rfc1478.txt

著名的RFC文档,其中有一些文档是已经翻译成中文的的.

     include its domain's identity and transit policies in each
     acceptable distance vector message it propagates.




Steenstrup                                                      [Page 5]

RFC 1478                   IDPR Architecture                   June 1993


   - The route is consistent with at least one source policy for at least
     one domain in the Internet.  To enable each recipient of a distance
     vector message to verify consistency of the associated route with
     the source policies of particular domains, each domain must provide
     other domains with access to its source policies.

   In addition, at least one of the following conditions is necessary
   for route acceptability:

   - The route is consistent with at least one of the transit policies
     for the current routing entity's domain.  In this case, the routing
     entity accepts the distance vector message and then proceeds to
     compare the associated route with its other routes to the
     destinations listed in the message.  If the routing entity decides
     that the new route is preferable, it updates the distance vector
     message with its domain's identity and transit policies and then
     propagates the message to the appropriate neighboring domains.  We
     discuss distance vector message distribution in more detail in
     section 2.2.1.

   The route is consistent with at least one of the source policies for
   the current routing entity's domain.  In this case, the routing
   entity need not propagate the distance vector message but does retain
   the associated route for use by traffic from local hosts, bound for
   the destinations listed in the message.

   The routing entity discards any distance vector message that does not
   meet these necessary conditions.

   With distance vector policy route generation, a routing entity may
   select and store multiple routes of different characteristics, such
   as qualities of service, to a single destination.  A routing entity
   uses the quality of service information, provided in the transit
   policies contained in accepted distance vector messages, to
   discriminate between routes based on quality of service.  Moreover, a
   routing entity may select routes that are specific to certain source
   domains, provided that the routing entity has access to the source
   policies of those domains.

   In the distance vector context, the flexibility of policy route
   generation afforded by accounting for other domains' transit and
   source policies in route selection has the following disadvantages:

   - Each recipient of a distance vector message must bear the cost of
     verifying the consistency of the associated route with the
     constituent domains' transit policies.





Steenstrup                                                      [Page 6]

RFC 1478                   IDPR Architecture                   June 1993


   - Source policies must be made public.  Thus, a domain must divulge
     potentially private information.

   - Each recipient of a distance vector message must bear the
     potentially high costs of selecting routes for arbitrary source
     domains.  In particular, a routing entity must store the source
     policies of other domains, account for these source policies during
     route selection, and maintain source-specific forwarding
     information.  Moreover, there must be a mechanism for distributing
     source policy information among domains.  Depending on the mechanism
     selected, distribution of source policies may add to the costs paid
     by each routing entity in supporting source-specific routing.

   We note, however, that failure to distribute source policies to all
   domains may have unfortunate consequences.  In the worst case, a
   domain may not learn of any acceptable routes to a given destination,
   even though acceptable routes do exist.  For example, suppose that AD
   V is connected to AD W and that AD W can reach AD Z through either AD
   X or AD Y.  Suppose also that AD~W, as a recipient of distance vector
   messages originating in AD Z, prefers the route through AD Y to the
   route through AD X.  Furthermore, suppose that AD W has no knowledge
   of AD V's source policy precluding traffic from traversing AD Y.
   Hence, AD W distributes to AD V the distance vector message
   containing the route WYZ but not the distance vector message
   containing the route WXZ.  AD V is thus left with no known route to
   AD Z, although a viable route traversing AD W and AD X does exist.

2.1.2.  Link State Approach

   Link state route generation permits concentration of the computation
   of a single route within a single routing entity at the source of the
   route.  In the policy routing context, entities within a domain
   generate link state messages containing information about the
   originating domain, including the set of transit policies that apply
   and the connectivity to adjacent domains, and they distribute these
   messages to neighboring domains.  Each recipient of a link state
   message stores the routing information for anticipated policy route
   generation and also distributes it to neighboring domains.  Based on
   the set of link state messages collected from other domains and on
   its domain's source and transit policies, a routing entity constructs
   and selects policy routes from its domain to other domains in the
   Internet.

   We have selected link state policy route generation for IDPR for the
   following reasons:

   - Each domain has complete control over policy route generation from
     the perspective of itself as source.



Steenstrup                                                      [Page 7]

RFC 1478                   IDPR Architecture                   June 1993


   - The cost of computing a route is completely contained within the
     source domain.  Hence, routing entities in other domains need not
     bear the cost of generating policy routes that their domains' local
     hosts may never use.

   - Source policies may be kept private and hence need not be
     distributed.  Thus, there are no memory, processing, or transmission
     bandwidth costs incurred for distributing and storing source
     policies.

2.2.  Routing Information Distribution

   A domain's routing information and the set of domains to which that
   routing information is distributed each influence the set of generable
   policy routes that include the given domain.  In particular, a domain
   administrator may promote the generation of routes that obey its
   domain's transit policies by ensuring that its domain's routing
   information:

   - Includes resource access restrictions.

