📄 rfc2622.txt
字号:
may have a list value.
Alaettinoglu, et al. Standards Track [Page 6]
RFC 2622 RPSL June 1999
An RPSL object is textually represented as a list of attribute-value
pairs. Each attribute-value pair is written on a separate line. The
attribute name starts at column 0, followed by character ":" and
followed by the value of the attribute. The attribute which has the
same name as the object's class should be specified first. The
object's representation ends when a blank line is encountered. An
attribute's value can be split over multiple lines, by having a
space, a tab or a plus ('+') character as the first character of the
continuation lines. The character "+" for line continuation allows
attribute values to contain blank lines. More spaces may optionally
be used after the continuation character to increase readability.
The order of attribute-value pairs is significant.
An object's description may contain comments. A comment can be
anywhere in an object's definition, it starts at the first "#"
character on a line and ends at the first end-of-line character.
White space characters can be used to improve readability.
An integer can be specified using (1) the C programming language
notation (e.g. 1, 12345); (2) sequence of four 1-octet integers (in
the range from 0 to 255) separated by the character dot "." (e.g.
1.1.1.1, 255.255.0.0), in this case a 4-octet integer is formed by
concatenating these 1-octet integers in the most significant to least
significant order; (3) sequence of two 2-octet integers (in the range
from 0 to 65535) separated by the character colon ":" (e.g. 3561:70,
3582:10), in this case a 4-octet integer is formed by concatenating
these 2-octet integers in the most significant to least significant
order.
3 Contact Information
The mntner, person and role classes, admin-c, tech-c, mnt-by,
changed, and source attributes of all classes describe contact
information. The mntner class also specifies authenticaiton
information required to create, delete and update other objects.
These classes do not specify routing policies and each registry may
have different or additional requirements on them. Here we present
the common denominator for completeness which is the RIPE database
implementation [16]. Please consult your routing registry for the
latest specification of these classes and attributes. The "Routing
Policy System Security" document [20] describes the authenticaiton
and authorization model in more detail.
3.1 mntner Class
The mntner class specifies authenticaiton information required to
create, delete and update RPSL objects. A provider, before he/she
can create RPSL objects, first needs to create a mntner object. The
Alaettinoglu, et al. Standards Track [Page 7]
RFC 2622 RPSL June 1999
attributes of the mntner class are shown in Figure 1. The mntner
class was first described in [13].
The mntner attribute is mandatory and is the class key. Its value is
an RPSL name. The auth attribute specifies the scheme that will be
used to identify and authenticate update requests from this
maintainer. It has the following syntax:
auth: <scheme-id> <auth-info>
E.g.
auth: NONE
Attribute Value Type
mntner <object-name> mandatory, single-valued, class key
descr <free-form> mandatory, single-valued
auth see description in text mandatory, multi-valued
upd-to <email-address> mandatory, multi-valued
mnt-nfy <email-address> optional, multi-valued
tech-c <nic-handle> mandatory, multi-valued
admin-c <nic-handle> optional, multi-valued
remarks <free-form> optional, multi-valued
notify <email-address> optional, multi-valued
mnt-by list of <mntner-name> mandatory, multi-valued
changed <email-address> <date> mandatory, multi-valued
source <registry-name> mandatory, single-valued
Figure 1: mntner Class Attributes
auth: CRYPT-PW dhjsdfhruewf
auth: MAIL-FROM .*@ripe\.net
The <scheme-id>'s currently defined are: NONE, MAIL-FROM, PGP-KEY and
CRYPT-PW. The <auth-info> is additional information required by a
particular scheme: in the case of MAIL-FROM, it is a regular
expression matching valid email addresses; in the case of CRYPT-PW,
it is a password in UNIX crypt format; and in the case of PGP-KEY, it
is a pointer to key-certif object [22] containing the PGP public key
of the user. If multiple auth attributes are specified, an update
request satisfying any one of them is authenticated to be from the
maintainer.
The upd-to attribute is an email address. On an unauthorized update
attempt of an object maintained by this maintainer, an email message
will be sent to this address. The mnt-nfy attribute is an email
address. A notification message will be forwarded to this email
Alaettinoglu, et al. Standards Track [Page 8]
RFC 2622 RPSL June 1999
address whenever an object maintained by this maintainer is added,
changed or deleted.
The descr attribute is a short, free-form textual description of the
object. The tech-c attribute is a technical contact NIC handle.
This is someone to be contacted for technical problems such as
misconfiguration. The admin-c attribute is an administrative contact
NIC handle. The remarks attribute is a free text explanation or
clarification. The notify attribute is an email address to which
notifications of changes to this object should be sent. The mnt-by
attribute is a list of mntner object names. The authorization for
changes to this object is governed by any of the maintainer objects
referenced. The changed attribute documents who last changed this
object, and when this change was made. Its syntax has the following
form:
changed: <email-address> <YYYYMMDD>
E.g.
changed: johndoe@terabit-labs.nn 19900401
The <email-address> identifies the person who made the last change.
