idnits 2.17.1 draft-ietf-forces-model-10.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** It looks like you're using RFC 3978 boilerplate. You should update this to the boilerplate described in the IETF Trust License Policy document (see https://trustee.ietf.org/license-info), which is required now. -- Found old boilerplate from RFC 3978, Section 5.1 on line 18. -- Found old boilerplate from RFC 3978, Section 5.5, updated by RFC 4748 on line 5761. -- Found old boilerplate from RFC 3979, Section 5, paragraph 1 on line 5772. -- Found old boilerplate from RFC 3979, Section 5, paragraph 2 on line 5779. -- Found old boilerplate from RFC 3979, Section 5, paragraph 3 on line 5785. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- == No 'Intended status' indicated for this document; assuming Proposed Standard Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The abstract seems to contain references ([2], [3]), which it shouldn't. Please replace those with straight textual mentions of the documents in question. == There are 1 instance of lines with non-RFC6890-compliant IPv4 addresses in the document. If these are example addresses, they should be changed. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust Copyright Line does not match the current year == The document seems to lack the recommended RFC 2119 boilerplate, even if it appears to use RFC 2119 keywords. (The document does seem to have the reference to RFC 2119 which the ID-Checklist requires). -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (January 29, 2008) is 5924 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) -- Looks like a reference, but probably isn't: 'N' on line 3731 -- Looks like a reference, but probably isn't: '1-9' on line 3916 -- Looks like a reference, but probably isn't: '0-9' on line 3916 -- No information found for draft-ietf - is the name correct? -- Possible downref: Normative reference to a draft: ref. '2' Summary: 2 errors (**), 0 flaws (~~), 4 warnings (==), 12 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Working Group: ForCES J. Halpern 3 Internet-Draft Self 4 Expires: August 1, 2008 E. Deleganes 5 Intel Corp. 6 J. Hadi Salim 7 Znyx Networks 8 January 29, 2008 10 ForCES Forwarding Element Model 11 draft-ietf-forces-model-10.txt 13 Status of this Memo 15 By submitting this Internet-Draft, each author represents that any 16 applicable patent or other IPR claims of which he or she is aware 17 have been or will be disclosed, and any of which he or she becomes 18 aware will be disclosed, in accordance with Section 6 of BCP 79. 20 Internet-Drafts are working documents of the Internet Engineering 21 Task Force (IETF), its areas, and its working groups. Note that 22 other groups may also distribute working documents as Internet- 23 Drafts. 25 Internet-Drafts are draft documents valid for a maximum of six months 26 and may be updated, replaced, or obsoleted by other documents at any 27 time. It is inappropriate to use Internet-Drafts as reference 28 material or to cite them other than as "work in progress." 30 The list of current Internet-Drafts can be accessed at 31 http://www.ietf.org/ietf/1id-abstracts.txt. 33 The list of Internet-Draft Shadow Directories can be accessed at 34 http://www.ietf.org/shadow.html. 36 This Internet-Draft will expire on August 1, 2008. 38 Copyright Notice 40 Copyright (C) The IETF Trust (2008). 42 Comments are solicited and should be addressed to the working group's 43 mailing list at forces@peach.ease.lsoft.com and/or the author(s). 45 Abstract 47 This document defines the forwarding element (FE) model used in the 48 Forwarding and Control Element Separation (ForCES) protocol [2]. The 49 model represents the capabilities, state and configuration of 50 forwarding elements within the context of the ForCES protocol, so 51 that control elements (CEs) can control the FEs accordingly. More 52 specifically, the model describes the logical functions that are 53 present in an FE, what capabilities these functions support, and how 54 these functions are or can be interconnected. This FE model is 55 intended to satisfy the model requirements specified in the ForCES 56 requirements document, RFC3654 [3]. 58 Table of Contents 60 1. Definitions . . . . . . . . . . . . . . . . . . . . . . . . . 5 61 2. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 7 62 2.1. Requirements on the FE model . . . . . . . . . . . . . . 7 63 2.2. The FE Model in Relation to FE Implementations . . . . . 8 64 2.3. The FE Model in Relation to the ForCES Protocol . . . . . 8 65 2.4. Modeling Language for the FE Model . . . . . . . . . . . 9 66 2.5. Document Structure . . . . . . . . . . . . . . . . . . . 9 67 3. ForCES Model Concepts . . . . . . . . . . . . . . . . . . . . 10 68 3.1. ForCES Capability Model and State Model . . . . . . . . . 11 69 3.1.1. FE Capability Model and State Model . . . . . . . . . 12 70 3.1.2. Relating LFB and FE Capability and State Model . . . 13 71 3.2. Logical Functional Block (LFB) Modeling . . . . . . . . . 14 72 3.2.1. LFB Outputs . . . . . . . . . . . . . . . . . . . . . 17 73 3.2.2. LFB Inputs . . . . . . . . . . . . . . . . . . . . . 20 74 3.2.3. Packet Type . . . . . . . . . . . . . . . . . . . . . 23 75 3.2.4. Metadata . . . . . . . . . . . . . . . . . . . . . . 24 76 3.2.5. LFB Events . . . . . . . . . . . . . . . . . . . . . 26 77 3.2.6. Component Properties . . . . . . . . . . . . . . . . 27 78 3.2.7. LFB Versioning . . . . . . . . . . . . . . . . . . . 28 79 3.2.8. LFB Inheritance . . . . . . . . . . . . . . . . . . . 28 80 3.3. ForCES Model Addressing . . . . . . . . . . . . . . . . . 29 81 3.3.1. Addressing LFB Components: Paths and Keys . . . . . . 31 82 3.4. FE Datapath Modeling . . . . . . . . . . . . . . . . . . 32 83 3.4.1. Alternative Approaches for Modeling FE Datapaths . . 32 84 3.4.2. Configuring the LFB Topology . . . . . . . . . . . . 36 85 4. Model and Schema for LFB Classes . . . . . . . . . . . . . . 40 86 4.1. Namespace . . . . . . . . . . . . . . . . . . . . . . . . 41 87 4.2. Element . . . . . . . . . . . . . . . . . . 41 88 4.3. Element . . . . . . . . . . . . . . . . . . . . . 42 89 4.4. Element for Frame Type Declarations . . . . . 43 90 4.5. Element for Data Type Definitions . . . . 44 91 4.5.1. Element for Aliasing Existing Data Types . 46 92 4.5.2. Element for Deriving New Atomic Types . . . 47 93 4.5.3. Element to Define Arrays . . . . . . . . . . 47 94 4.5.4. Element to Define Structures . . . . . . . . 52 95 4.5.5. Element to Define Union Types . . . . . . . . 53 96 4.5.6. Element . . . . . . . . . . . . . . . . . . . 53 97 4.5.7. Augmentations . . . . . . . . . . . . . . . . . . . . 54 98 4.6. Element for Metadata Definitions . . . . . 55 99 4.7. Element for LFB Class Definitions . . . . 56 100 4.7.1. Element to Express LFB Inheritance . . 58 101 4.7.2. Element to Define LFB Inputs . . . . . . 59 102 4.7.3. Element to Define LFB Outputs . . . . . 61 103 4.7.4. Element to Define LFB Operational 104 Components . . . . . . . . . . . . . . . . . . . . . 64 105 4.7.5. Element to Define LFB Capability 106 Components . . . . . . . . . . . . . . . . . . . . . 66 107 4.7.6. Element for LFB Notification Generation . . 68 108 4.7.7. Element for LFB Operational 109 Specification . . . . . . . . . . . . . . . . . . . . 75 110 4.8. Properties . . . . . . . . . . . . . . . . . . . . . . . 75 111 4.8.1. Basic Properties . . . . . . . . . . . . . . . . . . 75 112 4.8.2. Array Properties . . . . . . . . . . . . . . . . . . 77 113 4.8.3. String Properties . . . . . . . . . . . . . . . . . . 77 114 4.8.4. Octetstring Properties . . . . . . . . . . . . . . . 78 115 4.8.5. Event Properties . . . . . . . . . . . . . . . . . . 79 116 4.8.6. Alias Properties . . . . . . . . . . . . . . . . . . 82 117 4.9. XML Schema for LFB Class Library Documents . . . . . . . 83 118 5. FE Components and Capabilities . . . . . . . . . . . . . . . 94 119 5.1. XML for FEObject Class definition . . . . . . . . . . . . 95 120 5.2. FE Capabilities . . . . . . . . . . . . . . . . . . . . . 101 121 5.2.1. ModifiableLFBTopology . . . . . . . . . . . . . . . . 101 122 5.2.2. SupportedLFBs and SupportedLFBType . . . . . . . . . 102 123 5.3. FE Components . . . . . . . . . . . . . . . . . . . . . . 104 124 5.3.1. FEState . . . . . . . . . . . . . . . . . . . . . . . 104 125 5.3.2. LFBSelectors and LFBSelectorType . . . . . . . . . . 105 126 5.3.3. LFBTopology and LFBLinkType . . . . . . . . . . . . . 105 127 5.3.4. FENeighbors and FEConfiguredNeighborType . . . . . . 105 128 6. Satisfying the Requirements on FE Model . . . . . . . . . . . 106 129 7. Using the FE model in the ForCES Protocol . . . . . . . . . . 107 130 7.1. FE Topology Query . . . . . . . . . . . . . . . . . . . . 109 131 7.2. FE Capability Declarations . . . . . . . . . . . . . . . 110 132 7.3. LFB Topology and Topology Configurability Query . . . . . 111 133 7.4. LFB Capability Declarations . . . . . . . . . . . . . . . 111 134 7.5. State Query of LFB Attributes . . . . . . . . . . . . . . 112 135 7.6. LFB Component Manipulation . . . . . . . . . . . . . . . 113 136 7.7. LFB Topology Re-configuration . . . . . . . . . . . . . . 113 137 8. Example LFB Definition . . . . . . . . . . . . . . . . . . . 113 138 8.1. Data Handling . . . . . . . . . . . . . . . . . . . . . . 120 139 8.1.1. Setting up a DLCI . . . . . . . . . . . . . . . . . . 121 140 8.1.2. Error Handling . . . . . . . . . . . . . . . . . . . 122 141 8.2. LFB Components . . . . . . . . . . . . . . . . . . . . . 122 142 8.3. Capabilities . . . . . . . . . . . . . . . . . . . . . . 123 143 8.4. Events . . . . . . . . . . . . . . . . . . . . . . . . . 123 145 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 124 146 10. Authors Emeritus . . . . . . . . . . . . . . . . . . . . . . 125 147 11. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 125 148 12. Security Considerations . . . . . . . . . . . . . . . . . . . 126 149 13. References . . . . . . . . . . . . . . . . . . . . . . . . . 126 150 13.1. Normative References . . . . . . . . . . . . . . . . . . 126 151 13.2. Informative References . . . . . . . . . . . . . . . . . 126 152 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 127 153 Intellectual Property and Copyright Statements . . . . . . . . . 128 155 1. Definitions 157 The use of compliance terminology (MUST, SHOULD, MAY) is used in 158 accordance with RFC2119 [1]. Such terminology is used in describing 159 the required behavior of ForCES forwarding elements or control 160 elements in supporting or manipulating information described in this 161 model. 163 Terminology associated with the ForCES requirements is defined in 164 RFC3654 [3] and is not copied here. The following list of 165 terminology relevant to the FE model is defined in this section. 167 FE Model -- The FE model is designed to model the logical processing 168 functions of an FE. The FE model proposed in this document includes 169 three components: the modeling of individual logical functional 170 blocks (LFB model), the logical interconnection between LFBs (LFB 171 topology) and the FE level attributes, including FE capabilities. 172 The FE model provides the basis to define the information elements 173 exchanged between the CE and the FE in the ForCES Protocol [2]. 175 Datapath -- A conceptual path taken by packets within the forwarding 176 plane inside an FE. Note that more than one datapath can exist 177 within an FE. 179 LFB (Logical Functional Block) Class (or type) -- A template that 180 representing a fine-grained, logically separable aspect of FE 181 processing. Most LFBs relate to packet processing in the data path. 182 LFB classes are the basic building blocks of the FE model. 184 LFB Instance -- As a packet flows through an FE along a datapath, it 185 flows through one or multiple LFB instances, where each LFB is an 186 instance of a specific LFB class. Multiple instances of the same LFB 187 class can be present in an FE's datapath. Note that we often refer 188 to LFBs without distinguishing between an LFB class and LFB instance 189 when we believe the implied reference is obvious for the given 190 context. 192 LFB Model -- The LFB model describes the content and structures in an 193 LFB, plus the associated data definition. XML is used to provide a 194 formal definition of the necessary structures for the modeling. Four 195 types of information are defined in the LFB model. The core part of 196 the LFB model is the LFB class definitions; the other three types of 197 information define constructs associated with and used by the class 198 definition. These are reusable data types, supported frame formats, 199 and metadata. 201 Element -- Element is generally used in this document in accordance 202 with the XML usage of the term. It refers to an XML tagged part of 203 an XML document. For a precise definition, please see the full set 204 of XML specifications from the W3C. This term is included in this 205 list for completeness because ForCES formal model uses XML. 207 Attribute -- Attribute is used in the ForCES formal modelling in 208 accordance with standard XML usage of the term. i.e to provide 209 attribute information include in an XML tag. 211 LFB Metadata -- Metadata is used to communicate per-packet state from 212 one LFB to another, but is not sent across the network. The FE model 213 defines how such metadata is identified, produced and consumed by the 214 LFBs, but not how the per-packet state is implemented within actual 215 hardware. Metadata is sent between the FE and the CE on redirect 216 packets. 218 ForCES Component -- a ForCES Component is a well defined, uniquely 219 identifiable and addressable ForCES model building block. A 220 component has a 32-bit ID, name, type and an optional synopsis 221 description. These are often referred to simply as components. 223 LFB Component -- A ForCES component that defines the Operational 224 parameters of the LFBs that must be visible to the CEs. 226 Structure Component -- A ForCES component that is part of a complex 227 data structure to be used in LFB data definitions. The individual 228 parts which make up a structured set of data are referred to as 229 Structure Components. These can themselves be of any valid data 230 type, including tables and structures. 232 LFB Topology -- A representation of the logical interconnection and 233 the placement of LFB instances along the datapath within one FE. 234 Sometimes this representation is called intra-FE topology, to be 235 distinguished from inter-FE topology. LFB topology is outside of the 236 LFB model, but is part of the FE model. 238 FE Topology -- A representation of how multiple FEs within a single 239 NE are interconnected. Sometimes this is called inter-FE topology, 240 to be distinguished from intra-FE topology (i.e., LFB topology). An 241 individual FE might not have the global knowledge of the full FE 242 topology, but the local view of its connectivity with other FEs is 243 considered to be part of the FE model. The FE topology is discovered 244 by the ForCES base protocol or by some other means. 246 Inter-FE Topology -- See FE Topology. 248 Intra-FE Topology -- See LFB Topology. 250 LFB class library -- A set of LFB classes that has been identified as 251 the most common functions found in most FEs and hence should be 252 defined first by the ForCES Working Group. 254 2. Introduction 256 RFC3746 [4] specifies a framework by which control elements (CEs) can 257 configure and manage one or more separate forwarding elements (FEs) 258 within a networking element (NE) using the ForCES protocol. The 259 ForCES architecture allows Forwarding Elements of varying 260 functionality to participate in a ForCES network element. The 261 implication of this varying functionality is that CEs can make only 262 minimal assumptions about the functionality provided by FEs in an NE. 263 Before CEs can configure and control the forwarding behavior of FEs, 264 CEs need to query and discover the capabilities and states of their 265 FEs. RFC3654 [3] mandates that the capabilities, states and 266 configuration information be expressed in the form of an FE model. 268 RFC3444 [7] observed that information models (IMs) and data models 269 (DMs) are different because they serve different purposes. "The main 270 purpose of an IM is to model managed objects at a conceptual level, 271 independent of any specific implementations or protocols used". 272 "DMs, conversely, are defined at a lower level of abstraction and 273 include many details. They are intended for implementors and include 274 protocol-specific constructs." Sometimes it is difficult to draw a 275 clear line between the two. The FE model described in this document 276 is primarily an information model, but also includes some aspects of 277 a data model, such as explicit definitions of the LFB class schema 278 and FE schema. It is expected that this FE model will be used as the 279 basis to define the payload for information exchange between the CE 280 and FE in the ForCES protocol. 282 2.1. Requirements on the FE model 284 RFC3654 [3]defines requirements that must be satisfied by a ForCES FE 285 model. To summarize, an FE model must define: 287 o Logically separable and distinct packet forwarding operations in 288 an FE datapath (logical functional blocks or LFBs); 290 o The possible topological relationships (and hence the sequence of 291 packet forwarding operations) between the various LFBs; 293 o The possible operational capabilities (e.g., capacity limits, 294 constraints, optional features, granularity of configuration) of 295 each type of LFB; 297 o The possible configurable parameters (i.e., attributes) of each 298 type of LFB; 300 o Metadata that may be exchanged between LFBs. 302 2.2. The FE Model in Relation to FE Implementations 304 The FE model proposed here is based on an abstraction using distinct 305 logical functional blocks (LFBs), which are interconnected in a 306 directed graph, and receive, process, modify, and transmit packets 307 along with metadata. The FE model is designed, and any defined LFB 308 classes should be designed, such that different implementations of 309 the forwarding datapath can be logically mapped onto the model with 310 the functionality and sequence of operations correctly captured. 311 However, the model is not intended to directly address how a 312 particular implementation maps to an LFB topology. It is left to the 313 forwarding plane vendors to define how the FE functionality is 314 represented using the FE model. Our goal is to design the FE model 315 such that it is flexible enough to accommodate most common 316 implementations. 318 The LFB topology model for a particular datapath implementation must 319 correctly capture the sequence of operations on the packet. Metadata 320 generation by certain LFBs MUST always precede any use of that 321 metadata by subsequent LFBs in the topology graph; this is required 322 for logically consistent operation. Further, modification of packet 323 fields that are subsequently used as inputs for further processing 324 MUST occur in the order specified in the model for that particular 325 implementation to ensure correctness. 327 2.3. The FE Model in Relation to the ForCES Protocol 329 The ForCES base Protocol [2] is used by the CEs and FEs to maintain 330 the communication channel between the CEs and FEs. The ForCES 331 protocol may be used to query and discover the inter-FE topology. 332 The details of a particular datapath implementation inside an FE, 333 including the LFB topology, along with the operational capabilities 334 and attributes of each individual LFB, are conveyed to the CE within 335 information elements in the ForCES protocol. The model of an LFB 336 class should define all of the information that needs to be exchanged 337 between an FE and a CE for the proper configuration and management of 338 that LFB. 340 Specifying the various payloads of the ForCES messages in a 341 systematic fashion is difficult without a formal definition of the 342 objects being configured and managed (the FE and the LFBs within). 343 The FE Model document defines a set of classes and components for 344 describing and manipulating the state of the LFBs within an FE. 346 These class definitions themselves will generally not appear in the 347 ForCES protocol. Rather, ForCES protocol operations will reference 348 classes defined in this model, including relevant components and the 349 defined operations. 351 Section 7 provides more detailed discussion on how the FE model 352 should be used by the ForCES protocol. 354 2.4. Modeling Language for the FE Model 356 Even though not absolutely required, it is beneficial to use a formal 357 data modeling language to represent the conceptual FE model described 358 in this document. Use of a formal language can help to enforce 359 consistency and logical compatibility among LFBs. A full 360 specification will be written using such a data modeling language. 361 The formal definition of the LFB classes may facilitate the eventual 362 automation of some of the code generation process and the functional 363 validation of arbitrary LFB topologies. These class definitions form 364 the LFB Library. Documents which describe LFB Classes are therefore 365 referred to as LFB Library documents. 367 Human readability was the most important factor considered when 368 selecting the specification language, whereas encoding, decoding and 369 transmission performance was not a selection factor. The encoding 370 method for over the wire transport is not dependent on the 371 specification language chosen and is outside the scope of this 372 document and up to the ForCES protocol to define. 374 XML is chosen as the specification language in this document, because 375 XML has the advantage of being both human and machine readable with 376 widely available tools support. This document uses XML Schema to 377 define the structure of the LFB Library documents, as defined in [8] 378 and [9] and [10]. While these LFB Class definitions are not sent in 379 the ForCES protocol, these definitions comply with the 380 recommendations in RFC3470 [8] on the use of XML in IETF protocols. 382 2.5. Document Structure 384 Section 3 provides a conceptual overview of the FE model, laying the 385 foundation for the more detailed discussion and specifications in the 386 sections that follow. Section 4 and Section 5 constitute the core of 387 the FE model, detailing the two major aspects of the FE model: a 388 general LFB model and a definition of the FE Object LFB, with its 389 components, including FE capabilities and LFB topology information. 390 Section 6 directly addresses the model requirements imposed by the 391 ForCES requirements defined in RFC3654 [3] while Section 7 explains 392 how the FE model should be used in the ForCES protocol. 394 3. ForCES Model Concepts 396 Some of the important ForCES concepts used throughout this document 397 are introduced in this section. These include the capability and 398 state abstraction, the FE and LFB model construction, and the unique 399 addressing of the different model structures. Details of these 400 aspects are described in Section 4 and Section 5. The intent of this 401 section is to discuss these concepts at the high level and lay the 402 foundation for the detailed description in the following sections. 404 The ForCES FE model includes both a capability and a state 405 abstraction. 407 o The FE/LFB capability model describes the capabilities and 408 capacities of an FE/LFB by specifying the variation in functions 409 supported and any limitations. Capacity describes the limits of 410 specific components (example would be a table size limit). 412 o The state model describes the current state of the FE/LFB, that 413 is, the instantaneous values or operational behavior of the FE/ 414 LFB. 416 Section 3.1 explains the difference between a capability model and a 417 state model, and describes how the two can be combined in the FE 418 model. 420 The ForCES model construction laid out in this document allows an FE 421 to provide information about its structure for operation. This can 422 be thought of as FE level information and information about the 423 individual instances of LFBs provided by the FE. 425 o The ForCES model includes the constructions for defining the class 426 of logical function blocks (LFBS) that an FE may support. These 427 classes are defined in this and other documents. The definition 428 of such a class provides the information content for monitoring 429 and controlling instances of the LFB class for ForCES purposes. 430 Each LFB model class formally defines the operational LFB 431 components, LFB capabilities, and LFB events. Essentially, 432 Section 3.2 introduces the concept of LFBs as the basic functional 433 building blocks in the ForCES model. 435 o The FE model also provides the construction necessary to monitor 436 and control the FE as a whole for ForCES purposes. For 437 consistency of operation and simplicity, this information is 438 represented as an LFB, the FE Object LFB class and a singular LFB 439 instance of that class, defined using the LFB model. The FE 440 Object class defines the components to provide information at the 441 FE level, particularly the capabilities of the FE at a coarse 442 level, i.e. not all possible capabilities nor all details about 443 the capabilities of the FE. Part of the FE level information is 444 the LFB topology, which expresses the logical inter-connection 445 between the LFB instances along the datapath(s) within the FE. 446 Section 3.3 discusses the LFB topology. The FE Object also 447 includes information about what LFB classes the FE can support. 449 The ForCES model allows for unique identification of the different 450 constructs it defines. This includes identification of the LFB 451 classes, and of LFB instances within those classes, as well as 452 identification of components within those instances. 