Difference between revisions of "RFC1136"
imported>Admin (Created page with " Network Working Group S. Hares Request for Comments: 1136 D. Katz ...") |
|||
Line 7: | Line 7: | ||
Network Working Group S. Hares | Network Working Group S. Hares | ||
Request for Comments: 1136 D. Katz | Request for Comments: 1136 D. Katz | ||
− | + | Merit/NSFNET | |
− | + | December 1989 | |
− | + | Administrative Domains and Routing Domains | |
− | + | A Model for Routing in the Internet | |
1) Status of this Memo | 1) Status of this Memo | ||
− | This RFC proposes a model for describing routing within the Internet. | + | This RFC proposes a model for describing routing within the Internet. |
− | The model is an adaptation of the "OSI Routeing Framework" [1]. This | + | The model is an adaptation of the "OSI Routeing Framework" [1]. This |
− | memo does not specify an Internet standard. Comments are welcome. | + | memo does not specify an Internet standard. Comments are welcome. |
− | Distribution of this memo is unlimited. | + | Distribution of this memo is unlimited. |
2) Acknowledgement | 2) Acknowledgement | ||
− | The authors would like to thank Guy Almes of Rice University for his | + | The authors would like to thank Guy Almes of Rice University for his |
− | contributions and insight. | + | contributions and insight. |
3) Overview | 3) Overview | ||
− | The "core" model of Autonomous Systems [2] formed the basis for the | + | The "core" model of Autonomous Systems [2] formed the basis for the |
− | routing model used in the Internet. Due to massive growth and | + | routing model used in the Internet. Due to massive growth and |
− | topology changes, the "core" model no longer is in harmony with the | + | topology changes, the "core" model no longer is in harmony with the |
− | reality of today's Internet. Indeed, this situation was foreseen at | + | reality of today's Internet. Indeed, this situation was foreseen at |
− | the outset: | + | the outset: |
− | + | "Ultimately, however, the internet may consist of a number of co- | |
− | + | equal autonomous systems, any of which may be used...as a | |
− | + | transport medium for traffic originating in any system and | |
− | + | destined for any system. When this more complex configuration | |
− | + | comes into being, it will be inappropriate to regard any one | |
− | + | autonomous system as a "core" system" [2]. | |
− | Furthermore, the Autonomous System concept has been outgrown in | + | Furthermore, the Autonomous System concept has been outgrown in |
− | certain parts of the Internet, in which the complexity of regional | + | certain parts of the Internet, in which the complexity of regional |
− | routing has exceeded the limits of the definition of Autonomous | + | routing has exceeded the limits of the definition of Autonomous |
− | Systems. | + | Systems. |
− | A model which can provide a better match to the Internet can be found | + | A model which can provide a better match to the Internet can be found |
− | in the "OSI Routeing Framework" [1]. | + | in the "OSI Routeing Framework" [1]. |
− | This framework proposes a structure of Routing Domains within | + | This framework proposes a structure of Routing Domains within |
− | Administrative Domains. This paper is intended to briefly describe | + | Administrative Domains. This paper is intended to briefly describe |
− | this framework, to outline how this model better fits the reality of | + | this framework, to outline how this model better fits the reality of |
+ | Hares & Katz [Page 1] | ||
+ | RFC 1136 A Model for Routing in the Internet December 1989 | ||
− | the present and future Internet, and to show how the model can aid in | + | |
− | the construction of well-engineered routing environments. | + | the present and future Internet, and to show how the model can aid in |
+ | the construction of well-engineered routing environments. | ||
4) Terminology | 4) Terminology | ||
− | The following is a brief glossary of OSI terminology. Formal | + | The following is a brief glossary of OSI terminology. Formal |
− | definitions can be found in the OSI Basic Reference Model [4], the | + | definitions can be found in the OSI Basic Reference Model [4], the |
− | Internal Organization of the Network Layer [5], and the OSI Routeing | + | Internal Organization of the Network Layer [5], and the OSI Routeing |
− | Framework [1]. | + | Framework [1]. |
+ | |||
+ | "Routeing" is the official ISO spelling of what is more | ||
+ | commonly spelled "routing." In this paper, the ISO spelling | ||
+ | will be used wherever directly quoted from ISO documents, and | ||
+ | the common spelling used otherwise. | ||
+ | |||
+ | End System (ES) | ||
+ | |||
+ | An OSI system on which applications run. An End System has | ||
+ | full seven-layer OSI functionality. Basically equivalent to an | ||
+ | Internet Host. | ||
− | + | Intermediate System (IS) | |
− | |||
− | |||
− | |||
− | + | An OSI system that performs routing and relaying functions in | |
+ | order to provide paths between End Systems. Intermediate | ||
+ | Systems have no functionality above the Network Layer (although | ||
+ | a practical realization of an OSI router will have some amount | ||
+ | of End System functionality for network management functions, | ||
+ | among other things). Basically equivalent to an Internet | ||
+ | Router. | ||
− | + | Subnetwork (SN) | |
− | |||
− | |||
− | + | A communications medium that provides a "direct" path between | |
+ | Network Layer entities. This can be realized via a point-to- | ||
+ | point link, a LAN, a Public Data Network, and so forth. This | ||
+ | is essentially equivalent to an Internet Subnet. It is worth | ||
+ | noting that, unlike Internet Subnets, OSI Subnetworks are not | ||
+ | necessarily reflected in the addressing hierarchy, so the | ||
+ | double meaning of the Internet term "Subnet" (a single IP hop; | ||
+ | a part of the address hierarchy) does not hold in the OSI | ||
+ | world. | ||
− | + | Open Systems Interconnection Environment (OSIE) | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | + | The global collection of Open Systems. Basically equivalent to | |
+ | the Internet. | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
+ | Hares & Katz [Page 2] | ||
+ | RFC 1136 A Model for Routing in the Internet December 1989 | ||
