Path-Vector Policy Systems - PowerPoint PPT Presentation

1 / 36
About This Presentation
Title:

Path-Vector Policy Systems

Description:

Path-Vector Policy Systems Vijay Ramachandran Official Graduate Student Talk September 30, 2003 Advisor: Joan Feigenbaum Overview Routing with BGP is determined using ... – PowerPoint PPT presentation

Number of Views:178
Avg rating:3.0/5.0
Slides: 37
Provided by: csYaleEd8
Category:
Tags: path | policy | systems | trade | vector

less

Transcript and Presenter's Notes

Title: Path-Vector Policy Systems


1
Path-Vector Policy Systems
  • Vijay RamachandranOfficial Graduate Student
    TalkSeptember 30, 2003Advisor Joan Feigenbaum

2
Overview
  • Routing with BGP is determined using semantically
    rich routing policies.
  • Expressiveness can lead to unpredictable global
    routing anomalies.
  • Design principles for policies and policy
    languages can ameliorate this problem.
  • This work gives a framework for the design of
    path-vector protocols and policy languages.

3
Outline
  • Motivation
  • Dimensions of the Design Space
  • Path-Vector Policy Systems
  • Trade-offs in the Design Space
  • An Application
  • Open Problems

4
Dynamics of Path-Vector Routing
5
BGP Route Processing
IP Forwarding Table
Install forwarding entries for best routes
Best Route Selection
Apply Import Policies
Best Route Table
Apply Export Policies
Apply Policy filter routes tweak attributes
Apply Policy filter routes tweak attributes
Receive BGP updates
Transmit BGP updates
Based on attribute values
Storageof routes
Open-ended programming constrain
ed only by vendor configuration language
6
Consequences
  • Use of hacks to encode information, e.g.,
    AS-path padding
  • Complex policies usingcommunity values

7
Examples of Anomalies
  • Route pinning backup routes carry traffic even
    when primary link is active
  • Protocol divergenceK. Varadhan, R. Govindan, and
    D. Estrin. Persistent Route Oscillations in
    Inter-Domain Routing. Computer Networks 32,
    2000.
  • Troubles from cold-potato routingD. McPherson,
    V. Gill, D. Walton, and A. Retana. BGP
    Persistent Route Oscillation Condition.
    Manuscript, 2002.Cisco Field Note. Endless BGP
    Convergence Problem in Cisco IOS Software
    Releases. October 2001.

8
The Problem
  • Local configuration can coax the protocol to
    execute complex routing decisions.
  • Increased incidence of routing anomaliescomes
    with richer policy expressiveness.
  • Lack of design principles for policy languages

9
Outline
  • Motivation
  • Dimensions of the Design Space
  • Path-Vector Policy Systems
  • Trade-offs in the Design Space
  • An Application
  • Open Problems

10
Expressiveness
  • Desire Maximal expressiveness without
    sacrificing other design goals
  • Measure How many routing configurations can be
    expressed? Use SPP as a semantic domain.

2 3 12 3 4 12 12 5 12 3 4 5 1
3 2 5 13 4 5 13 4 13 1
2
3
Griffin, Shepherd, and Wilfong. The Stable
Paths Problem and Interdomain Routing. IEEE/ACM
TON 10(2), 2002.
1
4 5 14 3 2 5 14 3 14 1
5
4
5 15 2 1
11
Robustness
  • Definition Unique solvability for any
    configuration, even after link and node failures
  • Primary constraint on expressiveness

Deleting edge1, 5 results ina
configurationwith no predictable solution.
2 3 12 3 4 12 12 5 12 3 4 5 1
3 2 5 13 4 5 13 4 13 1
2
3
1
4 5 14 3 2 5 14 3 14 1
5
4
5 15 2 1
12
Other Design-Space Dimensions
  • Transparency Can policy writers understand the
    effects of their policies?
  • Policy Opaqueness Can routing-policy details
    remain private?
  • Autonomy What degree of independence do policy
    writers have in configuration?
  • Global Constraint What global conditions must be
    checked?

13
A Slice of the Design SpaceRobust and
Transparent Systems
14
Outline
  • Motivation
  • Dimensions of the Design Space
  • Path-Vector Policy Systems
  • Trade-offs in the Design Space
  • An Application
  • Open Problems

15
Path-Vector Policy Systems
  • Formal model of path-vector routing

( PV , PL , K )
Path-Vector System The underlying
message-exchange system for route information.
What is exchanged and how?
Global Constraint What assumptions about the
network must be true to achieve robustness?
Policy Language How can policies be described?
PL acts as a local constraint on the
expressiveness of policies.
Question What role do these components play in
achieving our design goals?
16
Path-Vector-System Components (1)
  • Path Descriptors The data structure for
    routesthe attributes in a route record used to
    advertise routes and calculate best routes
  • Example 1 (Lowest-Cost Paths)
  • Example 2 (Simplified BGP)

Destination
Path Cost
AS Path (Vector)
Destination
Local Preference
AS Path (Vector)
Next Hop
Color
17
Path-Vector-System Components (2)
  • Ranking Function (?) A description of how
    attribute values influence best-route choice
  • Example 1 (Lowest-Cost Paths)
  • Example 2 (Simplified BGP)

?(d, c, P) cLower cost More preferred
Destination
AS Path (Vector)
Path Cost ?N
Destination
Color
Local Preference
AS Path (Vector)
Next Hop
Prefer larger local pref, then shorter path
length, then smaller next-hop value
18
Path-Vector-System Components (3)
  • Local Constraints A description of legal import
    and export policies
  • Example 1 (Lowest-Cost Paths)Routers can only
    increment path-cost value bya non-negative
    integer.
  • Example 2 (Simplified BGP)Routers can only set
    local-preference (to any integer) and color
    values.