454 The ForCES Protocol [2] encapsulates target address(es) to eventually 455 get to a fine-grained entity being referenced by the CE. The 456 addressing hierarchy is broken into the following: 458 o An FE is uniqueuely identified by a 32 bit FEID. 460 o Each Class of LFB is uniquely identified by a 32 bit LFB ClassID. 461 The LFB ClassIDs are global within the Network Element and may be 462 issued by IANA. 464 o Within an FE, there can be multiple instances of each LFB class. 465 Each LFB Class instance is identified by a 32 bit identities which 466 are unique within a particular LFB class on that FE. 468 o All the components within an LFB instance are further defined 469 using 32 bit identifiers. 471 Refer to Section 3.3 for more details where we go into details on 472 addressing. 474 3.1. ForCES Capability Model and State Model 476 Capability and state modelling applies to both the FE and LFB 477 abstraction. 479 Figure 1 shows the concepts of FE state, capabilities and 480 configuration in the context of CE-FE communication via the ForCES 481 protocol. 483 +-------+ +-------+ 484 | | FE capabilities: what it can/cannot do. | | 485 | |<-----------------------------------------| | 486 | | | | 487 | CE | FE state: what it is now. | FE | 488 | |<-----------------------------------------| | 489 | | | | 490 | | FE configuration: what it should be. | | 491 | |----------------------------------------->| | 492 +-------+ +-------+ 494 Figure 1: Illustration of FE capabilities, state and configuration 495 exchange in the context of CE-FE communication via ForCES. 497 3.1.1. FE Capability Model and State Model 499 Conceptually, the FE capability model tells the CE which states are 500 allowed on an FE, with capacity information indicating certain 501 quantitative limits or constraints. Thus, the CE has general 502 knowledge about configurations that are applicable to a particular 503 FE. 505 3.1.1.1. FE Capability Model 507 The FE capability model may be used to describe an FE at a coarse 508 level. For example, an FE may be defined as follows: 510 o the FE can handle IPv4 and IPv6 forwarding; 512 o the FE can perform classification based on the following fields: 513 source IP address, destination IP address, source port number, 514 destination port number, etc; 516 o the FE can perform metering; 518 o the FE can handle up to N queues (capacity); 520 o the FE can add and remove encapsulating headers of types including 521 IPsec, GRE, L2TP. 523 While one could try to build an object model to fully represent the 524 FE capabilities, other efforts found this approach to be a 525 significant undertaking. The main difficulty arises in describing 526 detailed limits, such as the maximum number of classifiers, queues, 527 buffer pools, and meters that the FE can provide. We believe that a 528 good balance between simplicity and flexibility can be achieved for 529 the FE model by combining coarse level capability reporting with an 530 error reporting mechanism. That is, if the CE attempts to instruct 531 the FE to set up some specific behavior it cannot support, the FE 532 will return an error indicating the problem. Examples of similar 533 approaches include DiffServ PIB RFC3317 [5] and Framework PIB RFC3318 534 [6]. 536 3.1.1.2. FE State Model 538 The FE state model presents the snapshot view of the FE to the CE. 539 For example, using an FE state model, an FE may be described to its 540 corresponding CE as the following: 542 o on a given port, the packets are classified using a given 543 classification filter; 545 o the given classifier results in packets being metered in a certain 546 way and then marked in a certain way; 548 o the packets coming from specific markers are delivered into a 549 shared queue for handling, while other packets are delivered to a 550 different queue; 552 o a specific scheduler with specific behavior and parameters will 553 service these collected queues. 555 3.1.1.3. LFB Capability and State Model 557 Both LFB Capability and State information is defined formally using 558 LFB modelling XML schema. 560 Capability information at the LFB level is an integral part of the 561 LFB model and provides for powerful semantics. For example, when 562 certain features of an LFB class are optional, the CE MUST be able to 563 determine whether those optional features are supported by a given 564 LFB instance. The schema for the definition of LFB classes provides 565 a means for identifying such components. 567 State information is defined formally using LFB components 568 constructs. 570 3.1.2. Relating LFB and FE Capability and State Model 572 Capability information at the FE level describes the LFB classes that 573 the FE can instantiate, the number of instances of each that can be 574 created, the topological (linkage) limitations between these LFB 575 instances, etc. Section 5 defines the FE level components including 576 capability information. Since all information is represented as 577 LFBs, this is provided by a single instance of the FE Object LFB 578 Class. By using a single instance with a known LFB Class and a known 579 instance identification, the ForCES protocol can allow a CE to access 580 this information whenever it needs to, including while the CE is 581 establishing the control of the FE. 583 Once the FE capability is described to the CE, the FE state 584 information can be represented by two levels. The first level is the 585 logically separable and distinct packet processing functions, called 586 LFBs. The second level of information describes how these individual 587 LFBs are ordered and placed along the datapath to deliver a complete 588 forwarding plane service. The interconnection and ordering of the 589 LFBs is called LFB Topology. Section 3.2 discusses high level 590 concepts around LFBs, whereas Section 3.3 discusses LFB topology 591 issues. This topology information is represented as components of 592 the FE Object LFB instance, to allow the CE to fetch and manipulate 593 this. 595 3.2. Logical Functional Block (LFB) Modeling 597 Each LFB performs a well-defined action or computation on the packets 598 passing through it. Upon completion of its prescribed function, 599 either the packets are modified in certain ways (e.g., decapsulator, 600 marker), or some results are generated and stored, often in the form 601 of metadata (e.g., classifier). Each LFB typically performs a single 602 action. Classifiers, shapers and meters are all examples of such 603 LFBs. Modeling LFBs at such a fine granularity allows us to use a 604 small number of LFBs to express the higher-order FE functions (such 605 as an IPv4 forwarder) precisely, which in turn can describe more 606 complex networking functions and vendor implementations of software 607 and hardware. These LFBs will be defined in detail in one or more 608 documents. 610 It is also the case that LFBs may exist in order to provide a set of 611 components for control of FE operation by the CE (i.e. a locus of 612 control), without tying that control to specific packets or specific 613 parts of the data path. An example of such an LFB is the FE Object 614 which provides the CE with information about the FE as a whole, and 615 allows the FE to control some aspects of the FE, such as the datapath 616 itself. Such FEs will not have the packet oriented properties 617 described in this section. 619 An LFB can have one or more inputs. Each input takes a pair of a 620 packet and its associated metadata. Depending upon the LFB input 621 port definition, the packet or the metadata may be allowed to be 622 empty (or equivalently to not be provided.) At least one of the two 623 must be non-empty, or there is no input. The LFB processes the 624 input, and produces one or more outputs, each of which is a pair of a 625 packet and its associated metadata. Again, depending upon the LFB 626 output port definition, either the packet or the metadata may be 627 allowed to be empty (or equivalently to be absent.) Metadata is 628 control information, typically associated with a packet, used in the 629 network processing device (router, switch, etc.) and is passed from 630 one LFB to the next, but is not sent across the network. In general, 631 multiple LFBs are contained in one FE, as shown in Figure 2, and all 632 the LFBs share the same ForCES protocol termination point that 633 implements the ForCES protocol logic and maintains the communication 634 channel to and from the CE. 636 +-----------+ 637 | CE | 638 +-----------+ 639 ^ 640 | Fp reference point 641 | 642 +--------------------------|-----------------------------------+ 643 | FE | | 644 | v | 645 | +----------------------------------------------------------+ | 646 | | ForCES protocol | | 647 | | termination point | | 648 | +----------------------------------------------------------+ | 649 | ^ ^ | 650 | : : Internal control | 651 | : : | 652 | +---:----------+ +---:----------| | 653 | | :LFB1 | | : LFB2 | | 654 | =====>| v |============>| v |======>...| 655 | Inputs| +----------+ |Outputs | +----------+ | | 656 | (P,M) | |Components| |(P',M') | |Components| |(P",M") | 657 | | +----------+ | | +----------+ | | 658 | +--------------+ +--------------+ | 659 | | 660 +--------------------------------------------------------------+ 662 Figure 2: Generic LFB Diagram 664 An LFB, as shown in Figure 2, may have inputs, outputs and components 665 that can be queried and manipulated by the CE via an Fp reference 666 point (defined in RFC3746 [4]) and the ForCES protocol termination 667 point. The horizontal axis is in the forwarding plane for connecting 668 the inputs and outputs of LFBs within the same FE. The vertical axis 669 between the CE and the FE denotes the Fp reference point where 670 bidirectional communication between the CE and FE occurs: the CE to 671 FE communication is for configuration, control, and packet injection, 672 while FE to CE communication is used for packet redirection to the 673 control plane, reporting of monitoring and accounting information, 674 reporting of errors, etc. Note that the interaction between the CE 675 and the LFB is only abstract and indirect. The result of such an 676 interaction is for the CE to manipulate the components of the LFB 677 instances. 679 A namespace is used to associate a unique name or ID with each LFB 680 class. The namespace MUST be extensible so that a new LFB class can 681 be added later to accommodate future innovation in the forwarding 682 plane. 684 LFB operation is specified in the model to allow the CE to understand 685 the behavior of the forwarding datapath. For instance, the CE must 686 understand at what point in the datapath the IPv4 header TTL is 687 decremented. That is, the CE needs to know if a control packet could 688 be delivered to it either before or after this point in the datapath. 689 In addition, the CE MUST understand where and what type of header 690 modifications (e.g., tunnel header append or strip) are performed by 691 the FEs. Further, the CE MUST verify that the various LFBs along a 692 datapath within an FE are compatible to link together. 694 There is value to vendors if the operation of LFB classes can be 695 expressed in sufficient detail so that physical devices implementing 696 different LFB functions can be integrated easily into an FE design. 697 Therefore, a semi-formal specification is needed; that is, a text 698 description of the LFB operation (human readable), but sufficiently 699 specific and unambiguous to allow conformance testing and efficient 700 design, so that interoperability between different CEs and FEs can be 701 achieved. 703 The LFB class model specifies information such as: 705 o number of inputs and outputs (and whether they are configurable) 707 o metadata read/consumed from inputs; 709 o metadata produced at the outputs; 711 o packet type(s) accepted at the inputs and emitted at the outputs; 713 o packet content modifications (including encapsulation or 714 decapsulation); 716 o packet routing criteria (when multiple outputs on an LFB are 717 present); 719 o packet timing modifications; 720 o packet flow ordering modifications; 722 o LFB capability information components; 724 o events that can be detected by the LFB, with notification to the 725 CE; 727 o LFB operational components, etc. 729 Section 4 of this document provides a detailed discussion of the LFB 730 model with a formal specification of LFB class schema. The rest of 731 Section 3.2 only intends to provide a conceptual overview of some 732 important issues in LFB modeling, without covering all the specific 733 details. 735 3.2.1. LFB Outputs 737 An LFB output is a conceptual port on an LFB that can send 738 information to another LFB. The information is typically a packet 739 and its associated metadata, although in some cases it might consist 740 of only metadata. 742 A single LFB output can be connected to only one LFB input. This is 743 required to make the packet flow through the LFB topology 744 unambiguously. 746 Some LFBs will have a single output, as depicted in Figure 3.a. 748 +---------------+ +-----------------+ 749 | | | | 750 | | | OUT +--> 751 ... OUT +--> ... | 752 | | | EXCEPTIONOUT +--> 753 | | | | 754 +---------------+ +-----------------+ 756 a. One output b. Two distinct outputs 758 +---------------+ +-----------------+ 759 | | | EXCEPTIONOUT +--> 760 | OUT:1 +--> | | 761 ... OUT:2 +--> ... OUT:1 +--> 762 | ... +... | OUT:2 +--> 763 | OUT:n +--> | ... +... 764 +---------------+ | OUT:n +--> 765 +-----------------+ 767 c. One output group d. One output and one output group 769 Figure 3: Examples of LFBs with various output combinations. 771 To accommodate a non-trivial LFB topology, multiple LFB outputs are 772 needed so that an LFB class can fork the datapath. Two mechanisms 773 are provided for forking: multiple singleton outputs and output 774 groups, which can be combined in the same LFB class. 776 Multiple separate singleton outputs are defined in an LFB class to 777 model a pre-determined number of semantically different outputs. 778 That is, the LFB class definition MUST include the number of outputs, 779 implying the number of outputs is known when the LFB class is 780 defined. Additional singleton outputs cannot be created at LFB 781 instantiation time, nor can they be created on the fly after the LFB 782 is instantiated. 784 For example, an IPv4 LPM (Longest-Prefix-Matching) LFB may have one 785 output (OUT) to send those packets for which the LPM look-up was 786 successful, passing a META_ROUTEID as metadata; and have another 787 output (EXCEPTIONOUT) for sending exception packets when the LPM 788 look-up failed. This example is depicted in Figure 3.b. Packets 789 emitted by these two outputs not only require different downstream 790 treatment, but they are a result of two different conditions in the 791 LFB and each output carries different metadata. This concept assumes 792 the number of distinct outputs is known when the LFB class is 793 defined. For each singleton output, the LFB class definition defines 794 the types of frames and metadata the output emits. 796 An output group, on the other hand, is used to model the case where a 797 flow of similar packets with an identical set of metadata needs to be 798 split into multiple paths. In this case, the number of such paths is 799 not known when the LFB class is defined because it is not an inherent 800 property of the LFB class. An output group consists of a number of 801 outputs, called the output instances of the group, where all output 802 instances share the same frame and metadata emission definitions (see 803 Figure 3.c). Each output instance can connect to a different 804 downstream LFB, just as if they were separate singleton outputs, but 805 the number of output instances can differ between LFB instances of 806 the same LFB class. The class definition may include a lower and/or 807 an upper limit on the number of outputs. In addition, for 808 configurable FEs, the FE capability information may define further 809 limits on the number of instances in specific output groups for 810 certain LFBs. The actual number of output instances in a group is an 811 attribute of the LFB instance, which is read-only for static 812 topologies, and read-write for dynamic topologies. The output 813 instances in a group are numbered sequentially, from 0 to N-1, and 814 are addressable from within the LFB. The LFB has a built-in 815 mechanism to select one specific output instance for each packet. 816 This mechanism is described in the textual definition of the class 817 and is typically configurable via some attributes of the LFB. 819 For example, consider a redirector LFB, whose sole purpose is to 820 direct packets to one of N downstream paths based on one of the 821 metadata associated with each arriving packet. Such an LFB is fairly 822 versatile and can be used in many different places in a topology. 823 For example, a redirector can be used to divide the data path into an 824 IPv4 and an IPv6 path based on a FRAMETYPE metadata (N=2), or to fork 825 into color specific paths after metering using the COLOR metadata 826 (red, yellow, green; N=3), etc. 828 Using an output group in the above LFB class provides the desired 829 flexibility to adapt each instance of this class to the required 830 operation. The metadata to be used as a selector for the output 831 instance is a property of the LFB. For each packet, the value of the 832 specified metadata may be used as a direct index to the output 833 instance. Alternatively, the LFB may have a configurable selector 834 table that maps a metadatum value to output instance. 836 Note that other LFBs may also use the output group concept to build 837 in similar adaptive forking capability. For example, a classifier 838 LFB with one input and N outputs can be defined easily by using the 839 output group concept. Alternatively, a classifier LFB with one 840 singleton output in combination with an explicit N-output re- 841 director LFB models the same processing behavior. The decision of 842 whether to use the output group model for a certain LFB class is left 843 to the LFB class designers. 845 The model allows the output group to be combined with other singleton 846 output(s) in the same class, as demonstrated in Figure 3.d. The LFB 847 here has two types of outputs, OUT, for normal packet output, and 848 EXCEPTIONOUT for packets that triggered some exception. The normal 849 OUT has multiple instances, thus, it is an output group. 851 In summary, the LFB class may define one output, multiple singleton 852 outputs, one or more output groups, or a combination thereof. 853 Multiple singleton outputs should be used when the LFB must provide 854 for forking the datapath and at least one of the following conditions 855 hold: 857 o the number of downstream directions is inherent from the 858 definition of the class and hence fixed; 860 o the frame type and set of metadata emitted on any of the outputs 861 are substantially different from what is emitted on the other 862 outputs (i.e., they cannot share frame-type and metadata 863 definitions). 865 An output group is appropriate when the LFB must provide for forking 866 the datapath and at least one of the following conditions hold: 868 o the number of downstream directions is not known when the LFB 869 class is defined; 871 o the frame type and set of metadata emitted on these outputs are 872 sufficiently similar or, ideally, identical, such they can share 873 the same output definition. 875 3.2.2. LFB Inputs 877 An LFB input is a conceptual port on an LFB on which the LFB can 878 receive information from other LFBs. The information is typically a 879 packet and associated metadata, although in some cases it might 880 consist of only metadata. 882 For LFB instances that receive packets from more than one other LFB 883 instance (fan-in) there are three ways to model fan-in, all supported 884 by the LFB model and can all be combined in the same LFB: 886 o Implicit multiplexing via a single input 888 o Explicit multiplexing via multiple singleton inputs 889 o Explicit multiplexing via a group of inputs (input group) 891 The simplest form of multiplexing uses a singleton input (Figure 4 892 .a). Most LFBs will have only one singleton input. Multiplexing 893 into a single input is possible because the model allows more than 894 one LFB output to connect to the same LFB input. This property 895 applies to any LFB input without any special provisions in the LFB 896 class. Multiplexing into a single input is applicable when the 897 packets from the upstream LFBs are similar in frame-type and 898 accompanying metadata, and require similar processing. Note that 899 this model does not address how potential contention is handled when 900 multiple packets arrive simultaneously. If contention handling needs 901 to be explicitly modeled, one of the other two modeling solutions 902 must be used. 904 The second method to model fan-in uses individually defined singleton 905 inputs (Figure 4.b). This model is meant for situations where the 906 LFB needs to handle distinct types of packet streams, requiring 907 input-specific handling inside the LFB, and where the number of such 908 distinct cases is known when the LFB class is defined. For example, 909 a Layer 2 Decapsulation/Encapsulation LFB may have two inputs, one 910 for receiving Layer 2 frames for decapsulation, and one for receiving 911 Layer 3 frames for encapsulation. This LFB type expects different 912 frames (L2 vs. L3) at its inputs, each with different sets of 913 metadata, and would thus apply different processing on frames 914 arriving at these inputs. This model is capable of explicitly 915 addressing packet contention by defining how the LFB class handles 916 the contending packets. 918 +--------------+ +------------------------+ 919 | LFB X +---+ | | 920 +--------------+ | | | 921 | | | | 922 +--------------+ v | | 923 | LFB Y +---+-->|input Meter LFB | 924 +--------------+ ^ | | 925 | | | | 926 +--------------+ | | | 927 | LFB Z |---+ | | 928 +--------------+ +------------------------+ 930 (a) An LFB connects with multiple upstream LFBs via a single input. 932 +--------------+ +------------------------+ 933 | LFB X +---+ | | 934 +--------------+ +-->|layer2 | 935 +--------------+ | | 936 | LFB Y +------>|layer3 LFB | 937 +--------------+ +------------------------+ 939 (b) An LFB connects with multiple upstream LFBs via two separate 940 singleton inputs. 942 +--------------+ +------------------------+ 943 | Queue LFB #1 +---+ | | 944 +--------------+ | | | 945 | | | 946 +--------------+ +-->|in:0 \ | 947 | Queue LFB #2 +------>|in:1 | input group | 948 +--------------+ |... | | 949 +-->|in:N-1 / | 950 ... | | | 951 +--------------+ | | | 952 | Queue LFB #N |---+ | Scheduler LFB | 953 +--------------+ +------------------------+ 955 (c) A Scheduler LFB uses an input group to differentiate which queue 956 LFB packets are coming from. 958 Figure 4: Examples of LFBs with various input combinations. 960 The third method to model fan-in uses the concept of an input group. 961 The concept is similar to the output group introduced in the previous 962 section and is depicted in Figure 4.c. An input group consists of a 963 number of input instances, all sharing the properties (same frame and 964 metadata expectations). The input instances are numbered from 0 to 965 N-1. From the outside, these inputs appear as normal inputs, i.e., 966 any compatible upstream LFB can connect its output to one of these 967 inputs. When a packet is presented to the LFB at a particular input 968 instance, the index of the input where the packet arrived is known to 969 the LFB and this information may be used in the internal processing. 970 For example, the input index can be used as a table selector, or as 971 an explicit precedence selector to resolve contention. As with 972 output groups, the number of input instances in an input group is not 973 defined in the LFB class. However, the class definition may include 974 restrictions on the range of possible values. In addition, if an FE 975 supports configurable topologies, it may impose further limitations 976 on the number of instances for a particular port group(s) of a 977 particular LFB class. Within these limitations, different instances 978 of the same class may have a different number of input instances. 979 The number of actual input instances in the group is a component 980 defined in the LFB class, which is read-only for static topologies, 981 and is read-write for configurable topologies. 983 As an example for the input group, consider the Scheduler LFB 984 depicted in Figure 4.c. Such an LFB receives packets from a number 985 of Queue LFBs via a number of input instances, and uses the input 986 index information to control contention resolution and scheduling. 988 In summary, the LFB class may define one input, multiple singleton 989 inputs, one or more input groups, or a combination thereof. Any 990 input allows for implicit multiplexing of similar packet streams via 991 connecting multiple outputs to the same input. Explicit multiple 992 singleton inputs are useful when either the contention handling must 993 be handled explicitly, or when the LFB class must receive and process 994 a known number of distinct types of packet streams. An input group 995 is suitable when contention handling must be modeled explicitly, but 996 the number of inputs is not inherent from the class (and hence is not 997 known when the class is defined), or when it is critical for LFB 998 operation to know exactly on which input the packet was received. 