Network Working Group Andy Bennett INTERNET-DRAFT Bernie Volz Process Software Andrea Westerinen Microsoft June 1999 Expires December 1999 DHCP Schema for LDAP Status of this Memo This document is an Internet-Draft and is in full conformance with all provisions of Section 10 of RFC2026. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. Copyright Notice Copyright (C) The Internet Society (1999). All Rights Reserved. Abstract This document presents an LDAP schema to represent the configuration of the DHCP protocol within a TCP/IP network. It can be used to represent the configuration(s) of an entire enterprise network, a subset of the network, or even a single server. Bennett, et. al. Expires December 1999 [Page 1] Internet Draft DHCP Schema for LDAP June 1999 1. Terminology The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 [RFC2119]. In places where different sets of terminology are commonly used to represent similar DHCP concepts, this schema uses the terminology of the Internet Software Consortium's DHCP server reference implementa- tion. For more information see www.isc.org. 2. Open Issues The following known issues are not (yet) resolved by this Internet- Draft. These issues will be addressed in a future revision of this document. o This schema cannot represent a configuration where a DHCP server would use two (or more) pieces of information from the DHCPREQUEST packet to make decisions. Examples of this include: (1) a lease- pool in a subnet that is class-specific (2) a client without a fixed address having different sets of options depending on which subnet it is booting on. There are other examples like this. o This document does not thoroughly address the issue of how objects should be named. Specifically, it does not identify the attribute on each object that should be used as a "relative distinguished name" (or "rdn") for generating a unique "distinguished name" (or "dn"). o The attribute definitions need to be reviewed to make sure the syn- tax and datatypes are correct. In some cases there are enumera- tions that may not be complete. 3. Design Considerations Some of the design considerations for this schema were: o Heterogeneous server environment - This schema is not designed to represent the configuration of a specific DHCP server implementa- tion. The intent of this schema is to provide a basic framework for the representation of the most common elements used in the con- figuration of DHCP. This should allow other network services to obtain and use basic DHCP configuration information in a server- independent way. Also note that it is highly unlikely that this schema will be able to represent every feature of every implementa- tion (and it is not intended to do so). It is expected that some implementations may need to extend the schema objects in order to Bennett, et. al. Expires December 1999 [Page 2] Internet Draft DHCP Schema for LDAP June 1999 fully implement all their features. o Relationship to DEN/DMTF - This document takes into consideration the object-oriented information model for representing Network information (including DHCP information) currently under develop- ment as part of the Common Information Model (CIM) activity in the Distributed Management Task Force (DMTF). It should be noted that the CIM schema is still under development and subject to change. The DMTF efforts continue and draw upon the Directory-Enabled Net- works (DEN) specification. The schema described in this Internet- Draft is intended to be an LDAP implementation of the appropriate objects in the DMTF model. The DMTF schema was used as a source for defining certain terminology within this schema. For more information see [DMTF] and [DEN]. o Use of the schema - This draft does not define any "minimal compli- ance criteria" for using the schema. It is recommended that you use the object classes defined in this draft if you are represent- ing DHCP configuration information in an LDAP directory. Some implementations may choose not to support all of the objects defined here. In particular, the following two decisions are explicitly left up to the implementation: - it is up to the implementation to determine whether or not the lease information will be stored in the directory. Some imple- mentations may choose not to store this information. - it is up to the implementation to determine if the data in the directory is considered "authoritative", or if it is simply a copy of data from an authoritative source. o The schema is focused on the representation of configuration infor- mation. It does not provide for the representation of statistical data, or historical lease data, only the current state of the DHC protocol's configuration. o The schema is designed to allow many of the dhcp configuration objects to be present anywhere in a directory hierarchy. This was done to allow those objects to be placed in the directory for man- aging administrative control and access to the objects. This includes objects like subnets, address ranges, services, clients, etc. There are certain other objects which are assumed to be located under a "dhcpConfiguration" object (simply because it doesn't make sense for them to exist as a management object without being part of a dhcp configuration). Bennett, et. al. Expires December 1999 [Page 3] Internet Draft DHCP Schema for LDAP June 1999 4. Object Class Descriptions This section of the document provides a high level description of the proposed object classes and how they relate to one another. Also provided is a mapping to the CIM (Common Information Model) DHCP Schema defined by the DMTF. 4.1. Configurations and Services The DHC working group is currently considering several proposals for failover and redundancy of DHCP servers. These may require the shar- ing of configuration information between servers. This schema pro- vides a generalized mechanism for supporting any of these proposals, by separating the definition of a server from the definition of the configuration being provided by the server. By separating these two concepts, a configuration may be provided by one or by several servers, and similarly, a server may provide one or more configurations. The schema does allow for a server to be config- ured as either a primary or secondary provider of a configuration. Configurations are also defined so that one configuration can include some of the objects that are defined in another configuration. This allows for a hierarchy of related configuration items. 