Internet Draft                                 L. Yang
    Expiration: April July 2004                              Intel Labs Corp.
    File: draft-ietf-forces-model-01.txt draft-ietf-forces-model-02.txt           J. Halpern
    Working Group: ForCES                               Megisto Systems
                                                   R. Gopal
                                                        Nokia
                                                   A. DeKok
                                                        IDT Inc.
                                                   Z. Haraszti
                                                   S. Blake
                                                        Ericsson
                                                   October 2003
                                                   E. Deleganes
                                                        Intel Corp.
                                                   February 2004

                      ForCES Forwarding Element Model

                       draft-ietf-forces-model-01.txt

                       draft-ietf-forces-model-02.txt

    Status of this Memo

    This document is an Internet-Draft and is in full conformance with
    all provisions of Section 10 of RFC2026.  Internet-Drafts are
    working documents of the Internet Engineering Task Force (IETF),
    its areas, and its working groups.  Note that other groups may also
    distribute working documents as Internet-Drafts.

    Internet-Drafts are draft documents valid for a maximum of six
    months and may be updated, replaced, or obsoleted by other
    documents at any time.  It is inappropriate to use Internet-Drafts
    as reference material or to cite them other than as ``work in
    progress.''

    The list of current Internet-Drafts can be accessed at
    http://www.ietf.org/ietf/1id-abstracts.txt.

    The list of Internet-Draft Shadow Directories can be accessed at
    http://www.ietf.org/shadow.html.

 Abstract

    This document defines the forwarding element (FE) model used in the
    Forwarding and Control Plane Separation (ForCES) protocol.  The
    model represents the capabilities, state and configuration of
    forwarding elements within the context of the ForCES protocol, so
    that control elements (CEs) can control the FEs accordingly.  More
    specifically, the model describes the logical functions that are
    present in an FE, what capabilities these functions support, and
    how these functions are or can be interconnected. This FE model is
    intended to satisfy the model requirements specified in the ForCES
    requirements draft [1].  A list of the basic logical functional
    blocks (LFBs) is also defined in the LFB class library to aid the
    effort in defining individual LFBs.

 Table of Contents

    Abstract.........................................................1
    1. Definitions...................................................3 Definitions...................................................4
    2. Introduction..................................................5 Introduction..................................................6
       2.1. Requirements on the FE model.............................6
       2.2. The FE Model in Relation to FE Implementations...........6
       2.3. The FE Model in Relation to the ForCES Protocol..........6 Protocol..........7
       2.4. Modeling Language for FE Model...........................7 Model...........................8
       2.5. Document Structure.......................................8
    3. FE Model Concepts.............................................8
       3.1. State Model and Capability Model.........................8 Model.........................9
       3.2. LFB Modeling............................................11 (Logical Functional Block) Modeling.................11
          3.2.1. LFB Input and Input Group..........................13 Group..........................14
          3.2.2. LFB Output and Output Group........................15
          3.2.3. Packet Type........................................16
          3.2.4. Metadata...........................................16
          3.2.5. LFB Versioning.....................................18 Versioning.....................................22
          3.2.6. LFB Inheritance....................................18 Inheritance....................................23
       3.3. FE Datapath Modeling....................................19 Modeling....................................24
          3.3.1. Alternative Approaches for Modeling FE Datapaths...19 Datapaths...24
          3.3.2. Configuring the LFB Topology.......................23 Topology.......................29
    4. LFB Model -- LFB and Associated Data Definitions.............27 Schema for LFB Classes.............................33
       4.1. General Data Type Definitions...........................28
          4.1.1. Arrays.............................................29
          4.1.2. Structures.........................................29
          4.1.3. Augmentations......................................30 Namespace...............................................33
       4.2. Metadata Definitions....................................30 <LFBLibrary> Element....................................33
       4.3. Frame Format Definitions................................30 <load> Element..........................................35
       4.4. <frameDefs> Element for Frame Type Declarations.........35
       4.5. <dataTypeDefs> Element for Data Type Definitions........36
          4.5.1. <typeRef> Element for Aliasing Existing Data Types.38
          4.5.2. <atomic> Element for Deriving New Atomic Types.....39
          4.5.3. <array> Element to Define Arrays...................39
          4.5.4. <struct> Element to Define Structures..............41
          4.5.5. <union> Element to Define Union Types..............42
          4.5.6. Augmentations......................................42
       4.6. <metadataDefs> Element for Metadata Definitions.........43
       4.7. <LFBClassDefs> Element for LFB Class Definitions...................................31
          4.4.1. Definitions........44
          4.7.1. <derivedFrom> Element to Express LFB Inheritance...45
          4.7.2. <inputPorts> Element to Define LFB Inheritance....................................31
          4.4.2. Inputs..........46
          4.7.3. <outputPorts> Element to Define LFB Inputs.........................................31
          4.4.3. Outputs........48
          4.7.4. <attributes> Element to Define LFB Outputs........................................32
          4.4.4. Operational
          Attributes................................................50
          4.7.5. <capabilities> Element to Define LFB Attributes.....................................33
          4.4.5. Capability
          Attributes................................................53
          4.7.6. <description> Element for LFB Operational Specification......................34
    5.
          Specification.............................................54
       4.8. XML Schema for LFB Topology Model (To be written)...........................34
    6. Class Library Documents..............54
    5. FE Level Attributes (To be written)..........................35
    7. and Capabilities...............................63
       5.1. XML Schema for FE Attribute Documents...................64
       5.2. FEDocument..............................................68
          5.2.1. FECapabilities.....................................68
          5.2.2. FEAttributes.......................................71
       5.3. Sample FE Attribute Document............................73
    6. LFB Class Library............................................35
       7.1. Library............................................76
       6.1. Port LFB................................................35
       7.2. Dropper LFB.............................................36
       7.3. LFB................................................76
       6.2. L2 Interface LFB........................................77
       6.3. IP interface LFB........................................79
       6.4. Classifier LFB..........................................80
       6.5. Next Hop LFB............................................81
       6.6. Rate Meter LFB..........................................83
       6.7. Redirector (de-MUX) LFB.................................36
       7.4. Scheduler LFB...........................................36
       7.5. Queue LFB...............................................36
       7.6. Counter LFB.............................................37
       7.7. Meter LFB and Policer LFB...............................37
       7.8. Classifier LFB..........................................37
       7.9. Modifier LFB............................................38
       7.10. LFB.................................84
       6.8. Packet Header Rewriter LFB.............................38
    8. LFB..............................84
       6.9. Counter LFB.............................................85
       6.10. Dropper LFB............................................85
       6.11. IPv4 Fragmenter LFB....................................86
       6.12. L2 Address Resolution LFB..............................86
       6.13. Queue LFB..............................................86
       6.14. Scheduler LFB..........................................87
       6.15. MPLS ILM/Decapsulation LFB.............................88
       6.16. MPLS Encapsulation LFB.................................88
       6.17. Tunnel Encapsulation/Decapsulation LFB.................88
       6.18. Replicator LFB.........................................89
    7. Satisfying the Requirements on FE Model......................39
       8.1. Model......................89
       7.1. Port Functions..........................................39
       8.2. Functions..........................................90
       7.2. Forwarding Functions....................................40
       8.3. Functions....................................90
       7.3. QoS Functions...........................................41
       8.4. Functions...........................................91
       7.4. Generic Filtering Functions.............................41
       8.5. Functions.............................91
       7.5. Vendor Specific Functions...............................42
       8.6. Functions...............................91
       7.6. High-Touch Functions....................................42
       8.7. Functions....................................91
       7.7. Security Functions......................................42
       8.8. Functions......................................91
       7.8. Off-loaded Functions....................................43
       8.9. Functions....................................92
       7.9. IPFLOW/PSAMP Functions..................................43
    9. Functions..................................92
    8. Using the FE model in the ForCES Protocol....................43
       9.1. Protocol....................92
       8.1. FE Topology Query.......................................45
       9.2. Query.......................................94
       8.2. FE Capability Declarations..............................46
       9.3. Declarations..............................96
       8.3. LFB Topology and Topology Configurability Query.........47
       9.4. Query.........96
       8.4. LFB Capability Declarations.............................47
       9.5. Declarations.............................96
       8.5. State Query of LFB Attributes...........................48
       9.6. Attributes...........................97
       8.6. LFB Attribute Manipulation..............................48
       9.7. Manipulation..............................98
       8.7. LFB Topology Re-configuration...........................49 Re-configuration...........................98
    9. Acknowledgments..............................................98
    10. Acknowledgments.............................................49
    11. Security Considerations.....................................49
    12. Considerations.....................................99
    11. Normative References........................................49
    13. References........................................99
    12. Informative References......................................50
    14. References......................................99
    13. Authors' Addresses..........................................50
    15. Addresses.........................................100
    14. Intellectual Property Right.................................51
    16. Right................................101
    15. IANA consideration..........................................51 consideration.........................................101

 Conventions used in this document

    The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
    "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in
    this document are to be interpreted as described in [RFC-2119].

 1. Definitions

    A set of terminology associated with the ForCES requirements is
    defined in [1] and is not copied here.  The following list of
    terminology is relevant to the FE model defined in this document.

    FE Model -- The FE model is designed to model the logical
    processing functions of an FE.  The FE model proposed in this
    document includes three components: the modeling of individual
    logical functional blocks (LFB model), the logical interconnection
    between LFBs (LFB topology) and the FE level attributes attributes, including
    FE capabilities.  The FE model provides the basis to define the
    information elements exchanged between the CE and the FE in the
    ForCES protocol.

    Datapath -- A conceptual path taken by packets within the
    forwarding plane, plane inside an FE. There might exist  Note that more than one datapath
    can exist within an FE.

    LFB (Logical Function Block) class (or type) -- A template
    representing a fine-grained, logically separable and well-defined
    packet processing operation in the datapath.  LFB classes are the
    basic building blocks of the FE model.

    LFB (Logical Function Block) Instance -- As a packet flows through
    an FE along a datapath, it flows through one or multiple LFB
    instances, with each implementing an instance of a certain LFB
    class.  There may be multiple instances of the same LFB in an FE's
    datapath.  Note that we often refer to LFBs without distinguishing
    between LFB class and LFB instance when we believe the implied
    reference is obvious for the given context.

    LFB Model -- The LFB model describes the content and structures in
    LFB and
    an LFB, plus the associated data definition.  There are four types
    of information defined in the LFB model.  The core part of the LFB
    model is the LFB class definitions while definitions; the other three are to types define
    the associated data including common data types, supported frame
    formats and metadata.

    LFB Metadata -- Metadata is used to communicate per-packet state
    from one LFB to another, but is not sent across the network.  The
    FE model defines how such metadata is identified, produced and
    consumed by the LFBs, but not how metadata is encoded within an
    implementation.

    LFB Attribute -- Operational parameters of the LFBs that must be
    visible to the CEs are conceptualized in the FE model as the LFB
    attributes.  The LFB attributes include, for example, flags, single
    parameter arguments, complex arguments, and tables that the CE can
    read or/and write via the ForCES protocol.

    LFB Topology -- Representation of how the LFB instances are
    logically interconnected and placed along the datapath within one
    FE.  Sometimes it is also called intra-FE topology, to be
    distinguished from inter-FE topology.  LFB topology is outside of
    the LFB model, but is part of the FE model.

    FE Topology -- Representation A representation of how the multiple FEs in within a
    single NE are interconnected.  Sometimes it this is called inter-FE
    topology, to be distinguished from intra-FE topology (i.e., LFB
    topology).
    Individual  An individual FE may might not have the global knowledge of
    the full FE topology, but the local view of its connectivity with
    other FEs are is considered to be part of the FE model.  The FE
    topology is discovered by the ForCES base protocol or some other
    means.

    Inter-FE Topology -- See FE Topology.

    Intra-FE Topology -- See LFB Topology.

    LFB class library -- A set of LFB classes that are is identified as the
    most common functions found in most FEs and hence should be defined
    first by the ForCES Working Group.

 2. Introduction

    [2] specifies a framework by which control elements (CEs) can
    configure and manage one or more separate forwarding elements (FEs)
    within a networking element (NE) using the ForCES protocol.  The
    ForCES architecture allows Forwarding Elements of varying
    functionality to participate in a ForCES network element.  The
    implication of this varying functionality is that CEs can make only
    minimal assumptions about the functionality provided by FEs in a an
    NE.  Before CEs can configure and control the forwarding behavior
    of FEs, CEs need to query and discover the capabilities and states
    of their FEs.  [1] mandates that the capabilities, states and
    configuration information be expressed in the form of an FE model.

    RFC 3444 [11] made the observation that information models (IMs)
    and data models (DMs) are different because they serve different
    purposes.  "The main purpose of an IM is to model managed objects
    at a conceptual level, independent of any specific implementations
    or protocols used".  "DMs, conversely, are defined at a lower level
    of abstraction and include many details.  They are intended for
    implementors and include protocol-specific constructs."  Sometimes
    it is difficult to draw a clear line between the two.  The FE model
    described in this document is first and foremost an information
    model, but it also has a flavor includes some aspects of a data model model, such as it contains
    explicit definition definitions of the LFB class schema and other data
    structures. FE schema.  It is
    expected that this FE model will be used as the basis to define the
    payload for information exchange between the CE and FE in the
    ForCES protocol.

 2.1. Requirements on the FE model

    [1] defines requirements requirements, which must be satisfied by a ForCES FE
    model.  To summarize, an FE model must define:
       . Logically separable and distinct packet forwarding operations
         in an FE datapath (logical functional blocks or LFBs);
       . The possible topological relationships (and hence the sequence
         of packet forwarding operations) between the various LFBs;
       . The possible operational capabilities (e.g., capacity limits,
         constraints, optional features, granularity of configuration)
         of each type of LFB;
       . The possible configurable parameters (i.e., attributes) of
         each type of LFB;
       . Metadata that may be exchanged between LFBs.

 2.2. The FE Model in Relation to FE Implementations

    The FE model proposed here is based on an abstraction of distinct
    logical functional blocks (LFBs), which are interconnected in a
    directed graph, and receiving, processing, modifying, receive, process, modify, and transmitting transmit packets
    along with metadata.  Note that a real forwarding datapath
    implementation should not be constrained by the model.  On the
    contrary, the FE model should be designed such that different
    implementations of the forwarding datapath can all be logically
    mapped onto the model with the functionality and sequence of
    operations correctly captured.  However, the model itself does not
    directly address the issue of how a particular implementation maps
    to an LFB topology.  This  It is left to the forwarding plane vendors
    as to
    define how the FE functionality is represented using the FE model.
    Nevertheless, we do strive to design the FE model such that it is
    flexible enough to accommodate most common implementations.

    The LFB topology model for a particular datapath implementation
    MUST correctly capture the sequence of operations on the packet.
    Metadata generation (by certain LFBs) must always precede any use
    of that metadata (by subsequent LFBs in the topology graph); this
    is required for logically consistent operation.  Further,
    modifications of packet fields that are subsequently used as inputs
    for further processing must occur in the order specified in the
    model for that particular implementation to ensure correctness.

 2.3. The FE Model in Relation to the ForCES Protocol

    The ForCES base protocol is used by the CEs and FEs to maintain the
    communication channel between the CEs and FEs.  The ForCES protocol
    may be used to query and discover the inter-FE topology.  The
    details of a particular datapath implementation inside an FE FE,
    including the LFB topology, along with the operational capabilities
    and attributes of each individual LFB, are conveyed to the CE
    within information elements in the ForCES protocol.  The model of
    an LFB class should define all of the information that would need
    to be exchanged between an FE and a CE for the proper configuration
    and management of that LFB.

    Definition of the various payloads of ForCES messages (irrespective
    of the transport protocol ultimately selected) cannot proceed in a
    systematic fashion until a formal definition of the objects being
    configured and managed (the FE and the LFBs within) is undertaken.
    The FE Model document defines a set of classes and attributes for
    describing and manipulating the state of the LFBs of an FE.  These
    class definitions themselves will generally not appear in the
    Forces
    ForCES protocol.  Rather, Forces ForCES protocol operations will
    references reference
    classes defined in this model, including relevant attributes (and
    operations if such are defined).

    Section 9 8 provides more detailed discussion on how the FE model
    should be used by the ForCES protocol.

 2.4. Modeling Language for FE Model

    Even though not absolutely required, it is beneficial to use a
    formal data modeling language to represent the conceptual FE model
    described in this document and a full specification will be written
    using such a data modeling language.  Using a formal language can
    help in enforcing to enforce consistency and logical compatibility among LFBs.
    In addition, the formal definition of the LFB classes has the
    potential to facilitate the eventual automation of some part of the
    code generation process and the functional validation of arbitrary
    LFB topologies.

    The modeling language is used for writing

    Human readability was the most important factor considered when
    selecting the specification but language.  Encoding, decoding and
    transmission performance was not
    necessarily a selection factor for the
    language because the encoding method for over the data over-the-wire between FEs and
    CEs. When selecting wire transport is
    an issue independent of the specification language, human readability language chosen.  It is very important, while there are no performance requirements on
    outside the language for encoding, decoding, scope of this document and transmission on up to the
    language. ForCES protocol to
    define.

    XML is used was chosen as the specification language in this document,
    because XML has the advantage of being both human and machine
    readable with widely available tools support.

    The encoding method for over the wire transport is an issue
    independent of the specification language chosen here.  It is
    outside the scope of this document and up to the ForCES protocol to
    define.

 2.5. Document Structure

    Section 3 provides a conceptual overview of the FE model, laying
    the foundation for the more detailed discussion and specifications
    in the sections that follow. Section 4, 5, 4 and 6 together 5 constitute the core of
    the FE model, detailing the three two major components in the FE model:
    LFB model, LFB topology, model and FE level attributes including capability. capability and LFB
    topology.  Section 7 6 presents a list of LFB classes in the LFB
    class library that will be further specified in separate documents
    according to the FE model presented in earlier Sections (4, 5 4 and 6). 5.  Section 8 7
    directly addresses the model requirements imposed by the ForCES
    requirement draft [1] while Section 9 8 explains how the FE model
    should be used in the ForCES protocol.

 3. FE Model Concepts

    Some of the most important concepts used throughout this document are
    introduced in this section.  Section 3.1 explains the difference
    between a state model and a capability model, and how the two can
    be combined in the FE model.  Section 3.2 introduces the concept of
    LFBs (Logical Functional Blocks) as the basic functional building
    blocks in the FE model.  Section 3.3 discusses the logical inter-connection inter-
    connection and ordering between LFB instances within an FE, that
    is, the LFB topology.

    The FE model proposed in this document is comprised of these three two major
    components: LFB model, LFB topology and FE level attributes including FE
    capabilities.
    capabilities and LFB topology.  The LFB model provides the content
    and data structures to define each individual LFB class; LFB topology
    provides a mean to express the logical inter-connection between the
    LFB instances along the datapath(s) within the FE; and class.  FE
    attributes provide information at the FE level and the capabilities
    about what the FE can or cannot do at a coarse level.   Details on
    each  Part of the three
    FE level information is the LFB topology which expresses the
    logical inter-connection between the LFB instances along the
    datapath(s) within the FE.  Details on these components are
    described in Section 4, 5 4 and 6,
    respectively. 5.  The intention of this section is to
    discuss these concepts at the high level and lay the foundation for
    the detailed description in the following sections.

 3.1. State Model and Capability Model

    The FE capability model describes the capabilities and capacities
    of an FE in terms of variations of functions supported or
    limitations contained.  Conceptually, the FE capability model
    presents the many possible states allowed on an FE with capacity
    information indicating certain quantitative limits or constraints.
    For example, an FE capability model may describe the FE at a coarse
    level such as:
       . this FE can handle IPv4 and IPv6 forwarding;
       . this FE can perform classification on the following fields:
         source IP address, destination IP address, source port number,
         destination port number, etc;
       . this FE can perform metering;
       . this FE can handle up to N queues (capacity);
       . this FE can add and remove encapsulating headers of types
         including IPSec, GRE, L2TP.

    On the other hand, an FE state model describes the current state of
    the FE, that is, the instantaneous values or operational behavior
    of the FE.  The FE state model presents the snapshot view of the FE
    to the CE.  For example, using an FE state model, an FE may be
    described to its CE as the following:
       . on a given port the packets are classified using a given
         classification filter;
       . the given classifier results in packets being metered in a
         certain way, and then marked in a certain way;
       . the packets coming from specific markers are delivered into a
         shared queue for handling, while other packets are delivered
         to a different queue;
       . a specific scheduler with specific behavior and parameters
         will service these collected queues.

    The information on the capabilities and capacities of the FE helps
    the CE understand the flexibility and limitations of the FE
    functions, so that the CE knows at a coarse level what which
    configurations are applicable to the FEs and what which ones are not.  Where
    it
    It gets more complicated is for the capability model to cope with the
    detailed limits, issues such as how many classifiers the FE can
    handle, how many maximum number of the following items:
    classifiers, queues, and how many buffer pools the FE can
    support, how many pools, and meters the FE can provide.

    While one could try to build an object model for representing
    capabilities in full, to fully represent the
    FE capabilities, other efforts have found this to be a significant
    undertaking.  A middle of the road approach is to define
    coarse-grained coarse-
    grained capabilities and simple capacity measures.  Then, if the CE
    attempts to instruct the FE to set up some specific behavior it is
    not capable of, the FE will return an error indicating the problem.
    Examples of such this approach include Framework Policy Information Base
    (PIB) [RFC3318) and Differentiated Services QoS Policy Information
    Base [4].  The capability reporting classes in the DiffServ and
    Framework PIBs are all meant to allow the device to indicate some
    general guidelines about what it can or cannot do, but do not
    necessarily allow it to indicate every possible configuration that
    it can or cannot support.  If a device receives a configuration
    that it cannot implement, it can reject such that configuration by replying
    responding with a failure report.

    Figure 1 shows the concepts of FE state, capabilities and
    configuration in the context of CE-FE communication via the ForCES
    protocol.

         +-------+                                          +-------+
         |       | FE capabilities: what it can/cannot do.  |       |
         |       |<-----------------------------------------|       |
         |       |                                          |       |
         |   CE  | FE state: what it is now.                |  FE   |
         |       |<-----------------------------------------|       |
         |       |                                          |       |
         |       | FE configuration: what it should be.     |       |
         |       |----------------------------------------->|       |
         +-------+                                          +-------+

     Figure 1. Illustration of FE state, capabilities and configuration
         exchange in the context of CE-FE communication via ForCES.

    The ForCES FE model must include both a state model and some flavor
    of a
    capability model.  We believe that a good balance between
    simplicity and flexibility can be achieved for the FE model by
    combining the coarse level capability reporting with the error
    reporting mechanism.  Examples of similar approach approaches include
    DiffServ PIB [4] and Framework PIB [5].

    The concepts of LFB and LFB topology will be discussed in the rest
    of this section.  It will become clear that some flavor of a capability model is
    needed at both the FE level and LFB level.

    Capability information at the LFB level is an integral part of the
    LFB model, and is modeled the same way as the other operational
    parameters inside an LFB.  For example, certain features of an LFB
    class may be optional, in which case it must be possible for the CE
    to determine if whether or not an optional feature is supported by a
    given LFB
    instance or not. instance.  Such capability information can be modeled as
    a read-only attribute in the LFB instance.  See instance, see Section 4.4.4 4.7.5 for
    more details on LFB attributes.
    details.

    Capability information at the FE level may describe what the LFB classes
    the FE can instantiate; how many the number of instances of each can be
    created; the topological (i.e., linkage) limitations between these
    LFB instances, etc.  Section 6 5 defines the FE level attributes
    including capability information.

    Once the FE capability is described to the CE, the FE state
    information can be represented by two levels.  The first level is
    the logically separable and distinctive packet processing
    functions, and we call these individual functions Logical
    Functional Blocks (LFBs).  The second level of information is about
    how these individual LFBs are ordered and placed along the datapath
    to deliver a complete forwarding plane service.  The
    interconnection and ordering of the LFBs is called LFB Topology.
    Section 3.2 discuss high level concepts around LFBs while Section
    3.3 discuss issues around LFB topology.

 3.2. LFB Modeling

    Each LFB (Logical Functional Block) Modeling

    Each LFB performs a well-defined action or computation on the
    packets passing through it.  Upon completion of such a function,
    either the packets are modified in certain ways
    (like (e.g.,
    decapsulator, marker), or some results are generated and stored,
    probably in the form of metadata (like a classifier). Each LFB
    typically does one thing and one thing only.  Classifiers, shapers,
    meters are all examples of LFB. LFBs.  Modeling LFB LFBs at such a fine
    granularity allows us to use a small number of LFBs to create the
    higher-order FE functions (like (such as an IPv4 forwarder) precisely,
    which in turn can describe more complex networking functions and
    vendor implementations of software and hardware.

    (Editor's note: We need to revisit the granularity issue around LFB
    later and provide Section 6 provides
    a practical design guideline as how to partition
    the FE functions into LFB classes.  We will gain more insight on
    the subject once we debate and settle on the LFB list in the LFB
    class library, described in Section 7.  So the text around
    granularity here might be revised to reflect the lessons we learn.) of useful LFBs with such granularity.

    An LFB has one or more inputs, each of which takes a packet P, and
    optionally metadata M; and produces one or more outputs, each of
    which carries a packet P', and optionally metadata M'.  Metadata is
    data associated with the packet in the network processing device
    (router, switch, etc.) and passed between from one LFB to the next, but not
    sent across the network.  It is most likely that there are multiple
    LFBs within one FE, as shown in Figure 2, and all the LFBs share
    the same ForCES protocol termination point that implements the
    ForCES protocol logic and maintains the communication channel to
    and from the CE.

                               +-----------+
                               |     CE    |
                               +-----------+
                                     ^
                            | Fp reference point
                                     |
      +--------------------------|-----------------------------------+
      | FE                       |                                   |
      |                          v                                   |
      | +----------------------------------------------------------+ |
      | |                ForCES protocol                           | |
      | |                   termination point                      | |
      | +----------------------------------------------------------+ |
      |           ^                           ^                      |
      |           :                           : Internal control     |
      |           :                           :                      |
      |       +---:----------+             +---:----------|          |
      |       |   :LFB1      |             |   :     LFB2 |          |
      | =====>|   v          |============>|   v          |======>...|
      | Inputs| +----------+ |Outputs      | +----------+ |          |
      | (P,M) | |Attributes| |(P',M')      | |Attributes| |(P",M")   |
      |       | +----------+ |             | +----------+ |          |
      |       +--------------+             +--------------+          |
      |                                                              |
      +--------------------------------------------------------------+

                       Figure 2. Generic LFB Diagram
    An LFB, as shown in Figure 2, has inputs, outputs and attributes
    that can be queried and manipulated by the CE indirectly via Fp
    reference point (defined in [2]) and the ForCES protocol
    termination point.  The horizontal axis is in the forwarding plane
    for connecting the inputs and outputs of LFBs within the same FE.
    The vertical axis between the CE and the FE denotes the Fp
    reference point where bidirectional communication between the CE
    and FE happens: the CE to FE communication is for configuration,
    control and packet injection while the FE to CE communication is used
    for packet re-
    direction re-direction to the control plane, monitoring and
    accounting information, errors, etc.  Note that the interaction
    between the CE and the LFB is only abstract and indirect.  The
    result of such interaction is for the CE to indirectly manipulate
    the attributes of the LFB instances.

                           +-----------+
                           |     CE    |
                           +-----------+
                                 ^
                                 | Fp reference point
                                 |
      +--------------------------|-----------------------------------+
      | FE                       |                                   |
      |                          v                                   |
      | +----------------------------------------------------------+ |
      | |                ForCES protocol                           | |
      | |                   termination point                      | |
      | +----------------------------------------------------------+ |
      |           ^                           ^                      |
      |           :                           : Internal control     |
      |           :                           :                      |
      |       +---:----------+             +---:----------+          |
      |       |   :LFB1      |             |   :     LFB2 |          |
      | =====>|   v          |============>|   v          |======>...|
      | Inputs| +----------+ |Outputs      | +----------+ |          |
      | (P,M) | |Attributes| |(P',M')      | |Attributes| |(P",M")   |
      |       | +----------+ |             | +----------+ |          |
      |       +--------------+             +--------------+          |
      |                                                              |
      +--------------------------------------------------------------+

                       Figure 2. Generic LFB Diagram

    A namespace is used to associate a unique name or ID with each LFB
    class. The namespace must be extensible so that new LFB class can
    also be added later to accommodate future innovation in the
    forwarding plane.

    LFB operation must be specified in the model to allow the

    A namespace is used to associate a unique name or ID with each LFB
    class. The namespace must be extensible so that new LFB class can
    also be added later to accommodate future innovation in the
    forwarding plane.

