How traffic is evaluated against the policy tree