Enforcing secure and robust routing with declarative policies

Internet routers must adhere to many polices governing the selection of paths that meet potentially complex constraints on length, security, symmetry and organizational preferences. Many routing problems are caused by their misconfiguration, usually due to a combination of human errors and the lack of a high-level formal language for specifying routing policies that can be used to generate router configurations. We describe an approach that obviates many problems by using a declarative language for specifying network-wide routing policies to automatically configure routers and also inform software agents that can diagnose and correct networking problems. Our policy language is grounded in ontologies encoded in the Semantic Web language OWL, supporting machine understanding and interoperability. Polices expressed in it can be automatically compiled into low-level router configurations and intelligent agents can reason with them to diagnose and correct routing problems. We have prototyped the approach and evaluated the results both in a simulator and on a small physical network. Our results show that the framework performs well on a number of use cases, including checking for policy coherence, preventing asymmetric routing patterns, applying organizational preferences, and diagnosing and correcting failures.