Internet-Draft Ryan Moats draft-moats-dmtf-network-ldap-00.txt Gerald Maziarski Expires in six months AT&T John Strassner cisco Systems October 1999 LDAP Schema for the DMTF Network CIM Model Filename: draft-moats-dmtf-network-ldap-00.txt Status of this Memo This document is an Internet-Draft and is in full conformance with all provisions of Section 10 of RFC2026. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet- Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. Abstract This draft presents a LDAP schema for the DMTF CIM Network model version 2.2 [4]. 1. Introduction This draft presents a LDAPv3 [1,2] schema for the DMTF CIM Network model. Associations are mapped using a combination of auxiliary classes and DIT structure rules. Where auxiliary classes are used, name form and DIT content rules are specified. 2. Class Definitions For efficiency in the LDAP representation, associations are specified as a combination of auxiliary classes and DIT structure rules. Attribute definitions for each class are presented with the object Expires 4/30/00 [Page 1] INTERNET DRAFT LDAP Schema for the DMTF Network CIM Model October 1999 class. Other definitions are also provided when necessary. This approach minimizes the number of DN pointers stored in the schema, but some pointer dereferencing is necessary. While not explicitly stated in the definitions below, we assume that all attributes with DN support the matching rule defined in [3]. Attribute names for DN pointers also follow the convention that a single pointer's name ends in "Ref", while an array of pointers' name ends in "Refs". Note: all OIDs are place holders, and OIDs in definitions have been replaced by names for clarity. There are some differences between the classes and associations specified in the CIM model and the schema here. First, because the core model requires services to be contained by systems the NetworkServicesInAdminDomain association doesn't add any new information. Second, there are a couple of classes that don't have structural rules specified for them as they don't specify any new RDNs. There are a couple of namespace collisions between this model and and other models, a couple of attributes in this model have been renamed. Finaly, the classes TransparentBridgingStatistics, SpanningTreeStatistics, SwitchPortStatistics, SwitchPortTransparentBridingStatistics, SwitchPortSpanningTreeStatistics, SwitchPortSourceRoutingStatisitcs, BGPStatistics, and BGPServiceStatistics aren't included as they contain counter information that is considered too dynamic for directory storage. 2.1 dmtfAdminDomain This is a special grouping of dmtfManagedSystemElement objects that are all administered by the same user or group of users. It serves as an aggregation point to associate one or more of the following elements: network devices, such as routers and switches, servers, and other resources that can be accessed by end systems. This grouping of devices plays an essential role in ensuring that the same administrative POLICY is applied to all the devices in the grouping. ( NAME 'dmtfAdminDomain' DESC 'special grouping of ManagedSystemElements that are all administered by the same user or group of users.' SUP dmtfSystem ABSTRACT MUST (nameFormat) ) Expires 4/30/00 [Page 2] INTERNET DRAFT LDAP Schema for the DMTF Network CIM Model October 1999 2.2 dmtfNetworkService This abstract base class is derived from the dmtfService class. It serves as the root of the network service hierarchy. Network services represent generic functions that are available from the network that configure and/or change the traffic being sent. For example, FTP is not a network service, as it simply passes data unchanged from source to destination. On the other hand, services that provide quality of service (e.g., DiffServ) and security (e.g., IPSec) do affect the traffic stream. Quality of service, IPSec, and other services are subclasses of this class. This class hierarchy enables developers to match services to users, groups, and other objects in the network. ( NAME 'keywords' DESC 'a free-form array of strings that provide descriptive words and phrases that can be used in queries to help locate and identify instances of this service.' SYNTAX string ) ( NAME 'startupConditions' DESC 'a free-form array of strings that specify any specific pre-conditions that must be met in order for this service to start correctly.' SYNTAX string ) ( NAME 'startupParameters' DESC 'a free-form array of strings that specify any specific parameters that must be supplied in order for this service to start correctly.' SYNTAX string ) ( NAME 'serviceURL' DESC 'This is a URL that provides the protocol, network location, and other service-specific information required to access the service.' SYNTAX DirectoryString EQUALITY CaseExactMatch SINGLE-VALUE ) ( NAME 'dmtfNetworkService' DESC 'an abstract base class derived from the dmtfService class.' SUP dmtfService ABSTRACT MUST (serviceURL $ keywords $ startupConditions $ startupParameters) ) Expires 4/30/00 [Page 3] INTERNET DRAFT LDAP Schema for the DMTF Network CIM Model October 1999 2.3 dmtfForwardingService This class represents the forwarding of network traffic by receiving data from one or more protocol endpoints and sending that data via other protocol endpoints. This class is different from the dmtfRouteCalculationService class in that it represents a way to forward traffic independent of calculating routing information (e.g., using static routing). Generally, the endpoints a forwarding service routes data among are at the same protocol layer and are usually of similar types or of the same type. Examples of this service include routing, bridging, and repeating services. ( NAME 'protocolType' DESC 'This defines the type of protocol that is being forwarded.' SYNTAX integer SINGLE-VALUE ) ( NAME 'otherProtocolType' DESC 'This defines the type of protocol that is being forwarded when the value of the ProtocolType attribute is 1 (e.g., "Other"). This provides for future extensibility.' SYNTAX string{32} SINGLE-VALUE ) ( NAME 'dmtfForwardingService' DESC 'represents the forwarding of network traffic by receiving data from one or more ProtocolEndpoints and sending that data via other ProtocolEndpoints.' SUP dmtfNetworkService MUST (protocolType $ otherProtocolType) ) 2.4 dmtfAutonomousSystem This class provides a structured view of routing by segregating the system that is using routing (e.g., the Internet, or an extranet) into a set of separately administered domains that each have their own independent routing policies. These domains are called autonomous systems. The classic definition of an AS, from RFC1771, is ...a set of routers under a single technical administration, using an interior gateway protocol and common metrics to route packets within the AS, and using an exterior gateway protocol to route packets to other ASs The RFC continues Since this classic definition was developed, it has become common Expires 4/30/00 [Page 4] INTERNET DRAFT LDAP Schema for the DMTF Network CIM Model October 1999 for a single AS to use several interior gateway protocols and sometimes several sets of metrics within an AS. The use of the term Autonomous System here stresses that, even when multiple IGPs and metrics are used, the administration of an AS appears to other ASs to have a single coherent interior routing plan and presents a consistent picture of what destinations are reachable through it. ( NAME 'aSNumber' DESC 'an integer between 1 and 65535, with the range 64512 through 65535 reserved for private use. Every AS has a unique AS number, which is assigned to it by an Internet Registry or a provider. IANA assigns and administers AS numbers.' SYNTAX integer SINGLE-VALUE ) ( NAME 'isSingleHomed' DESC 'a boolean that, when its value is TRUE, shows that this AS reaches networks outside its domain through a single exit point. Whether a given AS is single-homed or not has important ramifications for BGP configuration.' SYNTAX boolean SINGLE-VALUE ) ( NAME 'isTransit' DESC 'a boolean that, when its value is TRUE, shows that this AS will advertise routes that it learns from other ASs. A non-transit AS will only advertise its own routes.' SYNTAX boolean SINGLE-VALUE ) ( NAME 'requireIGPSync' DESC 'a boolean that, when its value is TRUE, shows that this AS must obey the following BGP rule: a BGP router should not advertise destinations learned from internal BGP neighbors to external BGP destinations unless those destinations are also known via some internal gateway protocol. Otherwise, a BGP router may receive traffic that cannot yet be routed. However, since this is a costly choice, it is common practice to allow this rule to be broken under certain carefully controlled circumstances.' SYNTAX boolean SINGLE-VALUE ) ( NAME 'routingUpdateSource' DESC 'defines how routing information is to be injected into BGP. Statically injected routes are maintained by the routing table and are independent of the status of the Expires 4/30/00 [Page 5] INTERNET DRAFT LDAP Schema for the DMTF Network CIM Model October 1999 networks that they refer to. This is done by defining static routes in the BGP routing table. Dynamically injected routes are of two types. Dynamic routes refer to distributing all the IGP routes into BGP. Semi-dynamic routes define a set of specific IGP routes that will be injected into BGP.' SYNTAX integer SINGLE-VALUE ) ( NAME 'aggregationType' DESC 'refers to summarizing ranges of routes into one or more aggregate routes.' SYNTAX integer SINGLE-VALUE ) ( NAME 'dmtfAutonomousSystem' DESC 'provides a structured view of routing by segregating the system that is using routing (e.g., the Internet, or an extranet) into a set of separately administered domains that each have their own independent routing policies.' SUP dmtfAdminDomain MUST (aSNumber $ isSingleHomed $ isTransit $ requireIGPSync $ routingUpdateSource $ suppressed $ providers) $ aggregationType) ) 2.5 dmtfLogicalNetwork The dmtfLogicalNetwork object groups together a set of dmtfProtocolEndpoint objects of a given type that are able to communicate with each other directly. It is used for describing the characteristics of the grouping and/or its associated medium. This class represents the ability to send and/or receive data over a network. ( NAME 'type' DESC 'an enumeration that provides additional information that can be used to help categorize and classify different instances of this class . Subclasses should ensure that they are of the appropriate type defined in the Type enumeration. That is, the IPSubnet subclass should define its property as either IPv4 or IPv6, as opposed to, for example, ATM.' SYNTAX string{64} SINGLE-VALUE ) ( NAME 'dmtfLogicalNetwork' DESC 'groups together a set of ProtocolEndpoints of a given type Expires 4/30/00 [Page 6] INTERNET DRAFT LDAP Schema for the DMTF Network CIM Model October 1999 which are able to communicate with each other directly.' SUP dmtfCollectionOfMSEs MUST (systemCreationClassName $ systemName $ creationClassName $ name $ type $ otherTypeDescription) ) While a variety of attributes may be used as RDNs, the following structural rules are recommended: ( 40 NAME 'dmtfLogicalNetworkStructureRule1' FORM dmtfLogicalNetworkNameForm1 SUP 3 4 ) ( NAME 'dmtfLogicalNetworkNameForm1' OC dmtfLogicalNetwork MUST (name) ) 2.6 dmtfLogicalNetworkServiceAuxClass This auxiliary class represents network services that either originate and/or terminate in a logical network. This enables management applications to more easily identify services that are provided by particular network devices. ( NAME 'dmtfLogicalNetworkRefs' DESC 'The LogicalNetwork that contains the network service.' SYNTAX DN ) ( NAME 'dmtfNetworkServiceRefs' DESC 'The NetworkService that is running in the LogicalNetwork.' SYNTAX DN ) ( NAME 'containmentType' DESC 'An enumeration that explicitly defines this network service as originating, terminating, or residing in this LogicalNetwork.' SYNTAX integer SINGLE-VALUE ) ( NAME 'dmtfLogicalNetworkServiceAuxClass' DESC 'represents network services that either originate and/or terminate in a LogicalNetwork.' SUP top AUXILIARY MUST (dmtfLogicalNetworkRefs $ dmtfNetworkServiceRefs $ Expires 4/30/00 [Page 7] INTERNET DRAFT LDAP Schema for the DMTF Network CIM Model October 1999 containmentType) ) 2.7 dmtfIPSubnet This class represents a group of related dmtfIPProtocolEndpoint objects that can communicate with each other directly using IP. It is used for describing the characteristics of the grouping. ( NAME 'subnetNumber' DESC 'The IP address of the entire subnet, formatted according to the appropriate convention as defined in the AddressType property of this class. Note that CIDR format is not supported for this release. This is because, without more formal methods like constraints, it is possible to create different instances of the same object that have different naming formats.' SYNTAX string SINGLE-VALUE ) ( NAME 'subnetMask' DESC 'The mask for the starting IP address of the IPSubnet, formatted according to the appropriate convention as defined in the AddressType property of this class (e.g., "255.255.252.0").' SYNTAX string SINGLE-VALUE ) ( NAME 'addressType' DESC 'An enumeration that describes the format of the address property. Addresses that can be formatted in IPv4 format, must be formatted that way to ensure mixed IPv4/IPv6 support.' SYNTAX integer SINGLE-VALUE ) ( NAME 'dmtfIPSubnet' DESC 'a group of related IPProtocolEndpoints that can communicate with each other directly using IP.' SUP dmtfLogicalNetwork MUST (subnetNumber $ subnetMask $ addressType) ) 2.8 dmtfProtocolEndpoint This class represents a group of related dmtfIPProtocolEndpoint objects that can communicate with each other directly using IP. It is used for describing the characteristics of the grouping. Expires 4/30/00 [Page 8] INTERNET DRAFT LDAP Schema for the DMTF Network CIM Model October 1999 ( NAME 'subnetNumber' DESC 'The IP address of the entire subnet, formatted according to the appropriate convention as defined in the AddressType property of this class. Note that CIDR format is not supported for this release. This is because, without more formal methods like constraints, it is possible to create different instances of the same object that have different naming formats.' SYNTAX string SINGLE-VALUE ) ( NAME 'subnetMask' DESC 'The mask for the starting IP address of the IPSubnet, formatted according to the appropriate convention as defined in the AddressType property of this class (e.g., "255.255.252.0").' SYNTAX string SINGLE-VALUE ) ( NAME 'addressType' DESC 'An enumeration that describes the format of the address property. Addresses that can be formatted in IPv4 format, must be formatted that way to ensure mixed IPv4/IPv6 support.' SYNTAX integer SINGLE-VALUE ) ( NAME 'dmtfIPSubnet' DESC 'a group of related IPProtocolEndpoints that can communicate with each other directly using IP.' SUP dmtfLogicalNetwork MUST (subnetNumber $ subnetMask $ addressType) ) 2.8 dmtfProtocolEndpoint This class represents a communication point from which data may be sent or received. Objects of this class link router interfaces and switch ports to logical networks. ( NAME 'dmtfProtocolEndpoint' DESC 'a communication point from which data may be sent or received.' SUP dmtfServiceAccessPoint MUST (name $ nameFormat $ type $ otherTypeDescription $ speed $ maxSpeed) ) Expires 4/30/00 [Page 9] INTERNET DRAFT LDAP Schema for the DMTF Network CIM Model October 1999 2.9 dmtfForwardsAmongAuxClass This auxiliary class represents the dependency that exists between protocol endpoints that are used to forward data and the forwarding service that is performing the forwarding of data. In it, antecedentRefs point to dmtfProtocolEndpoint objects and dependentRefs point to dmtfForwardingService objects. ( NAME 'dmtfForwardsAmongAuxClass' DESC 'represents the dependency that exists between the ProtocolEndpoints that are used to forward data and the ForwardingService that is performing the forwarding of data.' SUP dmtfServiceSAPDependencyAuxClass AUXILIARY ) 2.10 dmtfLANEndpoint This object represents a communication endpoint that, when its associated interface device is connected to a LAN, may send and receive data frames. They link switch ports and host interfaces to LANs. ( NAME 'lANID' DESC 'A label or identifier for the LAN Segment.' SYNTAX string SINGLE-VALUE ) ( NAME 'lANType' DESC 'the technology used on the LAN.' SYNTAX integer SINGLE-VALUE ) ( NAME 'otherLANType' DESC 'A free-form string that describes the type of technology used on the LAN when the value of the LANType property is equal to 1 (e.g., "Other"). This provides built-in extensibility.' SYNTAX string SINGLE-VALUE ) ( NAME 'mACAddress' DESC 'The principal unicast address used in communication with the LANEndpoint. The MAC address is formatted as twelve hexadecimal digits (e.g., "010203040506"with each pair representing one of the six octets of the MAC address in "canonical"according to RFC 2469.' SYNTAX string{12} SINGLE-VALUE Expires 4/30/00 [Page 10] INTERNET DRAFT LDAP Schema for the DMTF Network CIM Model October 1999 ) ( NAME 'aliasLANAddresses' DESC 'Other unicast addresses that may be used to communicate with the LANEndpoint.' SYNTAX string ) ( NAME 'groupAddresses' DESC 'Multicast addresses to which the LANEndpoint listens.' SYNTAX string ) ( NAME 'dmtfLANEndpoint' DESC 'A communication endpoint that, when its associated interface device is connected to a LAN, may send and receive data frames.' SUP dmtfProtocolEndpoint MUST (lANID $ lANType $ otherLANType $ mACAddress $ aliasLANAddresses $ groupAddresses $ maxDataSize) ) 2.11 dmtfLANSegment This class represents a collection of LAN Endpoints of a particular type that are able to intercommunicate directly without the help of bridging or routing services. ( NAME 'dmtfLANSegment' DESC 'A collection of LAN Endpoints of a particular type that are able to intercommunicate directly without the help of bridging or routing services.' SUP dmtfLogicalNetwork MUST (lANID $ lANType $ otherLANType) ) 2.12 dmtfInLogicalNetworkAuxClass This auxiliary class defines a protocol endpoint as a member of a specific logical network. In it, collectionRef points to a single dmtfLogicalNetwork objects and memberRefs point to dmtfProtocolEndpoint objects. ( NAME 'dmtfInLogicalNetworkAuxClass' DESC 'defines a ProtocolEndpoint as a member of a specific LogicalNetwork.' SUP dmtfCollectedMSEsAuxClass AUXILIARY ) Expires 4/30/00 [Page 11] INTERNET DRAFT LDAP Schema for the DMTF Network CIM Model October 1999 2.13 dmtfInSegmentAuxClass This auxiliary class defines a LAN endpoint as a member of a specific LAN segment. In it, collectionRef points to a single dmtfLANSegment object and memberRefs point to dmtfLANEndpoint objects. ( NAME 'dmtfInSegmentAuxClass' DESC 'Defines a LANEndpoint as a member of a specific LANSegment.' SUP dmtfInLogicalNetworkAuxClass AUXILIARY ) 2.14 dmtfActiveConnectionAuxClass This auxiliary class defines a connection that is currently carrying traffic between two protocol endpoints. In it, both antecedentRefs and dependentRefs point to dmtfProtocolEndpoint objects. ( NAME 'trafficType' DESC 'The type of traffic that is carried over this connection.' SYNTAX integer SINGLE-VALUE ) ( NAME 'otherTrafficDescription' DESC 'A string describing the type of traffic that is being carried over this instance when its Type property is set to 1 (e.g., "Other"). The format of the string inserted in this property should be similar in format to the values defined for the Type property. This property should be set to NULL when the Type property is any value other than 1.' SYNTAX string{64} SINGLE-VALUE ) ( NAME 'isUnidirectional' DESC 'TRUE means that this connection is uni-directional; FALSE means that this connection is bi-directional.' SYNTAX boolean SINGLE-VALUE ) ( NAME 'dmtfActiveConnectionAuxClass' DESC 'defines a connection that is currently carrying traffic between two ProtocolEndpoints.' SUP dmtfSAPSAPDependencyAuxClass AUXILIARY MUST (trafficType $ otherTrafficDescription $ uni-directional $ isUnidirectional) ) Expires 4/30/00 [Page 12] INTERNET DRAFT LDAP Schema for the DMTF Network CIM Model October 1999 2.15 dmtfIPAddressRange This class represents a grouping of specific addresses, and provides additional semantics for this group if appropriate. ( NAME 'startAddress' DESC 'The starting IP address of the AddressRange, formatted according to the appropriate convention as defined in the AddressType property of this class' SYNTAX string SINGLE-VALUE ) ( NAME 'endAddress' DESC 'The ending IP address of the AddressRange, formatted according to the appropriate convention as defined in the AddressType property of this class' SYNTAX string SINGLE-VALUE ) ( NAME 'typeOfAddress' DESC 'An enumeration that defines how to format the address and maskof the address range that defines this IPSubnet). Whenever possible, IPv4-compatible addresses should be used instead of IPv6 addresses (see RFC 2373, section 2.5.4). In order to have a consistent format for IPv4 addresses in a mixed IPv4/v6 environment, all IPv4 addresses and both IPv4-compatible IPv6 addresses and IPv4-mapped IPv6 addresses, per RFC 2373, section 2.5.4, should be formatted in standard IPv4 format. However, this (the 2.2) version of the Network Common Model will not explicitly support mixed IPv4/IPv6 environments. This will be added in the 2.3 release.' SYNTAX integer SINGLE-VALUE ) ( NAME 'allocationRegion' DESC 'This attribute defines the region that addresses can be allocated to.' SYNTAX integer SINGLE-VALUE ) ( NAME 'dmtfIPAddressRange' DESC 'represents a grouping of specific addresses, and provides additional semantics for this group if appropriate.' SUP dmtfCollectionOfMSEs ABSTRACT MUST (startAddress $ endAddress $ typeOfAddress $ allocationRegion) ) Expires 4/30/00 [Page 13] INTERNET DRAFT LDAP Schema for the DMTF Network CIM Model October 1999 2.16 dmtfIPProtocolEndpoint This class represents a protocol endpoint that is dedicated to running IP. ( NAME 'iPVersionSupport' DESC 'It is not possible to tell from the address alone if a given IPProtocolEndpoint can support IPv4 and IPv6, or just one of these. This property explicitly defines the support for different versions of IP that this IPProtocolEndpoint has. More implementation experience is needed to correctly model mixed IPv4/IPv6 networks; therefore, this version (2.2) of the Network Common Model will not support mixed IPv4/IPv6 environments. This will be looked at more in the 2.3 version.' SYNTAX integer SINGLE-VALUE ) ( NAME 'dmtfIPProtocolEndpoint' DESC 'A ProtocolEndpoint that is dedicated to running IP.' SUP dmtfProtocolEndpoint MUST (address $ subnetMask $ addressType $ networks $ iPVersionSupport) ) 2.17 dmtfBGPProtocolEndpoint This class represents a protocol endpoint that is dedicated to running BGP. ( NAME 'isEBGP' DESC 'A boolean that, when TRUE, signifies that this is an instance of the external version of BGP (FALSE is the internal version).' SYNTAX boolean SINGLE-VALUE ) ( NAME 'isEBGPMultihop' DESC 'Normally, two routers running EBGP must be physically connected. This boolean, when TRUE, denotes a LOGICAL connection between two routers that are running EBGP (e.g., there is an intermediate router or interface between them.' SYNTAX boolean SINGLE-VALUE ) ( NAME 'localIdentifier' DESC 'This is the unique identifier of the local BGP router. This is often the router ID (e.g., an IP address).' Expires 4/30/00 [Page 14] INTERNET DRAFT LDAP Schema for the DMTF Network CIM Model October 1999 SYNTAX string SINGLE-VALUE ) ( NAME 'peerIdentifier' DESC 'This is the unique identifier of the peer BGP router. This is often the router ID (e.g., an IP address).' SYNTAX string SINGLE-VALUE ) ( NAME 'state' DESC 'This defines the current connection state of the BGP Peer.' SYNTAX integer SINGLE-VALUE ) ( NAME 'adminStatus' DESC 'This defines the desired state of the BGP connection.' SYNTAX integer SINGLE-VALUE ) ( NAME 'negotiatedVersion' DESC 'This defines the negotiated version of BGP that is running between the two peers.' SYNTAX string SINGLE-VALUE ) ( NAME 'localAddress' DESC 'This is the local IP address of this router's BGP connection.' SYNTAX string SINGLE-VALUE ) ( NAME 'localPort' DESC 'This is the local port number for the TCP connection of this router's BGP connection.' SYNTAX integer SINGLE-VALUE ) ( NAME 'remoteAddress' DESC 'This is the remote IP address of this router's BGP connection.' SYNTAX string SINGLE-VALUE ) ( NAME 'remotePort' DESC 'This is the remote port number for the TCP connection of this router's BGP connection.' SYNTAX integer SINGLE-VALUE ) Expires 4/30/00 [Page 15] INTERNET DRAFT LDAP Schema for the DMTF Network CIM Model October 1999 ( NAME 'remoteAS' DESC 'This is the remote AS number for this router's BGP connection.' SYNTAX integer SINGLE-VALUE ) ( NAME 'holdTime' DESC 'This defines the maximum amount of time in seconds that may elapse between the receipt of successive KEEPALIVE or UPDATE messages. This is instrumented as a counter that increments from zero to the value specified in this property. The value of this property is calculated by this BGP speaker by using the smaller of the values of bgpPeerHoldTimeConfigured and the Hold Time received in the OPEN message. This value, if not zero seconds, must be at least three seconds, up to a maximum of 65535 seconds. Receipt of either a KEEPALIVE or an UPDATE message resets this value.' SYNTAX integer SINGLE-VALUE ) ( NAME 'keepAlive' DESC 'This defines the interval in seconds for the KeepAlive timer established with the peer. The value of this property is calculated by this speaker such that, when compared with the HoldTime property, it has the same proportion as the KeepAliveConfigured property has with the HoldTimeConfigured property. A value of 0 shows that the KeepAlive timer has not yet been established. The maximum value of this property is 21845 seconds.' SYNTAX integer SINGLE-VALUE ) ( NAME 'dmtfBGPProtocolEndpoint' DESC 'A ProtocolEndpoint that is dedicated to running BGP.' SUP dmtfProtocolEndpoint MUST (isEBGP $ isEBGPMultihop $ localIdentifier $ peerIdentifier $ state $ adminStatus $ negotiatedVersion $ localAddress $ localPort $ remoteAddress $ remotePort $ remoteAS $ holdTime $ keepAlive) ) 2.18 dmtfIPXProtocolEndpoint This class represents an IPX communication point from which data may be sent or received. ( NAME 'dmtfIPXProtocolEndpoint' DESC 'An IPX communication point from which data may be sent or Expires 4/30/00 [Page 16] INTERNET DRAFT LDAP Schema for the DMTF Network CIM Model October 1999 received.' SUP dmtfProtocolEndpoint MUST (address) ) 2.19 dmtfIPXNetwork This class represents a network or subnet that uses the IPX protocol' ( NAME 'networkNumber' DESC 'An IPX network number formatted as eight hexadecimal digits (e.g., "00112233".' SYNTAX string SINGLE-VALUE ) ( NAME 'dmtfIPXNetwork' DESC 'A network or subnet that uses the IPX protocol' SUP dmtfLogicalNetwork MUST (networkNumber) ) 