4.1.1. dhcpConfiguration A "dhcpConfiguration" is the collection of configuration information that represents everything a server would need to know to provide DHC service to some set of clients. From the perspective of an LDAP schema, it is basically a collection of objects. NAME dhcpConfiguration DESCRIPTION This represents a configuration, or a collection of settings for related objects. A single ser- vice may have multiple configurations. A config- uration may be provided by multiple services, but only one can be primary. TYPE Structural DERIVED FROM dhcpConfigurableObject POSSIBLE SUPERIORS ( ) MUST CONTAIN ( dhcpConfigurationName ) MAY CONTAIN ( dhcpPrimaryService dhcpSecondaryService dhcpParentConfiguration dhcpIncludeFromParent dhcpLocator ) Bennett, et. al. Expires December 1999 [Page 4] Internet Draft DHCP Schema for LDAP June 1999 4.1.1.1. CIM Mapping The DMTF Schema defines a CIM_DHCPConfiguration object (derived from CIM_Configuration) that corresponds to dhcpConfiguration. The CIM class has the following properties: - A Name string that is the object's key, and conceptually is a DN - Description and Caption strings The dhcpConfigurationName string is mapped into the CIM_DHCPConfigu- ration class' Name property, if it satisfies the uniqueness charac- teristics of CIM naming. Otherwise, it should be mapped into the Caption property. The remainder of the dhcpConfiguration properties are mapped to asso- ciations in the DMTF Schema. The correspondence is as follows: - dhcpPrimaryService and dhcpSecondaryService map to the CIM_Ser- viceForDHCPConfiguration association. This association ties together a CIM_DHCPConfiguration and a CIM_DHCPService, and includes a boolean property to identify the PrimaryService. - dhcpParentConfiguration (subsetted by the dhcpIncludeFromParent property) is defined by instantiating various CIM_DHCPConfigura- tion objects and then grouping them using the CIM_Configura- tionComponent relationship. The aggregation in CIM defines the parts or components of the parent, as opposed to the LDAP DHCP Schema which defines the parent and then subsets it. The dhcpLocator property is unique to the LDAP Schema and has no CIM correspondence. 4.1.2. dhcpService A "dhcpService" is a single instance of DHC server software running on a computer system that provides the DHCP service defined by a "dhcpConfiguration". NAME dhcpService DESCRIPTION This represents a single dhcp server. TYPE Structural DERIVED FROM Top POSSIBLE SUPERIORS ( ) MUST CONTAIN ( dhcpServiceName ) MAY CONTAIN ( dhcpConfiguration dhcpImplementation ) 4.1.2.1. CIM Mapping The DMTF Schema specifies a CIM_DHCPService object (derived from CIM_Service) that corresponds to dhcpService. In CIM, Services are defined and named relative to the System that hosts them. Therefore, the keys of CIM_DHCPService are defined as: Bennett, et. al. Expires December 1999 [Page 5] Internet Draft DHCP Schema for LDAP June 1999 - The hosting System's CreationClassName (for example, CIM_Uni- taryComputerSystem) and Name. - The Service's CreationClassName (= "CIM_DHCPService") and Name. These string properties taken together form the object's key and con- ceptually are a DN. That CIM_DHCPService is named and scoped by a CIM_System is consis- tent with the definition of a as a "possible superior" of dhcpService. In CIM, this relationship is described using the CIM_HostedService association. CIM_DHCPService also contains the following properties: - Description and Caption strings (inherited from CIM_ManagedSys- temElement) - ImplementationMatchingStrings, an array of strings - Numerous other properties defining runtime characteristics of the DHCP Service. For example, whether or not the Service provides ProxyDNSSupport (a boolean) or the BootPLeaseLength (a uint32) are properties of CIM_DHCPService. The dhcpServiceName string can be mapped into the CIM_DHCPService class' Name property, if the uniqueness characteristics of CIM naming are satisfied. Otherwise, it should be mapped into the Caption string. And, the dhcpImplementation multi-valued string can be mapped into the ImplementationMatchingStrings property. The dhcpConfiguration property is mapped to an association, CIM_Ser- viceForDCHPConfiguration, in the DMTF Schema. This association was explained above. 4.2. Addresses and Collections of Addresses The schema provides several object classes for representing configu- ration information based on IP address(es). 4.2.1. dhcpAddress This class represents a DHCP leaseable IP address. It may exist even though a lease is not currently active. Bennett, et. al. Expires December 1999 [Page 6] Internet Draft DHCP Schema for LDAP June 1999 NAME dhcpAddress DESCRIPTION This class represents an IP Address, which may or may not have been leased. TYPE Structural DERIVED FROM dhcpConfigurableObject POSSIBLE SUPERIORS ( dhcpSubnet ) MUST CONTAIN ( dhcpIpAddress dhcpAddressType dhcpAddressState) MAY CONTAIN ( dhcpDomainName dhcpLastTransactionTime dhcpExpirationTime dhcpStartTimeOfState dhcpRequestedHostName dhcpBootpFlag dhcpAssignedHostName dhcpDnsStatus dhcpReservedForClient dhcpAssignedToClient dhcpRelayAgentInfo ) 4.2.1.1. CIM Mapping The DMTF Schema defines a CIM_DHCPAllocatedEndpoint (a subclass of CIM_ProtocolEndpoint) that corresponds to the dhcpAddress class. However, in CIM, to obtain all the data for an IP address, one must examine several classes. These are: - CIM_DHCPAllocatedEndpoint containing lease specific information - CIM_IPProtocolEndpoint containing address specific data, such as address type and IP version support - CIM_EndpointIdentity, an association instantiated between the CIM_DHCPAllocatedEndpoint and CIM_IPProtocolEndpoint, to tie together these different aspects of the same address - CIM_DHCPAddressAssignment, an association relating