrib-2)|
         |          ...|...              +----------+
         |            N|------+          ...
         +-------------+      |   P      +----------+
                              +--------->|   LFB#N  |
                                         |(Attrib-N)|
                                         +----------+

                 5(a) Using pure topological approach

         +-------------+                 +-------------+
         |            1|                 |   Meter     |
         |            2|   (P, M)        | (Attrib-1)  |
         |            3|---------------->| (Attrib-2)  |
         |          ...|                 |   ...       |
         |            N|                 | (Attrib-N)  |
         +-------------+                 +-------------+

           5(b) Using pure encoded state approach to represent the LFB
          topology in 5(a), if LFB#1, LFB#2, ..., and LFB#N are of the
                        same type (e.g., meter).

                                      +-------------+
         +-------------+ (P, M)       | queue       |
         |            1|------------->| (Attrib-1)  |
         |            2|              +-------------+
         |            3| (P, M)       +-------------+
         |          ...|------------->|   Meter     |
         |            N|              | (Attrib-2)  |
         +-------------+              |   ...       |
                                      | (Attrib-N)  |
                                      +-------------+

         5(c) Using a combination of the two, if LFB#1, LFB#2, ..., and
              LFB#N are of different types (e.g., queue and meter).

                Figure 5. An example of how to model FE datapaths

    From this example, we demonstrate that each approach has distinct
    advantage for different situations.  Using the encoded state
    approach, fewer connections are typically needed between a fan-out
    node and its next LFB instances of the same type, because each
    packet carries metadata with it so that the following nodes can
    interpret and hence invoke a different packet treatment.  For those
    cases, a pure topological approach forces one to build elaborate
    graphs with a lot more connections and often results in an unwieldy
    graph.  On the other hand, a topological approach is intuitive and
    most useful for representing functionally very different datapaths.

    For complex topologies, a combination of the two is the most useful
    and flexible.  Here we provide a general design guideline as to
    what approach is best used for what situation.  The topological
    approach should primarily be used when the packet datapath forks
    into areas with distinct LFB classes (not just distinct
    parameterizations of the same LFB classes), and when the fan-outs
    do not require changes (adding/removing LFB outputs) at all or
    require only very infrequent changes.  Configuration information
    that needs to change frequently should preferably be expressed by
    the internal attributes of one or more LFBs (and hence using the
    encoded state approach).
                       +---------------------------------------------+
                       |                                             |
         +----------+  V      +----------+           +------+        |
         |          |  |      |          |if IP-in-IP|      |        |
    ---->| ingress  |->+----->|classifier|---------->|Decap.|---->---+
         | ports    |         |          |----+      |      |
         +----------+         +----------+    |others+------+
                                              |
                                              V
         (a)  The LFB topology with a logical loop

        +-------+   +-----------+            +------+   +-----------+
        |       |   |           |if IP-in-IP |      |   |           |
    --->|ingress|-->|classifier1|----------->|Decap.|-->+classifier2|->
        | ports |   |           |----+       |      |   |           |
        +-------+   +-----------+    |others +------+   +-----------+
                                     |
                                     V
         (b)  The LFB topology without the loop utilizing two
              independent classifier instances.

                 Figure 6. An LFB topology example.

    It is important to point out that the LFB topology here is the
    logical topology that the packets flow through, not the physical
    topology as determined by how the FE hardware is laid out.
    Nevertheless, the actual implementation may still influence how the
    functionality should be mapped into the LFB topology.  Figure 6
    shows one simple FE example.  In this example, an IP-in-IP packet
    from an IPSec application like VPN may go to the classifier first
    and have the classification done based on the outer IP header; upon
    being classified as an IP-in-IP packet, the packet is then sent to
    a decapsulator to strip off the outer IP header, followed by a
    classifier again to perform classification on the inner IP header.
    If the same classifier hardware or software is used for both outer
    and inner IP header classification with the same set of filtering
    rules, a logical loop is naturally present in the LFB topology, as
    shown in Figure 6(a).  However, if the classification is
    implemented by two different pieces of hardware or software with
    different filters (i.e., one set of filters for outer IP header
    while another set for inner IP header), then it is more natural to
    model them as two different instances of classifier LFB, as shown
    in Figure 6(b).

    To distinguish multiple instances of the same LFB class, each LFB
    instance has its own LFB instance ID.  One way to encode the LFB
    instance ID is to encode it as x.y where x is the LFB class ID
    while y is the instance ID within each LFB class.

 3.3.2. Configuring the LFB Topology
    While there is little doubt that the individual LFB must be
    configurable, the configurability question is more complicated for
    LFB topology.  Since LFB topology is really the graphic
    representation of the datapaths within FE, configuring the LFB
    topology means dynamically changing the datapaths including changes
    to the LFBs along the datapaths on an FE, e.g., creating (i.e.,
    instantiating) or deleting LFBs, setting up or deleting
    interconnections between outputs of upstream LFBs to inputs of
    downstream LFBs.

    Why would the datapaths on an FE ever change dynamically?  The
    datapaths on an FE is set up by the CE to provide certain data
    plane services (e.g., DiffServ, VPN, etc.) to the NE's customers.
    The purpose of reconfiguring the datapaths is to enable the CE to
    customize the services the NE is delivering at run time.  The CE
    needs to change the datapaths when the service requirements change,
    e.g., when adding a new customer, or when an existing customer
    changes their service.  However, note that not all datapath changes
    result in changes in the LFB topology graph, and that is determined
    by the approach we use to map the datapaths into LFB topology.  As
    discussed in 3.3.1, the topological approach and encoded state
    approach can result in very different looking LFB topologies for
    the same datapaths.  In general, an LFB topology based on a pure
    topological approach is likely to experience more frequent topology
    reconfiguration than one based on an encoded state approach.
    However, even an LFB topology based entirely on an encoded state
    approach may have to change the topology at times, for example, to
    totally bypass some LFBs or insert new LFBs.  Since a mix of these
    two approaches is used to model the datapaths, LFB topology
    reconfiguration is considered an important aspect of the FE model.

    We want to point out that allowing a configurable LFB topology in
    the FE model does not mandate that all FEs must have such
    capability.  Even if an FE supports configurable LFB topology, it
    is expected that there will be FE-specific limitations on what can
    actually be configured.  Performance-optimized hardware
    implementation may have zero or very limited configurability, while
    FE implementations running on network processors may provide more
    flexibility and configurability.  It is entirely up to the FE
    designers to decide whether or not the FE actually implements such
    reconfiguration and how much.  Whether it is a simple runtime
    switch to enable or disable (i.e., bypass) certain LFBs, or more
    flexible software reconfiguration is all implementation detail
    internal to the FE but outside of the scope of FE model.  In either
    case, the CE(s) must be able to learn the FE's configuration
    capabilities.  Therefore, the FE model must provide a mechanism for
    describing the LFB topology configuration capabilities of an FE.
    These capabilities may include (see Section 6 for details):
       . What LFB classes can the FE instantiate?
       . How many instances of the same LFB class can be created?
       . What are the topological limitations?  For example:
            o How many instances of the same class or any class can be
              created on any given branch of the graph?
            o Ordering restrictions on LFBs (e.g., any instance of LFB
              class A must be always downstream of any instance of LFB
              class B).

    Even if the CE is allowed to configure LFB topology for an FE, how
    can the CE interpret an arbitrary LFB topology (presented to the CE
    by the FE) and know what to do with it?  In another word, how does
    the CE know the mapping between an LFB topology and a particular NE
    service or application (e.g., VPN, DiffServ, etc.)?  We argue that
    first of all, it is unlikely that an FE can support any arbitrary
    LFB topology; secondly, once the CE understands the coarse
    capability of an FE, it is up to the CE to configure the LFB
    topology according to the network service the NE is supposed to
    provide.  So the more important mapping that the CE has to
    understand is from the high level NE service to a specific LFB
    topology, not the other way around.  Do we expect the CE has the
    ultimate intelligence to translate any high level service policy
    into the configuration data for the FEs?  No, but it is conceivable
    that within a given network service domain (like DiffServ), a
    certain amount of intelligence can be programmed into the CE such
    that the CE has a general understanding of the LFBs involved and so
    the translation from a high level service policy to the low level
    FE configuration can be done automatically.  In any event, this is
    considered an implementation issue internal to the control plane
    and outside the scope of the FE model. Therefore, it is not
    discussed any further in this draft.

         +----------+     +-----------+
    ---->| Ingress  |---->|classifier |--------------+
         |          |     |chip       |              |
         +----------+     +-----------+              |
                                                     v
                         +-------------------------------------------+
           +--------+    |   Network Processor                       |
      <----| Egress |    |   +------+    +------+   +-------+        |
           +--------+    |   |Meter |    |Marker|   |Dropper|        |
                 ^       |   +------+    +------+   +-------+        |
                 |       |                                           |
      +----------+-------+                                           |
      |          |                                                   |
      |    +---------+       +---------+   +------+    +---------+   |
      |    |Forwarder|<------|Scheduler|<--|Queue |    |Counter  |   |
      |    +---------+       +---------+   +------+    +---------+   |
      |--------------------------------------------------------------+

                 (a)  The Capability of the FE, reported to the CE

           +-----+    +-------+                      +---+
           |    A|--->|Queue1 |--------------------->|   |
    ------>|     |    +-------+                      |   |  +---+
           |     |                                   |   |  |   |
           |     |    +-------+      +-------+       |   |  |   |
           |    B|--->|Meter1 |----->|Queue2 |------>|   |->|   |
           |     |    |       |      +-------+       |   |  |   |
           |     |    |       |--+                   |   |  |   |
           +-----+    +-------+  |   +-------+       |   |  +---+
         classifier              +-->|Dropper|       |   |  IPv4
                                     +-------+       +---+  Fwd.
                                                  Scheduler
                 (b)  One LFB topology as configured by the CE and
                      accepted by the FE

                                                  Queue1
                       +---+                    +--+
                       |  A|------------------->|  |--+
                    +->|   |                    |  |  |
                    |  |  B|--+  +--+   +--+    +--+  |
                    |  +---+  |  |  |   |  |          |
                    | Meter1  +->|  |-->|  |          |
                    |            |  |   |  |          |
                    |            +--+   +--+          |          Ipv4
                    |         Counter1 Dropper1 Queue2|    +--+  Fwd.
            +---+   |                           +--+  +--->|A |  +-+
            |  A|---+                           |  |------>|B |  | |
     ------>|  B|------------------------------>|  |  +--->|C |->| |->
            |  C|---+                           +--+  | +->|D |  | |
            |  D|-+ |                                 | |  +--+  +-+
            +---+ | |    +---+             +---+                  Queue3| | Scheduler
        Classifier1 | |  |  A|------------>|A  |  A|------------>       +--+  | |
                    | +->|   |                    |   |->|  |--+ |
                    |    |  B|--+  +--+ +->|B  |  | +-------->|  |    |
                    |    +---+  |  |  | |  +---+         +--+    |
                    |  Meter2   +->|  |-+  Mux1                 |
                    |              |  |                   |
                    |              +--+           Queue4  |
                    |            Marker1          +--+    |
                    +---------------------------->|  |----+
                                                  |  |
                                                  +--+
                 (c)  Another LFB topology as configured by the CE and
                      accepted by the FE

         Figure 7. An example of configuring LFB topology.