1000 3.2.3. Packet Type 1002 When LFB classes are defined, the input and output packet formats 1003 (e.g., IPv4, IPv6, Ethernet, etc.) MUST be specified. These are the 1004 types of packets that a given LFB input is capable of receiving and 1005 processing, or that a given LFB output is capable of producing. This 1006 model requires that distinct packet types be uniquely labeled with a 1007 symbolic name and/or ID. 1009 Note that each LFB has a set of packet types that it operates on, but 1010 does not care whether the underlying implementation is passing a 1011 greater portion of the packets. For example, an IPv4 LFB might only 1012 operate on IPv4 packets, but the underlying implementation may or may 1013 not be stripping the L2 header before handing it over. Whether such 1014 processing is happening or not is opaque to the CE. 1016 3.2.4. Metadata 1018 Metadata is state that is passed from one LFB to another alongside a 1019 packet. The metadata passed with the packet assists subsequent LFBs 1020 to process that packet. 1022 The ForCES model defines metadata as precise atomic definitions in 1023 the form of label, value pairs. 1025 The ForCES model provides to the authors of LFB classes a way to 1026 formally define how to achieve metadata creation, modification, 1027 reading, as well as consumption(deletion). 1029 Inter-FE metadata, i.e, metadata crossing FEs, while likely 1030 semantically similar to this metadata, is out of scope for this 1031 document. 1033 Section 4 has informal details on metadata. 1035 3.2.4.1. Metadata lifecycle within the ForCES model 1037 Each metadata is modeled as a pair, where the label 1038 identifies the type of information, (e.g., "color"), and its value 1039 holds the actual information (e.g., "red"). The tag here is shown as 1040 a textual label, but it can be replaced or associated with a unique 1041 numeric value (identifier). 1043 To ensure inter-operability between LFBs, the LFB class specification 1044 must define what metadata the LFB class "reads" or "consumes" on its 1045 input(s) and what metadata it "produces" on its output(s). For 1046 maximum extensibility, this definition should neither specify which 1047 LFBs the metadata is expected to come from for a consumer LFB, nor 1048 which LFBs are expected to consume metadata for a given producer LFB. 1050 3.2.4.2. Metadata Production and Consumption 1052 For a given metadata on a given packet path, there MUST be at least 1053 one producer LFB that creates that metadata and SHOULD be at least 1054 one consumer LFB that needs that metadata. 1056 In the ForCES model, the producer and consumer LFBs of a metadatum 1057 are not required to be adjacent. In addition, there may be multiple 1058 producers and consumers for the same metadata. When a packet path 1059 involves multiple producers of the same metadata, then subsequent 1060 producers overwrite that metadata value. 1062 The metadata that is produced by an LFB is specified by the LFB class 1063 definition on a per-output-port-group basis. A producer may always 1064 generate the metadata on the port group, or may generate it only 1065 under certain conditions. We call the former an "unconditional" 1066 metadata, whereas the latter is a "conditional" metadata. In the 1067 case of conditional metadata, it should be possible to determine from 1068 the definition of the LFB when a "conditional" metadata is produced. 1069 The consumer behavior of an LFB, that is, the metadata that the LFB 1070 needs for its operation, is defined in the LFB class definition on a 1071 per-input-port-group basis. An input port group may "require" a 1072 given metadata, or may treat it as "optional" information. In the 1073 latter case, the LFB class definition MUST explicitly define what 1074 happens if an optional metadata is not provided. One approach is to 1075 specify a default value for each optional metadata, and assume that 1076 the default value is used if the metadata is not provided with the 1077 packet. 1079 When specifying the metadata tags, some harmonization effort must be 1080 made so that the producer LFB class uses the same tag as its intended 1081 consumer(s), or vice versa. 1083 3.2.4.3. LFB Operations on Metadata 1085 When the packet is processed by an LFB (i.e., between the time it is 1086 received and forwarded by the LFB), the LFB may perform read, write, 1087 and/or consume operations on any active metadata associated with the 1088 packet. If the LFB is considered to be a black box, one of the 1089 following operations is performed on each active metadata. 1091 * IGNORE: ignores and forwards the metadata 1093 * READ: reads and forwards the metadata 1095 * READ/RE-WRITE: reads, over-writes and forwards the metadata 1097 * WRITE: writes and forwards the metadata (can also be used to 1098 create new metadata) 1100 * READ-AND-CONSUME: reads and consumes the metadata 1101 * CONSUME consumes metadata without reading 1103 The last two operations terminate the life-cycle of the metadata, 1104 meaning that the metadata is not forwarded with the packet when the 1105 packet is sent to the next LFB. 1107 In the ForCES model, a new metadata is generated by an LFB when the 1108 LFB applies a WRITE operation to a metadatum type that was not 1109 present when the packet was received by the LFB. Such implicit 1110 creation may be unintentional by the LFB, that is, the LFB may apply 1111 the WRITE operation without knowing or caring if the given metadata 1112 existed or not. If it existed, the metadata gets over-written; if it 1113 did not exist, the metadata is created. 1115 For LFBs that insert packets into the model, WRITE is the only 1116 meaningful metadata operation. 1118 For LFBs that remove the packet from the model, they may either READ- 1119 AND-CONSUME (read) or CONSUME (ignore) each active metadata 1120 associated with the packet. 1122 3.2.5. LFB Events 1124 During operation, various conditions may occur that can be detected 1125 by LFBs. Examples range from link failure or restart to timer 1126 expiration in special purpose LFBs. The CE may wish to be notified 1127 of the occurrence of such events. The PL protocol provides for such 1128 notifications. 1130 Events are declared in the LFB class definition. The LFB event 1131 declaration constitutes: 1133 o a unique 32 bit identifier. 1135 o An LFB component which is used to trigger the event. This entity 1136 is known as the event target. 1138 o A condition that will happen to the event target that will result 1139 in a generation of an event to the CE. Example of a condition 1140 include something getting created, deleted, config change, etc. 1142 o What should be reported to the CE by the FE if the declared 1143 condition is met. 1145 The declaration of an event within an LFB class essentially defines 1146 what part of the LFB component(s) need to be monitored for events, 1147 what condition on the LFB monitored LFB component an FE should detect 1148 to trigger such an event, and what to report to the CE when the event 1149 is triggered. 1151 While events may be declared by the LFB class definition, runtime 1152 activity is controlled using built-in event properties using LFB 1153 component Properties (discussed in Section 3.2.6). A CE subscribes 1154 to the events on an LFB class instance by setting an event property 1155 for subscription. Each event has a subscription property which is by 1156 default off. A CE wishing to receive a specific event needs to turn 1157 on the subscription property at runtime. 1159 Event properties also provide semantics for runtime event filtering. 1160 A CE may set an event property to further suppress subscribed to 1161 events. The LFB model defines such filters to include threshold 1162 values, hysteris, time intervals, number of events, etc. 1164 The reports with events are designed to allow for the common, closely 1165 related information that the CE can be strongly expected to need to 1166 react to the event. It is not intended to carry information the CE 1167 already has, nor large volumes of information, nor information 1168 related in complex fashions. 1170 From a conceptual point of view, at runtime, event processing is 1171 split into: 1173 1. detection of something happening to the (declared during LFB 1174 class definition) event target. Processing the next step happens 1175 if the CE subscribed (at runtime) to the event. 1177 2. checking of the (declared during LFB class definition) condition 1178 on the LFB event target. If the condition is met, proceed with 1179 the next step. 1181 3. checking (runtime set) event filters if they exist to see if the 1182 event should be reported or suppressed. If the event is to be 1183 reported proceed to the next step. 1185 4. Submitting of the declared report to the CE. 1187 Section 4.7.6 discusses events in more details. 1189 3.2.6. Component Properties 1191 LFBs and structures are made up of components, containing the 1192 information that the CE needs to see and/or change about the 1193 functioning of the LFB. These Components, as described in detail in 1194 Section 4.7, may be basic values, complex structures (containing 1195 multiple Components themselves, each of which can be values, 1196 structures, or tables), or tables (which contain values, structures 1197 or tables). Some of these Components are optional. Components may 1198 be readable or writeable at the discretion of the FE implementation. 1199 The CE needs to know these properties. Additionally, certain kinds 1200 of Components (arrays / tables, aliases, and events as of this 1201 writing) have additional property information that the CE may need to 1202 read or write. This model defines the structure of the property 1203 information for all defined data types. 1205 Section 4.8 describes properties in more details. 1207 3.2.7. LFB Versioning 1209 LFB class versioning is a method to enable incremental evolution of 1210 LFB classes. In general, an FE is not allowed to contain an LFB 1211 instance for more than one version of a particular class. 1212 Inheritance (discussed next in Section 3.2.6) has special rules. If 1213 an FE datapath model containing an LFB instance of a particular class 1214 C also simultaneously contains an LFB instance of a class C' 1215 inherited from class C; C could have a different version than C'. 1217 LFB class versioning is supported by requiring a version string in 1218 the class definition. CEs may support multiple versions of a 1219 particular LFB class to provide backward compatibility, but FEs MUST 1220 NOT support more than one version of a particular class. 1222 Versioning is not restricted to making backwards compatible changes. 1223 It is specifically expected to be used to make changes that cannot be 1224 represented by inheritance. Often this will be to correct errors, 1225 and hence may not be backwards compatible. It may also be used to 1226 remove components which are not considered useful (particularly if 1227 they were previously mandatory, and hence were an implementation 1228 impediment.) 1230 3.2.8. LFB Inheritance 1232 LFB class inheritance is supported in the FE model as a method to 1233 define new LFB classes. This also allows FE vendors to add vendor- 1234 specific extensions to standardized LFBs. An LFB class specification 1235 MUST specify the base class and version number it inherits from (the 1236 default is the base LFB class). Multiple inheritance is not allowed, 1237 however, to avoid unnecessary complexity. 1239 Inheritance should be used only when there is significant reuse of 1240 the base LFB class definition. A separate LFB class should be 1241 defined if little or no reuse is possible between the derived and the 1242 base LFB class. 1244 An interesting issue related to class inheritance is backward 1245 compatibility between a descendant and an ancestor class. Consider 1246 the following hypothetical scenario where a standardized LFB class 1247 "L1" exists. Vendor A builds an FE that implements LFB "L1" and 1248 vendor B builds a CE that can recognize and operate on LFB "L1". 1249 Suppose that a new LFB class, "L2", is defined based on the existing 1250 "L1" class by extending its capabilities incrementally. Let us 1251 examine the FE backward compatibility issue by considering what would 1252 happen if vendor B upgrades its FE from "L1" to "L2" and vendor C's 1253 CE is not changed. The old L1-based CE can interoperate with the new 1254 L2-based FE if the derived LFB class "L2" is indeed backward 1255 compatible with the base class "L1". 1257 The reverse scenario is a much less problematic case, i.e., when CE 1258 vendor B upgrades to the new LFB class "L2", but the FE is not 1259 upgraded. Note that as long as the CE is capable of working with 1260 older LFB classes, this problem does not affect the model; hence we 1261 will use the term "backward compatibility" to refer to the first 1262 scenario concerning FE backward compatibility. 1264 Backward compatibility can be designed into the inheritance model by 1265 constraining LFB inheritance to require the derived class be a 1266 functional superset of the base class (i.e. the derived class can 1267 only add functions to the base class, but not remove functions). 1268 Additionally, the following mechanisms are required to support FE 1269 backward compatibility: 1271 1. When detecting an LFB instance of an LFB type that is unknown to 1272 the CE, the CE MUST be able to query the base class of such an 1273 LFB from the FE. 1275 2. The LFB instance on the FE SHOULD support a backward 1276 compatibility mode (meaning the LFB instance reverts itself back 1277 to the base class instance), and the CE SHOULD be able to 1278 configure the LFB to run in such a mode. 1280 3.3. ForCES Model Addressing 1282 Figure 5 demonstrates the abstraction of the different ForCES model 1283 entities. The ForCES protocol provides the mechanism to uniquely 1284 identify any of the LFB Class instance components. 1286 FE Address = FE01 1287 +--------------------------------------------------------------+ 1288 | | 1289 | +--------------+ +--------------+ | 1290 | | LFB ClassID 1| |LFB ClassID 91| | 1291 | | InstanceID 3 |============>|InstanceID 3 |======>... | 1292 | | +----------+ | | +----------+ | | 1293 | | |Components| | | |Components| | | 1294 | | +----------+ | | +----------+ | | 1295 | +--------------+ +--------------+ | 1296 | | 1297 +--------------------------------------------------------------+ 1299 Figure 5: FE Entity Hierarchy 1301 At the top of the addressing hierachy is the FE identifier. In the 1302 example above, the 32-bit FE identifier is illustrated with the 1303 mnemonic FE01. The next 32-bit entity selector is the LFB ClassID. 1304 In the illustration above, two LFB classes with identifiers 1 and 91 1305 are demonstrated. The example above further illustrates one instance 1306 of each of the two classes. The scope of the 32-bit LFB class 1307 instance identifier is valid only within the LFB class. To emphasize 1308 that point, each of class 1 and 91 has an instance of 3. 1310 Using the described addressing scheme, a message could be sent to 1311 address FE01, LFB ClassID 1, LFB InstanceID 3, utilizing the ForCES 1312 protocol. However, to be effective, such a message would have to 1313 target entities within an LFB. These entities could be carrying 1314 state, capability, etc. These are further illustrated in Figure 6 1315 below. 1317 LFB Class ID 1,InstanceID 3 Components 1318 +-------------------------------------+ 1319 | | 1320 | LFB ComponentID 1 | 1321 | +----------------------+ | 1322 | | | | 1323 | +----------------------+ | 1324 | | 1325 | LFB ComponentID 31 | 1326 | +----------------------+ | 1327 | | | | 1328 | +----------------------+ | 1329 | | 1330 | LFB ComponentID 51 | 1331 | +----------------------+ | 1332 | | LFB ComponentID 89 | | 1333 | | +-----------------+ | | 1334 | | | | | | 1335 | | +-----------------+ | | 1336 | +----------------------+ | 1337 | | 1338 | | 1339 +-------------------------------------+ 1341 Figure 6: LFB Hierarchy 1343 Figure 6 zooms into the components carried by LFB Class ID 1, LFB 1344 InstanceID 3 from Figure 5. 1346 The example shows three components with 32-bit component identifiers 1347 1, 31, and 51. LFB ComponentID 51 is a complex structure 1348 encapsulating within it an entity with LFB ComponentID 89. LFB 1349 ComponentID 89 could be a complex structure itself but is restricted 1350 in the example for the sake of clarity. 1352 3.3.1. Addressing LFB Components: Paths and Keys 1354 As mentioned above, LFB components could be complex structures, such 1355 as a table, or even more complex structures such as a table whose 1356 cells are further tables, etc. The ForCES model XML schema 1357 (Figure 5) allows for uniquely identifying anything with such 1358 complexity, utilizing the concept of dot-annotated static paths and 1359 content addressing of paths as derived from keys. As an example, the 1360 path to LFB ComponentID 89 above will be 51.89. If ComponentID 51 1361 was a table which was key index-able, then a key describing content 1362 could also be passed by the CE which upon computation by the FE would 1363 resolve to LFB ComponentID 89. 1365 3.4. FE Datapath Modeling 1367 Packets coming into the FE from ingress ports generally flow through 1368 one or more LFBs before leaving out of the egress ports. How an FE 1369 treats a packet depends on many factors, such as type of the packet 1370 (e.g., IPv4, IPv6, or MPLS), header values, time of arrival, etc. 1371 The result of LFB processing may have an impact on how the packet is 1372 to be treated in downstream LFBs. This differentiation of packet 1373 treatment downstream can be conceptualized as having alternative 1374 datapaths in the FE. For example, the result of a 6- tuple 1375 classification performed by a classifier LFB could control which rate 1376 meter is applied to the packet by a rate meter LFB in a later stage 1377 in the datapath. 1379 LFB topology is a directed graph representation of the logical 1380 datapaths within an FE; with the nodes representing the LFB instances 1381 and the directed link depicting the packet flow direction from one 1382 LFB to the next. Section 3.4.1 discusses how the FE datapaths can be 1383 modeled as LFB topology; while Section 3.4.2 focuses on issues 1384 related to LFB topology reconfiguration. 1386 3.4.1. Alternative Approaches for Modeling FE Datapaths 1388 There are two basic ways to express the differentiation in packet 1389 treatment within an FE, one represents the datapath directly and 1390 graphically (topological approach) and the other utilizes metadata 1391 (the encoded state approach). 1393 o Topological Approach 1395 Using this approach, differential packet treatment is expressed by 1396 splitting the LFB topology into alternative paths. In other words, 1397 if the result of an LFB operation controls how the packet is further 1398 processed, then such an LFB will have separate output ports, one for 1399 each alternative treatment, connected to separate sub-graphs, each 1400 expressing the respective treatment downstream. 1402 o Encoded State Approach 1404 An alternate way of expressing differential treatment is by using 1405 metadata. The result of the operation of an LFB can be encoded in a 1406 metadatum, which is passed along with the packet to downstream LFBs. 1407 A downstream LFB, in turn, can use the metadata and its value (e.g., 1408 as an index into some table) to determine how to treat the packet. 1410 Theoretically, either approach could substitute for the other, so one 1411 could consider using a single pure approach to describe all datapaths 1412 in an FE. However, neither model by itself results in the best 1413 representation for all practically relevant cases. For a given FE 1414 with certain logical datapaths, applying the two different modeling 1415 approaches will result in very different looking LFB topology graphs. 1416 A model using only the topological approach may require a very large 1417 graph with many links or paths, and nodes (i.e., LFB instances) to 1418 express all alternative datapaths. On the other hand, a model using 1419 only the encoded state model would be restricted to a string of LFBs, 1420 which is not an intuitive way to describe different datapaths (such 1421 as MPLS and IPv4). Therefore, a mix of these two approaches will 1422 likely be used for a practical model. In fact, as we illustrate 1423 below, the two approaches can be mixed even within the same LFB. 1425 Using a simple example of a classifier with N classification outputs 1426 followed by other LFBs, Figure 7.a shows what the LFB topology looks 1427 like when using the pure topological approach. Each output from the 1428 classifier goes to one of the N LFBs where no metadata is needed. 1429 The topological approach is simple, straightforward and graphically 1430 intuitive. However, if N is large and the N nodes following the 1431 classifier (LFB#1, LFB#2, ..., LFB#N) all belong to the same LFB type 1432 (e.g., meter), but each has its own independent components, the 1433 encoded state approach gives a much simpler topology representation, 1434 as shown in Figure 7.b. The encoded state approach requires that a 1435 table of N rows of meter components is provided in the Meter node 1436 itself, with each row representing the attributes for one meter 1437 instance. A metadatum M is also needed to pass along with the packet 1438 P from the classifier to the meter, so that the meter can use M as a 1439 look-up key (index) to find the corresponding row of the attributes 1440 that should be used for any particular packet P. 1442 What if those N nodes (LFB#1, LFB#2, ..., LFB#N) are not of the same 1443 type? For example, if LFB#1 is a queue while the rest are all 1444 meters, what is the best way to represent such datapaths? While it 1445 is still possible to use either the pure topological approach or the 1446 pure encoded state approach, the natural combination of the two 1447 appears to be the best option. Figure 7.c depicts two different 1448 functional datapaths using the topological approach while leaving the 1449 N-1 meter instances distinguished by metadata only, as shown in 1450 Figure 7.c. 1452 +----------+ 1453 P | LFB#1 | 1454 +--------->|(Compon-1)| 1455 +-------------+ | +----------+ 1456 | 1|------+ P +----------+ 1457 | 2|---------------->| LFB#2 | 1458 | classifier 3| |(Compon-2)| 1459 | ...|... +----------+ 1460 | N|------+ ... 1461 +-------------+ | P +----------+ 1462 +--------->| LFB#N | 1463 |(Compon-N)| 1464 +----------+ 1466 (a) Using pure topological approach 1468 +-------------+ +-------------+ 1469 | 1| | Meter | 1470 | 2| (P, M) | (Compon-1) | 1471 | 3|---------------->| (Compon-2) | 1472 | ...| | ... | 1473 | N| | (Compon-N) | 1474 +-------------+ +-------------+ 1476 (b) Using pure encoded state approach to represent the LFB 1477 topology in 5(a), if LFB#1, LFB#2, ..., and LFB#N are of the 1478 same type (e.g., meter). 1480 +-------------+ 1481 +-------------+ (P, M) | queue | 1482 | 1|------------->| (Compon-1) | 1483 | 2| +-------------+ 1484 | 3| (P, M) +-------------+ 1485 | ...|------------->| Meter | 1486 | N| | (Compon-2) | 1487 +-------------+ | ... | 1488 | (Compon-N) | 1489 +-------------+ 1491 (c) Using a combination of the two, if LFB#1, LFB#2, ..., and 1492 LFB#N are of different types (e.g., queue and meter). 1494 Figure 7: An example of how to model FE datapaths 1496 From this example, we demonstrate that each approach has a distinct 1497 advantage depending on the situation. Using the encoded state 1498 approach, fewer connections are typically needed between a fan-out 1499 node and its next LFB instances of the same type because each packet 1500 carries metadata the following nodes can interpret and hence invoke a 1501 different packet treatment. For those cases, a pure topological 1502 approach forces one to build elaborate graphs with many more 1503 connections and often results in an unwieldy graph. On the other 1504 hand, a topological approach is the most intuitive for representing 1505 functionally different datapaths. 1507 For complex topologies, a combination of the two is the most 1508 flexible. A general design guideline is provided to indicate which 1509 approach is best used for a particular situation. The topological 1510 approach should primarily be used when the packet datapath forks to 1511 distinct LFB classes (not just distinct parameterizations of the same 1512 LFB class), and when the fan-outs do not require changes, such as 1513 adding/removing LFB outputs, or require only very infrequent changes. 1514 Configuration information that needs to change frequently should be 1515 expressed by using the internal attributes of one or more LFBs (and 1516 hence using the encoded state approach). 1518 +---------------------------------------------+ 1519 | | 1520 +----------+ V +----------+ +------+ | 1521 | | | | |if IP-in-IP| | | 1522 ---->| ingress |->+----->|classifier|---------->|Decap.|---->---+ 1523 | ports | | |---+ | | 1524 +----------+ +----------+ |others +------+ 1525 | 1526 V 1527 (a) The LFB topology with a logical loop 1529 +-------+ +-----------+ +------+ +-----------+ 1530 | | | |if IP-in-IP | | | | 1531 --->|ingress|-->|classifier1|----------->|Decap.|-->+classifier2|-> 1532 | ports | | |----+ | | | | 1533 +-------+ +-----------+ |others +------+ +-----------+ 1534 | 1535 V 1536 (b)The LFB topology without the loop utilizing two independent 1537 classifier instances. 1539 Figure 8: An LFB topology example. 