Internet Engineering Task Force Y. Gu, Microsoft
Internet Draft R. Vyaghrapuri, Microsoft
August 1998
Expires: February 1999 draft-gu-dhcp-ldap-schema-00.txt
An LDAP Schema for Dynamic Host Configuration Protocol Service
Status of this Memo
This document is an Internet Draft. Internet Drafts are working
documents of the Internet Engineering Task Force (IETF), its Areas,
and its Working Groups. Note that other groups may also distribute
working documents as Internet Drafts.
Internet Drafts are draft documents valid for a maximum of six
months. Internet Drafts may be updated, replaced, or obsoleted by
other documents at any time. It is not appropriate to use Internet
Drafts as reference material or to cite them other than as a
"working draft" or "work in progress".
To learn the current status of any Internet-Draft, please check the
1id-abstracts.txt listing contained in the Internet-Drafts Shadow
Directories on ftp.ietf.org, nic.nordu.net, ftp.isi.edu, or
munnari.oz.au.
This document will expire on January 15, 1999. Distribution of this
draft is unlimited.
Abstract
This document defines a schema for representing DHCP service in an
LDAP-based directory. The integration of DHCP with a directory makes
it possible for an organization to centrally administer its DHCP
service, regardless of the number of DHCP servers it deploys. This
management approach further reduces the total cost of ownership and
improves scalability of DHCP service.
1. Introduction
The Dynamic Host Configuration Protocol (DHCP) [1] defines a
standard client-server mechanism for configuring hosts on a TCP/IP
network dynamically. A host running TCP/IP needs to be assigned an
IP address and other parameters such as gateway and DNS server
addresses [2] before it can function properly on the network. Such
assignment can be done either manually or automatically using DHCP.
DHCP eliminates the need to configure hosts one by one. A DHCP
server becomes the central administration point of IP configurations
for all clients it services. DHCP eases the task of managing IP
Gu and Vyaghrapuri [Page 1]
Internet Draft An LDAP Schema for DHCP August 1998
addresses and other parameters. DHCP also makes it possible to
transparently apply changes to host IP configurations.
Increasingly, TCP/IP is becoming the network protocol of choice for
organizations as they stride towards building single protocol data
networks. In a TCP/IP network, IP addresses and other IP parameters
need to be managed globally across an organization's network and
assigned individually to all hosts. Many organizations are using
DHCP to automate their IP management. Typically these organizations
deploy more than one DHCP server for load balancing and fault
tolerance. Without a central store for DHCP configuration, DHCP
servers have to hold their own configuration separately. Each server
contains a subset of a TCP/IP network's IP addresses and related IP
parameters. Maintaining configurations of multiple servers or making
changes to them is often a multi-step process. Centralizing DHCP
configurations can improve the management of multiple DHCP servers.
An LDAP-based directory is a central database with standard query
and retrieval methods. It is accessible throughout an organization's
network. DHCP can use an LDAP-based directory to centralize its
configurations. By integrating with an LDAP-based directory, DHCP as
an organization-wide network service can be managed from a single
point of administration. All DHCP servers can use the same directory
structures for their configurations. Furthermore, administrative
boundaries of DHCP service can be aligned closely with existing
organizational structure in the directory.
Network services in an LDAP-based directory are represented by LDAP
schemata. The proposed LDAP schema for DHCP is intended for creating
a common representation of DHCP service in an LDAP-based directory.
A standard DHCP schema offers many advantages including, but not
limited to, interoperable DHCP solutions from multiple vendors. The
DHCP schema consists of a number of object classes, each of which
can be thought of as a logical partition of DHCP service. These
object classes are described in the rest of this document, as
follows. Section 2 gives an overview of the DHCP object classes and
their relationships. Section 3 provides detailed definitions of the
object classes. Section 4 discusses remaining work that needs to be
done to complete administrative aspects of the schema.
1.1. Requirements
Throughout this document, the words that are used to define the
significance of particular requirements are capitalized. These
words are:
o "MUST"
This word or the adjective "REQUIRED" means that the
item is an absolute requirement of this specification.