    LFB operation must be specified in the model to allow the CE to
    understand the behavior of the forwarding datapath.  For instance,
    the CE must understand at what point in the datapath the IPv4
    header TTL is decremented (i.e., it needs to know if a control
    packet could be delivered to the CE either before or after this
    point in the datapath).  In addition, the CE must understand where
    and what type of header modifications (e.g., tunnel header append
    or strip) are performed by the FEs.  Further, the CE must verify
    that various LFB LFBs along a datapath within an FE are compatible to
    link together.

    There is value to vendors if the operation of LFB classes can be
    expressed in sufficient detail so that physical devices
    implementing different LFB functions can be integrated easily into
    a
    an FE design.  Therefore, a semi-formal specification is needed;
    that is, a text description of the LFB operation (human readable),
    but sufficiently specific and unambiguous to allow conformance
    testing and efficient design (i.e., eliminate guess-work), so that
    interoperability between different CEs and FEs can be achieved.

    The LFB class model specifies information like:
       . number of inputs and outputs (and whether they are
         configurable)
       . metadata read/consumed from inputs;
       . metadata produced at the outputs;
       . packet type(s) accepted at the inputs and emitted at the
         outputs;
       . packet content modifications (including encapsulation or
         decapsulation);
       . packet routing criteria (when multiple outputs on an LFB are
         present);
       . packet timing modifications;
       . packet flow ordering modifications;
       . LFB capability information;
       . LFB operational attributes, etc.

    Section 5 4 of this document provides a detailed discussion on of the
    LFB model with a formal specification of LFB class schema.  The
    rest of Section 3.2 here only intends to provide a conceptual overview
    of some important issues in LFB modeling, without covering all the
    specific details.

 3.2.1. LFB Input and Input Group

    An LFB input is a conceptual port of the LFB where the LFB can
    receive information from other LFBs. The information is typically a
    packet (or frame in general) and associated metadata, although in
    some cases it might consist of only metadata, i.e., with a Null-
    packet.

    It is inevitable that there will be LFB instances that will receive
    packets from more than one other LFB instances (fan-in).  If these
    fan-in links all carry the same type of information (packet type
    and set of metadata) and require the same processing within the
    LFB, then one input should be sufficient.  If, however, the LFB
    class can receive two or more very different types of input, and
    the processing of these inputs are also very distinct, then that
    may justify the definition of multiple inputs.  But in these cases
    splitting the LFB class into two LFB classes should always be
    considered as an alternative.  In intermediate cases, e.g., where
    the inputs are somewhat different but they require very similar
    processing, the shared input solution should be preferred.  For
    example, if an Ethernet framer LFB is capable of receiving IPv4 and
    IPv6 packets, these can be served by the same LFB input.

    Note that we assume the model allows for connecting more than one
    LFB output to a single LFB input directly.  There is no restriction
    on the number of up-stream LFBs connecting their outputs to the
    same input of a single LFB instance.  Note that the behavior of the
    system when multiple packets arrive at such an input simultaneously
    is not defined by the model.  If such behavior needs to be
    described, it can be done either by separating the single input to
    become multiple inputs (one per output), or by inserting other
    appropriate LFBs (such as Queues and possibly Schedulers) between
    the multiple outputs and the single input.

    If there are multiple inputs with the same input type, we model
    them as an input group, that is, multiple instances of the same
    input type.  In general, an input group is useful to allow an LFB
    to differentiate packet treatment based on where the packet came
    from.

      +----+                                +----+
      |LFB1+---+                            |LFB1+---+
      +----+   |    +---------+             +----+   |    +-----------+
               +--->|in  LFB3 |            input   / +--->|in:1  LFB3 |
      +----+   |    +---------+            group   \ +--->|in:2       |
      |LFB2+---+                            +----+   |    +-----------+
      +----+                                |LFB2+---+
                                            +----+

         (a) without input group            (b) with input group

                   Figure 3. An example of using input group.

    Consider the following two cases in Figure 3(a) and (b).  In Figure
    3(a), the output from two LFBs are directly connected into one
    input of LFB3, assuming that it can be guaranteed that no two
    packets arrive at the same time instance.  If LFB3 must do
    something different based on the source of the packet (LFB1 or
    LFB2), the only way to model that is to make LFB1 and LFB2 to pass
    some metadata with different values so that LFB3 can make the
    differentiation based on the that metadata.  In Figure 3(b), that
    differentiation can be elegantly expressed within LFB3 using the
    input group concept where the instance id can server as the
    differentiating key.  For example, a scheduler LFB can potentially
    use an input group consisting of a variable number of inputs to
    differentiate the queues from which the packets are coming.

 3.2.2. LFB Output and Output Group

    An LFB output is a conceptual port of the LFB where it that can send
    information to some other LFBs.  The information is typically a
    packet (or frame in general) and associated metadata, although in
    some cases it might emit only metadata,, metadata, i.e., with a Null-packet.

    We assume that a single LFB output can be connected to only one LFB
    input (this is required to make the packet flow through the LFB
    topology unambiguous).  Therefore, to allow any non-trivial
    topology, multiple outputs must be allowed for an LFB class.  If
    there are multiple outputs with the same output type, we model them
    as output group, that is, multiple instances of the same output
    type.  For illustration of output group, consider the hypothetical
    LFB in Figure 4.  The LFB has two types of outputs, one of which
    can be instantiated to form an output group.

                             +------------------+
                             |           UNPROC +-->
                             |                  |
                             |         PKTOUT:1 +-->   \
                           --> PKTIN   PKTOUT:2 +-->   |
                             |            .     + .    | Output group
                             |            .     + .    |
                             |         PKTOUT:N +-->   /
                             +------------------+

                Figure 4. An example of an LFB with output group.

    Multiple outputs should mainly be used for functional separation
    where the outputs are connected to very different types of LFBs.
    For example, an IPv4 LPM (Longest-Prefix-Matching) LFB may have one
    default output to send those packets for which look-up was
    successful (passing a META_ROUTEID as metadata); and have another
    output for sending packets for which the look-up failed.  The
    former output may be connected to a route handler LFB, while the
    latter can be connected to an ICMP response generator LFB or to a
    packet handler LFB that passes the packet up to the CE.

 3.2.3. Packet Type

    When LFB classes are defined, the input and output packet formats
    (e.g., IPv4, IPv6, Ethernet, etc.) must be specified: these are the
    types of packets a given LFB input is capable of receiving and
    processing, or a given LFB output is capable of producing.  This
    requires that distinct frame types be uniquely labeled with a
    symbolic name and/or ID.

    Note that each LFB has a set of packet types that it operates on,
    but it does not care about whether the underlying implementation is
    passing a greater portion of the packets.  For example, an IPv4 LFB
    might only operate on IPv4 packets, but the underlying
    implementation may or may not be stripping the L2 header before
    handing it over -- whether that is happening or not is opaque to
    the CE.

 3.2.4. Metadata
    Metadata is used to communicate the per-packet state that is passed from one LFB to
    another.  To ensure inter-operability among LFBs, the LFB class
    specification must define what The metadata is passed with the LFB class "reads" or
    "consumes" on its input(s) and what metadata it "produces" on its
    output(s).  For packet to assist with
    further processing of that purpose, metadata types packet.  The ForCES model must be identified.
    For example, an META_IFID, passed capture
    how the per-packet state information is propagated from a port one LFB to an IPv4
    processing LFB (with the IP packet)
    other LFBs. Practically, such metadata propagation can be happen
    within one of FE, or cross the defined
    metadata types.

    Symbolic names FE boundary between two interconnected
    FEs. We believe that the same metadata model can be assigned used for common both
    situations, however, our focus here is for intra-FE metadata.

    Each metadata types.  In
    addition, additional can be conveniently modeled as a <label, value> pair,
    where the label identifies the type of information, (e.g.,
    "color"), and its value holds the actual information such (e.g., "red").
    The tag here is shown as a textual label, but it can be replaced or
    associated with a unique numeric data type, maximum value (identifier).
    The metadata life-cycle is defined in this model using three types
    of events: "write", "read" and minimum accepted values, "consume". The first "write"
    initializes the value of the metadata (implicitly creating and/or
    initializing the metadata), and special values should hence starts the life-cycle. The
    explicit "consume" event terminates the life-cycle. Within the
    life-cycle, that is, after a "write" event, but before the next
    "consume" event, there can be defined
    for each metadata value.  Some an arbitrary number of these constraints will "write" and
    "read" events. These "read" and "write" events can be defined mixed in an
    arbitrary order within the LFB class model, and some life-cycle. Outside of them may be specific
    capabilities the life-cycle of
    the metadata, that is, before the first "write" event, or between a particular
    "consume" event and the next "write" event, the metadata should be
    regarded non-existent or non-initialized. Thus, reading a metadata
    outside of its life-cycle is considered an error.

    To ensure inter-operability between LFBs, the LFB instance. class
    specification must define what metadata the LFB class "reads" or
    "consumes" on its input(s) and what metadata it "produces" on its
    output(s). For maximum extensibility, this definition should not
    specify which LFBs the metadata is expected to come from for a
    consumer LFB, or which LFBs are expected to consume metadata for a
    producer LFB.

    While it is important to define the metadata types passing between LFB in
    terms of its name, value and interpretation,
    LFBs, it is not necessary to define the exact encoding mechanism
    used by LFBs for that metadata. Different implementations are
    allowed to use different encoding mechanisms for metadata.  For
    example, one implementation may store metadata in registers or
    shared memory, while another implementation may encode metadata in-band in-
    band as a preamble in the packets.

    A given LFB may require a certain metadata at its inputs for its
    internal processing.  What should happen

    At any link between two LFBs, the packet is marked with a finite
    set of active metadata, where active means the metadata after it is read by within
    its life-cycle. (i.e., the LFB?  In particular, should metadata has been properly initialized
    and has not been consumed yet.) There are two corollaries of this
    model:

    1. No uninitialized metadata exists in the model.

    2. No more than one occurrence of each metadata tag can be
    propagated along
       associated with the a packet when at any given time.

 3.2.4.1. LFB Operations on Metadata

    When the packet is forwarded from
    the processed by an LFB to (i.e., between the next LFB, or should time it be removed (consumed)
    is received and forwarded by the
    LFB?

    In certain cases, passing LFB), the LFB may perform read,
    write and/or consume operations on any active metadata along associated
    with the packet. If the LFB is desirable.  For
    example, considered to be a META_CLASSID black box, one of
    the following operations is performed on each active metadata.

    - IGNORE:              ignores and forwards the metadata may denote
    - READ:                reads and forwards the result of a
    classification LFB metadata
    - READ/RE-WRITE:       reads, over-writes and forwards the metadata
    - WRITE:               writes and forwards the metadata
                           (can also be used in more than one downstream LFBs to
    trigger create new metadata)
    - READ-AND-CONSUME:    reads and consumes the proper operation on metadata
    - CONSUME              consumes metadata without reading

    The last two operations terminate the packet.  In this case life-cycle of the first
    LFB metadata,
    meaning that uses the META_CLASSID should also allow the META_CLASSID
    to be passed metadata is not forwarded with the packet to the next LFB, and so on.  On when the
    other hand, it
    packet is easy sent to see that if the next LFB.

    In our model, a new metadata is never consumed generated by
    LFBs, then as the packet trickles through an LFB when the datapath, LFB
    applies a WRITE operation into a large
    number of metadata will potentially type that was not present
    when the packet was received by the LFB. Such implicit creation may
    be accumulated unintentional by the packet.

    We believe LFB, that one way to accommodate both scenarios is to specify is, the propagation mode for each element of metadata utilized by an LFB class.  Metadata elements which are not propagated are
    specified with may apply the CONSUME mode, while elements which are
    propagated are specified with WRITE
    operation without knowing or caring if the PROPAGATE mode.

    However, whether a given metadata is useful beyond an LFB may depend on existed
    or not. If it existed, the actual LFB topology, i.e., what other LFBs are placed
    downstream.  So metadata gets over-written; if it did
    not exist, the propagation mode of metadata should be
    configurable.

    A packet may arrive to gets created.

    For source-type LFBs (i.e., an LFB with metadata that inserts packets into the
    model), WRITE is not the only meaningful
    to metadata operation.

    Sink-type LFBs (i.e., an LFB that LFB, but removes the packet from the
    model), may either READ-AND-CONSUME (read) or CONSUME (ignore) each
    active metadata associated with the packet.

 3.2.4.2. Metadata Production and Consumption
    For a given metadata on a given packet path, there must be important to some other downstream LFBs.
    To cater to such cases it at least
    one producer LFB that creates that metadata and should be the assumed (default) behavior
    of all at least
    one consumer LFB classes that they transparently propagate any needs the metadata. In this model, the
    producer and consumer LFBs of a metadata
    elements that they do are not utilize internally.

    Actual implementations of LFBs in hardware required to be
    adjacent. There may have limitations on
    how much be multiple consumers for the same metadata they can pass through.  The limitation and
    there may be
    expressed in terms of total framesize (packet + metadata), metadata
    total size, number multiple producers of metadata elements, or the same metadata. When a combination packet
    path involves multiple producers of these.
    The limitation may be on the FE level or may be specific to LFBs
    within an FE. same metadata, then the
    second, third, etc. producers overwrite that metadata value.

    The pass-through capabilities of metadata that is produced by an LFB instances and
    FEs can be queried as part of is specified by the capability discovery process.

    (Editor's note: The LFB
    class definition of on a per output port group basis. A producer may
    always generate the metadata here is on the port group, or may generate it
    only preliminary
    and under certain conditions. We call the authors intend to work on former an
    "unconditional" metadata, whereas the subject in more detail.
    Input is most welcome.)

 3.2.5. LFB Versioning

    LFB class versioning latter is a method to enable incremental evolution "conditional"
    metadata.  In the case of
    LFB classes.  Unlike inheritance (discussed next in Section 3.2.6),
    where conditional metadata, it assumed that an FE datapath model containing an LFB
    instance should be
    possible to determine from the definition of a particular class C could also simultaneously contain
    an the LFB instance of when a class C' inherited from class C; with
    versioning, an FE would not be allowed to contain
    "conditional" metadata is produced.

    The consumer behavior of an LFB, that is, the metadata that the LFB instance
    needs for more than one version of a particular class.

    LFB class versioning its operation, is supported by requiring a version string defined in the LFB class definition.  CEs definition on
    a per input port group basis. An input port group may support backwards compatibility
    between multiple versions of "require" a particular
    given metadata, or may treat it as "optional" information. In the
    latter case, the LFB class, but FEs are class definition must explicitly define what
    happens if an optional metadata is not allowed provided. One approach is to support more than one single version of
    specify a particular
    class.

 3.2.6. LFB Inheritance

    LFB class inheritance is supported in the FE model as a means of
    defining new LFB classes.  This also allows FE vendors to add
    vendor-specific extensions to standardized LFBs.  An LFB class
    specification MUST specify the base class (with version number) it
    inherits from (with default value for each optional metadata, and assume that
    the default being value is used if the base LFB class).
    Multiple-inheritance metadata is not allowed, though, to avoid provided with the
    unnecessary complexity.

    Inheritance should be used
    packet.

    When a consumer requires a given metadata, it has dependencies on
    its up-stream LFBs. That is, the consumer LFB can only when function if
    there is significant reuse at least one producer of
    the base LFB class definition.  A separate that metadata and no intermediate
    LFB class consumes the metadata.

    The model should expose this inter-dependency. Furthermore, it
    should be
    defined if there is not enough reuse between the derived possible to take this inter-dependency into consideration
    when constructing LFB topologies, and also that the dependency can
    be verified when validating topologies.

    For extensibility reasons, the
    base LFB class.

    An interesting issue related specification should define what
    metadata the LFB requires without specifying which LFB(s) it expect
    a certain metadata to class inheritance come from.  Similarly, LFBs should specify
    what metadata they produce without specifying which LFBs the
    metadata is backward
    compatibility (between a descendant and an ancestor class).
    Consider meant for.

    When specifying the following hypothetical scenario where there exists a
    standardized LFB class "L1".  Vendor A builds an FE metadata tags, some harmonization effort must
    be made so that implements the producer LFB "L1" and vendors B builds a CE that can recognize class uses the same tag as its
    intended consumer(s), or vice versa.

 3.2.4.3. Fixed, Variable and operate
    on LFB "L1".  Suppose that Configurable Tag

    When the produced metadata is defined for a new given LFB class, "L2", is defined based
    on the existing "L1" class (for most
    metadata will be specified with a fixed tag. For example, by extending its
    capabilities in some incremental way).  Lets first examine a Rate
    Meter LFB will always produce the FE
    backward compatibility issue by considering what would happen if
    vendor B upgrades its FE from "L1" "Color" metadata.

    A small subset of LFBs need to "L2" while vendor C's CE is
    not changed.  The old L1-based CE can interoperate with have the new L2-
    based FE if capability to produce one
    or more of their metadata with tags that are not fixed in the derived LFB
    class "L2" is indeed backward
    compatible with the base definition, but instead can be selected per LFB instance. An
    example of such an LFB class "L1".

    The reverse scenario is a much less problematic case, i.e., when CE
    vendor B upgrades to the new Generic Classifier LFB. We call
    this variable tag metadata production. If an LFB class "L2", but produces metadata
    with variable tag, a corresponding LFB attribute--called the FE is not
    upgraded.  Note that as long as tag
    selector--specifies the CE tag for each such metadata. This mechanism
    is capable to improve the versatility of working with
    older certain multi-purpose LFB classes, this problem does not affect
    since it allows the model; hence we
    will use same LFB class be used in different topologies,
    producing the term "backward compatibility" to refer right metadata tags according to the first
    scenario concerning FE backward compatibility.

    Inheritance can be designed into the model with backward
    compatibility support by constraining needs of the LFB inheritance such that
    topology.

    Depending on the derived class is always a functional superset capability of the base
    class, i.e., FE, the derived class tag selector can only grow on top of be a
    read-only or a read-write attribute. In the base
    class, but not shrink from it.   Additionally, former case, the following
    mechanisms are required tag
    cannot be modified by the CE. In the latter case the tag can be
    configured by the CE, hence we call this "configurable tag metadata
    production." (Note that in this definition configurable tag
    metadata production is a subset of variable tag metadata
    production.)

    Similar concepts can be introduced for the consumer LFBs to support FE backward compatibility:
       1)  When detecting an satisfy
    the different metadata needs. Most LFB classes will specify their
    metadata needs using fixed metadata tags. For example, a Next Hop
    LFB may always require a "NextHopId" metadata; but the Redirector
    LFB may need to use a "ClassID" metadata in one instance, and a
    "ProtocolType" metadata in another instance of as a basis for
    selecting the right output port. In this case, an LFB type that attribute is
           unknown
    used to provide the CE, the CE MUST required metadata tag at run-time.  This
    metadata tag selector attribute may be able to query read-only or read-write,
    depending on the base
           class capabilities of such an LFB from the FE.
       2)  The LFB instance and the FE.

 3.2.4.4. Metadata Usage Categories

    Depending on the FE SHOULD support role and usage of a backward
           compatibility mode (meaning metadata, various amount of
    encoding information must be provided when the metadata is defined,
    and some cases offer less flexibility in the value selection than
    others.

    As far as usage of a metadata is concerned, three types of metadata
    exist:
    - Relational (or binding) metadata
    - Enumerated metadata
    - Explicit/external value metadata

    The purpose of the relational metadata is to refer in one LFB
    instance reverts itself
           back (producer LFB) to a "thing" in another downstream LFB
    instance (consumer LFB), where the base class instance), and "thing" is typically an entry in
    a table attribute of the CE SHOULD be able
           to configure consumer LFB.

    For example, the Prefix Lookup LFB executes an LPM search using its
    prefix table and resolves to run in such mode.

 3.3. FE Datapath Modeling

    Packets coming into a next-hop reference. This reference
    needs to be passed as metadata by the FE from ingress ports generally flow
    through multiple LFBs before leaving out of Prefix Lookup LFB (producer)
    to the egress ports.  How
    an FE treats Next Hop LFB (consumer), and must refer to a packet depends on many factors, specific entry
    in the next-hop table within the consumer.

    Expressing and propagating such as type of binding relationship is probably
    the
    packet (e.g., IPv4, IPv6 or MPLS), actual header values, time of
    arrival, etc.  The result most common usage of metadata. One or more objects in the operation of an
    producer LFB may have an
    impact on how are related (bound) to a specific object in the packet
    consumer LFB. Such a relation is to established by the CE very
    explicitly, i.e., by properly configuring the attributes in both
    LFBs. Available methods include the following:

    The binding may be treated expressed by tagging the involved objects in further (downstream)
    both LFBs with the same unique (but otherwise arbitrary)
    identifier. The value of the tag is explicitly configured (written
    by the CE) into both LFBs, and this differentiation of packet treatment downstream can be
    conceptualized as having alternative datapaths in value is also the FE.  For
    example, value that
    the result metadata carries between the LFBs.

    Another way of a 6-tuple classification (performed by a
    classifier LFB) controls what rate meter setting up binding relations is applied to use a naturally
    occurring unique identifier of the packet
    (by consumer's object (for example,
    the array index of a rate meter LFB) in table entry) as a later stage in the datapath.

    LFB topology is reference (and as a directed graph representation value of
    the logical
    datapaths within an FE, with metadata. In this case, the nodes representing index is obtained (read) or
    inferred by the LFB
    instances and CE by communicating with the directed link consumer LFB. Once the packet flow direction from one
    LFB to
    CE obtains the next.  Section 3.3.1 discusses how index, it needs to plug (write) it into the FE datapaths can
    be modeled as LFB topology; while Section 3.3.2 focuses on issues
    around producer
    LFB topology reconfiguration.

 3.3.1. Alternative Approaches for Modeling FE Datapaths
    There are two basic ways to express establish the differentiation binding.

    Important characteristics of the binding usage of metadata are:

    - The value of the metadata shows up in packet
    treatment within an FE, one representing the datapath directly and
    graphically (topological approach) CE-FE communication for
    BOTH the consumer and the other utilizing producer. That is, the metadata
    (the encoded state approach).

       . Topological Approach value
    must be carried over the ForCES protocol. Using this approach, differential packet treatment the tagging
    technique, the value is expressed
       via actually splitting WRITTEN to both LFBs. Using the LFB topology into alternative paths.
       In other words, if
    technique, the result of an value is WRITTEN to only the producer LFB must control how and may be
    READ from the
       packet consumer LFB.

    - The actual value is further processed, then such an LFB will have separate
       output ports (one irrelevant for each alternative treatment) connected to
       separate sub-graphs (each expressing the respective treatment
       downstream).

       . Encoded State Approach

       An alternative way of expressing differential treatment CE, the binding is simply
    expressed by using
       metadata.  The result of the operation SAME value at the consumer and producer
    LFBs.

    - Hence the definition of an LFB can be encoded
       in a the metadata which does not have to include
    value assignments. The only exception is passed along with when some special value(s)
    of the packet metadata must be reserved to
       downstream LFBs.  A downstream LFB, in turn, can use convey special events. Even
    though these special cases must be defined with the metadata (and its value, e.g., as an index into some table) to
       decide how to treat the packet.

    Theoretically, the two approaches
    specification, their encoded values can substitute be selected arbitrarily.
    For example, for each other, so
    one may consider using purely one (or the other) approach to
    describe all datapaths in an FE.  However, neither model by itself
    is very useful for practically relevant cases.  For Prefix Lookup LFB example, a given FE with
    certain logical datapaths, applying special value may
    be reserved to signal the two different modeling
    approaches would result in very different looking LFB topology
    graphs.  A model using purely NO-MATCH case, and the topological approach value of zero may require
    be assigned for this purpose.

    The second class of metadata is the enumerated type. An example is
    the "Color" metadata that is produced by a very large graph with many links (i.e., paths) and nodes (i.e., Meter LFB instances) to express all alternative datapaths.  On the and consumed
    by some other
    hand, a model using purely LFBs. As the encoded state model would be
    restricted to name suggests, enumerated metadata has a string
    relatively small number of LFBs, which would make it very
    unintuitive to describe very different datapaths (such as MPLS and
    IPv4).  Therefore, possible values, each with a mix very
    specific meaning. All of these two approaches will likely be
    used for a practical model.  In fact, as we illustrate it below, the two approaches can possible cases must be mixed even within the same LFB.

    Using a simple example enumerated when
    defining this class of metadata. Although a classifier with N classification
    outputs followed by some other LFBs, Figure 5(a) shows what the LFB
    topology looks like by using value encoding must be
    included in the purely topological approach.  Each
    output from specification, the classifier goes to one of the N LFBs followed and
    no metadata actual values can be selected
    arbitrarily (e.g., <Red=0, Yellow=1, Green=2> and <Red=3, Yellow=2,
    Green 1> would be both valid encodings, what is needed here.  The topological approach important is simple,
    straightforward and graphically intuitive.  However, if N that
    an encoding is large
    and the N nodes followed specified).

    The value of the classifier (LFB#1, LFB#2, ..., LFB#N)
    all belong to enumerated metadata may or may not be conveyed via
    the same LFB type (for example, meter) but each with
    its own independent attributes, ForCES protocol between the encoded state approach gives a
    much simpler topology representation, as shown in Figure 5(b). CE and FE.

    The
    encoded state approach requires that a table of N rows third class of meter
    attributes metadata is provided in the Meter node itself, with each row
    representing explicit type. This refers to
    cases where the value of the attributes for one meter instance.  A metadata M is also needed explicitly used by the
    consumer LFB to pass along with change some packet header fields. In other words,
    its value has a direct and explicit impact on some field and will
    be visible externally when the packet P from leaves the classifier NE. Examples are:
    TTL increment given to the meter, so that the meter can use M as a look-up key (index)
    to find the corresponding row of Header Modifier LFB, and DSCP value for a
    Remarker LFB. For explicit metadata, the attributes that should value encoding must be used
    for any particular packet P.

    Now what if all
    explicitly provided in the N nodes (LFB#1, LFB#2, ..., LFB#N) are not of metadata definition, where the same type? values
    cannot be selected arbitrarily, but rather they should conform to
    what is commonly expected. For example, if LFB#1 is a queue while the rest are
    all meters, TTL increment metadata
    should encode with zero for the no increment case, by one for the
    single increment case, etc. A DSCP metadata should use 0 to encode
    DSCP=0, 1 to encode DSCP=1, etc.

 3.2.5. LFB Versioning
    LFB class versioning is a method to enable incremental evolution of
    LFB classes.  Unlike inheritance (discussed next in Section 3.2.6),
    where it assumed that an FE datapath model containing an LFB
    instance of a particular class C could also simultaneously contain
    an LFB instance of a class C' inherited from class C; with
    versioning, an FE would not be allowed to contain an LFB instance
    for more than one version of a particular class.

    LFB class versioning is supported by requiring a version string in
    the class definition.  CEs may support backwards compatibility
    between multiple versions of a particular LFB class, but FEs are
    not allowed to support more than one single version of a particular
    class.

 3.2.6. LFB Inheritance

    LFB class inheritance is supported in the FE model as a means of
    defining new LFB classes.  This also allows FE vendors to add
    vendor-specific extensions to standardized LFBs.  An LFB class
    specification MUST specify the base class (with version number) it
    inherits from (with the default being the base LFB class).
    Multiple-inheritance is not allowed, though, to avoid the
    unnecessary complexity.

    Inheritance should be used only when there is significant reuse of
    the base LFB class definition.  A separate LFB class should be
    defined if there is not enough reuse between the derived and the
    base LFB class.

    An interesting issue related to class inheritance is backward
    compatibility (between a descendant and an ancestor class).
    Consider the following hypothetical scenario where there exists a
    standardized LFB class "L1".  Vendor A builds an FE that implements
    LFB "L1" and vendors B builds a CE that can recognize and operate
    on LFB "L1".  Suppose that a new LFB class, "L2", is defined based
    on the existing "L1" class (for example, by extending its
    capabilities in some incremental way).  Lets first examine the FE
    backward compatibility issue by considering what would happen if
    vendor B upgrades its FE from "L1" to "L2" while vendor C's CE is
    not changed.  The old L1-based CE can interoperate with the new L2-
    based FE if the derived LFB class "L2" is indeed backward
    compatible with the base class "L1".

    The reverse scenario is a much less problematic case, i.e., when CE
    vendor B upgrades to the new LFB class "L2", but the FE is not
    upgraded.  Note that as long as the CE is capable of working with
    older LFB classes, this problem does not affect the model; hence we
    will use the term "backward compatibility" to refer to the first
    scenario concerning FE backward compatibility.

    Inheritance can be designed into the model with backward
    compatibility support by constraining the LFB inheritance such that
    the derived class is always a functional superset of the base
    class, i.e., the derived class can only grow on top of the base
    class, but not shrink from it.   Additionally, the following
    mechanisms are required to support FE backward compatibility:
       1)  When detecting an LFB instance of an LFB type that is
           unknown to the CE, the CE MUST be able to query the base
           class of such an LFB from the FE.
       2)  The LFB instance on the FE SHOULD support a backward
           compatibility mode (meaning the LFB instance reverts itself
           back to the base class instance), and the CE SHOULD be able
           to configure the LFB to run in such mode.