1541 It is important to point out that the LFB topology described here is 1542 the logical topology, not the physical topology of how the FE 1543 hardware is actually laid out. Nevertheless, the actual 1544 implementation may still influence how the functionality is mapped to 1545 the LFB topology. Figure 8 shows one simple FE example. In this 1546 example, an IP-in-IP packet from an IPSec application like VPN may go 1547 to the classifier first and have the classification done based on the 1548 outer IP header; upon being classified as an IP-in-IP packet, the 1549 packet is then sent to a decapsulator to strip off the outer IP 1550 header, followed by a classifier again to perform classification on 1551 the inner IP header. If the same classifier hardware or software is 1552 used for both outer and inner IP header classification with the same 1553 set of filtering rules, a logical loop is naturally present in the 1554 LFB topology, as shown in Figure 8.a. However, if the classification 1555 is implemented by two different pieces of hardware or software with 1556 different filters (i.e., one set of filters for the outer IP header 1557 and another set for the inner IP header), then it is more natural to 1558 model them as two different instances of classifier LFB, as shown in 1559 Figure 8.b. 1561 3.4.2. Configuring the LFB Topology 1563 While there is little doubt that an individual LFB must be 1564 configurable, the configurability question is more complicated for 1565 LFB topology. Since the LFB topology is really the graphic 1566 representation of the datapaths within an FE, configuring the LFB 1567 topology means dynamically changing the datapaths, including changing 1568 the LFBs along the datapaths on an FE (e.g., creating/instantiating, 1569 updating or deleting LFBs) and setting up or deleting 1570 interconnections between outputs of upstream LFBs to inputs of 1571 downstream LFBs. 1573 Why would the datapaths on an FE ever change dynamically? The 1574 datapaths on an FE are set up by the CE to provide certain data plane 1575 services (e.g., DiffServ, VPN, etc.) to the Network Element's (NE) 1576 customers. The purpose of reconfiguring the datapaths is to enable 1577 the CE to customize the services the NE is delivering at run time. 1578 The CE needs to change the datapaths when the service requirements 1579 change, such as adding a new customer or when an existing customer 1580 changes their service. However, note that not all datapath changes 1581 result in changes in the LFB topology graph. Changes in the graph 1582 are dependent on the approach used to map the datapaths into LFB 1583 topology. As discussed in Section 3.3.1, the topological approach 1584 and encoded state approach can result in very different looking LFB 1585 topologies for the same datapaths. In general, an LFB topology based 1586 on a pure topological approach is likely to experience more frequent 1587 topology reconfiguration than one based on an encoded state approach. 1588 However, even an LFB topology based entirely on an encoded state 1589 approach may have to change the topology at times, for example, to 1590 bypass some LFBs or insert new LFBs. Since a mix of these two 1591 approaches is used to model the datapaths, LFB topology 1592 reconfiguration is considered an important aspect of the FE model. 1594 We want to point out that allowing a configurable LFB topology in the 1595 FE model does not mandate that all FEs are required to have this 1596 capability. Even if an FE supports configurable LFB topology, the FE 1597 may impose limitations on what can actually be configured. 1598 Performance-optimized hardware implementations may have zero or very 1599 limited configurability, while FE implementations running on network 1600 processors may provide more flexibility and configurability. It is 1601 entirely up to the FE designers to decide whether or not the FE 1602 actually implements reconfiguration and if so, how much. Whether a 1603 simple runtime switch is used to enable or disable (i.e., bypass) 1604 certain LFBs, or more flexible software reconfiguration is used, is 1605 an implementation detail internal to the FE and outside of the scope 1606 of FE model. In either case, the CE(s) MUST be able to learn the 1607 FE's configuration capabilities. Therefore, the FE model MUST 1608 provide a mechanism for describing the LFB topology configuration 1609 capabilities of an FE. These capabilities may include (see Section 5 1610 for full details): 1612 o Which LFB classes the FE can instantiate 1614 o The maximum number of instances of the same LFB class that can be 1615 created 1617 o Any topological limitations, for example: 1619 * The maximum number of instances of the same class or any class 1620 that can be created on any given branch of the graph 1622 * Ordering restrictions on LFBs (e.g., any instance of LFB class 1623 A must be always downstream of any instance of LFB class B). 1625 The CE needs some programming help in order to cope with the range of 1626 complexity. In other words, even when the CE is allowed to configure 1627 LFB topology for the FE, the CE is not expected to be able to 1628 interpret an arbitrary LFB topology and determine which specific 1629 service or application (e.g. VPN, DiffServ, etc.) is supported by 1630 the FE. However, once the CE understands the coarse capability of an 1631 FE, the CE MUST configure the LFB topology to implement the network 1632 service the NE is supposed to provide. Thus, the mapping the CE has 1633 to understand is from the high level NE service to a specific LFB 1634 topology, not the other way around. The CE is not expected to have 1635 the ultimate intelligence to translate any high level service policy 1636 into the configuration data for the FEs. However, it is conceivable 1637 that within a given network service domain, a certain amount of 1638 intelligence can be programmed into the CE to give the CE a general 1639 understanding of the LFBs involved to allow the translation from a 1640 high level service policy to the low level FE configuration to be 1641 done automatically. Note that this is considered an implementation 1642 issue internal to the control plane and outside the scope of the FE 1643 model. Therefore, it is not discussed any further in this draft. 1645 +----------+ +-----------+ 1646 ---->| Ingress |---->|classifier |--------------+ 1647 | | |chip | | 1648 +----------+ +-----------+ | 1649 v 1650 +-------------------------------------------+ 1651 +--------+ | Network Processor | 1652 <----| Egress | | +------+ +------+ +-------+ | 1653 +--------+ | |Meter | |Marker| |Dropper| | 1654 ^ | +------+ +------+ +-------+ | 1655 | | | 1656 +----------+-------+ | 1657 | | | 1658 | +---------+ +---------+ +------+ +---------+ | 1659 | |Forwarder|<------|Scheduler|<--|Queue | |Counter | | 1660 | +---------+ +---------+ +------+ +---------+ | 1661 +--------------------------------------------------------------+ 1663 Figure 9: The Capability of an FE as reported to the CE 1665 Figure 9 shows an example where a QoS-enabled router has several line 1666 cards that have a few ingress ports and egress ports, a specialized 1667 classification chip, and a network processor containing codes for FE 1668 blocks like meter, marker, dropper, counter, queue, scheduler, and 1669 Ipv4 forwarder. Some of the LFB topology is already fixed and has to 1670 remain static due to the physical layout of the line cards. For 1671 example, all of the ingress ports might be hardwired into the 1672 classification chip so all packets flow from the ingress port into 1673 the classification engine. On the other hand, the LFBs on the 1674 network processor and their execution order are programmable. 1675 However, certain capacity limits and linkage constraints could exist 1676 between these LFBs. Examples of the capacity limits might be: 1678 o 8 meters 1680 o 16 queues in one FE 1682 o the scheduler can handle at most up to 16 queues 1684 o The linkage constraints might dictate that: 1686 * the classification engine may be followed by: 1688 + a meter 1690 + marker 1692 + dropper 1694 + counter 1696 + queue or IPv4 forwarder, but not a scheduler 1698 * queues can only be followed by a scheduler 1700 * a scheduler must be followed by the IPv4 forwarder 1702 * the last LFB in the datapath before going into the egress ports 1703 must be the IPv4 forwarder 1705 +-----+ +-------+ +---+ 1706 | A|--->|Queue1 |--------------------->| | 1707 ------>| | +-------+ | | +---+ 1708 | | | | | | 1709 | | +-------+ +-------+ | | | | 1710 | B|--->|Meter1 |----->|Queue2 |------>| |->| | 1711 | | | | +-------+ | | | | 1712 | | | |--+ | | | | 1713 +-----+ +-------+ | +-------+ | | +---+ 1714 classifier +-->|Dropper| | | IPv4 1715 +-------+ +---+ Fwd. 1716 Scheduler 1718 Figure 10: An LFB topology as configured by the CE and accepted by 1719 the FE 1721 Once the FE reports these capabilities and capacity limits to the CE, 1722 it is now up to the CE to translate the QoS policy into a desirable 1723 configuration for the FE. Figure 9 depicts the FE capability while 1724 Figure 10 and Figure 11 depict two different topologies that the CE 1725 may request the FE to configure. 1727 Queue1 1728 +---+ +--+ 1729 | A|------------------->| |--+ 1730 +->| | | | | 1731 | | B|--+ +--+ +--+ +--+ | 1732 | +---+ | | | | | | 1733 | Meter1 +->| |-->| | | 1734 | | | | | | 1735 | +--+ +--+ | Ipv4 1736 | Counter1 Dropper1 Queue2| +--+ Fwd. 1737 +---+ | +--+ +--->|A | +-+ 1738 | A|---+ | |------>|B | | | 1739 ------>| B|------------------------------>| | +--->|C |->| |-> 1740 | C|---+ +--+ | +->|D | | | 1741 | D|-+ | | | +--+ +-+ 1742 +---+ | | +---+ Queue3| | Scheduler 1743 Classifier1 | | | A|------------> +--+ | | 1744 | +->| | | |--+ | 1745 | | B|--+ +--+ +-------->| | | 1746 | +---+ | | | | +--+ | 1747 | Meter2 +->| |-+ | 1748 | | | | 1749 | +--+ Queue4 | 1750 | Marker1 +--+ | 1751 +---------------------------->| |----+ 1752 | | 1753 +--+ 1755 Figure 11: Another LFB topology as configured by the CE and accepted 1756 by the FE 1758 Note that both the ingress and egress are omitted in Figure 10 and 1759 Figure 11 to simplify the representation. The topology in Figure 11 1760 is considerably more complex than Figure 10 but both are feasible 1761 within the FE capabilities, and so the FE should accept either 1762 configuration request from the CE. 1764 4. Model and Schema for LFB Classes 1766 The main goal of the FE model is to provide an abstract, generic, 1767 modular, implementation-independent representation of the FEs. This 1768 is facilitated using the concept of LFBs, which are instantiated from 1769 LFB classes. LFB classes and associated definitions will be provided 1770 in a collection of XML documents. The collection of these XML 1771 documents is called a LFB class library, and each document is called 1772 an LFB class library document (or library document, for short). Each 1773 of the library documents will conform to the schema presented in this 1774 section. The root element of the library document is the 1775 element. 1777 It is not expected that library documents will be exchanged between 1778 FEs and CEs "over-the-wire". But the model will serve as an 1779 important reference for the design and development of the CEs 1780 (software) and FEs (mostly the software part). It will also serve as 1781 a design input when specifying the ForCES protocol elements for CE-FE 1782 communication. 1784 4.1. Namespace 1786 A namespace is needed to uniquely identify the LFB type in the LFB 1787 class library. The reference to the namespace definition is 1788 contained in Section 9, IANA Considerations. 1790 4.2. Element 1792 The element serves as a root element of all library 1793 documents. It contains one or more of the following main XML 1794 elements: 1796 o for the frame declarations; 1798 o for defining common data types; 1800 o for defining metadata, and 1802 o for defining LFB classes. 1804 Each element is optional, that is, one library document may contain 1805 only metadata definitions, another may contain only LFB class 1806 definitions, yet another may contain all of the above. 1808 In addition to the above main elements, a library document can import 1809 other library documents if it needs to refer to definitions contained 1810 in the included document. This concept is similar to the "#include" 1811 directive in C. Importing is expressed by the use of elements, 1812 which must precede all the above elements in the document. For 1813 unique referencing, each LFBLibrary instance document has a unique 1814 label defined in the "provide" attribute of the LFBLibrary element. 1815 Note that what this performs is a ForCES inclusion, not an XML 1816 inclusion. The semantic content of the library referenced by the 1817 element is included, not the xml content. 1819 The element also includes an optional 1820 element, which can be used to provide textual description about the 1821 library document. 1823 The following is a skeleton of a library document: 1825 1826 1829 1831 1833 1834 1835 ... 1837 1838 1839 ... 1840 1842 1843 1844 ... 1845 1847 1848 1849 ... 1850 1852 1856 1858 1859 1861 4.3. Element 1863 This element is used to refer to another LFB library document. 1864 Similar to the "#include" directive in C, this makes the objects 1865 (metadata types, data types, etc.) defined in the referred library 1866 document available for referencing in the current document. 1868 The load element MUST contain the label of the library document to be 1869 included and may contain a URL to specify where the library can be 1870 retrieved. The load element can be repeated unlimited times. Three 1871 examples for the elements: 1873 1874 1875 1878 4.4. Element for Frame Type Declarations 1880 Frame names are used in the LFB definition to define the types of 1881 frames the LFB expects at its input port(s) and emits at its output 1882 port(s). The optional element in the library document 1883 contains one or more elements, each declaring one frame 1884 type. 1886 Each frame definition MUST contain a unique name (NMTOKEN) and a 1887 brief synopsis. In addition, an optional detailed description may be 1888 provided. 1890 Uniqueness of frame types MUST be ensured among frame types defined 1891 in the same library document and in all directly or indirectly 1892 included library documents. 1894 The following example defines two frame types: 1896 1897 1898 ipv4 1899 IPv4 packet 1900 1901 This frame type refers to an IPv4 packet. 1902 1903 1904 1905 ipv6 1906 IPv6 packet 1907 1908 This frame type refers to an IPv6 packet. 1909 1910 1911 ... 1912 1914 4.5. Element for Data Type Definitions 1916 The (optional) element can be used to define commonly 1917 used data types. It contains one or more elements, 1918 each defining a data type with a unique name. Such data types can be 1919 used in several places in the library documents, including: 1921 o Defining other data types 1923 o Defining attributes of LFB classes 1925 This is similar to the concept of having a common header file for 1926 shared data types. 1928 Each element MUST contain a unique name (NMTOKEN), a 1929 brief synopsis, an optional longer description, and a type definition 1930 element. The name MUST be unique among all data types defined in the 1931 same library document and in any directly or indirectly included 1932 library documents. For example: 1934 1935 1936 ieeemacaddr 1937 48-bit IEEE MAC address 1938 ... type definition ... 1939 1940 1941 ipv4addr 1942 IPv4 address 1943 ... type definition ... 1944 1945 ... 1946 1948 There are two kinds of data types: atomic and compound. Atomic data 1949 types are appropriate for single-value variables (e.g. integer, 1950 string, byte array). 1952 The following built-in atomic data types are provided, but additional 1953 atomic data types can be defined with the and 1954 elements: 1956 Meaning 1957 ---- ------- 1958 char 8-bit signed integer 1959 uchar 8-bit unsigned integer 1960 int16 16-bit signed integer 1961 uint16 16-bit unsigned integer 1962 int32 32-bit signed integer 1963 uint32 32-bit unsigned integer 1964 int64 64-bit signed integer 1965 uint64 64-bit unsigned integer 1966 boolean A true / false value where 1967 0 = false, 1 = true 1968 string[N] A UTF-8 string represented in at most 1969 N Octets. 1970 string A UTF-8 string without a configured 1971 storage length limit. 1972 byte[N] A byte array of N bytes 1973 octetstring[N] A buffer of N octets, which may 1974 contain fewer than N octets. Hence 1975 the encoded value will always have 1976 a length. 1977 float16 16-bit floating point number 1978 float32 32-bit IEEE floating point number 1979 float64 64-bit IEEE floating point number 1981 These built-in data types can be readily used to define metadata or 1982 LFB attributes, but can also be used as building blocks when defining 1983 new data types. The boolean data type is defined here because it is 1984 so common, even though it can be built by sub-ranging the uchar data 1985 type. 1987 Compound data types can build on atomic data types and other compound 1988 data types. Compound data types can be defined in one of four ways. 1989 They may be defined as an array of components of some compound or 1990 atomic data type. They may be a structure of named components of 1991 compound or atomic data types (ala C structures). They may be a 1992 union of named components of compound or atomic data types (ala C 1993 unions). They may also be defined as augmentations (explained in 1994 Section 4.5.7) of existing compound data types. 1996 Given that the FORCES protocol will be getting and setting component 1997 values, all atomic data types used here must be able to be conveyed 1998 in the FORCES protocol. Further, the FORCES protocol will need a 1999 mechanism to convey compound data types. However, the details of 2000 such representations are for the ForCES Protocol [2] document to 2001 define, not the model document. Strings and octetstrings must be 2002 conveyed with their length, as they are not delimited, and are 2003 variable length. 2005 With regard to strings, this model defines a small set of 2006 restrictions and definitions on how they are structured. String and 2007 octetstring length limits can be specified in the LFB Class 2008 definitions. The component properties for string and octetstring 2009 components also contain actual lengths and length limits. This 2010 duplication of limits is to allow for implementations with smaller 2011 limits than the maximum limits specified in the LFB Class definition. 2012 In all cases, these lengths are specified in octets, not in 2013 characters. In terms of protocol operation, as long as the specified 2014 length is within the FE's supported capabilities, the FE stores the 2015 contents of a string exactly as provided by the CE, and returns those 2016 contents when requested. No canonicalization, transformations, or 2017 equivalences are performed by the FE. components of type string (or 2018 string[n]) may be used to hold identifiers for correlation with 2019 components in other LFBs. In such cases, an exact octet for octet 2020 match is used. No equivalences are used by the FE or CE in 2021 performing that matching. The ForCES Protocol [2] does not perform 2022 or require validation of the content of UTF-8 strings. However, 2023 UTF-8 strings SHOULD be encoded in the shortest form to avoid 2024 potential security issues described in [11]. Any entity displaying 2025 such strings is expected to perform its own validation (for example 2026 for correct multi-byte characters, and for ensuring that the string 2027 does not end in the middle of a multi-byte sequence.) Specific LFB 2028 class definitions may restrict the valid contents of a string as 2029 suited to the particular usage (for example, a component that holds a 2030 DNS name would be restricted to hold only octets valid in such a 2031 name.) FEs should validate the contents of SET requests for such 2032 restricted components at the time the set is performed, just as range 2033 checks for range limited components are performed. The ForCES 2034 protocol behavior defines the normative processing for requests using 2035 that protocol. 2037 For the definition of the actual type in the element, 2038 the following elements are available: , , , 2039 , and . 2041 The predefined type alias is somewhere between the atomic and 2042 compound data types. It behaves like a structure, one component of 2043 which has special behavior. Given that the special behavior is tied 2044 to the other parts of the structure, the compound result is treated 2045 as a predefined construct. 2047 4.5.1. Element for Aliasing Existing Data Types 2049 The element refers to an existing data type by its name. 2050 The referred data type MUST be defined either in the same library 2051 document, or in one of the included library documents. If the 2052 referred data type is an atomic data type, the newly defined type 2053 will also be regarded as atomic. If the referred data type is a 2054 compound type, the new type will also be compound. Some usage 2055 examples follow: 2057 2058 short 2059 Alias to int16 2060 int16 2061 2062 2063 ieeemacaddr 2064 48-bit IEEE MAC address 2065 byte[6] 2066 2068 4.5.2. Element for Deriving New Atomic Types 2070 The element allows the definition of a new atomic type from 2071 an existing atomic type, applying range restrictions and/or providing 2072 special enumerated values. Note that the element can only 2073 use atomic types as base types, and its result MUST be another atomic 2074 type. 2076 For example, the following snippet defines a new "dscp" data type: 2078 2079 dscp 2080 Diffserv code point. 2081 2082 uchar 2083 2084 2085 2086 2087 2088 DSCP-BE 2089 Best Effort 2090 2091 ... 2092 2093 2094 2096 4.5.3. Element to Define Arrays 2098 The element can be used to create a new compound data type as 2099 an array of a compound or an atomic data type. Depending upon 2100 context, this document, and others, refer to such arrays as tables or 2101 arrays interchangeably, without semantic or syntactic implication. 2102 The type of the array entry can be specified either by referring to 2103 an existing type (using the element) or defining an unnamed 2104 type inside the element using any of the , , 2105 , or elements. 2107 The array can be "fixed-size" or "variable-size", which is specified 2108 by the "type" attribute of the element. The default is 2109 "variable-size". For variable size arrays, an optional "max-length" 2110 attribute specifies the maximum allowed length. This attribute 2111 should be used to encode semantic limitations, not implementation 2112 limitations. The latter should be handled by capability attributes 2113 of LFB classes, and should never be included in data type array is 2114 regarded as of unlimited-size. 2116 For fixed-size arrays, a "length" attribute MUST be provided that 2117 specifies the constant size of the array. 2119 The result of this construct MUST always be a compound type, even if 2120 the array has a fixed size of 1. 2122 Arrays MUST only be subscripted by integers, and will be presumed to 2123 start with index 0. 2125 In addition to their subscripts, arrays may be declared to have 2126 content keys. Such a declaration has several effects: 2128 o Any declared key can be used in the ForCES protocol to select a 2129 component for operations (for details, see the ForCES Protocol 2130 [2]). 2132 o In any instance of the array, each declared key must be unique 2133 within that instance. No two components of an array may have the 2134 same values on all the fields which make up a key. 2136 Each key is declared with a keyID for use in the ForCES Protocol [2], 2137 where the unique key is formed by combining one or more specified key 2138 fields. To support the case where an array of an atomic type with 2139 unique values can be referenced by those values, the key field 2140 identifier may be "*" (i.e., the array entry is the key). If the 2141 value type of the array is a structure or an array, then the key is 2142 one or more components of the value type, each identified by name. 2143 Since the field may be a component of the contained structure, a 2144 component of a component of a structure, or further nested, the field 2145 name is actually a concatenated sequence of component identifiers, 2146 separated by decimal points ("."). The syntax for key field 2147 identification is given following the array examples. 2149 The following example shows the definition of a fixed size array with 2150 a pre-defined data type as the array content type: 2152 2153 dscp-mapping-table 2154 2155 A table of 64 DSCP values, used to re-map code space. 2156 2157 2158 dscp 2159 2160 2162 The following example defines a variable size array with an upper 2163 limit on its size: 2165 2166 mac-alias-table 2167 A table with up to 8 IEEE MAC addresses 2168 2169 ieeemacaddr 2170 2171 2173 The following example shows the definition of an array with a local 2174 (unnamed) content type definition: 2176 2177 classification-table 2178 2179 A table of classification rules and result opcodes. 2180 2181 2182 2183 2184 rule 2185 The rule to match 2186 classrule 2187 2188 2189 opcode 2190 The result code 2191 opcode 2192 2193 2194 2195 2197 In the above example, each entry of the array is a of two 2198 components ("rule" and "opcode"). 2200 The following example shows a table of IP Prefix information that can 2201 be accessed by a multi-field content key on the IP Address and prefix 2202 length. This means that in any instance of this table, no two 2203 entries can have the same IP address and prefix length. 2205 2206 ipPrefixInfo_table 2207 2208 A table of information about known prefixes 2209 2210 2211 2212 2213 address-prefix 2214 the prefix being described 2215 ipv4Prefix 2216 2217 2218 source 2219 2220 the protocol or process providing this information 2221 2222 uint16 2223 2224 2225 prefInfo 2226 the information we care about 2227 hypothetical-info-type 2228 2229 2230 2231 address-prefix.ipv4addr 2232 address-prefix.prefixlen 2233 source 2234 2235 2236 2238 Note that the keyField elements could also have been simply address- 2239 prefix and source, since all of the fields of address-prefix are 2240 being used. 2242 4.5.3.1. Key Field References 2244 In order to use key declarations, one must refer to components that 2245 are potentially nested inside other components in the array. If 2246 there are nested arrays, one might even use an array element as a key 2247 (but great care would be needed to ensure uniqueness.) 2248 The key is the combination of the values of each field declared in a 2249 keyField element. 2251 Therefore, the value of a keyField element MUST be a concatenated 2252 Sequence of field identifiers, separated by a "." (period) character. 2253 Whitespace is permitted and ignored. 