RFC 1102 (rfc1102) - Page 2 of 22
Policy routing in Internet protocols
Alternative Format: Original Text Document
RFC 1102 Policy Routing in Internet Protocols May 1989
to reduce the amount of global information. The problem of adding
structure to the space of ARs is an exercise for later study.)
Before a PR can be used, however, it must be reduced to more concrete
terms; a series of gateways which connect the sequence of ARs. These
gateways will be called Policy Gateways.
Presently, the closest mechanism to policy routing in the Internet is
EGP, the Exterior Gateway Protocol. EGP was constructed to permit
regions of the Internet to communicate reachability information, even
though they did not totally share trust. In this respect, the
regions hooked together by EGP could each be viewed as Administrative
Regions. However, the mechanisms of EGP imposed a topological
restriction on the interconnection of the Administration Regions. In
practice, this has proved unsatisfactory. Policy matters are driven
by human concerns, and these have not turned out to be amenable to
topological constraints, or indeed to constraints of almost any sort.
The proposals in this memo are designed to permit as wide a latitude
as possible in the construction and enforcement of policies. In
particular, no topological restrictions are assumed. In general, the
approach taken in this memo is driven by the belief that since
policies reflect human concerns, the system should primarily be
concerned with enforcement of policy, rather than synthesis of
policy. The proposal permits both end points and transit services to
express and enforce local policy concerns.
3. Policy Routes
Almost all approaches to policy control share, to some degree, the
idea of a Policy Route. The distinguishing component of a policy
approach is the procedure by which the Policy Route is synthesized.
One approach to synthesizing routes is to associate with each
distinct policy a subset of all the gateways in the system, and then
run a routing algorithm across the subset of the gateways. This
approach has several drawbacks. It requires a distinct routing
computation for every policy, which may be prohibitively expensive.
It requires the global agreement on the nature and scope of each
policy, which is at odds with the desire of Administrative Regions to
establish their own independent policy assertions. Finally, it
almost inevitably implies a topological restriction on the
interconnection of regions.
Another synthesis approach is to have each Policy Gateway examine
incoming packets and determine, based on local policy constraints,
the most appropriate next AR. This approach might possibly work, but
again has several drawbacks. First, it implies a substantial amount
of computation at each Policy Gateway. More importantly, it removes
the route selection from the location where it would most naturally
Clark