2.20 dmtfIPRoute This class relates a remote IP address (destination) to a local IP address (source) through which the remote address may be reached. The local and remote addresses may be either specific IP endpoints or IP subnets. This class may used to represent a generic routing table entry. ( NAME 'iPDestinationAddress' DESC 'The IP address that serves as the destination of the traffic, formatted according to the appropriate convention as defined in the AddressType property of this class. May be used as an RDN.' SYNTAX string SINGLE-VALUE ) ( NAME 'iPDestinationMask' DESC 'The mask for the destination IP address, formatted according to the appropriate convention as defined in the AddressType property of this class. May be used as an RDN.' SYNTAX string SINGLE-VALUE ) ( NAME 'nextHop' DESC 'This contains either the address of the directly connected interface of the next-hop router or the address of the interface to which the destination is connected to. May be Expires 4/30/00 [Page 17] INTERNET DRAFT LDAP Schema for the DMTF Network CIM Model October 1999 used as an RDN.' SYNTAX string SINGLE-VALUE ) ( NAME 'isStatic' DESC 'TRUE shows that this ProtocolEndpoint represents a static route, and FALSE means that it represents a dynamically-learned route.' SYNTAX boolean SINGLE-VALUE ) ( NAME 'adminDistance' DESC 'This property contains the current administrative distance of this route. Note that the AdministrativeDistance class contains the default values, not the current values, of administrative distances that are to be used with routes.' SYNTAX integer SINGLE-VALUE ) ( NAME 'pathMetric' DESC 'This contains an integer that provides an indication to the preference of this route compared to other routes that reach the same destination.' SYNTAX integer SINGLE-VALUE ) ( NAME 'dmtfIPRoute' DESC 'relates a remote IP address (destination) to a local IP address (source) through which the remote address may be reached.' SUP dmtfLogicalElement ABSTRACT MUST (systemCreationClassName $ systemName $ serviceCreationClassName $ serviceName $ creationClassName $ iPDestinationAddress $ iPDestinationMask $ nextHop $ addressType $ isStatic $ adminDistance $ pathMetric) ) Although there are a variety of attributes that may be used as RDNs for this class, the following structural rules are recommended: ( 38 NAME 'dmtfIPRouteStructureRule1' FORM dmtfIPRouteNameForm1 SUP 5 6 ) ( NAME 'dmtfIPRouteNameForm1' OC dmtfIPRoute MUST (name) Expires 4/30/00 [Page 18] INTERNET DRAFT LDAP Schema for the DMTF Network CIM Model October 1999 ) ( 39 NAME 'dmtfIPRouteStructureRule2' FORM dmtfIPRouteNameForm2 SUP 5 6 ) ( NAME 'dmtfIPRouteNameForm2' OC dmtfIPRoute MUST (ipDestinationAddress) ) 2.21 dmtfBindsToAuxClass This auxiliary class establishes a protocol endpoint on one system as a requestor of protocol services from another protocol endpoint on the same system. This binding establishes a layering of two protocols, the upper layer represented by dependentRefs (pointing to dmtfProtocolEndpoint objects) and the lower layer represented by antecedentRef (pointing to dmtfServiceAccessPoint objects). ( NAME 'dmtfBindsToAuxClass' DESC 'establishes a ProtocolEndpoint on one system as a requestor of protocol services from another ProtocolEndpoint on the same system.' SUP dmtfSAPSAPDependencyAuxClass AUXILIARY ) 2.22 dmtfBindsToLANEdpointAuxClass This auxiliary class makes explicit the dependency of a protocol endpoint on some lower layer protocol endpoint on the same system. In it, antecedentRefs point to dmtfLANEndpoint objects. ( NAME 'frameType' DESC 'This describes the framing method for the upper layer protocol endpoint that is bound to a LANEndpoint. Note: "Raw802.3"only known to be used with the IPX protocol.' SYNTAX integer SINGLE-VALUE ) ( NAME 'dmtfBindsToLANEndpointAuxClass' DESC 'makes explicit the dependency of a ProtocolEndpoint on some lower layer ProtocolEndpoint on the same system.' SUP dmtfBindsToAuxClass AUXILIARY MUST (frameType) ) Expires 4/30/00 [Page 19] INTERNET DRAFT LDAP Schema for the DMTF Network CIM Model October 1999 2.23 dmtfBGPIPRoute This class describes a BGP routing entry that connects two peer routers that are running BGP. The source and destination addresses may be either specific IP endpoints or IP subnets. ( NAME 'isBackDoorRoute' DESC 'Usually, the administrative distance determines which route gets installed in the routing table. Using this scheme, routes learned via EBGP will win over routes learned via an IGP. If this is not desired, then this assigns the administrative distance of this route to be equal to that of a local route, which means that the same route learned by an IGP will have a lower administrative distance and be installed instead.' SYNTAX boolean SINGLE-VALUE ) ( NAME 'usesLoopbackPeering' DESC 'Loopback interfaces are often used by IBGP peers, because they eliminate a dependency that would otherwise occur if the IP address of a physical interface was used to configure BGP. The loopback interface instead instructs the router to use any available interface.' SYNTAX boolean SINGLE-VALUE ) ( NAME 'dmtfBGPIPRoute' DESC 'describes a BGP routing entry that connects two peer routers that are running BGP.' SUP dmtfIPRoute MUST (isBackDoorRoute $ usesLoopbackPeering) ) 2.24 dmtfRoutesBGPAuxClass This auxiliary class defines a BGP route, and makes explicit the dependency between a BGPIPRoute and a BGPProtocolEndpoint. In it, antecedentRefs point to at most two dmtfBGPProtocolEndpoint objects and dependentRef must point to a dmtfBGPIPRoute object. ( NAME 'dmtfRoutesBGPAuxClass' DESC 'This association defines a BGP route, and makes explicit the dependency between a BGPIPRoute and a BGPProtocolEndpoint.' SUP dmtfDependencyAuxClass AUXILIARY MUST (dependentRef) ) Expires 4/30/00 [Page 20] INTERNET DRAFT LDAP Schema for the DMTF Network CIM Model October 1999 2.25 dmtfBGPCluster BGP speakers in an AS are required to be fully meshed. This can lead to a huge number of TCP connections per router. One way to reduce the peering requirements is to use a route reflector. This is based on specifying one or more routers to act as focal points for IBGP sessions. The route reflector as a whole is called a cluster. It is logically divided into three types of routers: reflectors, clients of the route reflector(s), and non-clients of the route reflector. An AS can have more than one route reflector. There can be more than one route reflector in a cluster, and there can be more than one cluster in an AS. ( NAME 'clusterID' DESC 'If a cluster has more than one route reflector, all the route reflectors in the cluster need to be configured with a 4-byte cluster ID. This allows route reflectors to recognize updates from other route reflectors in the same cluster. May be used as an RDN.' SYNTAX integer SINGLE-VALUE ) ( NAME 'dmtfBGPCluster' DESC 'a route reflector as a whole is called a cluster and logically divided into three types of routers' SUP dmtfCollectionOfMSEs MUST (clusterID) ) 2.26 dmtfRoutersInBGPClusterAuxClass This auxiliary class establishes 'whole-part' relationships between a BGP cluster and the computer systems (e.g., the routers) that it contains. At least three routers are required to form a cluster - a reflector and two clients. In addition, the routers that form a cluster share common configuration information, and are commonly administered. In this class, collectionRef points to a dmtfBGPCluster object and memberRefs to at least three dmtfComputerSystem objects. ( NAME 'dmtfRoutersInBGPClusterAuxClass' DESC 'establishes whole-part relationships between a BGPCluster and the ComputerSystems (e.g., the routers) that it contains.' SUP dmtfCollectedMSEsAuxClass AUXILIARY ) Expires 4/30/00 [Page 21] INTERNET DRAFT LDAP Schema for the DMTF Network CIM Model October 1999 2.27 dmtfBGPClustersInASAuxClass This auxiliary class 'whole-part' relationships between an autonomous system and the BGP clusters that it contains. In addition, the routers that form a cluster share common configuration information, and are commonly administered. ( NAME 'groupASRef' DESC 'The AutonomousSystem that aggregates the Clusters belonging to it and administers them.' SYNTAX DN SINGLE-VALUE ) ( NAME 'partASRefs' DESC 'The Clusters that are contained in the AS.' SYNTAX DN ) ( NAME 'dmtfBGPClustersInASAuxClass' DESC 'establishes whole-part relationships between an AutonomousSystem and the BGPClusters that it contains' SUP top AUXILIARY MUST (groupASRef $ partASRefs) ) 2.28 dmtfRoutersInASAuxClass This auxiliary class establishes 'whole-part' relationships between an AutonomousSystem and the routers that it contains. In addition, the routers in the AS share common configuration information, and are commonly administered. In it, groupComponentRef points to a dmtfAutonomousSystem object and partComponentRefs point to dmtfComputerSystem objects. ( 'bGPSupportedAttributes' DESC 'an array of strings that contain the BGP attributes supported by this router.' SYNTAX string ) ( NAME 'addCommunityValue' DESC 'TRUE means that the community value of this router is added to the existing community value, and FALSE means that the community value of this router replaces the existing community value.' SYNTAX boolean SINGLE-VALUE ) Expires 4/30/00 [Page 22] INTERNET DRAFT LDAP Schema for the DMTF Network CIM Model October 1999 ( NAME 'role' DESC 'This is an enumeration that defines the function, from the point of view of BGP, of this router.' SYNTAX integer SINGLE-VALUE ) ( NAME 'otherRoleDescription' DESC 'A string describing the type of function that this router has in its AS when the value of the Role property of this class is set to 1 (e.g., "Other"). The format of the string inserted in this property should be similar in format to the values defined for the Role property. This property should be set to NULL when the Role property is any value other than 1.' SYNTAX string{64} SINGLE-VALUE ) ( NAME 'dmtfRoutersInASAuxClass' DESC 'establishes whole-part relationships between an AutonomousSystem and the routers that it contains.' SUP dmtfSystemComponentAuxClass AUXILIARY MUST (bGPSupportedAttributes $ addCommunityValue $ role $ otherRoleDescription) ) 2.29 dmtfProvidesEndpointAuxClass This auxiliary class shows that a protocol service provides endpoints to give access its services. In it, antecedentRef points to a single dmtfNetworkService object and dependentRefs to dmtfProtocolEndpoint objects. ( NAME 'dmtfProvidesEndpointAuxClass' DESC 'a protocol service provides endpoints to give access its services.' SUP dmtfServiceAccessBySAPAuxClass AUXILIARY MUST (antecedentRef) ) 2.30 dmtfASBGPEndpointsAuxClass This auxiliary class defines the different router interfaces that are running BGP in the autonomous system. In it, groupComponentRef points to a dmtfAutonomousSystem object and partComponentRefs point to dmtfBGPProtocolEndpoint objects. ( NAME 'dmtfASBGPEndpointsAuxClass' DESC 'defines the different router interfaces that are running Expires 4/30/00 [Page 23] INTERNET DRAFT LDAP Schema for the DMTF Network CIM Model October 1999 BGP in the AutonomousSystem.' SUP dmtfSystemComponentAuxClass AUXILIARY ) 2.31 dmtfConfederationAuxClass The BGP speakers in an AS are required to be fully meshed. This can lead to a huge number of TCP connections per router. One way to reduce the peering requirements is to use a confederation. A confederation effectively partitions one AS into a group of 'sub- ASs'. This enables all the benefits of IBGP to be applied inside the confederation, while enabling EBGP to be run between each confederation. This enables certain BGP attribute values to be preserved between confederations. However, to the outside world, the AS with its confederations appear to be a single AS. In this class, groupComponentRef points to a dmtfAutonomousSystem object and partComponentRefs to mulitple dmtfAutonomousSystem objects. ( NAME 'parentASNumber' DESC 'A unique identifier of the AutonomousSystem that contains the confederations.' SYNTAX integer SINGLE-VALUE ) ( NAME 'childASNumber' DESC 'A unique identifier of the Confederation within the AutonomousSystem.' SYNTAX integer SINGLE-VALUE ) ( NAME 'dmtfConfederationAuxClass' DESC 'a way to reduce the peering requirements' SUP dmtfSystemComponentAuxClass AUXILIARY MUST (parentASNumber $ childASNumber) ) 2.32 dmtfRouteCalculationService This is a base class, derived from dmtfNetworkService, that represents the route calculation aspects performed by a router. This also include functions performed by the router when it exchanges routing information. There are a large variety of additional routing protocols that are not listed below that will use this service. These will be added when they are modeled. ( NAME 'routerID' Expires 4/30/00 [Page 24] INTERNET DRAFT LDAP Schema for the DMTF Network CIM Model October 1999 DESC 'uniquely identifies the router that is performing the route calculation. It is the highest IP address on the router (or the highest loopback interface, if there is one).' SYNTAX string SINGLE-VALUE ) ( NAME 'typeOfRoutingAlgorithm' DESC 'This is an enumerated value that defines the routing algorithm used that this route calculation is being performed for.' SYNTAX integer SINGLE-VALUE ) ( NAME 'dmtfRouteCalculationService' DESC 'a base class that represents the route calculation aspects performed by a router.' SUP dmtfNetworkService ABSTRACT MUST (routerID $ typeOfRoutingAlgorithm) ) 2.33 dmtfCalculatedRoutesAuxClass This auxiliary class makes explicit the routes that