    Figure 7 shows an example where a QoS-enabled router has several
    line cards that have a few ingress ports and egress ports, a
    specialized classification chip, a network processor containing
    codes for FE blocks like meter, marker, dropper, counter, queue,
    scheduler and Ipv4 forwarder.  Some of the LFB topology is already
    fixed and has to remain static due to the physical layout of the
    line cards.  For example, all the ingress ports might be already
    hard wired into the classification chip and so all packets must
    follow from the ingress port into the classification engine.  On
    the other hand, the LFBs on the network processor and their
    execution order are programmable, even though there might exist
    certain capacity limits and linkage constraints between these LFBs.
    Examples of the capacity limits might be: there can be no more than
    8 meters; there can be no more than 16 queues in one FE; the
    scheduler can handle at most up to 16 queues; etc.  The linkage
    constraints might dictate that classification engine may be
    followed by a meter, marker, dropper, counter, queue or IPv4
    forwarder, but not scheduler; queues can only be followed by a
    scheduler; a scheduler must be followed by the IPv4 forwarder; the
    last LFB in the datapath before going into the egress ports must be
    the IPv4 forwarder, etc.

    Once the FE reports such capability and capacity to the CE, it is
    now up to the CE to translate the QoS policy into the desirable
    configuration for the FE.  Figure 7(a) depicts the FE capability
    while 7(b) and 7(c) depict two different topologies that the FE
    might be asked to configure to.  Note that both the ingress and
    egress are omitted in (b)  One FE block and (c) for simple representation.  The
    topology in 7(c) is considerably more complex than 7(b) but both
    are feasible within the FE capabilities, and so the FE should
    accept either configuration request from the CE.

 4. LFB Model -- LFB and Associated Data Definitions

    The main goal of the FE model is to provide an abstract, generic,
    modular, implementation independent representation of the FEs. This
    is facilitated using the concept of LFBs which are instantiated
    from LFB classes. The LFB model is defined in this section to
    describe the content and structures in LFB and associated data type
    definition.

    The core part of the model is the definition of LFB classes.
    Section 4.4 provides more discussion on what will be part of an LFB
    class definition.

    Operational parameters of the LFBs that must be visible to the CEs
    are conceptualized in the model as the LFB attributes. These
    include, for example, flags, single parameter arguments, complex
    arguments, and tables.  The definition of the attributes of an LFB
    MUST be part of the LFB class definition. To promote consistent and
    terse definitions of the attributes of LFB classes, commonly used
    attribute types SHOULD be defined in the model outside of the LFB
    class definitions, so that LFB class definitions can "share" these
    type definitions by simply referring to the types. What will
    comprise a data type definition is further discussed in Section
    4.1.

    LFBs form a directed graph with each other by sending and receiving
    packets and associated metadata. To provide consistency and logical
    inter-operability among LFB classes, packet types (generic frame
    types) and metadata types MUST BE specified outside of the LFB
    class definitions (but part of the LFB model), so that the LFB
    class definitions can simply refer to these types. These blocks are
    further discussed in Section 4.3 and Section 4.2, respectively.
    In summary, the LFB model will consist of the following four
    categories of definitions:
       1)  Common data type definitions (Section 4.1)
       2)  Metadata definitions (Section 4.2);
       3)  Frame format definitions (Section 4.3);
       4)  LFB class definitions (Section 4.4).

    It is not expected that the above information is exchanged between
    FEs and CEs "over-the-wire".  But the model will serve as configured by an
    important reference for the CE design and
                      accepted by development of the FE

           +-----+    +-------+                      +---+
           |    A|--->|Queue1 |--------------------->|   |
    ------>|     |    +-------+                      |   |  +---+
           |     |                                   |   |  |   |
           |     |    +-------+      +-------+       |   |  |   |
           |    B|--->|Meter1 |----->|Queue2 |------>|   |->|   |
           |     |    |       |      +-------+       |   |  |   |
           |     |    |       |--+                   |   |  |   |
           +-----+    +-------+  |   +-------+       |   |  +---+
         classifier              +-->|Dropper|       |   |  IPv4
                                     +-------+       +---+  Fwd.
                                                  scheduler

                 (c)  Another FE block topology CEs
    (software) and FEs (mostly the software part).

 4.1. General Data Type Definitions

    Data types will be used to describe the LFB attributes (see Section
    4.4.4).  This is similar to the concept of having a common header
    file for shared data types. Data types will include atomic data
    types (e.g. integer, ASCII string), as configured well as compound or derived
    data types (such as arrays and structures).  Given that the FORCES
    protocol will be getting and setting attribute values, all atomic
    data types used here must be able to be conveyed in the FORCES
    protocol.  Further, the FORCES protocol will need a mechanism to
    convey compound data types.  Details of such representation are for
    the protocol document, not the model documents.

    Compound data types can build on atomic data types and other
    compound data types. There are three ways that compound data types
    can be defined.  They may be defined as an array of elements of
    some compound or atomic data type.  They may be a structure of
    named elements of compound or atomic data types (ala C structures).
    They may also be defined as augmentations (explained below in
    4.1.3) of existing compound data types.

    In addition, any data type may be used to define a new type by
    restricting the CE range of values that an instance of the data type
    can take on, and accepted by specifying specific semantics that go with that.
    This is similar to the FE

         Figure 5. Another example SNMP notion of configuring FE block topology.

 4.2.2. Modeling FE Block Topology

    Now a textual convention.

    For each data type the following information MUST be provided:
    . Symbolic name of data type. Example: "T_IPV4ADDRESS".
    . Actual type declaration.

    In addition, a data type definition MAY include the following:
       . Range restrictions.
       . A set of symbolic names for special values. Example:
         "IPV4ADDR_LOOPBACK".

    Note that weĂve seen some examples not all attributes will exist at all times in all
    implementations.  While the capabilities will frequently indicate
    this non-existence, CEs may attempt to reference non-existent or
    non-permitted attributes anyway.  The FORCES protocol mechanisms
    should include appropriate error indicators for this case.

 4.1.1. Arrays

    Compound data types can be defined as arrays of how FE block topology compound or atomic
    data types.  Arrays can only be
    configured, we need subscripted by integers, and will
    be presumed to focus on the question as how start with subscript 0.  The mechanism defined above
    for non-supported attributes can also apply to model attempts to
    reference non-existent array elements or to set non-permitted
    elements.  The valid range of the FE
    block topology traversed by subscripts of the packets.  As discussed below, there
    exist two different approaches array must be
    defined either in modeling the FE block topology.

    . Directed Graph Topological Approach

    An FE stage definition of the array or in the LFB class
    which uses the compound type definition.

 4.1.2. Structures

    A structure is simply an instance comprised of an FE block within an FE's
    datapath.  As a packet flows through an FE along collection of data elements.  Each
    data element has a datapath, it
    flows through one data type (either an atomic type or multiple distinct stages, with each stage
    instantiating a certain FE logical function.  So an FE stage existing
    compound type.) and is
    simply assigned a row name unique within the scope of
    the compound data type being defined.  These serve the same
    function as "struct" in C, etc.

 4.1.3. Augmentations

    Compound types can also be defined as augmentations of existing
    compound types.  If the ˘FE block instance tables÷ corresponding existing compound type is a structure,
    augmentation may add new elements to the
    block type.  They may replace
    the type of an existing element with an augmentation derived from
    the stage.  Each FE allocates current type.  They may not delete an FE-unique stage ID
    to each of its stages.  One way to assign existing element, nor may
    they replace the stage ID type of an existing element with one that is to
    combine both not
    an augmentation of the block-type namespace and type that the instance ID element has in the
    instance table.

    The FE block topology can then be modeled by a directed graph
    interconnecting all the FE stages present in basis for
    the FE, with each node
    in augmentation.  If the graph corresponding to existing compound type is an FE stage, and array,
    augmentation means augmentation of the direction
    between two nodes coinciding array element type.

    One consequence of this is that augmentations are compatible with
    the packet flow direction. compound type from which they are derived.  As such,
    augmentations are useful in defining attributes for LFB subclasses
    with backward compatibility.  In
    order addition to adding new attributes
    to represent the directed interconnection between two
    consecutive nodes along a datapath, each stage contains a field
    called ˘number class, the data type of downstream stages÷ and an array existing attribute may be replaced
    by an augmentation of ˘downstream
    stage IDs÷ that point to the set of downstream nodes following this
    stage.  Such a modeling approach directly models the datapath
    topological graph of the FE stages attribute, and so we refer to it as still meet the
    directed graph topological approach.
    compatibility rules for subclasses.

    For such example, consider a directed graph topological approach, the following
    information needs simple base LFB class A that has only one
    attribute (attr1) of type X.  One way to derive class A1 from A can
    be specified for each FE stage in the graph:
    - stage identifier which uniquely identifies the node within this
    FE graph;
    - block type which identifies simply adding a second attribute (of any type).  Another way to
    derive a class A2 from A can be replacing the block function that this stage original attribute
    (attr1) in A of type X with one of type Y, where Y is an instance of;
    - number
    augmentation of downstream stages which corresponds to X.  Both classes A1 and A2 are backward compatible
    with class A.

 4.2. Metadata Definitions

    For each metadata type, the number of
    downstream nodes connected following MUST be specified:
       . Metadata symbolic name. Used to this stage;
    - downstream stage identifiers which corresponds refer to the set metadata type in
         LFB type specifications.  Example: META_CLASSID.
       . Brief synopsis of
    downstream nodes connected to this stage.

    Such information can be combined into the rows metadata. Example: "Result of the ˘FE block
    instance table÷ for each FE block
         classification (0 means no match)".
       . Data type present on and valid range.

    In addition, the FE.  With
    such following information defined MAY BE part of the metadata
    definition:
       . Symbolic definitions for each row in frequently used or special values of
         the instance table, it is
    now possible to traverse metadata.

 4.3. Frame Format Definitions
    This part of the whole graph LFB model will list packet types (frame types in a node-by-node fashion
    general) that LFB classes can receive at their inputs and/or emit
    at their outputs.