 3.3. FE Datapath Modeling

    Packets coming into the FE from ingress ports generally flow
    through multiple LFBs before leaving out of the egress ports.  How
    an FE treats a packet depends on many factors, such as type of the
    packet (e.g., IPv4, IPv6 or MPLS), actual header values, time of
    arrival, etc.  The result of the operation of an LFB may have an
    impact on how the packet is to be treated in further (downstream)
    LFBs and this differentiation of packet treatment downstream can be
    conceptualized as having alternative datapaths in the FE.  For
    example, the result of a 6-tuple classification (performed by a
    classifier LFB) controls what rate meter is applied to the packet
    (by a rate meter LFB) in a later stage in the datapath.

    LFB topology is a directed graph representation of the logical
    datapaths within an FE, with the nodes representing the LFB
    instances and the directed link the packet flow direction from one
    LFB to the next.  Section 3.3.1 discusses how the FE datapaths can
    be modeled as LFB topology; while Section 3.3.2 focuses on issues
    around LFB topology reconfiguration.

 3.3.1. Alternative Approaches for Modeling FE Datapaths

    There are two basic ways to express the differentiation in packet
    treatment within an FE, one representing the datapath directly and
    graphically (topological approach) and the other utilizing metadata
    (the encoded state approach).

       . Topological Approach
       Using this approach, differential packet treatment is expressed
       via actually splitting the LFB topology into alternative paths.
       In other words, if the result of an LFB must control how the
       packet is further processed, then such an LFB will have separate
       output ports (one for each alternative treatment) connected to
       separate sub-graphs (each expressing the respective treatment
       downstream).

       . Encoded State Approach

       An alternative way of expressing differential treatment is using
       metadata.  The result of the operation of an LFB can be encoded
       in a metadata which is passed along with the packet to
       downstream LFBs.  A downstream LFB, in turn, can use the
       metadata (and its value, e.g., as an index into some table) to
       decide how to treat the packet.

    Theoretically, the two approaches can substitute for each other, so
    one may consider using purely one (or the other) approach to
    describe all datapaths in an FE.  However, neither model by itself
    is very useful for practically relevant cases.  For a given FE with
    certain logical datapaths, applying the two different modeling
    approaches would result in very different looking LFB topology
    graphs.  A model using purely the topological approach may require
    a very large graph with many links (i.e., paths) and nodes (i.e.,
    LFB instances) to express all alternative datapaths.  On the other
    hand, a model using purely the encoded state model would be
    restricted to a string of LFBs, which would make it very
    unintuitive to describe very different datapaths (such as MPLS and
    IPv4).  Therefore, a mix of these two approaches will likely be
    used for a practical model.  In fact, as we illustrate it below,
    the two approaches can be mixed even within the same LFB.

    Using a simple example of a classifier with N classification
    outputs followed by some other LFBs, Figure 5(a) shows what the LFB
    topology looks like by using the purely topological approach.  Each
    output from the classifier goes to one of the N LFBs followed and
    no metadata is needed here.  The topological approach is simple,
    straightforward and graphically intuitive.  However, if N is large
    and the N nodes followed the classifier (LFB#1, LFB#2, ..., LFB#N)
    all belong to the same LFB type (for example, meter) but each with
    its own independent attributes, the encoded state approach gives a
    much simpler topology representation, as shown in Figure 5(b).  The
    encoded state approach requires that a table of N rows of meter
    attributes is provided in the Meter node itself, with each row
    representing the attributes for one meter instance.  A metadata M
    is also needed to pass along with the packet P from the classifier
    to the meter, so that the meter can use M as a look-up key (index)
    to find the corresponding row of the attributes that should be used
    for any particular packet P.

    Now what if all the N nodes (LFB#1, LFB#2, ..., LFB#N) are not of
    the same type? For example, if LFB#1 is a queue while the rest are
    all meters, what is the best way to represent such datapaths?
    While it is still possible to use either the pure topological
    approach or the pure encoded state approach, the natural
    combination of the two seems the best by representing the two
    different functional datapaths using topological approach while
    leaving the N-1 meter instances distinguished by metadata only, as
    shown in Figure 5(c).
                                         +----------+
                                  P      |   LFB#1  |
                              +--------->|(Attrib-1)|
         +-------------+      |          +----------+
         |            1|------+   P      +----------+
         |            2|---------------->|   LFB#2  |
         | classifier 3|                 |(Attrib-2)|
         |          ...|...              +----------+
         |            N|------+          ...
         +-------------+      |   P      +----------+
                              +--------->|   LFB#N  |
                                         |(Attrib-N)|
                                         +----------+

                 5(a) Using pure topological approach

         +-------------+                 +-------------+
         |            1|                 |   Meter     |
         |            2|   (P, M)        | (Attrib-1)  |
         |            3|---------------->| (Attrib-2)  |
         |          ...|                 |   ...       |
         |            N|                 | (Attrib-N)  |
         +-------------+                 +-------------+

           5(b) Using pure encoded state approach to represent the LFB
          topology in 5(a), if LFB#1, LFB#2, ..., and LFB#N are of the
                        same type (e.g., meter).

                                      +-------------+
         +-------------+ (P, M)       | queue       |
         |            1|------------->| (Attrib-1)  |
         |            2|              +-------------+
         |            3| (P, M)       +-------------+
         |          ...|------------->|   Meter     |
         |            N|              | (Attrib-2)  |
         +-------------+              |   ...       |
                                      | (Attrib-N)  |
                                      +-------------+

         5(c) Using a combination of the two, if LFB#1, LFB#2, ..., and
              LFB#N are of different types (e.g., queue and meter).

                Figure 5. An example of how to model FE datapaths

    From this example, we demonstrate that each approach has distinct
    advantage for different situations.  Using the encoded state
    approach, fewer connections are typically needed between a fan-out
    node and its next LFB instances of the same type, because each
    packet carries metadata with it so that the following nodes can
    interpret and hence invoke a different packet treatment.  For those
    cases, a pure topological approach forces one to build elaborate
    graphs with a lot more connections and often results in an unwieldy
    graph.  On the other hand, a topological approach is intuitive and
    most useful for representing functionally very different datapaths.

    For complex topologies, a combination of the two is the most useful
    and flexible.  Here we provide a general design guideline as to
    what approach is best used for what situation.  The topological
    approach should primarily be used when the packet datapath forks
    into areas with distinct LFB classes (not just distinct
    parameterizations of the same LFB classes), and when the fan-outs
    do not require changes (adding/removing LFB outputs) at all or
    require only very infrequent changes.  Configuration information
    that needs to change frequently should preferably be expressed by
    the internal attributes of one or more LFBs (and hence using the
    encoded state approach).

                       +---------------------------------------------+
                       |                                             |
         +----------+  V      +----------+           +------+        |
         |          |  |      |          |if IP-in-IP|      |        |
    ---->| ingress  |->+----->|classifier|---------->|Decap.|---->---+
         | ports    |         |          |----+      |      |
         +----------+         +----------+    |others+------+
                                              |
                                              V
         (a)  The LFB topology with a logical loop

        +-------+   +-----------+            +------+   +-----------+
        |       |   |           |if IP-in-IP |      |   |           |
    --->|ingress|-->|classifier1|----------->|Decap.|-->+classifier2|->
        | ports |   |           |----+       |      |   |           |
        +-------+   +-----------+    |others +------+   +-----------+
                                     |
                                     V
         (b)  The LFB topology without the loop utilizing two
              independent classifier instances.

                 Figure 6. An LFB topology example.

    It is important to point out that the LFB topology here is the
    logical topology that the packets flow through, not the physical
    topology as determined by how the FE hardware is laid out.
    Nevertheless, the actual implementation may still influence how the
    functionality should be mapped into the LFB topology.  Figure 6
    shows one simple FE example.  In this example, an IP-in-IP packet
    from an IPSec application like VPN may go to the classifier first
    and have the classification done based on the outer IP header; upon
    being classified as an IP-in-IP packet, the packet is then sent to
    a decapsulator to strip off the outer IP header, followed by a
    classifier again to perform classification on the inner IP header.
    If the same classifier hardware or software is used for both outer
    and inner IP header classification with the same set of filtering
    rules, a logical loop is naturally present in the LFB topology, as
    shown in Figure 6(a).  However, if the classification is
    implemented by two different pieces of hardware or software with
    different filters (i.e., one set of filters for outer IP header
    while another set for inner IP header), then it is more natural to
    model them as two different instances of classifier LFB, as shown
    in Figure 6(b).

    To distinguish multiple instances of the same LFB class, each LFB
    instance has its own LFB instance ID.  One way to encode the LFB
    instance ID is to encode it as x.y where x is the LFB class ID
    while y is the instance ID within each LFB class.

 3.3.2. Configuring the LFB Topology

    While there is little doubt that the individual LFB must be
    configurable, the configurability question is more complicated for
    LFB topology.  Since LFB topology is really the graphic
    representation of the datapaths within FE, configuring the LFB
    topology means dynamically changing the datapaths including changes
    to the LFBs along the datapaths on an FE, e.g., creating (i.e.,
    instantiating) or deleting LFBs, setting up or deleting
    interconnections between outputs of upstream LFBs to inputs of
    downstream LFBs.

    Why would the datapaths on an FE ever change dynamically?  The
    datapaths on an FE is set up by the CE to provide certain data
    plane services (e.g., DiffServ, VPN, etc.) to the NE's customers.
    The purpose of reconfiguring the datapaths is to enable the CE to
    customize the services the NE is delivering at run time.  The CE
    needs to change the datapaths when the service requirements change,
    e.g., when adding a new customer, or when an existing customer
    changes their service.  However, note that not all datapath changes
    result in changes in the LFB topology graph, and that is determined
    by the approach we use to map the datapaths into LFB topology.  As
    discussed in 3.3.1, the topological approach and encoded state
    approach can result in very different looking LFB topologies for
    the same datapaths.  In general, an LFB topology based on a pure
    topological approach is likely to experience more frequent topology
    reconfiguration than one based on an encoded state approach.
    However, even an LFB topology based entirely on an encoded state
    approach may have to change the topology at times, for example, to
    totally bypass some LFBs or insert new LFBs.  Since a mix of these
    two approaches is used to model the datapaths, LFB topology
    reconfiguration is considered an important aspect of the FE model.

    We want to point out that allowing a configurable LFB topology in
    the FE model does not mandate that all FEs must have such
    capability.  Even if an FE supports configurable LFB topology, it
    is expected that there will be FE-specific limitations on what can
    actually be configured.  Performance-optimized hardware
    implementation may have zero or very limited configurability, while
    FE implementations running on network processors may provide more
    flexibility and configurability.  It is entirely up to the FE
    designers to decide whether or not the FE actually implements such
    reconfiguration and how much.  Whether it is a simple runtime
    switch to enable or disable (i.e., bypass) certain LFBs, or more
    flexible software reconfiguration is all implementation detail
    internal to the FE and outside of the scope of FE model.  In either
    case, the CE(s) must be able to learn the FE's configuration
    capabilities.  Therefore, the FE model must provide a mechanism for
    describing the LFB topology configuration capabilities of an FE.
    These capabilities may include (see Section 5 for full details):
       . What LFB classes can the FE instantiate?
       . How many instances of the same LFB class can be created?
       . What are the topological limitations?  For example:
            o How many instances of the same class or any class can be
              created on any given branch of the graph?
            o Ordering restrictions on LFBs (e.g., any instance of LFB
              class A must be always downstream of any instance of LFB
              class B).

    Even if the CE is allowed to configure LFB topology for an FE, how
    can the CE interpret an arbitrary LFB topology (presented to the CE
    by the FE) and know what to do with it?  In other words, how does
    the CE know the mapping between an LFB topology and a particular NE
    service or application (e.g., VPN, DiffServ, etc.)?  We argue that
    first of all, it is unlikely that an FE can support any arbitrary
    LFB topology; secondly, once the CE understands the coarse
    capability of an FE, it is up to the CE to configure the LFB
    topology according to the network service the NE is supposed to
    provide.  So the more important mapping that the CE has to
    understand is from the high level NE service to a specific LFB
    topology, not the other way around.  Do we expect the CE has the
    ultimate intelligence to translate any high level service policy
    into the configuration data for the FEs?  No, but it is conceivable
    that within a given network service domain (like DiffServ), a
    certain amount of intelligence can be programmed into the CE such
    that the CE has a general understanding of the LFBs involved and so
    the translation from a high level service policy to the low level
    FE configuration can be done automatically.  In any event, this is
    considered an implementation issue internal to the control plane
    and outside the scope of the FE model. Therefore, it is not
    discussed any further in this draft.

         +----------+     +-----------+
    ---->| Ingress  |---->|classifier |--------------+
         |          |     |chip       |              |
         +----------+     +-----------+              |
                                                     v
                         +-------------------------------------------+
           +--------+    |   Network Processor                       |
      <----| Egress |    |   +------+    +------+   +-------+        |
           +--------+    |   |Meter |    |Marker|   |Dropper|        |
                 ^       |   +------+    +------+   +-------+        |
                 |       |                                           |
      +----------+-------+                                           |
      |          |                                                   |
      |    +---------+       +---------+   +------+    +---------+   |
      |    |Forwarder|<------|Scheduler|<--|Queue |    |Counter  |   |
      |    +---------+       +---------+   +------+    +---------+   |
      |--------------------------------------------------------------+

                 (a)  The Capability of the FE, reported to the CE

           +-----+    +-------+                      +---+
           |    A|--->|Queue1 |--------------------->|   |
    ------>|     |    +-------+                      |   |  +---+
           |     |                                   |   |  |   |
           |     |    +-------+      +-------+       |   |  |   |
           |    B|--->|Meter1 |----->|Queue2 |------>|   |->|   |
           |     |    |       |      +-------+       |   |  |   |
           |     |    |       |--+                   |   |  |   |
           +-----+    +-------+  |   +-------+       |   |  +---+
         classifier              +-->|Dropper|       |   |  IPv4
                                     +-------+       +---+  Fwd.
                                                  Scheduler
                 (b)  One LFB topology as configured by the CE and
                      accepted by the FE
                                                  Queue1
                       +---+                    +--+
                       |  A|------------------->|  |--+
                    +->|   |                    |  |  |
                    |  |  B|--+  +--+   +--+    +--+  |
                    |  +---+  |  |  |   |  |          |
                    | Meter1  +->|  |-->|  |          |
                    |            |  |   |  |          |
                    |            +--+   +--+          |          Ipv4
                    |         Counter1 Dropper1 Queue2|    +--+  Fwd.
            +---+   |                           +--+  +--->|A |  +-+
            |  A|---+                           |  |------>|B |  | |
     ------>|  B|------------------------------>|  |  +--->|C |->| |->
            |  C|---+                           +--+  | +->|D |  | |
            |  D|-+ |                                 | |  +--+  +-+
            +---+ | |    +---+                  Queue3| | Scheduler
        Classifier1 | |  |  A|------------>       +--+  | |
                    | +->|   |                    |  |--+ |
                    |    |  B|--+  +--+ +-------->|  |    |
                    |    +---+  |  |  | |         +--+    |
                    |  Meter2   +->|  |-+                 |
                    |              |  |                   |
                    |              +--+           Queue4  |
                    |            Marker1          +--+    |
                    +---------------------------->|  |----+
                                                  |  |
                                                  +--+
                 (c)  Another LFB topology as configured by the CE and
                      accepted by the FE

         Figure 7. An example of configuring LFB topology.

    Figure 7 shows an example where a QoS-enabled router has several
    line cards that have a few ingress ports and egress ports, a
    specialized classification chip, a network processor containing
    codes for FE blocks like meter, marker, dropper, counter, queue,
    scheduler and Ipv4 forwarder.  Some of the LFB topology is already
    fixed and has to remain static due to the physical layout of the
    line cards.  For example, all the ingress ports might be already
    hard wired into the classification chip and so all packets must
    follow from the ingress port into the classification engine.  On
    the other hand, the LFBs on the network processor and their
    execution order are programmable, even though there might exist
    certain capacity limits and linkage constraints between these LFBs.
    Examples of the capacity limits might be: there can be no more than
    8 meters; there can be no more than 16 queues in one FE; the
    scheduler can handle at most up to 16 queues; etc.  The linkage
    constraints might dictate that classification engine may be
    followed by a meter, marker, dropper, counter, queue or IPv4
    forwarder, but not scheduler; queues can only be followed by a
    scheduler; a scheduler must be followed by the IPv4 forwarder; the
    last LFB in the datapath before going into the egress ports must be
    the IPv4 forwarder, etc.

    Once the FE reports such capability and capacity to the CE, it is
    now up to the CE to translate the QoS policy into the desirable
    configuration for the FE.  Figure 7(a) depicts the FE capability
    while 7(b) and 7(c) depict two different topologies that the FE
    might be asked to configure to.  Note that both the ingress and
    egress are omitted in (b) and (c) for simple representation.  The
    topology in 7(c) is considerably more complex than 7(b) but both
    are feasible within the FE capabilities, and so the FE should
    accept either configuration request from the CE.

 4. Model and Schema for LFB Classes

    The main goal of the FE model is to provide an abstract, generic,
    modular, implementation-independent representation of the FEs. This
    is facilitated using the concept of LFBs which are instantiated
    from LFB classes. LFB classes and associated definitions will be
    provided in a collection of XML documents. The collection of these
    XML documents is called a LFB class library, and each document is
    called an LFB class library document (or library document, for
    short). Each of the library documents will conform to the schema
    presented in this section. The root element of the library document
    is the <LFBLibrary> element.

    It is not expected that library documents will be exchanged between
    FEs and CEs "over-the-wire". But the model will serve as an
    important reference for the design and development of the CEs
    (software) and FEs (mostly the software part). It will also serve
    as a design input when specifying the ForCES protocol elements for
    CE-FE communication.

 4.1. Namespace

    The LFBLibrary element and all of its sub-elements are defined in
    the following namespace:

       http://ietf.org/forces/1.0/lfbmodel

 4.2. <LFBLibrary> Element

    The <LFBLibrary> element serves as a root element of all library
    documents. It contains one or more of the following main blocks:

       . <frameTypeDefs> for the frame declarations;
       . <dataTypeDefs> for defining common data types;
       . <metadataDefs> for defining metadata, and
       . <LFBClassDefs> for defining LFB classes.

    Each block is optional, that is, one library may contain only
    metadata defintions, another may contain only LFB class
    definitions, yet another may contain all of the above.

    In addition to the above main blocks, a library document can import
    other library documents if it needs to refer to definitions
    contained in the included document. This concept is similar to the
    "#include" directive in C. Importing is expressed by the <load>
    elements, which must precede all the above elements in the
    document. For unique referencing, each LFBLibrary instance document
    has a unique label defined in the "provide" attribute of the
    LFBLibrary element.

    The <LFBLibrary> element also includes an optional <description>
    element, which can be used to provide textual description about the
    library.

    Following is a skeleton of a library document:

    <?xml version="1.0" encoding="UTF-8"?>
    <LFBLibrary xmlns="http://ietf.org/forces/1.0/lfbmodel"
      provides="this_library">

      <description>
        ...
      </description>

      <!-- Loading external libraries (optional) -->
      <load library="another_library"/>
      ...

      <!-- FRAME TYPE DEFINITIONS (optional) -->
      <frameTypeDefs>
        ...
      </frameTypeDefs>

      <!-- DATA TYPE DEFINITIONS (optional) -->
      <dataTypeDefs>
        ...

      </dataTypeDefs>

      <!-- METADATA DEFINITIONS (optional) -->
      <metadataDefs>
        ...
      </metadataDefs>

      <!—LFB CLASS DEFINITIONS (optional) -->
      <LFBCLassDefs>
        ...
      </LFBCLassDefs>
    </LFBLibrary>

 4.3. <load> Element

    This element is used to refer to another LFB library document.
    Similar to the "include" directive in C, this makes the objects
    (metadata types, data types, etc.) defined in the referred library
    available for referencing in the current document.

    The load element must contain the label of the library to be
    included and may contain a URL to specify where the library can be
    retrieved. The load element can be repeated unlimited times. Three
    examples for the <load> elements:

    <load library="a_library"/>
    <load library="another_library" location="another_lib.xml"/>
    <load library="yetanother_library"
      location="http://www.petrimeat.com/forces/1.0/lfbmodel/lpm.xml"/>

 4.4. <frameDefs> Element for Frame Type Declarations

    Frame names are used in the LFB definition to define what types of
    frames the LFB expects at its input port(s) and emits at its output
    port(s).  The <frameDefs> optional element in the library document
    contains one or more <frameDef> elements, each declaring one frame
    type.

    Each frame definition contains a unique name (NMTOKEN) and a brief
    synopsis.  In addition, an optional detailed description may be
    provided.

    Uniqueness of frame types must be ensured among frame types defined
    in the same library document and in all directly or indirectly
    included library documents.

    The following example defines two frame types:

    <frameDefs>
      <frameDef>
        <name>ipv4</name>
        <synopsis>IPv4 packet</synopsis>
        <description>
          This frame type refers to an IPv4 packet.
        </description>
      </frameDef>
        <frameDef>
        <name>ipv6</name>
        <synopsis>IPv6 packet</synopsis>
        <description>
          This frame type refers to an IPv6 packet.
        </description>
      </frameDef>
      ...
    </frameDefs>

 4.5. <dataTypeDefs> Element for Data Type Definitions

    The (optional) <dataTypeDefs> element can be used to define
    commonly used data types. It contains one or more <dataTypeDef>
    elements, each defining a data type with a unique name. Such data
    types can be used in several places in the library documents,
    including:

    .  Defining other data types
    .  Defining metadata
    .  Defining attributes of LFB classes

    This is similar to the concept of having a common header file for
    shared data types.

    Each <dataTypeDef> element contains a unique name (NMTOKEN), a
    brief
    synopsis, an optional longer description, and a type definition
    element.  The name must be unique among all data types defined in
    the same library document and in any directly or indirectly
    included library documents. For example:

    <dataTypeDefs>
      <dataTypeDef>
        <name>ieeemacaddr</name>
        <synopsis>48-bit IEEE MAC address</synopsis>
        ... type definition ...
      </dataTypeDef>
      <dataTypeDef>
        <name>ipv4addr</name>
        <synopsis>IPv4 address</synopsis>
        ... type definition ...
      </dataTypeDef>
      ...
    </dataTypeDefs>

    There are two kinds of data types: atomic and compound.  Atomic
    data types are appropriate for single-value variables (e.g.
    integer, ASCII string, byte array).

    The following built-in atomic data types are provided, but
    additional atomic data types can be defined with the <typeRef> and
    <atomic> elements:

       <name>                   Meaning
       ----                     -------
       char                     8-bit signed integer
       uchar                    8-bit unsigned integer
       int16                    16-bit signed integer
       uint16                   16-bit unsigned integer
       int32                    32-bit signed integer
       uint32                   32-bit unsigned integer
       int64                    64-bit signed integer
       uint64                   64-bit unisgned integer
       string[N]                ASCII null-terminated string with
                                buffer of N characters (string max
                                length is N-1)
       byte[N]                  A byte array of N bytes
       float16                  16-bit floating point number
       float32                  32-bit IEEE floating point number
       float64                  64-bit IEEE floating point number
    These built-in data types can be readily used to define metadata or
    LFB attributes, but can also be used as building blocks when
    defining new data types.

    Compound data types can build on atomic data types and other
    compound data types. There are four ways that compound data types
    can be defined.  They may be defined as an array of elements of
    some compound or atomic data type.  They may be a structure of
    named elements of compound or atomic data types (ala C structures).
    They may be a union of named elements of compound or atomic data
    types (ala C unions). They may also be defined as augmentations
    (explained below in 4.5.6) of existing compound data types.

    Given that the FORCES protocol will be getting and setting
    attribute values, all atomic data types used here must be able to
    be conveyed in the FORCES protocol.  Further, the FORCES protocol
    will need a mechanism to convey compound data types.  However, the
    details of such representations are for the protocol document, not
    the model documents.

    For the definition of the actual type in the <dataTypeDef> element,
    the following elements are available: <typeRef>, <atomic>, <array>,
    <struct>, and <union>.

    [EDITOR: How to support augmentation is for further study.]

 4.5.1. <typeRef> Element for Aliasing Existing Data Types

    The <typeRef> element refers to an existing data type by its name.
    The referred data type must be defined either in the same library
    document, or in one of the included library documents. If the
    referred data type is an atomic data type, the newly defined type
    will also be regarded as atomic. If the referred data type is a
    compound type, the new type will also be a compound. Some usage
    examples:

    <dataTypeDef>
      <name>short</name>
      <synopsis>Alias to int16</synopsis>
      <typeRef>int16</typeRef>
    </dataTypeDef>
    <dataTypeDef>
      <name><name>ieeemacaddr</name>
      <synopsis>48-bit IEEE MAC address</synopsis>
      <typeRef>byte[6]</typeRef>
    </dataTypeDef>
 4.5.2. <atomic> Element for Deriving New Atomic Types

    The <atomic> element allows the definition of a new atomic type
    from an existing atomic type, applying range restrictions and/or
    providing special enumerated values.  Note that the <atomic>
    element can only use atomic types as base types, and its result is
    always another atomic type.

    For example, the following snippet defines a new "dscp" data type:

    <dataTypeDef>
      <name>dscp</name>
      <synopsis>Diffserv code point.</synopsis>
      <atomic>
        <baseType>uchar</baseType>
        <rangeRestriction>
          <allowedRange min="0" max="63"/>
        </rangeRestriction>
        <specialValues>
          <specialValue value="0">
            <name>DSCP-BE</name>
            <synopsis>Best Effort</synopsis>
          </specialValue>
          ...
        </specialValues>
      </atomic>
    </dataTypeDef>

 4.5.3. <array> Element to Define Arrays

    The <array> element can be used to create a new compound data type
    as an array of a compound or an atomic data type. The type of the
    array entry can be specified either by referring to an existing
    type (using the <typeRef> element) or defining an unnamed type
    inside the <array> element using any of the <atomic>, <array>,
    <struct>, or <union> elements.

    The array can be "fixed-size" or "variable-size", which is
    specified by the "type" attribute of the <array> element. The
    default is "variable-size".  For variable size arrays an optional
    "max-length" attribute can specify the maximum allowed length. This
    attribute should be used to encode semantic limitations, and not
    implementation limitations. The latter should be handled by
    capability attributes of LFB classes, and should never be included
    in data type definitions. If the "max-length" attribute is not
    provided, the array is regarded as of unlimited-size.

    For fixed-size arrays a "length" attribute must be provided which
    specifies the constant size of the array.

    The result of this construct is always a compound type, even if the
    array has a fixed size of 1.

    Arrays can only be subscripted by integers, and will be presumed to
    start with index 0.

    The following example shows the definition of a fixed size array
    with pre-defined data type as array elements:

    <dataTypeDef>
      <name>dscp-mapping-table</name>
      <synopsys>
        A table of 64 DSCP values, used to re-map code space.
      </synopsis>
      <array type="fixed-size" length="64">
          <typeRef>dscp</typeRef>
      </array>
    </dataTypeDef>

    The following example defines a variable size array with an upper
    limit on its size:

    <dataTypeDef>
      <name>mac-alias-table </name>
      <synopsys>A table with up to 8 IEEE MAC addresses</synopsis>
      <array type="variable-size" max-length="8">
          <typeRef>ieeemacaddr</typeRef>
      </array>
    </dataTypeDef>

    The following example shows the definition of an array with local
    (unnamed) type definition:

    <dataTypeDef>
      <name>classification-table</name>
      <synopsys>
        A table of classification rules and result opcodes.
      </synopsis>
      <array type="variable-size">
        <struct>
          <element>
            <name>rule</name>
            <synopsis>The rule to match</synopsis>
            <typeRef>classrule</typeRef>
          </element>
          <element>
            <name>opcode</name>
            <synopsis>The result code</synopsis>
            <typeRef>opcode</typeRef>
          </element>
        </struct>
      </array>
    </dataTypeDef>

    In the above example each entry of the array is a <struct> of two
    fileds ("rule" and "opcode").

 4.5.4. <struct> Element to Define Structures

    A structure is comprised of a collection of data elements. Each
    data element has a data type (either an atomic type or an existing
    compound type) and is assigned a name unique within the scope of
    the compound data type being defined. These serve the same function
    as "struct" in C, etc.

    The actual type of the field can be defined by referring to an
    existing type (using the <typeDef> element), or can be a locally
    defined (unnamed) type created by any of the <atomic>, <array>,
    <struct>, or <union> elements.

    The result of this construct is always regarded a compound type,
    even if the <struct> contains only one field.