are calculated by a specific route calculation service. Thus, every route calculation service can have its own unique set of calculated routes. In it, antecedentRef points to a dmtfRouteCalculationService object and dependentRefs to dmtfIPRoute objects. ( NAME 'dmtfCalculatedRoutesAuxClass' DESC 'makes explicit the routes that are calculated by a specific RouteCalculationService.' SUP dmtfDependencyAuxClass AUXILIARY ) 2.34 dmtfEGPRouteCalcDependencyAuxClass This is a specialization of dmtfServiceServiceDependencyAuxClass, and captures the dependency that external gateway protocols (such as BGP) have on interior gateway protocols (such as OSPF). In it, antecedentRef points to a dmtfRouteCalculationService object and dependentRefs to multiple dmtfRouteCalculationService objects. ( NAME 'iGPInjection' DESC 'Sometimes it is necessary to inject EGP information, such as that from BGP, into IGPs. This attribute defines whether this should be done for the two routing protocols that are associated by this class. The values below mean that no, Expires 4/30/00 [Page 25] INTERNET DRAFT LDAP Schema for the DMTF Network CIM Model October 1999 partial, and full EGP information is injected into the IGP, respectively.' SYNTAX integer SINGLE-VALUE ) ( NAME 'dmtfEGPRouteCalcDependencyAuxClass' DESC 'captures the dependency that external gateway protocols (such as BGP) have on interior gateway protocols (such as OSPF).' SUP dmtfServiceServiceDependencyAuxClass AUXILIARY MUST (iGPInjection) ) 2.35 This class represents the basic operation of BGP. It is derived from dmtfRouteCalculationService, the superclass of all routing protocols. ( NAME 'bGPVersion' DESC 'defines the version of BGP that this router is using. This is part of the BGP peer negotiation process).' SYNTAX integer SINGLE-VALUE ) ( NAME 'lastMessageErrorSubCode' DESC 'This defines the BGP error subcode for message header errors. If the ErrorCode property is any other value, then this property should be set to NULL.' SYNTAX integer SINGLE-VALUE ) ( NAME 'lastOpenErrorSubCode' DESC 'This defines the BGP error subcode for OPEN message errors. If the ErrorCode property is any other value, then this property should be set to NULL.' SYNTAX integer SINGLE-VALUE ) ( NAME 'lastUpdateErrorSubCode' DESC 'This defines the BGP error subcode for UPDATE message errors. If the ErrorCode property is any other value, then this property should be set to NULL.' SYNTAX integer SINGLE-VALUE ) ( NAME 'dmtfBGPService' DESC 'represents the basic operation of BGP.' SUP dmtfRouteCalculationService Expires 4/30/00 [Page 26] INTERNET DRAFT LDAP Schema for the DMTF Network CIM Model October 1999 MUST (bGPVersion $ lastErrorCode $ lastMessageErrorSubCode $ lastOpenErrorSubCode $ lastUpdateErrorSubCode) ) 2.36 dmtfBGPPeerGroup A BGP Peer Group is a set of BGP neighbors that share the same update policies. This enables an administrator to assign policies to the peer group, instead of individually. This enables the routers in the Peer Group to optimize UPDATE messages. Consequently, Peer Groups have a set of restrictions that must be followed to work correctly with external BGP peers. Otherwise, loss of routing information could occur. ( NAME 'connectRetryInterval' DESC 'This defines the interval, in seconds, for the ConnectRetry timer. The suggested value is 120 seconds.' SYNTAX integer SINGLE-VALUE ) ( NAME 'holdTimeConfigured' DESC 'This defines the interval in seconds for the Hold Time configured for this BGP speaker with a peer. This value is placed in an OPEN message sent to a peer by this BGP speaker, and is compared with the Hold Time field in the OPEN message received from the peer. This enables this speaker to establish a mutually agreeable Hold Time with the peer. This value must not be less than three seconds. If it is zero, then the Hold Time is NOT to be established with the peer. The suggested value for this timer is 90 seconds.' SYNTAX integer SINGLE-VALUE ) ( NAME 'keepAliveConfigured' DESC 'This defines the interval in seconds for the KeepAlive timer configured for this BGP speaker with a peer. This value will determine the frequency of the KEEPALIVE messages relative to the value of the HoldTimeConfigured property; the frequency is specified by the value of the KeepAlive property. A reasonable value is one third of that of the value of the HoldTimeConfigured property. If it is zero, then NO periodic KEEPALIVE messages are sent to the peer. The suggested value for this property is 30 seconds. The maximum value of this property is 21845 seconds.' SYNTAX integer SINGLE-VALUE ) Expires 4/30/00 [Page 27] INTERNET DRAFT LDAP Schema for the DMTF Network CIM Model October 1999 ( NAME 'minASOriginationInterval' DESC 'This defines the interval in seconds for the MinASOriginationInterval timer. The suggested value for this property is 15 seconds.' SYNTAX integer SINGLE-VALUE ) ( NAME 'minRouteAdvertisementInterval' DESC 'This defines the interval in seconds for the MinRouteAdvertisementInterval timer. The suggested value for this property is 30 seconds.' SYNTAX integer SINGLE-VALUE ) ( NAME 'dmtfBGPPeerGroup' DESC 'a set of BGP neighbors that share the same update policies.' SUP dmtfCollectionOfMSEs MUST (systemCreationClassName $ systemName $ creationClassName $ name $ connectRetryInterval $ holdTimeConfigured $ property $ keepAliveConfigured $ minASOriginationInterval $ minRouteAdvertisementInterval) ) The following structural rules are recommended: ( 41 NAME 'dmtfBGPPeerGroupStructureRule1' FORM dmtfBGPPeerGroupNameForm1 SUP 3 4 ) ( NAME 'dmtfBGPPeerGroupNameForm1' OC dmtfBGPPeerGroup MUST (name) ) 2.37 dmtfReflectorServiceAuxClass This auxiliary class acts as the base for defining BGP routing policies for the reflector of this Cluster. In it, antecedentRef points to a dmtfBGPCluster object and dependentRefs point to dmtfBGPService objects. ( NAME 'dmtfReflectorServiceAuxClass' DESC 'the base class for defining BGP routing policies for the reflector of this Cluster.' SUP top AUXILIARY MUST (antecedentRef $ dependentRefs) ) Expires 4/30/00 [Page 28] INTERNET DRAFT LDAP Schema for the DMTF Network CIM Model October 1999 2.38 dmtfReflectorClientServiceAuxClass This auxiliary class acts as the base for defining BGP routing policies for clients of the reflector of this Cluster. In it, antecedentRef points to a dmtfBGPCluster object and dependentRefs point to dmtfBGPService objects. ( NAME 'dmtfReflectorClientServiceAuxClass' DESC 'the base class for defining BGP routing policies for clients of the reflector of this Cluster.' SUP top AUXILIARY MUST (antecedentRef $ dependentRefs) ) 2.39 dmtfReflectorNonClientServiceAuxClass This auxiliary class acts as the base for defining BGP routing policies for non-clients of the reflector of this Cluster. In it, antecedentRef points to a dmtfBGPCluster object and dependentRefs point to dmtfBGPService objects. ( NAME 'dmtfReflectorNonClientServiceAuxClass' DESC 'the base class for defining BGP routing policies for the non-clients of the reflector of this Cluster.' SUP top AUXILIARY MUST (antecedentRef $ dependentRefs) ) 2.40 dmtfFilterEntry This class is used by network devices to identify traffic and either forward them (with possibly further processing) to their destination, or to deny their forwarding. They are the building block of FilterLists. Since a FilterEntry is weak to the network device (e.g., the ComputerSystem) that contains it, DIT structuratl rules are also specified. ( NAME 'matchConditionType' DESC 'This specifies one of a set of ways to identify traffic. if the value is 1 (e.g., 'Other'), then the specific type of filtering is specified in the OtherMatchConditionType property of this class.' SYNTAX integer SINGLE-VALUE ) ( NAME 'otherMatchConditionType' DESC 'If the value of the MatchConditionType property in this class is 1 (e.g., "Other"), then the specific type of Expires 4/30/00 [Page 29] INTERNET DRAFT LDAP Schema for the DMTF Network CIM Model October 1999 filtering is specified in this property.' SYNTAX string SINGLE-VALUE ) ( NAME 'matchConditionValue' DESC 'This is the value of the condition that filters the traffic. It corresponds to the condition specified in the MatchConditionType property. If, however, the value of the MatchConditionProperty is 1, then it corresponds to the condition specified in the OtherMatchConditionType property.' SYNTAX string SINGLE-VALUE ) ( NAME 'action' DESC 'This defines whether the action should be to forward or deny traffic meeting the match condition specified in this filter.' SYNTAX integer SINGLE-VALUE ) ( NAME 'dmtfFilterEntry' DESC 'identify traffic and either forward them (with possibly further processing) to their destination, or to deny their forwarding.' SUP dmtfLogicalElement MUST (systemCreationClassName $ systemName $ creationClassName $ name $ trafficType $ matchConditionType $ otherMatchConditionType $ matchConditionValue $ action) ) The following DIT structural rule is recommended: ( 42 NAME 'dmtfFilterEntryStructureRule1' FORM dmtfFilterEntryNameForm1 SUP 24 25 ) ( NAME 'dmtfFilterEntryNameForm1' OC dmtfFilterEntry MUST (name) ) 2.41 dmtfFilterList This class is used by network devices to identify routes by aggregating a set of FilterEntries into a unit, called a FilterList. FilterLists can also be used to accept or deny routing updates. Since Expires 4/30/00 [Page 30] INTERNET DRAFT LDAP Schema for the DMTF Network CIM Model October 1999 a FilterList is weak to the network device (e.g., the ComputerSystem) that contains it, DIT structural rules are also specified.' ( NAME 'dmtfFilterList' DESC 'A FilterList is used by network devices to identify routes by aggregating a set of FilterEntries into a unit, called a FilterList.' SUP dmtfLogicalElement MUST (systemCreationClassName $ systemName $ creationClassName $ name $ direction) ) The following structural rule is recommended: ( 43 NAME 'dmtfFilterListStructureRule1' FORM dmtfFilterListNameForm1 SUP 24 25 ) ( NAME 'dmtfFilterListNameForm1' OC dmtfFilterList MUST (name) ) 2.42 dmtfRoutingPolicy This class implements routing policies. It aggregates a set of FilterLists, along with other appropriate constructs, into a unit. A most important use of this class is to change the routing policy by changing values of various BGP attributes in a consistent manner. Since a RoutingPolicy is weak to the network device (e.g., the ComputerSystem) that contains it, DIT structural rules are also specified. ( NAME 'bGPAction' DESC 'This defines one or more BGP attributes that should beused to change this routing update.' SYNTAX integer SINGLE-VALUE ) ( NAME 'bGPValue' DESC 'The value for the corresponding BGPAction.' SYNTAX string SINGLE-VALUE ) ( NAME 'remarkAction' DESC 'This defines a remarking action for this traffic.' SYNTAX integer SINGLE-VALUE Expires 4/30/00 [Page 31] INTERNET DRAFT LDAP Schema for the DMTF Network CIM Model October 1999 ) ( NAME 'remarkValue' DESC 'The value for the corresponding RemarkAction.' SYNTAX string SINGLE-VALUE ) ( NAME 'conditioningAction' DESC 'This defines other actions to be taken for this traffic.' SYNTAX integer SINGLE-VALUE ) ( NAME 'otherConditioningAction' DESC 'If the value of the ConditioningAction property of this class is 1, this contains an application-specific type of conditioning that is to be performed. Otherwise, if the ConditioningAction property is any other value, the value of this property should be NULL.' SYNTAX string SINGLE-VALUE ) ( NAME 'conditioningValue' DESC 'The value for the corresponding ConditioningAction.' SYNTAX string SINGLE-VALUE ) ( NAME 'attributeAction' DESC 'This controls whether BGP attribute values replace, get prepended, or get appended to their existing values.' SYNTAX integer SINGLE-VALUE ) ( NAME 'dmtfRoutingPolicy' DESC 'used to implement routing policies.' SUP dmtfLogicalElement MUST (systemCreationClassName $ systemName $ creationClassName $ name $ description $ action $ bGPAction $ bGPValue $ remarkAction $ remarkValue $ conditioningAction $ otherConditioningAction $ conditioningValue $ attributeAction) ) The following structural rule is recommended: ( 44 NAME 'dmtfRoutingPolicyStructureRule1' FORM dmtfRoutingPolicyNameForm1 SUP 24 25 ) Expires 4/30/00 [Page 32] INTERNET DRAFT LDAP Schema for the DMTF Network CIM Model October 1999 ( NAME 'dmtfRoutingPolicyNameForm1' OC dmtfRoutingPolicy MUST (name) ) 2.43 dmtfEntriesInFilterListAuxClass This is a specialization of dmtfComponentAuxClass that defines a set of filter entries that are aggregated by a particular filter list. In it, groupComponentRef points to a dmtfFilterList object and partComponentRefs point to dmtfFilterEntry objects. ( NAME 'sequence' DESC 'the position of the FilterEntry relative to all other entries in the FilterList.' SYNTAX integer SINGLE-VALUE ) ( NAME 'dmtfEntriesInFilterListAuxClass' DESC 'a specialization of the dmtfComponentAuxClass that is used to define a set of FilterEntries that are aggregated by a particular FilterList.' SUP dmtfComponentAuxClass AUXILIARY MUST (sequence) ) 2.44 dmtfListsInRoutingPolicyAuxClass This is a specialization of the dmtfComponentAuxClass that defines a set of filter lists that are aggregated by a particular routing policy. In it, groupComponentRef point to a dmtfRoutingPolicy object and filterComponentRefs point to dmtfFilterList objects ( NAME 'dmtfListsInRoutingPolicyAuxClass' DESC 'This is a specialization of the dmtfComponentAuxClass aggregation that defines a set of filter lists that are aggregated by a particular routing policy.' SUP