Internet Info 1997 December

home *** CD-ROM | disk | FTP | other *** search

/ Internet Info 1997 December / Internet_Info_CD-ROM_Walnut_Creek_December_1997.iso / drafts / draft_ietf_q_t / draft-ietf-svrloc-discovery-03.txt < prev next >

Wrap

Text File | 1997-09-15 | 32KB | 900 lines

Internet-Draft Ryan Moats draft-ietf-svrloc-discovery-02.txt AT&T Expires in six months Martin Hamilton Loughborough University Paul J. Leach Microsoft June 1997 Finding Stuff (How to discover services) Filename: draft-ietf-svrloc-discovery-02.txt Status of This Memo This document is an Internet-Draft. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet- Drafts as reference material or to cite them other than as ``work in progress.'' To learn the current status of any Internet-Draft, please check the ``1id-abstracts.txt'' listing contained in the Internet- Drafts Shadow Directories on ftp.is.co.za (Africa), nic.nordu.net (Europe), munnari.oz.au (Pacific Rim), ds.internic.net (US East Coast), or ftp.isi.edu (US West Coast). Abstract This document proposes a solution to the problem of finding information about that services are being offered at a particular Internet domain. Therefore, it is possible for clients, using this approach, to locate services in a domain with only prior knowledge of the domain name. 1. Rationale Currently, there is no one single way of discovering the network services and application protocols supported at a particular Internet domain. The Domain Name System (DNS) provides some basic facilities Expires 12/31/97 [Page 1] INTERNET DRAFT Finding Stuff June 1997 for finding the hosts that offer particular services, such as DNS servers themselves (NS records), mail exchangers (MX records [3]). Recently general service records (SRV records [1]) have been proposed for DNS, along with storing geographic information (LOC records [6]). In addition, there are evolving methods for doing service location via other methods [4] & [5]. This document sets forth a process to rationalize how a client could use these various methods for service location. In this process, the use of the Service Location Protocol [4] is highlighted to allow clients to discover services by characteristics rather than by type alone. With the use of SRVs alone, all services are assumed to be identical except for weight. While this may be the case at some locations, SLP will still be useful as it provides a dynamic registration framework for services. 2. The process This process is an aggregation of several different ideas. To explicitly point out which ideas are being used, the steps of the process have been grouped by section according to which technique is being used. For a client in domain "srcdom" that wants to locate service "service" in domain "tgtdom", the following process should be followed. The steps of this process are numbered and should be explicitly followed (i.e. do step 1, then 2, etc.). 2.1 Support for "Sites" Alias Structure (see Appendix A) 1. If "srcdom" is of the form "<site>@<org-domain-name>" and "<org-domain-name>" is a suffix of "tgtdom", then do steps 2 through 9 with "target" set to "<site>.sites.<domain-name>". If this procedure fails or the condition is not met, set "target" to "tgtdom". 2.2 Support for SVRLOC 2. If "srcdom" == "target" and the client supports it, use the Service Location Protocol to determine if the service can be found that way. 3. If the client supports Service Location Protocol, look for SRV records [1] for a directory agent (i.e. da.udp."target" or da.tcp."target"). This consists of: 3a. Do a lookup of QNAME=da.tcp.target, QCLASS=IN, QTYPE=SRV. Expires 12/31/97 [Page 2] INTERNET DRAFT Finding Stuff June 1997 3b. If the reply is NOERROR, ANCOUNT>0 and there is at least one SRV RR that specifies the requested Service and Protocol in the reply: If there is precisely one SRV RR, and its Target is "." (the root domain), go to step 3c. For all SRV RR's build a list of (Priority, Weight, Target) tuples and sort the list by priority (lowest number first). Create a new empty list. For each distinct priority level: For each element at this priority level: While there are still elements left at this priority level, select an element randomly, with probability weight, and move it to the tail of the new list. For each element in the new list: Query the DNS