   - Is distributed only to those domains that are permitted to use these
     resources.

   Both of these mechanisms, distributing restrictions with and
   restricting distribution of a domain's routing information, can be
   applied in both the distance vector and link state contexts.

2.2.1.  Distance Vector Approach

   A routing entity may distribute its domain's resource access
   restrictions by including the appropriate transit policy information
   in each distance vector it accepts and propagates.  Also, the routing
   entity may restrict distribution of an accepted distance vector
   message by limiting the set of neighboring domains to which it
   propagates the message.  In fact, restricting distribution of routing
   information is inherent in the distance vector approach, as a routing
   entity propagates only the preferred routes among all the distance
   vector messages that it accepts.

   Although restricting distribution of distance vector messages is
   easy, coordinating restricted distribution among domains requires
   each domain to know other domains' distribution restrictions.  Each
   domain may have a set of distribution restrictions that apply to all
   distance vector messages generated by that domain as well as sets of
   distribution restrictions that apply to distance vector messages
   generated by other domains.




Steenstrup                                                      [Page 8]

RFC 1478                   IDPR Architecture                   June 1993


   As a distance vector message propagates among domains, each routing
   entity should exercise the distribution restrictions associated with
   each domain constituting the route thus far constructed.  In
   particular, a routing entity should send an accepted distance vector
   message to a given neighbor, only if distribution of that message to
   that neighbor is not precluded by any domain contained in the route.

   To enable a routing entity to exercise these distribution
   restrictions, each domain must permit other domains access to its
   routing information distribution restrictions.  However, we expect
   that domains may prefer to keep distribution restrictions, like
   source policies, private.  There are at least two ways to make a
   domain's routing information distribution restrictions generally
   available to other domains:

   - Prior to propagation of an accepted distance vector message, a
     routing entity includes in the message its domain's distribution
     restrictions (all or only those to that apply to the given message).
     This method requires no additional protocol for disseminating the
     distribution restrictions, but it may significantly increase the
     size of each distance vector message.

   - Each domain independently disseminates its distribution restrictions
     to all other domains, so that each domain will be able to exercise
     all other domains' distribution restrictions.  This method requires
     an additional protocol for disseminating the distribution
     restrictions, and it may require a significant amount of memory at
     each routing entity for storing all domains' distribution
     restrictions.

   We note that a domain administrator may describe the optimal
   distribution pattern of distance vector messages originating in its
   domain, as a directed graph rooted at its domain.  Furthermore, if
   all domains in the directed graph honor the directionality and if the
   graph is also acyclic, no routing loops may form, because no two
   domains are able to exchange distance vector messages pertaining to
   the same destination.  However, an acyclic graph also means that some
   domains may be unable to discover alternate paths when connectivity
   between adjacent domains fails, as we show below.

   We reconsider the example from section 2.1.1.  Suppose that the
   distance vector distribution graph for AD Z is such that all distance
   vectors originating in AD Z flow toward AD V.  In particular,
   distance vectors from AD Z enter AD W from AD X and AD Y and leave AD
   W for AD V.  Now, suppose that the link between the AD Z and AD X
   breaks.  AD X no longer has knowledge of any viable route to AD Z,
   although such a route exists through AD W.  To ensure discovery of
   alternate routes to AD Z during connectivity failures, the distance



Steenstrup                                                      [Page 9]

RFC 1478                   IDPR Architecture                   June 1993


   vector distribution graph for AD Z must contain bidirectional links
   between AD W and AD X and between AD W and AD Y.

2.2.2.  Link State Approach

   With link state routing information distribution, all recipients of a
   domain's link state message gain knowledge of that domain's transit
   policies and hence service restrictions.  For reasons of efficiency
   or privacy, a domain may also restrict the set of domains to which
   its link state messages should be distributed.  Thus, a domain has
   complete control over distributing restrictions with and restricting
   distribution of its routing information.

   A domain's link state messages automatically travel to all other
   domains if no distribution restrictions are imposed.  Moreover, to
   ensure that distribution restrictions, when imposed, are applied, the
   domain may use source specified forwarding of its link state
   messages, such that the messages are distributed and interpreted only
   by the destination domains for which they were intended.  Thus, only
   those domains receive the given domain's link state messages and
   hence gain knowledge of that domain's service offerings.

   We have selected link state routing information distribution for IDPR
   for the following reasons:

   - A domain has complete control over the distribution of its own
     routing information.

   - Routing information distribution restrictions may be kept private
     and hence need not be distributed.  Thus, there are no memory,
     processing, or transmission bandwidth costs incurred for
     distributing and storing distribution restrictions.

2.3.  Message Forwarding along Policy Routes

   To transport data messages along a selected policy route, a routing
   entity may use either hop-by-hop or source specified message
   forwarding.

2.3.1.  Hop-by-Hop Approach