    For each distinct frame type, the following MUST be provided:
       . Symbolic name of frame type. Example: FRAME_IPV4.
       . Brief synopsis of the linked list, as long as frame type. Example: "IPv4 packet".

 4.4. LFB Class Definitions

    Each LFB Class definition must provide the initial stage(s) are
    known.  For example, following information:
    .    Symbolic name of LFB class. Example: "LFB_IPV4_LPM"
    .    Short synopsis of LFB class. Example: "IPv4 LPM Lookup LFB"
    .    Version indicator
    .    Inheritance indicator (see discussion in Section 4.4.1)
    .    Inputs (see discussion in Section 4.4.2)
    .    Outputs (see discussion in Section 4.4.3)
    .    Attributes (see discussion in Section 4.4.4)
    .    Operational specification (see discussion in Section 4.4.5)

 4.4.1. LFB Inheritance

    To support LFB class inheritance, the topology model LFB specification must have a
    place holder for Figure 5(c) is shown in
    Figure 6. indicating the base class and its version.  It is
    assumed that the FE has four ingress ports and two
    egress ports.  The stage id derived class is assigned to have backward compatible with the format of
    ˘xx.yy÷ where xx being base
    class.

 4.4.2. LFB Inputs

    An LFB class may have zero, one, or more inputs. We assume that
    most LFBs will have exactly one input.  Multiple inputs with the block
    same input type name while yy being the
    instance id of that stage are modeled as one input group.  The input group
    should count as one entry in the instance table input specification.  The number
    of inputs (including input groups) is fixed.

    Multiple inputs with different input type xx. should be avoided if
    possible (see discussion in Section 3.2.1).  Some special LFBs will
    have no inputs at all.  For example, a packet generator LFB does
    not need an input.

    The
    following shorthand are used for FE block type namespace:
    IG=Ingress-port; CL=classifier; EG=egress-port; QU=queue; MT=meter;
    DR=dropper; SC=scheduler; and FW=Forwarder.

    In Figure 6, by starting from LFB class definition MUST specify whether or not the initial stages number of
    inputs of {IG.1; IG.2;
    IG.3; IG.4} and using the instance tables, all the datapath in the
    FE block topology can be easily traversed. From this example, it is
    clear that directed graph topological approach LFB is straightforward
    and graphical, and hence easy to understand and implement. DiffServ
    [RFC3317] uses this approach in modeling its QoS functions fixed, and
    their interconnection.  However, such approach has certain
    limitations. One of the limitations is that there exists an
    implicit assumption within such a model that exact number if fixed. For each node affects
    LFB input (group), the
    datapath branching following MUST be specified:

       . Symbolic name of input.  Example: "PKT_IN".  Note that this
         symbolic name must be unique only for the next immediate stage. For example,
    in Figure 5(c), the classifier directs packets into either queue1
    or meter1, but once within the packets enter meter1, scope of the classification
    results have no impact on which LFB
         class.
       . Brief synopsis of the two branches leaving meter1 input.  Example: "Normal packet input".
       . Indication of whether this input is an input group (i.e., queue2 or dropper) if
         it is being taken. While this limitation
    might allowed to be perfectly reasonable for many FE designs, some find it
    insufficient. For example, some instantiated).
       . List of allowed frame formats. Example: "{FRAME_IPV4,
         FRAME_IPV6}".  Note that this list should refer to symbols
         specified in the classification engine uses frame definition of the classification results LFB model (see
         Section 4.3).
       . List of required metadata. Example: {META_CLASSID, META_IFID}.
         This list should refer to determine symbols specified in the full datapath, i.e.,
    not just metadata
         definition of the immediate stage following LFB model (see Section 4.2). For each
         metadata it should be specified whether the classifier, but
    including all metadata is
         required or optional. For each optional metadata a default
         value MAY BE specified, which is used by the following FE stages LFB if the packets should perform.
    It
         metadata is difficult to represent such FE design using not provided at the pure directed
    graph topological approach. input.

 4.4.3. LFB Outputs

    An alternative approach, encoded state
    approach, is LFB class may have zero, one, or more suitable in this case because it carries meta-
    data between the stages.

    Instance tables:
    ================
     IG                 CL                      QU
    +---+-----+----+   +---+-----+---------+   +---+-----+----+
    |id |#next|next|   |id |#next|next     |   |id |#next|next|
    +---+-----+----+   +---+-----+---------+   +---+-----+----+
    |1  | 1   |CL.1|   |1  |2    |QU.1;MT.1|   |1  |1    |SC.1|
    +---+-----+----+   +---+-----+---------+   +---+-----+----+
    |2  | 1   |CL.1|                           |2  |1    |SC.1|
    +---+-----+----+                           +---+-----+----+
    |3  | 1   |CL.1|
    +---+-----+----+
    |4  | 1   |CL.1|
    +---+-----+----+

     DR                  MT                      EG
    +---+-----+----+   +---+-----+---------+   +---+-----+----+
    |id |#next|next|   |id |#next|next     |   |id |#next|next|
    +---+-----+----+   +---+-----+---------+   +---+-----+----+
    |1  | 0   |    |   |1  |2    |QU.2;DR.1|   |1  |0    |    |
    +---+-----+----+   +---+-----+---------+   +---+-----+----+
                                               |2  |0    |    |
                                               +---+-----+----+

     SC                  FW
    +---+-----+----+   +---+-----+---------+
    |id |#next|next|   |id |#next|next     |
    +---+-----+----+   +---+-----+---------+
    |1  | 1   |FW.1|   |1  |2    |EG.1;EG.2|
    +---+-----+----+   +---+-----+---------+

    Directed Graph:
    ===============
    Traverse outputs.  If there are
    multiple outputs with the graph by starting from {IG.1;IG.2;IG.3;IG.4}.

    *Notes:
    1) same output type, we model them as output
    group.  Some special LFBs may have no outputs at all (e.g.,
    Dropper).

    The fields shown in the instance tables are only number of outputs may be fixed for some LFB types and may be
    configurable for others.  The LFB Class definition MUST specify the fields
       common to all: id (instance ID); #next (number
    number of immediate next
       stages); next (the instance IDs outputs (or output types) of all the immediate next
       stages). LFB. The parameters pertinent to each block type are not
       shown output group
    should count as one entry in the instance tables because they do not affect the
       topology modeling.
    2) The stage id is assigned to have the format of ˘xx.yy÷ where xx
       being the block type name while yy being output specification, but the instance id of
    entry should indicate that
       stage in the instance table instantiation of type xx.
    3) The following shorthand are used for FE block type namespace:
       IG=Ingress-port; CL=classifier; EG=egress-port; QU=queue;
       MT=meter; DR=dropper; SC=scheduler; and FW=Forwarder.

         Figure 6. Using the directed graph approach to model output is
    allowed.

    For each LFB output (group) the FE
    block topology in Figure 5(c). following MUST be specified:
       . Encoded State Approach Symbolic name of the output. Example: "UNPROC".  In addition case of an
         output group, the symbolic name is the prefix used to
         construct unique symbols for each output instance. Example:
         "PKTOUT".  Note that the topological approach, symbolic name must be unique only
         within the QDDIM model also
    adopts scope of the encoded state approach so that information about LFB class.
       . Brief synopsis of the
    treatment that a output. Example: "Normal packet received on output".
       . Indication of whether this output is an ingress interface output group (i.e., if
         it is allowed to be communicated along with the packet instantiated).
       . List of allowed frame formats. Example: "{FRAME_IPV4,
         FRAME_IPV6}". Note that this list should refer to symbols
         specified in the egress interface frame definition of the LFB model (see [QDDIM]
         Section 3.8.3). QDDIM 4.3).
       . List of emitted (generated) metadata. Example: {META_CLASSID,
         META_IFID}. This list should refer to symbols specified in the
         metadata definition of the LFB model represents this
    information transfer (see Section 4.2). For
         each generated metadata, it should be specified whether the
         metadata is always generated or generated only in terms certain
         conditions. This information is important when assessing
         compatibility between LFBs.

 4.4.4. LFB Attributes

    The operational state of a packet preamble.

             +----------------+
             |     Meter-A    |
             |                |
       ----->|            In -|-----PM-1--->
             |                |
             |           Out -|-----PM-2--->
             +----------------+

            Figure 7:  Meter Followed the LFB is modeled by Two Preamble Markers

    Figure 7 shows an example used in [QDDIM] (section 3.8.3) in which
    meter results are captured in a packet preamble. ˘PreamberMarker
    PM-1 adds to the packet preamble an indication variables of the
    LFB, collectively called attributes.  Note that the packet
    exited Meter A as conforming traffic. Similarly, PreambleMarker PM-
    2 adds attributes here
    refer to the preambles operational parameters of packets the LFBs that come through it indications must be
    visible to the CEs.  The other variables that they exited Meter A as nonconforming traffic. A PreambleMarker
    appends its information are internal to whatever is already present LFB
    implementation are not included here in a packet
    preamble, as opposed to overwriting what is already there.÷ ˘To
    foster interoperability, the basic format of LFB attributes and are
    not modeled here.

    Attribute types will include the following three categories:
       . Capability attributes (see Section 9.4 for more on LFB
         capabilities).  Examples:
        *  Supported optional features of the LFB class;
        *  Maximum number of configurable outputs for an output group;
        *  Metadata pass-through limitations of the LFB;
        *  Maximum size of configurable attribute tables;
        *  Supported access modes of certain attributes (see below).
       . Operational attributes, some of them are configurable by the
         CE, while others might be internally maintained state which
         are read-only for the information
    captured by a PreambleMarker is specified.÷ ˘Once a meter result
    has been stored in a packet preamble, it is available CE and necessary for any
    subsequent Classifier the CE to use.÷

    In operate
         properly.  Examples:
        *  Configurable flags and switches selecting between
    operational modes of the example LFB;
        *  ARP tables;
        *  Number of Figure 5(c), if outputs in an output group;
        *  Metadata CONSUME vs. PROPAGATE mode selector.
       . Statistical attributes (collected by the results from classifier are FE and provided for
         reading to impact all the following stages, even beyond CE).  Examples:
        *  Packet and byte counters;
        *  Other event counters.

    Some of the immediate next
    stage, encoded state approach should attributes will be used so that meta-data is
    inserted representing the results from classifier and is made generically available to in all following stages.