for A RR's for the target or use any RR's found in the additional data section of the earlier SRV query. For each A RR found, try to connect to the directory agent using the Service Location Protocol over TCP. 3c. Else do a lookup of QNAME=da.udp.target, QCLASS=IN, QTYPE=SRV. 3d. Process the reply as in 3b, except that if there is precisely one SRV RR with a target of ".", go to step 4 and connections to the directory agent use Service Location Protocol over UDP. 2.3 Support for SRV records 4. Look for SRV records for service.protocol.target, where protocol is whichever protocol (TCP or UDP) is associated with service. This consists of: 4a. Do a lookup for QNAME=service.protocol.target, QCLASS=IN, QTYPE=SRV. 4b. If the reply is NOERROR, ANCOUNT>0 and there is at least one SRV RR that specifies the requested Service and Protocol in the reply: If there is precisely one SRV RR, and its Target is "." (the root domain), go to step 5. Expires 12/31/97 [Page 3] INTERNET DRAFT Finding Stuff June 1997 For all SRV RR's, build a list of (Priority, Weight, Target) tuples and sort the list by priority (lowest number first). Create a new empty list. For each distinct priority level: For each element at this priority level: Query the DNS for LOC RR [6] for the Target (if not found in the Additional Data section of the earlier SRV query). Find the nearest target and all targets "close" to the nearest target (target to target distance less than 2-3% of client to nearest target distance). Remove all other targets at this priority level. While there are still elements left at this priority level, select an element randomly, with probability weight, and move it to the tail of the new list. For each element in the new list: Query the DNS for A RR's for the Target or use any RR's found in the Additional Data section of the earlier SRV query. For each A RR found, if the protocol is TCP (connection- oriented) try to connect to the (protocol, address, service); if the protocol is UDP, send a service request. 5. If the service desired is SMTP, skip to RFC 974 (MX records) else go to step 6. 2.3 Support for "Well Known" Aliases 6. If the service has a "well known" alias (see [2]) service', look for A RRs for service'.target. This is done in the following way: 6a. Do a lookup for QNAME=service'.target, QCLASS=IN, QTYPE=A. If no A RR's returned, go to step 7. For each A RR found, try to connect to the (protocol, address, service). If successful, stop. If all A RR's have been tried go to step 7. Expires 12/31/97 [Page 4] INTERNET DRAFT Finding Stuff June 1997 2.4 Support for Service Advertising via Service URLs 7. Look for "service:" URLs stored in TXT RRs for service.target: 7a. Do a lookup for QNAME=service.target, QCLASS=IN, QTYPE=TXT. If no TXT RR's returned, go to step 8. For each TXT RR found, try to connect to the (address, port) specified in the service: URL. If successful, stop. If all TXT RR's have been tried go to step 8. 8. Look for "service:" URLs stored in TXT RRs for target: 8a. Do a lookup for QNAME=target, QCLASS=IN, QTYPE=TXT. If no TXT RR's returned, go to step 9. For each TXT RR found, try to connect to the (address, port) specified in the service: URL. If successful, stop. If all TXT RR's have been tried go to step 9. 2.5 Fallback 9. Do a lookup for QNAME=target, QCLASS=IN, QTYPE=A For each A RR found, try to connect to the (protocol, address, service). If successful, stop. 3. Security Considerations Because of the suggested mechanisms for service discovery, this document inherits all the security considerations of using DNS RR's and the Service Location Protocol. Implementors should consider both [7] and the security section of [4] for appropriate methods. 4. Conclusion By following the above process, a client may be reasonably certain of determining whether a particular service is provided for a particular domain name, given the domain name. Expires 12/31/97 [Page 5] INTERNET DRAFT Finding Stuff June 1997 5. Acknowledgments This document is partially supported by the National Science Foundation, Cooperative Agreement NCR-9218179, the UK Electronic Libraries Programme (eLib) grant 12/39/01, and the European Commission's Telematics for Research Programme grant RE 1004. 