a CIM_DHCPAl- locatedEndpoint with a DHCP client Mapping the dhcpAddress properties into the DMTF Schema results in the following list: - dhcpIPAddress = CIM_DHCPAllocatedEndpoint.Address string - dhcpAddressType = CIM_DHCPAllocatedEndpoint.DHCPAddressType enu- meration - dhcpAddressState = CIM_DHCPAllocatedEndpoint.AddressState enumer- ation - dhcpDomainName = CIM_DHCPAllocatedEndpoint.DomainName string - dhcpLastTransactionTime = CIM_DHCPAllocatedEndpoint.LastTransac- tionTime datetime - dhcpExpirationTime = CIM_DHCPAllocatedEndpoint.Expiration date- time - dhcpStartTimeOfState = CIM_DHCPAllocatedEndpoint.TimeOfLastState- Change datetime - dhcpRequestedHostName = CIM_DHCPAllocatedEnd- point.RequestedDNSName string - dhcpBootpFlag = CIM_DHCPAllocatedEndpoint.BootPAddress boolean - dhcpAssignedHostName = CIM_DHCPAllocatedEndpoint.AssignedDNSName string Bennett, et. al. Expires December 1999 [Page 7] Internet Draft DHCP Schema for LDAP June 1999 - dhcpDnsStatus = CIM_DHCPAllocatedEndpoint.DNSStatus enumeration - dhcpReservedForClient = An instance of the CIM_DHCPAddressAssign- ment association with the Reserved boolean set to TRUE - dhcpAssignedToClient = An instance of the CIM_DHCPAddressAssign- ment association indicating the current lease assignment - dhcpRelayAgentInfo = CIM_DHCPAllocatedEndpoint.RelayAgent octet string To identify CIM_IPProtocolEndpoint or CIM_DHCPAllocatedEndpoint instances, key (naming) properties are needed. Names are defined rel- ative to the System that hosts the Endpoints. So, the keys of any CIM_ProtocolEndpoint are specified as: - The hosting System's CreationClassName (for example, CIM_Uni- taryComputerSystem) and Name. - The ProtocolEndpoint's CreationClassName (= "CIM_IPProtocolEnd- point" or "CIM_DHCPAllocatedEndpoint") and Name. These string properties taken together form the object's key and con- ceptually are a DN. Any instances of CIM_ProtocolEndpoints (or instances of its sub- classes) can be members of CIM_LogicalNetworks. This is specified using the CIM_InLogicalNetwork association. Using this association, one can relate CIM_DHCPAllocatedEndpoints and CIM_IPProtocolEnd- points to a CIM_IPSubnet. The InLogicalNetwork association becomes the mapping for the dhcpSubnet "possible superior" relationship to dhcpAddress. 4.2.2. dhcpRangeGroup A "dhcpRangeGroup" represents information about a group of addresses specified by one or more ranges of addresses. If there are multiple ranges specified, they do not need to be contiguous, and it is not required that all the addresses be contained on the same IP subnet. NAME dhcpRangeGroup DESCRIPTION This stores configuration information about one (or more) ranges of addresses. TYPE Structural DERIVED FROM dhcpConfigurableObject POSSIBLE SUPERIORS ( dhcpSubnet ) MUST CONTAIN ( dhcpAddressRange ) MAY CONTAIN ( ) 4.2.2.1. CIM Mapping Different than the LDAP schema, the DMTF Schema defines a CIM_IPAd- dressRange entity to uniquely identify and manipulate ranges. The key properties of the class are its start and end addresses. Bennett, et. al. Expires December 1999 [Page 8] Internet Draft DHCP Schema for LDAP June 1999 CIM_IPAddressRanges can be aggregated into CIM_RangeGroups using the CIM_CollectionOfRanges association. Regarding dhcpSubnet being a "possible superior" of dhcpRangeGroup, this is mapped in the DMTF Schema using the CIM_RangeGroupInSubnet aggregation association. 4.2.3. dhcpSubnet A "dhcpSubnet" represents an IP subnet. NAME dhcpSubnet DESCRIPTION This class defines a subnet. TYPE Structural DERIVED FROM dhcpConfigurableObject POSSIBLE SUPERIORS ( dhcpSubnet ) MUST CONTAIN ( dhcpIpAddress dhcpSubnetMaskLength) MAY CONTAIN ( dhcpSubnetName dhcpSharedNetwork ) 4.2.3.1. CIM Mapping The DMTF Schema specifies a CIM_IPSubnet object (derived from CIM_LogicalNetwork) that corresponds to the dhcpSubnet class. The property correspondence is as follows: - dhcpIpAddress = CIM_IPSubnet.SubnetNumber - dhcpSubnetMaskLength = (mapping is not 1 to 1 in that CIM_IPSub- net specifies the complete mask, as the SubnetMask property) - dhcpSubnetName = CIM_IPSubnet.Name, inherited from CIM_Logical- Network and part of the key structure for the class The dhcpSubnetName string can be mapped into the CIM_DHCPService class' Name property, only if the uniqueness characteristics of CIM naming are satisfied. Otherwise, it should be mapped into the Cap- tion property. Participation in a SharedNetwork (indicated by the dhcpSharedNetwork attribute in the LDAP Schema) is indicated by the CIM_SubnetInShared- Network aggregation. This association would relate an instance of CIM_IPSubnet and an instance of CIM_SharedNetwork. Regarding dhcpSubnet being a "possible superior" of another Subnet, this is mapped in the DMTF Schema using the CIM_SubnetInSubnet aggre- gation association. 4.2.4. dhcpSharedNetwork A "dhcpSharedNetwork" represents multiple subnets on the same physi- cal cabling. Bennett, et. al. Expires December 1999 [Page 9] Internet Draft DHCP Schema for LDAP June 1999 NAME dhcpSharedNetwork DESCRIPTION A class represents multiple subnets on the same physical cabling. TYPE Structural DERIVED FROM dhcpConfigurableObject POSSIBLE SUPERIORS ( ) MUST CONTAIN ( ) MAY CONTAIN ( dhcpSharedNetworkName ) 4.2.4.1. CIM Mapping CIM_SharedNetwork (subclassed from CIM_CollectionOfMSEs) is defined in the DMTF Schema to correspond to the dhcpSharedNetwork class. A property of the CIM_SharedNetwork class, Name (its key), maps the dhcpSharedNetworkName information. This mapping is allowed if the dhcpSharedNetworkName satisfies the uniqueness characteristics of CIM naming. Otherwise, the Name data should be mapped into the CIM_SharedNetwork.Caption property, inherited from CIM_CollectionOfM- SEs. 4.3. dhcpClass A "dhcpClass" represents information about a collection of clients. The DHC protocol provides 2 mechanisms for managing this information (User Class and Vendor Class). The schema also provides 2 additional mechanisms for configuring groups of clients that are supported by some servers. A "Client Group" is simply a list of clients that are in the specified class. A "Client Class" is more dynamic - the