RFC 1104 (rfc1104) - Page 2 of 10


Models of policy based routing



Alternative Format: Original Text Document



RFC 1104             Models of Policy Based Routing            June 1989


   individual users.  In the third model, the requirements need to be
   formulated at both the end system and local router level, as well as
   at the level of Routing Domains and Administrative Domains.

   Each of these models looks at the power of policy based routing in a
   different way.  They may be implemented separately or in combination
   with other methods.  The model to describe policy based dynamic
   allocation of network resources is orthogonal to the model of policy
   based distribution of routing information.  However, in an actual
   implementation each of these models may interact.

   It is important to realize that the use of a policy based scheme for
   individual network applications requires that the actual effects as
   well as the interaction of multiple methods need to be determined
   ahead of time by policy.

   While uncontrolled dynamic routing and allocation of resources may
   have a better real time behavior, the use of policy based routing
   will provide a predictable, stable result based on the desires of the
   administrator.  In a production network, it is imperative to provide
   continuously consistent and acceptable services.

4. Policy based distribution of routing information

   Goals:

      The goal of this model is to enforce certain flows by means of
      policy based distribution of routing information.  This
      enforcement allows control over who can and who can not use
      specific network resources.

      Enforcement is done at the network or Administrative Domain (AD)
      level - macroscopic policies.

   Description:

      A good example of policy based routing based on the distribution
      of routing information is the NSFNET with its interfaces to mid-
      level networks [1], [2].  At the interface into the NSFNET, the
      routing information is authenticated and controlled by four means:

         1. Routing peer authentication based on the source address.

         2. Verification of the Administrative Domain identification
            (currently EGP Autonomous System numbers).

         3. Verification of Internet network numbers which are
            advertised via the routing peer.



Braun