               +------------+   +------------+   +------------+
        input  | Ethernet   |   |            |   | Ethernet   |output
       ------->| Ingress    |-->| IPv4 L3 LPM|-->| Egress     |---->
               | Port Mgr   |   | Forwarder  |   | Port Mgr   |
               +------------+   +------------+   +------------+

                      (a) using encoded state approach

         Input  +------------+   +------------+                 output
        ------->|Ingr-Port #1|-->|            |
                +------------+   |            |   +------------+
        ------->|Ingr-Port #2|-->|            |-->|EgressPort#1|----->
                +------------+   |            |   +------------+
        ------->|Ingr-Port #3|-->|IPv4 L3 LPM |-->|EgressPort#2|----->
                +------------+   |Forwarder   |   +------------+
        ------->|Ingr-Port #4|-->|            |-->|EgressPort#3|----->
                +------------+   |            |   +------------+
        ------->|Ingr-Port #5|-->|            |-->|EgressPort#4|----->
                +------------+   |            |   +------------+
        ------->|Ingr-Port #6|-->|            |
                +------------+   +------------+

               (b) using directed graph topological approach

         Figure 8. A simple example using two different approaches.

    Using LFBs
    while others will be specific to the topological approach as exemplified by DiffServ model,
    there are N connections between a fan-out node LFB class.  Examples of 1:N (e.g., a
    classifier)
    generic LFB attributes are:
       . LFB class inheritance information (see Section 4.4.1)
       . Number and its next stages. Using the encoded state approach,
    fewer connections are typically needed between type of inputs (in case the same fan-out
    node LFB is self-
         descriptive)
       . Number and its next stages, because each packet carries some state
    information as metadata that type of outputs  (in case the next stage nodes can interpret and
    invoke different packet treatment. Pure topological approaches can LFB is self-
         descriptive)
       . Number of current outputs for each output group
       . Metadata CONSUME/PROPAGATE mode selector
    There may be overly complex to represent because they force various access permission restrictions on to build
    elaborate topologies what the CE
    can do with an LFB attribute.  The following categories may be
    supported:
       . No-access attributes.  This is useful when multiple access
         modes maybe defined for a lot more connections.  An encoded state
    approach given attribute to allow some
         flexibility for different implementations.
       . Read-only attributes.
       . Read-write attributes.
       . Write-only attributes.  This could be any configurable data
         for which read capability is nicer in that it allows one not provided to simplify the graph CEs.  (??? Do
         we have good example???)
       . Read-reset attributes.  The CE can read and
    represent reset this
         resource, but cannot set it to an arbitrary value. Example:
         Counters.
       . Firing-only attributes.  A write attempt to this resource will
         trigger some specific actions in the functional blocks with LFB, but the actual value
         written is ignored.  (??? Example???)

    The LFB class may define more clarity. But than one possible access mode for a
    given attribute (for example, write-only and read-write), in which
    case it does
    require extra metadata is left to be carried along with the packet, like actual implementation to pick one of the preamble in
    modes.  In such cases a corresponding capability parameter must
    inform the QDDIM model. CE of which mode the actual LFB instance supports.
    The attributes of the LFB class must be defined as a list. For example in Figure 8(a), IPv4 L3 LPM forwarder generates some
    metadata at its output to carry each
    attribute the following information on which port MUST be provided:
       . Reference to the
    packets should go to, and #3 (Enet-Egress-port-Manager) uses this
    meta data to direct type (e.g., specified in the packets to generic
         data type block of the right egress port. Figure
    8(b) shows how LFB model or in an LFB specific data
         type block).
       . Access permission(s).
       . Additional range restrictions (i.e., beyond what is specified
         by the FE graph looks like data type definition).
       . Default value. Applied when using the pure
    topological approach instead, assuming six ingress and four egress
    ports. It LFB is clear that (b) initialized or reset.

    The actual structuring of LFB attributes requires further study.

 4.4.5. LFB Operational Specification

    This section of the model should verbally describe what the LFB
    does.  This will most likely be embedded in an unstructured text
    field in the model.

 5. LFB Topology Model (To be written)

    (Editor's note: This is unwieldy compared a place holder to (a).

    Note that describe the details on
    how to model LFB topology.)
 6. FE graph can represent largely arbitrary topologies
    of the stages, regardless which approach (topological or encoded
    state) Level Attributes (To be written)

    (Editor's note: This is taken.  Clearly the two approaches are not exclusive.
    For complex topologies, a combination of place holder to describe the two FE level
    attributes including FE capabilities, for examples:
       . How this FE is most useful and
    flexible. Therefore, we recommend that connected with other FEs (if known by the FE)?
       . What LFB classes can the ForCES FE model adopt
    both approaches.  More specifically, instantiate?
       . How many instances of the directed graph topological
    approach should same LFB class can be used as created?
       . What are the basic model, while topological limitations?  For example:
            o How many instances of the encoded state
    approach same class or any class can be used as optional, when meta-data is needed between
    stages beyond
              created on any given branch of the immediate next neighbors.

 5.     Logical FE Block graph?
            o Ordering restrictions on LFBs (e.g., any instance of LFB
              class A must be always downstream of any instance of LFB
              class B).
    )

 7. LFB Class Library

    A small set of fine-grained FE blocks can be LFB classes are identified as here in the very
    basic units from which all other FE functions can be built upon.
    Such a set of FE blocks can be viewed LFB class library
    as a necessary to build common FE block library.  This
    section defines such a library. functions.

    Several working groups in the IETF have already done some relevant
    work in modeling the provisioning policy data for some of the
    functions we are interested in, for example, DiffServ
    (Differentiated Services) PIB [RFC3317], [4], IPSec PIB [IPSEC-PIB]. [8]. Whenever
    possible, we should try to reuse the work done elsewhere
    instead work done elsewhere instead of
    reinventing the wheel.

 7.1. Port LFB

    A Port LFB is used to map a physical port into the LFB model.

    The Port LFB maps sources and sinks of packets from outside the LFB
    model onto one logical block which defines and models a physical
    port implementing those functions.

    The Port LFB contains a number of configurable parameters, which
    may include, but are not limited to, the following items:
       . the number of reinventing ports on this LFB;
       . the wheel.

    FE blocks may be characterized into two general classes:
    input/output oriented blocks, and processing blocks.  Each class is
    composed sub-interfaces if any;
       . the static attributes of a number each port (e.g., port type,
         direction, link speed);
       . the configurable attributes of sub-blocks, and each port (e.g., IP address,
         administrative status);
       . the combination statistics collected on each port (e.g., number of classes
    and sub-blocks can completely characterize FE functions. packets
         received);
       . the current status (up or down).

    The FE input/output blocks are characterized by their inputs Port LFB can have three modes of operation:
       . ingress only
       . egress only
       . hybrid (contains ingress and
    outputs, egress functions)

 7.2. Dropper LFB

    A dropper LFB has one input, and they generally do not modify or further process the
    data no outputs.  It discards all
    packets that they handle. it receives without any modification or examination of
    those packets.

    The FE processing blocks are characterized
    by purpose of a dropper LFB is to allow the description of "sinks"
    within the manner model, where those sinks do not result in which they modify the packet, metadata, or
    internal state, independent packet
    being sent into any object external to the model.

 7.3. Redirector (de-MUX) LFB

    A redirector LFB has one input, and N outputs.

    The purpose of how that information the redirector LFB is input into to explicitly represent a
    place in the block.

 5.1. FE Input/Output Block Characterization LFB Topology where the redirection process occurs, and
    where it may be configured.

    The FE input/output blocks are characterized by redirector LFB takes an input packet P, and uses the following
    elements:

            - number metadata M
    to redirect that packet to one or more of N outputs, e.g. unicast
    forwarding, multicast, or broadcast.

    Note that other LFBs may also have redirecting functionality, if
    they have multiple outputs.

 7.4. Scheduler LFB

    A Scheduler LFB has multiple inputs
            - number and one output.  The purpose of outputs

    These blocks do not modify or examine
    the Scheduler LFB is to perform time-dependent packet in any way.

 5.1.1. Source Block

    A source block forwarding.
    The Scheduler LFB multiplexes from its inputs onto its output(s),
    based on internal configuration such as packet priority, etc.  The
    packet is not modified during this process.

 7.5. Queue LFB

    The Queue LFB has no inputs, one input and one output.  It ˘sources÷ events takes input packets
    and places them onto queues.  These packets are later forwarded to
    the output(s) of the LFB, based on back-pressure from the external world into next LFB
    which typically is a scheduler LFB.

 7.6. Counter LFB

    A counter LFB updates its statistical attributes, by counting
    packets, or metadata.  The packet is not modified, and the FE model. metadata
    may, or may not, be modified.

    The purpose of the source block a Counter LFB is to allow the model to explicitly
    interact with objects that are outside record simple accounting of
    events on the model.  That is, an
    Ethernert port FE.

    A counter LFB is independent of time 't', in that injects packets into the FE may it does not
    perform any time-dependent counting.  The time at which a count is
    made may, however, be modeled as associated with that count.

 7.7. Meter LFB and Policer LFB

    A Meter LFB is a
    ˘source÷ block, as from the point of view of the model, counter LFB that is time dependent.  That is, it creates
    meters the rate over time at which packets out of or metadata flow through
    the ˘ether÷, and outside LFB.  The purpose of the scope Meter LFB is to record time-dependent
    accounting of events on the model.
    See also the FE Port block below, in Section 5.1.3.

 5.1.2. Sink Block

    A sink block FE.

    When a Meter LFB has multiple outputs, with one input, and no outputs.  It ˘sinks÷ events from output being a
    marker, or dropping the packet, then the Meter LFB becomes a
    Policer LFB, performing a policing function.

 7.8. Classifier LFB

    A Classifier LFB uses its attributes to classify the FE model packet into the external world.
    one of N different logical classes.

    The purpose of the sink block a Classifier LFB is to allow the model to explicitly
    interact with objects that are outside logically partition packets
    into one or more classes.  The result of this partitioning is that
    the model.  That is, and
    Ethernet port Classifier LFB produces metadata that sends packets from describes the classes
    into which the packet has been partitioned. The packet is not
    modified during this process.

    A Classifier LFB takes an FE may be modeled as a
    ˘sink÷ block, as from input packet and metadata, and produces
    the point of view same packet with new or more metadata.  A classifier is
    parameterized by filters.  Classification is done by matching the
    contents of the model, it sends incoming packets into according to the ˘ether÷, filters, and outside of the scope
    result of the model.
    See also the FE Port block below, classification is produced in Section 5.1.3.

 5.1.3. Port Block

    An FE Port Block the form of metadata.  Note
    that this classifier is used to describe specific sinks or sources.  An
    FE Source Block may source events other than packets, such as TCP
    timers.  An FE Source block may also modeled solely based on its internal
    processing, and not require complex
    configuration.  In addition, the model should be able to map both
    sources on its inputs and sinks onto one logical outputs.  The block which models is a port
    single-exit classifier that
    implements those functions.  For these reasons, does NOT physically redirect the
    packet.  In contrast, a DiffServ-like classifier is a 1:N (fan-out)
    device: It takes a single traffic stream as input and generate N
    logically separate traffic streams as output.  That kind of multi-
    exit classifier can be modeled by combining this classifier with a
    redirector (see Section 6.1.6).

