<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE rfc SYSTEM "rfc2629.dtd" [
<!ENTITY RFC2119 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.2119.xml">
<!ENTITY RFC0768 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.0768.xml">
<!ENTITY RFC0791 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.0791.xml">
<!ENTITY RFC0792 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.0792.xml">
<!ENTITY RFC0793 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.0793.xml">
<!ENTITY RFC2460 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.2460.xml">
<!ENTITY RFC2460 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.2460.xml">
<!ENTITY RFC3060 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.3060.xml">
<!ENTITY RFC3460 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.3460.xml">
<!ENTITY RFC3644 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.3644.xml">
<!ENTITY RFC4960 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.4960.xml">
<!ENTITY I-D.ietf-i2rs-architecture SYSTEM "http://xml.resource.org/public/rfc/bibxml3/reference.I-D.ietf-i2rs-architecture.xml">
<!ENTITY I-D.ietf-i2rs-rib-info-model SYSTEM "http://xml.resource.org/public/rfc/bibxml3/reference.I-D.ietf-i2rs-rib-info-model.xml">
<!ENTITY I-D.hares-i2rs-bnp-info-model SYSTEM "http://xml.resource.org/public/rfc/bibxml3/reference.I-D.hares-i2rs-bnp-info-model.xml">
<!ENTITY I-D.hares-i2rs-usecase-reqs-summary SYSTEM "http://xml.resource.org/public/rfc/bibxml3/reference.I-D.hares-i2rs-usecase-reqs-summary.xml">
<!ENTITY I-D.hares-i2rs-bgp-im SYSTEM "http://xml.resource.org/public/rfc/bibxml3/reference.I-D.hares-i2rs-bgp-im.xml">
<!ENTITY I-D.hares-i2rs-info-model-service-topo SYSTEM "http://xml.resource.org/public/rfc/bibxml3/reference.I-D.hares-i2rs-info-model-service-topo.xml">
<!ENTITY I-D.bogdanovic-netmod-acl-model SYSTEM "http://xml.resource.org/public/rfc/bibxml3/reference.I-D.bogdanovic-netmod-acl-model.xml">
<!ENTITY I-D.zhdankin-netmod-bgp-cfg SYSTEM "http://xml.resource.org/public/rfc/bibxml3/reference.I-D.zhdankin-netmod-bgp-cfg.xml">
]>
<?xml-stylesheet type='text/xsl' href='rfc2629.xslt' ?>
<?rfc toc="yes" ?>
<?rfc symrefs="yes" ?>
<?rfc sortrefs="yes"?>
<?rfc compact="yes" ?>
<?rfc subcompact="no" ?>
<?rfc iprnotified="no" ?>
<?rfc strict="no" ?>
<rfc category="std" docName="draft-hareskini-i2rs-pbr-info-model-00"
     ipr="trust200902">
  <front>
    <title abbrev="IM for policy">An Information Model for Basic Network Policy </title>
    <author fullname="Susan Hares" initials="S" surname="Hares">
      <organization>Huawei</organization>
      <address>
        <postal>
          <street>7453 Hickory Hill</street>
          <city>Saline</city>
          <region>MI</region>
          <code>48176</code>
          <country>USA</country>
        </postal>
        <email>shares@ndzh.com</email>
      </address>
    </author>
	<author fullname="Sriganesh" initials="S." surname="Kini">
      <organization>Ericsson</organization>
      <address>
        <postal>
          <street></street>
          <city> </city>
          <country></country>
        </postal>
        <email>sriganesh.kini@ericsson.com</email>
      </address>
    </author>