Gu and Vyaghrapuri [Page 2]
Internet Draft An LDAP Schema for DHCP August 1998
o "MUST NOT"
This phrase means that the item is an absolute prohibition
of this specification.
o "SHOULD"
This word or the adjective "RECOMMENDED" means that there
may exist valid reasons in particular circumstances to
ignore this item, but the full implications should be
understood and the case carefully weighed before choosing a
different course.
o "SHOULD NOT"
This phrase means that there may exist valid reasons in
particular circumstances when the listed behavior is
acceptable or even useful, but the full implications should
be understood and the case carefully weighed before
implementing any behavior described with this label.
o "MAY"
This word or the adjective "OPTIONAL" means that this item
is truly optional. One vendor may choose to include the
item because a particular marketplace requires it or because
it enhances the product, for example; another vendor may
omit the same item.
2. Schema Overview
This section gives an overview of DHCP object classes and their
relationships to each other and to other related objects in an LDAP-
based directory. DHCP object classes in this document are designed
to conform to the Directory-Enabled Networks (DEN) specification
[3]. They are defined in the context of DEN information model and
base schema.
Gu and Vyaghrapuri [Page 3]
Internet Draft An LDAP Schema for DHCP August 1998
2.1. Object Relationships
The following diagram shows where the DHCPService object is stored
in the directory hierarchy and how it relates to other DHCP objects.
Container/Organization/OrganizationalUnit
|
+---DHCPService
|
+---DHCPSubnet
|
+---DHCPRange
|
+---DHCPReservation
The following diagram shows where the DHCPServer object is stored in
the directory hierarchy and how it relates to other DHCP objects.
Organization
|
+---OrganizationalUnit
|
+---GroupOfDevices
|
+---DHCPServer
|
+---DHCPSubnet
|
+---DHCPRange
|
+---DHCPReservation
|
+---DHCPLease (Optional)
2.2. Object Class Hierarchy
The diagram below shows how the DHCP object classes are derived
based on the DEN base schemata. DHCPService is the only class that
is derived from a specific DEN class -- the Service class.
DHCPServer is a superclass of DHCPService. All other DHCP classes
are derived from the Top class directly.
Gu and Vyaghrapuri [Page 4]
Internet Draft An LDAP Schema for DHCP August 1998
Top
|
+---ManagedSystemElement (DEN)
| |
| +---LogicalElement
| |
| +---Service
| |
| +---DHCPService
| |
| +---DHCPServer
|
+---DHCPSubnet
|
+---DHCPRange
|
+---DHCPReservation
|
+---DHCPLease
3. Schema Details
This section provides schema definitions for DHCP object classes.
3.1. Service Object Class
The Service object class is a CIM class extended by DEN. This
abstract class serves as the base object class for DHCP service.
NAME 'Service'
DESCRIPTION 'The Service class is a LogicalElement that
contains the information necessary to represent
and manage the functionality provided by a
Device and/or SoftwareFeature. A Service is a
general-purpose object to configure and manage
the implementation of functionality. It is not
the functionality itself. This is a CIM class
extended by DEN.'
TYPE Abstract
DERIVED FROM LogicalElement
POSSIBLE SUPERIORS ( Container $ Organization $ OrganizationalUnit $
Group $ GroupOfDevices )
MUST CONTAIN ( ServiceCreationClassName $ ServiceName $
ServiceURL $ Started $ StartMode )
MAY CONTAIN
The attributes of the Service class are defined as follows.
Gu and Vyaghrapuri [Page 5]
Internet Draft An LDAP Schema for DHCP August 1998
NAME 'ServiceCreationClassName'
DESCRIPTION 'Provides scoping and keying for the Service class
hierarchy'
SYNTAX 'DirectoryString' SINGLE-VALUE
NAME 'ServiceName'
DESCRIPTION 'A user-friendly name of this service class'
SYNTAX 'DirectoryString' SINGLE-VALUE
NAME 'ServiceURL'
DESCRIPTION 'A URL that provides the protocol, network location, and
other service-specific information required in order to
access the service'
SYNTAX 'DN' SINGLE-VALUE
NAME 'Started'
DESCRIPTION 'TRUE indicates that the Service has been started'
SYNTAX 'Boolean' SINGLE-VALUE
NAME 'StartMode'
DESCRIPTION 'This is a string value indicating whether the Service
is automatically started by a System, Operating
Systems, etc. or only started upon request'
SYNTAX 'DirectoryString' SINGLE-VALUE
3.2. DHCPService Object Class
This object class is one of the two container classes for DHCP (the
other being the DHCPServer class). The DHCPService object represents
DHCP service configuration for an entire enterprise or a specific
branch of an organization. As such, DHCPService is a child of either
the Container object or an Organization/OrganizationalUnit object.