2255 A valid string for a single field identifier within a keyField 2256 depends upon the current context. Initially, in an array key 2257 declaration, the context is the type of the array. Progressively, 2258 the context is whatever type is selected by the field identifiers 2259 processed so far in the current key field declaration. 2261 When the current context is an array, (e.g., when declaring a key for 2262 an array whose content is an array) then the only valid value for the 2263 field identifier is an explicit number. 2265 When the current context is a structure, the valid values for the 2266 field identifiers are the names of the components of the structure. 2267 In the special case of declaring a key for an array containing an 2268 atomic type, where that content is unique and is to be used as a key, 2269 the value "*" can be used as the single key field identifier. 2271 4.5.4. Element to Define Structures 2273 A structure is comprised of a collection of data components. Each 2274 data components has a data type (either an atomic type or an existing 2275 compound type) and is assigned a name unique within the scope of the 2276 compound data type being defined. These serve the same function as 2277 "struct" in C, etc. 2279 The actual type of the component can be defined by referring to an 2280 existing type (using the element), or can be a locally 2281 defined (unnamed) type created by any of the , , 2282 , or elements. 2284 A structure definition is a series of component declarations. Each 2285 component carries a componentID for use by the ForCES protocol. In 2286 addition, the component declaration contains the name of the 2287 component, a synopsis, an optional description, an optional 2288 declaration that the component itself is optional, and the typeRef 2289 declaration that specifies the component type. 2291 For a dataTypeDef of a struct, the structure definition may be 2292 inherited from, and augment, a previously defined structured type. 2293 This is indicated by including the derivedFrom attribute on the 2294 struct declaration. 2296 The result of this construct MUST be a compound type, even when the 2297 contains only one field. 2299 An example: 2301 2302 ipv4prefix 2303 2304 IPv4 prefix defined by an address and a prefix length 2305 2306 2307 2308 address 2309 Address part 2310 ipv4addr 2311 2312 2313 prefixlen 2314 Prefix length part 2315 2316 uchar 2317 2318 2319 2320 2321 2322 2323 2325 4.5.5. Element to Define Union Types 2327 Similar to the union declaration in C, this construct allows the 2328 definition of overlay types. Its format is identical to the 2329 element. 2331 The result of this construct MUST be a compound type, even when the 2332 union contains only one element. 2334 4.5.6. Element 2336 It is sometimes necessary to have a component in an LFB or structure 2337 refer to information (a component) in other LFBs. The 2338 declaration creates the constructs for this. The content of an 2339 element MUST be a named type. Whatever component the alias 2340 references (whcih is determined by the alias component properties, as 2341 described below) that component must be of the same type as that 2342 declared for the alias. Thus, when the CE or FE dereferences the 2343 alias component, the type of the information returned is known. The 2344 type can be a base type or a derived type. The actual value 2345 referenced by an alias is known as its target. When a GET or SET 2346 operation references the alias element, the value of the target is 2347 returned or replaced. Write access to an alias element is permitted 2348 if write access to both the alias and the target are permitted. 2350 The target of a component declared by an element is 2351 determined by it the components properties. Like all components, the 2352 properties MUST include the support / read / write permission for the 2353 alias. In addition, there are several fields (components) in the 2354 alias properties which define the target of the alias. These 2355 components are the ID of the LFB class of the target, the ID of the 2356 LFB instance of the target, and a sequence of integers representing 2357 the path within the target LFB instance to the target component. The 2358 type of the target element must match the declared type of the alias. 2359 Details of the alias property structure are described in Section 4.8 2360 of this document on properties. 2362 Note that the read / write property of the alias refers to the value. 2363 The CE can only determine if it can write the target selection 2364 properties of the alias by attempting such a write operation. 2365 (Property components do not themselves have properties.) 2367 4.5.7. Augmentations 2369 Compound types can also be defined as augmentations of existing 2370 compound types. If the existing compound type is a structure, 2371 augmentation may add new elements to the type. The type of an 2372 existing component can be replaced in the definition of an augmenting 2373 structure, but only with an augmentation derived from the current 2374 type of the existing component. An existing component cannot be 2375 deleted. If the existing compound type is an array, augmentation 2376 means augmentation of the array element type. 2378 One consequence of this is that augmentations are backwards 2379 compatible with the compound type from which they are derived. As 2380 such, augmentations are useful in defining components for LFB 2381 subclasses with backward compatibility. In addition to adding new 2382 components to a class, the data type of an existing components may be 2383 replaced by an augmentation of that component, and still meet the 2384 compatibility rules for subclasses. 2386 For example, consider a simple base LFB class A that has only one 2387 component (comp1) of type X. One way to derive class A1 from A can be 2388 by simply adding a second component (of any type). Another way to 2389 derive a class A2 from A can be by replacing the original component 2390 (comp1) in A of type X with one of type Y, where Y is an augmentation 2391 of X. Both classes A1 and A2 are backward compatible with class A. 2393 The syntax for augmentations is to include a element in 2394 a structure definition, indicating what structure type is being 2395 augmented. Component names and component IDs within the augmentation 2396 must not be the same as those in the structure type being augmented. 2398 4.6. Element for Metadata Definitions 2400 The (optional) element in the library document 2401 contains one or more elements. Each 2402 element defines a metadatum. 2404 Each element MUST contain a unique name (NMTOKEN). 2405 Uniqueness is defined to be over all metadata defined in this library 2406 document and in all directly or indirectly included library 2407 documents. The element MUST also contain a brief 2408 synopsis, the mandatory tag value to be used for this metadata, an 2409 optional detailed description, and a mandatory type definition 2410 information. Only atomic data types can be used as value types for 2411 metadata. 2413 Two forms of type definitions are allowed. The first form uses the 2414 element to refer to an existing atomic data type defined in 2415 the element of the same library document or in one of 2416 the included library documents. The usage of the element 2417 is identical to how it is used in the elements, except 2418 here it can only refer to atomic types. The latter restriction is 2419 not yet enforced by the XML schema. 2421 The second form is an explicit type definition using the 2422 element. This element is used here in the same way as in the 2423 elements. 2425 The following example shows both usages: 2427 2428 2429 NEXTHOPID 2430 Refers to a Next Hop entry in NH LFB 2431 17 2432 int32 2433 2434 2435 CLASSID 2436 2437 Result of classification (0 means no match). 2438 2439 21 2440 2441 int32 2442 2443 2444 NOMATCH 2445 2446 Classification didn't result in match. 2447 2448 2449 2450 2451 2452 2454 4.7. Element for LFB Class Definitions 2456 The (optional) element can be used to define one or 2457 more LFB classes using elements. Each 2458 element MUST define an LFB class and include the following elements: 2460 o provides the symbolic name of the LFB class. Example: 2461 "ipv4lpm" 2463 o provides a short synopsis of the LFB class. Example: 2464 "IPv4 Longest Prefix Match Lookup LFB" 2466 o is the version indicator 2468 o is the inheritance indicator 2470 o lists the input ports and their specifications 2472 o lists the output ports and their specifications 2473 o defines the operational components of the LFB 2475 o defines the capability components of the LFB 2477 o contains the operational specification of the LFB 2479 o The LFBClassID attribute of the LFBClassDef element defines the ID 2480 for this class. These must be globally unique. 2482 o defines the events that can be generated by instances of 2483 this LFB. 2485 LFB Class Names must be unique, in order to enable other documents to 2486 reference the classes by name, and to enable human readers to 2487 understand references to class names. While a complex naming 2488 structure could be created, simplicity is preferred. As given in the 2489 IANA considerations section of this document, the IANA will maintain 2490 a registry of LFB Class names and Class identifiers, along with a 2491 reference to the document defining the class. 2493 Here is a skeleton of an example LFB class definition: 2495 2496 2497 ipv4lpm 2498 IPv4 Longest Prefix Match Lookup LFB 2499 1.0 2500 baseclass 2502 2503 ... 2504 2506 2507 ... 2508 2510 2511 ... 2512 2514 2515 ... 2516 2518 2519 This LFB represents the IPv4 longest prefix match lookup 2520 operation. 2521 The modeled behavior is as follows: 2522 Blah-blah-blah. 2523 2525 2526 ... 2527 2529 The individual components and capabilities will have componentIDs for 2530 use by the ForCES protocol. These parallel the componentIDs used in 2531 structs, and are used the same way. Component and capability 2532 componentIDs must be unique within the LFB class definition. 2534 Note that the , , and elements are 2535 required, all other elements are optional in . However, 2536 when they are present, they must occur in the above order. 2538 4.7.1. Element to Express LFB Inheritance 2540 The optional element can be used to indicate that this 2541 class is a derivative of some other class. The content of this 2542 element MUST be the unique name () of another LFB class. The 2543 referred LFB class MUST be defined in the same library document or in 2544 one of the included library documents. 2546 It is assumed that the derived class is backwards compatible with the 2547 base class. 2549 4.7.2. Element to Define LFB Inputs 2551 The optional element is used to define input ports. An 2552 LFB class may have zero, one, or more inputs. If the LFB class has 2553 no input ports, the element MUST be omitted. The 2554 element can contain one or more elements, 2555 one for each port or port-group. We assume that most LFBs will have 2556 exactly one input. Multiple inputs with the same input type are 2557 modeled as one input group. Input groups are defined the same way as 2558 input ports by the element, differentiated only by an 2559 optional "group" attribute. 2561 Multiple inputs with different input types should be avoided if 2562 possible (see discussion in Section 4.7.3). Some special LFBs will 2563 have no inputs at all. For example, a packet generator LFB does not 2564 need an input. 2566 Single input ports and input port groups are both defined by the 2567 element; they are differentiated by only an optional 2568 "group" attribute. 2570 The element MUST contain the following elements: 2572 o provides the symbolic name of the input. Example: "in". 2573 Note that this symbolic name must be unique only within the scope 2574 of the LFB class. 2576 o contains a brief description of the input. Example: 2577 "Normal packet input". 2579 o lists all allowed frame formats. Example: {"ipv4" 2580 and "ipv6"}. Note that this list should refer to names specified 2581 in the element of the same library document or in any 2582 included library documents. The element can also 2583 provide a list of required metadata. Example: {"classid", 2584 "vifid"}. This list should refer to names of metadata defined in 2585 the element in the same library document or in any 2586 included library documents. For each metadata, it must be 2587 specified whether the metadata is required or optional. For each 2588 optional metadata, a default value must be specified, which is 2589 used by the LFB if the metadata is not provided with a packet. 2591 In addition, the optional "group" attribute of the 2592 element can specify if the port can behave as a port group, i.e., it 2593 is allowed to be instantiated. This is indicated by a "true" value 2594 (the default value is "false"). 2596 An example element, defining two input ports, the second 2597 one being an input port group: 2599 2600 2601 in 2602 Normal input 2603 2604 2605 ipv4 2606 ipv6 2607 2608 2609 classid 2610 vifid 2611 vrfid 2612 2613 2614 2615 2616 ... another input port ... 2617 2618 2620 For each , the frame type expectations are defined by the 2621 element using one or more elements (see example 2622 above). When multiple frame types are listed, it means that "one of 2623 these" frame types is expected. A packet of any other frame type is 2624 regarded as incompatible with this input port of the LFB class. The 2625 above example list two frames as expected frame types: "ipv4" and 2626 "ipv6". 2628 Metadata expectations are specified by the 2629 element. In its simplest form, this element can contain a list of 2630 elements, each referring to a metadatum. When multiple 2631 instances of metadata are listed by elements, it means that 2632 "all of these" metadata must be received with each packet (except 2633 metadata that are marked as "optional" by the "dependency" attribute 2634 of the corresponding element). For a metadatum that is 2635 specified "optional", a default value MUST be provided using the 2636 "defaultValue" attribute. The above example lists three metadata as 2637 expected metadata, two of which are mandatory ("classid" and 2638 "vifid"), and one being optional ("vrfid"). 2640 The schema also allows for more complex definitions of metadata 2641 expectations. For example, using the element, a list of 2642 metadata can be specified to express that at least one of the 2643 specified metadata must be present with any packet. For example: 2645 2646 2647 prefixmask 2648 prefixlen 2649 2650 2652 The above example specifies that either the "prefixmask" or the 2653 "prefixlen" metadata must be provided with any packet. 2655 The two forms can also be combined, as it is shown in the following 2656 example: 2658 2659 classid 2660 vifid 2661 vrfid 2662 2663 prefixmask 2664 prefixlen 2665 2666 2668 Although the schema is constructed to allow even more complex 2669 definitions of metadata expectations, we do not discuss those here. 2671 4.7.3. Element to Define LFB Outputs 2673 The optional element is used to define output ports. 2674 An LFB class may have zero, one, or more outputs. If the LFB class 2675 has no output ports, the element MUST be omitted. The 2676 element can contain one or more elements, 2677 one for each port or port-group. If there are multiple outputs with 2678 the same output type, we model them as an output port group. Some 2679 special LFBs may have no outputs at all (e.g., Dropper). 2681 Single output ports and output port groups are both defined by the 2682 element; they are differentiated by only an optional 2683 "group" attribute. 2685 The element MUST contain the following elements: 2687 o provides the symbolic name of the output. Example: "out". 2688 Note that the symbolic name must be unique only within the scope 2689 of the LFB class. 2691 o contains a brief description of the output port. 2692 Example: "Normal packet output". 2694 o lists the allowed frame formats. Example: {"ipv4", 2695 "ipv6"}. Note that this list should refer to symbols specified in 2696 the element in the same library document or in any 2697 included library documents. The element may also 2698 contain the list of emitted (generated) metadata. Example: 2699 {"classid", "color"}. This list should refer to names of metadata 2700 specified in the element in the same library 2701 document or in any included library documents. For each generated 2702 metadata, it should be specified whether the metadata is always 2703 generated or generated only in certain conditions. This 2704 information is important when assessing compatibility between 2705 LFBs. 2707 In addition, the optional "group" attribute of the 2708 element can specify if the port can behave as a port group, i.e., it 2709 is allowed to be instantiated. This is indicated by a "true" value 2710 (the default value is "false"). 2712 The following example specifies two output ports, the second being an 2713 output port group: 2715 2716 2717 out 2718 Normal output 2719 2720 2721 ipv4 2722 ipv4bis 2723 2724 2725 nhid 2726 nhtabid 2727 2728 2729 2730 2731 exc 2732 Exception output port group 2733 2734 2735 ipv4 2736 ipv4bis 2737 2738 2739 errorid 2740 2741 2742 2743 2745 The types of frames and metadata the port produces are defined inside 2746 the element in each . Within the 2747 element, the list of frame types the port produces is listed in the 2748 element. When more than one frame is listed, it 2749 means that "one of" these frames will be produced. 2751 The list of metadata that is produced with each packet is listed in 2752 the optional element of the . In its 2753 simplest form, this element can contain a list of elements, 2754 each referring to a metadatum type. The meaning of such a list is 2755 that "all of" these metadata are provided with each packet, except 2756 those that are listed with the optional "availability" attribute set 2757 to "conditional". Similar to the element of the 2758 , the element supports more complex 2759 forms, which we do not discuss here further. 2761 4.7.4. Element to Define LFB Operational Components 2763 Operational parameters of the LFBs that must be visible to the CEs 2764 are conceptualized in the model as the LFB components. These 2765 include, for example, flags, single parameter arguments, complex 2766 arguments, and tables. Note that the components here refer to only 2767 those operational parameters of the LFBs that must be visible to the 2768 CEs. Other variables that are internal to LFB implementation are not 2769 regarded as LFB components and hence are not covered. 2771 Some examples for LFB components are: 2773 o Configurable flags and switches selecting between operational 2774 modes of the LFB 2776 o Number of inputs or outputs in a port group 2778 o Metadata CONSUME vs.PROPAGATE mode selector 2780 o Various configurable lookup tables, including interface tables, 2781 prefix tables, classification tables, DSCP mapping tables, MAC 2782 address tables, etc. 2784 o Packet and byte counters 2786 o Various event counters 2788 o Number of current inputs or outputs for each input or output group 2790 There may be various access permission restrictions on what the CE 2791 can do with an LFB component. The following categories may be 2792 supported: 2794 o No-access components. This is useful when multiple access modes 2795 may be defined for a given component to allow some flexibility for 2796 different implementations. 2798 o Read-only components. 2800 o Read-write components. 2802 o Write-only components. This could be any configurable data for 2803 which read capability is not provided to the CEs. (e.g., the 2804 security key information) 2806 o Read-reset components. The CE can read and reset this resource, 2807 but cannot set it to an arbitrary value. Example: Counters. 2809 o Firing-only components. A write attempt to this resource will 2810 trigger some specific actions in the LFB, but the actual value 2811 written is ignored. 2813 The LFB class may define only one possible access mode for a given 2814 component. 2816 The components of the LFB class are listed in the 2817 element. Each component is defined by an element. An 2818 element MUST contain the following elements: 2820 o defines the name of the component.This name must be unique 2821 among the components of the LFB class. Example: "version". 2823 o should provide a brief description of the purpose of 2824 the component. 2826 o indicates that this component is optional. 2828 o The data type of the component can be defined either via a 2829 reference to a predefined data type or providing a local 2830 definition of the type. The former is provided by using the 2831 element, which must refer to the unique name of an 2832 existing data type defined in the element in the 2833 same library document or in any of the included library documents. 2834 When the data type is defined locally (unnamed type), one of the 2835 following elements can be used: , , , and 2836 . Their usage is identical to how they are used inside 2837 elements (see Section 4.5). 2839 o The optional element can specify a default value 2840 for the component, which is applied when the LFB is initialized or 2841 reset. 2843 The element also MUST have an componentID attribute, 2844 which is a numeric value used by the ForCES protocol. 2846 In addition to the above elements, the element includes 2847 an optional "access" attribute, which can take any of the following 2848 values: "read-only", "read-write", "write-only", "read-reset", and 2849 "trigger-only". The default access mode is "read-write". 2851 Whether optional components are supported, and whether components 2852 defined as read-write can actually be written can be determined for a 2853 given LFB instance by the CE by reading the property information of 2854 that component. An access control setting of "trigger-only" means 2855 that this component is included only for use in event detection. 2857 The following example defines two attributes for an LFB: 2859 2860 2861 foo 2862 number of things 2863 uint32 2864 2865 2866 bar 2867 number of this other thing 2868 2869 uint32 2870 2871 2872 2873 2874 10 2875 2876 2878 The first component ("foo") is a read-only 32-bit unsigned integer, 2879 defined by referring to the built-in "uint32" atomic type. The 2880 second component ("bar") is also an integer, but uses the 2881 element to provide additional range restrictions. This component has 2882 access mode of read-write allowing it to be both read and written. A 2883 default value of 10 is provided for bar. although the access for bar 2884 is read-write, some implementations may offer only more restrictive 2885 access, and this would be reported in the component properties. 2887 Note that not all components are likely to exist at all times in a 2888 particular implementation. While the capabilities will frequently 2889 indicate this non-existence, CEs may attempt to reference non- 2890 existent or non-permitted attributes anyway. The FORCES protocol 2891 mechanisms should include appropriate error indicators for this case. 2893 The mechanism defined above for non-supported component can also 2894 apply to attempts to reference non-existent array elements or to set 2895 read-only components. 2897 4.7.5. Element to Define LFB Capability Components 2899 The LFB class specification provides some flexibility for the FE 2900 implementation regarding how the LFB class is implemented. For 2901 example, the instance may have some limitations that are not inherent 2902 from the class definition, but rather the result of some 2903 implementation limitations. Some of these limitations are captured 2904 by the property information of the LFB components. The model allows 2905 for the notion of additional capability information. 2907 Such capability related information is expressed by the capability 2908 components of the LFB class. The capability components are always 2909 read-only attributes, and they are listed in a separate 2910 element in the . The 2911 element contains one or more elements, each defining one 2912 capability component. The format of the element is 2913 almost the same as the element, it differs in two 2914 aspects: it lacks the access mode attribute (because it is always 2915 read-only), and it lacks the element (because default 2916 value is not applicable to read-only attributes). 2918 Some examples of capability components follow: 2920 o The version of the LFB class that this LFB instance complies with; 2922 o Supported optional features of the LFB class; 2924 o Maximum number of configurable outputs for an output group; 2926 o Metadata pass-through limitations of the LFB; 2928 o Additional range restriction on operational components; 2930 The following example lists two capability attributes: 2932 2933 2934 version 2935 2936 LFB class version this instance is compliant with. 2937 2938 version 2939 2940 2941 limitBar 2942 2943 Maximum value of the "bar" attribute. 2944 2945 uint16 2946 2947 2949 4.7.6. Element for LFB Notification Generation 2951 The element contains the information about the occurrences 2952 for which instances of this LFB class can generate notifications to 2953 the CE. High level view on the declaration and operation of LFB 2954 events is described in Section 3.2.5. 2956 The element contains 0 or more elements, each of 2957 which declares a single event. The element has an eventID 2958 attribute giving the unique (per LFB class) ID of the event. The 2959 element will include: 2961 o element indicating which LFB field (component) is 2962 tested to generate the event; 2964 o element indicating what condition on the field will 2965 generate the event from a list of defined conditions; 2967 o element indicating what values are to be reported 2968 in the notification of the event. 2970 The example below demonstrates the different constructs. 