    <author fullname="Anoop Ghanwani" initials="A." surname="Ghanwani">
      <organization>Dell</organization>
      <address>
        <postal>
          <street></street>
          <city> </city>
          <country></country>
        </postal>
        <email>anoop@alumni.duke.edu</email>
      </address>
    </author>
    <author fullname="Ram Krishnan" initials="R." surname="Krishnan">
      <organization>Brocade</organization>
      <address>
        <postal>
          <street></street>
          <city></city>
          <country></country>
        </postal>
        <email>ramk@Brocade.com</email>
      </address>
    </author>
	    <author fullname="Qin Wu" initials="Q." surname="Wu">
      <organization>Huawei</organization>
      <address>
        <postal>
          <street></street>
          <city>Beijing</city>
          <country>China</country>
        </postal>
        <email>Bill.Wu@huawei.com</email>
      </address>
    </author>
    <author fullname="Dean Bogdanovic" initials="D." surname="Bogdanovic">
      <organization>Juniper Networks</organization>
      <address>
        <postal>
          <street></street>
          <city>Westford, MA</city>
          <country></country>
        </postal>
        <email>deanb@juniper.net</email>
      </address>
    </author>
    <date year="2014" />
    <area>Routing Area</area>
    <workgroup>I2RS working group</workgroup>
    <keyword>RFC</keyword>
    <keyword>Request for Comments</keyword>
    <keyword>I-D</keyword>
    <keyword>Internet-Draft</keyword>
    <keyword>I2RS</keyword>
    <abstract>
      <t>This document defines the I2RS Policy-Based Routing (PBR)
	  policy information model describing I2RS interactions with the 
	  PBR in a routing system. The PBR IM uses Policy Core
      Information Model (PCIM) framework (RFC3060, RFC3460, and RFC3644)
	  to specify the ordered route list within the PBR RIB
	  adapted to I2RS. 
	 </t> 
    </abstract>
  </front>

  <middle>
    <section anchor="intro" title="Introduction">
      <t>The Interface to the Routing System (I2RS) <xref target="I-D.ietf-i2rs-architecture"></xref> 
	  architecture calls out for read and write access to the information and state within the routing
      elements. The I2RS client interacts with the I2RS agent
	  in one or more network routing systems.</t>
     <t> This I2RS Policy-Based Routing (PBR) Information model defined in this document
	 describes the I2RS interaction with PBR within a routing element.</t>
	 <t> The PBR requires an ordered list of policy. This PBR 
	 informational model uses the Policy Core Information Model 
	 (PCIM) framework as described in <xref target="RFC3060"></xref>
	 with its extensions in <xref target="RFC3460"></xref> and 
	 QOS model in <xref target="RFC3644"></xref>. 
	 The adaptation of the PCIM model to I2RS use is described
	 in <xref target="I-D.hares-i2rs-bnp-info-model"></xref>. </t>

    </section>
    <section title="Definitions and Acronyms">
	
	      <t>
		  <list style="hanging"> 
          <t hangText="CLI"><vspace blankLines="1" /> Command Line Interface</t>
          <t hangText="IGP"><vspace blankLines="1" /> IGP is an Interior Gateway Protocol</t>
           <t hangText="Information Model"><vspace blankLines="1" /> is an abstract model of a conceptual domain,
          independent of a specific implementations or data representation</t>
		  <t hangText="MPLS"><vspace blankLines="1" /> Multi-Protocol Label Switching. </t>
          <t hangText="NETCONF"><vspace blankLines="1" /> The Network Configuration Protocol</t>
		  <t hangText="PBR"><vspace blankLines="1" /> Policy Based Routing. </t>
	      <t hangText="PBR Default RIB"><vspace blankLines="1" /> The PBR Default RIB is the 
		    default Routing Information Based use based for forwarding traffic
			for routes which do not match any PBR. </t>
		  <t hangText="PBR-RIB"><vspace blankLines="1" /> Policy Based Routing-Routing Information Base </t> 
		  <t hangText="PCIM"><vspace blankLines="1" /> Policy Core Information Model directly and        
           indirectly the work of the PCIM Working Group. </t> 
		  <t hangText="Policy Rule"><vspace blankLines="1" /> The PCIM 
		  framework defines a policy rule is often represented by "if Condition then action". 
		  The action may have set, modify, or notify actions. 
		  The <xref target="I-D.hares-i2rs-bnp-info-model"></xref> provides
		  examines of how ACLs, Prefix lists, and more complex BGP policy can
		  be combined into a policy rule. </t> 
		  <t hangText="Policy Group"><vspace blankLines="1" /> The PCIM
		  Framework defines policy groups as a group of  policy rules
		  into ordered and prioritized groups of policy. </t>
		  <t hangText="Policy Set"><vspace blankLines="1" /> The PCIM 
		  framework defines a the Policy set (specifically the PolicySetComponent)
		  as an aggregation class that allows aggregation of 
		  Policy Groups and the nesting of Policy Groups under Policy set rules.  
		  The PolicySet rules include nesting policies and
		  matching strategies (all-matching or first-match), priorities
		  between rules, and roles. One of the roles that must be conditionally
		  matched is the models denotation of "read-only" or "read-write"
		  policy rules into ordered and prioritized groups of policy.
		   The <xref target="I-D.hares-i2rs-bnp-info-model"></xref> suggests
		   that non-nested policy groups may be sufficient for initial I2RS and configuration 
		   work. </t>
		  <t hangText="RIB IM "><vspace blankLines="1" /> RIB Informational Model (RIB IM) 
		  <xref target="I-D.ietf-i2rs-rib-info-model"></xref> </t>
		  <t hangText="Routing instance"><vspace blankLines="1" /> Routing Code often has the ability to spin up multiple 
		   copies of itself into virtual machines.  Each Routing code instance or
		   each protocol instance is denoted as N_INSTANCE in the text below. </t>
		 <t hangText="SNMP"><vspace blankLines="1" /> The Simple Network Management Protocol</t>
        </list>
		</t>
    </section>
	
