Models of policy based routing
RFC 1104

Document Type RFC - Unknown (June 1989; No errata)
Last updated 2019-08-10
Stream Legacy
Formats plain text pdf html bibtex
Stream Legacy state (None)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state RFC 1104 (Unknown)
Telechat date
Responsible AD (None)
Send notices to (None)
Network Working Group                                         H-W. Braun
Request for Comments:  1104                                 Merit/NSFNET
                                                               June 1989

                     Models of Policy Based Routing

1. Status of this Memo

   The purpose of this RFC is to outline a variety of models for policy
   based routing.  The relative benefits of the different approaches are
   reviewed.  Discussions and comments are explicitly encouraged to move
   toward the best policy based routing model that scales well within a
   large internetworking environment.

   Distribution of this memo is unlimited.

2. Acknowledgements

   Specific thanks go to Yakov Rekhter (IBM Research), Milo Medin
   (NASA), Susan Hares (Merit/NSFNET), Jessica Yu (Merit/NSFNET) and
   Dave Katz (Merit/NSFNET) for extensively contributing to and
   reviewing this document.

3. Overview

   To evaluate the methods and models for policy based routing, it is
   necessary to investigate the context into which the model is to be
   used, as there are a variety of different methods to introduce
   policies.  Most frequently the following three models are referenced:

       Policy based distribution of routing information
       Policy based packet filtering/forwarding
       Policy based dynamic allocation of network resources (e.g.,
       bandwidth, buffers, etc.)

   The relative properties of those methods need to be evaluated to find
   their merits for a specific application.  In some cases, more than
   one method needs to be implemented.

   While comparing different models for policy based routing, it is
   important to realize that specific models have been designed to
   satisfy a certain set of requirements.  For different models these
   requirements may or may not overlap.  Even if they overlap, they may
   have a different degree of granularity.  In the first model, the
   requirements can be formulated at the Administrative Domain or
   network number level.  In the second model, the requirements can be
   formulated at the end system level or probably even at the level of

Braun                                                           [Page 1]
RFC 1104             Models of Policy Based Routing            June 1989

   individual users.  In the third model, the requirements need to be
   formulated at both the end system and local router level, as well as
   at the level of Routing Domains and Administrative Domains.

   Each of these models looks at the power of policy based routing in a
   different way.  They may be implemented separately or in combination
   with other methods.  The model to describe policy based dynamic
   allocation of network resources is orthogonal to the model of policy
   based distribution of routing information.  However, in an actual
   implementation each of these models may interact.

   It is important to realize that the use of a policy based scheme for
   individual network applications requires that the actual effects as
   well as the interaction of multiple methods need to be determined
   ahead of time by policy.

   While uncontrolled dynamic routing and allocation of resources may
   have a better real time behavior, the use of policy based routing
   will provide a predictable, stable result based on the desires of the
   administrator.  In a production network, it is imperative to provide
   continuously consistent and acceptable services.

4. Policy based distribution of routing information

   Goals:

      The goal of this model is to enforce certain flows by means of
      policy based distribution of routing information.  This
      enforcement allows control over who can and who can not use
      specific network resources.

      Enforcement is done at the network or Administrative Domain (AD)
      level - macroscopic policies.

   Description:

      A good example of policy based routing based on the distribution
      of routing information is the NSFNET with its interfaces to mid-
      level networks [1], [2].  At the interface into the NSFNET, the
      routing information is authenticated and controlled by four means:

         1. Routing peer authentication based on the source address.

         2. Verification of the Administrative Domain identification
            (currently EGP Autonomous System numbers).

         3. Verification of Internet network numbers which are
            advertised via the routing peer.

Braun                                                           [Page 2]
RFC 1104             Models of Policy Based Routing            June 1989

         4. Control of metrics via a Routing Policy Data Base for the
            announced Internet network numbers to allow for primary
            paths to the NSFNET as well as for paths of a lesser
            degree.

      At the interfaces that pass routing traffic out of the NSFNET, the
      NSS routing code authenticates the router acting as an EGP peer by
Show full document text