    A filter decides if input packets match particular criteria. That
    is, it is useful to
    define "marks" a Port Block separately from packet as either matching, or non-matching to the previously defined Source
    and Sink blocks, even though there is some overlap between them.

    The FE Port Block contains a number
    filter criteria. According to [DiffServ], "a filter consists of configurable parameters,
    which may include, but are not limited to, the following items:

    - the number a
    set of ports conditions on the FE;
    - the sub-interfaces if any;
    - the static attributes component values of each port (e.g., port type, direction,
    link speed);
    - the configurable a packet's
    classification key (the header values, contents, and attributes of each port (e.g., IP address,
    administrative status);
    - the statistics collected
    relevant for classification)".

    Note that other FE LFBs MAY perform simple classification on each port (e.g., number of packets
    received);
    - the current status (up or down).

 5.1.4. Dropper Block

    A dropper block has one input, and no outputs.  It discards all
    packets that it receives without any modification
    packet or examination of
    those packets. metadata.  The purpose of a dropper block the FE Classifier LFB is to allow the description
    model an LFB that "digests" large amounts of input data (packet,
    metadata), to produce a "summary" of
    ˘sinks÷ within the model, where those sinks do not result classification results, in
    the
    packet being sent into any object external form of additional metadata. Other FE LFBs can then use this
    summary information to the model.

 5.1.5. MUX Block

    A mux block has N inputs, quickly and simply perform trivial
    "classifications".

    The requirement for a unique and separate FE Classifier LFB comes
    about because it would not make sense to model a classifier LFB
    inside each of every other LFB.  Such a model would be highly
    redundant.  We therefore specifically model a complex
    classification LFB, and one output.  It multiplexes packets
    from explicitly state that other blocks may make
    decisions based on the inputs onto its output.

 5.1.6. Redirector (de-MUX) Block

    A redirector block has one input, parameters S, t, and N outputs.  It is the inverse M, but not on P.

    Note that a MUX block.

    The redirector block takes an input packet P, and uses the metadata
    M to redirect classifier LFB may have multiple outputs.  In that packet
    case, it may redirect input packets to one or more (or more) of N the
    outputs, e.g. Most
    commonly unicast forwarding, multicast, or broadcast.

 5.1.7. Shaper Block

    A shaper block has one input, and one output.  It takes input
    packets and may not associate any metadata at some time t, with those output
    packets.

 7.9. Modifier LFB

    A modifier LFB modifies incoming packets and outputs sends them out.
    Usually the packet and
    (possibly updated) metadata at some other time, tĂ.  The packet is
    not examined or modified during this process.

    The meta-data is used to determine how to shape the outgoing
    traffic.  The packet and metadata are conceptually added to the
    internal state S of the block when modify the packet packet.

    This LFB is received, defined in a generic manner, and are
    removed from that internal state when the packet is output from the
    block.

 5.2. FE Processing Blocks

    An FE processing block may be characterized by four parameters:

         P ű the packet that it is processing
         t ű the time at which we expect that
    specific examples of packet is being processed
         M ű the and/or metadata that is associated with that packet
         S ű the internal state modification will be
    described as a subclass of the block
            (including any CE->FE configuration, modifier LFB.

    For example, we may have an explicit LFB for packet compression and any internal FE
             data)
    We do not model
    decompression, or describe for encryption and decryption, or for packet
    encapsulation.  The decision as to how any of best to model these parameters arrive at
    the block.  Instead, we characterize
    functions will be made based on further investigation of the blocks by how they process
    those parameters.

 5.2.1. Counter Block

    A counter block updates its internal state S, by counting packets,
    or metadata.  The packet is not modified, LFB
    model, and with practical experience using it.

 7.10. Packet Header Rewriter LFB
    This LFB is used to re-write fields on the metadata may, packet header, such as
    IPv4 TTL decrementing, checksum calculation, or TCP/IP NAT.

    We may not, be modified.

    A counter block is independent want to have multiple LFBs for different kinds of time ŠtĂ, header re-
    writing.

 8. Satisfying the Requirements on FE Model

     (Editor's Note: The text in that this section is very preliminary but
     we decide to leave it does not
    perform any time-dependent counting.  The time at which a count as is
    made may, however, because it is too early to understand
     how to model all the functions as dictated in [1] when Section 7
     is still very much work in progress. This section should be associated with that count.

 5.2.2. Meter Block
     revised once Section 7 is more settled.)

    A meter block minimum set of FE functions is a counter block defined in [1] that is time dependent.  That is,
    it meters must be
    supported by any proposed FE model.  In this section, we
    demonstrate how the rate over time at which packets or metadata flow
    through three components in FE model as described in
    Section 4, 5, 6 along with the block.

 5.2.3. Filter Block

    According LFB class library defined in Section
    7 can be used to [DiffServ], "a filter consists of a set of conditions
    on express all the component values of a packet's classification key (the
    header values, contents, and attributes relevant for
    classification)÷.

    That is, logical functions required in [1].

 8.1. Port Functions

    Every FE contains a filter block examines certain number of interfaces (ports), including
    both the packet without modifying it, inter-NE interfaces and uses its internal state S to make decisions about the packet. intra-NE interfaces.  The result of that examination is that inter-NE
    interfaces are the filter block creates new
    metadata ˘match÷, or ˘no match÷ external interfaces for the NE to associate with that packet,
    depending on whether
    receive/forward packets from/to the packet matched, external world.  The intra-NE
    interfaces are used for FE-FE or did not match, the
    conditions of the filter.

    A filter block may be viewed as a special case of a classifier
    block.  Alternately, a classifier block may FE-CE communications.  Same model
    should be viewed as consisting
    of multiple filter blocks.

 5.2.4. Classifier Block

    A classifier block uses its internal state S to classify used for both the packet
    into one of N different logical classes.  That is, it takes an
    input packet and meta-data, inter-FE and produces the same packet with new
    or more meta-data.  A classifier is parameterized by filters.
    Classification intra-FE interfaces, but
    it is done by matching necessary to make the contents of distinction between the incoming
    packets according two known to
    the filters, and CE so that the result of classification CE can do different configuration.

    The port LFB class is produced in designed to model the form of metadata.  Note that this classifier is
    modeled solely based on its internal processing, and not on its
    inputs and outputs.  It is a single-exit classifier that does NOT
    physically redirect specific physical ports
    while the packet.  In contrast, a DiffServ-like
    classifier is a 1:N (fan-out) device: It takes a single traffic
    stream as input and generate N logically separate traffic streams
    as output.  That kind of multi-exit classifier source/sink LFB can be used to model the logical
    interface.

    The intra-NE interfaces that are used for FE-FE communications
    should be modeled by
    combining this classifier with a redirector (see Section 5.1.5).

    Note that other FE Blocks MAY perform simple classification on just like the
    packet or metadata. inter-NE interfaces. The purpose ForCES
    base protocol will include FE topology query so that the CE can
    learn of how the multiple FEs are interconnected via such
    interfaces.  But the intra-NE interfaces that are used for FE-CE
    communications are part of the ForCES protocol entity on the FE Classifier Block and
    so it is not necessary to model a block them explicitly.  It is assumed
    that ˘digests÷ large amounts of input data (packet,
    metadata), every FE will have at least one internal interface to
    communicate to produce a ˘summary÷ of the classification results, CE and such interface do not have to be visible
    in the form of additional metadata. Other FE Blocks can then use this
    summary information to quickly and simply perform trivial
    ˘classifications÷.

    The requirement model.

 8.2. Forwarding Functions

    Support for a unique IPv4 and separate FE Classifier Block comes
    about because it would not make sense IPv6 unicast and multicast forwarding
    functions must be provided by the model.

    Typically, the control plane maintains the Routing Information Base
    (RIB), which contains all the routes discovered by all the routing
    protocols with all kinds of attributes relevant to model the routes. The
    forwarding plane uses a classifier block
    inside each different database, the Forwarding
    Information Base (FIB), which contains only the active subset of every other block.  Such a model would be highly
    redundant.  We therefore specifically model a complex
    classification block, and explicitly state that other blocks may
    make decisions based on
    those routes (only the best routes chosen for forwarding) with
    attributes that are only relevant for forwarding. A component in
    the parameters S, t, and M, but not on P.

 5.2.5. Redirecting Classifier Block

    This block control plane, termed Route Table Manager (RTM), is logically a combination of responsible
    to manage the FE Classifier Block RIB in
    Section 5.2.4, the CE and maintain the FE Redirector Block FIB used by the FEs.
    Therefore, the most important aspect in Section 5.1.6.  It
    uses its internal classification rules to redirect modeling the input packet
    P to one or more outputs.

    Its purpose forwarding
    functions is to allow the ˘atomic÷ modeling of classification
    with redirection.  If this block was described as two blocks, then data model for the FIB. The model would be required also needs to describe
    support the format and
    interpretation possibility of multiple paths.

    At the metadata.  As there is not yet consensus on very minimum, each route in the format and interpretation of metadata, it is preferable to
    define an additional block which allows us FIB needs to avoid most of that
    contention.

    It is expected that once there is experience with using contain the FE
    model and blocks defined here, that we may reach consensus on
    following layer-3 information:
       . the
    format and interpretation prefix of the metadata.  At that time, we may
    revisit destination IP address;
       . the definition of this block, and may choose to remove it
    due to redundancy with previously defined blocks.

 5.2.6. Modifier Block
    A modifier block modifies incoming packets and sends them out. This
    is a generic ˘catch-all÷ block for packet processing which is not
    modeled in one length of the other blocks.  Usually the meta-data is used
    to determine how to modify the packet.

    This block is defined in a generic manner, and we expect that
    specific examples of packet and/or metadata modification will be
    described as below, with named sub-classes prefix;
       . the number of equal-cost multi-path;
       . the modifier block.

 5.2.7. Packet Header Rewriter Block

    This block is a sub-class next hop IP address and the egress interface for each
         path.

    Another aspect of the Modifier Block.  It forwarding functions is used to re-
    write fields on the packet header, such as Ipv4 TTL decrementing,
    checksum calculation, or TCP/IP NAT.

 5.2.8. Packet Compression/Decompression Block

    This block is method to resolve
    a sub-class of next hop destination IP address into the Modifier Block.  It is used associated media
    address. There are many ways to
    compress or decompress packet data, such as with Ipv4 Van Jacobson
    header compression.

    It may be useful resolve Layer 3 to split this block into separate compression and
    decompression blocks.  This decision should be made after we have
    more experience with Layer 2 address
    mapping depending upon link layer. For example, in case of Ethernet
    links, the model.

 5.2.9. Packet Encryption/Decryption Block

    This block Address Resolution Protocol (ARP, defined in RFC 826) is
    used for IPv4 address resolution.