    <section title="The Policy Based Routing Information Model Overview">
          <t>Policy Based Routing (PBR) is a widely used term in the industry to describe a 
		  a technique used to make packet forwarding decisions
          decisions based on policies set by the network administrator. PBR
          enables network administrator to forward the packet based on other
          criteria than the destination address in the packet, which is used
          to lookup an entry in the routing table. </t>

          <t>The PBR problem can be viewed as a resource
          allocation problem that incorporates business decision
		  with routing. PBR may be used to provide many benefits, including better
		  resource allocation, load balancing and QoS.</t>

          <t>Routing decisions in PBR are based on several
          criteria beyond destination address, such as application,
		  IP protocol used, identity of the end system, and even packet size. 
		  Policy actions are typically applied before applying QoS constraints
          since policy actions may overrides QoS constraint.</t>
		 <t> The I2RS use cases which benefit from PBR are:
		 Protocol independent Use cases and large flow use cases
		 described in <xref target="I-D.hares-i2rs-usecase-reqs-summary"></xref> 
		</t> 
	  <t> The PBR policies are specified in most routers/switches as 
	  an ordered set of rules. Each policy rule has a set of match conditions,
	  and a set of actions which may include forwarding actions and QoS actions.
	  Since policy rules, groups of policy, and ordered sets of policy are used
	  in other protocols (BGP or MPLS), these policy rules have been abstracted into 
	  a basic network policy instantiation of the PCIM 
	   (<xref target="RFC3060"></xref>, <xref target="RFC3460"></xref>, and 
	    <xref target="RFC3644"></xref>). This instantiation include in the 
       ordered policy rule the references to other policy match-action 
       conditions such as the ACLs (<xref target="I-D.bogdanovic-netmod-acl-model"></xref>), and
	   Prefix list (<xref target="I-D.zhdankin-netmod-bgp-cfg"></xref>).
	    </t>
		<section title="Scope"> 
		<t> 
		A PBR IM can be considered in either a top-down view examining the policy which controls
		the data flow or from a bottom-up view which considers the data plane.  A top-down view
		considers how policies control protocols (BGP or IGPs (ISIS/OSPF)) transfer of routes to determine 
		how data flows. The bottoms-up view considers the forwarding data planes that must be supported. 
		In this view,the match filters must consider IP [both IPv4 and IPv6], 
		but may also consider MPLS and encapsulated
		protocols such as TCP <xref target="RFC0793"></xref>, UDP <xref target="RFC0768"></xref>,
		STCP <xref target="RFC4960"></xref>, ICMP <xref target="RFC0792"></xref>. 
		This draft takes the bottoms-up viewpoint which looks at how the PBR RIB controls
		the data plane. </t>
		<t> 
		This draft considers match and action filters for the data-planes using IP
		(both IPv4 <xref target="RFC0791"></xref> and IPV6 <xref target="RFC2460"></xref>).
		</t> 
		</section> 
	</section>
    <section title="PBR-RIB module ">
		<t> A PBR-RIB is an entity that contains an ordered set of policy routes and is
		analogous to a RIB defined in <xref target="I-D.ietf-i2rs-rib-info-model"></xref>. 
		An ordered set of policy routes implies that the insertion into a PBR-RIB
		must allow for inserting of a PBR route at any specific position and deleting a route at a specific 
		position.  The ability to change a policy rule at a specific position combines these two 
		functions (deleting an existing policy rule  and adding a new policy rule). </t>
		<t>Each PBR-RIB is contained within a routing instance, but 
        one routing instance (named by an INSTANCE_NAME) can contain multiple PBR RIBs.
		Each routing instance is associated with a set of interfaces, a router-id 
		a PBR default-RIB, and list of PBR-RIBs. Only some of the interfaces associated
		with a routing instance may be associated with a PBR-RIB. Each interface
		can be associated with at most one PBR RIB. 
		</t> 
		<t> Packets arriving on an interface associated with a PBR-RIB will be forwarded based on a PBR-RIB
		in the list or PBR Default RIB (if no matches occur).  The policy processing within the PBR process
		within the routing system is expected to do the following:
		<list style="symbols">
		<t> When a packet successfully matches a PBR Match term/entry, the corresponding
		policy-actions are applied.</t>
		<t>If a packet does not match a PBR match term/entry, the PBR processing, goes to the next 
		term/entry in the order, and looks for a match, within the current filter or goes to the 
		next filter in the list.  This continues until either a PBR match term/entry is successfully
		matched, or no more filters in the list exists.  </t>
		<t>If no match has been found within the PBR filter list, then the packet will be
		forwarded using the PBR Default-RIB if one exists.  If no PBR Default-RIB is specified,
 		the packet will be discarded.
   </t>
		</list>
		</t> 
		<t> 
		  <figure>
            <artwork> 
			