<YYYYMMDD> is the date of the change. The source attribute specifies
the registry where the object is registered. Figure 2 shows an
example mntner object. In the example, UNIX crypt format password
authentication is used.
mntner: RIPE-NCC-MNT
descr: RIPE-NCC Maintainer
admin-c: DK58
tech-c: OPS4-RIPE
upd-to: ops@ripe.net
mnt-nfy: ops-fyi@ripe.net
auth: CRYPT-PW lz1A7/JnfkTtI
mnt-by: RIPE-NCC-MNT
changed: ripe-dbm@ripe.net 19970820
source: RIPE
Figure 2: An example mntner object.
The descr, tech-c, admin-c, remarks, notify, mnt-by, changed and
source attributes are attributes of all RPSL classes. Their syntax,
semantics, and mandatory, optional, multi-valued, or single-valued
status are the same for for all RPSL classes. Only exception to this
is the admin-c attribute which is mandatory for the aut-num class.
We do not further discuss them in other sections.
Alaettinoglu, et al. Standards Track [Page 9]
RFC 2622 RPSL June 1999
3.2 person Class
A person class is used to describe information about people. Even
though it does not describe routing policy, we still describe it here
briefly since many policy objects make reference to person objects.
The person class was first described in [15].
The attributes of the person class are shown in Figure 3. The person
attribute is the full name of the person. The phone and the fax-no
attributes have the following syntax:
phone: +<country-code> <city> <subscriber> [ext. <extension>]
E.g.:
phone: +31 20 12334676
Attribute Value Type
person <free-form> mandatory, single-valued
nic-hdl <nic-handle> mandatory, single-valued, class key
address <free-form> mandatory, multi-valued
phone see description in text mandatory, multi-valued
fax-no same as phone optional, multi-valued
e-mail <email-address> mandatory, multi-valued
Figure 3: person Class Attributes
phone: +44 123 987654 ext. 4711
Figure 4 shows an example person object.
person: Daniel Karrenberg
address: RIPE Network Coordination Centre (NCC)
address: Singel 258
address: NL-1016 AB Amsterdam
address: Netherlands
phone: +31 20 535 4444
fax-no: +31 20 535 4445
e-mail: Daniel.Karrenberg@ripe.net
nic-hdl: DK58
changed: Daniel.Karrenberg@ripe.net 19970616
source: RIPE
Figure 4: An example person object.
Alaettinoglu, et al. Standards Track [Page 10]
RFC 2622 RPSL June 1999
3.3 role Class
The role class is similar to the person object. However, instead of
describing a human being, it describes a role performed by one or
more human beings. Examples include help desks, network monitoring
centers, system administrators, etc. Role object is particularly
useful since often a person performing a role may change, however the
role itself remains.
The attributes of the role class are shown in Figure 5. The nic-hdl
attributes of the person and role classes share the same name space.
The trouble attribute of role object may contain additional contact
information to be used when a problem arises in any object that
references this role object. Figure 6 shows an example role object.
Attribute Value Type
role <free-form> mandatory, single-valued
nic-hdl <nic-handle> mandatory, single-valued,
class key
trouble <free-form> optional, multi-valued
address <free-form> mandatory, multi-valued
phone see description in text mandatory, multi-valued
fax-no same as phone optional, multi-valued
e-mail <email-address> mandatory, multi-valued
Figure 5: role Class Attributes
role: RIPE NCC Operations
trouble:
address: Singel 258
address: 1016 AB Amsterdam
address: The Netherlands
phone: +31 20 535 4444
fax-no: +31 20 545 4445
e-mail: ops@ripe.net
admin-c: CO19-RIPE
tech-c: RW488-RIPE
tech-c: JLSD1-RIPE
nic-hdl: OPS4-RIPE
notify: ops@ripe.net
changed: roderik@ripe.net 19970926
source: RIPE
Figure 6: An example role object.
Alaettinoglu, et al. Standards Track [Page 11]
RFC 2622 RPSL June 1999
4 route Class
Each interAS route (also referred to as an interdomain route)
originated by an AS is specified using a route object. The
attributes of the route class are shown in Figure 7. The route
attribute is the address prefix of the route and the origin attribute
is the AS number of the AS that originates the route into the interAS
routing system. The route and origin attribute pair is the class
key.
Figure 8 shows examples of four route objects (we do not include
contact attributes such as admin-c, tech-c for brevity). Note that
the last two route objects have the same address prefix, namely
128.8.0.0/16. However, they are different route objects since they
are originated by different ASes (i.e. they have different keys).
Attribute Value Type
route <address-prefix> mandatory, single-valued,
class key
origin <as-number> mandatory, single-valued,
class key
member-of list of <route-set-names> optional, multi-valued
see Section 5
inject see Section 8 optional, multi-valued
components see Section 8 optional, single-valued
aggr-bndry see Section 8 optional, single-valued
aggr-mtd see Section 8 optional, single-valued
export-comps see Section 8 optional, single-valued
holes see Section 8 optional, multi-valued
Figure 7: route Class Attributes
route: 128.9.0.0/16
origin: AS226
route: 128.99.0.0/16
origin: AS226
route: 128.8.0.0/16
origin: AS1
route: 128.8.0.0/16
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -