The New Policy for Enterprise Networking
Robert BaysChief Scientist
June 2002
2
What Enterprises Need
• Apply business objectives to network policy
– Lower operational costs with quick ROI
– Optimize network performance
• Free existing technical resources from operational tasks
3
Proficient Networks DefinesEnterprise Business Policy
• Current protocols were not designed to define complex business policies, nor should they
• Policy additions allow the enterprise finer control over their network than BGP
– Time of day, link cost, path metrics complement existing BGP policy
– Standard tasks - Explicit Engineering, Metrics Engineering, and Load Sharing
4
Business Policy Choices
• When and how often am I engineering?
• Where am I engineering to?
• What type of engineering am I doing?
5
Explicit EngineeringOverview
• Enterprise need:– “I want all my VPN traffic to traverse my VPN provider during
business hours.”
• Destination prefix and nexthop are known
ASN 65401
ASN 65400R1
R2
10.0.0.0/8
explicit
6
Metrics EngineeringOverview
• Enterprise need:– “I want to minimize jitter to my branch offices to increase the
quality of my VoIP traffic.”
Net B
Net A
R1
R2
10.0.0.0/8
Test #2
Test #1
7
Metrics EngineeringHow It Works
• Hop limited probes determine last intermediate system in path
• Subsequent tests sends hop limited packets to last intermediate system in each path– latency, loss, jitter, packet trains, cost
• Path ranking based on test results
• Variance and hold-time to minimize route churn
8
Metrics EngineeringImpact on the Enterprise
• Enterprise problem: – Path characteristics are constantly changing
• Impact of Metrics Engineering:– The Proficient Network Policy Engine consistently chooses the best path based
on current path results
9
Load SharingOverview
• Enterprise need:– “I want to distribute my traffic based on utilization and
cost.”
ASN 6540210.3.0.1
R1
R2
ASN 6540110.2.0.1
NetFlow
ASN 6540010.1.0.1
10
Load SharingHow It Works
• Define cost schedules for each peer
• Gather flow information from Netflow or ethernet tap
• Distribute prefixes based on aggregate traffic rates minimizing costs
• After a prefix has been placed once, leave the prefix on that nexthop to minimize route churn
• AS-path variance
11
Load Sharing Impact on the Enterprise
• Enterprise problem:– Unpredictable costs and capacity
• Impact of Load Sharing:– Minimizes actual cost of transmitting a given amount of traffic, but total
bill could increase– Traffic distribution may increase throughput by creating available
bandwidth on a previously constricted link
12
Routing Update ProcessOverview
• IBGP peering sessions
• Inactive route discovery
• Only inactive routes originated from local peers tested
• Inactive routes monitored on user configurable intervals
• Entire prefix or a subnet inserted
• Inserted routes chosen based on local preference
• Routing updates only where necessary
13
Routing Update SanityOverview
• NLRI is required before route insertion
• AS path modification
• No export community default
The Business of Networking
Q&A
15
BGP Decision ProcessWhat is the deciding factor?
• Reason for path choice varies wildly depending on network architecture and peer choices– Border router, no policy: AS path length 5%, External BGP,
50%, IGP or router ID 45%– Core router, no policy: IGP or router ID– Policy usually accounts for 20% of path decisions where
used
• Policy is not being used in most enterprise networks– Lack of expertise– Inability to achieve goals
16
BGP issuesWhat needs to be changed for the Enterprise?
• The enterprise is primarily interested in recognizing long term path trends or network problems when they exist
• BGP usually doesn’t make bad decisions
• What determines of a “bad path” will vary depending on the enterprise needs
• Biggest problem is lack of customer understanding
• Standardized customer facing policies at the ISP level would help the enterprise more
• Give the enterprise tools to easily audit and understand what they can’t directly control