class is defined by listing a set of "characteristics" that must be matched by a client in order to be associated with the class. Each client has a list of its own characteristics and the members of the class are those clients whose characteristics match the class's selection criteria. NAME dhcpClass DESCRIPTION Represents information about a collection of related clients. TYPE Structural DERIVED FROM dhcpConfigurableObject POSSIBLE SUPERIORS ( dhcpConfiguration ) MUST CONTAIN ( dhcpClassName dhcpClassType ) MAY CONTAIN ( dhcpClassCharacteristics dhcpUserClass dhcpVendorClass ) 4.3.1. CIM Mapping The DMTF Schema defines CIM_DHCPClientCollection (derived from CIM_CollectionOfMSEs) to correspond to dhcpClass. In the Bennett, et. al. Expires December 1999 [Page 10] Internet Draft DHCP Schema for LDAP June 1999 CIM_DHCPClientCollection object, UserClass and VendorClass informa- tion is individually called out (addressing the DHC protocol mecha- nisms for determining a collection of clients). Also, it is permis- sible to define other membership Characteristics, as well as to spec- ify explicit membership. In CIM, properties can be left unde- fined/unspecified. Therefore, if the UserClass, VendorClass or other Characteristics are not applicable, they can be left NULL (unde- fined). The mapping of properties from dhcpClass to CIM_DHCPClientCollection is straightforward. - dhcpClassName corresponds to the CIM_DHCPClientCollection's Name property ( if CIM naming requirements for uniqueness are met). Otherwise, dhcpClassName should be mapped into the Caption prop- erty, inherited from CIM_CollectionOfMSEs. - dhcpClassType is mapped to the CollectionType enumeration. - dhcpClassCharacteristics corresponds to the Characteristics string array property. - dhcpUserClass and dhcpVendorClass map to the UserClass and Ven- dorClass string arrays, respectively. Explicit membership by a client in a particular instance of CIM_DHCP- ClientCollection is specified using the CIM_DHCPEndpointCollection aggregation association. (In the LDAP Schema, this is defined by placing the DN of the dhcpClass in the client's dhcpMemberOfGroup attribute.) CIM_DHCPEndpointCollection is also useful when enumerat- ing the client members of a Collection, after evaluation of the User- Class, VendorClass and Characteristics requirements. Regarding dhcpConfiguration as a "possible superior" for dhcpClass, this is mapped in the DMTF Schema as an instance of the CIM_Collec- tionConfiguration association. The association would be instantiated to reference the CIM_DHCPClientCollection and the appropriate CIM_DHCPConfiguration. 4.4. dhcpNamedOptionSet A "dhcpNamedOptionSet" is an object class for associating a name with a collection of option settings. The entire set of options can be associated with a dhcp object by referring to the name. This allows a common set of option settings to be re-used without repeating the option settings on each configured object. Bennett, et. al. Expires December 1999 [Page 11] Internet Draft DHCP Schema for LDAP June 1999 NAME dhcpNamedOptionSet DESCRIPTION This is a named collection of settings for options and/or server parameters. TYPE Structural DERIVED FROM dhcpConfigurableObject POSSIBLE SUPERIORS ( dhcpConfiguration ) MUST CONTAIN ( dhcpConfiguration dhcpOptionSetName ) MAY CONTAIN ( ) 4.4.1. CIM Mapping In the DMTF Schema, the CIM_DHCPOptionConfiguration object corre- sponds to the dhcpNamedOptionSet class. dhcpOptionSetName is mapped into the Name property (a key property) of the CIM class. This is acceptable if dhcpOptionSetName meets CIM's requirements for unique- ness. Otherwise, its data should be placed into the Caption prop- erty, inherited from CIM_Configuration. If the instance of CIM_DHCPOptionConfiguration is part of a higher level CIM_DHCPConfiguration, this is indicated by instantiating the CIM_ConfigurationComponent association and referencing both Configu- rations. 4.5. dhcpClient The "dhcpClient" object class is used to store configuration informa- tion related to a specific host. This is defined as an auxiliary class since it is assumed that many clients may also be defined in the directory as a Computer object (or some similar object class). These objects can be created to manage the configuration or they may also be created by a DHCP server in order to track lease information in conjunction with the dhcpAddress object. NAME dhcpClient DESCRIPTION This is an auxiliary class for indicating that an object is a dhcp client. TYPE Auxiliary DERIVED FROM dhcpConfigurableObject POSSIBLE SUPERIORS ( ) MUST CONTAIN ( dhcpClientIdentifier ) MAY CONTAIN ( dhcpUserClass dhcpVendorClass dhcpAssignedAddress dhcpMemberOfGroup dhcpCharacteristics dhcpCreatedByServer ) 4.5.1. CIM Mapping The DMTF Schema defines a CIM_DHCPClientEndpoint object (derived from CIM_ProtocolEndpoint) that corresponds to dhcpClient. The CIM class Bennett, et. al. Expires December 1999 [Page 12] Internet Draft DHCP Schema for LDAP June 1999 maps the LDAP Schema properties as follows: - dhcpClientIdentifier = DHCPClientID string - dhcpUserClass = UserClass string array - dhcpVendorClass = VendorClass string - dhcpCharacteristics = Characteristics string array - dhcpCreatedByServer = CreatedForUnlistedClient boolean The remainder of the dhcpClient properties are mapped to associations in the DMTF Schema. The correspondence is as follows: - Information in dhcpAssignedAddress is mapped to the CIM_DHCPAd- dressAssignment association, relating CIM_DHCPClientEndpoint and CIM_DHCPAllocatedEndpoint (as discussed in Section 3.2.1) - Information in dhcpMemberOfGroup is mapped to the CIM_DHCPEnd- pointCollection association, relating CIM_DHCPClientEndpoint and CIM_DHCPClientCollection (as discussed in Section 3.3 To identify instances of CIM_DHCPClientEndpoint, key (naming) proper- ties are needed. Names are defined relative to the System that hosts the Endpoints. So, the keys of any CIM_ProtocolEndpoint are specified as: - The hosting System's CreationClassName (for example, CIM_Uni- taryComputerSystem) and Name, - The ProtocolEndpoint's CreationClassName (= "CIM_DHCPClientEnd- point") and Name. These string properties taken together form the object's key and con- ceptually are a DN. 4.6. Dictionary Objects The schema provides several object classes which are used to define site-specific or implementation-specific customizations without requiring schema extensions. This is done by defining a "dictionary" of the types of Options and Parameters. 