    Assuming a sub-class of separate table is maintained in the Modifier Block.  It FEs for address
    resolution, the following information is used to
    encrypt or decrypt packet data, such as with TLS.

    It necessary for each address
    resolution entry:
       . the next hop IP address;
       . the media address.

    Different implementation may be useful have different ways to split this block into separate encryption maintain the
    FIB and
    decryption blocks.  This decision should be made after we have more
    experience with the model.

 5.2.10. Packet Encapsulation/Decapsulation Block

    This block is resolution table. For example, a sub-class FIB may consist of the Modifier Block.  It is used two
    separate tables, one to
    encapsulate or decapsulate packet data, such as with IP in IP.

    It may be useful match the prefix to split this block into separate encapsulation
    and decapsulation blocks.  This decision should be made after we
    have more experience with the model.

 6.     Minimal Set of Logical Functions Required for FE Model

    A minimum set next hop and the
    other to match the next hop to the egress interface. Another
    implementation may use one table instead.  Our approach of FE functions is defined in [FORCES-REQ] that must
    be supported by any proposed FE model.  In this section, we
    demonstrate how using
    the small fine-grained FE block library defined in Section 5 can
    be used blocks to model all the logical forwarding functions required in [FORCES-
    REQ].

 6.1. allow
    such flexibility.

    For example, a combination of a classifier, followed by a modifier
    and a redirector can model the forwarding function.

 8.3. QoS Functions

    The IETF community has already done some lots work in modeling the QoS
    functions in the datapath. The IETF DiffServ working group has
    defined an informal data model [RFC3290] for [3]for QoS-related functions like
    classification, metering, marking, actions of marking, dropping,
    counting and multiplexing, queueing, etc. The latest work on
    DiffServ PIB (Policy Information Base) [RFC3317] [4] defines a set of
    provisioning classes to provide policy control of resources
    implementing the Diferentiated Services Architecture. DiffServ PIB
    also has an element of capability flavor in to it. The IETF Policy
    Framework working group is also defining an informational model
    [QDDIM] [6]
    to describe the QoS mechanisms inherent in different network
    devices, including hosts.  This model is intended to be used with
    the QoS Policy Information Model [QPIM] [7] to model how policies can be
    defined to manage and configure the QoS mechanisms present in the
    datapath of devices.

    Here is a list of QoS functional blocks functions that should be supported
    directly in the library or indirectly via combination of by the FE
    blocks in the library:
    model:
       . Classifier
       . Meter
       . Marker
       . Dropper
       . Counter
       . Queue and Scheduler
       . Shaper

 6.1.1. Classifier

    There are two ways to define a classifier block: single-exit
    classifier or multi-exit classifier.

    LFB class library as described in Section 7 already supports most
    of these functions directly.

    Note that A single-exit classifier follows the QDDIM model. It takes an input
    packet and meta-data, and produces the same packet, with new/more
    meta-data.  Such a single-exit classifier does not physically
    redirect the packets.  It only decides which meta-data to associate
    with the packet and such meta-data can shaper should be used by later blocks to
    physically redirect the packets.

    A multi-exit classifier, on the other hand, follows the DiffServ
    model.  It is equivalent of modeled as a single-exit classifier followed by queue feeding a
    redirector.  Such scheduler
    input that is serviced using a classifier directs packets non-work-conserving policy.  The
    queue LFB would include multiple FIFO queue resources (selected by
    META_QUEUE_ID) and AQManagers assigned to different output
    paths.

 6.1.2.  Meter

    Meter is directly defined in the FE Block library.

 6.1.3. Marker

    Marker can queues.  The scheduler
    LFB would include multiple input resources with associated service
    policies.  Queue outputs would be modeled as a special kind bound to scheduler inputs via
    passing META_SCHED_ID with the packet at the output of FE Modifier Block.

 6.1.4. Dropper

    Dropper is directly defined in the FE Block library.

 6.1.5. Counter

    Counter queue.
    The metadata is directly defined only there to allow correlation in configuration
    parameters between the FE Block library.

 6.1.6. Queue queueing LFB and Scheduler (?)

 6.1.7. Shaper

    Shaper is directly defined in the FE Block library.

 6.2. scheduler LFB (assign
    queue X to scheduler input Y by configuring queue X to emit
    META_SCHED_ID Y).

 8.4. Generic Filtering Functions
    A combination of classifier, redirector, modifier etc. can model
    complex set of filtering functions. For example, Figure 9 8
    represents a filtering function that classifies packets into one of
    two logical classes: forward, and drop.  These logical classes are
    represented as meta data M1, and M2.  The re-director uses this
    meta data
    meta data to re-direct the packet to one of two outputs.  The first
    sinks the packet back into the network.  The second silently drops
    the packets.

                 classifier -> redirector  ---M1---  sink
                                           \
                                            \-M2---  dropper

                  Figure 8. A filtering function example.

 8.5. Vendor Specific Functions

    New LFB class can always be defined according to the LFB model as
    described in Section 7 to support vendor specific functions.  New
    LFB class can also be derived from an existing LFB class by
    inheritance.

 8.6.High-Touch Functions

    High-touch functions are those that take action on the contents or
    headers of a packet based on content other than what is found in
    the IP header.  Examples of such functions include NAT, ALG,
    firewall, tunneling and L7 content recognition.

    The ForCES working group first needs to agree upon a small set of
    common high-touch functions with well-defined behavior to be
    included in the LFB class library. Here is a list of candidate
    blocks:
       . NAT
       . Firewall
       . Encapsulator
       . Decapsulator

 8.7. Security Functions

    The FE model must be able to describe the types of encryption
    and/or decryption functions that an FE supports and the associated
    attributes for such functions.

    The IP Security Policy (IPSP) Working Group in the IETF has started
    work in defining the IPSec Policy Information Base [8]. Further
    study on this is needed to determine whether it can be reused here
    and any other additional work is needed.

 8.8. Off-loaded Functions

    In addition to re-direct the packet processing functions that are typical to one of two outputs.  The first
    sinks
    find on the FEs, some logical functions may also be executed
    asynchronously by some FEs, according to a certain finite-state
    machine, triggered not only by packet back into events, but by timer events
    as well. Examples of such functions include finite-state machine
    execution required by TCP termination or OSPF Hello processing off-
    loaded from the network. CE. The second silently drops
    the packets.

                 classifier -> redirector  ---M1---  sink
                                           \
                                            \-M2---  dropper

                  Figure 9. A filtering function example.

 6.3. Vendor Specific Functions

    New and currently unknown FE functionality can model must be derived (i.e.,
    extended) based capable of expressing
    these asynchronous functions, so that the CE may take advantage of
    such off-loaded functions on the generic FE Block. FEs.

    The name space used ForCES working group first needs to
    identify the FE block type must be extensible agree upon a small set of
    such that new logical off-loaded functions with well-understood behavior and
    interactions with the control plane.

 8.9. IPFLOW/PSAMP Functions

    [9] defines architecture for IP traffic flow monitoring, measuring
    and exporting. The LFB model supports statistics collection on the
    LFB by including statistical attributes (Section 4.4.4) for all the
    LFB class definitions, and meter LFB (Section 7.2.2) and counter
    LFB (Section 7.2.1) can also be defined and added later used to accommodate future
    innovation support accounting
    functions in forwarding plane, as long as the new FE.

    [10] describes a framework to define a standard set of capabilities
    for network elements to sample subsets of packets by statistical
    and other methods.  Time event generation, filter LFB, and
    counter/meter LFB are the elements needed to support packet
    filtering and sampling functions -- these elements are
    modeled as an all included
    in the FE block.

 6.4. Port Functions

    Every model.

 9. Using the FE contains a certain number model in the ForCES Protocol

     The actual model of interfaces (ports), including
    both the inter-NE interfaces forwarding plane in a given NE is
     something the CE must learn and intra-NE interfaces. control via communicating with the
     FEs (or by other means). Most of this communication will happen in
     the post-association phase using the ForCES protocol. The inter-NE
    interfaces
     following types of information must be exchanged between CEs and
     FEs via the ForCES protocol:
        1)  FE topology query;
        2)  FE capability declaration;
        3)  LFB topology (per FE) and configuration capabilities query;
        4)  LFB capability declaration;
        5)  State query of LFB attributes;
        6)  Manipulation of LFB attributes;
        7)  LFB topology reconfiguration.

     Items 1) through 5) are query exchanges, the external interfaces for main flow of
     information being from the NE FEs to
    receive/forward packets from/to the external world.  The intra-NE
    interfaces CEs. Items 1) through 4) are used for FE-FE or FE-CE communications.  Same model
    should
     typically queried by the CE(s) in the beginning of the post-
     association (PA) phase, though they may be used for both repeatedly queried at
     any time in the inter-FE and intra-FE interfaces, but
    it is necessary to make PA phase. Item 5) (state query) will be used at
     the distinction between beginning of the two known to PA phase, and often frequently during the CE so that PA
     phase (especially for the CE can do different configuration.

    Certain types query of physical ports have sub-interfaces (frame relay
    DLCIs, ATM VCs, Ethernet VLans, etc.) as virtual or logical
    interfaces. Some implementations treat tunnels (e.g., GRE, L2TP,
    IPSec, MPLS, etc.) as interfaces, while others do not. [FORCES-REQ]
    treats tunneling as high-touch functions statistical counters).

     Items 6) and so FE model does not
    model tunneling as part 7) are "command" type of exchanges, the main flow of
     information being from the CEs to the FEs. Messages in Item 6)
     (the LFB re-configuration commands) are expected to be used
     frequently.  Item 7) (LFB topology re-configuration) is needed
     only if dynamic LFB topologies are supported by the port functions. Instead, tunneling
    is covered in Section 6.6.

 6.5. Forwarding Functions

    Support for IPv4 and IPv6 unicast FEs and multicast forwarding
    functions must it is
     expected to be provided by used infrequently.

     Among the model.

    Typically, seven types of payload information the control plane maintains ForCES protocol
     carries between CEs and FEs, the Routing Information Base
    (RIB), which contains FE model covers all of them
     except item 1), which concerns the routes discovered by inter-FE topology.  The FE
     model focuses on the LFB and LFB topology within a single FE.
     Since the information of item 1) requires global knowledge about
     all the routing
    protocols FEs and their inter-connection with all kinds each other, this
     exchange is made part of attributes relevant to the routes. The
    forwarding plane uses a different database, ForCES base protocol instead of the Forwarding
    Information Base (FIB), which contains only
     FE model.

