RFC 1102 (rfc1102) - Page 2 of 22


Policy routing in Internet protocols



Alternative Format: Original Text Document



RFC 1102          Policy Routing in Internet Protocols          May 1989


   to reduce the amount of global information.  The problem of adding
   structure to the space of ARs is an exercise for later study.)
   Before a PR can be used, however, it must be reduced to more concrete
   terms; a series of gateways which connect the sequence of ARs.  These
   gateways will be called Policy Gateways.

   Presently, the closest mechanism to policy routing in the Internet is
   EGP, the Exterior Gateway Protocol.  EGP was constructed to permit
   regions of the Internet to communicate reachability information, even
   though they did not totally share trust.  In this respect, the
   regions hooked together by EGP could each be viewed as Administrative
   Regions.  However, the mechanisms of EGP imposed a topological
   restriction on the interconnection of the Administration Regions.  In
   practice, this has proved unsatisfactory.  Policy matters are driven
   by human concerns, and these have not turned out to be amenable to
   topological constraints, or indeed to constraints of almost any sort.

   The proposals in this memo are designed to permit as wide a latitude
   as possible in the construction and enforcement of policies.  In
   particular, no topological restrictions are assumed.  In general, the
   approach taken in this memo is driven by the belief that since
   policies reflect human concerns, the system should primarily be
   concerned with enforcement of policy, rather than synthesis of
   policy.  The proposal permits both end points and transit services to
   express and enforce local policy concerns.

3. Policy Routes

   Almost all approaches to policy control share, to some degree, the
   idea of a Policy Route.  The distinguishing component of a policy
   approach is the procedure by which the Policy Route is synthesized.
   One approach to synthesizing routes is to associate with each
   distinct policy a subset of all the gateways in the system, and then
   run a routing algorithm across the subset of the gateways.  This
   approach has several drawbacks.  It requires a distinct routing
   computation for every policy, which may be prohibitively expensive.
   It requires the global agreement on the nature and scope of each
   policy, which is at odds with the desire of Administrative Regions to
   establish their own independent policy assertions.  Finally, it
   almost inevitably implies a topological restriction on the
   interconnection of regions.

   Another synthesis approach is to have each Policy Gateway examine
   incoming packets and determine, based on local policy constraints,
   the most appropriate next AR.  This approach might possibly work, but
   again has several drawbacks.  First, it implies a substantial amount
   of computation at each Policy Gateway.  More importantly, it removes
   the route selection from the location where it would most naturally



Clark