The Container object is an enterprise-wide entity. It contains
information that is global to the enterprise. A DHCPService object
parented under the Container object holds configurations that are
common to all DHCP servers in the enterprise. On the other hand,
Organization and OrganizationalUnit objects define logical divisions
of an enterprise. A DHCPService object parented under an
Organization/OrganizationalUnit object has more limited scope. It
holds configurations for only those DHCP servers that belong to the
branch it represents. In either case, each parent has at most one
DHCPService object.
The DHCPService object is derived from the abstract Service class.
It inherits all attributes of the Service class. In addition, it may
contain the DN's of the subnets that it manages. The IP addresses
and masks associated with these subnets are included for
convenience. The DHCPService object also contains any class or
option that is defined for it.
Gu and Vyaghrapuri [Page 6]
Internet Draft An LDAP Schema for DHCP August 1998
NAME 'DHCPService'
DESCRIPTION 'This class represents the dynamic host
configuration protocol service.'
TYPE Structural
DERIVED FROM Service
POSSIBLE SUPERIORS ( Container $ Organization $ OrganizationalUnit )
MUST CONTAIN
MAY CONTAIN ( DHCPSubnetList $ DHCPClassList $
DHCPOptionDefinitions $ DHCPOptionList )
The attributes of the DHCPService class are defined as follows.
NAME 'DHCPSubnetList'
DESCRIPTION 'Provides the DN's of the DHCPSubnet objects, as well as
their subnet IP addresses and masks.'
SYNTAX 'DirectoryString' MULTI-VALUE
NAME 'DHCPClassList'
DESCRIPTION 'Provides encoding of user or vendor class names. Each
class contains (ClassName, ClassID, ClassType,
Description).'
SYNTAX 'OctetString' MULTI-VALUE
NAME 'DHCPOptionDefinitions'
DESCRIPTION 'Provides encoding of option definitions, both standard
and vendor-specific, and any default values for those
options. Each option definition contains (OptionName,
OptionID, OptionDataType, MultiValued, VendorClassID,
DefaultValue, Description).'
SYNTAX 'OctetString' MULTI-VALUE
NAME 'DHCPOptionList'
DESCRIPTION 'Provides encoding of options, both standard and vendor-
specific, to be sent to clients. Each option contains
(OptionID, OptionValue, VendorClassID, UserClassID).'
SYNTAX 'OctetString' MULTI-VALUE
3.3. DHCPSubnet Object Class
The DHCPSubnet object represents an IP subnet that is managed by
DHCP. A subnet is defined by an IP address and mask. If the
superscope name is not NULL, the subnet is also considered as part
of that superscope group. A subnet is further divided into ranges,
which part subsets of addresses within the subnet. Each range is
managed by one or more DHCP servers for address assignments.
A DHCPSubnet object may contain a list of options for all clients on
the subnet. It may also have settings that specify if and how
dynamic DNS updates are done for clients.
Gu and Vyaghrapuri [Page 7]
Internet Draft An LDAP Schema for DHCP August 1998
NAME 'DHCPSubnet'
DESCRIPTION 'This class represents a logical IP subnet.'
TYPE Structural
DERIVED FROM Top
POSSIBLE SUPERIORS ( DHCPService $ DHCPServer )
MUST CONTAIN ( SubnetIPAddress $ SubnetMask )
MAY CONTAIN ( DDNSUpdateOptions $ SuperscopeName $
DHCPRangeList $ DHCPOptionList $ Description )
The attributes of the DHCPSubnet class are defined as follows.
NAME 'SubnetIPAddress'
DESCRIPTION 'Defines the subnet IP address.'
SYNTAX 'DirectoryString' SINGLE-VALUE
NAME 'SubnetMask'
DESCRIPTION 'Defines the subnet mask.'
SYNTAX 'DirectoryString' SINGLE-VALUE
NAME 'DDNSUpdateOptions'
DESCRIPTION 'Specifies options for dynamic DNS update.
1 = Update according to client request,
2 = Always update forward and reverse lookups,
4 = Discard forward lookups when leases expire,
8 = Do updates for non-dynamic DNS clients.'
SYNTAX 'Integer' SINGLE-VALUE
NAME 'SuperscopeName'
DESCRIPTION 'Specifies name of the superscope, if any, to which the
scope belongs.'