4.6.1. dhcpOptionDictionary "dhcpOptionDictionary" objects define the options that can be set when configuring various DHCP entities. Bennett, et. al. Expires December 1999 [Page 13] Internet Draft DHCP Schema for LDAP June 1999 NAME dhcpOptionDictionary DESCRIPTION This class defines an option that can have a value. TYPE Structural DERIVED FROM Top POSSIBLE SUPERIORS ( dhcpConfiguration ) MUST CONTAIN ( dhcpConfigurationName dhcpOptionName dhcpOptionTag dhcpDataType ) MAY CONTAIN ( dhcpMultiValued dhcpDefault dhcpVendorClass dhcpDescription dhcpLegalValues dhcpTypeRestriction ) 4.6.1.1. CIM Mapping The DMTF Schema defines a CIM_DHCPOptionDictionary object (derived from CIM_Setting) that corresponds to dhcpOptionDictionary. Instances of CIM_DHCPOptionDictionary may be grouped by CIM_DHCPCon- figurations using the CIM_SettingContext association. This associa- tion aggregates one or more Settings into a Configuration, and corre- sponds to the definition of dhcpConfiguration as a "possible supe- rior" of dhcpOptionDictionary. It also is the mapping for the dhcp- ConfigurationName string attribute. The property values of the CIM_DHCPOptionDictionary class map one-to- one to those of dhcpOptionDictionary. The explicit mapping is: - dhcpOptionName = OptionName string - dhcpOptionTag = OptionTag uint32 - dhcpDataType = DataType enumeration - dhcpMultiValued = MultiValued boolean - dhcpDefault = DefaultValue octet string - dhcpVendorClass = VendorClass string - dhcpDescription = Description string, inherited from CIM_Setting - dhcpLegalValues = LegalValues octet string - dhcpTypeRestriction = RestrictedTo enumerated integer array To identify instances of CIM_DHCPOptionDictionary, one or more key (naming) properties are needed. The key of CIM_DHCPOptionDictionary is specified as its SettingID (a string). This property conceptually is a DN. 4.6.2. dhcpParameterDictionary "dhcpParameterDictionary" objects define server parameters that can be defined to customize a server's behavior. Bennett, et. al. Expires December 1999 [Page 14] Internet Draft DHCP Schema for LDAP June 1999 NAME dhcpParameterDictionary DESCRIPTION This class defines server parameters that can be set to control the server behavior. TYPE Structural DERIVED FROM Top POSSIBLE SUPERIORS ( dhcpConfiguration ) MUST CONTAIN ( dhcpConfigurationName dhcpParameterName dhcpDataType ) MAY CONTAIN ( dhcpMultiValued dhcpDefault dhcpImplementation dhcpDescription dhcpLegalValues dhcpTypeRestriction ) 4.6.2.1. CIM Mapping The DMTF Schema defines a CIM_DHCPParameterDictionary object (derived from CIM_Setting) that corresponds to dhcpParameterDictionary. Instances of CIM_DHCPParameterDictionary may be grouped by CIM_DHCP- Configurations using the CIM_SettingContext association. This asso- ciation aggregates one or more Settings into a Configuration, and corresponds to the definition of dhcpConfiguration as a "possible superior" of dhcpParameterDictionary. It also is the mapping for the dhcpConfigurationName string attribute. The property values of the CIM_DHCPParameterDictionary class map one- to-one to those of dhcpParameterDictionary. The explicit mapping is: - dhcpParameterName = ParameterName string - dhcpDataType = DataType enumeration - dhcpMultiValued = MultiValued boolean - dhcpDefault = DefaultValue octet string - dhcpImplementation = ImplementationMatchingStrings string array - dhcpDescription = Description string, inherited from CIM_Setting - dhcpLegalValues = LegalValues octet string - dhcpTypeRestriction = RestrictedTo enumerated integer array To identify instances of CIM_DHCPParameterDictionary, one or more key (naming) properties are needed. The key of CIM_DHCParameterDictionary is specified as its SettingID (a string). This property conceptually is a DN. 4.7. dhcpConfigurableObject Many of the object classes represent objects that are configurable within DHCP, and therefore have a common set of attributes. Instead of repeating these throughout the schema on each class, we have defined an abstract class "dhcpConfigurableObject" where we define the basic, common set of attributes for configuring dhcp objects. Most of the other DHCP object classes are derived from this class. Bennett, et. al. Expires December 1999 [Page 15] Internet Draft DHCP Schema for LDAP June 1999 NAME dhcpConfigurableObject DESCRIPTION An abstract class that provides attributes for configuring options and server parameters for various DHCP object classes. TYPE Abstract DERIVED FROM Top POSSIBLE SUPERIORS ( ) MUST CONTAIN ( ) MAY CONTAIN ( dhcpOptionSetting dhcpParameterSetting dhcpFieldSetting dhcpIncludeOptionSet dhcpConfiguration dhcpForcedOptions ) 4.7.1. CIM Mapping The DMTF Schema maps the setting and parameter data in the dhcpCon- figurableObject class using instances of CIM_Setting classes and associations. The individual dhcpOption, Parameter and Field Settings are instances of the CIM_DHCPSetting class (derived from CIM_Setting). The CIM_DHCPSetting class defines key properties and an octet string to hold the OptionData. The CIM_DHCPSetting instances are associated with the various subclasses of dhcpConfigurableObject using the CIM_ElementSetting, CIM_SettingContext or CIM_CollectionSetting rela- tionships. (Which association is used depends on the derivation of the dhcpConfigurableObject in the CIM class hierarchy.) The individual dhcpConfigurations and dhcpIncludeOptionSets are instances of the CIM_DHCPConfiguration class or of its subclass, CIM_DHCPOptionConfiguration (both classes were discussed earlier in this document). The CIM_DHCPConfiguration instances are associated with the various subclasses of dhcpConfigurableObject using the CIM_ElementConfiguration, CIM_ConfigurationComponent or CIM_Collec- tionConfiguration relationships. (As above, the association that