OSI-Directory Services Working Group Chris Weider
Internet Draft Mark Knopper
(Merit Network)
Ruth Lang
(SRI)
April 1991
Interim Directory Tree Structure for Network Infrastructure
Information
Status of this Memo
As work progresses on incorporating WHOIS and Network Infrastructure infor-
mation into X.500, we thought it would be useful to document the current
DIT structure for this information, along with some thoughts on future
expansion and organization of this subtree of the DIT. The first section
of this document describes the current structure, the second section the
possible expansion of the structure.
This draft document will be submitted to the RFC editor as an informational
document. Distribution of this memo is unlimited. Please send comments to
the authors or to the discussion group osi-ds@cs.ucl.ac.uk.
�
INTERNET--DRAFT Interim DIT for Net Infrastructure Info April 1991
SECTION 1: CURRENT DIT ORGANIZATION
1.1 Current DIT organization
All Internet-specific information contained in the Directory resides under
the subtree @o=Internet. This subtree resides directly under the root of
the DIT, as the Internet is not confined to one country nor to one corporate
entity. This subtree presently contains three branches: "ou=Site Contacts",
"cn=FYI Documents", and "cn=RFC Documents".
1.2 ou=Site Contacts
The ou=Site Contacts branch contains Network Infrastructure information
specific to the IP portion of the Internet. This information includes
contact information for each IP network and Autonomous System registered with
the NIC. The schema for this information are described in [Weid91].
An RDN for a siteContact for a given network would be "@o=Internet@ou=Site
Contacts@ipNetworkNumber=35", while an RDN for an asSiteContact would be
"@o=Internet@ou=Site Contacts@asNumber=267".
The Site Contacts portion is updated regularly and is used by the NSFNet NOC.
Currently it holds the set of approximately 20,000 network numbers which
have been assigned by the NIC, although the number of EDB entries is on the
order of 2,500 because the networks with unconnected status have been
allocated in large contiguous blocks, and each block is stored in a single EDB
entry with a multi-valued RDN for searching purposes. It also holds the >1000
assigned Autonomous System numbers. The structure of the Site Contacts is
essentially flat, i.e., each network and AS number resides directly under the
ou=Site Contacts entry, with no heirarchy. This flat organization does not
scale well for a large number of networks. We will address this problem in
section 2.
1.3 cn=FYI Documents
The cn=FYI Documents branch contains a single entry which tells users
how to obtain FYI documents. The FYI documents are available for anonymous
FTP from nic.ddn.mil.
1.4 cn=RFC Documents
The cn=RFC Documents branch contains a single entry which tells users how to
obtain RFC documents. These documents are available for anonymous FTP from
nic.ddn.mil.
�
INTERNET--DRAFT Interim DIT for Net Infrastructure Info April 1991
SECTION 2: DEFICIENCIES AND SOLUTIONS IN THE CURRENT DIT STRUCTURE
2.1 Deficiencies with the current DIT structure
As noted above, the ou=Site Contacts branch of the DIT contains approximately
2,500 entries with no further heirarchy. This flat organization will not
scale well when we have 25,000 or 250,000 networks and ASes for which we will
need to keep site contact information. Searching and replication for such a
large level will be quite unmanageable. Another problem is that variable
access control is not used which means that the contact people may not
update their own information. The information remains under control of a
central organization (still the NIC since MERIT downloads their file into
the X.500 directory regularly). Yet another problem is that the personal
information on the contacts is stored separately in Site Contacts even in the
case where the person's organization has an entry for her in their White
Pages project DSA. Finally, as more Network Infrastructure and WHOIS infor-
mation is incorporated into the DSA, much more revision will have to be
done to get a good mix of elegance and functionality.
2.2 Solutions to the deficiencies
Several useful suggestions have been proposed by IEFT OSI-DS members.