+ | Network Service Access Point (NSAP) | ||
+ | A conceptual point on the Network/Transport Layer boundary in | ||
+ | an End System that is globally addressable (and the address | ||
+ | globally unambiguous) in the OSIE. An NSAP represents a | ||
+ | service available above the Network Layer (such as a choice of | ||
+ | transport protocols). An End System may have multiple NSAPs. | ||
+ | An NSAP address is roughly equivalent to the Internet [address, | ||
+ | protocol] pair. | ||
− | + | Administrative Domain (AD) | |
− | + | "A collection of End Systems, Intermediate Systems, and | |
− | + | subnetworks operated by a single organization or administrative | |
− | + | authority. The components which make up the domain are assumed | |
− | + | to interoperate with a significant degree of mutual trust among | |
− | + | themselves, but interoperate with other Administrative Domains | |
− | + | in a mutually suspicious manner" [1]. | |
− | |||
− | + | A group of hosts, routers, and networks operated and managed by | |
+ | a single organization. Routing within an Administrative Domain | ||
+ | is based on a consistent technical plan. An Administrative | ||
+ | Domain is viewed from the outside, for purposes of routing, as | ||
+ | a cohesive entity, of which the internal structure is | ||
+ | unimportant. Information passed by other Administrative | ||
+ | Domains is trusted less than information from one's own | ||
+ | Administrative Domain. | ||
− | + | Administrative Domains can be organized into a loose hierarchy | |
− | + | that reflects the availability and authoritativeness of routing | |
− | + | information. This hierarchy does not imply administrative | |
− | + | containment, nor does it imply a strict tree topology. | |
− | |||
− | |||
− | + | Routing Domain (RD) | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | + | "A set of End Systems and Intermediate Systems which operate | |
− | + | according to the same routeing procedures and which is wholly | |
− | + | contained within a single Administrative Domain" [1]. | |
− | |||
− | + | "A Routeing Domain is a set of ISs and ESs bound by a common | |
+ | routeing procedure; namely: | ||
− | + | they are using the same set of routeing metrics, | |
− | |||
− | |||
− | + | they use compatible metric measurement techniques, | |
− | |||
− | + | they use the same information distribution protocol, and | |
− | |||
− | |||
+ | Hares & Katz [Page 3] | ||
+ | RFC 1136 A Model for Routing in the Internet December 1989 | ||
+ | they use the same path computation algorithm" [1]. | ||
− | + | The "OSI Routeing Framework" further provides a formal | |
+ | definition of a Routing Domain, specifying that all ISs within | ||
+ | a Routing Domain can determine whether an ES within the domain | ||
+ | is reachable, and if so can derive a path to it. | ||
− | + | Routing Domains may be divided into subdomains, not unlike | |
− | + | subnetting in the Internet. This allows a hierarchical | |
− | + | structuring of the domain, permitting containment of the | |
− | + | topological details of a subdomain with the resultant reduction | |
+ | in distributed routing information. | ||
− | + | An intra-Routing Domain routing protocol is equivalent to an | |
− | + | Internet Interior Gateway Protocol (IGP). | |
− | |||
− | |||
− | |||
− | + | An Administrative Domain may contain multiple Routing Domains. | |
− | + | A Routing Domain may never span multiple Administrative | |
+ | Domains. | ||
− | + | An Administrative Domain may consist of only a single Routing | |
− | + | Domain, in which case they are said to be Congruent. A | |
− | + | congruent Administrative Domain and Routing Domain is analogous | |
+ | to an Internet Autonomous System. | ||
− | + | Common Domain (CD) | |
− | |||
− | |||
− | |||
− | + | "An Administrative Domain which is not a member of a higher | |
+ | level domain. A common domain is the highest level in the | ||
+ | routeing hierarchy. There is no single domain above the common | ||
+ | domain. In this sense, the routeing hierarchy is in fact | ||
+ | multiple hierarchies, with the common domain as the highest | ||
+ | element of each hierarchy". | ||
− | + | "Where there are multiple common domains, they cooperate as | |
− | + | peers to make it possible to route to any NSAP in the OSIE" | |
− | + | [1]. | |
− | |||
− | |||
− | |||
− | + | Common Domains have global routing information to the extent | |
− | + | necessary to route packets to the proper domain. Each of the | |
− | + | several peer national backbones in today's Internet may be | |
+ | considered to be similar to a Common Domain. Note that in the | ||
+ | Internet the hierarchical containment implied by the definition | ||
+ | of a CD does not really exist; however, there is a level of | ||
+ | implicit ordering based on topology and policy issues (the | ||
+ | willingness to be used as a transit network) that can be viewed | ||
+ | as defining a Common Domain in the Internet. | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
+ | Hares & Katz [Page 4] | ||
+ | RFC 1136 A Model for Routing in the Internet December 1989 | ||
− | For completeness, we offer the following definition for an Internet | + | For completeness, we offer the following definition for an Internet |
− | Autonomous System (AS): | + | Autonomous System (AS): |
− | + | "An 'autonomous system' consists of a set of gateways, each of | |
− | + | which can reach any other gateway in the same system using paths | |
− | + | via gateways only in that system. The gateways of a system | |
− | + | cooperatively maintain a routing data base using an interior | |
− | + | gateway protocol (IGP)..." [3] | |
5) Environment and Goals | 5) Environment and Goals | ||
− | The "OSI Routeing Framework" describes the environment for OSI | + | The "OSI Routeing Framework" describes the environment for OSI |
− | routing as well as its goals. The environment described is a highly | + | routing as well as its goals. The environment described is a highly |
− | interconnected, highly heterogeneous collection of LANs and public | + | interconnected, highly heterogeneous collection of LANs and public |
− | and private networks made up of a diverse collection of equipment | + | and private networks made up of a diverse collection of equipment |