2972 The element has a baseID attribute value, which is normally 2973 . The value of the baseID is the starting 2974 componentID for the path which identifies events. It must not be the 2975 same as the componentID of any top level components (including 2976 capabilities) of the LFB class. In derived LFBs (i.e. ones with a 2977 element) where the parent LFB class has an events 2978 declaration, the baseID must not be present in the derived LFB 2979 element. Instead, the baseID value from the parent LFB 2980 class is used. In the example shown the baseID is 7. 2982 2983 2984 Foochanged 2985 2986 An example event for a scalar 2987 2988 2989 foo 2990 2991 2992 2993 2994 2995 foo 2996 2998 2999 3001 3002 Goof1changed 3003 3004 An example event for a complex structure 3005 3006 3007 3008 goo 3009 f1 3010 3011 3012 3013 3014 3015 goo 3016 f1 3017 3018 3019 3021 3022 NewbarEntry 3023 3024 Event for a new entry created on table bar 3025 3026 3027 bar 3028 _barIndex_ 3029 3030 3031 3032 3033 bar 3034 _barIndex_ 3035 3036 3037 foo 3038 3039 3040 3042 3043 Gah11changed 3044 3045 Event for table gah, entry index 11 changing 3047 3048 3049 gah 3050 11 3051 3052 3053 3054 3055 gah 3056 11 3057 3058 3059 3061 3062 Gah10field1 3063 3064 Event for table gah, entry index 10, column field1 changing 3065 3066 3067 gah 3068 10 3069 field1 3070 3071 3072 3073 3074 gah 3075 10 3076 3077 3078 3079 3081 4.7.6.1. Element 3083 The element contains information identifying a field in 3084 the LFB that is to be monitored for events. 3086 The element contains one or more each of 3087 which may be followed by one or more elements. Each 3088 of these two elements represent the textual equivalent of a path 3089 select component of the LFB. 3091 The element contains the name of a component in the LFB 3092 or a component nested in an array or structure within the LFB. The 3093 name used in MUST identify a valid component within the 3094 containing LFB context. The first element in a MUST be 3095 an element. In the example shown, four LFB components 3096 foo, goo, bar and gah are used as s. 3098 In the simple case, an identifies an atomic component. 3099 This is the case illustrated in the event named Foochanged. 3100 is also used to address complex components such as 3101 arrays or structures. 3103 The first defined event, Foochanged, demonstrates how a scalar LFB 3104 component, foo, could be monitored to trigger an event. 3106 The second event, Goof1changed, demonstrates how a member of the 3107 complex structure goo could be monitored to trigger an event. 3109 The events named NewbarEntry, Gah11changed and Gah10field1 3110 represent monitoring of arrays bar and gah in differing details. 3112 If an identifies a complex component then a further 3113 may be used to refine the path to the target element. 3114 Defined event Goof1changed demonstrates how a second is 3115 used to point to member f1 of the structure goo. 3117 If an identifies an array then the following rules 3118 apply: 3120 o elements MUST be present as the next XML element 3121 after an which identifies an array component. 3122 MUST NOT occur other than after an array 3123 reference, as it is only meaningful in that context. 3125 o An may contain: 3127 * A numeric value to indicate that the event applies to a 3128 specific entry (by index) of the array. As an example, event 3129 Gah11changed shows how table gah's index 11 is being targeted 3130 for monitoring. 3132 * It is expected that the more common usage is to have the event 3133 being defined across all elements of the array (i.e a wildcard 3134 for all indices). In that case, the value of the 3135 MUST be a name rather than a numeric value. 3136 That same name can then be used as the value of 3137 in elements as described below. 3138 An example of a wild card table index is shown in event 3139 NewBarentry where the value is named 3140 _barIndex_ 3142 o An may follow an to further refine 3143 the path to the target element (Note: this is in the same spirit 3144 as the case where is used to further refine 3145 in the earlier example of a complex structure example 3146 of Goof1changed). The example event Gah10field1 illustrates how 3147 the column field1 of table gah is monitored for changes. 3149 It should be emphasized that the name in an element 3150 in defined event NewbarEntry is not a component name. It is a 3151 variable name for use in the elements (described in 3152 Section 4.7.6.3) of the given LFB definition. This name MUST be 3153 distinct from any component name that can validly occur in the 3154 clause. 3156 4.7.6.2. Element 3158 The event condition element represents a condition that triggers a 3159 notification. The list of conditions is: 3161 o the target must be an array, ending with a 3162 subscript indication. The event is generated when an entry in the 3163 array is created. This occurs even if the entry is created by CE 3164 direction. The event example NewbarEntry demonstrates the 3165 condition. 3167 o the target must be an array, ending with a 3168 subscript indication. The event is generated when an entry in the 3169 array is destroyed. This occurs even if the entry is destroyed by 3170 CE direction. 3172 o the event is generated whenever the target 3173 component changes in any way. For binary components such as up/ 3174 down, this reflects a change in state. It can also be used with 3175 numeric attributes, in which case any change in value results in a 3176 detected trigger. Event examples Foochanged, Gah11changed, and 3177 Gah10field1 illustrate the condition. 3179 o the event is generated whenever the target 3180 component becomes greater than the threshold. The threshold is an 3181 event property. 3183 o the event is generated whenever the target 3184 component becomes less than the threshold. The threshold is an 3185 event property. 3187 4.7.6.3. Element 3189 The element of an declare the information to 3190 be delivered by the FE along with the notification of the occurrence 3191 of the event. 3193 The element contains one or more 3194 elements. Each element identifies a piece of data from 3195 the LFB class to be reported. The notification carries that data as 3196 if the collection of elements had been defined in a 3197 structure. The syntax is exactly the same as used in the 3198 element, using and 3199 elements and so the same rules apply. Each element 3200 thus MUST identify a component in the LFB class. may 3201 contain integers. If they contain names, they MUST be names from 3202 elements of the in the event. The 3203 selection for the report will use the value for the subscript that 3204 identifies that specific element triggering the event. This can be 3205 used to reference the component causing the event, or to reference 3206 related information in parallel tables. 3208 In the example shown, in the case of the event Foochanged, the report 3209 will carry the value of foo; in the case of the defined event 3210 NewbarEntry acting on LFB component bar, which is an array, there are 3211 two items that are reported as indicated by the two 3212 declarations: 3214 o The first details what new entry was added in the 3215 table bar. Recall that _barIndex_ is declared as the event's 3216 and that by virtue of using a name 3217 instead of a numeric value, the is implied to be a 3218 wildcard and will carry whatever index of the new entry. 3220 o The second includes the value of LFB component foo 3221 at the time the new entry was created in bar. Reporting foo in 3222 this case is provided to demonstrate the flexibility of event 3223 reporting. 3225 This event reporting structure is designed to allow the LFB designer 3226 to specify information that is likely not known a priori by the CE 3227 and is likely needed by the CE to process the event. While the 3228 structure allows for pointing at large blocks of information (full 3229 arrays or complex structures) this is not recommended. Also, the 3230 variable reference/subscripting in reporting only captures a small 3231 portion of the kinds of related information. Chaining through index 3232 fields stored in a table, for example, is not supported. In general, 3233 the mechanism is an optimization for cases that have 3234 been found to be common, saving the CE from having to query for 3235 information it needs to understand the event. It does not represent 3236 all possible information needs. 3238 If any components referenced by the eventReport are optional, then 3239 the The report MUST use a protocol format that supports optional 3240 elements and allows for the non-existence of such elements. Any 3241 components which do not exist are not reported. 3243 4.7.6.4. Runtime control of events 3245 High level view on the declaration and operation of LFB events is 3246 described in Section 3.2.5. 3248 The provides additional components used in the path to 3249 reference the event. The path constitutes the baseID for events, 3250 followed by the ID for the specific event, followed by a value for 3251 each element if it exists in the . 3253 The event path will uniquely identify a specific occurrence of the 3254 event in the event notification to the CE. In the example provided, 3255 a notification with path of 7.7 uniquely identifies the event to be 3256 that caused by the change of foo; an event with path 7.9.100 uniquely 3257 identifies the event to be that caused by a creation of table bar 3258 entry with index/subscript 100. 3260 As described in the Section 4.8.5, event elements have properties 3261 associated with them. These properties include the subscription 3262 information indicating whether the CE wishes the FE to generate event 3263 reports for the event at all, thresholds for events related to level 3264 crossing, and filtering conditions that may reduce the set of event 3265 notifications generated by the FE. Details of the filtering 3266 conditions that can be applied are given in that section. The 3267 filtering conditions allow the FE to suppress floods of events that 3268 could result from oscillation around a condition value. For FEs that 3269 do not wish to support filtering, the filter properties can either be 3270 read only or not supported. 3272 In addition to identifying the event sources, the CE also uses the 3273 event path to activate runtime control of the event via the event 3274 properties (defined in Section 4.8.5) utilizing SET-PROP as defined 3275 in ForCES Protocol [2] operation. 3277 To activate event generation on the FE, a SET-PROP message 3278 referencing the event and registration property of the event is 3279 issued to the FE by the CE with any prefix of the path of the event. 3280 So, for an event defined on the example table bar, a SET-PROP with a 3281 path of 7.9 will subscribe the CE to all occurrences of that event on 3282 any entry of the table. This is particularly useful for the 3283 and conditions on tables. Events 3284 using those conditions will generally be defined with a field/ 3285 subscript sequence that identifies an array and ends with an 3286 element. Thus, the event notification will indicate 3287 which array entry has been created or destroyed. A typical 3288 subscriber will subscribe for the array, as opposed to a specific 3289 entry in an array, so it will use a shorter path. 3291 In the example provided, subscribing to 7.8 implies receiving all 3292 declared events from table bar. Subscribing to 7.8.100 implies 3293 receiving an event when subscript/index 100 table entry is created. 3295 Threshold and filtering conditions can only be applied to individual 3296 events. For events defined on elements of an array, this 3297 specification does not allow for defining a threshold or filtering 3298 condition on an event for all elements of an array. 3300 4.7.7. Element for LFB Operational Specification 3302 The element of the provides unstructured 3303 text (in XML sense) to verbally describe what the LFB does. 3305 4.8. Properties 3307 Components of LFBs have properties which are important to the CE. 3308 The most important property is the existence / readability / 3309 writeability of the element. Depending on the type of the component, 3310 other information may be of importance. 3312 The model provides the definition of the structure of property 3313 information. There is a base class of property information. For the 3314 array, alias, and event components there are subclasses of property 3315 information providing additional fields. This information is 3316 accessed by the CE (and updated where applicable) via the PL 3317 protocol. While some property information is writeable, there is no 3318 mechanism currently provided for checking the properties of a 3319 property element. Writeability can only be checked by attempting to 3320 modify the value. 3322 4.8.1. Basic Properties 3324 The basic property definition, along with the scalar for 3325 accessibility is below. Note that this access permission information 3326 is generally read-only. 3328 3329 accessPermissionValues 3330 3331 The possible values of attribute access permission 3332 3333 3334 uchar 3335 3336 3337 None 3338 Access is prohibited 3339 3340 3341 Read-Only 3342 Access is read only 3343 3344 3345 Write-Only 3346 3347 The attribute may be written, but not read 3348 3349 3350 3351 Read-Write 3352 3353 The attribute may be read or written 3354 3355 3356 3357 3358 3359 3360 baseElementProperties 3361 basic properties, accessibility 3362 3363 3364 accessibility 3365 3366 does the element exist, and 3367 can it be read or written 3368 3369 accessPermissionValues 3370 3371 3372 3374 4.8.2. Array Properties 3376 The properties for an array add a number of important pieces of 3377 information. These properties are also read-only. 3379 3380 arrayElementProperties 3381 3382 baseElementProperties 3383 3384 entryCount 3385 the number of entries in the array 3386 uint32 3387 3388 3389 highestUsedSubscript 3390 the last used subscript in the array 3391 uint32 3392 3393 3394 firstUnusedSubscript 3395 3396 The subscript of the first unused array element 3397 3398 uint32 3399 3400 3401 3403 4.8.3. String Properties 3405 The properties of a string specify the actual octet length and the 3406 maximum octet length for the element. The maximum length is included 3407 because an FE implementation may limit a string to be shorter than 3408 the limit in the LFB Class definition. 3410 3411 stringElementProperties 3412 3413 baseElementProperties 3414 3415 stringLength 3416 the number of octets in the string 3417 uint32 3418 3419 3420 maxStringLength 3421 3422 the maximum number of octets in the string 3423 3424 uint32 3425 3426 3427 3429 4.8.4. Octetstring Properties 3431 The properties of an octetstring specify the actual length and the 3432 maximum length, since the FE implementation may limit an octetstring 3433 to be shorter than the LFB Class definition. 3435 3436 octetstringElementProperties 3437 3438 baseElementProperties 3439 3440 octetstringLength 3441 3442 the number of octets in the octetstring 3443 3444 uint32 3445 3446 3447 maxOctetstringLength 3448 3449 the maximum number of octets in the octetstring 3450 3451 uint32 3452 3453 3454 3456 4.8.5. Event Properties 3458 The properties for an event add three (usually) writeable fields. 3459 One is the subscription field. 0 means no notification is generated. 3460 Any non-zero value (typically 1 is used) means that a notification is 3461 generated. The hysteresis field is used to suppress generation of 3462 notifications for oscillations around a condition value, and is 3463 described in the text for events. The threshold field is used for 3464 the and conditions. It 3465 indicates the value to compare the event target against. Using the 3466 properties allows the CE to set the level of interest. FEs which do 3467 not supporting setting the threshold for events will make this field 3468 read-only. 3470 3471 eventElementProperties 3472 3473 baseElementProperties 3474 3475 registration 3476 3477 has the CE registered to be notified of this event 3478 3479 uint32 3480 3481 3482 threshold 3483 comparison value for level crossing events 3484 3485 uint32 3487 3488 3489 eventHysteresis 3490 region to suppress event recurrence notices 3491 3492 3493 uint32 3494 3495 3496 eventCount 3497 number of occurrences to suppress 3498 3499 3500 uint32 3501 3502 3503 eventInterval 3504 time interval in ms between notifications 3505 3506 3507 uint32 3508 3509 3510 3512 4.8.5.1. Common Event Filtering 3514 The event properties have values for controlling several filter 3515 conditions. Support of these conditions is optional, but all 3516 conditions SHOULD be supported. Events which are reliably known not 3517 to be subject to rapid occurrence or other concerns may not support 3518 all filter conditions. 3520 Currently, three different filter condition variables are defined. 3521 These are eventCount, eventInterval, and eventHysteresis. Setting 3522 the condition variables to 0 (their default value) means that the 3523 condition is not checked. 3525 Conceptually, when an event is triggered, all configured conditions 3526 are checked. If no filter conditions are triggered, or if any 3527 trigger conditions are met, the event notification is generated. If 3528 there are filter conditions, and no condition is met, then no event 3529 notification is generated. Event filter conditions have reset 3530 behavior when an event notification is generated. If any condition 3531 is passed, and the notification is generated, the notification reset 3532 behavior is performed on all conditions, even those which had not 3533 passed. This provides a clean definition of the interaction of the 3534 various event conditions. 3536 An example of the interaction of conditions is an event with an 3537 eventCount property set to 5 and an eventInterval property set to 500 3538 milliseconds. Suppose that a burst of occurrences of this event is 3539 detected by the FE. The first occurrence will cause a notification 3540 to be sent to the CE. Then, if four more occurrences are detected 3541 rapidly (less than 0.5 seconds) they will not result in 3542 notifications. If two more occurrences are detected, then the second 3543 of those will result in a notification. Alternatively, if more than 3544 500 milliseconds has passed since the notification and an occurrence 3545 is detected, that will result in a notification. In either case, the 3546 count and time interval suppression is reset no matter which 3547 condition actually caused the notification. 3549 4.8.5.2. Event Hysteresis Filtering 3551 Events with numeric conditions can have hysteresis filters applied to 3552 them. The hysteresis level is defined by a property of the event. 3553 This allows the FE to notify the CE of the hysteresis applied, and if 3554 it chooses, the FE can allow the CE to modify the hysteresis. This 3555 applies to for a numeric field, and to 3556 and . The content of a 3557 element is a numeric value. When supporting hysteresis, 3558 the FE MUST track the value of the element and make sure that the 3559 condition has become untrue by at least the hysteresis from the event 3560 property. To be specific, if the hysteresis is V, then 3562 o For a condition, if the last notification was for 3563 value X, then the notification MUST NOT be generated 3564 until the value reaches X +/- V. 3566 o For a condition with threshold T, once the 3567 event has been generated at least once it MUST NOT be generated 3568 again until the field first becomes less than or equal to T - V, 3569 and then exceeds T. 3571 o For a condition with threshold T, once the event 3572 has been generate at least once it MUST NOT be generated again 3573 until the field first becomes greater than or equal to T + V, and 3574 then becomes less than T. 3576 4.8.5.3. Event Count Filtering 3578 Events may have a count filtering condition. This property, if set 3579 to a non-zero value, indicates the number of occurrences of the event 3580 that should be considered redundant and not result in a notification. 3581 Thus, if this property is set to 1, and no other conditions apply, 3582 then every other detected occurrence of the event will result in a 3583 notification. This particular meaning is chosen so that the value 1 3584 has a distinct meaning from the value 0. 3586 A conceptual implementation (not required) for this might be an 3587 internal suppression counter. Whenever an event is triggered, the 3588 counter is checked. If the counter is 0, a notification is 3589 generated. Whether a notification is generated or not, the counter 3590 is incremented. If the counter exceeds the configured value, it is 3591 reset to 0. In this conceptual implementation the reset behavior 3592 when a notification is generated can be thought of as setting the 3593 counter to 1. 3595 4.8.5.4. Event Time Filtering 3597 Events may have a time filtering condition. This property represents 3598 the minimum time interval (in the absence of some other filtering 3599 condition being passed) between generating notifications of detected 3600 events. This condition MUST only be passed if the time since the 3601 last notification of the event is longer than the configured interval 3602 in milliseconds. 3604 Conceptually, this can be thought of as a stored timestamp which is 3605 compared with the detection time, or as a timer that is running that 3606 resets a suppression flag. In either case, if a notification is 3607 generated due to passing any condition then the time interval 3608 detection MUST be restarted. 3610 4.8.6. Alias Properties 3612 The properties for an alias add three (usually) writeable fields. 3613 These combine to identify the target component the subject alias 3614 refers to. 3616 3617 aliasElementProperties 3618 3619 baseElementProperties 3620 3621 targetLFBClass 3622 the class ID of the alias target 3623 uint32 3624 3625 3626 targetLFBInstance 3627 the instance ID of the alias target 3628 uint32 3629 3630 3631 targetComponentPath 3632 3633 the path to the component target 3634 each 4 octets is read as one path element, 3635 using the path construction in the PL protocol, 3636 [2]. 3637 3638 octetstring[128] 3639 3640 3641 3643 4.9. XML Schema for LFB Class Library Documents 3645 3646 3652 3653 3654 Schema for Defining LFB Classes and associated types (frames, 3655 data types for LFB attributes, and metadata). 3656 3657 3658 3659 3660 3661 3662 3663 3664 3665 3667 3669 3671 3673 3675 3676 3677 3678 3679 3680 3681 3682 3683 3684 3685 3686 3687 3688 3689 3690 3691 3692 3693 3694 3695 3696 3697 3698 3699 3700 3701 3702 3703 3704 3705 3706 3707 3708 3709 3711 3712 3713 3714 3715 3716 3717 3718 3719 3720 3721 3722 3723 3724 3725 3726 3727 3728 3734 3735 3736 3737 3738 3739 3740 3741 3742 3743 3744 3745 3746 3747 3748 3749 3750 3751 3752 3753 3754 3755 3757 3760 3761 3762 3763 3764 3765 3766 3768 3770 3771 3772 3773 3774 3775 3776 3777 3778 3779 3780 3781 3782 3783 3784 3785 3786 3787 3788 3789 3790 3792 3793 3794 3796 3797 3799 3800 3801 3802 3803 3804 3805 3806 3807 3809 3810 3811 3812 3813 3814 3815 3816 3817 3819 3820 3821 3822 3824 3825 3826 3827 3828 3829 3830 3831 3832 3833 3835 3836 3838 3839 3840 3841 3842 3843 3844 3845 3846 3847 3848 3849 3850 3851 3852 3853 3854 3855 3856 3857 3858 3859 3860 3861 3862 3863 3864 3865 3866 3867 3868 3869 3870 3871 3873 3875 3877 3879 3881 3883 3884 3885 3887 3888 3891 3892 3893 3894 3895 3896 3897 3898 3899 3903 3904 3905 3906 3907 3908 3909 3910 3911 3912 3913 3914 3915 3916 3917 3918 3919 3920 3921 3923 3924 3925 3926 3927 3928 3929 3930 3931 3932 3934 3935 3936 3937 3938 3939 3940 3941 3943 3944 3945 3946 3947 3948 3949 3950 3951 3953 3954 3955 3956 3957 3958 3959 3960 3961 3962 3963 3964 3965 3966 3967 3968 3969 3970 3971 3972 3973 3974 3975 3976 3978 3979 3980 3981 3982 3983 3984 3985 3987 3988 3989 3990 3991 3992 3994 3995 3996 3997 3998 3999 4000 4001 4002 4003 4005 4006 4007 4008 4009 4010 4011 4013 4015 4016 4017 4018 4019 4020 4021 4023 4024 4026 4027 4028 4029 4030 4031 4032 4033 4034 4035 4036 4037 4038 4039 4040 4041 4042 4043 4044 4045 4046 4047 4048 4049 4051 4052 4053 4054 4055 4056 4057 4058 4059 4060 4061 4062 4063 4064 4065 4066 4067 4068 4069 4070 4071 4073 4074 4076 4077 4078 4079 4080 4082 4083 4084 4085 4086 4087 4088 4089 4090 4091 4092 4093 4094 4095 4096 4097 4098 4099 4100 4101 4102 4103 4104 4105 4106 4108 4109 4110 4111 4112 4113 4114 4115 4116 4117 4118 4119 4120 4121 4123 4124 4125 4127 4128 4129 4130 4132 4133 4134 4135 4137 4139 4141 4143 4145 4146 4147 4148 4149 4150 4151 4153 4155 4157 4158 4159 4161 4162 4163 4164 4165 4166 4167 4168 4169 4171 5. FE Components and Capabilities 4173 A ForCES forwarding element handles traffic on behalf of a ForCES 4174 control element. While the standards will describe the protocol and 4175 mechanisms for this control, different implementations and different 4176 instances will have different capabilities. The CE MUST be able to 4177 determine what each instance it is responsible for is actually 4178 capable of doing. As stated previously, this is an approximation. 4179 The CE is expected to be prepared to cope with errors in requests and 4180 variations in detail not captured by the capabilities information 4181 about an FE. 4183 In addition to its capabilities, an FE will have information that can 4184 be used in understanding and controlling the forwarding operations. 4185 Some of this information will be read only, while others parts may 4186 also be writeable. 4188 In order to make the FE information easily accessible, the 4189 information is represented in an LFB. This LFB has a class, 4190 FEObject. The LFBClassID for this class is 1. Only one instance of 4191 this class will ever be present in an FE, and the instance ID of that 4192 instance in the protocol is 1. Thus, by referencing the components 4193 of class:1, instance:1 a CE can get the general information about the 4194 FE. The FEObject LFB Class is described in this section. 4196 There will also be an FEProtocol LFB Class. LFBClassID 2 is reserved 4197 for that class. There will be only one instance of that class as 4198 well. Details of that class are defined in the ForCES Protocol [2] 4199 document. 