Network Working Group B. Manning (Rice University) INTERNET DRAFT R. Colella (NIST) August 2, 1993 DNS NSAP Resource Records Status of This Memo This document is an Internet-Draft. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its Areas, and its Working Groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months. Internet-Drafts may be updated, replaced, or obsoleted by other documents at any time. It is not appropriate to use Internet-Drafts as reference material or to cite them other than as a "working draft" or "work in progress." To learn the status of any Internet-Draft, please check the 1id- abstract.txt listing contained in the Internet-Drafts Shadow Directories on nic.ddn.mil, nnsc.nsf.net, nic.nordu.net, ftp.nisc.sri.com, or munnari.oz.au. It is intended that this document will be submitted to the IESG for consideration as a standards document. Distribution of this document is unlimited. Abstract The Internet is moving towards the deployment of an OSI lower layers infrastructure. This infrastructure comprises the connectionless network protocol (CLNP) and supporting routing protocols. Also required as part of this infrastructure is support in the Domain Name System (DNS) for mapping between names and NSAP addresses. This document defines the format of two new Resource Records (RRs) for the DNS, replacing the earlier work in RFC 1348. The RRs defined in this paper allow the DNS to support domain name-to-NSAP and NSAP-to-domain name mappings. The RRs may be used with any NSAP address format. Expiration Date February 2, 1994 [Page 1] INTERNET-DRAFT DNS NSAP Resource Records August 2, 1993 1 Introduction The Internet is moving towards the deployment of an OSI lower layers infrastructure. This infrastructure comprises the connectionless network protocol (CLNP) [ISO86b] and supporting routing protocols. Also required as part of this infrastructure is support in the Domain Name System (DNS) [Moc87a , Moc87b] for mapping between domain names and OSI Network Service Access Point (NSAP) addresses [ISO88] [Note: NSAP and NSAP address are used interchangeably throughout this memo]. This document defines the format of two new Resource Records (RRs) for the DNS, replacing the earlier work in RFC 1348. The RRs defined in this paper allow the DNS to support domain name-to-NSAP and NSAP-to-domain name mappings. The RRs may be used with any NSAP address format. This memo assumes that the reader is familiar with the DNS. Some familiarity with NSAPs is useful; see [CGC91] or [ISO88] for additional information. 2 Background The reason for defining DNS mappings for NSAPs is to support CLNP in the Internet. Debugging with CLNP ping and traceroute is becoming more difficult with only numeric NSAPs as the scale of deployment increases. Current debugging is supported by maintaining and exchanging a configuration file with name/NSAP mappings similar in function to hosts.txt. This suffers from the lack of a central coordinator for this file and also from the perspective of scaling. The former is the most serious short-term problem. Scaling of a hosts.txt-like solution has well-known long-term scaling difficiencies. A second reason for this work is the proposal to use CLNP as an alternative to IP: "TCP and UDP with Bigger Addresses (TUBA), A Simple Proposal for Internet Addressing and Routing" [Cal92]. For this to be practical, the DNS must be capable of supporting CLNP addresses. 3 Scope The RRs defined in this paper support all known NSAP formats. This includes support for the notion of a custom-defined NSAP format based on an AFI obtained by the IAB for use in the Internet. B. Manning/R. Colella [Page 2] INTERNET-DRAFT DNS NSAP Resource Records August 2, 1993 As a point of reference, there is a distinction between registration and publication of addresses. For IP addresses, the IANA is the root registration authority and the DNS a publication method. For NSAPs, addendum two of the network service definition, ISO8348/Ad2 [ISO88] is the root registration authority and this memo defines how the DNS is used as a publication method. 