     The relationship between the active subset of
    those routes (only FE model and the best routes chosen for forwarding) with
    attributes that seven post-
     association messages are only relevant for forwarding. A component visualized in Figure 9:

                                                      +--------+
                                         ..........-->|   CE   |
                    /----\               .            +--------+
                    \____/ FE Model      .              ^    |
                    |    |................        (1),2 |    | 6, 7
                    |    |  (off-line)   .      3, 4, 5 |    |
                    \____/               .              |    v
                                         .            +--------+
                  e.g. RFCs              ..........-->|   FE   |
                                                      +--------+

      Figure 9. Relationship between FE model and the control plane, termed Route Table Manager (RTM), ForCES protocol
      messages, where (1) is responsible
    to manage the RIB in part of the CE ForCES base protocol, and maintain the FIB used
                     rest are defined by the FEs.
    Therefore, FE model.

     The actual encoding of these messages is defined by the most important aspect in modeling ForCES
     protocol and beyond the forwarding
    functions scope of the FE model. Their discussion is
     nevertheless important here for the following reasons:
       . These PA model components have considerable impact on the FE
          model. For example, some of the above information can be
          represented as attributes of the data model for LFBs, in which case such
          attributes must be defined in the FIB. LFB classes.
       . The model also needs to
    support the possibility understanding of multiple paths.

    At the very minimum, each route in type of information that must be
          exchanged between the FIB needs FEs and CEs can help to contain the
    following layer-3 information:
    - select the prefix of
          appropriate protocol format and the destination IP address;
    - actual encoding method
          (such as XML, TLVs).
       . Understanding the length frequency of these types of messages should
          influence the prefix;
    - the number selection of equal-cost multi-path;
    - the next hop IP protocol format (efficiency
          considerations).

     The remaining sub-sections of this section address and the egress interface for each path.

    Another aspect of the forwarding functions
     seven message types.

 9.1. FE Topology Query

    (Editor's Note: It is still an open issue where the method to resolve
    a next hop destination IP address into FE topology
    information query belongs -- it can be either supported as part of
    FE attributes in the associated media
    address. There are many ways FE model, or it can be supported by the ForCES
    protocol explicitly.  Hence the text here is tentative and subject
    to resolve Layer 3 change per WG discussion.)

    An FE may contain zero, one or more external ingress ports.
    Similarly, an FE may contain zero, one or more external egress
    ports.  In another word, not every FE has to Layer 2 address
    mapping depending upon link layer. contain any external
    ingress or egress interfaces.  For example, in case of Ethernet
    links, Figure 10 shows two
    cascading FEs.  FE #1 contains one external ingress interface but
    no external egress interface, while FE #2 contains one external
    egress interface but no ingress interfce.  It is possible to
    connect these two FEs together via their internal interfaces to
    achieve the complete ingress-to-egress packet processing function.
    This provides the Address Resolution Protocol (ARP, defined in RFC 826) is
    used for IPv4 address resolution.

    Assuming a separate table is maintained in flexibility to spread the functions across
    multiple FEs and interconnect them together later for address
    resolution, certain
    applications.

    While the following information inter-FE communication protocol is necessary out of scope for each address
    resolution entry:
    - the next hop IP address;
    - the media address.

    Different implementation may have different ways
    ForCES, it is up to maintain the
    FIB CE to query and the resolution table. For example, understand how multiple FEs
    are inter-connected to perform a FIB complete ingress-egress packet
    processing function, like that described in Figure 10.  The inter-
    FE topology information may consist be provided by FEs, may be hard-coded
    into CE, or may be provided by some other entity (e.g., a bus
    manager) independent of two
    separate tables, one to match the prefix to the next hop and FEs.  So while the
    other to match ForCES protocol
    supports FE topology query from FEs, it is optional for the next hop CE to the egress interface. Another
    implementation may
    use one table instead.  Our approach of using it, assuming the fine-grained FE blocks CE has other means to model the forwarding functions allow gather such flexibility.

    For example, a combination topology
    information.

       +-----------------------------------------------------+
       |  +---------+   +------------+   +---------+         |
     input|         |   |            |   |         | output  |
    ---+->| Ingress |-->|Header      |-->|IPv4     |---------+--->+
       |  | port    |   |Decompressor|   |Forwarder| FE      |    |
       |  +---------+   +------------+   +---------+ #1      |    |
       +-----------------------------------------------------+    V
                                                                  |
            +-----------------------<-----------------------------+
            |
            |    +----------------------------------------+
            V    |  +------------+   +----------+         |
            | input |            |   |          |  output |
            +->--+->|Header      |-->| Egress   |---------+-->
                 |  |Compressor  |   | port     | FE      |
                 |  +------------+   +----------+ #2      |
                 +----------------------------------------+

            Figure 10. An example of a classifier, followed two FEs connected together.

    Once the inter-FE topology is discovered by a modifier
    and a redirector can model the forwarding function.

 6.6. High-Touch Functions

    High-touch functions are those CE after this
    query, it is assumed that take action on the contents or
    headers of a packet based on content other than what inter-FE topology remains static.
    However, it is found in
    the IP header.  Examples of such functions include NAT, ALG,
    firewall, tunneling and L7 content recognition.

    The ForCES working group first needs to agree upon a small set of
    common high-touch functions with well-defined behavior to be
    included in the initial possible that an FE block library. Here is a list of
    candidate blocks:
       . NAT
       . Firewall
       . Encapsulator
       . Decapsulator

    NAT, Encapsulator, Decapsulator are all different examples of may go down during the
    modifier FE block; while firewall can NE
    operation, or a board may be modeled as inserted and a filtering
    function (Section 6.2).

 6.7. Security Functions

    The new FE model must activated, so
    the inter-FE topology will be able affected.  It is up to describe the types of encryption
    and/or decryption functions that an FE supports and the associated
    attributes ForCES
    protocol to provide mechanism for the CE to detect such functions. In general, encyption events and decryption
    can be modeled by modifier.

    IP Security Policy (IPSP) Working Group in
    deal with the IETF has started
    work change in defining the IPSec Policy Information Base [IPSEC-PIB].
    Further study on this is needed to determine whether it can be
    reused here and any other additional work FE topology.  FE topology is needed.

 6.8. Off-loaded Functions

    In addition to outside the packet processing functions that are typical to
    find on
    scope of the FE model.

 9.2. FE Capability Declarations

    FEs will have many types of limitations. Some of the FEs, some logical functions may also limitations
    must be executed
    asynchronously by some FEs, according expressed to a certain finite-state
    machine, triggered not only by packet events, but by timer events the CEs as well. Examples part of such functions include finite-state machine
    execution required by TCP termination or OSPF Hello processing off-
    loaded from the CE. capability model. The FE model
    CEs must be capable able to query these capabilities on a per-FE basis.
    Examples:
       . Metadata passing capabilities of expressing the FE. Understanding these asynchronous functions, so that
         capabilities will help the CE may take advantage to evaluate the feasibility of
    such off-loaded functions on
         LFB topologies, and hence to determine the FEs. availability of
         certain services.
       . Global resource query limitations (applicable to all LFBs of
         the FE).
       . LFB supported by the FE.
       . LFB class instantiation limit.

       . LFB topological limitations (linkage constraint, ordering
         etc.)

 9.3. LFB Topology and Topology Configurability Query

    The ForCES working group first needs protocol must provide the means for the CEs to agree upon a small discover
    the current set of
    such off-loaded functions with well-understood behavior and
    interactions with the control plane.

 7.     Cascading Multiple FEs

    An FE may contain zero, one or more external ingress ports.
    Similarly, LFB instances in an FE may contain zero, one or more external egress
    ports. and the interconnections
    between the LFBs within the FE.  In another word, not every FE has to contain any external
    ingress or egress interfaces.  For example, Figure 10 shows two
    cascading FEs.  FE #1 contains one external ingress interface but
    no external egress interface, while FE #2 contains one external
    egress interface but no ingress interfce.  It is possible to
    connect these two FEs together via their internal interfaces addition, there should be
    sufficient information provided on whether the FE supports any CE-
    initiated (dynamic) changes to
    achieve the complete ingress-to-egress packet processing function.

    This provides LFB topology, and if so, what
    are the allowed topologies. Topology configurability can also be
    considered as part of the FE capability query as described in
    Section 9.3.

 9.4. LFB Capability Declarations

    LFB class specifications will define a generic set of capabilities.
    When an LFB instance is implemented (instantiated) on a vendor's
    FE, some additional limitations may be introduced. Note that we
    discuss here only limitations that are within the flexibility to spread of
    the functions across
    multiple FEs and interconnect them together later for LFB class specification, that is, the LFB instance will remain
    compliant with the LFB class specification despite these
    limitations.  For example, certain
    applications.

       +-----------------------------------------------------+
       |  +---------+   +------------+   +---------+         |
     input|         |   |            |   |         | output  |
    ---+->| Ingress |-->|Header      |-->|IPv4     |---------+--->+
       |  | port    |   |Decompressor|   |Forwarder| FE      |    |
       |  +---------+   +------------+   +---------+ #1      |    |
       +-----------------------------------------------------+    V
                                                                  |
            +-----------------------<-----------------------------+
            |
            |    +----------------------------------------+
            V    |  +------------+   +----------+         |
            | input |            |   |          |  output |
            +->--+->|Header      |-->| Egress   |---------+-->
                 |  |Compressor  |   | port     | FE      |
                 |  +------------+   +----------+ #2      |
                 +----------------------------------------+

    Figure 10. An example features of two different FEs connected together.

    While inter-FE communication protocol an LFB class may be
    optional, in which case it must be possible for the CE to determine
    if an optional feature is out supported by a given LFB instance or not.
    Also, the LFB class definitions will probably contain very few
    quantitative limits (e.g., size of tables), since these limits are
    typically imposed by the implementation. Therefore, quantitative
    limitations should always be expressed by capability arguments.

    LFB instances in the model of a particular FE implementation will
    possess limitations on the capabilities defined in the
    corresponding LFB class.  The LFB class specifications must define
    a set of scope for ForCES,
    it is up to capability arguments, and the CE must be able to query and understand the FE function and
    inter-FE topology for multiple FEs and cascade them together
    actual capabilities of the LFB instance via querying the value of
    such arguments.  The capability query will typically happen when
    necessary to perform
    the LFB is first detected by the CE. Capabilities need not be re-
    queried in case of static limitations. In some cases, however, some
    capabilities may change in time (e.g., as a complete ingress-egress packet processing
    function, like described result of
    adding/removing other LFBs, or configuring certain attributes of
    some other LFB when the LFBs share physical resources), in Figure 10.

 8.     Data Modeling and Representation

    A formal data modeling language is needed which
    case additional mechanisms must be implemented to represent inform the
    conceptual CE
    about the changes.