4201 5.1. XML for FEObject Class definition 4203 4204 4207 4208 4209 LFBAdjacencyLimitType 4210 Describing the Adjacent LFB 4211 4212 4213 NeighborLFB 4214 ID for that LFB Class 4215 uint32 4216 4217 4218 ViaPorts 4219 4220 the ports on which we can connect 4221 4222 4223 string 4224 4225 4226 4227 4228 4229 PortGroupLimitType 4230 4231 Limits on the number of ports in a given group 4232 4233 4234 4235 PortGroupName 4236 Group Name 4237 string 4239 4240 4241 MinPortCount 4242 Minimum Port Count 4243 4244 uint32 4245 4246 4247 MaxPortCount 4248 Max Port Count 4249 4250 uint32 4251 4252 4253 4254 4255 SupportedLFBType 4256 table entry for supported LFB 4257 4258 4259 LFBName 4260 4261 The name of a supported LFB Class 4262 4263 string 4264 4265 4266 LFBClassID 4267 the id of a supported LFB Class 4268 uint32 4269 4270 4271 LFBVersion 4272 4273 The version of the LFB Class used 4274 by this FE. 4275 4276 string 4277 4278 4279 LFBOccurrenceLimit 4280 4281 the upper limit of instances of LFBs of this class 4282 4283 4284 uint32 4285 4286 4288 4289 PortGroupLimits 4290 Table of Port Group Limits 4291 4292 4293 PortGroupLimitType 4294 4295 4296 4297 4298 CanOccurAfters 4299 4300 List of LFB Classes that this LFB class can follow 4301 4302 4303 4304 LFBAdjacencyLimitType 4305 4306 4307 4309 4310 CanOccurBefores 4311 4312 List of LFB Classes that can follow this LFB class 4313 4314 4315 4316 LFBAdjacencyLimitType 4317 4318 4319 4320 4321 4322 FEStateValues 4323 The possible values of status 4324 4325 uchar 4326 4327 4328 AdminDisable 4329 4330 FE is administratively disabled 4331 4332 4333 4334 OperDisable 4335 FE is operatively disabled 4336 4337 4338 OperEnable 4339 FE is operating 4340 4341 4342 4343 4344 4345 FEConfiguredNeighborType 4346 Details of the FE's Neighbor 4347 4348 4349 NeighborID 4350 Neighbors FEID 4351 uint32 4352 4353 4354 InterfaceToNeighbor 4355 4356 FE's interface that connects to this neighbor 4357 4358 4359 string 4360 4361 4362 NeighborInterface 4363 4364 The name of the interface on the neighbor to 4365 which this FE is adjacent. This is required 4366 In case two FEs are adjacent on more than 4367 one interface. 4368 4369 4370 string 4371 4372 4373 4374 4375 LFBSelectorType 4376 4377 Unique identification of an LFB class-instance 4378 4379 4380 4381 LFBClassID 4382 LFB Class Identifier 4383 uint32 4384 4385 4386 LFBInstanceID 4387 LFB Instance ID 4388 uint32 4389 4390 4391 4392 4393 LFBLinkType 4394 4395 Link between two LFB instances of topology 4396 4397 4398 4399 FromLFBID 4400 LFB src 4401 LFBSelectorType 4402 4403 4404 FromPortGroup 4405 src port group 4406 string 4407 4408 4409 FromPortIndex 4410 src port index 4411 uint32 4412 4413 4414 ToLFBID 4415 dst LFBID 4416 LFBSelectorType 4417 4418 4419 ToPortGroup 4420 dst port group 4421 string 4422 4423 4424 ToPortIndex 4425 dst port index 4426 uint32 4427 4428 4429 4430 4431 4432 4433 FEObject 4434 Core LFB: FE Object 4435 1.0 4436 4437 4438 LFBTopology 4439 the table of known Topologies 4440 4441 LFBLinkType 4442 4443 4444 4445 LFBSelectors 4446 4447 table of known active LFB classes and 4448 instances 4449 4450 4451 LFBSelectorType 4452 4453 4454 4455 FEName 4456 name of this FE 4457 string[40] 4458 4459 4460 FEID 4461 ID of this FE 4462 uint32 4463 4464 4465 FEVendor 4466 vendor of this FE 4467 string[40] 4468 4469 4470 FEModel 4471 model of this FE 4472 string[40] 4473 4474 4475 FEState 4476 model of this FE 4477 FEStateValues 4478 4479 4480 FENeighbors 4481 table of known neighbors 4482 4483 4484 FEConfiguredNeighborType 4485 4486 4487 4488 4489 4490 ModifiableLFBTopology 4491 4492 Whether Modifiable LFB is supported 4493 4494 4495 boolean 4496 4497 4498 SupportedLFBs 4499 List of all supported LFBs 4500 4501 4502 SupportedLFBType 4503 4504 4505 4506 4507 4508 4510 5.2. FE Capabilities 4512 The FE Capability information is contained in the capabilities 4513 element of the class definition. As described elsewhere, capability 4514 information is always considered to be read-only. 4516 The currently defined capabilities are ModifiableLFBTopology and 4517 SupportedLFBs. Information as to which components of the FEObject 4518 LFB are supported is accessed by the properties information for those 4519 components. 4521 5.2.1. ModifiableLFBTopology 4523 This component has a boolean value that indicates whether the LFB 4524 topology of the FE may be changed by the CE. If the component is 4525 absent, the default value is assumed to be true, and the CE presumes 4526 the LFB topology may be changed. If the value is present and set to 4527 false, the LFB topology of the FE is fixed. If the topology is 4528 fixed, the LFBs supported clause may be omitted, and the list of 4529 supported LFBs is inferred by the CE from the LFB topology 4530 information. If the list of supported LFBs is provided when 4531 ModifiableLFBTopology is false, the CanOccurBefore and CanOccurAfter 4532 information should be omitted. 4534 5.2.2. SupportedLFBs and SupportedLFBType 4536 One capability that the FE should include is the list of supported 4537 LFB classes. The SupportedLFBs component, is an array that contains 4538 the information about each supported LFB Class. The array structure 4539 type is defined as the SupportedLFBType dataTypeDef. 4541 Each entry in the SupportedLFBs array describes an LFB class that the 4542 FE supports. In addition to indicating that the FE supports the 4543 class, FEs with modifiable LFB topology SHOULD include information 4544 about how LFBs of the specified class may be connected to other LFBs. 4545 This information SHOULD describe which LFB classes the specified LFB 4546 class may succeed or precede in the LFB topology. The FE SHOULD 4547 include information as to which port groups may be connected to the 4548 given adjacent LFB class. If port group information is omitted, it 4549 is assumed that all port groups may be used. This capability 4550 information on the acceptable ordering and connection of LFBs MAY be 4551 omitted if the implementor concludes that the actual constraints are 4552 such that the information would be misleading for the CE. 4554 5.2.2.1. LFBName 4556 This component has as its value the name of the LFB Class being 4557 described. 4559 5.2.2.2. LFBClassID 4561 The numeric ID of the LFB Class being described. While conceptually 4562 redundant with the LFB Name, both are included for clarity and to 4563 allow consistency checking. 4565 5.2.2.3. LFBVersion 4567 The version string specifying the LFB Class version supported by this 4568 FE. As described above in versioning, an FE can support only a 4569 single version of a given LFB Class. 4571 5.2.2.4. LFBOccurrenceLimit 4573 This component, if present, indicates the largest number of instances 4574 of this LFB class the FE can support. For FEs that do not have the 4575 capability to create or destroy LFB instances, this can either be 4576 omitted or be the same as the number of LFB instances of this class 4577 contained in the LFB list attribute. 4579 5.2.2.5. PortGroupLimits and PortGroupLimitType 4581 The PortGroupLimits component is an array of information about the 4582 port groups supported by the LFB class. The structure of the port 4583 group limit information is defined by the PortGroupLimitType 4584 dataTypeDef. 4586 Each PortGroupLimits array entry contains information describing a 4587 single port group of the LFB class. Each array entry contains the 4588 name of the port group in the PortGroupName component, the fewest 4589 number of ports that can exist in the group in the MinPortCount 4590 component, and the largest number of ports that can exist in the 4591 group in the MaxPortCount component. 4593 5.2.2.6. CanOccurAfters and LFBAdjacencyLimitType 4595 The CanOccurAfters component is an array that contains the list of 4596 LFBs the described class can occur after. The array entries are 4597 defined in the LFBAdjacencyLimitType dataTypeDef. 4599 The array entries describe a permissible positioning of the described 4600 LFB class, referred to here as the SupportedLFB. Specifically, each 4601 array entry names an LFB that can topologically precede that LFB 4602 class. That is, the SupportedLFB can have an input port connected to 4603 an output port of an LFB that appears in the CanOccurAfters array. 4604 The LFB class that the SupportedLFB can follow is identified by the 4605 NeighborLFB component (of the LFBAdjacencyLimitType dataTypeDef) of 4606 the CanOccurAfters array entry. If this neighbor can only be 4607 connected to a specific set of input port groups, then the viaPort 4608 component is included. This component is an array, with one entry 4609 for each input port group of the SupportedLFB that can be connected 4610 to an output port of the NeighborLFB. 4612 [e.g., Within a SupportedLFBs entry, each array entry of the 4613 CanOccurAfters array must have a unique NeighborLFB, and within each 4614 such array entry each viaPort must represent a distinct and valid 4615 input port group of the SupportedLFB. The LFB Class definition 4616 schema does not yet support these uniqueness constraints.] 4618 5.2.2.7. CanOccurBefores and LFBAdjacencyLimitType 4620 The CanOccurBefores array holds the information about which LFB 4621 classes can follow the described class. Structurally this element 4622 parallels CanOccurAfters, and uses the same type definition for the 4623 array entries. 4625 The array entries list those LFB classes that the SupportedLFB may 4626 precede in the topology. In this component, the entries in the 4627 viaPort component of the array value represent the output port groups 4628 of the SupportedLFB that may be connected to the NeighborLFB. As 4629 with CanOccurAfters, viaPort may have multiple entries if multiple 4630 output ports may legitimately connect to the given NeighborLFB class. 4632 [And a similar set of uniqueness constraints apply to the 4633 CanOccurBefore clauses, even though an LFB may occur both in 4634 CanOccurAfter and CanOccurBefore.] 4636 5.2.2.8. LFBClassCapabilities 4638 While it would be desirable to include class capability level 4639 information, this is not included in the model. While such 4640 information belongs in the FE Object in the supported class table, 4641 the contents of that information would be class specific. The 4642 currently expected encoding structures for transferring information 4643 between the CE and FE are such that allowing completely unspecified 4644 information would be likely to induce parse errors. We could specify 4645 that the information is encoded in an octetstring, but then we would 4646 have to define the internal format of that octet string. 4648 As there also are not currently any defined LFB Class level 4649 Capabilities that the FE needs to report, this information is not 4650 present now, but may be added in a future version of the FE Object. 4651 (This is an example of a case where versioning, rather than 4652 inheritance, would be needed, since the FE Object must have class ID 4653 1 and instance ID 1 so that the protocol behavior can start by 4654 finding this object.) 4656 5.3. FE Components 4658 The element is included if the class definition contains 4659 the definition of the components of the FE Object that are not 4660 considered "capabilities". Some of these components are writeable, 4661 and some are read-only, which is determinable by examining the 4662 property information of the components. 4664 5.3.1. FEState 4666 This component carries the overall state of the FE. For now, it is 4667 restricted to the strings AdminDisable, OperDisable and OperEnable. 4669 5.3.2. LFBSelectors and LFBSelectorType 4671 The LFBSelectors component is an array of information about the LFBs 4672 currently accessible via ForCES in the FE. The structure of the LFB 4673 information is defined by the LFBSelectorType dataTypeDef. 4675 Each entry in the array describes a single LFB instance in the FE. 4676 The array entry contains the numeric class ID of the class of the LFB 4677 instance and the numeric instance ID for this instance. 4679 5.3.3. LFBTopology and LFBLinkType 4681 The optional LFBTopology component contains information about each 4682 inter-LFB link inside the FE, where each link is described in an 4683 LFBLinkType dataTypeDef. The LFBLinkType component contains 4684 sufficient information to identify precisely the end points of a 4685 link. The FromLFBID and ToLFBID components specify the LFB instances 4686 at each end of the link, and MUST reference LFBs in the LFB instance 4687 table. The FromPortGroup and ToPortGroup MUST identify output and 4688 input port groups defined in the LFB classes of the LFB instances 4689 identified by FromLFBID and ToLFBID. The FromPortIndex and 4690 ToPortIndex components select the entries from the port groups that 4691 this link connects. All links are uniquely identified by the 4692 FromLFBID, FromPortGroup, and FromPortIndex fields. Multiple links 4693 may have the same ToLFBID, ToPortGroup, and ToPortIndex as this model 4694 supports fan in of inter- LFB links but not fan out. 4696 5.3.4. FENeighbors and FEConfiguredNeighborType 4698 The FENeighbors component is an array of information about manually 4699 configured adjacencies between this FE and other FEs. The content of 4700 the array is defined by the FEConfiguredNeighborType dataTypeDef. 4702 This array is intended to capture information that may be configured 4703 on the FE and is needed by the CE, where one array entry corresponds 4704 to each configured neighbor. Note that this array is not intended to 4705 represent the results of any discovery protocols, as those will have 4706 their own LFBs. This component is optional. 4708 While there may be many ways to configure neighbors, the FE-ID is the 4709 best way for the CE to correlate entities. And the interface 4710 identifier (name string) is the best correlator. The CE will be able 4711 to determine the IP address and media level information about the 4712 neighbor from the neighbor directly. Omitting that information from 4713 this table avoids the risk of incorrect double configuration. 4715 Information about the intended forms of exchange with a given 4716 neighbor is not captured here, only the adjacency information is 4717 included. 4719 5.3.4.1. NeighborID 4721 This is the ID in some space meaningful to the CE for the neighbor. 4723 5.3.4.2. InterfaceToNeighbor 4725 This identifies the interface through which the neighbor is reached. 4727 5.3.4.3. NeighborInterface 4729 This identifies the interface on the neighbor through which the 4730 neighbor is reached. The interface identification is needed when 4731 either only one side of the adjacency has configuration information, 4732 or the two FEs are adjacent on more than one interface. 4734 6. Satisfying the Requirements on FE Model 4736 This section describes how the proposed FE model meets the 4737 requirements outlined in Section 5 of RFC3654 [3]. The requirements 4738 can be separated into general requirements (Section 5, 5.1 - 5.4) and 4739 the specification of the minimal set of logical functions that the FE 4740 model must support (Section 5.5). 4742 The general requirement on the FE model is that it be able to express 4743 the logical packet processing capability of the FE, through both a 4744 capability and a state model. In addition, the FE model is expected 4745 to allow flexible implementations and be extensible to allow defining 4746 new logical functions. 4748 A major component of the proposed FE model is the Logical Function 4749 Block (LFB) model. Each distinct logical function in an FE is 4750 modeled as an LFB. Operational parameters of the LFB that must be 4751 visible to the CE are conceptualized as LFB attributes. These 4752 attributes express the capability of the FE and support flexible 4753 implementations by allowing an FE to specify which optional features 4754 are supported. The attributes also indicate whether they are 4755 configurable by the CE for an LFB class. Configurable attributes 4756 provide the CE some flexibility in specifying the behavior of an LFB. 4757 When multiple LFBs belonging to the same LFB class are instantiated 4758 on an FE, each of those LFBs could be configured with different 4759 attribute settings. By querying the settings of the attributes for 4760 an instantiated LFB, the CE can determine the state of that LFB. 4762 Instantiated LFBs are interconnected in a directed graph that 4763 describes the ordering of the functions within an FE. This directed 4764 graph is described by the topology model. The combination of the 4765 attributes of the instantiated LFBs and the topology describe the 4766 packet processing functions available on the FE (current state). 4768 Another key component of the FE model is the FE attributes. The FE 4769 attributes are used mainly to describe the capabilities of the FE, 4770 but they also convey information about the FE state. 4772 The FE model includes only the definition of the FE Object LFB 4773 itself. Meeting the full set of working group requirements requires 4774 other LFBs. The class definitions for those LFBs will be provided in 4775 other documents. 4777 7. Using the FE model in the ForCES Protocol 4779 The actual model of the forwarding plane in a given NE is something 4780 the CE must learn and control by communicating with the FEs (or by 4781 other means). Most of this communication will happen in the post- 4782 association phase using the ForCES protocol. The following types of 4783 information must be exchanged between CEs and FEs via the ForCES 4784 Protocol [2]: 4786 1. FE topology query; 4788 2. FE capability declaration; 4790 3. LFB topology (per FE) and configuration capabilities query; 4792 4. LFB capability declaration; 4794 5. State query of LFB attributes; 4796 6. Manipulation of LFB attributes; 4798 7. LFB topology reconfiguration. 4800 Items 1) through 5) are query exchanges, where the main flow of 4801 information is from the FEs to the CEs. Items 1) through 4) are 4802 typically queried by the CE(s) in the beginning of the post- 4803 association (PA) phase, though they may be repeatedly queried at any 4804 time in the PA phase. Item 5) (state query) will be used at the 4805 beginning of the PA phase, and often frequently during the PA phase 4806 (especially for the query of statistical counters). 4808 Items 6) and 7) are "command" types of exchanges, where the main flow 4809 of information is from the CEs to the FEs. Messages in Item 6) (the 4810 LFB re-configuration commands) are expected to be used frequently. 4812 Item 7) (LFB topology re-configuration) is needed only if dynamic LFB 4813 topologies are supported by the FEs and it is expected to be used 4814 infrequently. 4816 The inter-FE topology (item 1 above) can be determined by the CE in 4817 many ways. Neither this document nor the ForCES Protocol [2] 4818 document mandates a specific mechanism. The LFB Class definition 4819 does include the capability for an FE to be configured with, and 4820 provides to the CE in response to a query, the identity of its 4821 neighbors. There may also be defined specific LFB classes and 4822 protocols for neighbor discovery. Routing protocols may be used by 4823 the CE for adjacency determination. The CE may be configured with 4824 the relevant information. 4826 The relationship between the FE model and the seven post-association 4827 messages are visualized in Figure 12: 4829 +--------+ 4830 ..........-->| CE | 4831 /----\ . +--------+ 4832 \____/ FE Model . ^ | 4833 | |................ (1),2 | | 6, 7 4834 | | (off-line) . 3, 4, 5 | | 4835 \____/ . | v 4836 . +--------+ 4837 e.g. RFCs ..........-->| FE | 4838 +--------+ 4840 Figure 12: Relationship between the FE model and the ForCES protocol 4841 messages, where (1) is part of the ForCES base protocol, and the 4842 rest are defined by the FE model. 4844 The actual encoding of these messages is defined by the ForCES 4845 Protocol [2] document and is beyond the scope of the FE model. Their 4846 discussion is nevertheless important here for the following reasons: 4848 o These PA model components have considerable impact on the FE 4849 model. For example, some of the above information can be 4850 represented as attributes of the LFBs, in which case such 4851 attributes must be defined in the LFB classes. 4853 o The understanding of the type of information that must be 4854 exchanged between the FEs and CEs can help to select the 4855 appropriate protocol format and the actual encoding method (such 4856 as XML, TLVs). 4858 o Understanding the frequency of these types of messages should 4859 influence the selection of the protocol format (efficiency 4860 considerations). 4862 An important part of the FE model is the port the FE uses for its 4863 message exchanges to and from the CE. In the case that a dedicated 4864 port is used for CE-FE communication, we propose to use a special 4865 port LFB, called the CE-FE Port LFB (a subclass of the general Port 4866 LFB in Section 6.1), to model this dedicated CE-FE port. The CE-FE 4867 Port LFB acts as both a source and sink for the traffic from and to 4868 the CE. Sometimes the CE-FE traffic does not have its own dedicated 4869 port, instead the data fabric is shared for the data plane traffic 4870 and the CE-FE traffic. A special processing LFB can be used to model 4871 the ForCES packet encapsulation and decapsulation in such cases. 4873 The remaining sub-sections of this section address each of the seven 4874 message types. 4876 7.1. FE Topology Query 4878 An FE may contain zero, one or more external ingress ports. 4879 Similarly, an FE may contain zero, one or more external egress ports. 4880 In other words, not every FE has to contain any external ingress or 4881 egress interfaces. For example, Figure 13 shows two cascading FEs. 4882 FE #1 contains one external ingress interface but no external egress 4883 interface, while FE #2 contains one external egress interface but no 4884 ingress interface. It is possible to connect these two FEs together 4885 via their internal interfaces to achieve the complete ingress-to- 4886 egress packet processing function. This provides the flexibility to 4887 spread the functions across multiple FEs and interconnect them 4888 together later for certain applications. 4890 While the inter-FE communication protocol is out of scope for ForCES, 4891 it is up to the CE to query and understand how multiple FEs are 4892 inter-connected to perform a complete ingress-egress packet 4893 processing function, such as the one described in Figure 13. The 4894 inter-FE topology information may be provided by FEs, may be hard- 4895 coded into CE, or may be provided by some other entity (e.g., a bus 4896 manager) independent of the FEs. So while the ForCES Protocol [2] 4897 supports FE topology query from FEs, it is optional for the CE to use 4898 it, assuming the CE has other means to gather such topology 4899 information. 4901 +-----------------------------------------------------+ 4902 | +---------+ +------------+ +---------+ | 4903 input| | | | | | output | 4904 ---+->| Ingress |-->|Header |-->|IPv4 |---------+--->+ 4905 | | port | |Decompressor| |Forwarder| FE | | 4906 | +---------+ +------------+ +---------+ #1 | | 4907 +-----------------------------------------------------+ V 4908 | 4909 +-----------------------<-----------------------------+ 4910 | 4911 | +----------------------------------------+ 4912 V | +------------+ +----------+ | 4913 | input | | | | output | 4914 +->--+->|Header |-->| Egress |---------+--> 4915 | |Compressor | | port | FE | 4916 | +------------+ +----------+ #2 | 4917 +----------------------------------------+ 4919 Figure 13: An example of two FEs connected together 4921 Once the inter-FE topology is discovered by the CE after this query, 4922 it is assumed that the inter-FE topology remains static. However, it 4923 is possible that an FE may go down during the NE operation, or a 4924 board may be inserted and a new FE activated, so the inter-FE 4925 topology will be affected. It is up to the ForCES protocol to 4926 provide a mechanism for the CE to detect such events and deal with 4927 the change in FE topology. FE topology is outside the scope of the 4928 FE model. 4930 7.2. FE Capability Declarations 4932 FEs will have many types of limitations. Some of the limitations 4933 must be expressed to the CEs as part of the capability model. The 4934 CEs must be able to query these capabilities on a per-FE basis. 4935 Examples: 4937 o Metadata passing capabilities of the FE. Understanding these 4938 capabilities will help the CE to evaluate the feasibility of LFB 4939 topologies, and hence to determine the availability of certain 4940 services. 4942 o Global resource query limitations (applicable to all LFBs of the 4943 FE). 4945 o LFB supported by the FE. 4947 o LFB class instantiation limit. 4949 o LFB topological limitations (linkage constraint, ordering etc.) 4951 7.3. LFB Topology and Topology Configurability Query 4953 The ForCES protocol must provide the means for the CEs to discover 4954 the current set of LFB instances in an FE and the interconnections 4955 between the LFBs within the FE. In addition, sufficient information 4956 should be available to determine whether the FE supports any CE- 4957 initiated (dynamic) changes to the LFB topology, and if so, determine 4958 the allowed topologies. Topology configurability can also be 4959 considered as part of the FE capability query as described in Section 4960 9.3. 4962 7.4. LFB Capability Declarations 4964 LFB class specifications define a generic set of capabilities. When 4965 an LFB instance is implemented (instantiated) on a vendor's FE, some 4966 additional limitations may be introduced. Note that we discuss only 4967 those limitations that are within the flexibility of the LFB class 4968 specification. That is, the LFB instance will remain compliant with 4969 the LFB class specification despite these limitations. For example, 4970 certain features of an LFB class may be optional, in which case it 4971 must be possible for the CE to determine if an optional feature is 4972 supported by a given LFB instance or not. Also, the LFB class 4973 definitions will probably contain very few quantitative limits (e.g., 4974 size of tables), since these limits are typically imposed by the 4975 implementation. Therefore, quantitative limitations should always be 4976 expressed by capability arguments. 