− | from multiple vendors. A number of goals are enumerated, including: | + | from multiple vendors. A number of goals are enumerated, including: |
− | + | - Support of multiple subnetwork types | |
− | + | - Very large numbers of connected systems | |
− | + | - End System simplicity | |
− | + | - Multiple organizations with mutual distrust and policy/legal | |
− | + | restrictions | |
− | + | - High performance | |
− | + | - Robust and dynamic routing in the face of topological changes | |
− | The environment and goals described are a good match for those in the | + | The environment and goals described are a good match for those in the |
− | Internet. The Internet crosses multiple types of physical media, | + | Internet. The Internet crosses multiple types of physical media, |
− | link layer protocols, and administrative controls. Routers and hosts | + | link layer protocols, and administrative controls. Routers and hosts |
− | may come from many vendors. The Internet has become international in | + | may come from many vendors. The Internet has become international in |
− | scope. Issues of security and the isolation of bad routing | + | scope. Issues of security and the isolation of bad routing |
− | information have become international concerns. | + | information have become international concerns. |
− | The Internet environment, with over 900 highly connected networks | + | The Internet environment, with over 900 highly connected networks |
− | (and growing exponentially), is very much like the environment the | + | (and growing exponentially), is very much like the environment the |
− | OSI model aims to describe. | + | OSI model aims to describe. |
6) Structure of Global Routing | 6) Structure of Global Routing | ||
− | The "OSI Routeing Framework" classifies routing into three types: | + | The "OSI Routeing Framework" classifies routing into three types: |
− | + | - within a Routing Domain | |
− | + | - within an Administrative Domain | |
− | + | - between Administrative Domains | |
− | Routing within a Routing Domain involves a high level of mutual | + | Routing within a Routing Domain involves a high level of mutual |
− | trust. This allows the use of complex, tightly-coupled procedures | + | trust. This allows the use of complex, tightly-coupled procedures |
− | that can make the best use of dynamic, highly interconnected | + | that can make the best use of dynamic, highly interconnected |
− | environments. | + | environments. |
+ | Hares & Katz [Page 5] | ||
+ | RFC 1136 A Model for Routing in the Internet December 1989 | ||
− | |||
− | |||
− | |||
− | |||
− | + | Routing Domains may be recursively subdivided into Subdomains in | |
− | + | order to reduce routing complexity. The details of a subdomain may | |
− | + | be largely hidden from other subdomains with an attendant reduction | |
− | + | in the volume of routing information exchanged. | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | Inter-Administrative Domain routing is concerned with managing and | + | Intra-Administrative Domain routing is concerned with interconnecting |
− | controlling the flow of information in a highly structured way | + | multiple Routing Domains within an administration. Issues may |
− | between organizations that may require formal multilateral | + | include address administration, cost recovery, and policy concerns. |
− | agreements. The issues of concern at this level tend to be | + | A moderate level of trust is assumed. The nature of the interactions |
− | administrative in nature (legal/political constraints, security, | + | between Routing Domains can range from being tightly coupled (best |
− | access control, etc.). Multiple agreements between multiple | + | path routing between two RDs running different routing protocols) to |
− | administrations are unlikely to be implicitly transitive. This makes | + | being more policy-based. However, inter-RD routing within an |
− | the analysis of policy interactions very important. | + | Administrative Domain is tightly coordinated and represents a unified |
+ | technical plan. | ||
+ | |||
+ | Inter-Administrative Domain routing is concerned with managing and | ||
+ | controlling the flow of information in a highly structured way | ||
+ | between organizations that may require formal multilateral | ||
+ | agreements. The issues of concern at this level tend to be | ||
+ | administrative in nature (legal/political constraints, security, | ||
+ | access control, etc.). Multiple agreements between multiple | ||
+ | administrations are unlikely to be implicitly transitive. This makes | ||
+ | the analysis of policy interactions very important. | ||
7) Mapping the AD/RD Model Onto the Internet | 7) Mapping the AD/RD Model Onto the Internet | ||
− | The national network backbones (NSFNET, ARPANET, MILNET, NSN, and | + | The national network backbones (NSFNET, ARPANET, MILNET, NSN, and |
− | soon ESNET) can be viewed as Common Domains. Each may have | + | soon ESNET) can be viewed as Common Domains. Each may have |
− | sufficiently global routing knowledge to determine a path to any | + | sufficiently global routing knowledge to determine a path to any |
− | Internet address. | + | Internet address. |
+ | |||
+ | Regional networks are clearly Administrative Domains. Multilateral | ||
+ | policy agreements are defined between the regional networks and the | ||
+ | backbones. On the other hand, regional networks very often are | ||
+ | tightly coupled to individual networks and campus networks in terms | ||
+ | of routing. In this sense, a regional network could be viewed as a | ||
+ | Routing Domain with individual campuses thought of as Subdomains. | ||
− | + | From the standpoint of routing functionality, it is most useful to | |
− | + | view a "classic" Autonomous System as a congruent Routing Domain and | |
− | + | Administrative Domain. An AS as defined represents both a single IGP | |
− | + | and a point of policy administration. The sixteen bit value now | |
− | of | + | known as the Autonomous System number may instead be viewed as an |
− | + | Administrative Domain number. | |
− | + | In reality, however, many so-called Autonomous Systems today do not | |
− | + | adhere to the strict definition of an AS. In theory, an Autonomous | |
− | + | System is quite similar to a Routing Domain, in which a high level of | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