SYNTAX 'DirectoryString' SINGLE-VALUE
NAME 'DHCPRangeList'
DESCRIPTION 'Specifies the DN's of the DHCPRange objects for the
subnet and their start and end IP addresses.'
SYNTAX 'DirectoryString' MULTI-VALUE
3.4. DHCPRange Object Class
The DHCPRange object represents a subset of IP addresses within a
subnet that are to be assigned. The addresses are specified by a
range subtracting any exclusion. Each DHCPRange is assigned to one
or more DHCP servers.
The DHCPRange object may contain a list of options for all clients
whose addresses come from the range. These are options that are not
defined by a parent DHCP object or that overwrite ones defined by a
parent object.
Gu and Vyaghrapuri [Page 8]
Internet Draft An LDAP Schema for DHCP August 1998
NAME 'DHCPRange'
DESCRIPTION 'This class represents a DHCP range, which
specifies an IP address range within a subnet
and associated IP configuration.'
TYPE Structural
DERIVED FROM Top
POSSIBLE SUPERIORS ( DHCPSubnet )
MUST CONTAIN ( StartIPAddress $ EndIPAddress $ ScopeType )
MAY CONTAIN ( Exclusions $ DHCPServerList $ DHCPOptionList $
Description )
The attributes of the DHCPRange class are defined as follows.
NAME 'StartIPAddress'
DESCRIPTION 'Defines the first IP address in the IP address range.'
SYNTAX 'DirectoryString' SINGLE-VALUE
NAME 'EndIPAddress'
DESCRIPTION 'Defines the last IP address in the IP address range.
If the scope has only one address, then EndIPAddress =
StartIPAddress.'
SYNTAX 'DirectoryString' SINGLE-VALUE
NAME 'ScopeType'
DESCRIPTION 'Specifies the scope type as being one of the following
1 = DHCP,
2 = Dynamic BOOTP,
3 = DHCP and Dynamic BOOTP.'
SYNTAX 'Integer' SINGLE-VALUE
NAME 'Exclusions'
DESCRIPTION 'Defines the list of addresses in the scope's IP address
range that are excluded from assignment. Each entry in
the list is a (StartIPAddress, EndIPAddress) pair.'
SYNTAX 'DirectoryString' MULTI-VALUE
NAME 'DHCPServerList'
DESCRIPTION 'Specifies the DN's of the DHCPServer objects and their
fully-qualified DNS names.'
SYNTAX 'DirectoryString' MULTI-VALUE
3.5. DHCPReservation Object Class
The DHCPReservation object represents a client with a reserved IP
address. The client can be a DHCP client, a BOOTP client, or both.
It is identified by a unique ID, which is typically the MAC address
of its network interface.
The DHCPReservation object may contain a list of options for the
client with reservation. These are options that are not defined by a
parent DHCP object or that overwrite ones defined by a parent
object.
Gu and Vyaghrapuri [Page 9]
Internet Draft An LDAP Schema for DHCP August 1998
NAME 'DHCPReservation'
DESCRIPTION 'This class defined a DHCP reservation, which is a
fixed IP address assigned to a particular DHCP
client.'
TYPE Structural
DERIVED FROM Top
POSSIBLE SUPERIORS ( DHCPSubnet )
MUST CONTAIN ( IPAddress $ UniqueID $ ClientName )
MAY CONTAIN ( ClientType $ DHCPOptionList $ Description )
The attributes of the DHCPReservation class are defined as follows.
NAME 'IPAddress'
DESCRIPTION 'Defines the IP address of an active lease.'
SYNTAX 'DirectoryString' SINGLE-VALUE
NAME 'UniqueID'
DESCRIPTION 'Identifies the client using either the MAC address of
one of its network interfaces, or a unique byte
string.'
SYNTAX 'OctetString' SINGLE-VALUE
NAME 'ClientName'
DESCRIPTION 'Specifies the name of the client for the reservation.'
SYNTAX 'DirectoryString' SINGLE-VALUE
NAME 'ClientType'
DESCRIPTION 'Specifies the lease type as one of the following
1 = DHCP,
2 = BOOTP,
3 = DHCP/BOOTP.'
SYNTAX 'Integer' SINGLE-VALUE
3.6. DHCPServer Object Class
The DHCPServer object represents a server that implements DHCP
service. It is therefore derived from the DHCPService object and
inherits all its attributes. In addition, the DHCPServer object
specifies the vendor who makes the server and the revision it is in.