4 Structure of NSAPs NSAPs are hierarchically structured to allow distributed administration and efficient routing. Distributed administration permits subdelegated addressing authorities to, as allowed by the delegator, further structure the portion of the NSAP space under their delegated control. Accomodating this distributed authority requires that there be little or no a priori knowledge of the structure of NSAPs built into DNS resolvers and servers. For the purposes of this memo, NSAPs can be thought of as a tree of identifiers. The root of the tree is ISO8348/Ad2 [ISO88], and has as its immediately registered subordinates the one-octet Authority and Format Identifiers (AFIs) defined there. The size of subsequently- defined fields depends on which branch of the tree is taken. The depth of the tree varies according to the authority responsible for defining subsequent fields. An example is the authority under which U.S. GOSIP defines NSAPs [Gro91]. Under the AFI of 47, NIST (National Institute of Standards and Technology) obtained a value of 0005 (the AFI of 47 defines the next field as being two octets consisting of four BCD digits from the International Code Designator space [ISO84]). NIST defined the subsequent fields in [Gro91], as shown in Figure 1. The field immediately following 0005 is a format identifier for the rest of the U.S. GOSIP NSAP structure, with a hex value of 80. Following this is the three-octet field, values for which are allocated to network operators; the registration authority for this field is delegated to GSA (General Services Administration). The last octet of the NSAP is the NSelector (NSel). In practice, the NSAP minus the NSel identifies the CLNP protocol machine on a given system, and the NSel identifies the CLNP user. Since there can be more than one CLNP user (meaning multiple NSel values for a given "base" NSAP), the representation of the NSAP should be CLNP-user independent. To achieve this, an NSel value of zero will be used with all NSAP values stored in the DNS. An NSAP with NSel=0 identifies the network layer itself. It is left to the application retrieving the NSAP to determine the appropriate value to use in that instance of communication. B. Manning/R. Colella [Page 3] INTERNET-DRAFT DNS NSAP Resource Records August 2, 1993 ________________ |_<--_IDP_-->__|_____________________________________ |_AFI_|__IDI___|____________<--_DSP_-->______________| |_47__|__0005__|DFI_|_AA_|_Rsvd_|_RD_|Area_|_ID_|Sel_| octets |__1__|___2____|_1__|_3__|__2___|_2__|__2__|_6__|_1__| IDP Initial Domain Part AFI Authority and Format Identifier IDI Initial Domain Identifier DSP Domain Specific Part DFI DSP Format Identifier AA Administrative Authority Rsvd Reserved RD Routing Domain Identifier Area Area Identifier ID System Identifier SEL NSAP Selector Figure 1: GOSIP Version 2 NSAP structure. When CLNP is used to support TCP and UDP services, the NSel value used will be the appropriate IP PROTO value as registered with the IANA. For "standard" OSI, the selection of NSel values is left as a matter of local administration. Administrators of systems that support the OSI transport protocol [ISO86a] in addition to TCP/UDP must select NSels for use by OSI Transport that do not conflict with the IP PROTO values. In the NSAP RRs in Master Files and in the printed text in this memo, NSAPs are often represented as a string of "."-separated hex values. The values correspond to convenient divisions of the NSAP to make it more readable. For example, the "."-separated fields might correspond to the NSAP fields as defined by the appropriate authority (ISoc, GOSIP, ANSI, etc.). The use of this notation is strictly for readability. The "."s do not appear in DNS packets and DNS servers can ignore them when reading Master Files. For example, a printable representation of the first four fields of a U.S. GOSIP NSAP might look like 47.0005.80.005a00 B. Manning/R. Colella [Page 4] INTERNET-DRAFT DNS NSAP Resource Records August 2, 1993 and a full U.S. GOSIP NSAP might appear as 47.0005.80.005a00.0000.1000.0020.00800a123456.00. For more information on U.S. GOSIP NSAPs, see RFC1237 [CGC91]. Other NSAP formats have different fields and field widths (see [Bry92]). 5 The NSAP RR The NSAP RR is defined with mnemonic "NSAP" and TYPE code 22 (decimal) and is used to map from domain names to NSAPs. Name-to-NSAP mapping in the DNS using the NSAP RR operates analogously to IP address lookup. A query is generated by the resolver requesting an NSAP RR for a provided domain name. NSAP RRs conform to the top level RR format and semantics as defined in Section 3.2.1 of RFC 1035. 