to be used depends on the derivation of the dhcpConfigurableObject in the CIM class hierarchy.) dhcpForcedOptions is mapped to the CIM_DHCPForcedOptions class (derived from CIM_Setting). CIM_DHCPForcedOptions defines key prop- erties and an integer array to hold the option tags being "forced". It is associated with the various subclasses of dhcpConfigurableOb- ject using the CIM_ElementSetting, CIM_SettingContext or CIM_Collec- tionSetting relationships. (As above, the association that is used depends on the derivation of the dhcpConfigurableObject in the CIM class hierarchy.) Since the CIM_DHCPSetting and CIM_DHCPForcedOptions classes were not discussed previously, a brief overview of their properties is needed. Bennett, et. al. Expires December 1999 [Page 16] Internet Draft DHCP Schema for LDAP June 1999 Both classes contain only key properties for identification, plus one additional property in each object. The CIM_DHCPSetting class has an octet string to hold the option, parameter or field data. The CIM_DHCPForcedOptions class has an integer array holding option tags. The key properties of CIM_DHCPSetting and CIM_DHCPForcedOptions are: - ConfiguredObject, a string identifying the entity to which the Setting or ForcedOptions applies - SettingID, a string identifier for the instance - For CIM_DHCPSetting only, a SettingType enumerated integer defin- ing whether an option, parameter or field setting is specified. These string properties taken together form the objects' key and con- ceptually are a DN. 4.8. Object Classes not defined in this schema There are some object classes which are not defined in this schema but we have assumed they exist in the directory. A few in particular are worth mentioning: is a general refer- ence to object classes that are present in most directories that are used for creating an administrative hierarchy to manage objects. Examples include Organization (O), OrganizationalUnit (OU), Country (C), etc. Also, it is assumed that some type of object class is pre- sent for representing a computer, or computer system - this is referred to as in some places in this document. 5. Object Containment These diagrams depict the containment hierarchy of the objects: | +---dhcpConfiguration | +---dhcpOptionDictionary | +---dhcpParameterDictionary | +---dhcpNamedOptionSet | +---dhcpClass Bennett, et. al. Expires December 1999 [Page 17] Internet Draft DHCP Schema for LDAP June 1999 | +---dhcpRangeGroup | +---dhcpSubnet | +---dhcpAddress | +---dhcpService 6. Object Class Inheritance The following diagram shows the inheritance hierarchy of the classes: Top | +---dhcpOptionDictionary | +---dhcpParameterDictionary | +---dhcpService | +---dhcpConfigurableObject | +---dhcpAddress | +---dhcpClass | +---dhcpClient | +---dhcpConfiguration | +---dhcpNamedOptionSet | +---dhcpRangeGroup | +---dhcpSharedNetwork | +---dhcpSubnet Bennett, et. al. Expires December 1999 [Page 18] Internet Draft DHCP Schema for LDAP June 1999 7. Attribute Definitions These are the definitions of the attributes: NAME dhcpAddressRange DESCRIPTION The starting & ending IP Addresses in a range, separated by a hyphen. Each range is defined as an independent string. SYNTAX String MULTI-VALUE NAME dhcpAddressState DESCRIPTION This stores information about the current binding-status of an address, using the states defined in the safe- failover draft. For more information see [FAILOVR]. SYNTAX Integer SINGLE-VALUE NAME dhcpAddressType DESCRIPTION This describes how an address is to be assigned to a client. There will be a limited set of values for this attribute. For example: Unknown, Dynamic, Fixed, Unas- signed, Should Not Be Assigned. SYNTAX Integer SINGLE-VALUE NAME dhcpAssignedAddress DESCRIPTION The distinguished name of the dhcpAddress object which has been assigned to a client. SYNTAX DN MULTI-VALUE NAME dhcpAssignedHostName DESCRIPTION This is the actual hostname that was assigned to a client. It may not be the name that was requested by the client. The fully qualified domain name can be deter- mined by appending the value of "dhcpDomainName" (with a dot separator) to this name. SYNTAX String SINGLE-VALUE NAME dhcpAssignedToClient DESCRIPTION This is the distinguished name of a "dhcpClient" that an address is currently assigned to. This only has a value when the address is leased. SYNTAX DN SINGLE-VALUE NAME dhcpBootpFlag DESCRIPTION This indicates whether an address is assigned via BOOTP SYNTAX Boolean SINGLE-VALUE Bennett, et. al. Expires December 1999 [Page 19] Internet Draft DHCP Schema for LDAP June 1999 NAME dhcpCharacteristics DESCRIPTION This is a list of characteristics for a client that can be used to determine if the client is a member of any of the defined dhcpClass(es) of type "ClientClass". Mem- bership is defined by comparison of the client's dhcpCharacteristics attribute with the dhcpClassCharac- teristics attribute of dhcpClass. SYNTAX String MULTI-VALUE NAME dhcpClassCharacteristics DESCRIPTION This is a set of characteristics for a dhcpClass object that should be matched by a client in order to be con- sidered a member of the class. If there is more than one characteristic specified then they must all be matched. A client's dhcpCharacteristics are found in the dhcp- Client class. SYNTAX String MULTI-VALUE NAME dhcpClassName DESCRIPTION The name of a dhcpClass. SYNTAX String SINGLE-VALUE NAME dhcpClassType DESCRIPTION This is the type of a dhcpClass. One of: VendorClass, UserClass, ClientGroup, ClientClass, Combination. A ClientGroup is an enumerated list of clients (see the dhcpMemberOfGroup attribute in dhcpClient class). A ClientClass is dynamic - membership in the class is determined by matching dhcpCharacteristics of a client with match criteria specified by the class (using the dhcpClassCharacteristics attribute). SYNTAX Integer SINGLE-VALUE NAME dhcpClientIdentifier DESCRIPTION The DHCP client identifier used by the configuration to identify a client. This is either the MAC address (pre- fixed with the media type) or the DHCP client identifier for the client. SYNTAX String SINGLE-VALUE NAME dhcpConfiguration DESCRIPTION The distinguished