dmtfComponentAuxClass AUXILIARY ) 2.45 dmtfBGPRoutingPolicyAuxClass This is a specialization of the dmtfDependencyAuxClass, and defines the relationship between a BGP service and the routing policy that control it. In it, antecedentRefs points to dmtfRoutingPolicy objects and dependentRefs, to dmtfBGPService objects. ( NAME 'dmtfBGPRoutingPolicyAuxClass' Expires 4/30/00 [Page 33] INTERNET DRAFT LDAP Schema for the DMTF Network CIM Model October 1999 DESC 'a specialization of the dmtfDependencyAuxClass, and defines the relationship between a BGP service and the routing policy that control it.' SUP dmtfDependencyAuxClass AUXILIARY ) 2.46 dmtfBGPPeerGroupServiceAuxClass This auxiliary class defines the relationship between a BGPService and the BGP Peer Group that hosts it. ( NAME 'dmtfBGPPeerGroupServiceAuxClass' DESC 'defines the relationship between a BGPService and the BGP Peer Group that hosts it.' SUP top AUXILIARY MUST (antecedentRef $ dependentRefs) ) 2.47 dmtfAdministrativeDistance This class controls the choosing of which protocol to give preference over when two protocols learn the same route. This preference parameter is called the distance of the protocol. The lower the distance, the higher the preference for that protocol. This table affects ALL routes. Because this object weak to the AdminDomain that contains it, DIT structural rules are included. ( NAME 'directConnect' DESC 'The distance for directly connected peers. It has a default value of 0.' SYNTAX integer SINGLE-VALUE ) ( NAME 'static' DESC 'The distance for staticly connected peers. It has a default value of 1.' SYNTAX integer SINGLE-VALUE ) ( NAME 'eBGP' DESC 'The distance for peers using EBGP. It has a default value of 20.' SYNTAX integer SINGLE-VALUE ) ( NAME 'eIGRPInternal' DESC 'The distance for peers using internal EIGRP. It has a default value of 90.' Expires 4/30/00 [Page 34] INTERNET DRAFT LDAP Schema for the DMTF Network CIM Model October 1999 SYNTAX integer SINGLE-VALUE ) ( NAME 'iGRP' DESC 'The distance for peers using IGRP. It has a default value of 100.' SYNTAX integer SINGLE-VALUE ) ( NAME 'oSPF' DESC 'The distance for peers using OSPF. It has a default value of 110.' SYNTAX integer SINGLE-VALUE ) ( NAME 'iSIS' DESC 'The distance for peers using ISIS. It has a default value of 115.' SYNTAX integer SINGLE-VALUE ) ( NAME 'rIP' DESC 'The distance for peers using RIP. It has a default value of 120.' SYNTAX integer SINGLE-VALUE ) ( NAME 'eGP' DESC 'The distance for peers using EGP. It has a default value of 140.' SYNTAX integer SINGLE-VALUE ) ( NAME 'eIGRPExternal' DESC 'The distance for peers using external EIGRP. It has a default value of 170.' SYNTAX integer SINGLE-VALUE ) ( NAME 'iBGP' DESC 'The distance for peers using IBGP. It has a default value of 200.' SYNTAX integer SINGLE-VALUE ) ( NAME 'bGPLocal' DESC 'The distance for peers using BGP locally. It has a default value of 200.' Expires 4/30/00 [Page 35] INTERNET DRAFT LDAP Schema for the DMTF Network CIM Model October 1999 SYNTAX integer SINGLE-VALUE ) ( NAME 'unknown' DESC 'The distance for peers using an unknown protocol. It has a default value of 255.' SYNTAX integer SINGLE-VALUE ) ( NAME 'dmtfAdministrativeDistance' DESC 'used to control the choosing of which protocol to give preference over when two protocols learn the same route.' SUP dmtfLogicalElement MUST (systemCreationClassName $ systemName $ creationClassName $ name $ directConnect $ static $ eBGP $ eIGRPInternal $ iGRP $ oSPF $ iSIS $ rIP $ eGP $ eIGRPExternal $ iBGP $ bGPLocal $ unknown) ) The following structural rules are recommended: ( 45 NAME 'dmtfAdministrativeDistanceStructureRule1' FORM dmtfAdministrativeDistanceNameForm1 SUP 3 4 ) ( NAME 'dmtfAdministrativeDistanceNameForm1' OC dmtfAdministrativeDistance MUST (name) ) 2.48 dmtfBGPAdminDistanceAuxClass This is a specialization of dmtfDependencyAuxClass and defines the relationship between a BGPService and the Administrative Distances that it uses to control the (BGP) routing decisions that it makes. In it, antecedentRef points to a dmtfAdministrativeDistance object and dependentRefs to dmtfBGPService objects. ( NAME 'dmtfBGPAdminDistanceAuxClass' DESC 'defines the relationship between a BGPService and the Administrative Distances that it uses to control the (BGP) routing decisions that it makes.' SUP dmtfDependencyAuxClass AUXILIARY MUST (antecedentRef) ) Expires 4/30/00 [Page 36] INTERNET DRAFT LDAP Schema for the DMTF Network CIM Model October 1999 2.49 dmtfBGPRouteMap A route map controls and changes routing information as well as to define when a route is redistributed between routing domains. Route maps are placed in router configuration files, and several instances of the same route map may be used to implement different actions (see accompanying white paper). Route maps may use FilterLists to identify the route (again, see the accompanying white paper). This object is specific to a given AutonomousSystem that contains it. Hence, DIT structural rules are included. ( NAME 'setMetricType' DESC 'This defines an additional action to take if the MatchCondition is satisfied. This definition is specifically limited to BGP filtering for now (e.g., its use is limited to setting a BGP attribute to a specific value), and will be upgraded in a subsequent release. The value of the metric is specified in the SetMetricValue property.' SYNTAX integer SINGLE-VALUE ) ( NAME 'setMetricValue' DESC 'This is the value of the metric that is being set for the BGP attribute defined in the SetMetricType property.' SYNTAX string SINGLE-VALUE ) ( NAME 'dmtfBGPRouteMap' DESC 'used to control and change routing information as well as to define when a route is redistributed between routing domains.' SUP dmtfLogicalElement MUST (systemCreationClassName $ systemName $ creationClassName $ name $ direction $ action $ matchConditionType $ otherMatchConditionType $ setMetricType $ setMetricValue) ) The following structural rule is recommended: ( 46 NAME 'dmtfBGPRouteMapStructureRule1' FORM dmtfBGPRouteMapNameForm1 SUP 3 4 ) ( NAME 'dmtfBGPRouteMapNameForm1' OC dmtfBGPRouteMap MUST (name) Expires 4/30/00 [Page 37] INTERNET DRAFT LDAP Schema for the DMTF Network CIM Model October 1999 ) 2.50 dmtfBGPRouteMapsInRoutingPolicy This auxiliary class defines the RouteMaps that are used by a particular RoutingPolicy object. Multiple instances of the same RouteMap may be used in the same RoutingPolicy instance; if this is desired, then the Sequence attribute of this aggregation can be used to disambiguate them. In it, groupComponentRefs point to dmtfRoutingPolicy objects and partComponentRefs point to dmtfBGPRouteMap objects. ( NAME 'dmtfBGPRouteMapsInRoutingPolicyAuxClass' DESC 'defines the RouteMaps that are used by a particular RoutingPolicy object.' SUP dmtfComponentAuxClass AUXILIARY MUST (groupComponentRefs) ) 2.51 dmtfBGPPeerUsesRouteMapAuxClass This auxiliary class defines the RouteMaps that are used by a particular BGPPeerGroup object. Multiple instances of the same RouteMap may be used in the same BGPPeerGroup instance; if this is desired, then the Sequence attribute of this association can be used to disambiguate them. In it antecedentRefs point to dmtfBGPPeerGroup objects and dependentRefs to dmtfBGPRouteMap objects. ( NAME 'dmtfBGPPeerUsesRouteMapAuxClass' DESC 'defines the RouteMaps that are used by a particular BGPPeerGroup object.' SUP top AUXILIARY MUST (antecedentRefs $ dependentRefs $ sequence) ) 2.52 dmtfFilterListInBGPRouteMapAuxClass While route maps do not have to use filter lists, this auxiliary class defines that filter list that is used by a particular route map. In it, antecedentRef points to a dmtfFilterList object and dependentRef to a dmtfBGPRouteMap object. ( NAME 'dmtfFilterListsInBGPRouteMapAuxClass' DESC 'RouteMaps do not have to use FilterLists, but if they do, this association defines the FilterList that is used by a particular RouteMap.' SUP dmtfDependencyAuxClass AUXILIARY MUST (antecedentRef $ dependentRef) Expires 4/30/00 [Page 38] INTERNET DRAFT LDAP Schema for the DMTF Network CIM Model October 1999 ) 2.53 dmtfInBGPPeerGroupAuxClass This auxiliary class defines the specific routers (e.g., ComputerSystems) that participate in a PeerGroup. In it, collectionRef points to a dmtfBGPPeerGroup object and memberRefs to at least two dmtfComputerSystem objects. ( NAME 'dmtfInBGPPeerGroupAuxClass' DESC 'defines the specific routers (e.g., ComputerSystems) that participate in a PeerGroup.' SUP dmtfCollectedMSEsAuxClass AUXILIARY ) 2.54 dmtfCalculatesAmongAuxClass This is a specialization of dmtfServiceSAPDependencyAuxClass, indicating that the referenced ProtocolEndpoint is utilized by the RouteCalculationService to provide its functionality. In this class antecedentRefs point to dmtfProtocolEndpoint objects and dependentRefs point to dmtfRouteCalculationService objects. ( NAME 'dmtfCalculatesAmongAuxClass' DESC 'shows that the referenced ProtocolEndpoint is utilized by the RouteCalculationService to provide its functionality.' SUP dmtfServiceSAPDependencyAuxClass AUXILIARY MUST (antecedentRefs $ isStatic) ) 2.55 dmtfBGPAttributes This class defines all the BGP Attributes, for a given version of the BGP protocol, that can be used to affect routing decisions. BGPAttributes are specific to a given AutonomousSystem that contains it. Hence, DIT structural rules are recommended. ( NAME 'localPreference' DESC 'This defines the priority, or preference, of a route, in order to better compare it with other routes for the same destination. Higher values indicate a higher preference for a route.' SYNTAX integer SINGLE-VALUE ) ( NAME 'aSPath' DESC 'This attribute is a sequences of the AS numbers through Expires 4/30/00 [Page 39] INTERNET DRAFT LDAP Schema for the DMTF Network CIM Model October 1999 which routing information carried in this UPDATE message has passed. The components of this list can be AS_SETs or AS_SEQUENCEs.' SYNTAX string SINGLE-VALUE ) ( NAME 'aS_Set' DESC 'This is the set of all elements contained in all specific paths that are being summarized, so that those attributes will remain available to the routing decision process.' SYNTAX string SINGLE-VALUE ) ( NAME 'nextHopSelf' DESC 'This defines the next hop to be the IP address of the border IBGP neighbor.' SYNTAX string SINGLE-VALUE ) ( NAME 'mED' DESC 'This is used on external (e.g., inter-AS) links to indicate which is the preferred entry point into an AS, when that AS has multiple entry points. Lower MED values have preference.' SYNTAX integer SINGLE-VALUE ) ( NAME 'bGPCommunityValue' DESC 'This defines a group of destinations that share a similar property. Communities are not restricted to a single AS, and can span multiple ASs. This attribute simplifies routing policies by basing policies on a logical value, as opposed to an IP address or an AS number.' SYNTAX integer SINGLE-VALUE ) ( NAME 'atomicAggregate' DESC 'This attribute gets set if there are overlapping routes, and a less-specific route is selected instead of a more specific one (e.g., a system propagates an aggregate that causes loss of information.' SYNTAX boolean SINGLE-VALUE ) ( NAME 'aggregator' DESC 'This specifies the AS and IP address of the router that has generated an aggregate.' SYNTAX string SINGLE-VALUE Expires 4/30/00 [Page 40] INTERNET DRAFT LDAP Schema for the DMTF Network CIM Model October 1999 ) ( NAME 'origin' DESC 'This is generated by the AS that originates the routing information. There are three types of origins - IGP, EGP, and INCOMPLETE. These correspond to whether the information was learned internally in the AS, externally via an EGP, or by some other means.' SYNTAX integer SINGLE-VALUE ) ( NAME 'originatorID' DESC 'This is the router ID for the ORIGIN attribute.' SYNTAX string SINGLE-VALUE ) ( NAME 'dmtfBGPAttributes' DESC 'defines all the BGP Attributes, for a given version of the BGP protocol, that can be used to affect routing decisions.' SUP dmtfLogicalElement MUST (systemCreationClassName $ systemName $ version $ localPreference $ aSPath $ aS_Set $ nextHop $ nextHopSelf $ mED $ bGPCommunityValue $ atomicAggregate $ aggregator $ origin $ originatorID) ) The following structural rule is recommended: ( 47 NAME 'dmtfBGPAttributesStructureRule1' FORM dmtfBGPAttributesNameForm1 SUP 3 4 ) ( NAME 'dmtfBGPAttributesNameForm1' OC dmtfBGPAttributes MUST (name) ) 2.56 dmtfFilteredBGPAttributesAuxClass This is a specialization of dmtfComponentAuxClass, which defines the set of BGP Attributes that are used by a particular Routing Policy. In it, groupRefs points to dmtfRoutingPolicy objects and partRefs point to dmtfBGPAttributes objects. ( NAME 'dmtfFilteredBGPAttributesAuxClass' DESC 'defines the set of BGP Attributes that are used by a Expires 4/30/00 [Page 41] INTERNET DRAFT LDAP Schema for the DMTF Network CIM Model October 1999 particular Routing Policy.' SUP dmtfComponentAuxClass AUXILIARY ) 2.57 dmtfBGPPathAttributes This class defines the per-path information used to process specific BGP attribute information, as defined in the bgp4PathAttrTable of RFC 1657. ( NAME 'pathAttrASPathSegment' DESC 'represents a sequence of AS path segments. May be used as an RDN.' SYNTAX integer ) ( NAME 'pathAttrNextHop' DESC 'This is the address of the border router that should be used for the destination network. May be used as an RDN.' SYNTAX string SINGLE-VALUE ) ( NAME 'pathAttrOrigin' DESC 'This is an enumeration that defines the ultimate origin of the path information. The value "IGP" means that the origin