Ignoring the number of networks problem for a moment, it would seem useful to
allow pointers to additional information in other parts of the global DIT
whenever available. If an organization is a functioning participant in a
White Pages Project, it would make sense to allow that organization to
register and maintain their own entry in their DIT for contact and technical
data on that network. It will probably make sense to allocate blocks of
network numbers to regional authorities such as the US mid-level networks or
European networking agnecies. These activities can be done soon to allow the
distributed aspects of X.500 to be enjoyed right away. All that is necessary
is for the reliability of the various DSAs to be improved.
Another suggestion for the network number organization was given in the
"Domains and X.500" Internet Draft [Kil89]. He compares the problem of
representing network number information to the in-addr domain in the DNS.
In that paper it is proposed to represent mailbox and domain-related-object
information in X.500, and network information could be added in to this
activity. This work has begun on an experimental basis, allowing browsing
through the DNS information for example. It will require experimentation and
a much more complete population of the directory entries before this can be
used successfully for a site contact information. The UCL staff are looking
into this.
�
INTERNET--DRAFT Interim DIT for Net Infrastructure Info April 1991
SECTION 3: POSSIBILITIES FOR FUTURE DIT STRUCTURE
3.1 Information included by May 1992
There is much more Network Infrastructure Information to be included in X.500
before May 1992. This information includes a much fuller population of the
WHOIS information, and Internet topology information. The work on both of
these types of information is in progress, but a brief sketch of the structure
will be useful here.
3.1.1 WHOIS information
The WHOIS information will consist of 7 new "entities", realized as X.500
schema. They are:
Individual
Computer
Network
Domain
Autonomous System
Organization
Group
A fuller exposition of these entities is in [Ruth, Your Paper Here!]
Much of the Network Infrastructure information currently in o=Internet
will be contained in this set.
3.1.2 Internet topology information
There are four new types of network topology information to be included. These
will include:
Node/NSS (publicly available information about NSSs)
AD - regional networks
networks
Hosts
A fuller exposition of these entities is in Knopper and Weider [Weid91/2] (in
progress). There will also be two additional new schema for routing and
net-path policy information.
3.2 New DIT structures for this information
The DIT under o=Internet will need to be revised to include this information.
One scheme would be to remove the o=Internet@ou=Site Contacts branch of the
DIT and replace it with "o=Internet@ou=WHOIS" for the WHOIS information,
"o=Internet@ou=topology" for the new topology information, and "o=Internet@ou=
NSFNet routing" for the NSFNet routing information. It is expected
that the organization of "o=Internet@ou=topology" will be rather simple and
will not be overpopulated. The "o=Internet@ou=NSFNet routing" will be
as populated as the current Site Contacts branch, but the schema for each
network and AS will be quite different. This will also require the same
solutions used for the current Site Contacts directory. The "o=Internet@ou=
WHOIS" will be very heavily populated, and will require many clever tricks to
avoid excessive depth and excessive fanout.
�
INTERNET--DRAFT Interim DIT for Net Infrastructure Info April 1991
As X.500 usage increases and more and more organizations start running their
own DSAs, the structures for the WHOIS portion of this tree will probably
fade away. One hopes that eventually all Internet-related information will
be kept on line in a distributed fashion, to circumvent the problems
attendant to centralized administration and to improve access and reliability.
SECTION 4: WHO WE ARE
4.1 Author's addresses
Chris Weider, clw@merit.edu
Mark Knopper, mak@merit.edu
Merit Network, Inc.
1075 Beal Avenue
Ann Arbor, MI 48109
(313) 936-2090 (Chris)
(313) 763-6061 (Mark)
Ruth, put your information here......
SECTION 5: REFERENCES
[Kil89] S.E. Kille. X.500 and domains. Research Note RN/89/47,
Department of Computer Science, University College Lon-
don, May 1989. Also Internet Draft: DRAFT-UCL-KILLE-
X500DOMAINS-00.PS
Ruth put your reference here.....
[Weid91] Mark Knopper and Chris Weider. Interim Schema for Network Infra-
structure Information in X.500, Internet Draft.
[Weid2:91] Mark Knopper and Chris Weider. Schema for Network Topology
Infrastructure Information in X.500, in progress.