         +-------------------------------+
         |     routing instance          |
         +--|--------|---------------+---+
		    *        |               |
		    |        |               |
    +-----------+ +-------------+ +-----------+
    |interface* | |PBR_RIB *list| |PBR-Default|
    |  list     | |             | |-RIB       |
    +-----------+ +--|----------+ +---|-------+
		             |              RIB (RIB-info IM) 
                     ^
                    /|\ 
         +-----------^-----------+
         |       PBR RIB* list   |
         +-----------|-----------+
                     |
		 +-----------------------+
		 |  BNP Policy Set       | [Note: This layer 		 
		 |                       |   can be skipped if
		 |(nested ordered policy |   groups are not nested.] 
		 | from RFC3466)         |
		 +----------|------------+
		            |
         +-----------------------+
         | BNP-Policy-Group*     |
		 |                       |
		 |(list of ordered groups|
		 | RFC3466 policy group  |
		 | augmented with I2RS   |
		 | scope)                |
		 +-----------|-----------+
		             |
		 +-----------------------+			 
  		 | BNP-Policy-Rule*      |
		 |                       |
         | (ordered list of      |
         | RFC3466 policy rules) |
		 | augmented with        |
		 | policy-order, status, | 
		 | and refcnt) with ACL  |
         | and other condition-  |
         | action matches        |		 
         +-----------------------+		 
    