+ | Hares & Katz [Page 6] | ||
+ | RFC 1136 A Model for Routing in the Internet December 1989 | ||
− | trust is made between systems, a consistent IGP is run, and full | + | trust is made between systems, a consistent IGP is run, and full |
− | routing information is distributed. On the other hand, AS numbers | + | routing information is distributed. On the other hand, AS numbers |
− | have become an abstraction for policy groupings to backbones. | + | have become an abstraction for policy groupings to backbones. |
− | Indeed, entire regional networks are viewed by the backbones as a | + | Indeed, entire regional networks are viewed by the backbones as a |
− | single Autonomous System, even though they are not nearly as | + | single Autonomous System, even though they are not nearly as |
− | homogeneous as the AS model specifies. Such entities can be viewed | + | homogeneous as the AS model specifies. Such entities can be viewed |
− | as an Administrative Domain containing several Routing Domains. | + | as an Administrative Domain containing several Routing Domains. |
− | Although it is true that, in this interpretation, multiple | + | Although it is true that, in this interpretation, multiple |
− | nontechnical administrations are represented within a single | + | nontechnical administrations are represented within a single |
− | Administrative Domain (in conflict with the definition of an | + | Administrative Domain (in conflict with the definition of an |
− | Administrative Domain), such structures require a single approach to | + | Administrative Domain), such structures require a single approach to |
− | internal routing. Even if there is not a true administration | + | internal routing. Even if there is not a true administration |
− | representing the collection of domains (such as a consortium), there | + | representing the collection of domains (such as a consortium), there |
− | typically is a technical committee to settle common technical issues. | + | typically is a technical committee to settle common technical issues. |
8) The AD/RD Model as an Engineering Tool | 8) The AD/RD Model as an Engineering Tool | ||
− | Current Autonomous Systems cross administrative boundaries with | + | Current Autonomous Systems cross administrative boundaries with |
− | impunity. This works as long as the individual administrations | + | impunity. This works as long as the individual administrations |
− | operating within the common AS agree to a common technical policy for | + | operating within the common AS agree to a common technical policy for |
− | routing and network management. Connections with other backbones, | + | routing and network management. Connections with other backbones, |
− | regional networks, and campus networks must be planned, implemented, | + | regional networks, and campus networks must be planned, implemented, |
− | and managed in a coordinated fashion. | + | and managed in a coordinated fashion. |
+ | |||
+ | This coordination becomes more difficult, but more necessary, as the | ||
+ | AS grows. As connectivity and policy become more complex, current | ||
+ | Autonomous Systems start to fragment. An example of this is a | ||
+ | network that is currently a member of an NSFNET regional network but | ||
+ | will be adding a connection to ESNET. The administrators of the | ||
+ | network and the regional network must carefully coordinate the | ||
+ | changes necessary to implement this connection, including possibly | ||
+ | altering the boundaries of policy and routing. A lack of | ||
+ | coordination could result in routing loops and policy violations. | ||
− | + | A point that is being increasingly realized is that the entity | |
− | + | responsible for exterior or policy routing (be it an Autonomous | |
− | Autonomous | + | System or an Administrative Domain) must have a common technical |
− | + | policy for routing. The effects of attempting different approaches | |
− | + | to policy and external routing while maintaining a single AS have | |
− | + | been painfully evident in real instances in the Internet. | |
− | |||
− | |||
− | |||
− | + | Under the AD/RD model, a routing domain cannot be in two | |
− | + | Administrative Domains. For example, if a campus network wants to | |
− | + | set its own routing policy and enforce it via management of their | |
− | policy | + | routers, the campus has elected to become a separate Administrative |
− | to | + | Domain. If that campus uses a common IGP with other campuses, it |
− | + | represents an attempt to split a Routing Domain (the regional network | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
+ | Hares & Katz [Page 7] | ||
+ | RFC 1136 A Model for Routing in the Internet December 1989 | ||
− | with a common IGP) across multiple Administrative Domains (the campus | + | with a common IGP) across multiple Administrative Domains (the campus |
− | and the rest of the regional). Such arrangements represent dubious | + | and the rest of the regional). Such arrangements represent dubious |
− | engineering practice, cause real routing problems, and are disallowed | + | engineering practice, cause real routing problems, and are disallowed |
− | by the AD/RD model. | + | by the AD/RD model. |
− | Under the strict Autonomous System model, only one IGP can exist | + | Under the strict Autonomous System model, only one IGP can exist |
− | within an AS. However, many regional networks are successfully using | + | within an AS. However, many regional networks are successfully using |
− | multiple IGPs. The AD/RD model allows this valuable routing | + | multiple IGPs. The AD/RD model allows this valuable routing |
− | topology. Such a topology would also be allowed by the AS model if | + | topology. Such a topology would also be allowed by the AS model if |
− | it were to be broadened to allow multiple IGPs, in which case an AS | + | it were to be broadened to allow multiple IGPs, in which case an AS |
− | and an AD would effectively become equivalent. | + | and an AD would effectively become equivalent. |
9) The AD/RD Model in a Dual Protocol Internet | 9) The AD/RD Model in a Dual Protocol Internet | ||
− | As the OSI protocol suite is deployed and an OSI Internet is | + | As the OSI protocol suite is deployed and an OSI Internet is |