is interior; the value "EGP" means that it was learned via an EGP; the value "INCOMPLETE" means that the origin is undetermined.' SYNTAX integer SINGLE-VALUE ) ( NAME 'pathAttrMultiExitDisc' DESC 'This metric discriminates between multiple adjacent autonomous systems. A value of -1 shows the absence of this attribute. The range of this attribute is defined to be -1 to 2147483647.' SYNTAX binary SINGLE-VALUE ) ( NAME 'pathAttrLocalPref' DESC 'This is the originating BGP4 speaker's degree of preference for an advertised route. A value of -1 shows the absence of this attribute. The range of this attribute is defined to be -1 to 2147483647.' SYNTAX binary SINGLE-VALUE ) ( NAME 'pathAttrAtomicAggregate' Expires 4/30/00 [Page 42] INTERNET DRAFT LDAP Schema for the DMTF Network CIM Model October 1999 DESC 'This is an enumeration that defines whether the local system has selected a less specific route without selecting a more specific route. There are two values, 1 and 2, indicating that a less specific route has not and has been selected, respectively. This is a 32-bit integer to correspond to the IETF MIB.' SYNTAX integer SINGLE-VALUE ) ( NAME 'pathAttrAggregatorAS' DESC 'This is the AS number of the last BGP4 speaker that performed route aggregation. A value of 0 shows the absence of this attribute. The range of this attribute is defined to be 0 to 65535.' SYNTAX integer SINGLE-VALUE ) ( NAME 'pathAttrAggregatorAddr' DESC 'This is the IP address of the last BGP4 speaker that performed route aggregation. A value of 0.0.0.0 shows the absence of this attribute.' SYNTAX string SINGLE-VALUE ) ( NAME 'pathAttrCalcLocalPref' DESC 'This is the degree of preference calculated by the receiving BGP4 speaker for an advertised route. A value of -1 shows the absence of this attribute. The range of this attribute is defined to be -1 to 2147483647.' SYNTAX binary SINGLE-VALUE ) ( NAME 'pathAttrBest' DESC 'This shows whether or not this route was chosen as the best BGP4 route. There are two possible values, 1 (FALSE) and 2 (TRUE).' SYNTAX integer SINGLE-VALUE ) ( NAME 'pathAttrUnknown' DESC 'This contains one or more path atributes not understood by this BGP4 speaker. The MIB variable is an OctetString, and contains a 1-octet length field and up to 254 additional octets of data. The length is placed in a separate attribute of this class, pathAttrUnknownNumber.' SYNTAX string ) Expires 4/30/00 [Page 43] INTERNET DRAFT LDAP Schema for the DMTF Network CIM Model October 1999 ( NAME 'pathAttrUnknownNumber' DESC 'The MIB variable is an OctetString, and contains a 1-octet length field and up to 255 additional octets of data. The length is placed in this attribute.' SYNTAX integer SINGLE-VALUE ) ( NAME 'dmtfBGPPathAttributes' DESC 'This class defines the per-path information used to process specific BGP attribute information, as defined in the bgp4PathAttrTable of RFC 1657.' SUP dmtfLogicalElement MUST (pathAttrNextHop $ pathAttrOrigin $ pathAttrMultiExitDisc $ pathAttrLocalPref $ pathAttrAtomicAggregate $ pathAttrAggregatorAS $ pathAttrAggregatorAddr $ pathAttrCalcLocalPref $ pathAttrBest $ pathAttrUnknown $ pathAttrUnknownNumber) ) 2.58 dmtfBGPAttribtuesForRouteAuxClass This defines the attributes that are transmitted between BGP peers on a per-route basis. In it, antecedentRef points to a dmtfBGPIPRoute object and dependentRef points to a dmtfBGPPathAttributes object. ( NAME 'pathAttrPeer' DESC 'This defines the IP address of the peer where the path information was learned.' SYNTAX string SINGLE-VALUE ) ( NAME 'pathAttrIPAddrPrefixLen' DESC 'This defines the length in bits of the IP address prefix in the Network Layer Reachability information field. The range of this attribute is defined to be 0 to 32.' SYNTAX integer SINGLE-VALUE ) ( NAME 'pathAttrIPAddrPrefix' DESC 'An IP address prefix in the Network Layer Reachability Information field. This object is an IP address containing the prefix with length specified by the PathAttrIpAddrPrefixLen attribute. May be used as an RDN.' SYNTAX string SINGLE-VALUE ) ( NAME 'dmtfBGPAttributesForRouteAuxClass' DESC 'This defines the attributes that are transmitted between Expires 4/30/00 [Page 44] INTERNET DRAFT LDAP Schema for the DMTF Network CIM Model October 1999 BGP peers on a per-route basis.' SUP dmtfDependencyAuxClass AUXILIARY MUST (antecedentRef $ dependentRef $ pathAttrPeer $ pathAttrIPAddrPrefixLen $ pathAttrIPAddrPrefix) ) 2.59 dmtfBGPServiceAttributesAuxClass This is a specialization of dmtfComponentAuxClass and defines the set of BGP Attributes that are transmitted in per-path UPDATE messages. In it groupComponentRef points to a dmtfBGPService object and partComponentRef points to a dmtfBGPPathAttributes object. ( NAME 'partComponentRef' DESC 'The part component' SYNTAX DN SINGLE-VALUE ) ( NAME 'dmtfBGPServiceAttributesAuxClass' DESC 'defines the set of BGP Attributes that are transmitted in per-path UPDATE messages.' SUP dmtfComponentAuxClass AUXILIARY MUST (partComponentRef) ) 2.60 dmtfSwitchService Generic switch (bridging) service class. Additional switching functions are incorporated as subordinate services related to this class via ServiceComponent associations. ( NAME 'bridgeAddress' DESC 'MAC address used by this switch service when it must be uniquely identified. When concatenated with a SpanningTreeService Priority, a unique bridge identifier results. The MAC address is formatted as twelve hexadecimal digits (e.g., "010203040506"), with each pair representing one of the six octets of the MAC address in "canonical" bit order according to RFC 2469.' SYNTAX string{12} SINGLE-VALUE ) ( NAME 'numPorts' DESC 'The number of switch ports controlled by this switching service.' SYNTAX integer SINGLE-VALUE ) Expires 4/30/00 [Page 45] INTERNET DRAFT LDAP Schema for the DMTF Network CIM Model October 1999 ( NAME 'dmtfSwitchService' DESC 'Generic switch (bridging) service class. Additional switching functions are incorporated as subordinate services related to this class via ServiceComponent associations.' SUP dmtfForwardingService MUST (bridgeAddress $ numPorts $ bridgeType) ) 2.61 dmtfSwitchPort A switch port from which frames are received and out they are transmitted. ( NAME 'portNumber' DESC 'Numeric identifier for a switch port.' SYNTAX integer SINGLE-VALUE ) ( NAME 'dmtfSwitchPort' DESC 'Switch Port from which frames are received and out they are transmitted.' SUP dmtfProtocolEndpoint MUST (portNumber) ) 2.62 dmtfSwitchesAmongAuxClass A SwitchService switches frames between SwitchPorts. This auxiliary class makes that relationship explicit. In it, antecedentRefs point to dmtfSwitchPort objects and dependentRef to a dmtfSwitchService object. ( NAME 'dmtfSwitchesAmongAuxClass' DESC 'makes the relationship between SwitchService that switches frames between SwitchPorts explicit' SUP dmtfForwardsAmongAuxClass AUXILIARY MUST (dependentRef) ) 2.63 dmtfSwitchableAuxClass A switch port has a LANEndpoint that is exposed via this auxiliary class. In it antecedentRef points to a dmtfSwitchPort object and dependentRef points to a dmtfLANEndpoint object. ( NAME 'dmtfSwitchableAuxClass' DESC 'A switch port has a LANEndpoint that is exposed via this Expires 4/30/00 [Page 46] INTERNET DRAFT LDAP Schema for the DMTF Network CIM Model October 1999 relationship.' SUP dmtfBindsToAuxClass AUXILIARY MUST (antecedentRef $ dependentRef) ) 2.64 dmtfTransparentBridgingService This service class represents the learning/transparent bridging aspect of switch service. ( NAME 'agingTime' DESC 'The timeout period in seconds for aging out dynamically learned forwarding information. 802.1D-1990 recommends a default of 300 seconds.' SYNTAX integer SINGLE-VALUE ) ( NAME 'fID' DESC 'Filtering Database Identifier. Used by VLAN-aware switch having more than one filtering database.' SYNTAX integer SINGLE-VALUE ) ( NAME 'dmtfTransparentBridgingService' DESC 'represents the learning/transparent bridging aspect of switch service.' SUP dmtfService MUST (agingTime $ fID) ) 2.65 dmtfSpanningTreeService This service class represents the capability of a switch to participate in the distributed construction of a spanning tree. ( NAME 'protocolSpec' DESC 'The version of the spanning tree protocol used by the switch.' SYNTAX integer SINGLE-VALUE ) ( NAME 'priority' DESC 'The format of the priority bits are the first two octets of the 8-octet long Bridge ID. The other (last) 6 octets of the Bridge ID are given by the value of the Bridge Address. A priority that can be assigned to the switch for use in constructing the spanning tree. The unique identifier for a switch is constructed by concatenating the Expires 4/30/00 [Page 47] INTERNET DRAFT LDAP Schema for the DMTF Network CIM Model October 1999 MAC address associated with the switch for spanning tree operations to the two-byte priority. Choice of the priority value influences election of the root bridge.' SYNTAX integer SINGLE-VALUE ) ( NAME 'designatedRoot' DESC 'The Bridge ID (Priority + MAC Address) of the root bridge.The format of the priority bits are the first two octets of the 8-octet long Bridge ID. The other (last) 6 octets of the Bridge ID are given by the value of the Bridge Address. Note that the MAC address is formatted as twelve hexadecimal digits (e.g., "010203040506")' SYNTAX string{16} SINGLE-VALUE ) ( NAME 'rootCost' DESC 'The cost of the path from the switch to the root.' SYNTAX integer SINGLE-VALUE ) ( NAME 'rootPort' DESC 'The port number of the port having the lowest cost path to the root bridge.' SYNTAX integer SINGLE-VALUE ) ( NAME 'maxAge' DESC 'The current value for the maximum age of Spanning Tree information before discard, as learned from the network.' SYNTAX integer SINGLE-VALUE ) ( NAME 'helloTime' DESC 'The current value of the interval between transmission of bridge PDUs by the switch on any port for which it is the spanning tree root or trying to become so, as learned from the network.' SYNTAX integer SINGLE-VALUE ) ( NAME 'forwardDelay' DESC 'The time spent by a port in the listening state before transitioning to the learning state and in the learning state before transitioning to the forwarding state, as learned from the network. This value is also used during the period of a topology change as the maximum age of Spanning Tree information before discard.' Expires 4/30/00 [Page 48] INTERNET DRAFT LDAP Schema for the DMTF Network CIM Model October 1999 SYNTAX integer SINGLE-VALUE ) ( NAME 'bridgeMaxAge' DESC 'The MaxAge parameter to be used by all switches in the network if this switch becomes the root.' SYNTAX integer SINGLE-VALUE ) ( NAME 'bridgeHelloTime' DESC 'The HelloTime parameter to be used by all switches in the network if this switch becomes the root.' SYNTAX integer SINGLE-VALUE ) ( NAME 'bridgeForwardDelay' DESC 'The ForwardDelay parameter to be used by all switches in the network if this switch becomes the root.' SYNTAX integer SINGLE-VALUE ) ( NAME 'spanningTreeBridgeAddress' DESC 'MAC address used by the spanning tree service when it must be uniquely identified. When concatenated with a SpanningTreeService Priority, a unique bridge identifier results. This property is defined for use of switches supporting multiple spanning tree services. Note that the MAC address is formatted as twelve hexadecimal digits (e.g., "010203040506")' SYNTAX string{12} SINGLE-VALUE ) ( NAME 'dmtfSpanningTreeService' DESC 'This service class represents the capability of a switch to participate in the distributed construction of a spanning tree.' SUP dmtfService MUST (protocolSpec $ priority $ designatedRoot $ rootCost $ rootPort $ maxAge $ helloTime $ holdTime $ forwardDelay $ bridgeMaxAge $ bridgeHelloTime $ bridgeForwardDelay $ spanningTreeBridgeAddress) ) 2.66 dmtfSwitchPortSpanningTreeAuxClass A switch participating in the spanning tree maintains spanning-tree specific information about each port whose forwarding is determined by the spanning tree. This auxiliary class represents that Expires 4/30/00 [Page 49] INTERNET DRAFT LDAP Schema for the DMTF Network CIM Model October 1999 information and in it antecedentRefs point to dmtfSwitchPort objects and dependentRefs point to dmtfSpanningTreeService objects. ( NAME 'enable' DESC 'The enabled/disabled status of the port.' SYNTAX integer SINGLE-VALUE ) ( NAME 'pathCost' DESC 'The contribution of this port to the path cost of paths towards the spanning tree root that includes this port.' SYNTAX integer SINGLE-VALUE ) ( NAME 'designatedCost' DESC 'The cost of the path to the root offered by the designated bridge for the segment.' SYNTAX integer SINGLE-VALUE ) ( NAME 'designatedBridge' DESC 'The bridge identifier of the designated bridge for the segment to which the port is attached.' SYNTAX string SINGLE-VALUE ) ( NAME 'designatedPort' DESC 'The port identifier of the port on the designated bridge serving the segment to which the port is attached.' SYNTAX integer SINGLE-VALUE ) ( NAME 'dmtfSwitchPortSpanningTreeAuxClass' DESC 'A switch participating in the spanning tree maintains spanning-tree specific information about each port whose forwarding is determined by the spanning tree. This association represents that information.' SUP dmtfServiceSAPDependencyAuxClass AUXILIARY MUST (dmtfSwitchPortRefs $ dmtfSpanningTreeServiceRefs $ iD $ priority $ state $ enable $ pathCost $ designatedRoot $ designatedCost $ designatedBridge $ designatedPort) ) 2.67 dmtfDynamicForwardingEntry This class represents an entry in the forwarding (filtering) database associated with the transparent bridging