250 likes | 419 Vues
DBupdate. Denis Walker RIPE NCC <denis@ripe.net>. dbupdate. LOVE IT or HATE IT You have probably all used it. Used to be UPDATE. What is it ?. The front end processor for updating objects in the database. Part of the Whois server software. It allows you to: CREATE
E N D
DBupdate Denis Walker RIPE NCC <denis@ripe.net>
dbupdate LOVE IT or HATE IT You have probably all used it.
Used to be UPDATE What is it ? • The front end processor for updating objects in the database. • Part of the Whois server software. • It allows you to: • CREATE • MODIFY • DELETE objects in the database.
“If it ain’t broken don’t fix it” Why the change ?
Motivation for Change • Mature program with many experienced users providing feedback. • Error reporting was inadequate and misleading. • Need to provide more information on authorisation success / failure. • Better handling of generated attributes. • Need for plug in capabilities. • Want to be able to add new features in the future more quickly and with more confidence.
Team Project • Design / Development • Shane • Tiago • Denis • Early Design • Andrei • Test System • Katie • Denis • Infrastructure Support • Engin • Can
What has changed ? • From a users viewpoint the only change will be seen in the responses received back from dbupdate. • Method of access is unchanged. • email • sync updates • Web updates • (internally – override for ripe-dbm and hostmasters) • Format of input is unchanged.
7 bit 8bit Binary Quoted printable X base 64 X Signed (pgp) Alternative Mixed X encrypted X Format of Input Plain Text or MIME Atomic text/plain Application/pgp (readable text) Composite Multipart Message/RFC822
pgp pgp pgp p2 password pgp p1 p2 + p1 p1 password Nested Authentication password
signed signed signed text/plain text/plain s1, s2 s1 signature s1 signature s2 signature s1 Nested Authentication
signed signed signed s1 s2 pw message pgp p1 signed s1 s2 pw password pw signature s2 signature s1 signature s2 signature s1 Nested Authentication s1 s1 s2 pw p1 s1 s2
Responses • Biggest change is in the acknowledgement reply to the user. • Slight change to the forward and notification replies.
Acknowledgement Messages • Handle all error conditions gracefully and return an acknowledgement back to the user. • Extreme errors will report “internal error, please contact ripe-dbm@ripe.net”. • Much more information, more logically set out. • Start with a quick summary, follow up with the detail. • Record separators before each object to make parsing by scripts easier.
Acknowledgement Messages • Better recognition of an ‘object’ in the input to reduce the “class not recognised” errors on textual paragraphs in the input message. • Detailed authorisation information for each object. • Per-class information messages (allowing results to point the user to more specific help, e.g. IN-ADDR.ARPA help for failed domain objects).
Example update message From: dbtest@ripe.net Subject: Route update To: auto-dbm@ripe.net Please update these routes: password: mb-child password: ml-parent route: 20.13.0.0/16 descr: Route origin: AS200 mnt-by: CHILD-MB-MNT changed: dbtest@ripe.net 20020101 source: DB-TEST route: 20.0.0.0/8 descr: parent route object origin: AS100 mnt-by: PARENT-MB-MNT changed: dbtest@ripe.net 20020101 source: DB-TEST Regards LIR Admin
Acknowledgement Reply • From: RIPE Database Management <ripe-dbm@ripe.net> • To: dbtest@ripe.net • Subject: FAILED: Route update • > From: dbtest@ripe.net • > Subject: Route update • > Date: Wed, 23 Apr 2003 12:01:07 +0200 • > Reply-To: dbtest@ripe.net > Message-ID: 20030423100107.GA26859@somebox.ripe.net
Acknowledgement Summary SUMMARY OF UPDATE: Number of objects found: 2 Number of objects processed successfully: 1 Create: 1 Modify: 0 Delete: 0 No Operation: 0 Number of objects processed with errors: 1 Create: 0 Modify: 1 Delete: 0 Syntax Errors: 0
The Detail DETAILED EXPLANATION: ***Warning: Invalid keyword(s) found: Route, update ***Warning: All keywords were ignored
Errors are Listed First ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ The following object(s) were found to have ERRORS: --- Modify FAILED: [route] 20.0.0.0/8AS100 ***Error: Authorisation failed ***Info: Syntax check passed route: 20.0.0.0/8 descr: parent route object origin: AS100 mnt-by: PARENT-MB-MNT changed: dbtest@ripe.net 20020101 source: DB-TEST ***Info: Authorisation for [route] 20.0.0.0/8AS100 using mnt-by: not authenticated by: PARENT-MB-MNT
Followed by the Successes ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ The following object(s) were processed SUCCESSFULLY: --- Create SUCCEEDED: [route] 20.13.0.0/16AS200 ***Info: Authorisation for parent [route] 20.0.0.0/8AS100 using mnt-lower: authenticated by: PARENT-ML-MNT ***Info: Authorisation for origin [aut-num] AS200 using mnt-by: authenticated by: CHILD-MB-MNT ***Info: Authorisation for [route] 20.13.0.0/16AS200 using mnt-by: authenticated by: CHILD-MB-MNT
Ending with the random text ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ The following paragraph(s) do not look like objects and were NOT PROCESSED: Please update these routes: Regards LIR Admin ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ For assistance or clarification please contact: RIPE Database Administration <ripe-dbm@ripe.net>
Notifications / Forwards • General layout same as before. • Same record separators before each object as used in the acknowledgement message. • Where authorisation is required from a parent object, messages will be sent ALL maintainers in a list, rather than only the one that is used for the authorisation.
Testing • Full testing environment developed in parallel with program development. • Hundreds of updates designed to test all parts of the system. • Includes a batch of ‘real’ updates that have caused problems in the past. • Full test run takes about one hour. • Full test will be run after every change, before putting a new binary into production. • Test system and data will be included in a future release of the software.
Documentation • Detailed design specs to be issued later. • RIPE Database User Manual: Getting Startedhttp://www.ripe.net/ripe/docs/db-start.html • RIPE Database Reference Manualhttp://www.ripe.net/ripe/docs/databaseref-manual.html • Release Notes. • Full list of error messages with detailed explanations to be prepared. • Explanation of the new acknowledgement reply.http://www.ripe.net/db/dbupdate/acknowledgments.html • Description of some of the benefits.http://www.ripe.net/db/dbupdate/