    An example:

    <dataTypeDef>
      <name>ipv4prefix</name>
      <synopsis>
        IPv4 prefix defined by an address and a prefix length
      </synopsis>
      <struct>
        <element>
          <name>address</name>
          <synopsis>Address part</synopsis>
          <typeRef>ipv4addr</typeRef>
        </element>
        <element>
          <name>prefixlen</name>
          <synopsis>Prefix length part</synopsis>
          <atomic>
            <baseType>uchar</baseType>
            <rangeRestriction>
              <allowedRange min="0" max="32"/>
            </rangeRestriction>
          </atomic>
        </element>
      </struct>
    </dataTypeDef>

 4.5.5. <union> Element to Define Union Types

    Similar to the union declaration in C, this construct allows the
    definition of overlay types.  Its format is identical to the
    <struct> element.

    The result of this construct is always regarded a compound type,
    even if the union contains only one element.

 4.5.6. Augmentations

    Compound types can also be defined as augmentations of existing
    compound types.  If the existing compound type is a structure,
    augmentation may add new elements to the type.  They may replace
    the type of an existing element with an augmentation derived from
    the current type.  They may not delete an existing element, nor may
    they replace the type of an existing element with one that is not
    an augmentation of the type that the element has in the basis for
    the augmentation.  If the existing compound type is an array,
    augmentation means augmentation of the array element type.

    One consequence of this is that augmentations are compatible with
    the compound type from which they are derived.  As such,
    augmentations are useful in defining attributes for LFB subclasses
    with backward compatibility.  In addition to adding new attributes
    to a class, the data type of an existing attribute may be replaced
    by an augmentation of that attribute, and still meet the
    compatibility rules for subclasses.

    For example, consider a simple base LFB class A that has only one
    attribute (attr1) of type X.  One way to derive class A1 from A can
    be by simply adding a second attribute (of any type).  Another way
    to derive a class A2 from A can be by replacing the original
    attribute (attr1) in A of type X with one of type Y, where Y is an
    augmentation of X.  Both classes A1 and A2 are backward compatible
    with class A.

    [EDITOR: How to support the concept of augmentation in the XML
    schema is for further study.]

 4.6. <metadataDefs> Element for Metadata Definitions

    The (optional) <metadataDefs> element in the library document
    contains one or more <metadataDef> elements. Each <metadataDef>
    element defines a metadata.

    Each <metadataDef> element contains a unique name (NMTOKEN).
    Uniqueness is defined over all metadata defined in this library
    document and in all directly or indirectly included library
    documents. The <metadataDef> element also contains a brief
    synopsis, an optional detailed description, and a compulsory type
    definition information. Only atomic data types can be used as value
    types for metadata.

    Two forms of type definitions are allowed. The first form uses the
    <typeRef> element to refer to an existing atomic data type defined
    in the <dataTypeDefs> element of the same library document or in
    one of the included library documents. The usage of the <typeRef>
    element is identical to how it is used in the <dataTypeDef>
    elements, except here it can only refer to atomic types.

    [EDITOR: The latter restriction is not yet enforced by the XML
    schema.]

    The second form is an explicit type definition using the <atomic>
    element. This element is used here in the same way as in the
    <dataTypeDef> elements.

    The following example shows both usages:

    <metadataDefs>
      <metadataDef>
        <name>NEXTHOPID</name>
        <synopsis>Refers to a Next Hop entry in NH LFB</synopsis>
        <typeRef>int32</typeRef>
      </metadataDef>
      <metadataDef>
        <name>CLASSID</name>
        <synopsis>
          Result of classification (0 means no match).

        </synopsis>
        <atomic>
          <baseType>int32</baseType>
          <specialValues>
            <specialValue value="0">
              <name>NOMATCH</name>
              <synopsis>
                Classification didn’t result in match.
              </synopsis>
            </specialValue>
          </specialValues>
        </atomic>
      </metadataDef>
    </metadataDefs>

 4.7. <LFBClassDefs> Element for LFB Class Definitions

    The (optional) <LFBClassDefs> element can be used to define one or
    more LFB classes using <LFBClassDef> elements. Each <LFBClassDef>
    element defines an LFB class and includes the following elements:
      . <name> provides the symbolic name of the LFB class. Example:
         "ipv4lpm"
      . <synopsis> provides a short synopsis of the LFB class.
         Example: "IPv4 Longest Prefix Match Lookup LFB"
      . <version> is the version indicator
      . <derivedFrom> is the inheritance indicator
      . <inputPorts> lists the input ports and their specifications
      . <outputPorts> lists the output ports and their specifications
      . <attributes> defines the operational attributes of the LFB
      . <capabilities> defines the capability attributes of the LFB
      . <description> contains the operational specification of the
         LFB

    [EDITOR: LFB class names should be unique not only among classes
    defined in this document and in all included documents, but also
    unique across a large collection of libraries.  Obviously some
    global control is needed to ensure such uniqueness. This subject
    requires further study.]

    Here is a skeleton of an example LFB class definition:

    <LFBClassDefs>
      <LFBClassDef>
        <name>ipv4lpm</name>
        <synopsis>IPv4 Longest Prefix Match Lookup LFB</synopsis>
        <version>1.0</version>
        <derivedFrom>baseclass</derivedFrom>

        <inputPorts>
          ...
        </inputPorts>

        <outputPorts>
          ...
        </outputPorts>

        <attributes>
          ...
        </attributes>

        <capabilities>
          ...
        </capabilities>

        <description>
          This LFB represents the IPv4 longest prefix match lookup
          operation.
          The modeled behavior is as follows:
             Blah-blah-blah.
        </description>

      </LFBClassDef>
      ...
    </LFBClassDefs>

    Except the <name>, <synopsis>, and <version> elements, all other
    elements are optional in <LFBClassDef>, though when they are
    present, they must occur in the above order.

 4.7.1. <derivedFrom> Element to Express LFB Inheritance

    The optional <derivedFrom> element can be used to indicate that
    this class is a derivative of some other class. The content of this
    element must be the unique name (<name>) of another LFB class. The
    referred LFB class must be defined in the same library document or
    in one of the included library documents.

    [EDITOR: The <derivedFrom> element will likely need to specify the
    version of the ancestor, which is not included in the schema yet.
    The process and rules of class derivation are still being studied.]

    It is assumed that the derived class is backwards compatible with
    the base class.

 4.7.2. <inputPorts> Element to Define LFB Inputs

    The optional <inputPorts> element is used to define input ports. An
    LFB class may have zero, one, or more inputs. If the LFB class has
    no input ports, the <inputPorts> elements must be omitted. The
    <inputPorts> element can contain one or more <inputPort> elements,
    one for each port or port-group. We assume that most LFBs will have
    exactly one input. Multiple inputs with the same input type are
    modeled as one input group. Input groups are defined the same way
    as input ports by the <inputPort> element, differentiated only by
    an optional "group" attribute.

    Multiple inputs with different input types should be avoided if
    possible (see discussion in Section 3.2.1). Some special LFBs will
    have no inputs at all. For example, a packet generator LFB does not
    need an input.

    Single input ports and input port groups are both defined by the
    <inputPort> element, they are differentiated by only an optional
    "group" attribute.

    The <inputPort> element contains the following elements:
    . <name> provides the symbolic name of the input.  Example: "in".
       Note that this symbolic name must be unique only within the
       scope of the LFB class.
    . <synopsis> contains a brief description of the input.  Example:
       "Normal packet input".
    . <expectation> lists all allowed frame formats. Example: {"ipv4"
       and "ipv6"}.  Note that this list should refer to names
       specified in the <frameDefs> element of the same library
       document or in any included library documents. The <expectation>
       element can also provide a list of required metadata. Example:
       {"classid", "vifid"}. This list should refer to names of
       metadata defined in the <metadataDefs> element in the same
       library document or in any included library documents. For each
       metadata it must be specified whether the metadata is required
       or optional. For each optional metadata a default value must be
       specified, which is used by the LFB if the metadata is not
       provided with a packet.

    In addition, the optional "group" attribute of the <inputPort>
    element can specify if the port can behave as a port group, i.e.,
    it is allowed to be instantiated. This is indicated by a "yes"
    value (the default value is "no").

    An example <inputPorts> element, defining two input ports, the
    second one being an input port group:

    <inputPorts>
      <inputPort>
        <name>in</name>
        <synopsis>Normal input</synopsis>
        <expectation>
          <frameExpected>
            <ref>ipv4</ref>
            <ref>ipv6</ref>
          </frameExpected>
          <metadataExpected>
            <ref>classid</ref>
            <ref>vifid</ref>
            <ref dependency="optional" defaultValue="0">vrfid</ref>
          </metadataExpected>
        </expectation>
      </inputPort>
      <inputPort group="yes">
        ... another input port ...
      </inputPort>
    </inputPorts>

    For each <inputPort>, the frame type expectations are defined by
    the <frameExpected> element using one or more <ref> elements (see
    example above). When multiple frame types are listed, it means that
    "one of these" frame types are expected. A packet of any other
    frame type is regarded as incompatible with this input port of the
    LFB class. The above example list two frames as expected frame
    types: "ipv4" and "ipv6".

    Metadata expectations are specified by the <metadataExpected>
    element. In its simplest form this element can contain a list of
    <ref> elements, each referring to a metadata. When multiple
    instances of metadata are listed by <ref> elements, it means that
    "all of these" metadata must be received with each packet (except
    metadata that are marked as "optional" by the "dependency"
    attribute of the corresponding <ref> element). For a metadata that
    is specified "optional", a default value must be provided using the
    "defaultValue" attribute. The above example lists three metadata as
    expected metadata, two of which are mandatory ("classid" and
    "vifid"), and one being optional ("vrfid").

    [EDITOR: How to express default values for byte[N] atomic types is
    yet to be defined.]
    The schema also allows for more complex definitions of metadata
    expectations. For example, using the <one-of> element, a list of
    metadata can be specified to express that at least one of the
    specified metadata must be present with any packet. For example:

    <metadataExpected>
      <one-of>
        <ref>prefixmask</ref>
        <ref>prefixlen</ref>
      </one-of>
    </metadataExpected>

    The above example specifies that either the "prefixmask" or the
    "prefixlen" metadata must be provided with any packet.

    The two forms can also be combined, as it is shown in the following
    example:

    <metadataExpected>
      <ref>classid</ref>
      <ref>vifid</ref>
      <ref dependency="optional" defaultValue="0">vrfid</ref>
      <one-of>
        <ref>prefixmask</ref>
        <ref>prefixlen</ref>
      </one-of>
    </metadataExpected>

    Although the schema is constructed to allow even more complex
    definition of metadata expectations, we do not discuss these here.

 4.7.3. <outputPorts> Element to Define LFB Outputs

    The optional <outputPorts> element is used to define output ports.
    An LFB class may have zero, one, or more outputs. If the LFB class
    has no output ports, the <outputPorts> element must be omitted. The
    <outputPorts> element can contain one or more <outputPort>
    elements, one for each port or port-group. If there are multiple
    outputs with the same output type, we model them as an output port
    group. Some special LFBs may have no outputs at all (e.g.,
    Dropper).

    Single output ports and output port groups are both defined by the
    <outputPort> element, they are differentiated by only an optional
    "group" attribute.

    The <outputPort> element contains the following elements:
    . <name> provides the symbolic name of the output. Example: "out".
       Note that the symbolic name must be unique only within the scope
       of the LFB class.
    . <synopsis> contains a brief description of the output port.
       Example: "Normal packet output".
    . <product> lists the allowed frame formats. Example: {"ipv4",
       "ipv6"}. Note that this list should refer to symbols specified
       in the <frameDefs> element in the same library document or in
       any included library documents. The <product> element may also
       contain the list of emitted (generated) metadata. Example:
       {"classid", "color"}. This list should refer to names of
       metadata specified in the <metadataDefs> element in the same
       library document or in any included library documents. For each
       generated metadata, it should be specified whether the metadata
       is always generated or generated only in certain conditions.
       This information is important when assessing compatibility
       between LFBs.

    In addition, the best way to represent such datapaths?
    While optional "group" attribute of the <outputPort>
    element can specify if the port can behave as a port group, i.e.,
    it is still possible allowed to use either be instantiated. This is indicated by a "yes"
    value (the default value is "no").

    The following example specifies two output ports, the pure topological
    approach or second being
    an output port group:

    <outputPorts>
      <outputPort>
        <name>out</name>
        <synopsis>Normal output</synopsis>
        <product>
          <frameProduced>
            <ref>ipv4</ref>
            <ref>ipv4bis</ref>
          </frameProduced>
          <metadataProduced>
            <ref>nhid</ref>
            <ref>nhtabid</ref>
          </metadataProduced>
        </product>
      </outputPort>
      <outputPort group="yes">
        <name>exc</name>
        <synopsis>Exception output port group</synopsis>
        <product>
          <frameProduced>
            <ref>ipv4</ref>
            <ref>ipv4bis</ref>
          </frameProduced>
          <metadataProduced>
            <ref availability="conditional">errorid</ref>
          </metadataProduced>
        </product>
      </outputPort>
    </outputPorts>

    What types of frames and metadata the pure encoded state approach, port produces are defined
    inside the natural
    combination of <product> element in each <outputPort>. Within the two seems
    <product> element, the best by representing list of frame types the two
    different functional datapaths using topological approach while
    leaving port produces is
    listed in the N-1 meter instances distinguished by <frameProduced> element. When more than one frame is
    listed, it means that "one of" these frames will be produced.

    The list of metadata only, as
    shown that is produced with each packet is listed in Figure 5(c).
                                         +----------+
                                  P      |   LFB#1  |
                              +--------->|(Attrib-1)|
         +-------------+      |          +----------+
         |            1|------+   P      +----------+
         |            2|---------------->|   LFB#2  |
         | classifier 3|                 |(Attrib-2)|
         |          ...|...              +----------+
         |            N|------+          ...
         +-------------+      |   P      +----------+
                              +--------->|   LFB#N  |
                                         |(Attrib-N)|
                                         +----------+

                 5(a) Using pure topological approach

         +-------------+                 +-------------+
         |            1|                 |   Meter     |
         |            2|   (P, M)        | (Attrib-1)  |
         |            3|---------------->| (Attrib-2)  |
         |          ...|                 |   ...       |
         |            N|                 | (Attrib-N)  |
         +-------------+                 +-------------+

           5(b) Using pure encoded state approach
    the optional <metadataProduced> element of the <product>. In its
    simplest form, this element can contain a list of <ref> elements,
    each referring to a metadata type. The meaning of such a list is
    that "all of" these metadata are provided with each packet, except
    those that are listed with the optional "availability" attribute
    set to "conditional." Similar to represent the LFB
          topology in 5(a), if LFB#1, LFB#2, ..., and LFB#N are <metadataExpected> element of
    the
                        same type (e.g., meter).

                                      +-------------+
         +-------------+ (P, M)       | queue       |
         |            1|------------->| (Attrib-1)  |
         |            2|              +-------------+
         |            3| (P, M)       +-------------+
         |          ...|------------->|   Meter     |
         |            N|              | (Attrib-2)  |
         +-------------+              |   ...       |
                                      | (Attrib-N)  |
                                      +-------------+

         5(c) Using a combination of <inputPort>, the two, if LFB#1, LFB#2, ..., and
              LFB#N are of different types (e.g., queue and meter).

                Figure 5. An example <metadataProduced> element supports more
    complex forms, which we do not discuss here further.

 4.7.4. <attributes> Element to Define LFB Operational Attributes

    Operational parameters of how the LFBs that must be visible to the CEs
    are conceptualized in the model FE datapaths

    From this as the LFB attributes. These
    include, for example, we demonstrate flags, single parameter arguments, complex
    arguments, and tables. Note that each approach has distinct
    advantage for different situations.  Using the encoded state
    approach, fewer connections attributes here refer to only
    those operational parameters of the LFBs that must be visible to
    the CEs. Other variables that are typically needed between a fan-out
    node internal to LFB implementation
    are not regarded as LFB attributes and its next hence are not covered.

    Some examples for LFB instances attributes are:
       . Configurable flags and switches selecting between operational
         modes of the same type, because LFB
       . Number of inputs or ouputs in a port group
       . Metadata CONSUME vs. PROPAGATE mode selectors
       . Various configurable lookup tables, including interface
         tables, prefix tables, classification tables, DSCP mapping
         tables, MAC address tables, etc.
       . Packet and byte counters
       . Various event counters
       . Number of current inputs or outputs for each
    packet carries metadata with it so that input or output
         group
       . Metadata CONSUME/PROPAGATE mode selector

    There may be various access permission restrictions on what the following nodes CE
    can
    interpret and hence invoke a different packet treatment.  For those
    cases, a pure topological approach forces one to build elaborate
    graphs do with a lot more connections and often results in an unwieldy
    graph.  On the other hand, a topological approach LFB attribute.  The following categories may be
    supported:
       . No-access attributes.  This is intuitive and
    most useful when multiple access
         modes maybe defined for representing functionally very different datapaths.

    For complex topologies, a combination of the two is the most useful
    and flexible.  Here we provide a general design guideline as given attribute to
    what approach is best used allow some
         flexibility for what situation.  The topological
    approach should primarily different implementations.
       . Read-only attributes.
       . Read-write attributes.
       . Write-only attributes.  This could be used when any configurable data
         for which read capability is not provided to the packet datapath forks
    into areas with distinct LFB classes (not just distinct
    parameterizations of CEs.  (e.g.,
         the same LFB classes), security key information)
       . Read-reset attributes.  The CE can read and when the fan-outs
    do not require changes (adding/removing LFB outputs) at all or
    require only very infrequent changes.  Configuration information
    that needs reset this
         resource, but cannot set it to change frequently should preferably be expressed by
    the internal attributes of one or more LFBs (and hence using an arbitrary value. Example:
         Counters.
       . Firing-only attributes.  A write attempt to this resource will
         trigger some specific actions in the
    encoded state approach).
                       +---------------------------------------------+
                       |                                             |
         +----------+  V      +----------+           +------+        |
         |          |  |      |          |if IP-in-IP|      |        |
    ---->| ingress  |->+----->|classifier|---------->|Decap.|---->---+
         | ports    |         |          |----+      |      |
         +----------+         +----------+    |others+------+
                                              |
                                              V
         (a) LFB, but the actual value
         written is ignored.

    The LFB topology with class may define more than one possible access mode for a logical loop

        +-------+   +-----------+            +------+   +-----------+
        |       |   |           |if IP-in-IP |      |   |           |
    --->|ingress|-->|classifier1|----------->|Decap.|-->+classifier2|->
        | ports |   |           |----+       |      |   |           |
        +-------+   +-----------+    |others +------+   +-----------+
                                     |
                                     V
         (b)  The LFB topology without the loop utilizing two
              independent classifier instances.

                 Figure 6. An LFB topology example.

    It
    given attribute (for example, "write-only" and "read-write"), in
    which case it is important left to point out that the LFB topology here is actual implementation to pick one of
    the
    logical topology that modes.  In such cases a corresponding capability attribute must
    inform the packets flow through, not CE about the physical
    topology as determined by how access mode the FE hardware actual LFB instance
    supports (see next subsection on capability attributes).

    The attributes of the LFB class are listed in the <attributes>
    element. Each attribute is laid out.
    Nevertheless, defined by an <attribute> element. An
    <attribute> element contains the actual implementation may still influence how following elements:
       . <name> defines the
    functionality should name of the attribute. This name must be mapped into
         unique among the LFB topology.  Figure 6
    shows one simple FE example.  In this example, an IP-in-IP packet
    from an IPSec application like VPN may go to attributes of the classifier first
    and have LFB class. Example:
         "version".
       . <synopsis> should provide a brief description of the classification done based on purpose
         of the outer IP header; upon
    being classified as an IP-in-IP packet, attribute.
       . The data type of the packet is then sent to attribute can be defined either via a decapsulator
         reference to strip off a predefined data type or providing a local
         definition of the outer IP header, followed type. The former is provided by a
    classifier again using the
         <typeRef> element, which must refer to perform classification on the inner IP header.
    If unique name of an
         existing data type defined in the <dataTypeDefs> element in
         the same classifier hardware library document or software in any of the included library
         documents. When the data type is defined locally (unnamed
         type), one of the following elements can be used: <atomic>,
         <array>, <struct>, and <union>. Their usage is identical to
         how they are used inside <dataTypeDef> elements (see Section
         4.5).
       . The optional <defaultValue> element can specify a default
         value for both outer
    and inner IP header classification with the same set of filtering
    rules, a logical loop attribute, which is naturally present in applied when the LFB topology, as
    shown in Figure 6(a).  However, if the classification is
    implemented by two different pieces
         initialized or reset. [EDITOR: A convention to define default
         values for compound data types and byte[N] atomic types is yet
         to be defined.]

    In addition to the above elements, the <attribute> element includes
    an optional "access" attribute, which can take any of hardware the following
    values or software with
    different filters (i.e., one set even a list of filters for outer IP header
    while another set these values: "read-only", "read-write",
    "write-only", "read-reset", and "trigger-only". The default access
    mode is "read-write".

    The following example defines two attributes for inner IP header), then it an LFB:

    <attributes>
      <attribute access="read-only">
        <name>foo</name>
        <synopsis>number of things</synopsis>
        <typeRef>uint32</typeRef>
      </attribute>
      <attribute access="read-write write-only">
        <name>bar</name>
        <synopsis>number of this other thing</synopsis>
        <atomic>
          <baseType>uint32</baseType>
          <rangeRestriction>
            <allowedRange min="10" max="2000"/>
          </rangeRestriction>
        </atomic>
        <defaultValue>10</defaultValue>
      </attribute>
    </attributes>

    The first attribute ("foo") is more natural a read-only 32-bit unsigned integer,
    defined by referring to the built-in "uint32" atomic type. The
    second attribute ("bar") is also an integer, but uses the <atomic>
    element to
    model them as provide additional range restrictions. This attribute
    has two different instances possible access modes, "read-write" or "write-only". A
    default value of classifier LFB, as shown 10 is provided.

    Note that not all attributes are likely to exist at all times in Figure 6(b).

    To distinguish multiple instances of a
    particular implementation.  While the same LFB class, each capabilities will frequently
    indicate this non-existence, CEs may attempt to reference non-
    existent or non-permitted attributes anyway.  The FORCES protocol
    mechanisms should include appropriate error indicators for this
    case.

    The mechanism defined above for non-supported attributes can also
    apply to attempts to reference non-existent array elements or to
    set read-only elements.

 4.7.5. <capabilities> Element to Define LFB
    instance has its own Capability Attributes

    The LFB instance ID.  One way to encode class specification will provide some flexibility for the LFB
    instance ID is to encode it as x.y where x is
    FE implementation regarding how the LFB class ID
    while y is implemented. For
    example the instance ID within each LFB class.

 3.3.2. Configuring class may define some features optional, in which case
    the LFB Topology
    While there is little doubt that actual implementation may or may not provide the individual LFB given feature.
    In these cases the CE must be
    configurable, able to query the configurability question is more complicated for
    LFB topology.  Since LFB topology is really instance about
    the graphic
    representation availability of the datapaths within FE, configuring feature. In addition, the LFB
    topology means dynamically changing instance may have
    some limitations that are not inherent from the datapaths including changes
    to class definition,
    but rather the LFBs along result of some implementation limitations. For
    example, an array attribute may be defined in the class definition
    as "unlimited" size, but the datapaths physical implementation may impose a
    hard limit on an FE, e.g., creating (i.e.,
    instantiating) or deleting LFBs, setting up or deleting
    interconnections between outputs of upstream LFBs to inputs the size of
    downstream LFBs.

    Why would the datapaths on an FE ever change dynamically?  The
    datapaths on an FE array.

    Such capability related information is set up expressed by the CE to provide certain data
    plane services (e.g., DiffServ, VPN, etc.) to capability
    attributes of the NE's customers. LFB class. The purpose capability attributes are always
    read-only attributes, and they are listed in a separate
    <capabilities> element in the <LFBClassDef>. The <capabilities>
    element contains one or more <capability> elements, each defining
    one capability attribute. The format of reconfiguring the datapaths <capability> element is to enable
    almost the CE to
    customize same as the services <attribute> element, it differs in two
    aspects: it lacks the NE access mode attribute (because it is delivering at run time.  The CE
    needs always
    read-only), and it lacks the <defaultValue> element (because
    default value is not applicable to change read-only attributes).

    Some examples of capability attributes:
       . The version of the datapaths when LFB class that this LFB instance complies
         with;
       . Supported optional features of the service requirements change,
    e.g., when adding LFB class;
       . Maximum number of configurable outputs for an output group;
       . Metadata pass-through limitations of the LFB;
       . Maximum size of configurable attribute tables;
       . Additional range restriction on operational attributes;
       . Supported access modes of certain attributes (if the access
         mode of an operational attribute is specified as a new customer, list of two
         or when an existing customer
    changes their service.  However, note that not all datapath changes
    result in changes in mode modes).

    The following example lists two capability attributes:

    <capabilities>
      <capability>
        <name>version</name>
        <synopsis>
          LFB class version this instance is compliant with.
        </synopsis>
        <typeRef>version</typeRef>
      </capability>
      <capability>
        <name>limitBar</name>
        <synopsis>
          Maximum value of the "bar" attribute.
        </synopsis>
        <typeRef>uint16</typeRef>
      </capability>
    </capabilities>

 4.7.6. <description> Element for LFB topology graph, and that is determined
    by Operational Specification

    The <description> element of the approach we use <LFBClass> provides unstructured
    text (in XML sense) to map verbally describe what the datapaths into LFB topology.  As
    discussed in 3.3.1, the topological approach and encoded state
    approach can result in very different looking does.

