Network Working Group Bernard Aboba INTERNET-DRAFT Microsoft Category: Informational 21 November 1997 Lightweight Directory Access Protocol (v3): Schema for the Routing Policy Specification Language (RPSL) 1. Status of this Memo This document is an Internet-Draft. Internet-Drafts are working docu- ments of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute work- ing documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference mate- rial or to cite them other than as ``work in progress.'' To learn the current status of any Internet-Draft, please check the ``1id-abstracts.txt'' listing contained in the Internet-Drafts Shadow Directories on ds.internic.net (US East Coast), nic.nordu.net (Europe), ftp.isi.edu (US West Coast), or munnari.oz.au (Pacific Rim). The distribution of this memo is unlimited. It is filed as , and expires June 1, 1998. Please send comments to the authors. 2. Abstract This document defines a schema for the Routing Policy Specification Language (RPSL). It is expected that this schema will be useful in providing a standardized format for representation of RPSL within LDAP-based directory services. 3. Introduction The Routing Policy Specification Language (RPSL), described in [6]-[8], provides a means for the high-level specification of routing policies. To date, efforts at representing routing policies, as descrbed in [9]-[10], have relied on proprietary schemas. This docu- ment describes how routing policies may be represented in LDAP-based directory services. Aboba [Page 1] INTERNET-DRAFT 21 November 1997 4. Object definitions The RPSL schema includes definition of the following objects: RPSL Person Class RPSL Entry Class Dictionary object Maintainer object (mntner) Autonomous system number objects (autNum) Route objects (route) Set objects (asSet, routeSet) Router objects (inetRtr) Tunnel objects (inetTunnel) 4.1. RPSL Person Class ( rpslPersonClass 1 NAME 'rpslOrgPerson' SUP organizationalPerson STRUCTURAL MUST nicHdl ) 4.2. RPSL Entry ( rpsl rpslEntry 1 NAME 'rpslEntry' SUP top ABSTRACT MUST ( cn $ descr $ techC $ adminC $ mntBy $ changed $ source ) MAY ( remarks $ notify ) ) 4.3. Dictionary object ( rpsl rpslDictionary 1 NAME 'rpslDictionary' SUP rpslEntry STRUCTURAL MUST ( dictionaryName ) MAY ( rpAttribute $ typeDef $ protocol ) Aboba [Page 2] INTERNET-DRAFT 21 November 1997 ) 4.4. Maintainer Object Class ( rpsl mntner 1 NAME 'mntner' SUP rpslEntry STRUCTURAL MUST ( mntnerName $ auth $ updTo ) MAY ( mntNfy ) ) 4.5. Autonomous System Number Object Class ( rpsl autNum 1 NAME 'autNum' SUP rpslEntry STRUCTURAL MUST ( asNumber $ asName $ autNumGuardian ) MAY ( memberOf $ asIn $ asOut $ default $ igpToEgp $ egpToIgp ) ) 4.6. Route Object Class ( rpsl route 1 NAME 'route' SUP rpslEntry STRUCTURAL MUST ( addressPrefix $ origin ) MAY ( withdrawn $ memberOf $ injectAt $ aggregateBy $ exportComponents $ holes ) ) 4.7. AS-Set Object Class ( rpsl asSet 1 NAME 'asSet' Aboba [Page 3] INTERNET-DRAFT 21 November 1997 SUP rpslEntry STRUCTURAL MUST ( asSetName ) MAY ( asSetMembers $ asSetMembersByReferral ) ) 4.8. Route-Set Object Class ( rpsl routeSet 1 NAME 'routeSet' SUP rpslEntry STRUCTURAL MUST ( routeSetName ) MAY ( routeSetMembers $ routeSetMembersByReferral ) ) 4.9. Router Object Class ( rpsl inetRtr 1 NAME 'inetRtr' SUP rpslEntry STRUCTURAL MUST ( rtrName $ localAs $ ifAddr $ inetRtrGuardian ) MAY ( alias $ peer ) ) 4.10. Tunnel Object Class ( rpsl inetTunnel 1 NAME 'inetTunnel' SUP rpslEntry STRUCTURAL MUST ( TunnelName $ tunnelSource $ tunnelSink $ tunneProtocol $ tunnelIn $ tunnelOut $ inetTunnelGuardian ) ) Aboba [Page 4] INTERNET-DRAFT 21 November 1997 5. Attribute definitions 5.1. New Attribute Types Used in the RPSL Person Class ( rpsl rpslPersonClass 2 NAME 'nicHdl' DESC 'the handle by which a person is referred to by the NIC' EQUALITY caseIgnoreMatch SUBSTRINGS caseIgnoreSubstringsMatch SYNTAX 'DirectoryString' SINGLE-VALUE ) 5.2. New Attribute Types Used in the RPSL Entry Object Class ( rpsl rpslEntry 2 NAME 'descr' DESC 'a description of the object' EQUALITY caseIgnoreMatch SUBSTRINGS caseIgnoreSubstringsMatch SYNTAX 'DirectoryString' SINGLE-VALUE ) ( rpsl rpslEntry 3 NAME 'techC' DESC 'the technical contact of the resource' EQUALITY caseIgnoreMatch SUBSTRINGS caseIgnoreSubstringsMatch SYNTAX 'DirectoryString' ) ( rpsl rpslEntry 4 NAME 'adminC' DESC 'the administrative contact of the resource' EQUALITY caseIgnoreMatch SUBSTRINGS caseIgnoreSubstringsMatch SYNTAX 'DirectoryString' ) ( rpsl rpslEntry 5 NAME 'remarks' DESC 'An explanation or clarification' EQUALITY caseIgnoreMatch SUBSTRINGS caseIgnoreSubstringsMatch SYNTAX 'DirectoryString' ) ( rpsl rpslEntry 6 NAME 'notify' DESC 'the email address of the entity to notify in case of Problems with the resource' Aboba [Page 5] INTERNET-DRAFT 21 November 1997 EQUALITY caseIgnoreMatch SUBSTRINGS caseIgnoreSubstringsMatch SYNTAX 'DirectoryString' ) ( rpsl rpslEntry 7 NAME 'mntBy' DESC 'Distinguished Name of maintainer object' EQUALITY distinguishedNameMatch SUBSTRINGS distinguishedNameMatch SYNTAX DN ) ( rpsl rpslEntry 8 NAME 'changed' DESC 'the email name of who last changed the resource and the date of when it was changed' EQUALITY caseIgnoreMatch SUBSTRINGS caseIgnoreSubstringsMatch SYNTAX 'DirectoryString' ) ( rpsl rpslEntry 9 NAME 'source' DESC 'the registry name from which the information came' EQUALITY caseIgnoreMatch SUBSTRINGS caseIgnoreSubstringsMatch SYNTAX 'DirectoryString' SINGLE-VALUE ) 5.3. New Attribute Types Used in the Dictionary Object Class ( rpsl rpslDictionary 2 NAME 'dictionaryName' DESC 'the name of the dictionary' EQUALITY caseIgnoreMatch SUBSTRINGS caseIgnoreSubstringsMatch SYNTAX 'DirectoryString' SINGLE-VALUE ) ( rpsl rpslDictionary 3 NAME 'rpAttribute' DESC 'routing policy attribute or feature extension' EQUALITY caseIgnoreMatch SUBSTRINGS caseIgnoreSubstringsMatch SYNTAX 'DirectoryString' ) ( rpsl rpslDictionary 4 NAME 'typeDef' DESC 'dictionary defined type' EQUALITY caseIgnoreMatch SUBSTRINGS caseIgnoreSubstringsMatch Aboba [Page 6] INTERNET-DRAFT 21 November 1997 SYNTAX 'DirectoryString' ) ( rpsl rpslDictionary 5 NAME 'protocol' DESC 'protocol set and peering options' EQUALITY caseIgnoreMatch SUBSTRINGS caseIgnoreSubstringsMatch SYNTAX 'DirectoryString' ) 5.4. New Attribute Types Used in the Maintainer Object Class ( rpsl mntner 2 NAME 'mntnerName' DESC 'the name of the maintainer' EQUALITY caseIgnoreMatch SUBSTRINGS caseIgnoreSubstringsMatch SYNTAX 'DirectoryString' SINGLE-VALUE ) ( rpsl mntner 3 NAME 'auth' DESC 'The scheme that will be used to identify and authenticate Update requests' EQUALITY caseIgnoreMatch SUBSTRINGS caseIgnoreSubstringsMatch SYNTAX 'DirectoryString' ) ( rpsl