− | constructed, it is very likely that significant portions of the | + | constructed, it is very likely that significant portions of the |
− | current TCP/IP Internet will also carry OSI traffic. Many router | + | current TCP/IP Internet will also carry OSI traffic. Many router |
− | vendors provide dual protocol capability today, or will in the near | + | vendors provide dual protocol capability today, or will in the near |
− | future, and the investment in network infrastructure is such that it | + | future, and the investment in network infrastructure is such that it |
− | is unlikely that a separate, parallel internet will be established | + | is unlikely that a separate, parallel internet will be established |
− | for OSI traffic. | + | for OSI traffic. |
− | It is logical to assume that, in many cases, the same technical and | + | It is logical to assume that, in many cases, the same technical and |
− | administrative boundaries will apply to both DoD IP and OSI | + | administrative boundaries will apply to both DoD IP and OSI |
− | protocols, and in some cases a single routing protocol may be used to | + | protocols, and in some cases a single routing protocol may be used to |
− | support both protocol suites. | + | support both protocol suites. |
− | Thus, it would be most advantageous to have a common model and common | + | Thus, it would be most advantageous to have a common model and common |
− | nomenclature in order to provide a more unified, manageable routing | + | nomenclature in order to provide a more unified, manageable routing |
− | environment. Given that the OSI Routeing Framework represents the | + | environment. Given that the OSI Routeing Framework represents the |
− | model on which OSI routing is built, the use of the AD/RD model to | + | model on which OSI routing is built, the use of the AD/RD model to |
− | describe the existing Internet is an appropriate step toward | + | describe the existing Internet is an appropriate step toward |
− | describing and building the combined internet. | + | describing and building the combined internet. |
10) Conclusions | 10) Conclusions | ||
− | The AD/RD model of routing describes the current Internet better than | + | The AD/RD model of routing describes the current Internet better than |
− | existing models because it describes: | + | existing models because it describes: |
− | + | - How Intra-Domain and Inter-Domain relationships work at both | |
− | + | routing and policy level | |
− | + | - How routing domains and administrative domains can be | |
− | + | hierarchically related | |
− | + | - The existence of multiple national peers | |
− | + | - A common model for dual protocol internets | |
+ | Hares & Katz [Page 8] | ||
+ | RFC 1136 A Model for Routing in the Internet December 1989 | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | The Internet grows daily. Any model of Internet routing needs to | + | The expanding Internet has grown from the "core" model with several |
− | provide a way to understand and order the growth. The ISO Routeing | + | small attached networks to a highly interconnected environment that |
− | Framework provides a structure to handle such growth. | + | spans several continents. Several national peer networks serve an |
+ | ever-growing set of regional networks. The AD/RD model can help | ||
+ | Internet protocol designers abstract the functional pieces from the | ||
+ | large Internet. | ||
+ | |||
+ | The Internet grows daily. Any model of Internet routing needs to | ||
+ | provide a way to understand and order the growth. The ISO Routeing | ||
+ | Framework provides a structure to handle such growth. | ||
11) References | 11) References | ||
Line 444: | Line 468: | ||
[1] ISO, "OSI Routeing Framework", ISO/TR 9575, 1989. | [1] ISO, "OSI Routeing Framework", ISO/TR 9575, 1989. | ||
− | [2] Rosen, E., "Exterior Gateway Protocol", | + | [2] Rosen, E., "Exterior Gateway Protocol", RFC 827, Bolt Beranek and |
− | + | Newman, October 1982. | |
− | [3] Mills, D., "Autonomous Confederations", | + | [3] Mills, D., "Autonomous Confederations", RFC 975, M/A COM |
− | + | Linkabit, February 1986. | |
[4] ISO, "Open Systems Interconnection--Basic Reference Model", ISO | [4] ISO, "Open Systems Interconnection--Basic Reference Model", ISO | ||
− | + | 7498. | |
[5] ISO, "Internal Organization of the Network Layer", ISO 8648. | [5] ISO, "Internal Organization of the Network Layer", ISO 8648. | ||
− | ISO documents can be obtained from the following source: | + | ISO documents can be obtained from the following source: |
− | + | American National Standards Institute | |
− | + | 1430 Broadway | |
− | + | New York, NY 10018 | |
− | + | (212) 642-4900 | |
− | Additionally, a number of private firms are authorized to distribute | + | Additionally, a number of private firms are authorized to distribute |
− | ISO documents. | + | ISO documents. |
Security Considerations | Security Considerations | ||
− | Security issues are not addressed in this memo. | + | Security issues are not addressed in this memo. |
Authors' Addresses | Authors' Addresses | ||
− | Susan Hares | + | Susan Hares |
− | Merit/NSFNET | + | Merit/NSFNET |
− | 1075 Beal Ave. | + | 1075 Beal Ave. |
− | Ann Arbor, MI 48109 | + | Ann Arbor, MI 48109 |
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | Hares & Katz [Page 9] | ||
+ | |||
+ | RFC 1136 A Model for Routing in the Internet December 1989 | ||
+ | |||
+ | |||
+ | Phone: (313) 936-3000 | ||
+ | |||
+ | Email: [email protected] | ||
+ | |||
+ | |||
+ | Dave Katz | ||
+ | Merit/NSFNET | ||
+ | 1075 Beal Ave. | ||
+ | Ann Arbor, MI 48109 | ||
+ | |||
+ | Phone: (313) 763-4898 | ||
+ | |||
+ | Email: [email protected] | ||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
Line 482: | Line 555: | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | + | Hares & Katz [Page 10] |
Revision as of 22:53, 22 September 2020
Network Working Group S. Hares
Request for Comments: 1136 D. Katz
Merit/NSFNET December 1989
Administrative Domains and Routing Domains A Model for Routing in the Internet
1) Status of this Memo
This RFC proposes a model for describing routing within the Internet. The model is an adaptation of the "OSI Routeing Framework" [1]. This memo does not specify an Internet standard. Comments are welcome. Distribution of this memo is unlimited.