6. References Request For Comments (RFC) and Internet Draft documents are available from <URL:ftp://ftp.internic.net> and numerous mirror sites. [1] A. Gulbrandsen, P. Vixie, "A DNS RR for specifying the location of services (DNS SRV)," RFC 2052, October 1996. [2] M. Hamilton, R. Wright, "Use of DNS Aliases for Network Services," Internet Draft (work in pro- gress), June 1996. [3] S. C. Partridge, "Mail routing and the domain sys- tem," RFC 974, January 1, 1986. [4] J. Veizades, E. Guttman, C. Perkins, S. Kaplan, "Service Location Protocol," Internet Draft (work in progress), April 3, 1997. [5] R. Moats, M. Hamilton, "Advertising Services," Internet Draft (work in progress), February 1997. [6] C. Davis, P. Vixie, T. Goodwin, I. Dickinson, "A Means for Expressing Location Information in the Domain Name System," RFC 1876, January 15, 1996. [7] D. Eastlake, C. Kaufman, "Domain Name System Secu- rity Extensions," RFC 2065, January 3, 1997. Expires 12/31/97 [Page 6] INTERNET DRAFT Finding Stuff June 1997 7. Authors' addresses Ryan Moats AT&T 15621 Drexel Circle Omaha, NE 68135-2358 USA Phone: +1 402 894-9456 EMail: jayhawk@ds.internic.net Martin Hamilton Department of Computer Studies Loughborough University of Technology Leics. LE11 3TU, UK Email: m.t.hamilton@lut.ac.uk Paul J. Leach Microsoft 1 Microsoft Way Redmond, Washington, 98052, U.S.A. Email: paulle@microsoft.com A. Discovery with Large numbers of replicas Imagine an organization (such as a bank) which has thousands of branch offices. For reliability, each office may want to have a replica of (at least) certain critical information in case of loss of connectivity to the Internet. An example of such information might be an address book for employees or an authentication database. It is not reasonable to use the method of the previous section to locate a replica for the information - there would be thousands of SRV entries for the service being replicated. Instead, it would be desirable to have a method that first looked to see if there is a replica for the service at the branch office, and only proceed with the more general discovery method if there weren't. Let us generalize the notion of branch office to that of "site" - a site is a collection of hosts that have good enough connectivity that use of a service instance at the site is always to be preferred to one at another, and that there is no connectivity reason to prefer one replica within a site to another. A site has a site name that incorporates a site specific component and the domain name of the organization of the form <site>@<org-domain-name> Then a client at site <site>@<org-domain-name> looking for a service for domain <domain-name>, where <org-domain- Expires 12/31/97 [Page 7] INTERNET DRAFT Finding Stuff June 1997 name> is a suffix of <domain-name>, should use the name <site>.sites.<domain-name> as the value of "target" in the procedure described herein. If the procedure fails, then it should try with <domain-name> as the value of "target" using the procedure presented above. Note that within a site, this means the client either uses SVRLOC (if supported) or straight SRV records; by definition of "site", there would be no advantage to be gained from using LOC records. For example, suppose a client at the site "dublin@univexports.com" wanted to access the LDAP server for the Asian region of Universal Exports, whose domain name was "fareast.univexports.com". It would observe that its <org-domain-name> of "univexports.com" was a suffix of "fareast.univexports.com", and first build the name "dublin.sites.fareast.univexports.com" to use as the "target" in the procedure above; this might cause it to then lookup SRV records for "ldap.tcp.dublin.sites.fareast.univexports.com" or A records for "ldap.dublin.sites.fareast.univexports.com" or even TXT records for "dublin.sites.fareast.univexports.com" (looking for "service:" URLs of the type wp-ldap). Note that the list of records for a site does not have to point at only hosts at that site - for example, the highest priority records could be for hosts at the site, and then some lower priority records for hosts at the best-connected alternate site for backup. Using this method, a client looking for a service that has an replica at its site will only have to fetch records for its site, not for the whole organization. The records associated with the unadorned organization name can then be used to aid clients from outside the organization, who have no idea of the site structure of the organization. This Internet Draft expires December 31, 1997. Internet-Draft Ryan Moats draft-ietf-svrloc-discovery-03.txt AT&T Expires in six months Martin Hamilton Loughborough University Paul J. Leach Microsoft September 1997 Finding Stuff (How to discover services) Filename: draft-ietf-svrloc-discovery-03.txt Expires 3/31/98 [Page 8] INTERNET DRAFT Finding Stuff September 1997 Status of This Memo This document is an Internet-Draft. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet- Drafts as reference material or to cite them other than as ``work in progress.'' To learn the current status of any Internet-Draft, please check the ``1id-abstracts.txt'' listing contained in the Internet- Drafts Shadow Directories on ftp.is.co.za (Africa), nic.nordu.net (Europe), munnari.oz.au (Pacific Rim), ds.internic.net (US East Coast), or ftp.isi.edu (US West Coast). Abstract This document proposes a solution to the problem of finding information about that services are being offered at a particular Internet domain. Therefore, it is possible for clients, using this approach, to locate services in a domain with only prior knowledge of the domain name. 1. Rationale Currently, there is no one single way of discovering the network services and application protocols supported at a particular Internet domain. The Domain Name System (DNS) provides some basic facilities for finding the hosts that offer particular services, such as DNS servers themselves (NS records), mail exchangers (MX records [3]). Recently general service records (SRV records [1]) have been proposed for DNS, along with storing geographic information (LOC records [6]). In addition, there are evolving methods for doing service location via other methods [4] & [5]. This document sets forth a process to rationalize how a client could use these various methods for service location. In this process, the use of the Service Location Protocol [4] is highlighted to allow clients to discover services by characteristics rather than by type alone. With the use of SRVs alone, all services are assumed to be identical except for weight. While this may be the case at some locations, SLP will still be useful as it provides a dynamic registration framework for services. Expires 3/31/98 [Page 9] INTERNET DRAFT Finding Stuff September 1997 2. The process This process is an aggregation of several different ideas. To explicitly point out which ideas are being used, the steps of the process have been grouped by section according to which technique is being used. For a client in domain "srcdom" that wants to locate service "service" in domain "tgtdom", the steps of this process are numbered and should be explicitly followed (i.e. do step 1, then 2, etc.). 2.1 Support for SVRLOC 1. If "srcdom" == "target" and the client supports it, use the Service Location Protocol to determine if the service can be found that way. 2.2 Support for "Sites" Alias Structure (see Appendix A) 2. If "srcdom" is of the form "<site>@<org-domain-name>" and "<org-domain-name>" is a suffix of "tgtdom", then do steps 3 through 9 with "target" set to "<site>.sites.<domain-name>". If this procedure fails or the condition is not met, set "target" to "tgtdom". 3. If the client supports Service Location Protocol, look for SRV records [1] for a directory agent (i.e. da.udp."target" or da.tcp."target"). This consists of: 3a. Do a lookup of QNAME=da.tcp.target, QCLASS=IN, QTYPE=SRV. 3b. If the reply is NOERROR, ANCOUNT>0 and there is at least one SRV RR that specifies the requested Service and Protocol in the reply: If there is precisely one SRV RR, and its Target is "." (the root domain), go to step 3c. For all SRV RR's build a list of (Priority, Weight, Target) tuples and sort the list by priority (lowest number first). Create a new empty list. For each distinct priority level: For each element at this priority level: While there are still elements left at this priority level, select an element randomly, with probability weight, and move it to the tail of the new list. For each element in the new list: Expires 3/31/98 [Page 10] INTERNET DRAFT Finding Stuff September 1997 Query the DNS for A RR's for the target or use any RR's found in the additional data section of the earlier SRV query. For