1 1 1 1 1 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ | | / / / NAME / | | |--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ | TYPE = NSAP | +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ | CLASS = IN | +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ | TTL | | | +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ | RDLENGTH | +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ / RDATA / / / +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ B. Manning/R. Colella [Page 5] INTERNET-DRAFT DNS NSAP Resource Records August 2, 1993 where: * NAME: an owner name, i.e., the name of the node to which this resource record pertains. * TYPE: two octets containing the NSAP RR TYPE code of 22 (decimal). * CLASS: two octets containing the RR IN CLASS code of 1. * TTL: a 32 bit signed integer that specifies the time interval that the resource record may be cached before the source of the information should again be consulted. Zero values are interpreted to mean that the RR can only be used for the transaction in progress, and should not be cached. For example, SOA records are always distributed with a zero TTL to prohibit caching. Zero values can also be used for extremely volatile data. * RDLENGTH: an unsigned 16 bit integer that specifies the length in octets of the RDATA field. * RDATA: a variable length string of octets containing the NSAP. The value is the binary encoding of the NSAP as it would appear in the CLNP source or destination address field. A typical example of such an NSAP (in hex) is shown below. For this NSAP, RDLENGTH is 20 (decimal); "."s have been omitted to emphasize that they don't appear in the DNS packets. 39840f80005a0000000001e13708002010726e00 NSAP RRs cause no additional section processing. 6 The NSAP-PTR RR The NSAP-PTR RR is defined with mnemonic "NSAP-PTR" and TYPE code 23 (decimal). This RR is used to map from NSAPs to domain names. NSAP-to-domain name mapping in the DNS using the NSAP-PTR RR operates analogously to IP address-to-domain name lookup. A domain name is generated from the NSAP according to the rules described below. A query is sent by the resolver requesting an NSAP-PTR RR for the provided domain name. A domain name is generated from an NSAP by reversing the hex nibbles of the NSAP, treating each nibble as a separate subdomain, and appending the top-level subdomain name ".NSAP" to it. For example, the domain name used in the reverse lookup for the NSAP 47.0005.80.005a00.0000.0001.e137.ffffff000065.00 B. Manning/R. Colella [Page 6] INTERNET-DRAFT DNS NSAP Resource Records August 2, 1993 would appear as 0.0.5.6.0.0.0.0.f.f.f.f.f.f.7.3.1.e.1.0.0.0.0.0.0.0.0.0.a.5.0.0.\ 0.8.5.0.0.0.7.4.NSAP. [Implementation note: For sanity's sake user interfaces should be designed to allow users to enter NSAPs using their natural order, i.e., as they are typically written on paper. Also, arbitrary "."s should be allowed (and ignored).] NSAP-PTR RRs conform to the top level RR format and semantics as defined in Section 3.2.1 of RFC 1035. 1 1 1 1 1 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ | | / / / NAME / | | +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ | TYPE = NSAP-PTR | +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ | CLASS = IN | +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ | TTL | | | +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ | RDLENGTH | +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ / RDATA / / / +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ where: * NAME: the domain name of the node to which this resource record pertains. This name is derived from the NSAP as described above. * TYPE: two octets containing the NSAP-PTR RR TYPE code of 23 (decimal). * CLASS: two octets containing the RR IN CLASS code of 1. B. Manning/R. Colella [Page 7] INTERNET-DRAFT DNS NSAP Resource Records August 2, 1993 * TTL: a 32 bit signed integer that specifies the time interval that the resource record may be cached before the source of the information should again be consulted. Zero values are interpreted to mean that the RR can only be used for the transaction in progress, and should not be cached. For example, SOA records are always distributed with a zero TTL to prohibit caching. Zero values can also be used for extremely volatile data. * RDLENGTH: an unsigned 16 bit integer that specifies the length in octets of the RDATA field. * RDATA: a variable length string of octets containing the domain name associated with the NSAP. NSAP RRs cause no additional section processing. 