 4.8. XML Schema for LFB topologies Class Library Documents

    <?xml version="1.0" encoding="UTF-8"?>
    <xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema"
     xmlns="http://ietf.org/forces/1.0/lfbmodel"
     xmlns:lfb="http://ietf.org/forces/1.0/lfbmodel"
     targetNamespace="http://ietf.org/forces/1.0/lfbmodel"
     attributeFormDefault="unqualified"
     elementFormDefault="qualified">
    <xsd:annotation>
      <xsd:documentation xml:lang="en">
      Schema for
    the same datapaths.  In general, an Defining LFB topology based on Classes and associated types (frames,
      data types for LFB attributes, and metadata).
      </xsd:documentation>
    </xsd:annotation>
    <xsd:element name="description" type="xsd:string"/>
    <xsd:element name="synopsis" type="xsd:string"/>
    <!-- Document root element: LFBLibrary -->
    <xsd:element name="LFBLibrary">
      <xsd:complexType>
        <xsd:sequence>
          <xsd:element ref="description" minOccurs="0"/>
          <xsd:element name="load" type="loadType" minOccurs="0"
                       maxOccurs="unbounded"/>
          <xsd:element name="frameDefs" type="frameDefsType"
                       minOccurs="0"/>
          <xsd:element name="dataTypeDefs" type="dataTypeDefsType"
                       minOccurs="0"/>
          <xsd:element name="metadataDefs" type="metadataDefsType"
                       minOccurs="0"/>
          <xsd:element name="LFBClassDefs" type="LFBClassDefsType"
                       minOccurs="0"/>
        </xsd:sequence>
        <xsd:attribute name="provides" type="xsd:Name" use="required"/>
      </xsd:complexType>
      <!-- Uniqueness constraints -->
      <xsd:key name="frame">
        <xsd:selector xpath="lfb:frameDefs/lfb:frameDef"/>
        <xsd:field xpath="lfb:name"/>
      </xsd:key>
      <xsd:key name="dataType">
        <xsd:selector xpath="lfb:dataTypeDefs/lfb:dataTypeDef"/>
        <xsd:field xpath="lfb:name"/>
      </xsd:key>
      <xsd:key name="metadataDef">
        <xsd:selector xpath="lfb:metadataDefs/lfb:metadataDef"/>
        <xsd:field xpath="lfb:name"/>
      </xsd:key>
      <xsd:key name="LFBClassDef">
        <xsd:selector xpath="lfb:LFBClassDefs/lfb:LFBClassDef"/>
        <xsd:field xpath="lfb:name"/>
      </xsd:key>
    </xsd:element>
    <xsd:complexType name="loadType">
      <xsd:attribute name="library" type="xsd:Name" use="required"/>
      <xsd:attribute name="location" type="xsd:anyURI" use="optional"/>
    </xsd:complexType>
    <xsd:complexType name="frameDefsType">
      <xsd:sequence>
        <xsd:element name="frameDef" maxOccurs="unbounded">
          <xsd:complexType>
            <xsd:sequence>
              <xsd:element name="name" type="xsd:NMTOKEN"/>
              <xsd:element ref="synopsis"/>
              <xsd:element ref="description" minOccurs="0"/>
            </xsd:sequence>
          </xsd:complexType>
        </xsd:element>
      </xsd:sequence>
    </xsd:complexType>
    <xsd:complexType name="dataTypeDefsType">
      <xsd:sequence>
        <xsd:element name="dataTypeDef" maxOccurs="unbounded">
          <xsd:complexType>
            <xsd:sequence>
              <xsd:element name="name" type="xsd:NMTOKEN"/>
              <xsd:element ref="synopsis"/>
              <xsd:element ref="description" minOccurs="0"/>
              <xsd:group ref="typeDeclarationGroup"/>
            </xsd:sequence>
          </xsd:complexType>
        </xsd:element>
      </xsd:sequence>
    </xsd:complexType>
    <!--
       Predefined (built-in) atomic data-types are:
           char, uchar, int16, uint16, int32, uint32, int64, uint64,
           string[N], byte[N],
           float16, float32, float64
    -->
    <xsd:group name="typeDeclarationGroup">
      <xsd:choice>
        <xsd:element name="typeRef" type="typeRefNMTOKEN"/>
        <xsd:element name="atomic" type="atomicType"/>
        <xsd:element name="array" type="arrayType"/>
        <xsd:element name="struct" type="structType"/>
        <xsd:element name="union" type="structType"/>
      </xsd:choice>
    </xsd:group>
    <xsd:simpleType name="typeRefNMTOKEN">
      <xsd:restriction base="xsd:token">
        <xsd:pattern value="\c+"/>
        <xsd:pattern value="string\[\d+\]"/>
        <xsd:pattern value="byte\[\d+\]"/>
      </xsd:restriction>
    </xsd:simpleType>
    <xsd:complexType name="atomicType">
      <xsd:sequence>
        <xsd:element name="baseType" type="typeRefNMTOKEN"/>
        <xsd:element name="rangeRestriction"
                        type="rangeRestrictionType minOccurs="0"/>
        <xsd:element name="specialValues" type="specialValuesType"
                     minOccurs="0"/>
      </xsd:sequence>
    </xsd:complexType>
    <xsd:complexType name="rangeRestrictionType">
      <xsd:sequence>
        <xsd:element name="allowedRange" maxOccurs="unbounded">
          <xsd:complexType>
            <xsd:attribute name="min" type="xsd:integer"
    use="required"/>
            <xsd:attribute name="max" type="xsd:integer"
    use="required"/>
          </xsd:complexType>
        </xsd:element>
      </xsd:sequence>
    </xsd:complexType>
    <xsd:complexType name="specialValuesType">
      <xsd:sequence>
        <xsd:element name="specialValue" maxOccurs="unbounded">
          <xsd:complexType>
            <xsd:sequence>
              <xsd:element name="name" type="xsd:NMTOKEN"/>
              <xsd:element ref="synopsis"/>
            </xsd:sequence>
            <xsd:attribute name="value" type="xsd:token"/>
          </xsd:complexType>
        </xsd:element>
      </xsd:sequence>
    </xsd:complexType>
    <xsd:complexType name="arrayType">
      <xsd:sequence>
        <xsd:group ref="typeDeclarationGroup"/>
      </xsd:sequence>
      <xsd:attribute name="type" use="optional"
                     default="variable-size">
        <xsd:simpleType>
          <xsd:restriction base="xsd:string">
            <xsd:enumeration value="fixed-size"/>
            <xsd:enumeration value="variable-size"/>
          </xsd:restriction>
        </xsd:simpleType>
      </xsd:attribute>
      <xsd:attribute name="length" type="xsd:integer" use="optional"/>
      <xsd:attribute name="maxLength" type="xsd:integer"
                     use="optional"/>
    </xsd:complexType>
    <xsd:complexType name="structType">
      <xsd:sequence>
        <xsd:element name="element" maxOccurs="unbounded">
          <xsd:complexType>
            <xsd:sequence>
              <xsd:element name="name" type="xsd:NMTOKEN"/>
              <xsd:element ref="synopsis"/>
              <xsd:group ref="typeDeclarationGroup"/>
            </xsd:sequence>
          </xsd:complexType>
        </xsd:element>
      </xsd:sequence>
    </xsd:complexType>
    <xsd:complexType name="metadataDefsType">
      <xsd:sequence>
        <xsd:element name="metadataDef" maxOccurs="unbounded">
          <xsd:complexType>
            <xsd:sequence>
              <xsd:element name="name" type="xsd:NMTOKEN"/>
              <xsd:element ref="synopsis"/>
              <xsd:element ref="description" minOccurs="0"/>
              <xsd:choice>
                <xsd:element name="typeRef" type="typeRefNMTOKEN"/>
                <xsd:element name="atomic" type="atomicType"/>
              </xsd:choice>
            </xsd:sequence>
          </xsd:complexType>
        </xsd:element>
      </xsd:sequence>
    </xsd:complexType>
    <xsd:complexType name="LFBClassDefsType">
      <xsd:sequence>
        <xsd:element name="LFBClassDef" maxOccurs="unbounded">
          <xsd:complexType>
            <xsd:sequence>
              <xsd:element name="name" type="xsd:NMTOKEN"/>
              <xsd:element ref="synopsis"/>
              <xsd:element name="version" type="versionType"/>
              <xsd:element name="derivedFrom" type="xsd:NMTOKEN"
                           minOccurs="0"/>
              <xsd:element name="inputPorts" type="inputPortsType"
                           minOccurs="0"/>
              <xsd:element name="outputPorts" type="outputPortsType"
                           minOccurs="0"/>
              <xsd:element name="attributes" type="LFBAttributesType"
                           minOccurs="0"/>
              <xsd:element name="capabilities"
                              type="LFBCapabilitiesType"
 minOccurs="0"/>
              <xsd:element ref="description" minOccurs="0"/>
            </xsd:sequence>
          </xsd:complexType>
          <!-- Key constraint to ensure unique attribute names within
               a pure
    topological approach is likely class:
          -->
          <xsd:key name="attributes">
            <xsd:selector xpath="lfb:attributes/lfb:attribute"/>
            <xsd:field xpath="lfb:name"/>
          </xsd:key>
          <xsd:key name="capabilities">
            <xsd:selector xpath="lfb:capabilities/lfb:capability"/>
            <xsd:field xpath="lfb:name"/>
          </xsd:key>
        </xsd:element>
      </xsd:sequence>
    </xsd:complexType>
    <xsd:simpleType name="versionType">
      <xsd:restriction base="xsd:NMTOKEN">
        <xsd:pattern value="[1-9][0-9]*\.([1-9][0-9]*|0)"/>
      </xsd:restriction>
    </xsd:simpleType>
    <xsd:complexType name="inputPortsType">
      <xsd:sequence>
        <xsd:element name="inputPort" type="inputPortType"
                     maxOccurs="unbounded"/>
      </xsd:sequence>
    </xsd:complexType>
    <xsd:complexType name="inputPortType">
      <xsd:sequence>
        <xsd:element name="name" type="xsd:NMTOKEN"/>
        <xsd:element ref="synopsis"/>
        <xsd:element name="expectation" type="portExpectationType"/>
        <xsd:element ref="description" minOccurs="0"/>
      </xsd:sequence>
      <xsd:attribute name="group" type="booleanType" use="optional"
                     default="no"/>
    </xsd:complexType>
    <xsd:complexType name="portExpectationType">
      <xsd:sequence>
        <xsd:element name="frameExpected" minOccurs="0">
          <xsd:complexType>
            <xsd:sequence>
              <!-- ref must refer to experience more frequent topology
    reconfiguration than one based on an encoded state approach.
    However, even an LFB topology based entirely on an encoded state
    approach may have a name of a defined frame type -->
              <xsd:element name="ref" type="xsd:string"
                           maxOccurs="unbounded"/>
            </xsd:sequence>
          </xsd:complexType>
        </xsd:element>
        <xsd:element name="metadataExpected" minOccurs="0">
          <xsd:complexType>
            <xsd:choice maxOccurs="unbounded">
              <!-- ref must refer to change a name of a defined metadata -->
              <xsd:element name="ref" type="metadataInputRefType"/>
              <xsd:element name="one-of"
                           type="metadataInputChoiceType"/>
            </xsd:choice>
          </xsd:complexType>
        </xsd:element>
      </xsd:sequence>
    </xsd:complexType>
    <xsd:complexType name="metadataInputChoiceType">
      <xsd:choice minOccurs="2" maxOccurs="unbounded">
        <!-- ref must refer to a name of a defined metadata -->
        <xsd:element name="ref" type="xsd:NMTOKEN"/>
        <xsd:element name="one-of" type="metadataInputChoiceType"/>
        <xsd:element name="metadataSet" type="metadataInputSetType"/>
      </xsd:choice>
    </xsd:complexType>
    <xsd:complexType name="metadataInputSetType">
      <xsd:choice minOccurs="2" maxOccurs="unbounded">
        <!-- ref must refer to a name of a defined metadata -->
        <xsd:element name="ref" type="metadataInputRefType"/>
        <xsd:element name="one-of" type="metadataInputChoiceType"/>
      </xsd:choice>
    </xsd:complexType>
    <xsd:complexType name="metadataInputRefType">
      <xsd:simpleContent>
        <xsd:extension base="xsd:NMTOKEN">
          <xsd:attribute name="dependency" use="optional"
                         default="required">
            <xsd:simpleType>
              <xsd:restriction base="xsd:string">
                <xsd:enumeration value="required"/>
                <xsd:enumeration value="optional"/>
              </xsd:restriction>
            </xsd:simpleType>
          </xsd:attribute>
          <xsd:attribute name="defaultValue" type="xsd:token"
                         use="optional"/>
        </xsd:extension>
      </xsd:simpleContent>
    </xsd:complexType>
    <xsd:complexType name="outputPortsType">
      <xsd:sequence>
        <xsd:element name="outputPort" type="outputPortType"
                     maxOccurs="unbounded"/>
      </xsd:sequence>
    </xsd:complexType>
    <xsd:complexType name="outputPortType">
      <xsd:sequence>
        <xsd:element name="name" type="xsd:NMTOKEN"/>
        <xsd:element ref="synopsis"/>
        <xsd:element name="product" type="portProductType"/>
        <xsd:element ref="description" minOccurs="0"/>
      </xsd:sequence>
      <xsd:attribute name="group" type="booleanType" use="optional"
                     default="no"/>
    </xsd:complexType>
    <xsd:complexType name="portProductType">
      <xsd:sequence>
        <xsd:element name="frameProduced">
          <xsd:complexType>
            <xsd:sequence>
              <!-- ref must refer to a name of a defined frame type -->
              <xsd:element name="ref" type="xsd:NMTOKEN"
                           maxOccurs="unbounded"/>
            </xsd:sequence>
          </xsd:complexType>
        </xsd:element>
        <xsd:element name="metadataProduced" minOccurs="0">
          <xsd:complexType>
            <xsd:choice maxOccurs="unbounded">
              <!-- ref must refer to a name of a defined metadata -->
              <xsd:element name="ref" type="metadataOutputRefType"/>
              <xsd:element name="one-of"
                           type="metadataOutputChoiceType"/>
            </xsd:choice>
          </xsd:complexType>
        </xsd:element>
      </xsd:sequence>
    </xsd:complexType>
    <xsd:complexType name="metadataOutputChoiceType">
      <xsd:choice minOccurs="2" maxOccurs="unbounded">
        <!-- ref must refer to a name of a defined metadata -->
        <xsd:element name="ref" type="xsd:NMTOKEN"/>
        <xsd:element name="one-of" type="metadataOutputChoiceType"/>
        <xsd:element name="metadataSet" type="metadataOutputSetType"/>
      </xsd:choice>
    </xsd:complexType>
    <xsd:complexType name="metadataOutputSetType">
      <xsd:choice minOccurs="2" maxOccurs="unbounded">
        <!-- ref must refer to a name of a defined metadata -->
        <xsd:element name="ref" type="metadataOutputRefType"/>
        <xsd:element name="one-of" type="metadataOutputChoiceType"/>
      </xsd:choice>
    </xsd:complexType>
    <xsd:complexType name="metadataOutputRefType">
      <xsd:simpleContent>
        <xsd:extension base="xsd:NMTOKEN">
          <xsd:attribute name="availability" use="optional"
                         default="unconditional">
            <xsd:simpleType>
              <xsd:restriction base="xsd:string">
                <xsd:enumeration value="unconditional"/>
                <xsd:enumeration value="conditional"/>
              </xsd:restriction>
            </xsd:simpleType>
          </xsd:attribute>
        </xsd:extension>
      </xsd:simpleContent>
    </xsd:complexType>
    <xsd:complexType name="LFBAttributesType">
      <xsd:sequence>
        <xsd:element name="attribute" maxOccurs="unbounded">
          <xsd:complexType>
            <xsd:sequence>
              <xsd:element name="name" type="xsd:NMTOKEN"/>
              <xsd:element ref="synopsis"/>
              <xsd:element ref="description" minOccurs="0"/>
              <xsd:group ref="typeDeclarationGroup"/>
              <xsd:element name="defaultValue" type="xsd:token"
                           minOccurs="0"/>
            </xsd:sequence>
            <xsd:attribute name="access" use="optional"
                           default="read-write">
              <xsd:simpleType>
                <xsd:list itemType="accessModeType"/>
              </xsd:simpleType>
            </xsd:attribute>
          </xsd:complexType>
        </xsd:element>
      </xsd:sequence>
    </xsd:complexType>
    <xsd:simpleType name="accessModeType">
      <xsd:restriction base="xsd:NMTOKEN">
        <xsd:enumeration value="read-only"/>
        <xsd:enumeration value="read-write"/>
        <xsd:enumeration value="write-only"/>
        <xsd:enumeration value="read-reset"/>
        <xsd:enumeration value="trigger-only"/>
      </xsd:restriction>
    </xsd:simpleType>
    <xsd:complexType name="LFBCapabilitiesType">
      <xsd:sequence>
        <xsd:element name="capability" maxOccurs="unbounded">
          <xsd:complexType>
            <xsd:sequence>
              <xsd:element name="name" type="xsd:NMTOKEN"/>
              <xsd:element ref="synopsis"/>
              <xsd:element ref="description" minOccurs="0"/>
              <xsd:group ref="typeDeclarationGroup"/>
            </xsd:sequence>
          </xsd:complexType>
        </xsd:element>
      </xsd:sequence>
    </xsd:complexType>
    <xsd:simpleType name="booleanType">
      <xsd:restriction base="xsd:string">
        <xsd:enumeration value="yes"/>
        <xsd:enumeration value="no"/>
      </xsd:restriction>
    </xsd:simpleType>
    </xsd:schema>

 5. FE Attributes and Capabilities

    A ForCES forwarding element handles traffic on behalf of a ForCES
    control element.  While the topology at times, standards will describe the protocol
    and mechanisms for example, this control, different implementations and
    different instances will have different capabilities.  The CE needs
    to
    totally bypass some LFBs or insert new LFBs.  Since a mix be able to determine what each instance it is responsible for is
    actually capable of these
    two approaches doing.  As stated previously, this is used an
    approximation.  The CE is expected to model be prepared to cope with
    errors in requests and variations in detail not captured by the datapaths, LFB topology
    reconfiguration is considered
    capabilities information about an important aspect of the FE model.

    We want FE.

    In addition to point out its capabilities, an FE will have some information
    (attributes) that allowing a configurable LFB topology can be used in understanding and controlling the FE
    forwarding operations.  Some of the attributes will be read only,
    while others will also be writeable.

    The ForCES protocol will define the actual mechanism for getting
    and setting attribute information.  This model does not mandate that all FEs must have such
    capability.  Even if an FE supports configurable LFB topology, it
    is expected defines the starting
    set of information that there will be FE-specific limitations on what can
    actually be configured.  Performance-optimized hardware
    implementation may have zero or very limited configurability, while
    FE implementations running on network processors may provide more
    flexibility available.  This definition
    includes the semantics and configurability. the structuring of the information.  It is entirely up
    also provides for extensions to the FE
    designers this information.

    In order to decide whether or not crisply define the attribute information and structure,
    this document describes the attributes as information in an
    abstract XML document.  Conceptually, each FE actually implements contains such
    reconfiguration and how much.  Whether it is a simple runtime
    switch to enable or disable (i.e., bypass) certain LFBs, or more
    flexible software reconfiguration
    document.  The document structure is all implementation detail
    internal to the FE but outside of the scope of FE defined by the XML Schema
    contained in this model.  In either
    case,  Operationally, the CE(s) must be able ForCES protocol refers
    to learn the FE's configuration information contained in that document in order to read or write
    FE attributes and capabilities.  Therefore,  This document is an abstract
    representation of the FE model must provide information.  There is no requirement that
    such a mechanism for
    describing document actually exist in memory.  Unless the LFB topology configuration capabilities of an FE.
    These capabilities may include (see Section 6 ForCES
    protocol calls for details):
       . What LFB classes can the FE instantiate?
       . How many instances transfer of the same LFB class can information in XML, the
    information is not required to ever be created?
       . What are represented in the topological limitations?  For example:
            o How many instances of FE in
    XML.  The XML schema serves only to identify the same class or any class can be
              created on any given branch elements and
    structure of the graph?
            o Ordering restrictions on LFBs (e.g., any instance of LFB
              class A must be always downstream of any instance information.

    The subsections in this part of LFB
              class B).

    Even if the CE is allowed to configure LFB topology for an FE, how
    can the CE interpret an arbitrary LFB topology (presented to document provide the CE
    by details on
    this aspect of the FE) and know what to do with it?  In another word, how does FE model.  5.1 gives the CE know XML schema for the mapping between an LFB topology and a particular NE
    service or application (e.g., VPN, DiffServ, etc.)?  We argue that
    first of all, it is unlikely that an
    abstract FE can support any arbitrary
    LFB topology; secondly, once attribute document.  5.2 elaborates on each of the CE understands
    defined attributes of the coarse
    capability FE, following the hierarchy of the
    schema.  5.3 provides an FE, it is up example XML FE attribute document to
    clarify the CE to configure meaning of 5.1 and 5.2.

 5.1. XML Schema for FE Attribute Documents

    <?xml version="1.0" encoding="UTF-8"?>
    <xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema">

     <xsd:annotation>
      <xsd:documentation xml:lang="en">
       Schema for the Abstract FE Attributes and Capabilities Document
      </xsd:documentation>
     </xsd:annotation>

     <xsd:element name="FEDocument">
      <xsd:complexType>
       <xsd:sequence>
        <xsd:element name="FECapabilities" type="FECapabilitiesType"
             minOccurs="0" maxOccurs="1"/>
        <xsd:element name="FEAttributes" type="FEAttributesType"
             minOccurs="0" maxOccurs="1"/>
       </xsd:sequence>
      </xsd:complexType>
     </xsd:element>

     <xsd:complexType name="FECapabilitiesType">
      <xsd:sequence>
       <xsd:element name="ModifiableLFBTopology" type="xsd:boolean"
            minOccurs="0" maxOccurs="1"/>
       <xsd:element name="SupportedLFBs" minOccurs="0" maxOccurs="1">
        <xsd:complexType>
         <xsd:sequence>
          <xsd:element name="SupportedLFB" type="SupportedLFBType"
               minOccurs="1" maxOccurs="unbounded"/>
         </xsd:sequence>
        </xsd:complexType>
       </xsd:element>
       <xsd:element name="SupportedAttributes"
            type="SupportedAttributesType"
            minOccurs="0" maxOccurs="1"/>
      </xsd:sequence>
     </xsd:complexType>

     <xsd:complexType name="SupportedLFBType">
      <xsd:sequence>
       <!-- the name of a supported LFB
    topology according to -->
       <xsd:element name="LFBName" type="xsd:NMTOKEN"/>
       <!-- how many of this LFB class can exist -->
       <xsd:element name="LFBOccurrenceLimit"
            type="xsd:nonNegativeInteger" minOccurs="0" maxOccurs="1"/>
       <!-- For each port group, how many ports can exist -->
       <xsd:element name="PortGroupLimits" minOccurs="0" maxOccurs="1">
        <xsd:complexType>
         <xsd:sequence>
          <xsd:element name="PortGroupLimit" minOccurs="0"
               maxOccurs="unbounded">
           <xsd:complexType>
            <xsd:sequence>
             <xsd:element name="PortGroupName" type="xsd:NMTOKEN"/>
             <xsd:element name="MinPortCount"
                  type="xsd:nonNegativeInteger"
                  minOccurs="0" maxOccurs="1"/>
             <xsd:element name="MaxPortCount"
                  type="xsd:nonNegativeInteger"
                  minOccurs="0" maxOccurs="1"/>
            </xsd:sequence>
           </xsd:complexType>
          </xsd:element>
         </xsd:sequence>
        </xsd:complexType>
       </xsd:element>
       <!-- for the network service named LFB Class, the NE is supposed to
    provide.  So LFB Classes it may follow -->
       <xsd:element name="CanOccurAfters" minOccurs="0" maxOccurs="1">
        <xsd:complexType>
         <xsd:sequence>
          <xsd:element name="CanOccurAfter"
               type="LFBAdjacencyLimitType"
               minOccurs="0" maxOccurs="unbounded"/>
         </xsd:sequence>
        </xsd:complexType>
       </xsd:element>

       <!-- for the more important mapping that named LFB Class, which LFB Classes may follow -->
       <xsd:element name="CanOccurBefores" minOccurs="0" maxOccurs="1">
        <xsd:complexType>
         <xsd:sequence>
          <xsd:element name="CanOccurBefore"
               type="LFBAdjacencyLimitType"
               minOccurs="0" maxOccurs="unbounded"/>
         </xsd:sequence>
        </xsd:complexType>
       </xsd:element>
       <!-- information defined by the CE has to
    understand is from Class Definition -->
       <xsd:element name="LFBClassCapabilities" type="xsd:anyType"
            minOccurs="0" maxOccurs="1"/>
      </xsd:sequence>
     </xsd:complexType>

     <xsd:complexType name="LFBAdjacencyLimitType">
      <xsd:sequence>
       <xsd:element name="NeighborLFB" type="xsd:NMTOKEN"/>
       <xsd:element name="viaPort" type="xsd:NMTOKEN"
            minOccurs="0" maxOccurs="unbounded"/>
      </xsd:sequence>
     </xsd:complexType>

     <xsd:complexType name="SupportedAttributesType">
      <xsd:sequence>
       <xsd:element name="SupportedAttribute"
            minOccurs="0" maxOccurs="unbounded">
        <xsd:complexType>
         <xsd:sequence>
          <xsd:element name="AttributeName" type="xsd:NMTOKEN"/>
          <xsd:element name="AccessModes" type="xsd:NMTOKEN"/>
         </xsd:sequence>
        </xsd:complexType>
       </xsd:element>
      </xsd:sequence>
     </xsd:complexType>

     <xsd:complexType name="FEAttributesType">
      <xsd:sequence>
       <xsd:element name="Vendor" type="xsd:string" minOccurs="0"/>
       <xsd:element name="Model" type="xsd:string" minOccurs="0"/>
       <xsd:element name="FEStatus" type="FEStateType" minOccurs="0"/>
       <xsd:element name="LFBInstances" minOccurs="0" maxOccurs="1">
        <xsd:complexType>
         <xsd:sequence>
          <xsd:element name="LFBInstance" minOccurs="0"
               maxOccurs="unbounded">
           <xsd:complexType>
            <xsd:sequence>
             <xsd:element name="LFBClassName" type="xsd:NMTOKEN"/>">
             <xsd:element name="LFBInstanceID" type="xsd:NMTOKEN"/>">
            </xsd:sequence>
           </xsd:complexType>
          </xsd:element>
         </xsd:sequence>
        </xsd:complexType>
       </xsd:element>
       <xsd:element name="LFBTopology" type="LFBTopologyType"
            minOccurs="0" maxOccurs="1"/>
       <xsd:element name="FEConfiguredNeighbors" minOccurs="0"
            maxOccurs="1">
        <xsd:complexType>
         <xsd:sequence>
          <xsd:element name="FEConfiguredNeighbor"
               type="FEConfiguredNeighborType"
               minOccurs="0" maxOccurs="unbounded"/>
         </xsd:sequence>
        </xsd:complexType>
       </xsd:element>
      </xsd:sequence>
     </xsd:complexType>

     <xsd:complexType name="LFBTopologyType">
      <xsd:sequence>
       <xsd:element name="LFBLink" minOccurs="0" maxOccurs="unbounded">
        <xsd:complexType>
         <xsd:sequence>
          <xsd:element name="FromLFBID" type="xsd:NMTOKEN"/>
          <xsd:element name="FromPortGroup" type="xsd:NMTOKEN"/>
          <xsd:element name="FromPortIndex"
               type="xsd:nonNegativeInteger"/>
          <xsd:element name="ToLFBID" type="xsd:NMTOKEN"/>
          <xsd:element name="ToPortGroup" type="xsd:NMTOKEN"/>
          <xsd:element name="ToPortIndex"
               type="xsd:nonNegativeInteger"/>
         </xsd:sequence>
        </xsd:complexType>
       </xsd:element>
      </xsd:sequence>
     </xsd:complexType>
     <xsd:complexType name="FEConfiguredNeighborType">
      <xsd:sequence>
       <xsd:element name="NeighborID" type="xsd:anyType"/>
       <xsd:element name="NeighborInterface" type="xsd:anyType"/>
       <xsd:element name="NeighborNetworkAddress" type="xsd:anyType"
            minOccurs="0" maxOccurs="1"/>
       <xsd:element name="NeighborMACAddress" type="xsd:anyType"
            minOccurs="0" maxOccurs="1"/>
      </xsd:sequence>
     </xsd:complexType>

     <!-- The values for the high simple state attribute -->
     <!-- These should probably be directly encodable in the -->
     <!-- protocol so they may end up numeric instead of strings -->
     <xsd:simpleType name="FEStateType">
      <xsd:restriction base="xsd:NMTOKEN">
       <xsd:enumeration value="AdminDisable"/>
       <xsd:enumeration value="OperDisable"/>
       <xsd:enumeration value="OperEnable"/>
      </xsd:restriction>
     </xsd:simpleType>

    </xsd:schema>

 5.2. FEDocument

    An instance of this document captures the capabilities and FE level NE service to
    attribute / state information about a specific LFB
    topology, not the other way around.  Do we expect given FE.  Currently, two
    elements are allowed in the CE has FEDocument, FECapabilities and
    FEAttributes.

    At the
    ultimate intelligence moment, all capability and attribute information in this
    abstract document is defined as optional.  We may wish to translate any high level service policy
    into the configuration data mandate
    support for the FEs?  No, but it some capability and/or attribute information.

    If a protocol using binary encoding of this information is conceivable
    that within adopted
    by the ForCES working group, then each relevant element defined in
    the schema will have a given network service domain (like DiffServ), "ProtocolEncoding" attribute added, with a
    certain amount of intelligence can be programmed into
    "Fixed" value providing the CE such value that is used in the CE has a general understanding of protocol for
    that element, so that the LFBs involved XML and so the translation from a high level service policy to on the low level
    FE configuration wire protocol can be done automatically.  In any event, this
    correlated.

 5.2.1.  FECapabilities
    This element, which if it occurs must occur only once, contains all
    the capability related information about the FE.  Capability
    information is always considered an implementation issue internal to be read-only.

    The currently defined elements allowed within the control plane
    and outside FECapabilities
    element are ModifiableLFBTopology, LFBsSupported,
    WriteableAttributes and ReadableAttributes.

 5.2.1.1. ModifiableLFBTopology

    This element has a boolean value.  This element indicates whether
    the scope LFB topology of the FE model. Therefore, it is not
    discussed any further in this draft.