each A RR found, try to connect to the directory agent using the Service Location Protocol over TCP. 3c. Else do a lookup of QNAME=da.udp.target, QCLASS=IN, QTYPE=SRV. 3d. Process the reply as in 3b, except that if there is precisely one SRV RR with a target of ".", go to step 4 and connections to the directory agent use Service Location Protocol over UDP. 2.3 Support for SRV records 4. Look for SRV records for service.protocol.target, where protocol is whichever protocol (TCP or UDP) is associated with service. This consists of: 4a. Do a lookup for QNAME=service.protocol.target, QCLASS=IN, QTYPE=SRV. 4b. If the reply is NOERROR, ANCOUNT>0 and there is at least one SRV RR that specifies the requested Service and Protocol in the reply: If there is precisely one SRV RR, and its Target is "." (the root domain), go to step 5. For all SRV RR's, build a list of (Priority, Weight, Target) tuples and sort the list by priority (lowest number first). Create a new empty list. For each distinct priority level: For each element at this priority level: Query the DNS for LOC RR [6] for the Target (if not found in the Additional Data section of the earlier SRV query). Find the nearest target and all targets "close" to the nearest target (target to target distance less than 2-3% of client to nearest target distance). Remove all other targets at this priority level. While there are still elements left at this priority level, select an element randomly, with probability weight, and move it to the tail of the new list. For each element in the new list: Query the DNS for A RR's for the Target or use any RR's found in the Expires 3/31/98 [Page 11] INTERNET DRAFT Finding Stuff September 1997 Additional Data section of the earlier SRV query. For each A RR found, if the protocol is TCP (connection-oriented) try to connect to the (protocol, address, service); if the protocol is UDP, send a service request. 5. If the service desired is SMTP, skip to RFC 974 (MX records) else go to step 6. 2.3 Support for "Well Known" Aliases 6. If the service has a "well known" alias (see [2]) service', look for A RRs for service'.target. This is done in the following way: 6a. Do a lookup for QNAME=service'.target, QCLASS=IN, QTYPE=A. If no A RR's returned, go to step 7. For each A RR found, try to connect to the (protocol, address, service). If successful, stop. If all A RR's have been tried go to step 7. 2.4 Support for Service Advertising via Service URLs 7. Look for "service:" URLs stored in TXT RRs for service.target: 7a. Do a lookup for QNAME=service.target, QCLASS=IN, QTYPE=TXT. If no TXT RR's returned, go to step 8. For each TXT RR found, try to connect to the (address, port) specified in the service: URL. If successful, stop. If all TXT RR's have been tried go to step 8. 8. Look for "service:" URLs stored in TXT RRs for target: 8a. Do a lookup for QNAME=target, QCLASS=IN, QTYPE=TXT. If no TXT RR's returned, go to step 9. For each TXT RR found, try to connect to the (address, port) specified in the service: URL. If successful, stop. If all TXT RR's have been tried go to step 9. Expires 3/31/98 [Page 12] INTERNET DRAFT Finding Stuff September 1997 2.5 Fallback 9. Do a lookup for QNAME=target, QCLASS=IN, QTYPE=A For each A RR found, try to connect to the (protocol, address, service). If successful, stop. 3. Security Considerations Because of the suggested mechanisms for service discovery, this document inherits all the security considerations of using DNS RR's and the Service Location Protocol. Implementors should consider both [7] and the security section of [4] for appropriate methods. 4. Conclusion By following the above process, a client may be reasonably certain of determining whether a particular service is provided for a particular domain name, given the domain name. 5. Acknowledgments This document is partially supported by the National Science Foundation, Cooperative Agreement NCR-9218179, the UK Electronic Libraries Programme (eLib) grant 12/39/01, and the European Commission's Telematics for Research Programme grant RE 1004. 