7 Master File Format The format of NSAP and NSAP-PTR RRs in Master Files conforms to Section 5, "Master Files," of RFC 1035. Below are examples of the use of these RRs in Master Files. ;;;;;; ;;;;;; Master File for domain tuba.ncsl.nist.gov. ;;;;;; @ IN SOA emu.ncsl.nist.gov. root.emu.ncsl.nist.gov. ( 900831 ; Serial - date 1800 ; Refresh - 30 minutes 300 ; Retry - 5 minutes 604800 ; Expire - 7 days 3600 ) ; Minimum - 1 hour IN NS emu.ncsl.nist.gov. ; ; $ORIGIN tuba.ncsl.nist.gov. ; emu IN NSAP 47.0005.80.005a00.0000.0001.e137.08002010726e.00 IN A 129.6.55.32 IN HINFO Sun_Sparc SunOS_4.1.3 ; osi IN NSAP 47.0005.80.005a00.0000.0001.e137.080020079efc.00 IN A 129.6.55.1 B. Manning/R. Colella [Page 8] INTERNET-DRAFT DNS NSAP Resource Records August 2, 1993 ; cursive IN NSAP 47.0005.80.005a00.0000.0001.e137.eeeeee000085.00 IN A 129.6.224.85 IN HINFO PC_386 DOS_5.0/NCSA_Telnet(TUBA) ; cisco1 IN NSAP 47.0005.80.005a00.0000.0001.e137.888888000181.00 IN A 129.6.224.181 ; 3com1 IN NSAP 47.0005.80.005a00.0000.0001.e137.111111000111.00 IN A 129.6.225.111 ; infidel IN NSAP 47.0005.80.005a00.0000.0001.e137.ffffff000065.00 IN A 129.6.55.128 IN HINFO PC/486 BSDi1.0/TUBA ;;;;;; ;;;;;; Master File for reverse mapping of NSAPs under ;;;;;; 47.0005.80.005a00.0000.0001.e137 ;;;;;; @ IN SOA emu.ncsl.nist.gov. root.emu.ncsl.nist.gov. ( 900831 ; Serial - date 1800 ; Refresh - 30 minutes 300 ; Retry - 5 minutes 604800 ; Expire - 7 days 3600 ) ; Minimum - 1 hour IN NS emu.ncsl.nist.gov. ; ; $ORIGIN 7.3.1.e.1.0.0.0.0.0.0.0.0.0.a.5.0.0.0.8.5.0.0.0.7.4.NSAP. ; 0.0.e.6.2.7.0.1.0.2.0.0.8.0 IN NSAP-PTR emu.tuba.ncsl.nist.gov. ; 0.0.c.f.e.9.7.0.0.2.0.0.8.0 IN NSAP-PTR osi.tuba.ncsl.nist.gov. ; 0.0.5.8.0.0.0.0.e.e.e.e.e.e IN NSAP-PTR cursive.tuba.ncsl.nist.gov. ; 0.0.1.8.1.0.0.0.8.8.8.8.8.8 IN NSAP-PTR cisco1.tuba.ncsl.nist.gov. ; 0.0.1.1.1.0.0.0.1.1.1.1.1.1 IN NSAP-PTR 3com1.tuba.ncsl.nist.gov. ; 0.0.5.6.0.0.0.0.f.f.f.f.f.f IN NSAP-PTR infidel.tuba.ncsl.nist.gov. 8 Security Security issues are not addressed in this memo. B. Manning/R. Colella [Page 9] INTERNET-DRAFT DNS NSAP Resource Records August 2, 1993 9 Authors' Addresses Bill Manning Rice University -- ONCS P.O. Box 1892 6100 South Main Houston, Texas 77251-1892 USA Phone: +1.713.285.5415 EMail: bmanning@rice.edu Richard Colella National Institute of Standards and Technology Technology/B217 Gaithersburg, MD 20899 USA Phone: +1 301-975-3627 (voice); +1 301 590-0932 (fax) EMail: colella@nist.gov A Issues It may be useful to associate an X.500 distinguished name with an NSAP. Some thought should be given to whether this is useful and how it could be done. References [Bry92] P. Bryant. Nsaps. IPTAG/92/23 PB660, Science and Engineering Research Council, Rutherford Appleton Laboratory, May 1992. [Cal92] R. Callon. Tcp and udp with bigger addresses (tuba), a simple proposal for internet addressing and routing. RFC 1347, Network Working Group, June 1992. [CGC91] R. Colella, E. Gardner, and R. Callon. Guidelines for osi nsap allocation in the internet. RFC 1237, IETF OSI NSAP Administration Working Group, July 1991. B. Manning/R. Colella [Page 10] INTERNET-DRAFT DNS NSAP Resource Records August 2, 1993 [Gro91] GOSIP Advanced Requirements Group. Government open systems interconnection profile (gosip) version 2. Federal Information Processing Standard 146-1, U.S. Department of Commerce, National Institute of Standards and Technology, Gaithersburg, MD, April 1991. [ISO84] ISO/IEC. Data interchange - structures for the identification of organization. International Standard 6523, ISO/IEC JTC 1, Switzerland, 1984. [ISO86a] ISO/IEC. Connection oriented transport protocol specification. International Standard 8073, ISO/IEC JTC 1, Switzerland, 1986. [ISO86b] ISO/IEC. Protocol for providing the connectionless-mode network service. International Standard 8473, ISO/IEC JTC 1, Switzerland, 1986. [ISO88] ISO/IEC. Information processing systems -- data communications -- network service definition addendum 2: Network layer addressing. International Standard 8348/Addendum 2, ISO/IEC JTC 1, Switzerland, 1988. [Moc87a] P. Mockapetris. Domain name -- concepts and facilities. RFC 1034, Network Working Group, November 1987. [Moc87b] P. Mockapetris. Domain name -- implementation and specifica- tion. RFC 1035, Network Working Group, November 1987. Expiration Date February 2, 1994 [Page 11]