Lastly, it contains a flag that indicates whether the DHCP server
has been authorized to service any client request. The flag is added
to prevent rogue DHCP servers on a network.
NAME 'DHCPServer'
DESCRIPTION 'This class describes the configuration a DHCP
server.'
TYPE Structural
DERIVED FROM DHCPService
POSSIBLE SUPERIORS ( GroupOfDevices )
MUST CONTAIN ( VendorID $ VersionNumber $ Authorized )
MAY CONTAIN
Gu and Vyaghrapuri [Page 10]
Internet Draft An LDAP Schema for DHCP August 1998
The attributes of the DHCPServer class are defined as follows.
NAME 'VendorID'
DESCRIPTION 'Indicates the DHCP server vendor, using IANA assigned
enterprise code (see http://www.isi.edu/in-notes/iana/
assignments/enterprise-numbers).'
SYNTAX 'Integer' SINGLE-VALUE
NAME 'VersionNumber'
DESCRIPTION 'Specifies the major and minor version numbers of the
DHCP server.'
SYNTAX 'DirectoryString' SINGLE-VALUE
NAME 'Authorized'
DESCRIPTION 'TRUE indicates that the Server has been authorized to
respond to DHCP client requests; FALSE indicates that
the Server is a rogue server.'
SYNTAX 'Boolean' SINGLE-VALUE
3.7. DHCPLease Object Class
The DHCPLease object represents an IP address that is currently
assigned to a DHCP client. It is a DHCP/BOOTP assigned dynamic
address, a reservation, or an address allocated for a RAS server.
DHCP leases are stored under the DHCPServer object which has handed
out the leases. A DHCP server can contain a large number of leases.
Writing all those leases to the directory could have a significant
performance impact on the directory and the server as well,
especially when there is a large burst of lease assignments. For
this reason, the support for DHCPLease is optional.
NAME 'DHCPLease'
DESCRIPTION 'This class specifies individual lease
information.'
TYPE Structural
DERIVED FROM Top
POSSIBLE SUPERIORS ( DHCPSubnet )
MUST CONTAIN ( IPAddress $ LeaseType )
MAY CONTAIN ( UniqueID $ ClientName $ LeaseExpiration $
LeaseState $ Description )
The attributes of the DHCPLease class are defined as follows.
NAME 'LeaseType'
DESCRIPTION 'Specifies the lease type as one of the following
1 = DHCP assigned,
2 = BOOTP assigned,
3 = Reservation,
4 = Allocation for RAS.'
SYNTAX 'Integer' SINGLE-VALUE
Gu and Vyaghrapuri [Page 11]
Internet Draft An LDAP Schema for DHCP August 1998
NAME 'LeaseExpiration'
DESCRIPTION 'Specifies when the lease is due to expire. NULL value
indicates that the lease is infinite.'
SYNTAX 'GeneralizedTime' SINGLE-VALUE
NAME 'LeaseState'
DESCRIPTION 'Defines which following state the lease is in
1 = Active,
2 = Inactive,
3 = Registered with DNS,
4 = Unregistered with DNS,
5 = Tombstoned.'
SYNTAX 'GeneralizedTime' SINGLE-VALUE
4. Future Work
This document defines a schema for storing and retrieving DHCP
configuration information in an LDAP-based directory. It does not
address the issues of how this information is managed. Specifically,
it does not provide the schema for access control to DHCP service.
This will be defined in the future.
5. Acknowledgements
The authors would like to thank Munil Shah and Peter Ford for
reviewing this draft.
6. References
[1] Droms, R., "Dynamic Host Configuration Protocol", RFC 2131,
March 1997.
[2] Alexander, S., and Droms R., "DHCP Options and BOOTP Vendor
Extensions", RFC 2132, March 1997.
[3] Strassner, J., "Directory-Enabled Networks, Information Model
and Base Schema", DEN Specification v3.0c, July 1998.
7. Author's Address
Ye Gu
Microsoft Corporation
One Microsoft Way
Redmond, WA 98052
Phone: 425 936 8601
EMail: yegu@microsoft.com
Ramesh Vyaghrapuri
Microsoft Corporation
Gu and Vyaghrapuri [Page 12]
Internet Draft An LDAP Schema for DHCP August 1998
One Microsoft Way
Redmond, WA 98052
Phone: 425 703 9581
Email: rameshv@microsoft.com
This document will expire on February 1998.
Gu and Vyaghrapuri [Page 13]