6. References Request For Comments (RFC) and Internet Draft documents are available from <URL:ftp://ftp.internic.net> and numerous mirror sites. [1] A. Gulbrandsen, P. Vixie, "A DNS RR for specifying the location of services (DNS SRV)," RFC 2052, October 1996. [2] M. Hamilton, R. Wright, "Use of DNS Aliases for Network Services," Internet Draft (work in progress), June 1996. [3] S. C. Partridge, "Mail routing and the domain system," RFC 974, January 1, 1986. [4] J. Veizades, E. Guttman, C. Perkins, S. Kaplan, "Service Location Protocol," Internet Draft (work in progress), April 3, 1997. Expires 3/31/98 [Page 13] INTERNET DRAFT Finding Stuff September 1997 [5] R. Moats, M. Hamilton, "Advertising Services," Internet Draft (work in progress), February 1997. [6] C. Davis, P. Vixie, T. Goodwin, I. Dickinson, "A Means for Expressing Location Information in the Domain Name System," RFC 1876, January 15, 1996. [7] D. Eastlake, C. Kaufman, "Domain Name System Security Extensions," RFC 2065, January 3, 1997. 7. Authors' addresses Ryan Moats AT&T 15621 Drexel Circle Omaha, NE 68135-2358 USA Phone: +1 402 894-9456 EMail: jayhawk@ds.internic.net Martin Hamilton Department of Computer Studies Loughborough University of Technology Leics. LE11 3TU, UK Email: m.t.hamilton@lut.ac.uk Paul J. Leach Microsoft 1 Microsoft Way Redmond, Washington, 98052, U.S.A. Email: paulle@microsoft.com A. Discovery with Large numbers of replicas Imagine an organization (such as a bank) which has thousands of branch offices. For reliability, each office may want to have a replica of (at least) certain critical information in case of loss of connectivity to the Internet. An example of such information might be an address book for employees or an authentication database. It is not reasonable to use the method of the previous section to locate a replica for the information - there would be thousands of SRV entries for the service being replicated. Instead, it would be desirable to have a method that first looked to see if there is a replica for the service at the branch office, and only proceed with the more general discovery method if there weren't. Expires 3/31/98 [Page 14] INTERNET DRAFT Finding Stuff September 1997 Let us generalize the notion of branch office to that of "site" - a site is a collection of hosts that have good enough connectivity that use of a service instance at the site is always to be preferred to one at another, and that there is no connectivity reason to prefer one replica within a site to another. A site has a site name that incorporates a site specific component and the domain name of the organization of the form <site>@<org-domain-name> Then a client at site <site>@<org-domain-name> looking for a service for domain <domain-name>, where <org-domain- name> is a suffix of <domain-name>, should use the name <site>.sites.<domain-name> as the value of "target" in the procedure described herein. If the procedure fails, then it should try with <domain-name> as the value of "target" using the procedure presented above. Note that within a site, this means the client either uses SVRLOC (if supported) or straight SRV records; by definition of "site", there would be no advantage to be gained from using LOC records. For example, suppose a client at the site "dublin@univexports.com" wanted to access the LDAP server for the Asian region of Universal Exports, whose domain name was "fareast.univexports.com". It would observe that its <org-domain-name> of "univexports.com" was a suffix of "fareast.univexports.com", and first build the name "dublin.sites.fareast.univexports.com" to use as the "target" in the procedure above; this might cause it to then lookup SRV records for "ldap.tcp.dublin.sites.fareast.univexports.com" or A records for "ldap.dublin.sites.fareast.univexports.com" or even TXT records for "dublin.sites.fareast.univexports.com" (looking for "service:" URLs of the type wp-ldap). Note that the list of records for a site does not have to point at only hosts at that site - for example, the highest priority records could be for hosts at the site, and then some lower priority records for hosts at the best-connected alternate site for backup. Using this method, a client looking for a service that has an replica at its site will only have to fetch records for its site, not for the whole organization. The records associated with the unadorned organization name can then be used to aid clients from outside the organization, who have no idea of the site structure of the organization. This Internet Draft expires March 31, 1998. Expires 3/31/98 [Page 15]