name(s) of the configurations provided by a server. SYNTAX DN MULTI-VALUE Bennett, et. al. Expires December 1999 [Page 20] Internet Draft DHCP Schema for LDAP June 1999 NAME dhcpConfigurationName DESCRIPTION The name of the configuration that contains this object. SYNTAX String SINGLE-VALUE NAME dhcpCreatedByServer DESCRIPTION This attribute indicates if an object was created by the DHCP server (and can therefore be removed by the server when it is no longer needed). This can be applied to dhcpClient objects that are created for the life of a lease to record additional information beyond what is recorded in the dhcpAddress object. If the attribute has no value it is assumed to be FALSE. SYNTAX Boolean SINGLE-VALUE NAME dhcpDataType DESCRIPTION The data type for values of this option. The set of valid data types are defined by the DHCP protocol. For more information see [RFC2131]. SYNTAX Integer SINGLE-VALUE NAME dhcpDefault DESCRIPTION Indicates the default value of a parameter or option definition in a dictionary object. This is encoded the same way as the parameter or option value would be set in the dhcpConfigurableObject object class. SYNTAX OctetString SINGLE-VALUE NAME dhcpDescription DESCRIPTION A textual description of an object. SYNTAX String SINGLE-VALUE NAME dhcpDnsStatus DESCRIPTION This indicates which resource records were added to the domain on behalf of the client by the dhcp server. The allowed values are: "No DNS Activity", "Update A Records", "Update PTR Records", and "Update Both A and PTR Records" SYNTAX Integer SINGLE-VALUE NAME dhcpDomainName DESCRIPTION This is the name of the domain assigned to a client by the server. SYNTAX String SINGLE-VALUE Bennett, et. al. Expires December 1999 [Page 21] Internet Draft DHCP Schema for LDAP June 1999 NAME dhcpExpirationTime DESCRIPTION This is the time the current lease for an address expires. SYNTAX DateTime SINGLE-VALUE NAME dhcpFieldSetting DESCRIPTION Encoded settings of fields (such as siaddr, file) in the DHCP message whose values may be configurable for send- ing back to a client. For more information see [RFC951]. Encoded in the form (FieldName, FieldValue). SYNTAX OctetString MULTI-VALUE NAME dhcpForcedOptions DESCRIPTION This is a list of dhcp option tags that MUST be sent to clients. If not specified, the server only sends the options back to the client which were requested. SYNTAX Integer MULTI-VALUE NAME dhcpImplementation DESCRIPTION If this is a dictionary object that only applies to cer- tain server implementations these are the implementa- tion(s) that it applies to. SYNTAX String MULTI-VALUE NAME dhcpIncludeFromParent DESCRIPTION This attribute defines the type of objects that should be included from the parent configuration. It is lim- ited to the following values: OptionDictionary, Parame- terDictionary, GlobalOptions, NamedOptionSets, Classes, Characteristics. SYNTAX Integer MULTI-VALUE NAME dhcpIncludeOptionSet DESCRIPTION The name(s) of dhcpNamedOptionSet objects whose settings should be included for this object. If there are multi- ple values the order in which the option sets are checked is important so each value is preceded by it's precedence, followed by a colon as in "1:name1", "2:name2", etc. Any optionSettings defined locally on this object take precedence over any settings found in a named option set. SYNTAX String MULTI-VALUE NAME dhcpIpAddress DESCRIPTION A DHCP leasable IP address. SYNTAX String SINGLE-VALUE Bennett, et. al. Expires December 1999 [Page 22] Internet Draft DHCP Schema for LDAP June 1999 NAME dhcpLastTransactionTime DESCRIPTION This is the last time a valid DHCP packet was received from a client. SYNTAX DateTime SINGLE-VALUE NAME dhcpLegalValues DESCRIPTION The list of allowed values for a dictionary entry (such as an option definition or parameter definition). SYNTAX OctetString MULTI-VALUE NAME dhcpLocator DESCRIPTION This attribute defines the objects that are included in a configuration. Each value is an LdapURL [RFC2255] (specifying search criteria) that is evaluated to find other objects that are included in this configuration. Note that in addition to these objects, all objects located "under" the configuration object in the direc- tory are also automatically include in the configura- tion. SYNTAX String MULTI-VALUE NAME dhcpMemberOfGroup DESCRIPTION This is a list of distinguished names for any dhcp- Class(es) to which a client belongs. SYNTAX DN MULTI-VALUE NAME dhcpMultiValued DESCRIPTION Indicates whether a parameter or option can have more than one value. SYNTAX Boolean SINGLE-VALUE NAME dhcpOptionName DESCRIPTION The name of a option. SYNTAX String SINGLE-VALUE NAME dhcpOptionSetName DESCRIPTION This is the name of a "Named Option Set" (see dhcpName- dOptionSet class). SYNTAX String SINGLE-VALUE NAME dhcpOptionSetting DESCRIPTION Encoded option values to be sent to clients. Each value represents a single option and contains (OptionTag, Length, OptionValue) stored in the 16-bit format used by the dhcp protocol. For more information see [DHCPOPT]. SYNTAX OctetString MULTI-VALUE Bennett, et. al. Expires December 1999 [Page 23] Internet Draft DHCP Schema for LDAP June 1999 NAME dhcpOptionTag DESCRIPTION The numeric tag that identifies an option. SYNTAX Integer SINGLE-VALUE NAME dhcpParameterName DESCRIPTION The name of a parameter. SYNTAX String SINGLE-VALUE NAME dhcpParameterSetting DESCRIPTION Encoded values of parameters that control server behav- ior. Each value represents a single parameter setting in the form (ParameterName, ParameterValue). SYNTAX OctetString MULTI-VALUE NAME dhcpParentConfiguration DESCRIPTION This is the distininguished name of a "dhcpConfigura- tion" object. When this is set some of the parent con- figuration's objects may be referenced in this configu- ration. This allows for an administrative hierarchy of related configurations. SYNTAX DN SINGLE-VALUE NAME dhcpPrimaryService DESCRIPTION The "dhcpService" which is the primary for a configura- tion. SYNTAX DN SINGLE-VALUE NAME dhcpRelayAgentInfo DESCRIPTION If the client request was received via a relay agent, this attribute contains information about the