[ppml] Directory Services - Take 2

Michael.Dillon at btradianz.com Michael.Dillon at btradianz.com
Mon Jun 13 10:37:02 EDT 2005

> > I'm suggesting that ARIN map it's existing backend database into
> > an LDAP schema
> This is much easier said than done.  By its very nature of being 
> rooted in X.500 DAP and the X.500 tree structure, LDAP imposes a 
> hierarchical tree structure on any data model.  Trying to take a 
> highly relational data set and putting into a tree causes many nodes 
> to be replicated (leading to bloat due to multiple copies of the same 
> data). 

This may be so, but we don't have this problem. IP address
allocation inherently follows a hierarchical model so the
problem of bloat arises when you try to cram it into a flat
relational model. In fact, most of these problems with
bloat come from people who try to use some crude tool to
convert formats rather than think through the problem.

IP address records should map to LDAP just fine. 

And I am not suggesting that ARIN should replace their
current relational databases. Just allow some LDAP queries
to retrieve data in the same way that current whois queries
retrieve data. This is what I mean by "mapping". You put
in a gateway server that accepts an LDAP query and maps it
to some kind of SQL query to the backend. This is very common
in the LDAP world where most large LDAP directories do use
a relational database backend.

I am not suggesting that ARIN provide full-blown LDAP access
to the ARIN whois directory. There is no need to support
additional types of query above and beyond what is done today
unless it is easy, cheap and makes sense.

The advantage of LDAP is to provide a standard way of encapsulating
the data that crosses the wire so that the client is in no
danger of making parsing errors and so that the server is in
no danger of accidentally sending unparseable data because somebody
put a comma in the middle of their company name. LDAP ANS.1, 
like XML, separates the data structure from the data content
so that the client can extract the data content with 100%
certainty that the "city" field contains a city name, not
a state code or a phone number.

REST already achieves this structure/content separation
on the URL-encoded GET requests, but the current ARIN web
query server does not preserve the separation of structure
and content in its answers. By using XML it would achieve 
this and be superior to whois on port 43. But if the web 
server can do this, then there is no reason why the same 
thing could not be done in the port 43 server.

Bottom line is that whois data is recorded by RIRs in
some kind of database with a defined schema, either
RIPE/RPSL or SQL. It isn't hard for them to publish
their whois directory in a way that preserves the 
schema across the wire so that a cityname in the database
is always clearly identified as a cityname when the 
client recieves the answer, 100% guaranteed. LDAP and
XML can provide that guarantee.

--Michael Dillon

P.S. the original whois free text format was never
intended for anything other than human eyeballs to 
parse it. Therefore, that format became obsolete
roughly in 1996 when people started building tools
to generate whois queries. We have now had almost
10 years of this screenscraping. Please, let's fix 
this now.

More information about the ARIN-PPML mailing list