The CIX and the NSFNET regionals - a dilemma

Wed Feb 5 07:43:57 UTC 1992

I believe that Vince is completely correct.  With current routing protocols
the NSFNET AUP policy can only be implemented with contorted and sub-optimal
topologys and routing configurations.  (One could argue that the policys are
optimal for securing other goals in a wider arena, but that is not a technical
discussion).

In a general sense PC routing (that is "politically correct routing") requires
switches to know the usage policys of both the source and destination sites.

This means that traffic must be routed on the basis of both its destination
address and SOURCE address and there needs to be some mechanism of associating
the usage policys with remote addresses.

Neither part of this can be accurately implemented by current protocols and
architectures.

Consider the following simpler situation that came up in Pennsylvania a while
back: We (PSCnet) are NSF R&E.  PREPnet transits PSCnet to reach the NSFnet
backbones.  Intra PREPnet traffic is NOT subject to the NSF usage rules, and
does not distinguish between commercial and non-commercial internal sites.
There was a proposal for PREPnet to acquire an additional ANS connection to
address two goals: redundant paths for the research users and an external path
that was not subject to the NSF rules.

It was correctly observed that inbound traffic (from the backbones to the
sites) could be PC routed, as long as the remote site/backbone/interchange did
the correct thing.  However, outbound traffic (sites to backbones) could not be
"PC routed".  The problem is that all traffic from commercial sites to remote
commercial sites MUST leave via the ANS connection, yet all traffic from
research sites strongly prefers to leave via the PSCnet connection.  Given the
topology under consideration this required traffic to flow in opposite
directions on the same link to the same destination, depending on the source
of the traffic.   

This can not be done today. period.  PSC's position was that if PREPnet
accepted comercial interstate traffic from any customers, then
PSCnet could not accept any traffic from PREPnet.   PREPnet would then
be single attached via ANS.  Any other position would have put us in violation
of our funding.

(This predated the NSF/ANS co+re policy, which provides an out.)

As I look over the other replys, I see that many have missed a point that I
assumed: The problems arise when there is a (complex) midlevel carrying mixed
traffic between assorted sites and both flavors of backbones.  It is not a
problem if the midlevel is "pure" research or commercial.  It is less of a
problem if both backbones land on the same FDDI dmz.

It is clear to me that one of two things is going to happen:
The rules will change, and there will be good technical solutions. -or-
The rules will not change, and we will have split research and commercial
networks with weak interconnects.  Organizations that really need to function
in both worlds will have two network numbers or two connections....

--MM--