         +----------+     +-----------+
    ---->| Ingress  |---->|classifier |--------------+
         |          |     |chip       |              |
         +----------+     +-----------+              |
                                                     v
                         +-------------------------------------------+
           +--------+    |   Network Processor                       |
      <----| Egress |    |   +------+    +------+   +-------+        |
           +--------+    |   |Meter |    |Marker|   |Dropper|        |
                 ^       |   +------+    +------+   +-------+        |
                 |       |                                           |
      +----------+-------+                                           |
      |          |                                                   |
      |    +---------+       +---------+   +------+    +---------+   |
      |    |Forwarder|<------|Scheduler|<--|Queue |    |Counter  |   |
      |    +---------+       +---------+   +------+    +---------+   |
      |--------------------------------------------------------------+

                 (a)  The Capability of may be changed by the FE, reported to CE.  If the
    element is absent, the default value is assumed to be true, and the
    CE presumes the CE

           +-----+    +-------+                      +---+
           |    A|--->|Queue1 |--------------------->|   |
    ------>|     |    +-------+                      |   |  +---+
           |     |                                   |   |  |   |
           |     |    +-------+      +-------+       |   |  |   |
           |    B|--->|Meter1 |----->|Queue2 |------>|   |->|   |
           |     |    |       |      +-------+       |   |  |   |
           |     |    |       |--+                   |   |  |   |
           +-----+    +-------+  |   +-------+       |   |  +---+
         classifier              +-->|Dropper|       |   |  IPv4
                                     +-------+       +---+  Fwd.
                                                  Scheduler
                 (b)  One LFB topology as configured by may be changed. If the CE value is
    present and
                      accepted by set to false, the FE

                                                  Queue1
                       +---+                    +--+
                       |  A|------------------->|  |--+
                    +->|   |                    |  |  |
                    |  |  B|--+  +--+   +--+    +--+  |
                    |  +---+  |  |  |   |  |          |
                    | Meter1  +->|  |-->|  |          |
                    |            |  |   |  |          |
                    |            +--+   +--+          |          Ipv4
                    |         Counter1 Dropper1 Queue2|    +--+  Fwd.
            +---+   |                           +--+  +--->|A |  +-+
            |  A|---+                           |  |------>|B |  | |
     ------>|  B|------------------------------>|  |  +--->|C |->| |->
            |  C|---+                           +--+  | +->|D |  | |
            |  D|-+ |                                 | |  +--+  +-+
            +---+ | |    +---+                  Queue3| | Scheduler
        Classifier1 | |  |  A|------------>       +--+  | |
                    | +->|   |                    |  |--+ |
                    |    |  B|--+  +--+ +-------->|  |    |
                    |    +---+  |  |  | |         +--+    |
                    |  Meter2   +->|  |-+                 |
                    |              |  |                   |
                    |              +--+           Queue4  |
                    |            Marker1          +--+    |
                    +---------------------------->|  |----+
                                                  |  |
                                                  +--+
                 (c)  Another LFB topology as configured of the FE is fixed.  In
    that case, the LFBs supported clause may be omitted, and the list
    of supported LFBs is inferred by the CE from the LFB topology
    information.  If the list of supported LFBs is provided when
    ModifiableLFBTopology is false, the CanOccurBefore and
                      accepted by
    CanOccurAfter information should be omitted.

 5.2.1.2. SupportedLFBs and SupportedLFB

    One capability that the FE

         Figure 7. An example should include is the list of configuring supported
    LFB topology.

    Figure 7 shows an example where a QoS-enabled router has several
    line cards that have a few ingress ports and egress ports, a
    specialized classification chip, classes. The SupportedLFBs element, which occurs at most once,
    serves as a network processor containing
    codes wrapper for FE blocks like meter, marker, dropper, counter, queue,
    scheduler and Ipv4 forwarder.  Some of the list of LFB topology classes supported. Each
    class is already
    fixed and has to remain static due to the physical layout described in a SupportedLFB element.

    Each occurrence of the
    line cards.  For example, all the ingress ports might be already
    hard wired into the classification chip and so all packets must
    follow from the ingress port into SupportedLFB element describes an LFB class
    that the classification engine.  On FE supports.  In addition to indicating that the other hand, FE
    supports the class, FEs with modifiable LFB topology should include
    information about how LFBs on the network processor and their
    execution order are programmable, even though there might exist
    certain capacity limits and linkage constraints between these LFBs.
    Examples of the capacity limits might be: there can be no more than
    8 meters; there can specified class may be no more than 16 queues connected
    to other LFBs.  This information should describe which LFB classes
    the specified LFB class may succeed or precede in one FE; the
    scheduler can handle at most up to 16 queues; etc. LFB topology.
    The linkage
    constraints might dictate FE should include information as to which port groups may be
    connected to the given adjacent LFB class.  If port group
    information is omitted, it is assumed that classification engine all port groups may be
    followed by a meter, marker, dropper, counter, queue or IPv4
    forwarder, but
    used.

 5.2.1.2.1. LFBName

    This element has as its value the name of the LFB being described.

 5.2.1.2.2. LFBOccurrenceLimit

    This element, if present, indicates the largest number of instances
    of this LFB class the FE can support.  For FEs that do not scheduler; queues have the
    capability to create or destroy LFB instances, this can only either be followed by a
    scheduler; a scheduler must
    omitted or be followed the same as the number of LFB instances of this class
    contained in the LFB list attribute.

 5.2.1.2.3. PortGroupLimits and PortGroupLimit

    The PortGroupLimits element is the wrapper to hold information
    about the port groups supported by the IPv4 forwarder; LFB class. It holds multiple
    occurrences of the PortGroupLimit element.

    Each occurrence of the PortGroupLimit element contains the port
    occurrence information for a single port group of the
    last LFB class.
    Each occurrence has the name of the port group in the datapath before going into PortGroupName
    element, the egress fewest number of ports must be that can exist in the IPv4 forwarder, etc.

    Once group in
    the FE reports such capability MinPortCount element, and capacity to the CE, it largest number of ports that can
    exist in the group in the MaxPortCount element.

 5.2.1.2.4.CanOccurAfters and CanOccurAfter

    The CanOccurAfters element is
    now up a wrapper to hold the CE multiple
    occurrences of the CanOccurAfter permissible placement information.

    The CanOccurAfter element describes a permissible positioning of
    the SupportedLFB.  Specifically, it names an LFB that can
    topologically precede the SupportedLFB.  That is, the SupportedLFB
    can have an input port connected to translate an output port of the QoS policy into LFB that
    it CanOccurAfter. The LFB class that the desirable
    configuration SupportedLFB can follow is
    identified by the NeighborLFB element of the CanOccurAfter element.
    If this neighbor can only be connected to a specific set of input
    port groups, then the viaPort element is included.  This element
    occurs once for each input port group of the FE.  Figure 7(a) depicts SupportedLFB that can
    be connected to an output port of the FE capability
    while 7(b) NeighborLFB.

    [e.g., Within a SupportedLFB element, each CanOccurAfter element
    must have a unique NeighborLFB, and 7(c) depict two different topologies that within each CanOccurAfter
    element each viaPort must represent a unique and valid input port
    group of the FE
    might be asked SupportedLFB.  The "unique" clauses for this have not
    yet been added to configure to.  Note that both the ingress and
    egress are omitted in (b) schema.]

 5.2.1.2.5. CanOccurBefores and (c) for simple representation. CanOccurBefore

    The
    topology in 7(c) CanOccurBefores element is considerably more complex than 7(b) but both
    are feasible within the FE capabilities, and so a wrapper to hold the FE should
    accept either configuration request from multiple
    occurrences of the CE.

 4. LFB Model -- LFB and Associated Data Definitions CanOccurBefore permissible placement
    information.

    The main goal CanOccurBefore element similarly lists those LFB classes that
    the SupportedLFB may precede in the topology.  In this element, the
    viaPort element represents the output port group of the FE model is
    SupportedLFB that may be connected to provide an abstract, generic,
    modular, implementation independent representation of the FEs. This
    is facilitated using NeighborLFB.  As with
    CanOccurAfter, viaPort may occur multiple times if multiple output
    ports may legitimately connect to the concept given NeighborLFB class.

    [And a similar set of LFBs which are instantiated
    from uniqueness constraints apply to the
    CanOccurBefore clauses, even though an LFB classes. The may occur both in
    CanOccurAfter and CanOccurBefore.]

 5.2.1.2.6. LFBClassCapabilities

    This element contains capability information about the subject LFB model is
    class whose structure and semantics are defined in this section by the LFB class
    definition.

 5.2.1.3. SupportedAttributes

    This element serves as a wrapper to
    describe hold the content and structures information about
    attributed related capabilities. Specifically, attributes should be
    described in LFB this element if:
       a) they are optional elements in the standard and associated data type
    definition.

    The core part are supported
         by the FE, or
       b) the standard allows for a range of access permissions (for
         example, read-only or read-write).

    Each attribute so described is contained in the model SupportedAttributes
    element. That element contains an AttributeName element whose value
    is the definition of LFB classes.
    Section 4.4 provides more discussion on what will be part name of the element being described and an LFB
    class definition.

    Operational parameters AccessModes
    element, whose value is the list of permissions.

 5.2.2. FEAttributes

    The FEAttributes element contains the attributes of the LFBs FE that must are
    not considered "capabilities".  Some of these attributes are
    writeable, and some are read-only, which should be visible to indicated by the CEs
    are conceptualized in
    capability information.  At the model as moment, the LFB attributes. These
    include, for example, flags, single parameter arguments, complex
    arguments, set of attributes is
    woefully incomplete.  Each attribute is identified by a unique
    element tag, and tables.  The definition the value of the attributes element is the value of an LFB
    MUST be part the
    attribute.

 5.2.2.1. FEStatus

    This attribute carries the overall state of the LFB class definition. To promote consistent FE.  For now, it is
    restricted to the strings AdminDisable, OperDisable and
    terse definitions of OperEnable.

 5.2.2.2.LFBInstances and LFBInstance
    The LFBInstances element serves as a wrapper to hold the attributes multiple
    occurrences of the LFBInstance information about individual LFB classes, commonly used
    attribute types SHOULD be defined in
    instances on the model outside FE.

    Each occurrence of the LFBInstance element describes a single LFB
    instance.  Each element contains an LFBClassName indicating what
    class definitions, so that LFB class definitions can "share" these
    type definitions by simply this instance has, and an LFBInstanceID indicating the ID
    used for referring to this instance.  For now, the types. What will
    comprise ID uses the
    NMTOKEN construction.  Further protocol work is likely to replace
    this with a data type definition range restricted integer.

 5.2.2.3. LFBTopology and LFBLink

    This optional element contains the information about each inter-LFB
    link inside the FE.  Each link is further discussed described in Section
    4.1.

    LFBs form an LFBLink element.
    This element contains sufficient information to identify precisely
    the end points of a directed graph with each other by sending and receiving
    packets and associated metadata. To provide consistency and logical
    inter-operability among LFB classes, packet types (generic frame
    types) link. The FromLFBID and metadata types MUST BE specified outside of ToLFBID fields indicate
    the LFB
    class definitions (but part instances at each end of the LFB model), so that link, and must reference LFBs
    in the LFB
    class definitions can simply refer to these types. These blocks are
    further discussed in Section 4.3 instance table.  The FromPortGroup and Section 4.2, respectively.
    In summary, ToPortGroup must
    identify output and input port groups defined in the LFB model will consist classes of
    the following four
    categories of definitions:
       1)  Common data type definitions (Section 4.1)
       2)  Metadata definitions (Section 4.2);
       3)  Frame format definitions (Section 4.3);
       4) LFB class definitions (Section 4.4).

    It is not expected that instances identified by the above information is exchanged between
    FEs FromLFBID and CEs "over-the-wire".  But ToLFBID.  The
    FromPortIndex and ToPortIndex fields select the model will serve as an
    important reference for elements from the design and development of
    port groups that this link connects.  All links are uniquely
    identified by the CEs
    (software) FromLFBID, FromPortGroup, and FEs (mostly the software part).

 4.1. General Data Type Definitions

    Data types will be used to describe FromPortIndex
    fields.  Multiple links may have the LFB attributes (see Section
    4.4.4).  This same ToLFBID, ToPortGroup, and
    ToPortIndex as this model supports fan in of inter-LFB links but
    not fan out.

 5.2.2.4. FEConfiguredNeighbors an FEConfiguredNeighbor

    The FEConfiguredNeighbors element is similar a wrapper to hold the concept of having a common header
    file for shared data types. Data types will include atomic data
    types (e.g. integer, ASCII string), as well as compound or derived
    data types (such as arrays and structures).  Given
    configuration information that one or more FEConfiguredNeighbor
    elements convey about the FORCES configured FE topology.

    The FEConfiguredNeighbor element occurs once for each configured FE
    neighbor the FE knows about.  It should not be filled in based on
    FE level protocol will operations.  In general, neighbor discovery
    operation on the FE should be getting represented and setting attribute values, all atomic
    data types used here must be able manipulated as an
    LFB.  However, for FEs that include neighbor discovery and do not
    have such an LFB, it is permitted to be conveyed fill in the FORCES
    protocol.  Further, the FORCES protocol will need a mechanism to
    convey compound data types.  Details of information in
    this table based on such representation are for protocols.

    Similarly, the protocol document, not MAC address information in the model documents.

    Compound data types can build on atomic data types and other
    compound data types. There table is intended to
    be used in situations where neighbors are three ways that compound data types
    can configured by MAC
    address.  Resolution of network layer to MAC address information
    should be defined.  They captured in ARP LFBs, not duplicated in this table.  Note
    that the same neighbor may be defined as an array of elements of
    some compound reached through multiple interfaces
    or atomic data type.  They may be a structure at multiple addresses.  There is no uniqueness requirement of
    named elements
    any sort on occurrences of compound or atomic data types (ala C structures).
    They may also be defined as augmentations (explained below in
    4.1.3) the FEConfiguredNeighbor element.

    Information about the intended forms of existing compound data types.

    In addition, any data type may be used to define exchange with a new type by
    restricting given
    neighbor is not captured here, only the range of values that adjacency information is
    included.

 5.2.2.4.1.NeighborID

    This is the ID in some space meaningful to the CE for the neighbor.
    If this table remains, we probably should add an instance FEID from the same
    space as an attribute of the data FE.

 5.2.2.4.2.NeighborInterface

    This identifies the interface through which the neighbor is
    reached.

    [Editors note: As the port structures become better defined, the
    type
    can take on, and specifying specific semantics that go for this should be filled in with that.
    This the types necessary to
    reference the various possible neighbor interfaces, include
    physical interfaces, logical tunnels, virtual circuits, etc.]

 5.2.2.4.3. NeighborNetworkAddress

    Neighbor configuration is similar to frequently done on the SNMP notion basis of a textual convention. network
    layer address.  For each data type neighbors configured in that fashion, this is
    where that address is stored.

 5.2.2.4.4.NeighborMacAddress

    Neighbors are sometimes configured using MAC level addresses
    (Ethernet MAC address, circuit identifiers, etc.)  If such
    addresses are used to configure the following adjacency, then that
    information MUST be provided:
    . Symbolic name of data type. Example: "T_IPV4ADDRESS".
    . Actual type declaration.

    In addition, a data type definition MAY include the following:
       . Range restrictions.
       . A set of symbolic names for special values. Example:
         "IPV4ADDR_LOOPBACK". is stored here.  Note that not all attributes will exist at all times in all
    implementations.  While the capabilities will frequently indicate
    this non-existence, CEs may attempt over some ports such as
    physical point to reference non-existent point links or
    non-permitted attributes anyway. virtual circuits considered as
    individual interfaces, there is no need for either form of address.

 5.3. Sample FE Attribute Document

    <?xml version="1.0">
    <fm:FEDocument xmlns:fm="http://www.ietf.org/...theschema...">

     <fm:FECapabilities>

      <fm:ModifiableLFBTopology> true </fm:ModifiableLFBTopology>
      <fm:SupportedLFBs>
       <fm:SupportedLFB>
        <!-- A simple single-input multi-output classifier -->
        <fm:LFBName> Classifier </fm:LFBName>
        <fm:LFBOccurrenceLimit> 3 </fm:LFBOccurrenceLimit>

        <fm:PortGroupLimits>
         <fm:PortGroupLimit>
          <!-- The FORCES protocol mechanisms
    should include appropriate input port -->
          <fm:PortGroupName> InputPortGroup </fm:PortGroupName>
          <fm:MinPortCount> 1 </fm:MinPortCount>
          <fm:MaxPortCount> 1 </fm:MaxPortCount>
         </fm:PortGroupLimit>
         <fm:PortGroupLimit>
         <!--The normal output ports -->
         <fm:PortGroupName> OutputPortGroup </fm:PortGroupName>
          <fm:MinPortCount> 0 </fm:MinPortCount>
          <fm:MaxPortCount> 32 </fm:MaxPortCount>
         </fm:PortGroupLimit>
         <fm:PortGroupLimit>
          <!-- The optional error indicators port -->
          <fm:PortGroupName> ErrorPortGroup </fm:PortGroupName>
          <fm:MinPortCount> 0 </fm:MinPortCount>
          <fm:MaxPortCount> 1 </fm:MaxPortCount>
         </fm:PortGroupLimit>
        </fm:PortGroupLimits>
        <fm:CanOccurAfters>
         <fm:CanOccurAfter>
          <fm:NeighborLFB> Port </fm:NeighborLFB>
          <!-- omitted viaPort -->
         </fm:CanOccurAfter>
         <fm:CanOccurAfter
          <fm:NeighborLFB> InternalSource </fm:NeighborLFB>
          <!-- omitted viaPort -->
         </fm:CanOccurAfter>
        </fm:CanOccurAfters>
        <fm:CanOccurBefores>
         <fm:CanOccurBefore>
          <fm:NeighborLFB> Marker </fm:NeighborLFB>
          <!-- omitted viaPort -->
         </fm:CanOccurBefore>
        </fm:CanOccurBefores>
       </fm:SupportedLFB>
       <!-- then Supported LFB elements for this case.

 4.1.1. Arrays

    Compound data types can be defined as arrays Port, InternalSource -->
       <!--      Marker, ... -->
      </fm:SupportedLFBs>
      <fm:SupportedAttributes>
       <fm:SupportedAttribute>
        <fm:AttributeName> FEStatus  </fm:AttributeName>
        <fm:AccessModes>  read write </fm:AccessModes>
       </fm:SupportedAttribute>
       <fm:SupportedAttribute>
        <fm:AttributeName>  Vendor   </fm:AttributeName>
        <fm:AccessModes>    read     </fm:AccessModes>
       </fm:SupportedAttribute
       <fm:SupportedAttribute>
        <fm:AttributeName>  Model    </fm:AttributeName>
        <fm:AccessModes>    read     </fm:AccessModes>
       </fm:SupportedAttribute>
      </fm:SupportedAttributes>
     </fm:FECapabilities>

     <fm:FEAttributes>
      <fm:Vendor> World Wide Widgets </fm:Vendor>
      <fm:Model> Foo Forward Model 6 </fm:Model>
      <fm:FEStatus>       OperEnable </fm:FEStatus>
      <fm:LFBInstances>
       <fm:LFBInstance>
        <fm:LFBClassName> Classifier </fm:LFBClassName>
        <fm:LFBInstanceID> Inst5     </fm:LFBInstanceID>
       </fm:LFBInstance>
       <fm:LFBInstance>
        <fm:LFBClassName> Interface  </fm:LFBClassName>
        <fm:LFBInstanceID> Inst11    </fm:LFBInstanceID>
       </fm:LFBInstance>
       <fm:LFBInstance>
        <fm:LFBClassName> Meter      </fm:LFBClassName>
        <fm:LFBInstanceID> Inst17    </fm:LFBInstanceID>
       </fm:LFBInstance>
      </fm:LFBIntances>
      <fm:LFBTopology>
       <fm:LFBLink>
        <fm:FromLFBID>   Inst11      </fm:fromLFBID>
        <fm:FromPortGroup> IFOnwardGroup </fm:FromPortGroup>
        <fm:FromPortIndex> 1         </fm:FromPortIndex>
        <fm:ToLFBID>     Inst5       </fm:ToLFBID>
        <fm:ToPortGroup> InputPortGroup </fm:ToPortGroup>
        <fm:ToPortIndex> 1           </fm:ToPortIndex>
       </fm:LFBLink>
       <fm:LFBLink>
        <fm:FromLFBID>   Inst5       </fm:fromLFBID>
        <fm:FromPortGroup> OutputGroup </fm:FromPortGroup>
        <fm:FromPortIndex> 1         </fm:FromPortIndex>
        <fm:ToLFBID>     Inst17       </fm:ToLFBID>
        <fm:ToPortGroup> InMeterGroup </fm:ToPortGroup>
        <fm:ToPortIndex> 1           </fm:ToPortIndex>
       </fm:LFBLink>
      </fm:LFBTopology>
     </fm:FEAttributes>
    </fm:FEDocument>

 6. LFB Class Library

    A set of compound or atomic
    data types.  Arrays can only be subscripted by integers, and will
    be presumed initial LFB classes are identified here in the LFB class
    library as necessary to start with subscript 0.  The mechanism defined above
    for non-supported attributes can also apply build common FE functions.  Some of the LFB
    classes described here are abstract base classes from which
    specific LFB sub-classes will be derived.  Hence, the base classes
    may not be used directly in a particular FE's model, but the sub-
    classes (yet to be defined) could be.  This initial list attempts
    to
    reference non-existent array elements or to set non-permitted
    elements.  The valid range of describe LFB classes at the subscripts expected level of granularity.  This
    list is neither exhaustive nor sufficiently detailed.

    Several working groups in the array must be
    defined either IETF have already done some relevant
    work in modeling the definition provisioning policy data for some of the array or in
    functions we are interested in, for example, the LFB class
    which uses DiffServ
    (Differentiated Services) PIB [4] and IPSec PIB [8].  Whenever
    possible, we have tried to reuse the compound type definition.

 4.1.2. Structures work done elsewhere instead of
    reinventing the wheel.

 6.1. Port LFB

    A structure Port LFB is comprised of used to model physical I/O ports on the FE.  It is
    both a collection source of data elements.  Each
    data element has "received" by the FE and a sink of data
    "transmitted" by the FE.  The Port LFB contains a number of static
    attributes, which may include, but are not limited to, the
    following items:
       . the number of physical ports on this LFB
       . physical port type (either an atomic type
       . physical port link speed (may be variable; e.g., 10/100/1000
         Ethernet).

    In addition, the Port LFB contains a number of configurable
    attributes, including:
       . physical port current status (up or an existing
    compound type.) down)
       . physical port loopback
       . physical port mapping to L2 interface.

    The Port LFB can be sub-classed into technology specific LFB
    classes, with additional static and configurable attributes.
    Examples of possible sub-classes include:
       . Ethernet
       . Packet-over-SONET OC-N
       . ATM-over-SONET/SDN OC-N
       . T3
       . E3
       . T1
       . E1
       . CSIX-L1 switching fabric port (Fi interface)
       . CE-FE port (for Fp interface).

    LFB class inheritance can be used to sub-class derived LFB classes
    with additional properties, such as TDM channelization.

    The Port LFB "receives" (sources) and is assigned a name unique within "transmits" (sinks) frames in
    technology specific formats (described in the scope respective LFB class
    definition but not otherwise modeled) into/out of the compound data type being defined.  These serve FE.  Packets
    "received" from a physical port are sourced on (one of) the same
    function as "struct" in C, etc.

 4.1.3. Augmentations

    Compound types can also LFB's
    output port(s), while packets to be defined as augmentations of existing
    compound types.  If "transmitted" on a physical
    port are sinked on (one of) the existing compound type LFB's input port(s).  The Port LFB
    is unique among LFB classes in that packets accepted on a structure,
    augmentation may add new elements to the type.  They may replace
    the type of an existing element with an augmentation derived from
    the current type.  They may LFB input
    port are not delete emitted back out on an existing element, nor may
    they replace LFB output port (except in the type
    case of an existing element with one that physical port loopback operation).

    The Port LFB transmits technology specific L2 frames to
    topologically adjacent LFB instances (i.e., no frame
    decapsulation/encapsulation is not
    an augmentation of the type that the element has modeled in this LFB class).  When
    transmitting a frame to an adjacent downstream LFB, the basis for Port LFB
    provides two items of metadata: the augmentation.  If frame length and the existing compound type is L2
    interface identifier.  When receiving frames from an array,
    augmentation means augmentation of adjacent
    upstream LFB, the array element type.

    One consequence of this frame is that augmentations accompanied by two items of metadata:
    frame length and outgoing port identifier.

    Statistics are compatible with not maintained by the compound type from which they are derived.  As such,
    augmentations are useful in defining attributes for LFB subclasses Port LFB; statistics
    associated with backward compatibility.  In addition to adding new attributes
    to a class, the data type of an existing attribute particular port may be replaced maintained by an augmentation L2
    interface LFB (see Section 6.2).

 6.2. L2 Interface LFB

    The L2 Interface LFB models an L2 protocol termination.  The L2
    Interface LFB performs two sets of that attribute, functions: decapsulation and still meet
    demultiplexing as needed on the receive side of an FE, and
    encapsulation and multiplexing as needed on the transmit side.
    Hence the
    compatibility rules for subclasses.

    For example, consider a simple base LFB class A that has only one
    attribute (attr1) two distinct sets of type X.  One way to derive class A1 from A can
    be simply adding a second attribute (of any type).  Another way to
    derive a class A2 from A can be replacing inputs and outputs tailored
    for these separate functions.  The L2 Interface LFB is not modeled
    as two separate (receive/transmit) LFBs because there are shared
    attributes between the original attribute
    (attr1) in A of type X decapsulation and encapsulation functions.

    On the decapsulation input(s), the LFB accepts an L2 protocol
    specific frame, along with one of frame length and L2 interface metadata.
    The LFB decapsulates the L2 frame by removing any L2
    header/trailers (while simultaneously applying any checksum/CRC
    functions), determines the L2 or L3 protocol type Y, where Y is an
    augmentation of X.  Both classes A1 the next-layer
    packet (based on a PID or Ethertype within the L2 frame header),
    adjusts the frame length metadata, and A2 are backward compatible
    with class A.

 4.2. Metadata Definitions

    For each metadata type, uses the following MUST be specified: L2 interface
    metadata to select an L2 interface attribute.  The L2 interface
    attribute supports a number of additional attributes, including:
       . L2 MTU
       . supported next-layer L2 or L3 protocols
       . L2-specific receive counters (byte, packet)
       . counting mode
       . Metadata symbolic name. Used to refer to the L2 or L3 interface metadata type in
         LFB type specifications.  Example: META_CLASSID.
       . Brief synopsis of the metadata. Example: "Result of
         classification (0 means no match)". for next-layer packet
       . Data type LFB output port.
    The LFB may support multiple decapsulation output ports within two
    output groups; one for normal forwarding, and valid range.

    In addition, one for exception
    packets.  The LFB emits the following information MAY BE part of decapsulated packet along with the metadata
    definition:
       . Symbolic definitions for frequently used
    modified frame length metadata, an L2 or special values of
         the L3 protocol type metadata,
    and an L2 or L3 interface metadata.

 4.3. Frame Format Definitions
    This part of

    On the encapsulation input(s), the LFB model will list accepts a packet types (frame types in
    general) that LFB classes can receive at their inputs and/or emit
    at their outputs.

    For each distinct along with
    frame length, protocol type, the following MUST and L2 interface metadata.  The L2
    interface metadata is used to select an L2 interface attribute
    which supports a number of additional attributes, including:
       . L2-specific transmit counters (byte, packet)
       . counting mode (may be provided: taken from receive counters mode)
       . Symbolic name of L2 or L3 interface metadata for next-layer frame type. Example: FRAME_IPV4. (we assume
         that L2
       . Brief synopsis protocols could be layered on top of the frame type. Example: "IPv4 packet".

 4.4. an L3 protocol; e.g.,
         L2TP or
       . PWE3), or port metadata.
       . LFB Class Definitions

    Each output port.
    The LFB Class definition must provide encapsulates the following information:
    .    Symbolic name of LFB class. Example: "LFB_IPV4_LPM"
    .    Short synopsis of packet using the appropriate L2
    header/trailer and protocol type information (calculating
    checksums/CRCs as necessary), and provides the frame to the next
    LFB class. Example: "IPv4 LPM Lookup LFB"
    .    Version indicator
    .    Inheritance indicator (see discussion in Section 4.4.1)
    .    Inputs (see discussion along with incremented frame length metadata, updated protocol
    type metadata, and updated interface (or port) metadata, on a
    configurable LFB encapsulation output.

    As in Section 4.4.2) the case of the Port LFB, technology specific variants of the
    L2 interface LFB will be sub-classes of the L2 Interface LFB.
    Example sub-classes include:
       .    Outputs (see discussion in Section 4.4.3) Ethernet/802.1Q
       .    Attributes (see discussion in Section 4.4.4) PPP
       .    Operational specification (see discussion in Section 4.4.5)

 4.4.1. LFB Inheritance

    To ATM AAL5.

    Each sub-class will likely support LFB class inheritance, static and configurable
    attributes specific to the LFB specification must have a
    place holder L2 technology; for indicating example the base class and its version.  It is
    assumed
    Ethernet/802.1Q Interface LFB will support a per-interface MAC
    address attribute.  Note that each technology specific sub-class
    may require additional metadata.  For example, the derived class Ethernet/802.1Q
    Interface LFB requires an outgoing MAC destination address to
    generate an outgoing Ethernet header.

    The L2 interface management function is backward compatible with separated into a distinct
    LFB from the base
    class.

 4.4.2. Port LFB Inputs

    An because L2 encapsulations can be nested
    within frames; e.g., PPP-over-Ethernet-over-ATM AAL5 (PPPoEoA).