2) Acknowledgement
The authors would like to thank Guy Almes of Rice University for his contributions and insight.
3) Overview
The "core" model of Autonomous Systems [2] formed the basis for the routing model used in the Internet. Due to massive growth and topology changes, the "core" model no longer is in harmony with the reality of today's Internet. Indeed, this situation was foreseen at the outset:
"Ultimately, however, the internet may consist of a number of co- equal autonomous systems, any of which may be used...as a transport medium for traffic originating in any system and destined for any system. When this more complex configuration comes into being, it will be inappropriate to regard any one autonomous system as a "core" system" [2].
Furthermore, the Autonomous System concept has been outgrown in certain parts of the Internet, in which the complexity of regional routing has exceeded the limits of the definition of Autonomous Systems.
A model which can provide a better match to the Internet can be found in the "OSI Routeing Framework" [1].
This framework proposes a structure of Routing Domains within Administrative Domains. This paper is intended to briefly describe this framework, to outline how this model better fits the reality of
Hares & Katz [Page 1]
RFC 1136 A Model for Routing in the Internet December 1989
the present and future Internet, and to show how the model can aid in the construction of well-engineered routing environments.
4) Terminology
The following is a brief glossary of OSI terminology. Formal definitions can be found in the OSI Basic Reference Model [4], the Internal Organization of the Network Layer [5], and the OSI Routeing Framework [1].
"Routeing" is the official ISO spelling of what is more commonly spelled "routing." In this paper, the ISO spelling will be used wherever directly quoted from ISO documents, and the common spelling used otherwise.
End System (ES)
An OSI system on which applications run. An End System has full seven-layer OSI functionality. Basically equivalent to an Internet Host.
Intermediate System (IS)
An OSI system that performs routing and relaying functions in order to provide paths between End Systems. Intermediate Systems have no functionality above the Network Layer (although a practical realization of an OSI router will have some amount of End System functionality for network management functions, among other things). Basically equivalent to an Internet Router.
Subnetwork (SN)
A communications medium that provides a "direct" path between Network Layer entities. This can be realized via a point-to- point link, a LAN, a Public Data Network, and so forth. This is essentially equivalent to an Internet Subnet. It is worth noting that, unlike Internet Subnets, OSI Subnetworks are not necessarily reflected in the addressing hierarchy, so the double meaning of the Internet term "Subnet" (a single IP hop; a part of the address hierarchy) does not hold in the OSI world.
Open Systems Interconnection Environment (OSIE)
The global collection of Open Systems. Basically equivalent to the Internet.
Hares & Katz [Page 2]
RFC 1136 A Model for Routing in the Internet December 1989
Network Service Access Point (NSAP)
A conceptual point on the Network/Transport Layer boundary in an End System that is globally addressable (and the address globally unambiguous) in the OSIE. An NSAP represents a service available above the Network Layer (such as a choice of transport protocols). An End System may have multiple NSAPs. An NSAP address is roughly equivalent to the Internet [address, protocol] pair.
Administrative Domain (AD)
"A collection of End Systems, Intermediate Systems, and subnetworks operated by a single organization or administrative authority. The components which make up the domain are assumed to interoperate with a significant degree of mutual trust among themselves, but interoperate with other Administrative Domains in a mutually suspicious manner" [1].
A group of hosts, routers, and networks operated and managed by a single organization. Routing within an Administrative Domain is based on a consistent technical plan. An Administrative Domain is viewed from the outside, for purposes of routing, as a cohesive entity, of which the internal structure is unimportant. Information passed by other Administrative Domains is trusted less than information from one's own Administrative Domain.
Administrative Domains can be organized into a loose hierarchy that reflects the availability and authoritativeness of routing information. This hierarchy does not imply administrative containment, nor does it imply a strict tree topology.
Routing Domain (RD)
"A set of End Systems and Intermediate Systems which operate according to the same routeing procedures and which is wholly contained within a single Administrative Domain" [1].