mntner 4 NAME 'updTo' DESC 'an email address to notify on an unauthorized update of the resource' EQUALITY caseIgnoreMatch SUBSTRINGS caseIgnoreSubstringsMatch SYNTAX 'DirectoryString' ) ( rpsl mntner 5 NAME 'mntNfy' DESC 'An email adddress to notify whenever an object is added, changed or deleted' EQUALITY caseIgnoreMatch SUBSTRINGS caseIgnoreSubstringsMatch SYNTAX 'DirectoryString' ) 5.5. New Attribute Types Used in the Autonomous System Number Object Class ( rpsl autNum 2 NAME 'asNumber' DESC 'the autonomous sytem number' Aboba [Page 7] INTERNET-DRAFT 21 November 1997 EQUALITY caseIgnoreMatch SUBSTRINGS caseIgnoreSubstringsMatch SYNTAX 'DirectoryString' SINGLE-VALUE ) ( rpsl autNum 3 NAME 'asName' DESC 'the autonomous system name' EQUALITY caseIgnoreMatch SUBSTRINGS caseIgnoreSubstringsMatch SYNTAX 'DirectoryString' SINGLE-VALUE ) ( rpsl autNum 4 NAME 'memberOf' DESC 'the as-set object name of which this as is a member' EQUALITY caseIgnoreMatch SUBSTRINGS caseIgnoreSubstringsMatch SYNTAX 'DirectoryString' SINGLE-VALUE ) ( rpsl autNum 5 NAME 'asIn' DESC 'import policy specification' EQUALITY caseIgnoreMatch SUBSTRINGS caseIgnoreSubstringsMatch SYNTAX 'DirectoryString' ) ( rpsl autNum 6 NAME 'asOut' DESC 'export policy specification' EQUALITY caseIgnoreMatch SUBSTRINGS caseIgnoreSubstringsMatch SYNTAX 'DirectoryString' ) ( rpsl autNum 7 NAME 'default' DESC 'default policy specification' EQUALITY caseIgnoreMatch SUBSTRINGS caseIgnoreSubstringsMatch SYNTAX 'DirectoryString' ) ( rpsl autNum 8 NAME 'igpToEgp' DESC 'specification for how routes from the interAS routing protocol are injected into the IGP protocol' EQUALITY caseIgnoreMatch SUBSTRINGS caseIgnoreSubstringsMatch SYNTAX 'DirectoryString' ) ( rpsl autNum 9 Aboba [Page 8] INTERNET-DRAFT 21 November 1997 NAME 'egpToIgp' DESC 'specification for how routes from the IGP protocol are injected into the interAS routing protocol.' EQUALITY caseIgnoreMatch SUBSTRINGS caseIgnoreSubstringsMatch SYNTAX 'DirectoryString' ) ( rpsl autNum 10 NAME 'autNumGuardian' DESC 'the e-mail address of the guardian of the resource' EQUALITY caseIgnoreMatch SUBSTRINGS caseIgnoreSubstringsMatch SYNTAX 'DirectoryString' SINGLE-VALUE ) 5.6. New Attribute Types Used in the Route Object Class ( rpsl route 2 NAME 'addressPrefix' DESC 'the address prefix for the route' EQUALITY caseIgnoreMatch SUBSTRINGS caseIgnoreSubstringsMatch SYNTAX 'DirectoryString' SINGLE-VALUE ) ( rpsl route 3 NAME 'origin' DESC 'the AS number in which the route originates' EQUALITY caseIgnoreMatch SUBSTRINGS caseIgnoreSubstringsMatch SYNTAX 'DirectoryString' SINGLE-VALUE ) ( rpsl route 4 NAME 'withdrawn' DESC 'the date at which the route was withdrawn' EQUALITY caseIgnoreMatch SUBSTRINGS caseIgnoreSubstringsMatch SYNTAX 'DirectoryString' SINGLE-VALUE ) ( rpsl route 5 NAME 'memberOf' DESC 'the date at which the route was withdrawn' EQUALITY caseIgnoreMatch SUBSTRINGS caseIgnoreSubstringsMatch SYNTAX 'DirectoryString' SINGLE-VALUE ) Aboba [Page 9] INTERNET-DRAFT 21 November 1997 ( rpsl route 6 NAME 'injectAt' DESC 'specifies static routes to inject' EQUALITY caseIgnoreMatch SUBSTRINGS caseIgnoreSubstringsMatch SYNTAX 'DirectoryString' ) ( rpl route 7 NAME 'aggregateBy' DESC 'specifies component routes used to form the aggregate' EQUALITY caseIgnoreMatch SUBSTRINGS caseIgnoreSubstringsMatch SYNTAX 