4978 LFB instances in the model of a particular FE implementation will 4979 possess limitations on the capabilities defined in the corresponding 4980 LFB class. The LFB class specifications must define a set of 4981 capability arguments, and the CE must be able to query the actual 4982 capabilities of the LFB instance via querying the value of such 4983 arguments. The capability query will typically happen when the LFB 4984 is first detected by the CE. Capabilities need not be re-queried in 4985 case of static limitations. In some cases, however, some 4986 capabilities may change in time (e.g., as a result of adding/removing 4987 other LFBs, or configuring certain attributes of some other LFB when 4988 the LFBs share physical resources), in which case additional 4989 mechanisms must be implemented to inform the CE about the changes. 4991 The following two broad types of limitations will exist: 4993 o Qualitative restrictions. For example, a standardized multi- 4994 field classifier LFB class may define a large number of 4995 classification fields, but a given FE may support only a subset of 4996 those fields. 4998 o Quantitative restrictions, such as the maximum size of tables, 4999 etc. 5001 The capability parameters that can be queried on a given LFB class 5002 will be part of the LFB class specification. The capability 5003 parameters should be regarded as special attributes of the LFB. The 5004 actual values of these arguments may be, therefore, obtained using 5005 the same attribute query mechanisms as used for other LFB attributes. 5007 Capability attributes will typically be read-only arguments, but in 5008 certain cases they may be configurable. For example, the size of a 5009 lookup table may be limited by the hardware (read-only), in other 5010 cases it may be configurable (read-write, within some hard limits). 5012 Assuming that capabilities will not change frequently, the efficiency 5013 of the protocol/schema/encoding is of secondary concern. 5015 Much of this restrictive information is captured by the component 5016 property information, and so can be access uniformly for all 5017 information within the model. 5019 7.5. State Query of LFB Attributes 5021 This feature must be provided by all FEs. The ForCES protocol and 5022 the data schema/encoding conveyed by the protocol must together 5023 satisfy the following requirements to facilitate state query of the 5024 LFB attributes: 5026 o Must permit FE selection. This is primarily to refer to a single 5027 FE, but referring to a group of (or all) FEs may optionally be 5028 supported. 5030 o Must permit LFB instance selection. This is primarily to refer to 5031 a single LFB instance of an FE, but optionally addressing of a 5032 group of LFBs (or all) may be supported. 5034 o Must support addressing of individual attribute of an LFB. 5036 o Must provide efficient encoding and decoding of the addressing 5037 info and the configured data. 5039 o Must provide efficient data transmission of the attribute state 5040 over the wire (to minimize communication load on the CE-FE link). 5042 7.6. LFB Component Manipulation 5044 The FE Model provides for the definition of LFB Classes. Each class 5045 has a globally unique identifier. Information within the class is 5046 represented as components and assigned identifiers with the scope of 5047 that class. This model also specifies that instances of LFB Classes 5048 have identifiers. The combination of class identifiers, instance 5049 identifiers, and component identifiers are used by the protocol to 5050 reference the LFB information in the protocol operations. 5052 7.7. LFB Topology Re-configuration 5054 Operations that will be needed to reconfigure LFB topology: 5056 o Create a new instance of a given LFB class on a given FE. 5058 o Connect a given output of LFB x to the given input of LFB y. 5060 o Disconnect: remove a link between a given output of an LFB and a 5061 given input of another LFB. 5063 o Delete a given LFB (automatically removing all interconnects to/ 5064 from the LFB). 5066 8. Example LFB Definition 5068 This section contains an example LFB definition. While some 5069 properties of LFBs are shown by the FE Object LFB, this endeavors to 5070 show how a data plane LFB might be build. This example is a 5071 fictional case of an interface supporting a coarse WDM optical 5072 interface that carries Frame Relay traffic. The statistical 5073 information (including error statistics) is omitted. 5075 Later portions of this example include references to protocol 5076 operations. The operations described are operations the protocol 5077 needs to support. The exact format and fields are purely 5078 informational here, as the ForCES Protocol [2] document defines the 5079 precise syntax and symantics of its operations. 5081 5082 5085 5086 5087 FRFrame 5088 5089 A frame relay frame, with DLCI without 5090 stuffing) 5091 5092 5093 5094 IPFrame 5095 An IP Packet 5096 5097 5098 5099 5100 frequencyInformationType 5101 5102 Information about a single CWDM frequency 5103 5104 5105 5106 LaserFrequency 5107 encoded frequency(channel) 5108 uint32 5109 5110 5111 FrequencyState 5112 state of this frequency 5113 PortStatusValues 5114 5115 5116 LaserPower 5117 current observed power 5118 uint32 5119 5120 5121 FrameRelayCircuits 5122 5123 Information about circuits on this Frequency 5124 5125 5126 frameCircuitsType 5127 5128 5129 5130 5131 5132 frameCircuitsType 5133 5134 Information about a single Frame Relay circuit 5135 5136 5137 5138 DLCI 5139 DLCI of the circuit 5140 uint32 5141 5142 5143 CircuitStatus 5144 state of the circuit 5145 PortStatusValues 5146 5147 5148 isLMI 5149 is this the LMI circuit 5150 boolean 5151 5152 5153 associatedPort 5154 5155 which input / output port is associated 5156 with this circuit 5157 5158 uint32 5159 5160 5161 5162 5163 PortStatusValues 5164 5165 The possible values of status. Used for both 5166 administrative and operational status 5167 5168 5169 uchar 5170 5171 5172 Disabled 5173 the component is disabled 5174 5175 5176 Enabled 5177 FE is operatively enabled 5178 5179 5180 5181 5182 5183 5184 5185 DLCI 5186 The DLCI the frame arrived on 5187 12 5188 uint32 5189 5190 5191 LaserChannel 5192 The index of the laser channel 5193 34 5194 uint32 5195 5196 5197 5198 5199 5200 FrameLaserLFB 5201 Fictional LFB for Demonstrations 5202 1.0 5203 5204 5205 LMIfromFE 5206 5207 Ports for LMI traffic, for transmission 5208 5209 5210 5211 FRFrame 5212 5213 5214 DLCI 5215 LaserChannel 5216 5217 5218 5219 5220 DatafromFE 5221 5222 Ports for data to be sent on circuits 5223 5224 5225 5226 IPFrame 5227 5228 5229 DLCI 5230 LaserChannel 5231 5232 5234 5235 5236 5237 5238 LMItoFE 5239 5240 Ports for LMI traffic for processing 5241 5242 5243 5244 FRFrame 5245 5246 5247 DLCI 5248 LaserChannel 5249 5250 5251 5252 5253 DatatoFE 5254 5255 Ports for Data traffic for processing 5256 5257 5258 5259 IPFrame 5260 5261 5262 DLCI 5263 LaserChannel 5264 5265 5266 5267 5268 5269 5270 AdminPortState 5271 is this port allowed to function 5272 PortStatusValues 5273 5274 5275 FrequencyInformation 5276 5277 table of information per CWDM frequency 5278 5279 5280 frequencyInformationType 5281 5283 5284 5285 5286 5287 OperationalState 5288 5289 whether the port over all is operational 5290 5291 PortStatusValues 5292 5293 5294 MaximumFrequencies 5295 5296 how many laser frequencies are there 5297 5298 uint16 5299 5300 5301 MaxTotalCircuits 5302 5303 Total supportable Frame Relay Circuits, across 5304 all laser frequencies 5305 5306 5307 uint32 5308 5309 5310 5311 5312 FrequencyState 5313 5314 The state of a frequency has changed 5315 5316 5317 FrequencyInformation 5318 _FrequencyIndex_ 5319 FrequencyState 5320 5321 5322 5323 5324 5325 FrequencyInformation 5326 _FrequencyIndex_ 5327 FrequencyState 5328 5329 5330 5331 5332 CreatedFrequency 5333 A new frequency has appeared 5334 5335 FrequencyInformation> 5336 _FrequencyIndex_ 5337 5338 5339 5340 5341 FrequencyInformation 5342 _FrequencyIndex_ 5343 LaserFrequency 5344 5345 5346 5347 5348 DeletedFrequency 5349 5350 A frequency Table entry has been deleted 5351 5352 5353 FrequencyInformation 5354 _FrequencyIndex_ 5355 5356 5357 5358 5359 PowerProblem 5360 5361 there are problems with the laser power level 5362 5363 5364 FrequencyInformation 5365 _FrequencyIndex_ 5366 LaserPower 5367 5368 5369 5370 5371 FrequencyInformation 5372 _FrequencyIndex_ 5373 LaserPower 5374 5375 5376 FrequencyInformation 5377 _FrequencyIndex_ 5378 LaserFrequency 5380 5381 5382 5383 5384 FrameCircuitChanged 5385 5386 the state of an Fr circuit on a frequency 5387 has changed 5388 5389 5390 FrequencyInformation 5391 _FrequencyIndex_ 5392 FrameRelayCircuits 5393 FrameCircuitIndex 5394 CircuitStatus 5395 5396 5397 5398 5399 FrequencyInformation 5400 _FrequencyIndex_ 5401 FrameRelayCircuits 5402 FrameCircuitIndex 5403 CircuitStatus 5404 5405 5406 FrequencyInformation 5407 _FrequencyIndex_ 5408 FrameRelayCircuits 5409 FrameCircuitIndex 5410 DLCI 5411 5412 5413 5414 5415 5416 5417 5419 8.1. Data Handling 5421 This LFB is designed to handle data packets coming in from or going 5422 out to the external world. It is not a full port, and it lacks many 5423 useful statistics, but it serves to show many of the relevant 5424 behaviors. 5426 Packets arriving without error from the physical interface come in on 5427 a Frame Relay DLCI on a laser channel. These two values are used by 5428 the LFB too look up the handling for the packet. If the handling 5429 indicates that the packet is LMI, then the output index is used to 5430 select an LFB port from the LMItoFE port group. The packet is sent 5431 as a full Frame Relay frame (without any bit or byte stuffing) on the 5432 selected port. The laser channel and DLCI are sent as meta-data, 5433 even though the DLCI is also still in the packet. 5435 Good packets that arrive and are not LMI and have a frame relay type 5436 indicator of IP are sent as IP packets on the port in the DatatoFE 5437 port group, using the same index field from the table based on the 5438 laser channel and DLCI. The channel and DLCI are attached as meta- 5439 data for other use (classifiers, for example.) 5441 The current definition does not specify what to do if the Frame Relay 5442 type information is not IP. 5444 Packets arriving on input ports arrive with the Laser Channel and 5445 Frame Relay DLCI as meta-data. As such, a single input port could 5446 have been used. With the structure that is defined (which parallels 5447 the output structure), the selection of channel and DLCI could be 5448 restricted by the arriving input port group (LMI vs. data) and port 5449 index. As an alternative LFB design, the structures could require a 5450 1-1 relationship between DLCI and LFB port, in which case no meta- 5451 data would be needed. This would however be quite complex and noisy. 5452 The intermediate level of structure here allows parallelism between 5453 input and output, without requiring excessive ports. 5455 8.1.1. Setting up a DLCI 5457 When a CE chooses to establish a DLCI on a specific laser channel, it 5458 sends a SET request directed to this LFB. The request might look 5459 like 5461 T = SET 5462 T = PATH-DATA 5463 Path: flags = none, length = 4, path = 2, channel, 4, entryIdx 5464 DataRaw: DLCI, Enable(1), false, out-idx 5466 Which would establish the DLCI as enabled, with traffic going to a 5467 specific entry of the output port group DatatoFE. (The CE would 5468 ensure that output port is connected to the right place before 5469 issuing this request.) 5471 The response would confirm the creation of the specified entry. This 5472 table is structured to use separate internal indices and DLCIs. An 5473 alternative design could have used the DLCI as index, trading off 5474 complexities. 5476 One could also imagine that the FE has an LMI LFB. Such an LFB would 5477 be connected to the LMItoFE and LMIfromFE port groups. It would 5478 process LMI information. It might be the LFBs job to set up the 5479 frame relay circuits. The LMI LFB would have an alias entry that 5480 points to the Frame Relay circuits table it manages, so that it can 5481 manipulate those entities. 5483 8.1.2. Error Handling 5485 The LFB will receive invalid packets over the wire. Many of these 5486 will simply result in incrementing counters. The LFB designer might 5487 also specify some error rate measures. This puts more work on the 5488 FE, but allows for more meaningful alarms. 5490 There may be some error conditions that should cause parts of the 5491 packet to be sent to the CE. The error itself is not something that 5492 can cause an event in the LFB. There are two ways this can be 5493 handled. 5495 One way is to define a specific component to count the error, and a 5496 component in the LFB to hold the required portion of the packet. The 5497 component could be defined to hold the portion of the packet from the 5498 most recent error. One could then define an event that occurs 5499 whenever the error count changes, and declare that reporting the 5500 event includes the LFB field with the packet portion. For rare but 5501 extremely critical errors, this is an effective solution. It ensures 5502 reliable delivery of the notification. And it allows the CE to 5503 control if it wants the notification. 5505 Another approach is for the LFB to have a port that connects to a 5506 redirect sink. The LFB would attach the laser channel, the DLCI, and 5507 the error indication as meta-data, and ship the packet to the CE. 5509 Other aspects of error handling are discussed under events below. 5511 8.2. LFB Components 5513 This LFB is defined to have two top level components. One reflects 5514 the administrative state of the LFB. This allows the CE to disable 5515 the LFB completely. 5517 The other attribute is the table of information about the laser 5518 channels. It is a variable sized array. Each array entry contains 5519 an identifier for what laser frequency this entry is associated with, 5520 whether that frequency is operational, the power of the laser at that 5521 frequency, and a table of information about frame relay circuits on 5522 this frequency. There is no administrative status since a CE can 5523 disable an entry simply by removing it. (Frequency and laser power 5524 of a non-operational channel are not particularly useful. Knowledge 5525 about what frequencies can be supported would be a table in the 5526 capabilities section.) 5528 The Frame Relay circuit information contains the DLCI, the 5529 operational circuit status, whether this circuit is to be treated as 5530 carrying LMI information, and which port in the output port group of 5531 the LFB traffic is to be sent to. As mentioned above, the circuit 5532 index could, in some designs, be combined with the DLCI. 5534 8.3. Capabilities 5536 The capability information for this LFB includes whether the 5537 underlying interface is operational, how many frequencies are 5538 supported, and how many total circuits, across all channels, are 5539 permitted. The maximum number for a given laser channel can be 5540 determined from the properties of the FrameRelayCircuits table. A 5541 GET-PROP on path 2.channel.4 will give the CE the properties of the 5542 array which include the number of entries used, the first available 5543 entry, and the maximum number of entries permitted. 5545 8.4. Events 5547 This LFB is defined to be able to generate several events that the CE 5548 may be interested in. There are events to report changes in 5549 operational state of frequencies, and the creation and deletion of 5550 frequency entries. There is an event for changes in status of 5551 individual frame relay circuits. So an event notification of 5552 61.5.3.11 would indicate that there had been a circuit status change 5553 on subscript 11 of the circuit table in subscript 3 of the frequency 5554 table. The event report would include the new status of the circuit 5555 and the DLCI of the circuit. Arguably, the DLCI is redundant, since 5556 the CE presumably knows the DLCI based on the circuit index. It is 5557 included here to show including two pieces of information in an event 5558 report. 5560 As described above, the event declaration defines the event target, 5561 the event condition, and the event report content. The event 5562 properties indicate whether the CE is subscribed to the event, the 5563 specific threshold for the event, and any filter conditions for the 5564 event. 5566 Another event shown is a laser power problem. This event is 5567 generated whenever the laser falls below the specified threshold. 5568 Thus, a CE can register for the event of laser power loss on all 5569 circuits. It would do this by: 5571 T = SET-PROP 5572 Path-TLV: flags=0, length = 2, path = 61.4 5573 Path-TLV: flags = property-field, length = 1, path = 2 5574 Content = 1 (register) 5575 Path-TLV: flags = property-field, length = 1, path = 3 5576 Content = 15 (threshold) 5578 This would set the registration for the event on all entries in the 5579 table. It would also set the threshold for the event, causing 5580 reporting if the power falls below 15. (Presumably, the CE knows 5581 what the scale is for power, and has chosen 15 as a meaningful 5582 problem level.) 5584 If a laser oscillates in power near the 15 mark, one could get a lot 5585 of notifications. (If it flips back and forth between 14 and 15, 5586 each flip down will generate an event.) Suppose that the CE decides 5587 to suppress this oscillation somewhat on laser channel 5. It can do 5588 this by setting the variance property on that event. The request 5589 would look like: 5591 T = SET-PROP 5592 Path-TLV: flags=0, length = 3, path = 61.4.5 5593 Path-TLV: flags = property-field, length = 1, path = 4 5594 Content = 2 (hysteresis) 5596 Setting the hysteresis to 2 suppress a lot of spurious notifications. 5597 When the level first falls below 10, a notification is generated. If 5598 the power level increases to 10 or 11, and then falls back below 10, 5599 an event will not be generated. The power has to recover to at least 5600 12 and fall back below 10 to generate another event. One common 5601 cause of this form of oscillation is when the actual value is right 5602 near the border. If it is really 9.5, tiny changes might flip it 5603 back and forth between 9 and 10. A variance level of 1 will suppress 5604 this sort of condition. Many other events have oscillations that are 5605 somewhat wider, so larger variance settings can be used with those. 5607 9. IANA Considerations 5609 The Forces model creates the need for unique class names and numeric 5610 class identifiers. To meet that goal, IANA will maintain a registry 5611 of LFB Class names, corresponding class identifiers, and the document 5612 which defines the LFB Class. The registry policy is simply first 5613 come first served(FCFS) with regard to LFB Class names. With regard 5614 to LFB Class identifiers, identifiers less than 65536 are reserved 5615 for assignment by IETF RFCs. Identifiers above 65536 are available 5616 for assignment on a first come, first served basis. Registry entries 5617 must be documented in a stable, publicly available form. 5619 Since this registry provides for FCFS allocation of a portion of the 5620 class identifier space, it is necessary to define rules for naming 5621 classes that are using that space. As these can be defined by 5622 anyone, the needed rule is to keep the FCFS class names from 5623 colliding with IETF defined class names. Therefore, all FCFS class 5624 names MUST start with the string "Ext-". 5626 The LFBLibrary element and all of its sub-elements are defined in the 5627 following namespace: 5629 5631 Table 1 tabulates the above information. 5633 +------------+-------------+----------+-----------------------------+ 5634 | LFB Class | LFB Class | Place | Description | 5635 | Name | Identifier | Defined | | 5636 +------------+-------------+----------+-----------------------------+ 5637 | Reserved | 0 | This | Reserved | 5638 | | | document | | 5639 | FE Object | 1 | This | Defines ForCES Forwarding | 5640 | | | document | Element information | 5641 | FE | 2 | [2] | Defines parameters for the | 5642 | Protocol | | | ForCES protocol operation | 5643 | Object | | | | 5644 +------------+-------------+----------+-----------------------------+ 5646 Table 1 5648 10. Authors Emeritus 5650 The following are the authors who were instrumental in the creation 5651 of earlier releases of this document. 5653 Lily Yang, Intel Corp. 5654 Ram Gopal, Nokia Research Center 5655 Alan DeKok, Infoblox, Inc. 5656 Zsolt Haraszti, Clovis Solutions 5658 11. Acknowledgments 5660 Many of the colleagues in our companies and participants in the 5661 ForCES mailing list have provided invaluable input into this work. 5662 Particular thanks to Evangelos Haleplidis for held getting the XML 5663 right. 5665 12. Security Considerations 5667 The FE model describes the representation and organization of data 5668 sets and components in the FEs. The ForCES framework document [2] 5669 provides a comprehensive security analysis for the overall ForCES 5670 architecture. For example, the ForCES protocol entities must be 5671 authenticated per the ForCES requirements before they can access the 5672 information elements described in this document via ForCES. Access 5673 to the information contained in the FE model is accomplished via the 5674 ForCES protocol, which will be defined in separate documents, and 5675 thus the security issues will be addressed there. 5677 13. References 5679 13.1. Normative References 5681 [1] Bradner, S., "Key words for use in RFCs to Indicate Requirement 5682 Levels", BCP 14, RFC 2119, March 1997. 5684 [2] Doria, A., Haas, R., Hadi Salim, J., Khosravi, H., and W. Wang, 5685 "ForCES Protocol Specification", work in progress, draft-ietf - 5686 forces-protocol-11.txt, December 2007. 5688 13.2. Informative References 5690 [3] Khosravi, H. and T. Anderson, "Requirements for Separation of 5691 IP Control and Forwarding", RFC 3654, November 2003. 5693 [4] Yang, L., Dantu, R., Anderson, T., and R. Gopal, "Forwarding 5694 and Control Element Separation (ForCES) Framework", RFC 3746, 5695 April 2004. 5697 [5] Chan, K., Sahita, R., Hahn, S., and K. McCloghrie, 5698 "Differentiated Services Quality of Service Policy Information 5699 Base", RFC 3317, March 2003. 5701 [6] Sahita, R., Hahn, S., Chan, K., and K. McCloghrie, "Framework 5702 Policy Information Base", RFC 3318, March 2003. 5704 [7] Pras, A. and J. Schoenwaelder, "On the Difference between 5705 Information Models and Data Models", RFC 3444, January 2003. 5707 [8] Hollenbeck, S., Rose, M., and L. Masinter, "Guidelines for the 5708 Use of Extensible Markup Language (XML) within IETF Protocols", 5709 BCP 70, RFC 3470, January 2003. 5711 [9] Thompson, H., Beech, D., Maloney, M., and N. Mendelsohn, "XML 5712 Schema Part 1: Structures", W3C REC-xmlschema-1, 5713 http://www.w3.org/TR/ xmlschema-1/, May 2001. 5715 [10] Biron, P. and A. Malhotra, "XML Schema Part 2: Datatypes", 5716 W3C REC-xmlschema-2, http://www.w3.org/TR /xmlschema-2/, 5717 May 2001. 5719 [11] Davis, M. and M. Suignard, "UNICODE Security Considerations", 5720 http://www.unicode.org/ reports/tr36/tr36-3.html, July 2005. 5722 Authors' Addresses 5724 Joel Halpern 5725 Self 5726 P.O. Box 6049 5727 Leesburg,, VA 20178 5729 Phone: +1 703 371 3043 5730 Email: jmh@joelhalpern.com 5732 Ellen Deleganes 5733 Intel Corp. 5734 Mail Stop: CO5-156 15400 NW Greenbrier Parkway 5735 Beaverton,, OR 97006 5737 Phone: +1 503 677-4996 5738 Email: ellen.m.deleganes@intel.com 5740 Jamal Hadi Salim 5741 Znyx Networks 5742 Ottawa, Ontario 5743 Canada 5745 Email: hadi@znyx.com 5747 Full Copyright Statement 5749 Copyright (C) The IETF Trust (2008). 5751 This document is subject to the rights, licenses and restrictions 5752 contained in BCP 78, and except as set forth therein, the authors 5753 retain all their rights. 5755 This document and the information contained herein are provided on an 5756 "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS 5757 OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND 5758 THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS 5759 OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF 5760 THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED 5761 WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. 5763 Intellectual Property 5765 The IETF takes no position regarding the validity or scope of any 5766 Intellectual Property Rights or other rights that might be claimed to 5767 pertain to the implementation or use of the technology described in 5768 this document or the extent to which any license under such rights 5769 might or might not be available; nor does it represent that it has 5770 made any independent effort to identify any such rights. Information 5771 on the procedures with respect to rights in RFC documents can be 5772 found in BCP 78 and BCP 79. 5774 Copies of IPR disclosures made to the IETF Secretariat and any 5775 assurances of licenses to be made available, or the result of an 5776 attempt made to obtain a general license or permission for the use of 5777 such proprietary rights by implementers or users of this 5778 specification can be obtained from the IETF on-line IPR repository at 5779 http://www.ietf.org/ipr. 5781 The IETF invites any interested party to bring to its attention any 5782 copyrights, patents or patent applications, or other proprietary 5783 rights that may cover technology that may be required to implement 5784 this standard. Please address the information to the IETF at 5785 ietf-ipr@ietf.org. 5787 Acknowledgment 5789 Funding for the RFC Editor function is provided by the IETF 5790 Administrative Support Activity (IASA).