                 Figure 1: Routing instance with PBR RIB  
			</artwork>
          </figure>
		  </t> 
		<t>
		The PBR entries associated with each PBR in a routing instance are:  
		<list style="hanging">
		<t hangText="pbr-instance-name"><vspace blankLines="1" /> Name of Routing instance </t>
		<t hangText="pbr-router-id"><vspace blankLines="1" /> router id associated 
		with the PBR function of the Routing instance </t>
		<t hangText="Interface_list"><vspace blankLines="1" /> A list of interfaces 
		 that all of the PBR  RIBs operate over.  This list must be a subset of the 
		 interface_list associated with the routing instance. 
		</t>
	    <t hangText="PBR Default RIB"><vspace blankLines="1" /> A RIB contained 
		in the same routing instance that can be used to forward packets 
		when the FIB entries in the PBR-RIB list do not match the packets.
		The PBR Default-RIB forwards based on destination based routing. </t>
		<t hangText="PBR-RIB* list"><vspace blankLines="1" /> list of 
		PBR-RIBs</t>
		</list> 
		</t> 
		<t> 
		The Top-level Yang structure for the PBR RIB is: 
		  <figure>
            <artwork>
 module: PBR 
   +--PRB-RIB-module
      +--rw pbr-instance-name 
      +--rw pbr-router-id  uint32
	  +--rw pbr-interface* 
	  |  +--rw pbr-interface interface-ref-id
	  +--rw PBR-Default-RIB 
      +--rw PBR-RIB
	     +--rw PBR-RIB-Name
	  	 +--rw PBR-RIB-AFI
		 +--rw PBR-RIB-intf* 
		 +--rw PBR-status-info
		 |  +--rw pbr-update-ref uint64
		 +--rw PBR-Ordered-Route-Policy
		     +--rw pbr-group-policy* [group-policy-ref]
             |  +--rw group-policy-ref  uint16	
             |  +--rw group-policy-name string 			 
			 |  +--ro group-policy-status-info 
			 |  |  +--ro group-policy-status
			 |  |  +--ro group-policy-inactive-reason
		  	 |  +--rw policy-rule* [policy-rule-ref]
			 |     +--rw policy-rule-ref
             |     +--ro policy-rule-status-info 			 
			 |     |  +--ro policy-rule-status enumeration  
			 |     |  +--ro policy-rule-inactive-reason
             |     +--rw pbr-match-filter* [nr-policy-match]
             |        +--rw pbr-match-term
             |        |  +--rw pbr-match-condition
             |        |  |    +--rw nr-policy-match
             |        |  |    +--rw pbr-ipv4-matches
			 |        |  |    +--rw pbr-ipv6-matche
			 |        |  |    +--rw pbr-transport-matches
             |        |  |    +--rw pbr-combo-operator
             |        |  +--rw pbr-rule-action
             |        |       +--rw pbr-QOS-acts [nbr-act]
             |        |       +--rw npbr-act
			 |        |       +--rw set-in-ipv4-packet
             |        |       |  ...
			 |        |       +--rw set-in-ipv6-packet
             |        |       | ...
			 |        |       +--rw set-vendor
			 |        |       |  . . .
			 |        +--rw pbr-forwarding-actions 
			 |        |  +--rw pbr-std-fwd enumeration 
			 |        |  +--rw pbr-vendor-fw enumeration
			 +--rw pbr-policy-set[policy-set-name] 
			    +--rw policy-set-name
				+   . . . 

		  Figure 2: PBR RIB Yang Structure   
			</artwork>
          </figure>
		  </t> 
		<section title="PBR RIB">
		<t> 
		Each PBR RIB has the following: 
		<list style="symbols">
	    <t> PBR-RIB-Name - Name identifier for PBR RIB </t>
		<t> PBR-RIB-AFI -  AFI Supported by the PBR RIB </t>
		<t> PBR-RIB-intf* - Interface PBR operates on. Note that an interface 
		can be associated with at most one PBR RIB.  For example interfaces eth1 and eth2 
		can be associated to PBR_RIB, but these two interfaces cannot be connected
		to any other PBR RIB. </t> 
		<t> PBR-Status-info - status at PBR RIB level which includes number of times
		since reconfiguration this PBR has been updated. </t> 
		<t> PBR-Ordered-Route-Policy contains two sub-elements:
		<list style="symbols">
		<t> pbr-group-policy - group policy list indexed by group-policy-ref number. Policy
            group contains a reference number (group-policy-ref), name, status-info, and a list
			of policy-rules. the group policy status can be one of the following:
			installed, active, inactive, I2RS-active, and I2RS-inactive). The 
			inactive reason can be one of the following: null, poicy-conflict, i2rs-supersedes,
			unsupported). </t>
		<t> pbr-policy-set -  policy set identified by name </t>
		</list>
		</t> 
		</list>
		</t> 
        <t> Initially, it is expected the simply group policy
		list will be sufficient. (See <xref target="I-D.hares-i2rs-bnp-info-model"></xref>
		for an examples of the policy rules can contain ACL policy,
		Prefix-list policy, and more complex (match/set) policy.)
 		</t>
		</section> 
        <section title="PBR Rule Component">
          <t>A PBR policy rule used by has the following general architecture. 
          <figure>
            <artwork> 
			
