I found that over 95% of the operational intents were semantically redundant (meaning they were completely shadowed or subsumed by broader, older rules).
I also find it very difficult to believe that 95% of things were redundant or duplicative, be it ACLs / BGP policies , or really anything. There are absolutely cases, say with ACLs, that you apply less permissive filtering at different network layers; however, this is usually an intentional design choice, not a bug. Conflicts: How often do you run into cases where multiple goals (which all
seem fine on their own) accidentally create a conflict when they are enforced together over the same traffic? Resolutions: Is there a standard way you "relax" or prioritize these goals when you find they are fighting each other?
Again assuming you're talking about ACLs / protocol policies, these are pretty binary. Either they work or they don't. Conflicting ACLs would almost by definition only mean traffic is blocked where it shouldn't be. Conflicting protocol policies means routes don't show up where/how they should, so something isn't working right. Agree with the other comments, without more context I'm not sure you're going to get helpful feedback. On Fri, Apr 3, 2026 at 3:48 PM manwar--- via NANOG <nanog@lists.nanog.org> wrote:
Hello,
I am a PhD student currently looking at the long-term management of network policies and intents. In studying a large-scale production dataset from a service provider, I found that over 95% of the operational intents were semantically redundant (meaning they were completely shadowed or subsumed by broader, older rules).
I am trying to understand if this high level of policy bloat matches the actual experience of operators in the field:
Redundancy: Is cleaning up shadowed or redundant rules a regular part of your workflow, or do they just tend to stay in the system for years once they're active? Conflicts: How often do you run into cases where multiple goals (which all seem fine on their own) accidentally create a conflict when they are enforced together over the same traffic? Resolutions: Is there a standard way you "relax" or prioritize these goals when you find they are fighting each other?
Thank you for any operational insights you can share.
Best regards, Mubashir Anwar University of Illinois Urbana-Champaign _______________________________________________ NANOG mailing list
https://lists.nanog.org/archives/list/nanog@lists.nanog.org/message/3RJ45WJJ...