service. Expires 4/30/00 [Page 50] INTERNET DRAFT LDAP Schema for the DMTF Network CIM Model October 1999 ( NAME 'dynamicStatus' DESC 'The status of the entry.' SYNTAX integer SINGLE-VALUE ) ( NAME 'dmtfDynamicForwardingEntry' DESC 'represents an entry in the forwarding (filtering) database associated with the transparent bridging service.' SUP dmtfLogicalElement MUST (systemCreationClassName $ systemName $ serviceCreationClassName $ serviceName $ creationClassName $ mACAddress $ dynamicStatus) ) The following DIT structural rule is recommended: ( 48 NAME 'dmtfDynamicForwardEntryStrutureRule1' FORM dmtfDynamicForwardEntryNameForm1 SUP 50 ) ( NAME 'dmtfDynamicForwardEntryNameForm1' OC dmtfDynamicForwardEntry MUST (name) ) ( 49 NAME 'dmtfDynamicForwardEntryStrutureRule2' FORM dmtfDynamicForwardEntryNameForm2 SUP 50 ) ( NAME 'dmtfDynamicForwardEntryNameForm2' OC dmtfDynamicForwardEntry MUST (mACAddress) ) ( 50 NAME 'dmtfTransparentBridgingServiceStructureRule' FORM dmtfTransparentBridgingServiceNameForm ) ( NAME 'dmtfTransparentBridgingServiceNameForm' OC dmtfTransparentBridgingService MUST (name) ) Expires 4/30/00 [Page 51] INTERNET DRAFT LDAP Schema for the DMTF Network CIM Model October 1999 2.68 dmtfSwitchPortDynamicForwardingAuxClass This auxiliary class links a dynamic forwarding entry and the switch port to which the entry applies. In it, antecedentRef points to a dmtfSwitchPort object and dependentRefs point to dmtfDynamicForwardingEntry objects. ( NAME 'dmtfSwitchPortDynamicForwardingAuxClass' DESC 'links a dynamic forwarding entry and the switch port to which the entry applies.' SUP dmtfDependencyAuxClass AUXILIARY MUST (antecedentRef) ) 2.69 dmtfStaticForwardingEntry ( NAME 'staticStatus' DESC 'The status of the entry.' SYNTAX integer SINGLE-VALUE ) ( NAME 'allowedToGo' DESC 'The ports to which frames with the destination MAC address arriving on the port represented by the SwitchPortStaticForwarding association are allowed to be forwarded.' SYNTAX integer ) ( NAME 'dmtfStaticForwardingEntry' DESC 'A StaticForwardingEntry represents an entry in the static (destination-address filtering) database associated with the switch service.' SUP dmtfLogicalElement MUST (systemCreationClassName $ systemName $ serviceCreationClassName $ serviceName $ creationClassName $ mACAddress $ staticStatus $ allowedToGo) ) The following DIT structure rule is recommended: ( 51 NAME 'dmtfStaticForwardEntryStrutureRule1' FORM dmtfStaticForwardEntryNameForm1 SUP 50 ) Expires 4/30/00 [Page 52] INTERNET DRAFT LDAP Schema for the DMTF Network CIM Model October 1999 ( NAME 'dmtfStaticForwardEntryNameForm1' OC dmtfStaticForwardEntry MUST (name) ) ( 52 NAME 'dmtfStaticForwardEntryStrutureRule2' FORM dmtfStaticForwardEntryNameForm2 SUP 50 ) ( NAME 'dmtfStaticForwardEntryNameForm2' OC dmtfStaticForwardEntry MUST (mACAddress) ) 2.70 dmtfSwitchPortStaticForwardingAuxClass This auxiliary class links a static database entry and the switch port to which the entry applies. In it, antecedentRef points to a dmtfSwitchPort object and dependentRefs point to dmtfStaticForwardingEntry objects. ( NAME 'dmtfSwitchPortStaticForwardingAuxClass' DESC 'links a static forwarding entry and the switch port to which the entry applies.' SUP dmtfDependencyAuxClass AUXILIARY MUST (antecedentRef) ) 2.71 dmtfServiceComponentAuxClass This auxiliary class models a set of subordinate Services that are aggregated together to form a higher-level service. In it, groupComponentRef points to dmtfService object and partComponentRefs point to dmtfService objects. ( NAME 'dmtfServiceComponentAuxClass' DESC 'models a set of subordinate Services that are aggregated together to form a higher-level service.' SUP dmtfComponentAuxClass AUXILIARY ) 2.72 dmtfSwitchServiceTransparentBridgingAuxClass This auxiliary class links SwitchService to a component TransparentBridgingService. The cardinality of the TransparentBridgingService is 0.1 for a VLAN-unaware switch. In this class, groupComponentRef points to a dmtfSwitchService object and Expires 4/30/00 [Page 53] INTERNET DRAFT LDAP Schema for the DMTF Network CIM Model October 1999 partComponentRefs point to dmtfTransparentBridgingService objects. ( NAME 'dmtfSwitchServiceTransparentBridgingAuxClass' DESC 'links SwitchService to a component TransparentBridgingService.' SUP dmtfServiceComponentAuxClass AUXILIARY ) 2.73 dmtfSwitchServiceSpanningTreeAuxClass An auxiliary class that links SwitchService to a component SpanningTreeService. The cardinality of the SpanningTreeService is 0.1 for a VLAN-unaware switch. In it, groupComponentRef points to a dmtfSwitchService object and partComponentRefs point to dmtfSpanningTreeService objects. ( NAME 'dmtfSwitchServiceSpanningTreeAuxClass' DESC 'linking SwitchService to a component SpanningTreeService.' SUP dmtfServiceComponentAuxClass AUXILIARY ) 2.74 dmtfSourceRoutingService This service class represents the capability of a switch to participate in the source routing of frames received at its ports. ( NAME 'bridgeLfMode' DESC 'Indicates whether the bridge operates using older 3 bit length negotiation fields or the newer 6 bit length field in its RIF.' SYNTAX integer SINGLE-VALUE ) ( NAME 'dmtfSourceRoutingService' DESC 'represents the capability of a switch to participate in the source routing of frames received at its ports.' SUP dmtfService MUST (bridgeLfMode) ) 2.75 dmtfSwitchServiceSourceRoutingAuxClass This auxiliary class that links SwitchService to a component SourceRoutingService. The cardinality of the SourceRoutingService is 0.1 for a VLAN-unaware switch. In this class, groupComponentRef points to a dmtfSwitchService object and partComponentRefs point to dmtfSourceRoutingService objects. Expires 4/30/00 [Page 54] INTERNET DRAFT LDAP Schema for the DMTF Network CIM Model October 1999 ( NAME 'dmtfSwitchServiceSourceRoutingAuxClass' DESC 'links SwitchService to a component SourceRoutingService. The cardinality of the SourceRoutingService is 0.1 for a VLAN-unaware switch.' SUP dmtfServiceComponentAuxClass AUXILIARY ) 2.76 dmtfSwitchPortPairAuxClass This auxiliary class represents information regarding port pairings that is used by the SourceRoutingService of a switch. In this class, antecedentRefs and dependentRefs point to dmtfSwitchPort objects. ( NAME 'bridgeNum' DESC 'A bridge number that uniquely identifies the path provided by this source routing bridge between the segments connected to high and low ports. The purpose of bridge number is to disambiguate between multiple paths connecting the same two LANs.' SYNTAX integer SINGLE-VALUE ) ( NAME 'bridgeState' DESC 'The state of the instance' SYNTAX integer SINGLE-VALUE ) ( NAME 'dmtfSwitchPortPairAuxClass' DESC 'represents information regarding port pairings that is used by the SourceRoutingService of a switch.' SUP dmtfSAPSAPDependency AUXILIARY MUST (bridgeNum $ bridgeState) ) 2.77 dmtfSwitchPortSourceRoutingAuxClass A switch capable of source routing maintains source-routing specific information about each port. This auxiliary class represents that information. In it, antecedentRefs point to dmtfSwitchPort objects and dependentRef points to a dmtfSourceRoutingService object. ( NAME 'hopCount' DESC 'The maximum number of routing descriptors allowed in an All Paths or Spanning Tree Explorer frames.' SYNTAX integer SINGLE-VALUE ) ( NAME 'localSegment' Expires 4/30/00 [Page 55] INTERNET DRAFT LDAP Schema for the DMTF Network CIM Model October 1999 DESC 'The segment number that uniquely identifies the segment to which this port is connected. Current source routing protocols limit this value to the range: 0 through 4095. (The value 0 is used by some management applications for special test cases.) A value of 65535 signifies that no segment number is assigned to this port.' SYNTAX integer SINGLE-VALUE ) ( NAME 'targetSegment' DESC 'The segment number that corresponds to the target segment this port is considered to be connected to by the switch. Current source routing protocols limit this value to the range: 0 through 4095. (The value 0 is used by some management applications for special test cases.) A value of 65535 signifies that no target segment is assigned to this port.' SYNTAX integer SINGLE-VALUE ) ( NAME 'sTESpanMode' DESC 'Determines how the port behaves when pres`ented with a Spanning Tree Explorer frame. The value "disabled(2)" shows that the port will not accept or send Spanning Tree Explorer packets; any STE packets received will be silently discarded. The value "forced(3)" shows the port will always accept and propagate Spanning Tree Explorer frames. This allows a manually configured Spanning Tree for this class of packet to be configured. Note that unlike transparent bridging, this is not catastrophic to the network if there are loops. The value "auto-span(1)" can only be returned by a bridge that both implements the Spanning Tree Protocol and has use of the protocol enabled on this port. The behavior of the port for Spanning Tree Explorer frames is determined by the value of the State property of the SwitchPortSpanningTree association for the port. If the port is in the "forwarding" state, the frame will be accepted or propagated. Otherwise, it will be silently discarded.' SYNTAX integer SINGLE-VALUE ) ( NAME 'dmtfSwitchPortSourceRoutingAuxClass' DESC 'represents source-routing specific information about each port.' SUP dmtfServiceSAPDependencyAuxClass AUXILIARY MUST (dependentRef $ hopCount $ localSegment $ bridgeNum $ targetSegment $ packets $ sTESpanMode) Expires 4/30/00 [Page 56] INTERNET DRAFT LDAP Schema for the DMTF Network CIM Model October 1999 ) 2.78 dmtfVLAN This class_VLAN represents a VLAN within a switch. In a particular switch, there should be an instance of this object for every VLAN available in the switch. For example, in a switchwith port-based VLANs, if there are 16 VLANs to which ports canbe assigned (VLAN 1 through VLAN 16), there should be aninstance of CIM_VLAN for each of VLAN 1 through VLAN 16. This class inherits Name from ServiceAccessPoint. Use this for the textual name of the VLAN, if there is one. Otherwise, synthesize a textual name, e.g., VLAN 0003. (Consider leading zero fill, as shown, to ensure that if the textual VLAN names are extracted and presented by management applictions, the VLAN names will sort in the expected order. It is intended that dmtfVLAN be subclassed only if necessary to add attributes. The type of the VLAN can be inferred from the VLANService(s) with which the dmtfVLAN is associated via the dmtfVLANForAuxClass object. ( NAME 'vLANNumber' DESC 'The number of the VLAN.' SYNTAX integer SINGLE-VALUE ) ( NAME 'dmtfVLAN' DESC 'represents a VLAN within a switch.' SUP dmtfServiceAccessPoint MUST (vLANNumber) ) 2.79 dmtfRelatedTransparentBridgingServiceAuxClass This auxiliary class maps between a VLAN and the forwarding database (some use the term filtering database) used to determine the port a packet should be transmitted on, given that it is assigned to the VLAN and that it has a particular destination MAC address. The TransparentBridgingServicerepresents a forwarding database. In this class, antecedentRefs point to dmtfVLAN objects and dependentRef points to a dmtfTransparentBridgingService object. ( NAME 'dmtfRelatedTransparentBridgingServiceAuxClass' DESC 'relationship between a VLAN and the forwarding database' SUP dmtfServiceSAPDependencyAuxClass AUXILIARY MUST (dependentRef) Expires 4/30/00 [Page 57] INTERNET DRAFT LDAP Schema for the DMTF Network CIM Model October 1999 ) 2.80 dmtfRelatedSpanningTreeAuxClass This auxiliary class identifies the spanning tree in which a forwarding database (TransparentBridgingService) is nested. In it, antecedentRefs point to dmtfTransparentBridgingService objects and dependentRef points to a dmtfSpanningTreeService object. ( NAME 'dmtfRelatedSpanningTreeAuxClass' DESC 'identifies the spanning tree in which a forwarding database (TransparentBridgingService) is nested.' SUP dmtfServiceServiceDependencyAuxClass AUXILIARY MUST (dependentRef) ) 2.81 dmtfInboundVLANAuxClass If there is an association between a particular SwitchPort and a particular CIM_VLAN, then there is the possibility that a packet received by the port will be assigned to the VLAN (or if the packet already has a VLAN tag, that the packet will not be dropped). If there is no such association, then there is no possibility that a packet received by the port will progress through the switch having been assigned to the VLAN in question. In it, antecedentRefs point to dmtfVLAN objects and dependentRefs point to dmtfSwitchPort objects. ( NAME 'tagged' DESC 'If true, packets already tagged with this VLAN number will be accepted when arriving at this port. For example, if there is an InboundVLAN association between port 12 and VLAN 7 for which Tagged is true, then if a packet tagged with VLAN 7 arrives at port 12, the packet will be accepted into the switch for further processing. If there is no such association, then the packet will be dropped. If false, it means that any untagged packets arriving at this port MIGHT be classified into the associated VLAN.' SYNTAX boolean SINGLE-VALUE ) ( NAME 'default' DESC 'Default should be true if untagged packets received by the Antecedent SwitchPort are assigned to the Dependent VLAN by default.' SYNTAX boolean SINGLE-VALUE ) Expires 4/30/00 [Page 58] INTERNET DRAFT LDAP Schema for the DMTF Network CIM Model October 1999 ( NAME 'dmtfInboundVLANAuxClass' DESC 'relation between a VLAN and switch ports where inbound traffic