 6.3. IP interface LFB class

    The IP Interface LFB models a container for IP interface-specific
    attributes.  These may have zero, one, or more inputs. We assume that
    most LFBs will have exactly one input.  Multiple inputs with the
    same input type are modeled as one input group. include:
       . IP protocols supported (IPv4 and/or IPv6)
       . IP MTU
       . interface MIB counters
       . table metadata for associated forwarding tables (LPM,
         multicast)
       . table metadata for associated classification tables.
    The input group
    should count as one entry in the input specification. IP Interface LFB also performs basic protocol-specific packet
    heade validation functions (e.g., IP version, IPv4 header length,
    IPv4 header checksum, MTU, TTL=0, etc.).  The number
    of inputs (including input groups) is fixed.

    Multiple inputs with IP Interface LFB
    class supports three different input type should be avoided if
    possible (see discussion in Section 3.2.1).  Some special LFBs will
    have no inputs at all.  For example, L3 protocols: IPv4, IPv6, and MPLS,
    although individual LFB instances might support a packet generator subset of these
    protocols, configurable on each interface attribute.

    As with the L2 Interface LFB, the IP Interface LFB does
    not need supports two
    modes of operation: one needed on the receive side of an input.

    The LFB class definition MUST specify whether or not FE, and
    one on the number transmit side, using separate sets of LFB inputs and
    outputs. In the first mode of operation (for FE receive
    processing), the IP Interface LFB accepts IP packets along with
    frame length, L3 protocol type, and interface metadata (possibly
    including additional metadata items such as L2-derived class
    metadata).  The interface metadata is fixed, used to select an interface
    attribute, and the exact number if fixed. For each
    LFB input (group), protocol type is checked against the following MUST be specified:

       . Symbolic name of input.  Example: "PKT_IN".  Note that protocols
    supported for this
         symbolic name must be unique only within the scope of the LFB
         class.
       . Brief synopsis of the input.  Example: "Normal packet input".
       . Indication of interface.  Error checks are applied, including
    whether this input the particular protocol type is an input group (i.e., supported on this
    interface, and if
         it no errors occur, the appropriate counters are
    incremented and the protocol type is allowed to be instantiated).
       . List of allowed frame formats. Example: "{FRAME_IPV4,
         FRAME_IPV6}".  Note that this list should refer used to symbols
         specified in the frame definition of select the outgoing
    LFB model (see
         Section 4.3).
       . List of required metadata. Example: {META_CLASSID, META_IFID}.
         This list should refer output from a set dedicated to symbols specified in the metadata
         definition first mode of the LFB model (see Section 4.2). For each
         metadata it should operation. The
    IP header protocol type/next header field may also be specified whether the metadata is
         required or optional. For each optional metadata used to
    select an LFB output; for example, IPv4 packets with AH header may
    be directed to a default
         value MAY BE specified, which particular next LFB, or IPv6 packets with Hop-by-
    Hop Options.  If errors do occur, the appropriate error counters
    are incremented, and the error type is used by to select a specific
    exception LFB output.

    In the second mode of operation (for FE transmit processing), the
    IP Interface LFB if accepts an IP packet along with frame length,
    protocol type, and interface metadata.  Again, the interface
    metadata is not provided at used to select an interface attribute.  The interface
    attribute stores the input.

 4.4.3. LFB Outputs

    An LFB class may have zero, one, outgoing L2 or more outputs.  If there are
    multiple outputs with the same output type, we model them as output
    group.  Some special LFBs may have no outputs at all IP interface (e.g.,
    Dropper). tunnel)
    interface metadata.  The number IP MTU of outputs may be fixed for some LFB types and may be
    configurable for others.  The LFB Class definition MUST specify the
    number of outputs (or output types) of outgoing interface is
    checked, along with the LFB. The output group
    should count as one entry in protocol type of the output specification, but packet.  If no errors
    occur, the
    entry should indicate that instantiation of appropriate counters are incremented, and the output is
    allowed.

    For each next level
    interface metadata may be used to select an IP Interface LFB output (group)
    dedicated to the following MUST be specified:
       . Symbolic name second mode of operation.  Otherwise, the output. Example: "UNPROC".  In case of an
         output group,
    appropriate error counters are incremented, and the symbolic name error type is the prefix
    used to
         construct unique symbols select an exception output.

    Because the IP Interface LFB is the repository for the interface
    MIB counters, two special pairs of inputs are provided for packets
    which have been selected to be discarded further downstream (one
    each output instance. Example:
         "PKTOUT".  Note that for the symbolic name receive and transmit counters).  Packets arriving on
    these LFB inputs must be unique only
         within the scope of accompanied by frame length and L3
    interface metadata.  An exception output on the LFB class.
       . Brief synopsis should be
    connected to a dropper LFB.

 6.4. Classifier LFB

    The function of classification is to logically partition packets
    into one of N different classes, based on some sequence of one or
    more mathematical operations applied to the output. Example: "Normal packet output".
       . Indication of whether this output is and its
    associated metadata. Various LFBs perform an output group (i.e., if
         it intrinsic
    classification function.  Where this function is allowed to a well-defined
    protocol operation, a separate LFB may be instantiated).
       . List of allowed frame formats. Example: "{FRAME_IPV4,
         FRAME_IPV6}". Note that this list should refer defined (e.g., IP
    Interface LFB, which performs header verification).

    Several common applications need to symbols
         specified classify packets using a
    particular mathematical operation (e.g., longest prefix match (LPM)
    or ternary match) against a fixed set of fields in the frame definition a packet's
    header plus metadata, or an easily recognized part of the LFB model (see
         Section 4.3).
       . List packet
    payload.  Two example applications are classification for
    Differentiated Services or for security processing. Typically the
    packet is evaluated against a potentially large set of emitted (generated) metadata. Example: {META_CLASSID,
         META_IFID}. This list should refer to symbols specified rules
    (called "filters") which are processed in the
         metadata definition a particular order to
    ensure a deterministic result.  This sort of classification
    functionalit is modeled by the Classifier LFB.

    The Classifier LFB model (see Section 4.2). For
         each generated accepts an input packet and metadata, it should and
    produces the unmodified packet along with a class metadata, which
    may be specified whether used to map the
         metadata is always generated or generated only in certain
         conditions. This information is important when assessing
         compatibility between LFBs.

 4.4.4. packet to a particular LFB Attributes output.

    The operational state of the Classifier LFB supports multiple classifier attributes.  Each
    classifier is modeled parameterized by one or more filters.  Classification
    is performed by selecting the variables of the
    LFB, collectively called attributes.  Note that the attributes here
    refer classifier to use on a particular
    packet (e.g., by metadata lookup on a configurable metadata item),
    and by evaluating the operational parameters selected contents of the LFBs accepted packet
    against that must be
    visible to classifier's filters.  A filter decides if the CEs.  The other variables that are internal input
    packet satisfies particular criteria.  According to LFB
    implementation are not included here in [DiffServ], "a
    filter consists of a set of conditions on the LFB attributes component values of a
    packet's classification key (the header values, contents, and are
    not modeled here.

    Attribute types will include the following three categories:
       . Capability
    attributes (see Section 9.4 relevant for more classification)".

    Note that other LFBs may perform simple classification on LFB
         capabilities).  Examples:
        *  Supported optional features the
    packet or its metadata.  The purpose of the Classifier LFB class;
        *  Maximum number of configurable outputs for is to
    model an output group;
        *  Metadata pass-through limitations of the LFB;
        *  Maximum size of configurable attribute tables;
        *  Supported access modes LFB that "digests" large amounts of certain attributes (see below).
       . Operational attributes, some input data (packet,
    metadata), to produce a "summary" of them are configurable by the
         CE, while others might classification results, in
    the form of additional (or modified) metadata. Other LFBs can then
    use this summary information to quickly and simply perform trivial
    classification operations.

    The Classifier LFB can be internally maintained state sub-classed into several function-
    specific LFB classes which
         are read-only for perform common classification functions.
    These may include:
       . Longest Prefix Match (LPM)
       . IP Multicast lookup (S,G)
       . Multifield Exact Match
       . Multifield Ternary Match.

 6.5. Next Hop LFB

    The Next Hop LFB is used to resolve next hop information following
    a forwarding lookup.  Next Hop information normally includes the CE and necessary for
    outgoing interface (or interfaces, in the CE to operate
         properly.  Examples:
        *  Configurable flags and switches selecting between
    operational modes case of multicast), as
    well as the LFB;
        *  ARP tables;
        *  Number of outputs outgoing IP address(es).  This next hop information
    associated with a forwarding prefix or classification rule is often
    separated into a separate data structure in an output group;
        *  Metadata CONSUME vs. PROPAGATE mode selector.
       . Statistical attributes (collected by the FE and provided for
         reading implementations to
    allow the CE).  Examples:
        *  Packet and byte counters;
        *  Other event counters.

    Some two pieces of the attributes will be generically available in all LFBs
    while others will be specific information to the be decoupled, because there
    is frequently a fan-in relationship between forwarding prefix/rule
    entries and next hop information, and decoupling them can permit
    more efficient data structure management.

    The Next Hop LFB class.  Examples maintains next hop attributes organized into
    multiple next hop tables.  The relevant table for a packet is
    selected based on next hop table metadata.  A set of
    generic LFB one or more
    next hop attributes are:
       . LFB class inheritance information (see Section 4.4.1) is selected based on next hop index metadata.
    Each next hop attribute stores the following information:
       . Number and type a list of inputs (in case the LFB is self-
         descriptive) one or more outgoing interfaces
       . Number and type next hop IP addresses, or, an index to a table of outputs  (in case the LFB this
         information
       . that is self-
         descriptive) maintained at a downstream LFB
       . Number a list of current outputs for each output group outgoing MTUs
       . Metadata CONSUME/PROPAGATE mode selector
    There may be various access permission restrictions on what the CE
    can do with an TTL decrement value

    The Next Hop LFB has two primary operations.  The first is to map
    the incoming next hop table and next hop index metadata into a
    configurable next hop attribute.  The following categories  This mapping may be
    supported:
       . No-access attributes.  This is useful when multiple access
         modes maybe defined for direct (one
    metadata pair to one next hop attribute). If the next hop index
    metadata selects a given set of next hop attributes, final attribute to allow
    resolution depends on a selection algorithm that uses some
         flexibility for different implementations.
       . Read-only attributes.
       . Read-write attributes.
       . Write-only
    additional metadata, or an internal classification operation, to
    select among a set of possible next hop attributes.  This could be any configurable data
         for which read capability  One example is not provided
    weighted next hop selection, where individual packets are mapped to
    particular next hop attributes in the CEs.  (??? Do
         we have good example???)
       . Read-reset attributes.  The CE can read and reset this
         resource, but cannot set it according to an arbitrary value. Example:
         Counters.
       . Firing-only attributes.  A write attempt weights and
    to this resource will
         trigger some specific actions flow order-preserving function (e.g., such as an address
    pair hash).  Another alternative is class-based next hop selection,
    based on some class metadata.

    The second operation is a derivative of the first.  The next hop
    table and next hop index metadata are used to select a set of one
    or more next hop attributes.  Then the outgoing interface values
    stored in those attributes are compared against the incoming
    interface metadata provided to the Next Hop LFB, but to determine
    whether the actual value
         written incoming interface is ignored.  (??? Example???) in the set.  This operation, in
    combination with a IP source address forwarding lookup (which
    provides the next hop table/index metadata), can be used to perform
    a reverse path forwarding (RPF) check.

    The Next Hop LFB class may define more than has two inputs: one possible access mode for a
    given attribute (for example, write-only for normal next hop
    resolution, and read-write), in which
    case it is left to one for the actual implementation to pick incoming interface metadata test (e.g.,
    RPF).  The LFB requires incoming interface, frame length, next hop
    table, and next hop index metadata.  There are two normal output
    groups, one of for the
    modes.  In such cases a corresponding capability parameter must
    inform normal next hop resolution, and another for the CE of which mode
    RPF check.  No additional metadata is produced for the actual LFB instance supports.
    The attributes of latter, but
    for the LFB class must be defined as a list. For each
    attribute former, the following information MUST metadata may be provided: produced:
       . Reference to the data type (e.g., specified in the generic
         data type block of the LFB model or in an LFB specific data
         type block). outgoing interface(s)
       . Access permission(s). next hop IP address(es)
       . Additional range restrictions (i.e., beyond what TTL decrement value (if TTL decrement is specified not performed by the data type definition).
       . Default value. Applied when the LFB is initialized or reset.

    The actual structuring
         Next Hop LFB)
    An alternative mode of LFB attributes requires further study.

 4.4.5. LFB Operational Specification operation produces index metadata instead of
    outgoing interface and next hop IP address metadata.  This section index
    metadata is used to access a cache of the model should verbally describe what outgoing interface and
    next hop IP address that may be stored on the LFB
    does. egress FE (this
    permits more efficient communication across the Fi interface).
    This will most likely index metadata can also be embedded in an unstructured text
    field in the model.

 5. used as input metadata to a MPLS
    Encapsulation LFB.

    The Next Hop LFB Topology Model (To be written)

    (Editor's note: This supports an exception output port group.
    Exception conditions include:
       . RPF test failed
       . No route to host
       . No route to network
       . Packet too big
       . TTL expired
    The mapping between exception conditions and exception outputs is
    configurable, and an exception code metadata is a place holder to describe the details produced on
    how to model these
    outputs.

 6.6. Rate Meter LFB

    The Rate Meter LFB topology.)
 6. FE Level Attributes (To be written)

    (Editor's note: This is a place holder used to describe meter the FE level
    attributes including FE capabilities, for examples:
       . How this FE is connected with other FEs (if known by packet flow through the FE)?
       . What LFB classes can the FE instantiate?
       . How many instances of
    according to a rate- and time-dependent function.  Packets are
    provided to the same Rate Meter LFB class can be created?
       . What along with packet length metadata
    (and optional color metadata) and are the topological limitations?  For example:
            o How many instances of the same class or any class can be
              created on any given branch of the graph?
            o Ordering restrictions associated with a meter
    attribute either statically (based on LFBs (e.g., any instance of LFB
              class A must be always downstream of any instance of LFB
              class B).
    )

 7. LFB Class Library

    A set input) or via some other
    configurable metadata item.  The metering algorithm of LFB classes are identified here in the LFB class library
    as necessary
    associated meter attribute is applied to build common FE functions.

    Several working groups in the IETF have already done some relevant
    work in modeling the provisioning policy data for some of packet, using the
    functions we are interested in, for example, DiffServ
    (Differentiated Services) PIB [4], IPSec PIB [8]. Whenever
    possible, we should try to reuse
    packet length and the work done elsewhere instead of
    reinventing current time as inputs, along with previous
    state maintained by the wheel.

 7.1. Port LFB attribute.  A Port LFB color metadata is associated
    with the packet in accordance with the metering algorithm used.
    The color metadata is optionally emitted with the packet, or used
    to map a physical port into the packet to a particular LFB model.

    The Port LFB maps sources and sinks of packets from outside output.  Color-aware metering
    algorithms use color metadata if provided with the packet (e.g., by
    a Classifier LFB), or assume a default color value.

    The Rate Meter LFB
    model onto one logical block which defines and models supports a physical
    port implementing those functions. number of static attributes,
    including:
       . supported metering algorithms
       . maximum number of meter attributes.

    The Port Rate Meter LFB contains supports a number of configurable parameters, which
    may include, but are not limited to, the following items: attributes,
    including:
       . the number of ports on this LFB;
       . the sub-interfaces if any; LFB inputs
       . the static attributes number of each port (e.g., port type,
         direction, link speed); LFB outputs
       . the configurable attributes mapping of each port (e.g., IP address,
         administrative status); LFB input to meter attribute (when mapped
         statically)
       . the statistics collected on each port (e.g., number metadata item to select for mapping to meter attribute
       . mapping of packets
         received); metadata value to meter attribute
       . the current status (up default meter attribute (when not mapped statically or down).

    The Port LFB can have three modes of operation: via
         correct
       . ingress only metadata)
       . egress only per-attribute metering algorithm
       . per-attribute metering paramters, including:
       . hybrid (contains ingress and egress functions)

 7.2. Dropper minimum rate
       . maximum rate
       . burst size
       . color metadata enable
       . mapping of packet color to LFB output.

    A dropper LFB has one input, and no outputs.  It discards all
    packets that it receives without any modification or examination of
    those packets.

    The purpose of a dropper Rate Meter LFB is can be used to allow the description of "sinks"
    within the model, where those sinks do not result in the packet
    being sent into any object external implement a policing function, by
    connecting a LFB output directly to the model.

 7.3. a Dropper LFB, and mapping non-
    conforming (e.g., "red") traffic to that output.

 6.7. Redirector (de-MUX) LFB

    A redirector LFB has one input, and N outputs.

    The purpose of the redirector Redirector LFB is used to explicitly represent a
    place in the LFB Topology where select between alternative datapaths
    based on the redirection process occurs, and
    where it may be configured. value of some metadata item.  The redirector Redirector LFB takes
    accepts an input packet P, and uses the associated metadata item M to redirect
    demultiplex that packet to onto one or more of N outputs, e.g. outputs; e.g., unicast
    forwarding, multicast, or broadcast.  Configurable attributes
    include:
       . number of LFB output ports (N)
       . metadata item to demultiplex on (M)
       . mapping of metadata value to output port
       . default output port (for un-matched input metadata values).

    Note that other LFBs may also have redirecting functionality, include demultiplexing functionality
    (i.e., if they have multiple outputs.

 7.4. Scheduler outputs in an output group).  The
    Redirector LFB

    A Scheduler is especially useful for demultiplexing based on
    metadata items that are not generated or modified by an immediate
    upstream LFB.

 6.8. Packet Header Rewriter LFB has multiple inputs and one output.

    The purpose of
    the Scheduler Packet Header Rewriter LFB is used to perform time-dependent packet forwarding.
    The Scheduler re-write fields in a
    packet's header.  Function-specific sub-classes of the Packet
    Header Rewriter LFB multiplexes from its inputs onto its output(s),
    based on internal configuration such may be specified as packet priority, etc. sub-classes of the Modifier
    LFB.  These may include:
       . IPv4 TTL/IPv6 Hop Count
       . IPv4 header checksum
       . DSCP
       . IPv4 NAT

    The precise means by which the packet header rewriting functions
    will be specified is not modified during this process.

 7.5. Queue TBD.

 6.9. Counter LFB

    The Queue Counter LFB is used to maintain packet and/or byte statistics
    on the packet flow through the LFB.  Packets are provided to the
    Counter LFB on an LFB has one input and one output.  It takes input packets
    and places them onto queues.  These packets along with packet length metadata and
    are later forwarded to
    the output(s) of the LFB, based associated with a count attribute either statically (based on back-pressure from
    the next LFB
    which typically is a scheduler LFB.

 7.6. input) or via some other configurable metadata item.  The
    Counter LFB

    A counter modifies neither the packet nor any associated
    metadata.

    The Counter LFB updates its statistical supports a number of static attributes, by including:
       . supported counting
    packets, or metadata.  The modes (e.g., byte, packet, both)
       . supported logging modes (e.g., last recorded packet is not modified, and the metadata
    may, or may not, be modified.

    The purpose time)
       . maximum number of a count attributes

    The Counter LFB is to record simple accounting supports a number of configurable attributes,
    including:
       . number of
    events on the FE.

    A counter LFB is independent inputs
       . mapping of time 't', in that it LFB input to count attribute (when mapped
         statically)
       . metadata item to select for mapping to count attribute
       . mapping of metadata value to count attribute
       . default count attribute (when not mapped statically or via
         correct
       . metadata)
       . counting mode per-attribute
       . logging mode per-attribute.

    The Counter LFB does not perform any time-dependent counting.  The
    time at which a count is made may, however, be logged as part of
    the count attribute.

    Other LFBs may maintain internal statistics (e.g., interface LFBs).
    The Counter LFB is especially useful for maintain counts associated
    with that count.

 7.7. Meter LFB and Policer QoS policy.

 6.10. Dropper LFB

    A Meter LFB is a counter Dropper LFB has one input, and no outputs.  It discards all
    packets that is time dependent.  That is, it
    meters the rate over time at which packets accepts without any modification or metadata flow through
    the LFB. examination of
    those packets.

    The purpose of the Meter a Dropper LFB is to record time-dependent
    accounting of events on allow the FE.

    When a Meter LFB has multiple outputs, with one output being a
    marker, or dropping description of "sinks"
    within the packet, then model, where those sinks do not result in the Meter packet
    being sent into any object external to the model.

    The Dropper LFB becomes a
    Policer LFB, performing a policing function.

 7.8. Classifier has no configurable attributes.

 6.11. IPv4 Fragmenter LFB

    A Classifier

    The IPv4 Fragmenter LFB uses its attributes fragments IPv4 packets according to classify the packet into
    one MTU
    of N different logical classes. the outgoing interface.  The purpose of a Classifier IPv4 Fragmenter LFB is to logically partition accepts packets
    into
    with frame length and MTU metadata, and produces a sequence of one
    or more classes. valid IPv4 packets properly fragmented, each along with
    corrected frame length metadata.

    The result source of this partitioning is that
    the Classifier LFB produces metadata that describes the classes
    into which the packet has been partitioned. outgoing interface MTU is TBD.  The packet IPv4
    fragmentation function is not
    modified during this process.

    A Classifier incorporated into the IP Interface
    LFB takes because forwarding implementations may include additional
    forwarding functions between fragmentation and final output
    interface processing.

 6.12. L2 Address Resolution LFB

    The L2 Address Resolution LFB is used to map an input packet next hop IP address
    into an L2 address.  The LFB accepts packets with output L2
    interface and next hop IP address metadata, and produces the same packet
    along with new or more metadata.  A classifier is
    parameterized by filters.  Classification is done the correct L2 destination address.  The L2 Address
    Resolution LFB maintains multiple address resolution table
    attributes accessed by matching the
    contents output L2 interface metadata.  Each
    table attribute maintains a set of configurable L2 address
    attributes, accessed by the incoming packets according next hop IP address.

    The L2 Address Resolution LFB has a normal output group which
    produces the L2 destination address metadata, as well as an
    exception output. This exception output can be used to divert the
    packet to another LFB (e.g., an ARP/ND Protocol LFB, or a Port LFB
    used to reach the filters, and the
    result of classification CE) for address resolution.

 6.13. Queue LFB

    The Queue LFB is produced used to represent queueing points in the form of metadata.  Note
    that this classifier packet
    datapath.  It is modeled solely based on its internal
    processing, and not on its inputs and outputs. always used in combination with one or more
    Scheduler LFBs.  The block is a
    single-exit classifier that does NOT physically redirect the
    packet.  In contrast, a DiffServ-like classifier is a 1:N (fan-out)
    device: It takes a single traffic stream Queue LFB manages one or more FIFO packet
    queues as input configurable attributes.  The Queue LFB provides one or
    more LFB inputs, and generate N
    logically separate traffic streams as output.  That kind of multi-
    exit classifier can be modeled by combining this classifier packets are mapped from LFB inputs to queues,
    either statically, or via queue metadata.  Each queue attribute is
    mapped one-to-one with a
    redirector (see Section 6.1.6).

    A filter decides if scheduling input packets match particular criteria. That
    is, it "marks" on a packet as either matching, downstream Scheduler
    LFB.  The Queue LFB provides one or non-matching more LFB outputs, along with
    optional scheduling input metadata.

    Additional per-queue configurable attributes include the following:

       . maximum depth discard behavior (tail drop/head drop/Active
         Queue Management (AQM))
       . AQM parameters (specific to the
    filter criteria. According AQM algorithm; e.g., RED)
       . Explicit Congestion Notification (ECN) enable.

    Packets are provided to [DiffServ], "a filter consists of a
    set of conditions on the component values of Queue LFB along with a packet's
    classification key (the header values, contents, packet length
    metadata and attributes
    relevant for classification)".

    Note that other FE LFBs MAY perform simple classification on an optional queue metadata.  Because the
    packet or Queue LFB can
    model sophisticated AQM mechanisms such as per-color marking
    thresholds (e.g., Weighted RED), packets may also be accompanied
    with color metadata.  The purpose of

    If ECN is enabled on a queue serving IP packets, then the FE Classifier LFB IP packet
    header is modified if congestion is marked.  A protocol type
    metadata must accompany the packet to
    model an LFB indicate the packet protocol
    (e.g., IPv4, IPv6, Ethernet), so that "digests" large amounts of input data (packet,
    metadata), to produce a "summary" the implementation can
    determine the location of the classification results, ECN bits in the form header [RFC3168].  In
    the case of additional metadata. Other FE LFBs can then use this
    summary information to quickly and simply perform trivial
    "classifications". IPv4, if congestion is signaled, the header checksum
    must be modified.  The requirement for a unique and separate FE Classifier Queue LFB comes
    about because supports a capability to indicate
    whether it would corrects the IPv4 header checksum after marking
    congestion experienced.  Support for the checksum fixup is not make sense to model a classifier LFB
    inside each of every other LFB.  Such a model would be highly
    redundant.  We therefore specifically model a complex
    classification LFB, and explicitly state that other blocks
    mandatory since the checksum may make
    decisions based on be recalculated in another LFB
    further downstream.

 6.14. Scheduler LFB

    The Scheduler LFB is used to perform packet scheduling at queueing
    points in the parameters S, t, packet datapath, and M, but not on P.

    Note that a classifier hence is always used in
    combination with one or more upstream Queue or Scheduler LFBs.  The
    Scheduler LFB may have multiple outputs.  In that
    case, it may redirect supports one or more logical scheduling inputs.  A
    scheduling input packets can be mapped one-to-one to one (or more) of a Scheduler LFB input,
    or the
    outputs, and may not associate any scheduling input can be selected via metadata with those output
    packets.

 7.9. Modifier (and both
    mechanisms may be used in combination).

    The Scheduler LFB

    A modifier multiplexes its scheduling inputs onto a single
    LFB modifies incoming packets and sends them out.
    Usually output, based on its scheduling algorithm along with the metadata per-
    input scheduling configuration.  The packet is used to determine how not modified during
    the scheduling process.

    Packets are provided to modify the packet.

    This Scheduler LFB is defined in along with a generic manner, packet
    length metadata and we expect that
    specific examples an optional scheduling input metadata.

    Configurable attributes include:
       . number of logical scheduler inputs
       . number of LFB inputs
       . mapping of LFB input to scheduler input
       . scheduling algorithm
       . per-input scheduling parameters, including:

       . priority
       . minimum service rate
       . maximum service rate
       . burst duration (at maximum service rate).

    Hierarchical scheduling configurations can be created by cascading
    two or more Scheduler LFBs.

 6.15. MPLS ILM/Decapsulation LFB

    The MPLS Incoming Label Map (ILM)/Decapsulation LFB accepts MPLS-
    encapsulated packets, examines (and possibly removes) the top-most
    label, and emits the packet and/or on one output within an output group,
    along with configurable index and class metadata.  The configurable
    metadata modification will can be
    described used as input for an IP Interface LFB, a subclass of Next Hop
    LFB, or the modifier same (or another) MPLS ILM/Decapsulation LFB.

    For example, we may have an explicit LFB for packet compression and
    decompression,  This
    allows the FE to terminate, forward, or for encryption "pop and decryption, or for packet
    encapsulation.  The decision as to how best to model these
    functions will be made based lookup" on further investigation the
    value of the top-most label.  The LFB
    model, and with practical experience using it.

 7.10. Packet Header Rewriter LFB
    This LFB maintains a set of ILM table
    attributes indexed by incoming IP interface metadata.  Each ILM
    table entry is used an attribute specifying whether to re-write fields on remove the packet header, such as
    IPv4 TTL decrementing, checksum calculation, or TCP/IP NAT.

    We may want label,
    and which output port to have multiple LFBs emit the packet on.  An exception output
    is provided for different kinds packets with expired TTL.

 6.16. MPLS Encapsulation LFB

    The MPLS Encapsulation LFB accepts IP or MPLS-encapsulated packets
    and appends an MPLS label stack, which is selected by output
    interface and configurable index metadata.  The TTL of header re-
    writing.

 8. Satisfying the Requirements on FE Model

     (Editor's Note: The text in this section is very preliminary but
     we decide to leave it as is because it accepted
    packet is too early to understand
     how to model all copied from the functions as dictated in [1] when Section 7
     is still very much work outermost header into the labels in progress. This section should be
     revised once Section 7 the
    label stack, and the S bit is more settled.)

    A minimum set of FE functions on the bottom label if the
    accepted packet is defined in [1] that must be
    supported IP.  The MPLS EXP bits are copied (or mapped)
    according to per-stack attributes.

    The MPLS Encapsulation LFB maintains multiple stack table
    attributes indexed by any proposed FE model.  In this section, we
    demonstrate how the three components in FE model as described in
    Section 4, 5, 6 output interface metadata.  Entry attributes
    within a table are indexed by configurable index metadata.  Each
    entry attribute maintains a label stack, along with the LFB a configurable
    attribute for EXP bit handling, and possibly class library defined in Section
    7 can be used and/or queue
    metadata to express all emit with the logical packet.

    MPLS ILM/decapsulation and encapsulation functions required are modeled in [1].