"A Routeing Domain is a set of ISs and ESs bound by a common routeing procedure; namely:
they are using the same set of routeing metrics,
they use compatible metric measurement techniques,
they use the same information distribution protocol, and
Hares & Katz [Page 3]
RFC 1136 A Model for Routing in the Internet December 1989
they use the same path computation algorithm" [1].
The "OSI Routeing Framework" further provides a formal definition of a Routing Domain, specifying that all ISs within a Routing Domain can determine whether an ES within the domain is reachable, and if so can derive a path to it.
Routing Domains may be divided into subdomains, not unlike subnetting in the Internet. This allows a hierarchical structuring of the domain, permitting containment of the topological details of a subdomain with the resultant reduction in distributed routing information.
An intra-Routing Domain routing protocol is equivalent to an Internet Interior Gateway Protocol (IGP).
An Administrative Domain may contain multiple Routing Domains. A Routing Domain may never span multiple Administrative Domains.
An Administrative Domain may consist of only a single Routing Domain, in which case they are said to be Congruent. A congruent Administrative Domain and Routing Domain is analogous to an Internet Autonomous System.
Common Domain (CD)
"An Administrative Domain which is not a member of a higher level domain. A common domain is the highest level in the routeing hierarchy. There is no single domain above the common domain. In this sense, the routeing hierarchy is in fact multiple hierarchies, with the common domain as the highest element of each hierarchy".
"Where there are multiple common domains, they cooperate as peers to make it possible to route to any NSAP in the OSIE" [1].
Common Domains have global routing information to the extent necessary to route packets to the proper domain. Each of the several peer national backbones in today's Internet may be considered to be similar to a Common Domain. Note that in the Internet the hierarchical containment implied by the definition of a CD does not really exist; however, there is a level of implicit ordering based on topology and policy issues (the willingness to be used as a transit network) that can be viewed as defining a Common Domain in the Internet.
Hares & Katz [Page 4]
RFC 1136 A Model for Routing in the Internet December 1989
For completeness, we offer the following definition for an Internet Autonomous System (AS):
"An 'autonomous system' consists of a set of gateways, each of which can reach any other gateway in the same system using paths via gateways only in that system. The gateways of a system cooperatively maintain a routing data base using an interior gateway protocol (IGP)..." [3]
5) Environment and Goals
The "OSI Routeing Framework" describes the environment for OSI routing as well as its goals. The environment described is a highly interconnected, highly heterogeneous collection of LANs and public and private networks made up of a diverse collection of equipment from multiple vendors. A number of goals are enumerated, including:
- Support of multiple subnetwork types - Very large numbers of connected systems - End System simplicity - Multiple organizations with mutual distrust and policy/legal restrictions - High performance - Robust and dynamic routing in the face of topological changes
The environment and goals described are a good match for those in the Internet. The Internet crosses multiple types of physical media, link layer protocols, and administrative controls. Routers and hosts may come from many vendors. The Internet has become international in scope. Issues of security and the isolation of bad routing information have become international concerns.
The Internet environment, with over 900 highly connected networks (and growing exponentially), is very much like the environment the OSI model aims to describe.
6) Structure of Global Routing
The "OSI Routeing Framework" classifies routing into three types:
- within a Routing Domain - within an Administrative Domain - between Administrative Domains
Routing within a Routing Domain involves a high level of mutual trust. This allows the use of complex, tightly-coupled procedures that can make the best use of dynamic, highly interconnected environments.
Hares & Katz [Page 5]
RFC 1136 A Model for Routing in the Internet December 1989
Routing Domains may be recursively subdivided into Subdomains in order to reduce routing complexity. The details of a subdomain may be largely hidden from other subdomains with an attendant reduction in the volume of routing information exchanged.
Intra-Administrative Domain routing is concerned with interconnecting multiple Routing Domains within an administration. Issues may include address administration, cost recovery, and policy concerns. A moderate level of trust is assumed. The nature of the interactions between Routing Domains can range from being tightly coupled (best path routing between two RDs running different routing protocols) to being more policy-based. However, inter-RD routing within an Administrative Domain is tightly coordinated and represents a unified technical plan.
Inter-Administrative Domain routing is concerned with managing and controlling the flow of information in a highly structured way between organizations that may require formal multilateral agreements. The issues of concern at this level tend to be administrative in nature (legal/political constraints, security, access control, etc.). Multiple agreements between multiple administrations are unlikely to be implicitly transitive. This makes the analysis of policy interactions very important.
7) Mapping the AD/RD Model Onto the Internet
The national network backbones (NSFNET, ARPANET, MILNET, NSN, and soon ESNET) can be viewed as Common Domains. Each may have sufficiently global routing knowledge to determine a path to any Internet address.
Regional networks are clearly Administrative Domains. Multilateral policy agreements are defined between the regional networks and the backbones. On the other hand, regional networks very often are tightly coupled to individual networks and campus networks in terms of routing. In this sense, a regional network could be viewed as a Routing Domain with individual campuses thought of as Subdomains.
From the standpoint of routing functionality, it is most useful to view a "classic" Autonomous System as a congruent Routing Domain and Administrative Domain. An AS as defined represents both a single IGP and a point of policy administration. The sixteen bit value now known as the Autonomous System number may instead be viewed as an Administrative Domain number.
