=== SFC Classifier Control and Date plane Developer guide

==== Overview
Description of classifier can be found in: https://datatracker.ietf.org/doc/draft-ietf-sfc-architecture/

Classifier manages everything from starting the packet listener to creation (and removal) of appropriate ip(6)tables rules and marking received packets accordingly. Its functionality is *available only on Linux* as it leverdges *NetfilterQueue*, which provides access to packets matched by an *iptables* rule. Classifier requires *root privileges* to be able to operate.

So far it is capable of processing ACL for MAC addresses, ports, IPv4 and IPv6. Supported protocols are TCP and UDP.

==== Classifier Architecture
Python code located in the project repository sfc-py/common/classifier.py.

NOTE: classifier assumes that Rendered Service Path (RSP) *already exists* in ODL when an ACL referencing it is obtained

.How it works:
. sfc_agent receives an ACL and passes it for processing to the classifier
. the RSP (its SFF locator) referenced by ACL is requested from ODL
. if the RSP exists in the ODL then ACL based iptables rules for it are applied

After this process is over, every packet successfully matched to an iptables rule (i.e. successfully classified) will be NSH encapsulated and forwarded to a related SFF, which knows how to traverse the RSP.

Rules are created using appropriate iptables command. If the Access Control Entry (ACE) rule is MAC address related both iptables and ip6tabeles rules re issued. If ACE rule is IPv4 address related, only iptables rules are issued, same for IPv6.

NOTE: iptables *raw* table contains all created rules

Information regarding already registered RSP(s) are stored in an internal data-store, which is represented as a dictionary:

	{rsp_id: {'name': <rsp_name>,
		      'chains': {'chain_name': (<ipv>,),
		                 ...
		                 },
		      'sff': {'ip': <ip>,
		              'port': <port>,
		              'starting-index': <starting-index>,
		              'transport-type': <transport-type>
		              },
		      },
	...
	}

.Where
    * `name`: name of the RSP
    * `chains`: dictionary of iptables chains related to the RSP with information about IP version for which the chain exists
    * `SFF`: SFF forwarding parameters
        - `ip`: SFF IP address
        - `port`: SFF port
        - `starting-index`: index given to packet at first RSP hop
        - `transport-type`: encapsulation protocol

==== Key APIs and Interfaces
This features exposes API to configure classifier (corresponds to service-function-classifier.yang)

==== API Reference Documentation
See: sfc-model/src/main/yang/service-function-classifier.yang