relay agent that was available from the DHCP request. This is a hex-encoded option value. For more information see [RELAY]. SYNTAX OctetString SINGLE-VALUE NAME dhcpRequestedHostName DESCRIPTION This is the hostname that was requested by a client. SYNTAX String SINGLE-VALUE NAME dhcpReservedForClient DESCRIPTION This is the distinguished name of a "dhcpClient" that an address is reserved for. This may not be the same as the "dhcpAssignedToClient" attribute if the address is being reassigned but the current lease has not yet expired. SYNTAX DN SINGLE-VALUE Bennett, et. al. Expires December 1999 [Page 24] Internet Draft DHCP Schema for LDAP June 1999 NAME dhcpSecondaryService DESCRIPTION The "dhcpService(s)" which provide backup for a configu- ration. SYNTAX DN MULTI-VALUE NAME dhcpServiceName DESCRIPTION The name of a server (aka dhcpService). SYNTAX String SINGLE-VALUE NAME dhcpSharedNetwork DESCRIPTION A unique identifier for a shcpSharedNetwork that this subnet may be part of. This is the distinguished name of an object which represents the shared-network. SYNTAX DN SINGLE-VALUE NAME dhcpSharedNetworkName DESCRIPTION The name of a shared network. SYNTAX String SINGLE-VALUE NAME dhcpStartTimeOfState DESCRIPTION This is the time of the last state change for a leased address. SYNTAX DateTime SINGLE-VALUE NAME dhcpSubnetMaskLength DESCRIPTION The subnet mask length for a subnet. The actual mask can be easily computed from this length. SYNTAX Integer SINGLE-VALUE NAME dhcpSubnetName DESCRIPTION A descriptive name of a subnet. SYNTAX String SINGLE-VALUE NAME dhcpTypeRestriction DESCRIPTION This attribute is used to specify that an option or parameter (see dictionary objects) should only be used with specific types of objects. If not defined, the option/parameter can be used on any object. Values should be one of: Any, Other, Address, Class, Client, Configuration, RangeGroup, SharedNetwork, Subnet. SYNTAX Integer MULTI-VALUE NAME dhcpUserClass DESCRIPTION The DHCP user class associated with a client. SYNTAX String MULTI-VALUE Bennett, et. al. Expires December 1999 [Page 25] Internet Draft DHCP Schema for LDAP June 1999 NAME dhcpVendorClass DESCRIPTION The DHCP vendor class associated with a client. SYNTAX String SINGLE-VALUE 8. References [RFC2131] Droms, R., "Dynamic Host Configuration Protocol", RFC 2131, March 1997. [RFC2132] Alexander, S., Droms, R., "DHCP Options and BOOTP Vendor Extensions", RFC 2132, March 1997. [DMTF] Distributed Management Task Force, "Common Information Model (CIM) Specification", Version 2.0, Mar 1998. [DEN] Strassner, J., "Directory-Enabled Networks, Information Model and Base Schema", DEN Specification v3.0c, July 1998. [MSDHCP] Gu, Y., Vyaghrapuri, R., "An LDAP Schema for Dynamic Host Configuration Protocol Service", Internet Draft , August 1998. [NOVDHCP] Miller, T., Patel, A., Rao, P., "Lightweight Directory Access Protocol (v3): Schema for Dynamic Host Configuration Protocol (DHCP)", Internet Draft , June 1998. [FAILOVR] Droms, R., Rabil, G., Dooley, M., Kapur, A., Gonczi, S., Volz, B., "DHCP Failover Protocol", Internet Draft , November 1998. [RELAY] Patrick, M., "DHCP Relay Agent Information Option", Inter- net Draft , November 1998. [DHCPOPT] Carney, M., "New Option Review Guidelines and Additional Option Namespace", Internet Draft , June 1999. [RFC2251] Wahl, M., Howes, T., Kille, S., "Lightweight Directory Access Protocol (v3)", RFC 2251, December 1997. [RFC2255] Howes, T., Smith, M., "The LDAP URL Format", RFC 2255, December 1997. [RFC951] Croft, B., Gilmore, J., "Bootstrap Protocol (BOOTP)", RFC 951, September 1985. Bennett, et. al. Expires December 1999 [Page 26] Internet Draft DHCP Schema for LDAP June 1999 [RFC2119] Bradner, S. "Key words for use in RFCs to Indicate Require- ment Levels", RFC 2119, March 1997. 9. Acknowledgements This document is closely aligned with the work being done in the Distributed Management Task Force (DMTF) Networks working group. Design ideas included in this document are primarily based on dis- cussions during two meetings with some members of the IETF DHC Working Group and the DMTF Networks working group. The contribu- tions of these individuals is gratefully acknowledged. Special thanks to Lee Rafalow, Steve Gonczi, Steve Chirokas, Kim Kinnear, Ellen Stokes, Tom Miller, Ye Gu, Glenn Waters, Mike Car- ney, Ralph Droms, Greg Rabil and Steve Bazyl for their contribu- tions. Thanks also to Ester Burwell, Andy Sudduth, Fred Hunter, Paul Rai- son, Josh Littlefield, Peter Heitman, Neil Russell and Linda Scobo for their participation in these meetings. 10. Author information Andy Bennett Bernie Volz Process Software Corporation 959 Concord St. Framingham, MA 01701 Phone: (508) 879-6994 Email: bennett@process.com Email: volz@process.com Andrea Westerinen Microsoft Corporation One Microsoft Way Redmond, WA 98052 Phone: +1 425-705-2553 Email: andreawe@microsoft.com 11. Full Copyright Statement Copyright (C) The Internet Society (1999). All Rights Reserved. This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implementation may be prepared, copied, published and distributed, in whole or in part, without Bennett, et. al. Expires December 1999 [Page 27] Internet Draft DHCP Schema for LDAP June 1999 restriction of any kind, provided that the above copyright notice and this paragraph are included on all such copies and derivative works. However, this document itself may not be modified in any way, such as by removing the copyright notice or references to the Internet Society or other Internet organizations, except as needed for the purpose of developing Internet standards in which case the procedures for copyrights defined in the Internet Standards process must be followed, or as required to translate it into lan- guages other than English. The limited permissions granted above are perpetual and will not be revoked by the Internet Society or its successors or assigns. This document and the information contained herein is provided on an "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGI- NEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Bennett, et. al. Expires December 1999 [Page 28]