Router configuration is a difficult and complex task. At the same time, it is a crucial task as it accounts for a network's profit, performance, and security. Routing policies are configured in low-level languages and the high-level intent is hard to decipher. In this paper, we propose a system, called NetPolis, which abstracts the high-level intents from low-level configuration of routing policies. The goal of NetPolis is to automatically generate the inter-domain routing policy configuration of a network. NetPolis takes the network's router configuration files and compares the import and export policies from various perspectives and granularities. The output is a multi-level model to represent neighbor networks with similar routing policy enforcements. We validate our approach by applying NetPolis to the router configuration files from a production network of a major ISP. The network operator confirms that NetPolis provides a compact summary of the network's routing policies and this summary helps to verify high-level intents, to identify misconfigurations, and to aid in policy modifications.
展开▼