 8.1. Port Functions

    Every FE contains a certain number of interfaces (ports), including
    both the inter-NE interfaces
    separate LFBs because some implementations split these operations
    across FEs.

 6.17. Tunnel Encapsulation/Decapsulation LFB
    The Tunnel Encapsulation/Decapsulation LFB models tunnel header
    encapsulation and intra-NE interfaces. decapsulation/demultiplexing.  The inter-NE
    interfaces are the external interfaces for the NE to
    receive/forward LFB maintains
    separate encapsulation and decapsulation input and output groups.
    The encapsulation input group accepts packets from/to with tunnel metadata,
    appends a tunnel header that is stored in a configurable attribute
    indexed by the external world. tunnel metadata, and emits the packet on an
    encapsulation output.  The intra-NE
    interfaces are used for FE-FE or FE-CE communications.  Same model
    should be used for both decapsulation input group accepts
    packets encapsulated with a tunnel header along with tunnel
    metadata, removes the inter-FE and intra-FE interfaces, but
    it is necessary tunnel header (performing any tunnel-
    protocol-specific classification) according to make attributes
    configured on a per-tunnel basis and accessed via the distinction between tunnel
    metadata, and emits the two known to packet along with configurable metadata.
    For example, the CE so configurable metadata that the CE can do different configuration.

    The port LFB class is designed to model the specific physical ports
    while the source/sink LFB can output may be used to model
    as input interface metadata by a downstream IP or L2 Interface LFB.
    A decapsulation exception output is available and is used in the logical
    interface.

    The intra-NE interfaces
    event that are used for FE-FE communications
    should decapsulation fails.

    The Tunnel Encapsulation/Decapsulation LFB may be modeled just like the inter-NE interfaces. sub-classed into
    tunnel-protocol-specific LFBs, including:
       . IP-IP
       . GRE
       . L2TP
       . Generic IPv6 Tunnels

 6.18. Replicator LFB

    The ForCES
    base protocol will include FE topology query so that the CE can
    learn of how the multiple FEs are interconnected via such
    interfaces.  But the intra-NE interfaces that are used for FE-CE
    communications are part of the ForCES protocol entity on the FE and
    so it Replicator LFB is not necessary used to model replicate accepted packets and emit
    them explicitly.  It is assumed
    that every FE will have at least on one internal interface to
    communicate to the CE and such interface do not have to be visible or more outputs in the FE model.

 8.2. Forwarding Functions

    Support for IPv4 and IPv6 unicast and multicast forwarding
    functions must be provided by the model.

    Typically, the control plane an output group.  Packets are
    accepted along with replicator index metadata.  The LFB maintains the Routing Information Base
    (RIB), which contains all the routes discovered
    an attribute table indexed by all this metadata.  Each table entry
    attribute specifies the routing
    protocols with all kinds number of attributes relevant to the routes. The
    forwarding plane uses a different database, times the Forwarding
    Information Base (FIB), which contains only packet must be
    replicated, the active subset of
    those routes (only outputs (within the best routes chosen for forwarding) with
    attributes output group) that are only relevant for forwarding. A component in
    the control plane, termed Route Table Manager (RTM), is responsible
    to manage the RIB in the CE each
    replicated packet should be emitted on, and maintain the FIB configurable metadata
    to be associated with each replicated packet.

    The Replicator LFB can be used by the FEs.
    Therefore, the most important aspect in modeling for multicast replication, or for
    transparent packet interception.

 7. Satisfying the forwarding
    functions is Requirements on FE Model

     This section describes how the data proposed FE model for meets the FIB.
     requirements outlined in Section 5 of RFC 3654 [1]. The model also needs to
    support
     requirements can be separated into general requirements (Sections
     5, 5.1 - 5.4) and the possibility specification of multiple paths.

    At the very minimum, each route in the FIB needs to contain the
    following layer-3 information:
       . the prefix minimal set of logical
     functions that the destination IP address;
       . the length of FE model must support (Section 5.5).

     The general requirement on the prefix;
       . FE model is that it be able to
     express the number logical packet processing capability of equal-cost multi-path;
       . the next hop IP address FE,
     through both a capability and the egress interface for each
         path.

    Another aspect of the forwarding functions is the method to resolve a next hop destination IP address into state model. In addition, the associated media
    address. There are many ways FE
     model is expected to resolve Layer 3 allow flexible implementations and be
     extensible to Layer 2 address
    mapping depending upon link layer. For example, in case allow defining new logical functions.

     A major component of Ethernet
    links, the Address Resolution Protocol (ARP, defined in RFC 826) is
    used for IPv4 address resolution.

    Assuming a separate table proposed FE model is maintained in the FEs for address
    resolution, the following information Logical Function
     Block (LFB) model. Each distinct logical function in an FE is necessary for each address
    resolution entry:
       . the next hop IP address;
       .
     modeled as an LFB. Operational parameters of the media address.

    Different implementation may have different ways LFB that must be
     visible to maintain the
    FIB CE are conceptualized as LFB attributes. These
     attributes support flexible implementations by allowing an FE to
     specify supported optional features and to indicate which
     attributes are configurable by the resolution table. For example, a FIB may consist CE for an LFB class (e.g.,
     express the capability of two
    separate tables, one to match the prefix to FE). Configurable attributes also
     provide the next hop and CE some flexibility in specifying the
    other behavior of a
     LFB. When multiple LFBs belonging to match the next hop to same LFB class are
     instantiated on an FE, each of those LFBs could be configured with
     different attribute settings. By querying the egress interface. Another
    implementation may use one table instead.  Our approach settings of using the fine-grained FE blocks to model
     attributes for an instantiated LFB, one can determine the forwarding functions allow
    such flexibility.

    For example, a combination state of
     that LFB.

     Instantiated LFBs are interconnected in a classifier, followed by a modifier
    and a redirector can model directed graph that
     describes the forwarding function.

 8.3. QoS Functions

    The IETF community has already done lots work in modeling ordering of the QoS functions in within an FE. This
     directed graph is described by the datapath. topology model. The IETF DiffServ working group has
    defined an informal data model [3]for QoS-related functions like
    classification, metering, marking, actions combination
     of the attributes of marking, dropping,
    counting the instantiated LFBs and multiplexing, queueing, etc. The latest work the topology
     describe the packet processing functions available on
    DiffServ PIB (Policy Information Base) [4] defines a set the FE
     (current state).

     Another key component of
    provisioning classes the FE model is the FE attributes. The FE
     attributes are used mainly to provide policy control describe the capabilities of resources
    implementing the Diferentiated Services Architecture. DiffServ PIB FE,
     but they also has an element of capability flavor to it. convey information about the FE state.

    The IETF Policy
    Framework working group is also defining an informational FE model [6]
    to describe also includes a definition of the QoS mechanisms inherent in different network
    devices, including hosts.  This model minimal set of LFBs
    that is intended to be used with required by Section 5.5 of [1]. The sections that follow
    provide more detail on the QoS Policy Information Model [7] to specifics of each of those LFBs.

 7.1. Port Functions

    The FE model how policies can be
    defined used to manage define a Port LFB class and configure its
    technology-specific subclasses (see Section 6.1) to map the QoS mechanisms present in
    physical port of the
    datapath device to the LFB model with both static and
    configurable attributes. The static attributes model the type of devices.

    Here
    port, link speed etc. The configurable attributes model the
    addressing, administrative status etc.

 7.2. Forwarding Functions
    Because forwarding function is a list one of QoS functions that should be supported by the FE
    model:
       . Classifier
       . Meter
       . Marker
       . Dropper
       . Counter
       . Queue and Scheduler
       . Shaper

    LFB class library as described in Section 7 already supports most
    of these common and important
    functions directly.

    Note that A shaper should be modeled as a queue feeding a scheduler
    input in the forwarding plane, it requires special attention in
    modeling to allow design flexibility, implementation efficiency,
    modeling accuracy and configuration simplicity.  Toward that end,
    it is serviced using a non-work-conserving policy.  The
    queue LFB would include multiple FIFO queue resources (selected recommended that the core forwarding function being modeled
    by
    META_QUEUE_ID) the combination of two LFBs -- Longest Prefix Match (LPM)
    classifier LFB (see Section 6.4) and AQManagers assigned Next Hop LFB (see Section
    6.5).  Special header writer LFB (see Section 6.8) is also needed
    to queues. take care of TTL decrement and checksum etc.

 7.3. QoS Functions

    The scheduler LFB would include multiple input resources with associated service
    policies. class library already includes descriptions of the Meter
    (Section 6.6.), Queue outputs would be bound (Section 6.13), Scheduler (Section 6.14),
    Counter (Section 6.9) and Dropper (Section 6.10) LFBs to scheduler inputs via
    passing META_SCHED_ID with the packet at support
    the output of QoS functions in the queue.
    The metadata is only there forwarding path.  FE model can also be
    used to define other useful QoS functions as needed.  These LFBs
    allow correlation in configuration
    parameters between the queueing LFB and the scheduler LFB (assign
    queue X CE to scheduler input Y by configuring queue X manipulate the attributes to emit
    META_SCHED_ID Y).

 8.4. model IntServ or
    DiffServ functions.

 7.4. Generic Filtering Functions
    A combination

    Various combinations of classifier, redirector, modifier etc. Classifier (Section 6.4), Redirector
    (Section 6.7), Meter (Section 6.6.) and Dropper (Section 6.10) LFBs
    can model a complex set of filtering functions. For example, Figure 8
    represents a filtering function that classifies packets into one of
    two logical classes: forward, and drop.  These logical classes are
    represented as meta data M1, and M2.  The re-director uses this
    meta data to re-direct the packet to one of two outputs.  The first
    sinks the packet back into the network.  The second silently drops
    the packets.

                 classifier -> redirector  ---M1---  sink
                                           \
                                            \-M2---  dropper

                  Figure 8. A filtering function example.

 8.5.

 7.5. Vendor Specific Functions

    New LFB class classes can always be defined according to the LFB model as
    described in Section 7 4 to support vendor specific functions.  New  A new
    LFB class can also be derived from an existing LFB class by through
    inheritance.

 8.6.High-Touch

 7.6.High-Touch Functions

    High-touch functions are those that take action on the contents or
    headers of a packet based on content other than what is found in
    the IP header.  Examples of such functions include NAT, ALG,
    firewall, tunneling and L7 content recognition.

    The ForCES working group first needs  It is not
    practical to include all possible high touch functions in the
    initial LFB library in Section 6 due to agree upon a small set the number and complexity.
    However, the flexibility of
    common the LFB model and the power of
    interconnection in LFB topology should make it possible to model
    any high-touch functions.

 7.7. Security Functions
    Security functions with well-defined behavior to be are not included in the initial LFB class
    library. Here is a list of candidate
    blocks:
       . NAT
       . Firewall
       . Encapsulator
       . Decapsulator

 8.7. Security Functions

    The  However, the FE model must be able is flexible and powerful enough to describe
    model the types of encryption and/or decryption functions that an
    FE supports and the associated attributes for such functions.

    The IP Security Policy (IPSP) Working Group in the IETF has started
    work in defining the IPSec Policy Information Base [8]. Further
    study on this is needed  We should
    try to determine whether it can be reused here
    and any other additional reuse the work is needed.

 8.8. as much as we can.

 7.8. Off-loaded Functions

    In addition to the packet processing functions that are typical to
    find on the FEs, some logical functions may also be executed
    asynchronously by some FEs, according to a certain finite-state
    machine, triggered not only by packet events, but by timer events
    as well.  Examples of such functions include finite-state machine
    execution required by TCP termination or OSPF Hello processing off-
    loaded from the CE. The  By defining LFBs for such functions, the FE
    model must be is capable of expressing these asynchronous functions, so
    that the CE may take advantage of such off-loaded functions on the
    FEs.

    The ForCES working group first needs to agree upon a small set of
    such off-loaded functions with well-understood behavior and
    interactions with the control plane.

 8.9.

 7.9. IPFLOW/PSAMP Functions

    [9] defines architecture for IP traffic flow monitoring, measuring
    and exporting.  The LFB model supports statistics collection on the
    LFB by including statistical attributes (Section 4.4.4) for all 4.7.4) in the LFB
    class definitions, and definitions; in addition, special statistics collection LFBs
    such as meter LFB (Section 7.2.2) and counter LFB (Section 7.2.1)
    can also be used to support accounting functions in the FE.

    [10] describes a framework to define a standard set of capabilities
    for network elements to sample subsets of packets by statistical
    and other methods.  Time event generation, filter LFB, and
    counter/meter LFB are the elements needed to support packet
    filtering and sampling functions -- these elements are can all included be
    supported in the FE model.

 9.

 8. Using the FE model in the ForCES Protocol

    The actual model of the forwarding plane in a given NE is something
    the CE must learn and control via by communicating with the FEs (or by
    other means). Most of this communication will happen in the post-association post-
    association phase using the ForCES protocol. The following types of
    information must be exchanged between CEs and FEs via the ForCES
    protocol:
       1)  FE topology query;
       2)  FE capability declaration;
       3)  LFB topology (per FE) and configuration capabilities query;
       4)  LFB capability declaration;
       5)  State query of LFB attributes;
       6)  Manipulation of LFB attributes;
       7)  LFB topology reconfiguration.

    Items 1) through 5) are query exchanges, where the main flow of
    information being is from the FEs to the CEs. Items 1) through 4) are
    typically queried by the CE(s) in the beginning of the post-
    association (PA) phase, though they may be repeatedly queried at
    any time in the PA phase. Item 5) (state query) will be used at the
    beginning of the PA phase, and often frequently during the PA phase
    (especially for the query of statistical counters).

    Items 6) and 7) are "command" type types of exchanges, where the main
    flow of information being is from the CEs to the FEs. Messages in Item 6)
    (the LFB re-configuration commands) are expected to be used
    frequently.  Item 7) (LFB topology re-configuration) is needed only
    if dynamic LFB topologies are supported by the FEs and it is
    expected to be used infrequently.

    Among the seven types of payload information the ForCES protocol
    carries between CEs and FEs, the FE model covers all of them except
    item 1), which concerns the inter-FE topology.  The FE model
    focuses on the LFB and LFB topology within a single FE.  Since the
    information of related to item 1) requires global knowledge about all
    of the FEs and their inter-connection with each other, this
    exchange is made part of the ForCES base protocol instead of the FE
    model.

    The relationship between the FE model and the seven post-
    association messages are visualized in Figure 9:

                                                     +--------+
                                        ..........-->|   CE   |
                   /----\               .            +--------+
                   \____/ FE Model      .              ^    |
                   |    |................        (1),2 |    | 6, 7
                   |    |  (off-line)   .      3, 4, 5 |    |
                   \____/               .              |    v
                                        .            +--------+
                 e.g. RFCs              ..........-->|   FE   |
                                                     +--------+

    Figure 9. Relationship between the FE model and the ForCES protocol
      messages, where (1) is part of the ForCES base protocol, and the
                     rest are defined by the FE model.

    The actual encoding of these messages is defined by the ForCES
    protocol and beyond the scope of the FE model. Their discussion is
    nevertheless important here for the following reasons:
    .    These PA model components have considerable impact on the FE
    model. For example, some of the above information can be
    represented as attributes of the LFBs, in which case such
    attributes must be defined in the LFB classes.
    .    The understanding of the type of information that must be
    exchanged between the FEs FEs and CEs can help to select the
    appropriate protocol format and the actual encoding method (such as
    XML, TLVs).
    .    Understanding the frequency of these types of messages should
    influence the selection of the protocol format (efficiency
    considerations).

    An important part of the FE model is the port the FE uses for its
    message exchanges to and from the CE.  In the case that a dedicated
    port is used for CE-FE communication, we propose to use a special
    port LFB, called the CE-FE Port LFB (a subclass of the general Port
    LFB in Section 6.1), to model this dedicated CE-FE port.  The CE-FE
    Port LFB acts as both a source and sink for the traffic from and CEs can help to select
    the
          appropriate protocol format and CE.  Sometimes the actual encoding method
          (such as XML, TLVs).
       . Understanding CE-FE traffic does not have its own
    dedicated port, instead the frequency of these types of messages should
          influence data fabric is shared for the selection of data
    plane traffic and the protocol format (efficiency
          considerations). CE-FE traffic.  A special processing LFB can
    be used to model the ForCES packet encapsulation and decapsulation
    in such cases.

    The remaining sub-sections of this section address each of the
    seven message types.

 9.1.

 8.1. FE Topology Query

    (Editor's Note: It is still an open issue where the FE topology
    information query belongs -- it can be either supported as part of
    FE attributes in the FE model, or it can be supported by the ForCES
    protocol explicitly.  Hence the text here is tentative and subject
    to change per WG discussion.)
    An FE may contain zero, one or more external ingress ports.
    Similarly, an FE may contain zero, one or more external egress
    ports.  In another word, other words, not every FE has to contain any external
    ingress or egress interfaces.  For example, Figure 10 shows two
    cascading FEs.  FE #1 contains one external ingress interface but
    no external egress interface, while FE #2 contains one external
    egress interface but no ingress interfce. interface.  It is possible to
    connect these two FEs together via their internal interfaces to
    achieve the complete ingress-to-egress packet processing function.
    This provides the flexibility to spread the functions across
    multiple FEs and interconnect them together later for certain
    applications.

    While the inter-FE communication protocol is out of scope for
    ForCES, it is up to the CE to query and understand how multiple FEs
    are inter-connected to perform a complete ingress-egress packet
    processing function, like that such as the one described in Figure 10.  The inter-
    FE
    inter-FE topology information may be provided by FEs, may be hard-coded hard-
    coded into CE, or may be provided by some other entity (e.g., a bus
    manager) independent of the FEs.  So while the ForCES protocol
    supports FE topology query from FEs, it is optional for the CE to
    use it, assuming the CE has other means to gather such topology
    information.

       +-----------------------------------------------------+
       |  +---------+   +------------+   +---------+         |
     input|         |   |            |   |         | output  |
    ---+->| Ingress |-->|Header      |-->|IPv4     |---------+--->+
       |  | port    |   |Decompressor|   |Forwarder| FE      |    |
       |  +---------+   +------------+   +---------+ #1      |    |
       +-----------------------------------------------------+    V
                                                                  |
            +-----------------------<-----------------------------+
            |
            |    +----------------------------------------+
            V    |  +------------+   +----------+         |
            | input |            |   |          | output  |
            +->--+->|Header      |-->| Egress   |---------+-->
                 |  |Compressor  |   | port     | FE      |
                 |  +------------+   +----------+ #2      |
                 +----------------------------------------+

            Figure 10. An example of two FEs connected together.

    Once the inter-FE topology is discovered by the CE after this
    query, it is assumed that the inter-FE topology remains static.
    However, it is possible that an FE may go down during the NE
    operation, or a board may be inserted and a new FE activated, so
    the inter-FE topology will be affected.  It is up to the ForCES
    protocol to provide a mechanism for the CE to detect such events
    and deal with the change in FE topology.  FE topology is outside
    the scope of the FE model.

 9.2.

 8.2. FE Capability Declarations

    FEs will have many types of limitations. Some of the limitations
    must be expressed to the CEs as part of the capability model. The
    CEs must be able to query these capabilities on a per-FE basis.
    Examples:
       . Metadata passing capabilities of the FE. Understanding these
         capabilities will help the CE to evaluate the feasibility of
         LFB topologies, and hence to determine the availability of
         certain services.
       . Global resource query limitations (applicable to all LFBs of
         the FE).
       . LFB supported by the FE.
       . LFB class instantiation limit.
       . LFB topological limitations (linkage constraint, ordering
         etc.)

 9.3.

 8.3. LFB Topology and Topology Configurability Query

    The ForCES protocol must provide the means for the CEs to discover
    the current set of LFB instances in an FE and the interconnections
    between the LFBs within the FE.  In addition, there should be sufficient
    information provided on should be available to determine whether the FE
    supports any CE-
    initiated CE-initiated (dynamic) changes to the LFB topology,
    and if so, what
    are determine the allowed topologies. Topology
    configurability can also be considered as part of the FE capability
    query as described in Section 9.3.

 9.4.

 8.4. LFB Capability Declarations

    LFB class specifications will define a generic set of capabilities.
    When an LFB instance is implemented (instantiated) on a vendor's
    FE, some additional limitations may be introduced. Note that we
    discuss here only those limitations that are within the flexibility of
    the LFB class specification, that specification. That is, the LFB instance will remain
    compliant with the LFB class specification despite these
    limitations.  For example, certain features of an LFB class may be
    optional, in which case it must be possible for the CE to determine
    if an optional feature is supported by a given LFB instance or not.
    Also, the LFB class definitions will probably contain very few
    quantitative limits (e.g., size of tables), since these limits are
    typically imposed by the implementation. Therefore, quantitative
    limitations should always be expressed by capability arguments.

    LFB instances in the model of a particular FE implementation will
    possess limitations on the capabilities defined in the
    corresponding LFB class.  The LFB class specifications must define
    a set of capability arguments, and the CE must be able to query the
    actual capabilities of the LFB instance via querying the value of
    such arguments.  The capability query will typically happen when
    the LFB is first detected by the CE. Capabilities need not be re-
    queried in case of static limitations. In some cases, however, some
    capabilities may change in time (e.g., as a result of
    adding/removing other LFBs, or configuring certain attributes of
    some other LFB when the LFBs share physical resources), in which
    case additional mechanisms must be implemented to inform the CE
    about the changes.

    The following two broad types of limitations will exist:
       . Qualitative restrictions.  For example, a standardized multi-
         field classifier LFB class may define a large number of
         classification fields, but a given FE may support only a
         subset of those fields.
       . Quantitative restrictions, such as the maximum size of tables,
         etc.

    The capability parameters that can be queried on a given LFB class
    will be part of the LFB class specification.  The capability
    parameters should be regarded as special attributes of the LFB. The
    actual values of these arguments may be, therefore, obtained using
    the same attribute query mechanisms as used for other LFB
    attributes.

    Capability attributes will typically be read-only arguments, but in
    certain cases they may be configurable. For example, the size of a
    lookup table may be limited by the hardware (read-only), in other
    cases it may be configurable (read-write, within some hard limits).

    Assuming that capabilities will not change frequently, the
    efficiency of the protocol/schema/encoding is of secondary concern.

 9.5.

 8.5. State Query of LFB Attributes

    This feature must be provided by all FEs.  The ForCES protocol and
    the data schema/encoding conveyed by the protocol must together
    satisfy the following requirements to facilitate state query of the
    LFB attributes:
       . Must permit FE selection. This is primarily to refer to a
         single FE, but referring to a group of (or all) FEs may
         optional be supported.
       . Must permit LFB instance selection. This is primarily to refer
         to a single LFB instance of an FE, but optionally addressing
         of a group of LFBs (or all) may be supported.
       . Must support addressing of individual attribute of an LFB.
       . Must provide efficient encoding and decoding of the addressing
         info and the configured data.
       . Must provide efficient data transmission of the attribute
         state over the wire (to minimize communication load on the CE-
         FE link).

 9.6.

 8.6. LFB Attribute Manipulation

    This is a place-holder for all operations that the CE will use to
    populate, manipulate, and delete attributes of the LFB instances on
    the FEs.  This is how the CE configures an individual LFB instance.

    The same set of requirements as described in Section 9.5 for
    attribute query applies here for attribute manipulation as well.

    Support for various levels of feedback from the FE to the CE (e.g.,
    request received, configuration completed), as well as multi-
    attribute configuration transactions with atomic commit and
    rollback, may be necessary in some circumstances.

    (Editor's note: It remains an open issue as to whether or not other
    methods are needed in addition to "get attribute" and "set
    attribute" (such as multi-attribute transactions).  If the answer
    to that question is yes, it is not clear whether such methods
    should be supported by the FE model itself or the ForCES protocol.)

 9.7.

 8.7. LFB Topology Re-configuration

    Operations that will be needed to reconfigure LFB topology:
       . Create a new instance of a given LFB class on a given FE.
       . Connect a given output of LFB x to the given input of LFB y.
       . Disconnect: remove a link between a given output of an LFB and
         a given input of another LFB.
       . Delete a given LFB (automatically removing all interconnects
         to/from the LFB).

 10.

 9. Acknowledgments

    The authors would also like to thank
    Many of the following individuals for
    their colleagues in our companies and participants in the
    ForCES mailing list have provided invaluable technical input: David Putzolu, Hormuzd Khosravi,
    Eric Johnson, David Durham, Andrzej Matejko, T. Sridhar, Jamal Hadi
    Salim, Alex Audu, Gamil Cain.

 11. input into this work.

 10. Security Considerations

    The FE model describes the representation and organization of data
    sets and attributes in the FEs.  ForCES framework document [2]
    provides a comprehensive security analysis for the overall ForCES
    architecture.  For example, the ForCES protocol entities must be
    authenticated per the ForCES requirements before they can access
    the information elements described in this document via ForCES.
    The access to the information contained in the FE model is
    accomplished via the ForCES protocol which will be defined in
    separate documents and so the security issues will be addressed
    there.

 12.

 11. Normative References

    [1] Khosravi, H. et al., "Requirements for Separation of IP Control
    and Forwarding", work in progress, July 2003, <draft-ietf-forces-
    requirements-10.txt>.

 13. Informative References RFC 3654, November 2003.

    [2] Yang, L. et al., "Forwarding and Control Element Separation
    (ForCES) Framework", work in progress, July November 2003, <draft-ietf-
    forces-framework-07.txt>.
    forces-framework-13.txt>.

 12. Informative References

    [3] Bernet, Y. et al., "An Informal Management Model for Diffserv
    Routers", RFC 3290, May 2002.

    [4] Chan, K. et al., "Differentiated Services Quality of Service
    Policy Information Base", RFC 3317, March 2003.

    [5] Sahita, R. et al., "Framework Policy Information Base", RFC
    3318, March 2003.

    [6] Moore, B. et al., "Information Model for Describing Network
    Device QoS Datapath Mechanisms", work in progress, May 2002,
    <draft-ietf-policy-qos-device-info-model-08.txt>. RFC 3670, January 2004.

    [7] Snir, Y. et al., "Policy Framework QoS Information Model", work
    in progress, RFC
    3644, Nov 2001, <draft-ietf-policy-qos-info-model-04.txt". 2003.

    [8] Li, M. et al., "IPsec Policy Information Base", work in
    progress, January 2003, <draft-ietf-ipsp-ipsecpib-07.txt>.

    [9] Quittek, J. et Al., "Requirements for IP Flow Information
    Export", work in progress, June 2003, January 2004, <draft-ietf-ipfix-reqs-
    10.txt>.
    15.txt>.

    [10] Duffield, N., "A Framework for Passive Packet Measurement ",
    work in progress, June December 2003, <draft-ietf-psamp-framework-03.txt>. <draft-ietf-psamp-framework-
    05.txt>.

    [11] Pras, A. and Schoenwaelder, J., FRC 3444 "On the Difference
    between Information Models and Data Models", January 2003.

 14.

 13. Authors' Addresses

    L. Lily Yang
    Intel Labs Corp.
    Mail Stop: JF3-206
    2111 NE 25th Avenue
    Hillsboro, OR 97124, USA
    Phone: +1 503 264 8813
    Email: lily.l.yang@intel.com

    Joel M. Halpern
    Megisto Systems, Inc.
    20251 Century Blvd.
    Germantown, MD 20874-1162, USA
    Phone: +1 301 444-1783
    Email: jhalpern@megisto.com

    Ram Gopal
    Nokia Research Center
    5, Wayside Road,
    Burlington, MA 01803, USA
    Phone: +1 781 993 3685
    Email: ram.gopal@nokia.com

    Alan DeKok
    IDT Inc.
    1575 Carling Ave.
    Ottawa, ON K1G 0T3, Canada
    Phone: +1 613 724 6004 ext. 231
    Email: alan.dekok@idt.com

    Zsolt Haraszti
    Ericsson
    920 Main Campus Dr, St. 500
    Raleigh, NC  27606, USA
    Phone: +1 919 472 9949
    Email: zsolt.haraszti@ericsson.com

    Steven Blake
    Ericsson
    920 Main Campus Dr, St. 500
    Raleigh, NC  27606, USA
    Phone: +1 919 472 9913
    Email: steven.blake@ericsson.com

 15.

    Ellen Deleganes
    Intel Corp.
    Mail Stop: JF3-206
    2111 NE 25th Avenue
    Hillsboro, OR 97124, USA
    Phone: +1 503 712 4173
    Email: ellen.m.deleganes@intel.com

 14. Intellectual Property Right

    The authors are not aware of any intellectual property right issues
    pertaining to this document.

 16.

 15. IANA consideration

    A namespace is needed to uniquely identify the LFB type in the LFB
    class library.

    Frame type supported on input and output of LFB must also be
    uniquely identified.

    A set of metadata supported by the LFB model must also be uniquely
    identified with names. names or IDs.