arrives.' SUP dmtfSAPSAPDependencyAuxClass AUXILIARY MUST (tagged $ default) ) 2.82 dmtfOutboundVLANAuxClass If there is no instance of OutboundVLAN between a given SwitchPort and VLAN, then any packet that has been assigned to the VLAN and whose destination address is associated with the port will be dropped by the switch without being transmitted. Otherwise, the packet will be transmitted. In this class, antecedentRefs point to dmtfVLAN objects and dependentRefs point to dmtfSwitchPort objects. ( NAME 'dmtfOutboundVLANAuxClass' DESC 'relation between a VLAN and outbound switch ports' SUP dmtfSAPSAPDependencyAuxClass AUXILIARY MUST (tagged) ) 2.83 dmtfVLANService This class represents the VLAN aspects of the function performed by a switch. Some VLAN-aware devices participate in protocols where VLAN information is propagated among switches, e.g., GVRP in 802.1Q switches and VTP in Cisco Catalyst switches. VLANService also represents the function performed by the switch as a participant in such a protocol. VLANService must be subclassed so that instances can be distinguished by their class. If there is a name assigned to a set of VLAN-aware switches, e.g., the VTP domain name in Cisco Catalyst switches, use the Name attribute inherited from dmtfService to store the name. A VLANService should be instantiated in a VLAN- aware switch even if there is no GVRP-like protocol. ( NAME 'dmtfVLANService' DESC 'represents the VLAN aspects of the function performed by a switch.' SUP dmtfService ABSTRACT ) 2.84 dmtf802dot1QVLANService If a switch supports 802.1Q, an instance of this class should be instantiated in the switch. If the switch supports GVRP, this class represents the function that the switch performs with respect to GVRP. Expires 4/30/00 [Page 59] INTERNET DRAFT LDAP Schema for the DMTF Network CIM Model October 1999 ( NAME 'dmtf802dot1QVLANService' DESC 'If a switch supports 802.1Q, an instance of this class should be instantiated' SUP dmtfVLANService ) 2.85 dmtfSwitchServiceVLANAuxClass This auxiliary class links SwitchService to a component VLANService. In it, groupComponentRef points to a dmtfSwitchService object and partComponentRefs point to dmtfVLANService objects. ( NAME 'dmtfSwitchServiceVLANAuxClass' DESC 'links SwitchService to a component VLANService.' SUP dmtfServiceComponentAuxClass AUXILIARY ) 2.86 dmtfVLANForAuxClass An auxiliary class linking SwitchService to a component VLANService. In this class, antecedentRefs point to dmtfVLAN objects and dependentRefs point to dmtfVLANService objects. ( NAME 'dmtfVLANForAuxClass' DESC 'links SwitchService to a component VLANService.' SUP dmtfServiceSAPDependencyAuxClass AUXILIARY ) 2.87 dmtfAdapterActiveConnectionAuxClass This auxiliary class shows that a NetworkAdapter is using the referenced PhysicalConnector to output to the network. This relationship is important when the Adapter can choose to output from one of several Connectors. The Connectors may be associated with the NetworkAdapter in a Realizes relationship - but this is not required. This association provides additional information (i.e., 'in use for communication') that makes it different from the information provided by the Realizes association. In this class, antecedentRefs point to dmtfPhysicalConnector objects and dependentRefs point to dmtfNetworkAdapter objects. ( NAME 'active' DESC 'TRUE shows that this connection is active.' SYNTAX boolean SINGLE-VALUE ) ( NAME 'dmtfAdapterActiveConnectionAuxClass' Expires 4/30/00 [Page 60] INTERNET DRAFT LDAP Schema for the DMTF Network CIM Model October 1999 DESC 'shows that a NetworkAdapter is using the referenced PhysicalConnector to output to the network.' SUP dmtfDependencyAuxClass AUXILIARY MUST (active) ) 2.88 dmtfEndpointIdentityAuxClass This auxiliary class shows that two ProtocolEndpoints represent different aspects of the same underlying address or protocol-specific ID. This association refines dmtfLogicalIdentityAuxClass by restricting it to the Endpoint level and defining its use in well understood scenarios. One of these scenarios is to represent that an Endpoint has both 'LAN' and protocol-specific aspects. For example, an Endpoint could be both a LANEndpoint as well as a DHCPEndpoint. In this class, both systemElementRefs and sameElementRefs point to dmtfProtocolEndpoint objects. ( NAME 'dmtfEndpointIdentityAuxClass' DESC 'shows that two ProtocolEndpoints represent different aspects of the same underlying address or protocol-specific ID.' SUP dmtfLogicalIdentityAuxClass AUXILIARY MUST (systemElement $ sameElement) ) 3. DIT Content Rules The following DIT Content Rules apply to objects in this schema. These content rules reference not only auxiliary classes in this draft but auxiliary classes from other DMTF CIM models [5, 6, 7, 8, 9]. ( NAME 'dmtfNetworkServiceContentRule' DESC 'shows what auxiliary classes may go with the dmtfNetworkService class' AUX (dmtfLogicalNetworkServiceAuxClass $ dmtfProvidesEndpointAuxClass) ) ( NAME 'dmtfForwardingServiceContentRule' DESC 'shows what auxiliary classes may go with the dmtfForwardingService class' AUX (dmtfForwardsAmongAuxClass) ) ( NAME 'dmtfAutonomousSystemContentRule' DESC 'shows what auxiliary classes may go with the dmtfAutonomousSystem class' Expires 4/30/00 [Page 61] INTERNET DRAFT LDAP Schema for the DMTF Network CIM Model October 1999 AUX (dmtfBGPClustersInASAuxClass $ dmtfRoutersInASAuxClass $ dmtfASBGPEndpointsAuxClass $ dmtfConfederationAuxClass $ dmtfConfederationAuxClass) ) ( NAME 'dmtfLogicalNetworkContentRule' DESC 'shows what auxiliary classes may go with the dmtfLogicalNetwork class' AUX (dmtfLogicalNetworkServiceAuxClass $ dmtfInLogicalNetworkAuxClass) ) ( NAME 'dmtfProtocolEndpointContentRule' DESC 'shows what auxiliary classes may go with the dmtfProtocolEndpoint class' AUX (dmtfForwardsAmongAuxClass $ dmtfInLogicalNetworkAuxClass $ dmtfActiveConnectionAuxClass $ dmtfActiveConnectionAuxClass $ dmtfBindsToAuxClass $ dmtfProvidesEndpointAuxClass $ dmtfCalculatesAmongAuxClass $ dmtfEndpointIdentityAuxClass) ) ( NAME 'dmtfLANEndpointContentRule' DESC 'shows what auxiliary classes may go with the dmtfLANEndpoint class' AUX (dmtfInSegmentAuxClass $ dmtfBindsToLANEndpointAuxClass $ dmtfSwitchableAuxClass) ) ( NAME 'dmtfLANSegmentContentRule' DESC 'shows what auxiliary classes may go with the dmtfLANSegment class' AUX (dmtfInSegmentAuxClass) ) ( NAME 'dmtfBGPProtocolEndpointContentRule' DESC 'shows what auxiliary classes may go with the dmtfBGPProtocolEndpoint class' AUX (dmtfRoutesBGPAuxClass $ dmtfASBGPEndpointsAuxClass) ) ( NAME 'dmtfIPRouteContentRule' DESC 'shows what auxiliary classes may go with the dmtfIPRoute class' AUX (dmtfCalculatedRoutesAuxClass) ) ( NAME 'dmtfBGPIPRouteContentRule' Expires 4/30/00 [Page 62] INTERNET DRAFT LDAP Schema for the DMTF Network CIM Model October 1999 DESC 'shows what auxiliary classes may go with the dmtfBGPIPRoute class' AUX (dmtfRoutesBGPAuxClass $ dmtfBGPAttributesForRouteAuxClass) ) ( NAME 'dmtfBGPClusterContentRule' DESC 'shows what auxiliary classes may go with the dmtfBGPCluster class' AUX (dmtfRoutersInBGPClusterAuxClass $ dmtfBGPClustersInASAuxClass $ dmtfReflectorServiceAuxClass $ dmtfReflectorClientServiceAuxClass $ dmtfReflectorNonClientServiceAuxClass) ) ( NAME 'dmtfRouteCalculationServiceContentRule' DESC 'shows what auxiliary classes may go with the dmtfRouteCalculationService class' AUX (dmtfCalculatedRoutesAuxClass $ dmtfEGPRouteCalcDependencyAuxClass $ dmtfEGPRouteCalcDependencyAuxClass $ dmtfCalculatesAmongAuxClass) ) ( NAME 'dmtfBGPServiceContentRule' DESC 'shows what auxiliary classes may go with the dmtfBGPService class' AUX (dmtfReflectorServiceAuxClass $ dmtfReflectorClientServiceAuxClass $ dmtfReflectorNonClientServiceAuxClass $ dmtfBGPRoutingPolicyAuxClass $ dmtfBGPPeerGroupServiceAuxClass $ dmtfBGPAdminDistanceAuxClass $ dmtfBGPServiceAttributesAuxClass) ) ( NAME 'dmtfBGPPeerGroupContentRule' DESC 'shows what auxiliary classes may go with the dmtfBGPPeerGroup class' AUX (dmtfBGPPeerGroupServiceAuxClass $ dmtfBGPPeerUsesRouteMapAuxClass $ dmtfInBGPPeerGroupAuxClass) ) ( NAME 'dmtfFilterEntryContentRule' DESC 'shows what auxiliary classes may go with the dmtfFilterEntry class' AUX (dmtfEntriesInFilterListAuxClass) ) Expires 4/30/00 [Page 63] INTERNET DRAFT LDAP Schema for the DMTF Network CIM Model October 1999 ( NAME 'dmtfFilterListContentRule' DESC 'shows what auxiliary classes may go with the dmtfFilterList class' AUX (dmtfEntriesInFilterListAuxClass $ dmtfListsInRoutingPolicyAuxClass $ dmtfFilterListsInBGPRouteMapAuxClass) ) ( NAME 'dmtfRoutingPolicyContentRule' DESC 'shows what auxiliary classes may go with the dmtfRoutingPolicy class' AUX (dmtfListsInRoutingPolicyAuxClass $ dmtfBGPRoutingPolicyAuxClass $ dmtfBGPRouteMapsInRoutingPolicyAuxClass $ dmtfFilteredBGPAttributesAuxClass) ) ( NAME 'dmtfAdministrativeDistanceContentRule' DESC 'shows what auxiliary classes may go with the dmtfAdministrativeDistance class' AUX (dmtfBGPAdminDistanceAuxClass) ) ( NAME 'dmtfBGPRouteMapContentRule' DESC 'shows what auxiliary classes may go with the dmtfBGPRouteMap class' AUX (dmtfBGPRouteMapsInRoutingPolicyAuxClass $ dmtfBGPPeerUsesRouteMapAuxClass $ dmtfFilterListsInBGPRouteMapAuxClass) ) ( NAME 'dmtfBGPAttributesContentRule' DESC 'shows what auxiliary classes may go with the dmtfBGPAttributes class' AUX (dmtfFilteredBGPAttributesAuxClass) ) ( NAME 'dmtfBGPPathAttributesContentRule' DESC 'shows what auxiliary classes may go with the dmtfBGPPathAttributes class' AUX (dmtfBGPAttributesForRouteAuxClass $ dmtfBGPServiceAttributesAuxClass) ) ( NAME 'dmtfSwitchServiceContentRule' DESC 'shows what auxiliary classes may go with the dmtfSwitchService class' AUX (dmtfSwitchesAmongAuxClass $ Expires 4/30/00 [Page 64] INTERNET DRAFT LDAP Schema for the DMTF Network CIM Model October 1999 dmtfSwitchServiceTransparentBridgingAuxClass $ dmtfSwitchServiceSpanningTreeAuxClass $ dmtfSwitchServiceSourceRoutingAuxClass $ dmtfSwitchServiceVLANAuxClass) ) ( NAME 'dmtfSwitchPortContentRule' DESC 'shows what auxiliary classes may go with the dmtfSwitchPort class' AUX (dmtfSwitchesAmongAuxClass $ dmtfSwitchableAuxClass $ dmtfSwitchPortSpanningTreeAuxClass $ dmtfSwitchPortDynamicForwardingAuxClass $ dmtfSwitchPortStaticForwardingAuxClass $ dmtfSwitchPortPairAuxClass $ dmtfSwitchPortPairAuxClass $ dmtfSwitchPortSourceRoutingAuxClass $ dmtfInboundVLANAuxClass $ dmtfOutboundVLANAuxClass) ) ( NAME 'dmtfTransparentBridgingServiceContentRule' DESC 'shows what auxiliary classes may go with the dmtfTransparentBridgingService class' AUX (dmtfSwitchServiceTransparentBridgingAuxClass $ dmtfRelatedTransparentBridgingServiceAuxClass $ dmtfRelatedSpanningTreeAuxClass) ) ( NAME 'dmtfSpanningTreeServiceContentRule' DESC 'shows what auxiliary classes may go with the dmtfSpanningTreeService class' AUX (dmtfSwitchPortSpanningTreeAuxClass $ dmtfSwitchServiceSpanningTreeAuxClass $ dmtfRelatedSpanningTreeAuxClass) ) ( NAME 'dmtfDynamicForwardingEntryContentRule' DESC 'shows what auxiliary classes may go with the dmtfDynamicForwardingEntry class' AUX (dmtfSwitchPortDynamicForwardingAuxClass) ) ( NAME 'dmtfStaticForwardingEntryContentRule' DESC 'shows what auxiliary classes may go with the dmtfStaticForwardingEntry class' AUX (dmtfSwitchPortStaticForwardingAuxClass) ) ( NAME 'dmtfSourceRoutingServiceContentRule' DESC 'shows what auxiliary classes may go with the Expires 4/30/00 [Page 65] INTERNET DRAFT LDAP Schema for the DMTF Network CIM Model October 1999 dmtfSourceRoutingService class' AUX (dmtfSwitchServiceSourceRoutingAuxClass $ dmtfSwitchPortSourceRoutingAuxClass) ) ( NAME 'dmtfVLANContentRule' DESC 'shows what auxiliary classes may go with the dmtfVLAN class' AUX (dmtfRelatedTransparentBridgingServiceAuxClass $ dmtfVLANForAuxClass $ dmtfInboundVLANAuxClass $ dmtfOutboundVLANAuxClass) ) ( NAME 'dmtfVLANServiceContentRule' DESC 'shows what auxiliary classes may go with the dmtfVLANService class' AUX (dmtfSwitchServiceVLANAuxClass $ dmtfVLANForAuxClass) ) 4. References Request For Comments (RFC) and Internet Draft documents are available from numerous mirror sites. [1] M. Wahl, T. Howes, S. Kille, "Lightweight Directory Access Protocol (v3)," RFC 2251, Decemeber 1997. [2] M. Wahl, A. Coulbeck, T. Howes, S. Kille, "Lightweight Directory Access Protocol (v3): Attribute Synatx Defini- tions," RFC 2252, December 1997. [3] Ryan Moats, Gerald Maziarski, John Strassner, "Extensible Match Rule to Dereference Pointers", Internet Draft (work in progress), June 1999. [4] DMTF, "CIM Network Model, v2.2". [5] Ryan Moats, Gerald Maziarski, John Strassner, "LDAP Schema for the DMTF Core CIM Model", September 1999. [6] Ryan Moats, Gerald Maziarski, John Strassner, "LDAP Schema for the DMTF Device CIM Model", September 1999. [7] Ryan Moats, Gerald Maziarski, John Strassner, "LDAP Schema for the DMTF Application CIM Model", October 1999. [8] Ryan Moats, Gerald Maziarski, John Strassner, "LDAP Schema for the DMTF System CIM Model", October 1999. Expires 4/30/00 [Page 66] INTERNET DRAFT LDAP Schema for the DMTF Network CIM Model October 1999 [9] Ryan Moats, Gerald Maziarski, John Strassner, "LDAP Schema for the DMTF Physical CIM Model", October 1999. 5. Author's Addresses Ryan Moats Jerry Maziarski John Strassner 15621 Drexel Circle Room C3-3Z01 Cisco Systems, Bldg 1 Omaha, NE 68135 200 S. Laurel Ave. 170 West Tasman Drive USA Middletown, NJ 07748 San Jose, CA 95134 E-mail: jayhawk@att.com USA E-mail: johns@cisco.com E-mail: gfm@qsun.att.com Expires 4/30/00 [Page 67]