Defining Policy in Policy Routing

The standard dictionary definition of policy is

1. A definite course of action adopted for sake of facilitation.

2. A course of action pursued by a government or organization.

Both of these definitions imply that a policy is a describing or proscribing set of rules and actions that encompasses an ideal goal. And that implication fits in well with the scope of Policy Routing.

The policy in Policy Routing is to provide routing capability based on any or all facets of a packet. This includes not only the header information, but also the data contained within the packet itself. As you will learn in Chapter 3, "Linux Policy Routing Structures," there are some concrete limitations in implementing the entire functionality of ideal Policy Routing. In Chapters 5 through 8 you will implement and manipulate some very intricate networks. For now I will talk about the ideal nature of policy.

Even in the early days of networks, back in the early '70s, there were discussions on what constituted the minimum set of information needed to route a packet. These discussions mostly covered the reality of the ARPAnet design, namely how to survive a nuclear holocaust and still provide network services. Within this scenario the destination-based routing made more sense because you did not care how your packet was treated but were only concerned with getting your packet to the final destination. Many of the problems with the destination-only treatment, such as long delays or retransmissions, were not as critical. The applications of that time, such as FTP or email, were much more forgiving . In the '80s and through the explosion of the '90s, the essential nature of the ARPAnet changed to become today's Internet. Now the need is to grease the wheels of business and not to care about the nuclear winter.

With the imperatives of business comes the need for security and flexibility. You need to protect the business assets while making it easy for customers and associates to access and use those assets. Now you do not have just a network, you have an intranet, connected to the Internet and to your supplier's, vendor's, partner's, and customer's intranets . The complexity of the network connectivity may be dealt with through standard dynamic routing, but what about the service and security?

Service is a key to success in any business environment. To provide a good impression of your business you coach and train your telephone and counter people to show competence and give good service. But how do you present a good image through your network? This question is becoming a prime concern for many companies as they struggle to differentiate themselves online. The answer lies in technology that was beginning to be discussed and considered back when the current Internet Protocol, IPv4, was making its debut.

As you probably have guessed from the terminology I have chosen , the not-so-secret technology is Quality of Service (QoS), also known as Differentiated Services (DiffServ) or Integrated Services (IntServ). While purists of the IP protocol will casti gate me for doing so, as a network engineer I coalesce these services into a single thought. All of the various types of QoS exist to solve the same problem, namely how to provide different treatment for different data streams. And now the circle begins to close, as the earliest implementations of Policy Routing were primarily implementations of various QoS concepts.

So when I speak about the "policy" in Policy Routing I refer to the set of describing and proscribing rules that implement the routing structure of a network or assortment of networks. This policy constitutes the ideal uses and services of the network. While the actual implementation of this policy may differ by device, by type, or by the nature of the data streams themselves, the overall effect implements the business imperative of the network. As you will see throughout this book, the policy can range from a simple concern for resources to a global scale definition of data stream priorities.