Destination
AS Path (Vector)
Path Cost ?N
Destination
Color
Local Preference
AS Path (Vector)
Next Hop
19
Path-Vector-System Components (4)
  • Policy-Application Functions How routers should
    apply policies
  • Example 1 (Lowest-Cost Paths)Apply path-cost
    increment as specified add to AS path on export
    check for loops on import.
  • Example 2 (Simplified BGP)Set color as
    specified. Set AS path and hop and hide pref on
    export check for loops and set pref on import.

Destination
Path Cost ?N
AS Path (Vector)
Destination
Color
Local Preference
AS Path (Vector)
Next Hop
20
Policy Languages
  • High-level language to write routing policies
  • Probably involves compilation to low-level
    transformations on path descriptors
  • Generated policies should satisfy path-vector
    systems local constraints

if r.color Red then r.local-pref
50 else if first(r.as-path) AS5 then
r.local-pref 25 r.color
Blue else r.local-pref 100
Example (Simplified BGP)
21
Definition of Transparency
  • Policy application along an arc
  • F(a, b)(X) tin(a, b, f in(a, b), tout(b, a, f
    out(b, a), X)
  • can be written
  • F(a, b)(X) Fin(a, b, T(Fout(b, a,
    X)))

22
Autonomy (Informal)
  • General Autonomy How many ways can a node
    partition neighbors into preference classes?
  • Autonomy of Neighbor Ranking Can anode always
    prefer routes through one set of neighbors over
    routes through another set of neighbors?

23
Outline
  • Motivation
  • Dimensions of the Design Space
  • Path-Vector Policy Systems
  • Trade-offs in the Design Space
  • An Application
  • Open Problems

24
Example 1 Properties
Destination
Path Cost ?N
AS Path (Vector)
  • Shortest Paths
  • Expressiveness low
  • Robust yes
  • Transparent yes
  • Aut. Nbr. Ranking no
  • Opaque no

25
Example 2 Properties
Destination
Color
Local Preference
AS Path (Vector)
Next Hop
  • Simplified BGP
  • Expressiveness high
  • Robust no
  • Transparent yes
  • Aut. Nbr. Ranking yes
  • Opaque yes

26
A Natural Robust Class
  • Conjecture 1. No path-vector policy system can
    exactly capture all robust configurations.
  • Theorem 5 6. A path-vector policy systemin
    which a paths absolute rank monotonically
    increases as it is exchanged among routersis
    robust. Example Lowest-cost paths
  • (This is the broadest-known sufficient condition
    for robustness.)

27
Increasing What is Lost? (1)
  • 1. Filter out routes whose absolute rank does not
    increase on import/export.
  • X Transparency

u decreases local preference value for P
P.pref 75
P.pref 25
u
u
P
P
s
d
s
d
uP.pref 50vQ.pref 25
uP.pref 50vQ.pref 25
Q
Q
v
v
Q.pref 50
Q.pref 50
28
Increasing What is Lost? (2)
  • 2. Have routers share all rank-determining
    attributes and constrain legal policies to those
    that increase absolute rank.
  • X Autonomy and Policy Opaqueness

u decreases local preference value for P, so s
must adjust
P.pref 75
P.pref 25
u
u
P
P
s
d
s
d
uP.pref 50vQ.pref 25
uP.pref 20vQ.pref 15
Q
Q
v
v
Q.pref 50
Q.pref 50
29
Increasing What is Lost? (3)
  • 3. Impose some global mechanism to check that
    paths are partially ordered with respect to the
    ranking function.
  • i.e., for any configuration, check that all
    realizable path descriptors have increased
    absolute rank on import / export
  • X In general, tractability of Global Constraint

30
Summary of Trade-offs
  • Theorem 7. A path-vector policy
    system(without global constraint) expressive
    enough to capture all increasing configurations
    either does not support autonomy of neighbor
    ranking or is not transparent, or both.
  • Theorem 8. A transparent, robust path-vector
    policy system that supports autonomy of neighbor
    ranking and is at least as expressive as shortest
    paths must have a non-trivial global constraint.

31
Outline
  • Motivation
  • Dimensions of the Design Space
  • Path-Vector Policy Systems
  • Trade-offs in the Design Space
  • An Application
  • Open Problems

32
Class-Based Systems (1)
  • Assign each neighbor to a class
  • Classes have preference and scope rules
  • Prefer routes through neighbors of certain
    classes
  • Conditions for sharing routes with neighbors
  • Example (HBGP)
  • Classes are peer, provider, and customer.
  • Classes are preferred in the standard order.

33
Class-Based Systems (2)
Relative Preference If class i is to be
preferred over class j, then node v should prefer
routes from node w over those from node x.
Scope If class i routes cannot be exported to a
class-k neighbor, then node u will only learn
about the path uvxQ.
34
Class-Based Systems (3)
  • Use a BGP-like path-vector system with level and
    local-preference attributes.
  • Use policy languages that allow classification of
    neighbors, assignment of local preference, and
    adjustment of level.
  • What global constraint is needed?
  • Theorem 9. Constraint class consistency
    check that certain cycles do not existExample
    (HBGP) no customer-provider cycles

35
Outline
  • Motivation
  • Dimensions of the Design Space
  • Path-Vector Policy Systems
  • Trade-offs in the Design Space
  • An Application
  • Open Problems

36
Open Problems
  • Conjecture 1, or necessary condition for
    robustness
  • Further study of class-based systems in
    particular, tighten robustness check
  • Enforcement mechanisms for global constraints
  • Expressiveness of systems under
    poynomial-time-checkable global constraints
  • Policy language development
  • Non-deterministic systems and their dynamics
  • Security issues and study of the forwarding
    plane
Write a Comment
User Comments (0)
About PowerShow.com