    The following two broad types of limitations will exist:
       . Qualitative restrictions.  For example, a standardized multi-
         field classifier LFB class may define a large number of
         classification fields, but a given FE model described may support only a
         subset of those fields.
       . Quantitative restrictions, such as the maximum size of tables,
         etc.

    The capability parameters that can be queried on a given LFB class
    will be part of the LFB class specification.  The capability
    parameters should be regarded as special attributes of the LFB. The
    actual values of these arguments may be, therefore, obtained using
    the same attribute query mechanisms as used for other LFB
    attributes.

    Capability attributes will typically be read-only arguments, but in this document
    certain cases they may be configurable. For example, the size of a
    lookup table may be limited by the hardware (read-only), in other
    cases it may be configurable (read-write, within some hard limits).

    Assuming that capabilities will not change frequently, the
    efficiency of the protocol/schema/encoding is of secondary concern.

 9.5. State Query of LFB Attributes

    This feature must be provided by all FEs.  The ForCES protocol and a full
    specification will be written using such a
    the data modeling language.
    It is also necessary schema/encoding conveyed by the protocol must together
    satisfy the following requirements to identify a data representation method for
    over-the-wire transport facilitate state query of the
    LFB attributes:
       . Must permit FE model data.

    The following selection. This is primarily to refer to a list of some potential candidates for
    consideration. For the moment, we intend
         single FE, but referring to leave this as an open
    issue and much debate is needed in the ForCES WG before a decision
    can group of (or all) FEs may
         optional be made. Therefore, we only provide the candidate list and some
    initial discussion here without drawing supported.
       . Must permit LFB instance selection. This is primarily to refer
         to a conclusion yet.

    - XML (Extensible Markup Language) Schema
    - ASN.1 (Abstract Syntax Notation One)
    - SMI (Structure single LFB instance of Management Information) [RFC1155]
    - SPPI (Structure an FE, but optionally addressing
         of Policy Provisioning Information) [RFC3159]
    - UML (Universal Modeling Language)

    Most a group of the candidates here, with the notable exception LFBs (or all) may be supported.
       . Must support addressing of UML, are
    capable individual attribute of an LFB.
       . Must provide efficient encoding and decoding of representing the model in the document addressing
         info and over-the-
    wire. Of course, it is also possible to choose one the configured data.
       . Must provide efficient data model
    language for specification in transmission of the document and later allow several
    over-the-wire representations to map attribute
         state over the model into different
    implementations.

    XML has wire (to minimize communication load on the advantage of being human and machine readable with
    widely available tools support. However, it CE-
         FE link).

 9.6. LFB Attribute Manipulation

    This is very verbose and
    hence less efficient a place-holder for over-the-wire transport. It also requires
    XML parsing functions in both all operations that the CE will use to
    populate, manipulate, and FE and hence may impose
    large footprint esp. for delete attributes of the LFB instances on
    the FEs. Currently XML  This is not yet widely
    deployed and used how the CE configures an individual LFB instance.

    The same set of requirements as described in network elements. XML Section 9.5 for network
    attribute query applies here for attribute manipulation as well.

    Support for various levels of feedback from the FE to the CE (e.g.,
    request received, configuration completed), as well as multi-
    attribute configuration transactions with atomic commit and
    rollback, may be necessary in general some circumstances.

    (Editor's note: It remains an open area that still requires
    substantial investigation and experiment issue as to whether or not other
    methods are needed in IETF.

    ASN.1 format is human readable addition to "get attribute" and widely used in network
    protocols. SMI "set
    attribute" (such as multi-attribute transactions).  If the answer
    to that question is based yes, it is not clear whether such methods
    should be supported by the FE model itself or the ForCES protocol.)

 9.7. LFB Topology Re-configuration

    Operations that will be needed to reconfigure LFB topology:
       . Create a new instance of a given LFB class on a subset given FE.
       . Connect a given output of ASN.1 and used LFB x to define
    Management Information Base (MIB) for SNMP. SPPI is the adapted
    subset given input of SMI used to define Policy Information Base (PIB) for
    COPS. Substantial investment has been made in SMI/MIBs/SNMP by IETF
    and the Internet community collectively has had many years LFB y.
       . Disconnect: remove a link between a given output of
    design an LFB and operation experience with SMI/MIBs/SNMP. However, it is
         a given input of another LFB.
       . Delete a given LFB (automatically removing all interconnects
         to/from the LFB).

 10. Acknowledgments

    The authors would also well recognized that SMI/MIBs/SNMP is not well suited for
    configuration and so SPPI/PIBs/COPS-PR attempts like to optimize for
    network provisioning and configuration.

    UML is the software industryĂs standard language for specifying,
    visualizing, constructing and documenting thank the artifacts of software
    systems. It is a powerful tool for data modeling. However, it does
    not provide a data representation format following individuals for over-the-wire
    transport.

 9.
    their invaluable technical input: David Putzolu, Hormuzd Khosravi,
    Eric Johnson, David Durham, Andrzej Matejko, T. Sridhar, Jamal Hadi
    Salim, Alex Audu, Gamil Cain.

 11. Security Considerations

    The FE model just describes the representation and organization of
    data sets and attributes representation and organization of data
    sets and attributes in the FEs.  ForCES framework document [2]
    provides a comprehensive security analysis for the overall ForCES
    architecture.  For example, the ForCES protocol entities must be
    authenticated per the ForCES requirements before they can access
    the information elements described in this document via ForCES.
    The access to the information contained in the forwarding plane. The associated
    communication protocol (i.e., FE model is
    accomplished via the ForCES protocol) protocol which will be defined in
    separate documents and so the security issues will be addressed
    there.

 10.      Intellectual Property Right
    The authors are not aware of any intellectual property right issues
    pertaining to this document.

 11.      IANA consideration

    A namespace is needed to uniquely identify the FE block type for
    each FE logical function.

 12. Normative References

    [RFC1812]  F. Baker, ˘Requirements for IP Version 4 Routers", June
                1995.

    [RFC1155] M. Rose, et. al., ˘Structure and Identification of
                Management Informationfor TCP/IP-based Internets", May
                1990.

    [RFC3084] K. Chan, et. al., ˘COPS Usage for Policy Provisioning,÷
                March 2001.

    [RFC3159] K. McCloghrie, et. al., ˘Structure of Policy Provisioning
                Information (SPPI)", August 2001.

    [RFC3290] Y. Bernet, et. al., ˘An Informal Management Model for
                Diffserv Routers÷, May 2002.

 [FORCES-REQ] H.

    [1] Khosravi, et. H. et al., ˘Requirements "Requirements for Separation of IP Control
    and Forwarding", work in progress, May July 2003, <draft-ietf-
 forces-requirements-09.txt>. <draft-ietf-forces-
    requirements-10.txt>.

 13. Informative References

    [RFC3317] K.

    [2] Yang, L. et al., "Forwarding and Control Element Separation
    (ForCES) Framework", work in progress, July 2003, <draft-ietf-
    forces-framework-07.txt>.

    [3] Bernet, Y. et al., "An Informal Management Model for Diffserv
    Routers", May 2002.

    [4] Chan, et. K. et al., ˘Differentiated "Differentiated Services Quality of Service
    Policy Information Base÷, Base", March 2003.

    [RFC3318] R.Sahita, et.

    [5] Sahita, R. et al., ˘Framework "Framework Policy Information Base÷, Base", RFC
    3318, March 2003.

    [QDDIM] B.

    [6] Moore, et. B. et al., ˘Information "Information Model for Describing Network
    Device QoS Datapath Mechanisms÷, Mechanisms", work in progress, May 2002, <draft-ietf-policy-qos-device-info-
                model-08.txt>.

    [QPIM] Y.
    <draft-ietf-policy-qos-device-info-model-08.txt>.

    [7] Snir, et. Y. et al., ˘Policy "Policy Framework QoS Information Model÷, Model", work
    in progress, Nov 2001, <draft-ietf-policy-qos-
                info-model-04.txt÷.

    [IPSEC-PIB] Man. <draft-ietf-policy-qos-info-model-04.txt".

    [8] Li, et. M. et al., ÷IPsec "IPsec Policy Information Base÷, Base", work in
    progress, January 2003, <draft-ietf-ipsp-ipsecpib-
                07.txt>

    [IPSEC-MIB] C. Madson, et. al., ˘IPsec <draft-ietf-ipsp-ipsecpib-07.txt>.

    [9] Quittek, J. et Al., "Requirements for IP Flow Monitoring MIB÷, Information
    Export", work in progress, March June 2003, <draft-ietf-ipsec-flow-
                monitoring-mib-02.txt>

 14.      Acknowledgments

    The authors would also like to thank the following individuals <draft-ietf-ipfix-reqs-
    10.txt>.

    [10] Duffield, N., "A Framework for
    their invaluable technical input: David Putzolu, Hormuzd Khosravi,
    Eric Johnson, David Durham, Andrzej Matejko, T. Sridhar, Jamal
    Hadi, Alex Audu.

 15. Passive Packet Measurement ",
    work in progress, June 2003, <draft-ietf-psamp-framework-03.txt>.

    [11] Pras, A. and Schoenwaelder, J., FRC 3444 "On the Difference
    between Information Models and Data Models", January 2003.

 14. Authors' Addresses

    Lily

    L. Lily Yang
    Intel Labs
    2111 NE 25th Avenue
    Hillsboro, OR 97124, USA
    Phone: +1 503 264 8813
    Email: lily.l.yang@intel.com
    Joel M. Halpern
    Megisto Systems, Inc.
    20251 Century Blvd.
    Germantown, MD 20874-1162, USA
    Phone: +1 301 444-1783
    Email: jhalpern@megisto.com

    Ram Gopal
    Nokia Research Center
    5, Wayside Road,
    Burlington, MA 01803, USA
    Phone: +1 781 993 3685
    Email: ram.gopal@nokia.com

    Alan DeKok
    IDT Inc.
    1575 Carling Ave.
    Ottawa, ON K1G 0T3, Canada
    Phone: +1 613 724 6004 ext. 231
    Email: alan.dekok@idt.com

    Zsolt Haraszti
    Ericsson
    920 Main Campus Dr, St. 500
    Raleigh, NC  27606, USA
    Phone: +1 919 472 9949
    Email: zsolt.haraszti@ericsson.com

    Steven Blake
    Ericsson
    920 Main Campus Dr, St. 500
    Raleigh, NC  27606, USA
    Phone: +1 919 472 9913
    Email: steven.blake@ericsson.com

 15. Intellectual Property Right

    The authors are not aware of any intellectual property right issues
    pertaining to this document.

 16. IANA consideration

    A namespace is needed to uniquely identify the LFB type in the LFB
    class library.

    Frame type supported on input and output of LFB must also be
    uniquely identified.

    A set of metadata supported by the LFB model must also be uniquely
    identified with names.