         +-----------------------+
         |     Policy Rule       |
		 |     (PBR usage)       |
         +--|-----------------|--+
            :                 :     .......
            :                 :     :     :
   +--------V-------+ +-------V-------+   :
   | PBR Condition  | |   PBR Action  |&lt;...
   +----------------+ +-+----------+--+
                       /|\        /|\ 
               "extends"|          | "extends"
                    +---+          +--------+
                    |                       |
            +-------^-------+         +-----^---------+
            |  QoS Action   |         |Forward Action |
            +---------------+         +---------------+
              :     :    :                 :     :    :
          ....:     :    :.....       .....:     :    :.....
          :         :         :       :          :         :
     +----V---+ +---V----+ +--V---+ +-V------++--V-----++--V-----+
     |Set     | |QoS     | |QoS   | |Forward ||Next Hop||Next Hop|
     |Operator| |Variable| |Value | |Operator||Variable||Value   |
     +--------+ +--------+ +------+ +--------++--+-----++--------+
                                                /|\     
                                                 | "extends"
                                             +---^----+
                                             |Next Hop|
                                             |Type    |
                                             +--------+
                 Figure 3: Policy Rules for PBR routing 
			</artwork>
          </figure>
		  </t> 
	    <t> 
		The policy-rule contains the following:  
		<list style="symbols">
		<t>PBR-match-filter - ordered PBR match field for a route entry
		 which contains either: 
		   <list style="symbols">
		    <t> nr-policy-match - order number in match sequence </t> 
		    <t> pbr-ipv4-matches - one or more matches of IPv4 source address, IPv4 destination address, IPv4 Protocol,
		     IPv4 TOS/DSCP field, IPv4 ICMP field, and the length of the packet. These matches can be 
		     exact matches, longest prefix matches for addresses, or range matches for values in TOS/DSCP field, 
		     ICMP field or length of packet. </t>
		    <t> pbr-iv6-matches - one or more match of IPv6 source address, IPv6 destination address, IPvs Traffic class (DSCP),
		    IPv6 Flow label, IPv6 payload length, IPv6 next-header, hop-limit.   These matches can be exact matches, 
		    longest prefix matches for addresses, or range matches. </t>
		    <t> pbr-transport-matches - one or more matches in source port or destination port </t> 
		    <t> pbr-combo-operator - logical OR or logical AND that combine matches in one match filter. </t>  
		     </list> 
		 </t>
		 <t>pbr-rule-action*  - An ordered list of policy actions that includes the following: 
   		    <list style="symbols">
		    <t> npbr-acts - order number in action sequence </t> 
	   	    <t> Actions: set values in one or more of the following: 
		        <list style="symbols"> 
		        <t>IPv4 packets in IPv4 source address, IPv4 destination address, IPv4 Protocol,
		         IPv4 TOS/DSCP field, IPv4 ICMP field or the length of the packet.  (Please note
		         that hardware data plane forwarders may only be able to set TOS/DSCP while
		         software data plane forwarders may be able set additional fields.)</t>
		        <t>IPv6 packets in  IPv6 source address, IPv6 destination address, IPv6 Protocol value, 
		        IPv6 Flow, or IPv6 packet length. </t> 
		         </list>
 		     </t>
		     <t> pbr-forwarding-actions - which includes
                 <list style="symbols"> 
		         <t> pbr-std-forwarding - (enumeration) forwarding packet 
		            <list style="symbols">
		            <t> Drop_Packet - drop packet </t>
		            <t> Drop_Packet_ICMP - dropping packet with ICMP unreachable sent </t>
		            <t> Forward_Packet_specific - send to specific next hop </t>
		            <t> Forward_Packet_default - forward based on PBR Default RIB </t> 
		             </list>
		          </t> 
		          <t> pbr-vendor-fwd - Vendor specific action </t> 
		          </list>
		      </t>
		     </list> 
		  </t>
		  </list>
		</t> 
		</section>	
	   <section title="I2RS PRB RIB interaction with PBR RIB">
		<t>The I2RS client-agent pair PBR process within a routing process to add 
		ephemeral these changes to the PBR State so that </t>
		<t> 	PBR-running = PBR-config + PBR-I2RS-ephemeral </t>
		<t> The I2RS ephemeral state will not survive a reboot of the machine.  
		Upon a reboot, the I2RS client must reload the I2RS Agent with the I2RS PBR RIB state lost in the