In reality, however, many so-called Autonomous Systems today do not adhere to the strict definition of an AS. In theory, an Autonomous System is quite similar to a Routing Domain, in which a high level of
Hares & Katz [Page 6]
RFC 1136 A Model for Routing in the Internet December 1989
trust is made between systems, a consistent IGP is run, and full routing information is distributed. On the other hand, AS numbers have become an abstraction for policy groupings to backbones. Indeed, entire regional networks are viewed by the backbones as a single Autonomous System, even though they are not nearly as homogeneous as the AS model specifies. Such entities can be viewed as an Administrative Domain containing several Routing Domains.
Although it is true that, in this interpretation, multiple nontechnical administrations are represented within a single Administrative Domain (in conflict with the definition of an Administrative Domain), such structures require a single approach to internal routing. Even if there is not a true administration representing the collection of domains (such as a consortium), there typically is a technical committee to settle common technical issues.
8) The AD/RD Model as an Engineering Tool
Current Autonomous Systems cross administrative boundaries with impunity. This works as long as the individual administrations operating within the common AS agree to a common technical policy for routing and network management. Connections with other backbones, regional networks, and campus networks must be planned, implemented, and managed in a coordinated fashion.
This coordination becomes more difficult, but more necessary, as the AS grows. As connectivity and policy become more complex, current Autonomous Systems start to fragment. An example of this is a network that is currently a member of an NSFNET regional network but will be adding a connection to ESNET. The administrators of the network and the regional network must carefully coordinate the changes necessary to implement this connection, including possibly altering the boundaries of policy and routing. A lack of coordination could result in routing loops and policy violations.
A point that is being increasingly realized is that the entity responsible for exterior or policy routing (be it an Autonomous System or an Administrative Domain) must have a common technical policy for routing. The effects of attempting different approaches to policy and external routing while maintaining a single AS have been painfully evident in real instances in the Internet.
Under the AD/RD model, a routing domain cannot be in two Administrative Domains. For example, if a campus network wants to set its own routing policy and enforce it via management of their routers, the campus has elected to become a separate Administrative Domain. If that campus uses a common IGP with other campuses, it represents an attempt to split a Routing Domain (the regional network
Hares & Katz [Page 7]
RFC 1136 A Model for Routing in the Internet December 1989
with a common IGP) across multiple Administrative Domains (the campus and the rest of the regional). Such arrangements represent dubious engineering practice, cause real routing problems, and are disallowed by the AD/RD model.
Under the strict Autonomous System model, only one IGP can exist within an AS. However, many regional networks are successfully using multiple IGPs. The AD/RD model allows this valuable routing topology. Such a topology would also be allowed by the AS model if it were to be broadened to allow multiple IGPs, in which case an AS and an AD would effectively become equivalent.
9) The AD/RD Model in a Dual Protocol Internet
As the OSI protocol suite is deployed and an OSI Internet is constructed, it is very likely that significant portions of the current TCP/IP Internet will also carry OSI traffic. Many router vendors provide dual protocol capability today, or will in the near future, and the investment in network infrastructure is such that it is unlikely that a separate, parallel internet will be established for OSI traffic.
It is logical to assume that, in many cases, the same technical and administrative boundaries will apply to both DoD IP and OSI protocols, and in some cases a single routing protocol may be used to support both protocol suites.
Thus, it would be most advantageous to have a common model and common nomenclature in order to provide a more unified, manageable routing environment. Given that the OSI Routeing Framework represents the model on which OSI routing is built, the use of the AD/RD model to describe the existing Internet is an appropriate step toward describing and building the combined internet.
10) Conclusions
The AD/RD model of routing describes the current Internet better than existing models because it describes:
- How Intra-Domain and Inter-Domain relationships work at both routing and policy level
- How routing domains and administrative domains can be hierarchically related
- The existence of multiple national peers
- A common model for dual protocol internets
Hares & Katz [Page 8]
RFC 1136 A Model for Routing in the Internet December 1989
The expanding Internet has grown from the "core" model with several small attached networks to a highly interconnected environment that spans several continents. Several national peer networks serve an ever-growing set of regional networks. The AD/RD model can help Internet protocol designers abstract the functional pieces from the large Internet.
The Internet grows daily. Any model of Internet routing needs to provide a way to understand and order the growth. The ISO Routeing Framework provides a structure to handle such growth.
11) References
[1] ISO, "OSI Routeing Framework", ISO/TR 9575, 1989.
[2] Rosen, E., "Exterior Gateway Protocol", RFC 827, Bolt Beranek and Newman, October 1982.
[3] Mills, D., "Autonomous Confederations", RFC 975, M/A COM Linkabit, February 1986.
[4] ISO, "Open Systems Interconnection--Basic Reference Model", ISO 7498.
[5] ISO, "Internal Organization of the Network Layer", ISO 8648.
ISO documents can be obtained from the following source:
American National Standards Institute 1430 Broadway New York, NY 10018 (212) 642-4900
Additionally, a number of private firms are authorized to distribute ISO documents.
Security Considerations
Security issues are not addressed in this memo.
Authors' Addresses
Susan Hares Merit/NSFNET 1075 Beal Ave. Ann Arbor, MI 48109
Hares & Katz [Page 9]
RFC 1136 A Model for Routing in the Internet December 1989
Phone: (313) 936-3000
Email: [email protected]
Dave Katz Merit/NSFNET 1075 Beal Ave. Ann Arbor, MI 48109
Phone: (313) 763-4898
Email: [email protected]
Hares & Katz [Page 10]