BIND 10 #3186: Implement shared library of hooks for the Comcast Demo
BIND 10 Development
do-not-reply at isc.org
Mon Oct 21 15:43:03 UTC 2013
#3186: Implement shared library of hooks for the Comcast Demo
-------------------------------------+-------------------------------------
Reporter: tmark | Owner: tmark
Type: task | Status:
Priority: low | assigned
Component: dhcp | Milestone:
Keywords: | Sprint-DHCP-20131016
Sensitive: 0 | Resolution:
Sub-Project: DHCP | CVSS Scoring:
Estimated Difficulty: 0 | Defect Severity: N/A
Total Hours: 0 | Feature Depending on Ticket:
| Add Hours to Ticket: 0
| Internal?: 0
-------------------------------------+-------------------------------------
Comment (by tmark):
3186 implements "user_check" hooks shared library which supports subnet
selection
based upon the contents of a list of known DHCP lease requesters (i.e.
clients),
herein referred to as users. The initial intent it assign "new" or
"unregistered"
users to a restricted subnet, while "known" or "registered" users are
assigned
to unrestricted subnets.
As important as the specific library implementation, this issue always
lays the ground work for placing hooks libraries developed by ISC under
version control within the BIND10 repository. Toward that that end the
following sub-directories have been added to the BIND10 repo:
bind10/src/hooks - base directory for all ISC developed hooks libs
bind10/src/hooks/dhcp - base directory for all hooks libs pertaining to
DHCP(Kea)
bind10/src/hooks/dhcp/user_check - directory containing the hooks library
developed for Comcast under this issue.
This directory structure has been added to relevant build files, such that
it will
build as part of the normal BIND10 build invocation. We may wish to
consider a
configuration flag to either enable or disable building the hooks tree.
As to the user_check lib itself, the heart of the solution lies in a new
class
hierarchy, centered around the class !UserRegistry. This class represents
a
a maintainable, searchable list of known "users" and their attributes.
Each entry in the registry is an instance of User. Users are uniquely
identified
by their !UserId. !UserIds are comprised of data taken from the DHCP
request. The
registry supports both IPv4 and IPv6 users.
The registry may be manually populated, or loaded from a source of data
which implements
the !UserDataSource interface. Currently, a single implementation has
been provided,
!UserFile, which supports reading from a text file in which each line is a
user entry
in JSON format. (See user_file.h for details on file content).
This user_check library provides callouts for subnet4_select and
subnet6_select, in
subnet_select_co.cc. These two functions implement a straight forward bit
of logic
for each inbound DHCP request:
Refresh the registry.
Extract user id information from the inbound DHCP packet.
If the user is in the registry
generate output to a text file indicating the user was registered
otherwise
replace the selected subnet with the last subnet in the list
subnets available.
generate output to a text file indicating the user was not
registered
By convention, the last subnet in the collection of subnets available is
assumed to
be the "restricted access" subnet. A more sophisticated mechanism if
likely to be needed.
Each invocation of the callout generates output to the "user_check
outcome" file.
The output contains the user id, the subnet selected for the user, and
whether or
not the user was registered. This information is written in ini-like
form,
"name=value" with one entry per value per line. See subnet_callout.cc for
details.
The following class diagram illustrates the new classes:
[[Image(user_check_classes.svg)]]
--
Ticket URL: <http://bind10.isc.org/ticket/3186#comment:4>
BIND 10 Development <http://bind10.isc.org>
BIND 10 Development
More information about the bind10-tickets
mailing list