'DirectoryString' SINGLE-VALUE ) ( rpsl route 8 NAME 'exportComponents' DESC 'a filter matching the routes that need to be exported' EQUALITY caseIgnoreMatch SUBSTRINGS caseIgnoreSubstringsMatch SYNTAX 'DirectoryString' SINGLE-VALUE ) ( rpsl route 9 NAME 'holes' DESC 'component address prefixes not reachable through the aggregate route' EQUALITY caseIgnoreMatch SUBSTRINGS caseIgnoreSubstringsMatch SYNTAX 'DirectoryString' SINGLE-VALUE ) 5.7. New Attribute Types Used in the AS-Set Object Class ( rpsl asSet 2 NAME 'asSetName' DESC 'the AS-SET name' EQUALITY caseIgnoreMatch SUBSTRINGS caseIgnoreSubstringsMatch SYNTAX 'DirectoryString' SINGLE-VALUE ) ( rpsl asSet 3 NAME 'asSetMembers' DESC 'list of address prefixes' EQUALITY caseIgnoreMatch SUBSTRINGS caseIgnoreSubstringsMatch SYNTAX 'DirectoryString' SINGLE-VALUE Aboba [Page 10] INTERNET-DRAFT 21 November 1997 ) ( rpsl asSet 4 NAME 'asSetMembersByReferral' DESC 'list of maintainer classes' EQUALITY caseIgnoreMatch SUBSTRINGS caseIgnoreSubstringsMatch SYNTAX 'DirectoryString' SINGLE-VALUE ) 5.8. New Attribute Types Used in the Route-Set Object Class ( rpsl routeSet 2 NAME 'routeSetName' DESC 'the route set name' EQUALITY caseIgnoreMatch SUBSTRINGS caseIgnoreSubstringsMatch SYNTAX 'DirectoryString' SINGLE-VALUE ) ( rpsl routeSet 3 NAME 'routeSetMembers' DESC 'list of address prefixes' EQUALITY caseIgnoreMatch SUBSTRINGS caseIgnoreSubstringsMatch SYNTAX 'DirectoryString' SINGLE-VALUE ) ( rpsl routeSet 4 NAME 'routeSetMembersByReferral' DESC 'list of maintainer classes' EQUALITY caseIgnoreMatch SUBSTRINGS caseIgnoreSubstringsMatch SYNTAX 'DirectoryString' SINGLE-VALUE ) 5.9. New Attribute Types Used in the Router Object Class ( rpsl inetRtr 2 NAME 'rtrName' DESC 'the name of the router' EQUALITY caseIgnoreMatch SUBSTRINGS caseIgnoreSubstringsMatch SYNTAX 'DirectoryString' SINGLE-VALUE ) ( rpsl inetRtr 3 Aboba [Page 11] INTERNET-DRAFT 21 November 1997 NAME 'alias' DESC 'other names by which the router is known' EQUALITY caseIgnoreMatch SUBSTRINGS caseIgnoreSubstringsMatch SYNTAX 'DirectoryString' ) ( rpsl inetRtr 4 NAME 'localAs' DESC 'the local AS in which the router resides' EQUALITY caseIgnoreMatch SUBSTRINGS caseIgnoreSubstringsMatch SYNTAX 'DirectoryString' SINGLE-VALUE ) ( rpsl inetRtr 5 NAME 'ifAddr' DESC 'a string describing an interface address on the router' EQUALITY caseIgnoreMatch SUBSTRINGS caseIgnoreSubstringsMatch SYNTAX 'DirectoryString' ) ( rpsl inetRtr 6 NAME 'peer' DESC 'a string describing relationships with peer routers' EQUALITY caseIgnoreMatch SUBSTRINGS caseIgnoreSubstringsMatch SYNTAX 'DirectoryString' ) ( rpsl inetRtr 7 NAME 'inetRtrGuardian' DESC 'the e-mail address of the guardian of the resource' EQUALITY caseIgnoreMatch SUBSTRINGS caseIgnoreSubstringsMatch SYNTAX 'DirectoryString' SINGLE-VALUE ) 5.10. New Attribute Types Used in the Tunnel Object Class ( rpsl inetTunnel 2 NAME 'tunnelName' DESC 'the name of the tunnel' EQUALITY caseIgnoreMatch SUBSTRINGS caseIgnoreSubstringsMatch SYNTAX 'DirectoryString' SINGLE-VALUE ) ( rpsl inetTunnel 3 NAME 'tunnelSource' DESC 'the source of the tunnel' EQUALITY caseIgnoreMatch Aboba [Page 12] INTERNET-DRAFT 21 November 1997 SUBSTRINGS caseIgnoreSubstringsMatch SYNTAX 'DirectoryString' SINGLE-VALUE ) ( rpsl inetTunnel 4 NAME ' tunnelSink' DESC 'the sink of the tunnel' EQUALITY caseIgnoreMatch SUBSTRINGS caseIgnoreSubstringsMatch SYNTAX 'DirectoryString' SINGLE-VALUE ) ( rpsl inetTunnel 5 NAME 'tunnelProtocol' DESC 'the protocol to be run inside the tunnel. Values include BGP, RPv6, DVMRP, PIM-DM, and PIM-SM' EQUALITY caseIgnoreMatch SUBSTRINGS caseIgnoreSubstringsMatch SYNTAX 'DirectoryString' SINGLE-VALUE ) ( rpsl inetTunnel 6 NAME 'tunnelIn' DESC 'a string describing the inbound routing policy' EQUALITY caseIgnoreMatch SUBSTRINGS caseIgnoreSubstringsMatch SYNTAX 'DirectoryString' ) ( rpsl inetTunnel 7 NAME 'tunnelOut' DESC 'a string describing the outbound routing policy' EQUALITY caseIgnoreMatch SUBSTRINGS caseIgnoreSubstringsMatch SYNTAX 'DirectoryString' ) ( rpsl inetTunnel 8 NAME 'inetTunnelGuardian' DESC 'the e-mail address of the guardian of the resource' EQUALITY caseIgnoreMatch SUBSTRINGS caseIgnoreSubstringsMatch SYNTAX 'DirectoryString' SINGLE-VALUE ) 6. Acknowledgments Thanks to Gurdeep Singh Pall and Narendra Gidwani of Microsoft for useful discussions of this problem space. Aboba [Page 13] INTERNET-DRAFT 21 November 1997 7. References [1] W. Yeong, T. Howes, S. Kille, "Lightweight Directory Access Pro- tocol." RFC 1777, March, 1995. [2] "Information Processing Systems - Open Systems Interconnection - The Directory: Overview of Concepts, Models and Service." ISO/IEC JTC 1/SC21, International Standard 9594-1, 1988. [3] "Information Processing Systems - Open Systems Interconnection - The Directory: Selected Object Classes." Recommendation X.521 ISO/IEC JTC 1/SC21, International Standard 9594-7, 1993. [4] M.Wahl, A. Coulbeck, T. Howes, S. Kille, "Lightweight Directory Access Protocol: Standard and Pilot Attribute Definitions. " Internet Draft (work in progress), October 1996, draft-ietf-asid- ldapv3-attributes-03.txt. [5] Y. Yaacovi, K. Settle, "Lightweight Directory Access Protocol: Extensions for Dynamic Directory Services. " Internet Draft (work in progress), June 1996, draft-ietf-asid-ldapv3ext-00.txt, Microsoft. [6] D. Meyer, "Representing Tunnels in RPSL." Internet Draft (work in progress), November 1996, draft-ietf-rps-tunnels-00.txt, University of Oregon. [7] C. Allaettinoglu, T. Bates, E. Gerich, D. Karrenberg, M. Terpstra, C. Villamizar, "Routing Policy Specification Language (RPSL)," Inter- net Draft (work in progress), November, 1996, draft-ietf-rps- rpsl-00.txt, USC/ISI, Cisco Systems, @HOME, RIPE, Bay Networks, ANS. [8] C. Allaettinouglu, D. Meyer, J. Schmitz, "Application of Routing Policy Specification Language (RPSL) on the Internet," Internet Draft (work in progress), March, 1997, draft-ietf-rps-appl-rpsl-00.txt, USC/ISI, University of Oregon, DFN-NOC. [9] T. Bates, E. Gerich, L. Joncheray, J-M. Jouanigot, D. Karrenberg, M. Terpstra, and J. Yu, "Representation of IP Routing Policies in a Routing Registry," Technical Report ripe-181, RIPE, RIPE NCC, Amster- dam, Netherlands, October 1994. [10] T. Bates, J-M. Jouanigot, D. Karrenberg, P. Lothberg, and M. Terpstra, "Representation of IP Routing Policies in the RIPE Database," Technical Report ripe-81, RIPE, RIPE NCC, Amsterdam, Netherlands, February, 1993. [11] How to register in RADB. http://www.ra.net/RADB.tools.docs/. 8. Authors' Addresses Bernard Aboba Microsoft Corporation One Microsoft Way Aboba [Page 14] INTERNET-DRAFT 21 November 1997 Redmond, WA 98052 Phone: 206-936-6605 EMail: bernarda@microsoft.com Aboba [Page 15]