		reboot. 
		</t> 
		<t> The PBR RIB module must allow both the I2RS client-agent to  
		to read the PBR IM as as query or as a notification stream. The 
		pbr-update-ref parameter of the PBR-status-info provides 
		an update count for the PBR configuration to indicate if the
		PBR has been updated with additions or deletions of the PBR policy rules. 
		This provides the I2RS interface a quick way to check for 
		changes by other entities to the PBR route list. 
		</t> 
		</section> 
	 </section> 
    <section title="Relationship between PBR Rule Model and RIB Information Model">
          <t> The RIB in a router with I2RS is the following: </t>
          <t>  running RIB = configured-RIB + routes-installed-from-protocols + I2RS-ephemeral-state </t>
		<t> As described in <xref target="I-D.ietf-i2rs-rib-info-model"> </xref>, 
		  the I2RS ephemeral RIB information in routing instance contains a collection 
		  of RIBs, interfaces, and routing parameters including the following:
		     <list style="symbols">
              <t>The set of interfaces indicates which interfaces are
              associated with this routing instance. </t>
              <t>The RIBs specify how incoming traffic is to be forwarded
              based on destination (E.g. RIB and PBR-RIB). </t>
              <t>The routing parameters control the information in the
              RIBs.</t>
            </list>
		</t>
          <t>PBR RIB and RIB can not be used at the same time, which means:
			<list style="symbols">
              <t>If a router doesn’t support policy based routing, a router
              MUST use RIB and MUST not use PBR RIB.</t>
              <t>If a router supports policy based routing:<list>
                  <t>PBR-RIB is used </t>
				  <t>Multiple PBR-RIBs may exist within a routing instance </t>
				  <t>An interface can be associated with at most one PBR-RIB </t> 
                  <t>The PBR Default RIB is used if several criteria beyond destination
                  address is not matched.</t>
                </list></t>
            </list>
			</t>
        </section>
	<section title="Discussion of I2RS related issues">
		<t>This section record the issues with the initials of the person who
		recorded it.
		<list style="hanging">
		<t hangText="Forwarding per interface (JMH)"><vspace blankLines="1" /> - The authors
		believe the forwarding per interface is covered by the attachment of a PBR 
		to interface-list.</t>
		<t hangText="Centralized or Distributed Policy Strategy (JMH)"><vspace blankLines="1" /> The authors
        believe this structure can be used by either centralized or distributed forwarding 
        for configuration or the I2RS ephemeral datastpre. </t> 
		<t hangText="policy database-enforcement points architecture (JMH)"><vspace blankLines="1" /> The authors
		believe this yang modules describes the PBR which provides a specific enforcement of
		forwarding policy.  The wider constraints of how policy groups are stored, 
		administered or distributed should be engaged at a higher layer. 
		The authors note the Policy-Group project in OpenDaylight has an architecture
		for policy enforcement that renders the results to a particular instantiation in
		nodes. One such instantiation could be the I2RS policy. </t> 
		<t hangText="policy rule conflicts (JMH)"><vspace blankLines="1" /> Detection of
		policy rule conflicts are done by the policy module receiving the
		configuration or ephemeral I2RS stream. The policy can be reject or
		installed and rejected from active use due to conflicts at either the policy
		group level or the policy rule level. At the policy group level
		the group-policy-status-info contains a status of installed, active, or installed-inactive. 
		If the status is inactive the group-policy-inactive-reason can indicate policy-conflicts.  
		The policy-rule has a similar status (policy-rule-status-info with policy-rule-status
		and policy-rule-inactive-reason).</t>
		</list> 
		</t> 
		 </section>

    <section anchor="IANA" title="IANA Considerations">
      <t>This draft includes no request to IANA.</t>
    </section>

    <section title="Security Considerations">
      <t>TBD.</t>
    </section>
  </middle>
  <back>
    <references title="Informative References">
      &RFC2119;
	  &RFC0768;
	  &RFC0791;
	  &RFC0792;
	  &RFC0793;
	  &RFC2460;
	  &RFC3060;
	  &RFC3460;
	  &RFC3644;
	  &RFC4960;
      &I-D.ietf-i2rs-architecture;
      &I-D.ietf-i2rs-rib-info-model;
	  &I-D.hares-i2rs-bnp-info-model;
	  &I-D.hares-i2rs-usecase-reqs-summary;
	  &I-D.bogdanovic-netmod-acl-model; 
	  &I-D.zhdankin-netmod-bgp-cfg; 
    </references>
  </back>
</rfc>