Schema Objects for Solaris Bandwidth Manager
The directory schema determines what information can be stored in the directory. See Sun Directory Services 3.1 Administration Guide for details of the default schema and how to modify it. Figure 6-5 summarizes the schema structure.
Figure 6-5 Solaris Bandwidth Manager Schema
Table 6-2 lists the attributes for each object class. (M) indicates that the attribute is mandatory and (O) that it is optional. Refer to the alphabetical list of object classes below for a detailed description of each object class. Refer to the alphabetical list of attributes for a detailed description of each attribute.
Table 6-2 Object Class Summary|
Object Class |
Attributes |
Allowed value(s) |
|---|---|---|
|
baConfState(M) |
valid/invalid |
|
|
commonName(M) |
common name |
|
|
baClConfRef(O) |
DN of generic configuration |
|
|
baTimeout(O) |
timeout in seconds |
|
|
baIfName(M) |
device name with suffix _in or _out |
|
|
baIfRate(M) |
bandwidth in bits per second |
|
|
commonName(M) |
common name |
|
|
baIfNetwork(O) |
device name |
|
|
baIfActivate(O) |
enabled, stats, tos, disabled |
|
|
none/all/direct |
||
|
baIfNonIP(O) |
ipqos/direct |
|
|
baIfRtrMac(O) |
MAC address |
|
|
baIfRtrAddr(O) |
list of IP addresses or hostnames |
|
|
commonName(M) |
common name |
|
|
groupMember(M) |
IP address |
|
|
networkMask(O) |
subnet mask in dot format |
|
|
commonName(M) |
common name |
|
|
URL |
||
|
Mask:Match expressed in binary |
||
|
device:direction, where direction is INCOMING, OUTGOING or BOTH |
||
|
sourceIPHost(O) |
IP address or hostname |
|
|
IP address or hostname |
||
|
name:mask |
||
|
name:mask |
||
|
sourceGroup(O) |
DN of entry of type baGroup |
|
|
DN entry of type baGroup |
||
|
port number(s) |
||
|
port number(s) |
||
|
source:destination |
||
|
ANY or the name of any protocol defined in the /etc/protocols file. |
||
|
ceilingRate(O) |
1:bps or 2:percentage |
|
|
1:bps or 2:percentage |
||
|
parent(O) |
classname |
|
|
previous(O) |
classname |
|
|
queueName(O) |
classname |
|
|
integer between 1 and 7 |
||
|
tosWrite(O) |
integer between 0 and 255 |
|
|
commonName(M) |
common name |
|
|
policyName(M) |
policy name |
|
|
reference to a set of policyCondition objects |
||
|
TRUE/FALSE |
||
|
reference to a set of policyAction objects |
||
|
list of keywords |
||
|
policyUsage(O) |
distinguished name |
|
|
commonName (M) |
common name |
|
|
policyActionName(M) |
name |
|
|
policyRef(M) |
reference to policy |
|
|
commonName (M) |
common name |
|
|
policy condition name |
||
|
URLmatch(O) |
URL |
|
|
pointer to baURLgroup entry |
Object Classes
This section contains an alphabetical list of the object classes that are used by Solaris Bandwidth Manager:
baConf
Mandatory attributes: baConfState, commonName (cn)
Optional attributes: baClConfRef, baTimeout
Description: Top entry of a subtree that holds a complete configuration for Solaris Bandwidth Manager
baIf
Mandatory attributes: baIfName, baIfRate, commonName (cn)
Optional attributes: baIfNetwork, baIfMulticast, baIfNonIP, baIfRtrMac, baIfRtrAddr, baIfActivate
Description: Contains the configuration parameters for an interface controlled by Solaris Bandwidth Manager
baGroup
Mandatory attributes: commonName (cn), groupMember
Optional attributes: networkMask
Description: Contains the configuration parameters for a group of hosts or subnets controlled by Solaris Bandwidth Manager
baURLGroup
Mandatory attributes: commonName (cn), URLgroupMember
Description: Contains the configuration parameters for a group of URLs controlled by Solaris Bandwidth Manager
DSCondition
Inherits from policyCondition
Mandatory attributes: none
Optional attributes: receivedDSByteCheck
Description: In the context of differentiated services, describes a condition applicable to behavior aggregate
interfaceCondition
Inherits from policyCondition
Mandatory attributes: none
Optional attributes: interfaceName
Description: Describes a condition applicable to an interface
IProuteCondition
Inherits from policyCondition
Mandatory attributes: none
Optional attributes: sourceIPHost, destinationIPHost, sourceNetwork, destinationNetwork, sourceGroup, destinationGroup
Description: Describes a condition applicable to an IP source or IP destination
IPserviceCondition
Inherits from policyCondition
Mandatory attributes: none
Optional attributes: sourcePortNumberRanges, destinationPortNumberRanges, portNumberPairs, protocolNumber
Description: Describes a condition applicable to an IP service
LSaction
Inherits from policyAction
Mandatory attributes: none
Optional attributes: ceilingRate, guaranteedRate, parent, previous, queueName, queuePriority, tosWrite
Description: Describes an action to be performed in the context of link sharing
policy
Mandatory attributes: commonName, policyName, policyConditionList, policyEnabled
Optional attributes: policyActionList, PolicyKeywords, policyUsage
Description: Describes the interaction between two or more objects
policyAction
Mandatory attributes: commonName (cn), policyActionName
Optional attributes: None
Description: Describes a set of actions to be performed when all the conditions listed by a policy have been met
policyAux
Mandatory attributes: policyRef
Optional attributes: None
Description: This object class is used to associate a policy with a remote user entry. It is an auxiliary object class which means that it can be used in conjunction with any other object class to create an entry.
policyCondition
Mandatory attributes: commonName (cn), policyConditionName
Optional attributes: None
Description: Describes a set of conditions to be met to satisfy a policy. This object class is not used as such in the Solaris Bandwidth Manager DIT. Instead, the object classes derived from it are used to create entries that describe actual conditions. These object classes are DScondition, interfaceCondition, IProuteCondition, IPserviceCondition, URLCondition.
URLcondition
Inherits from policyCondition
Optional attributes: URLmatch, URLgroupMember
Description: Describes a condition applicable to a URL
Attributes
This section contains an alphabetical list of the attributes used by Solaris Bandwidth Manager. It gives the attribute syntax, possible values, and a short definition of the attribute's purpose.
This section does not include attributes that are not specific to Solaris Bandwidth Manager such as top or common name (cn).
Table 6-3 shows the possible syntaxes for attributes, with their definitions.
Table 6-3 Attribute Syntax definitions|
Attribute syntax |
Syntax Definition |
|---|---|
|
bin |
Stands for binary. |
|
ces |
Stands for case exact string. A case-sensitive alphanumeric string. |
|
cis |
Stands for case ignore string. A non-case-sensitive alphanumeric string. |
|
dn |
A distinguished name |
|
int |
An integer |
|
protected |
A value that has been encrypted using crypt(1) |
|
tel |
A telephone number |
|
utctime |
UTC time |
baClConfRef
Used in baConf
Description: Provides a pointer to a generic configuration.
baConfState
Used in baConf
Description: Indicates whether the configuration described by the entry is a valid one, or if it is currently being modified. This attribute can have only one of the following values: invalid, valid. When a configuration is saved to the directory, this attribute is set to invalid, any previous version of the configuration is deleted, the new one is saved, and the attribute is set back to valid.
baIfActivate
Used in baIf
Description: Indicates the status of an interface controlled by Solaris Bandwidth Manager. This attribute can have only one of the following values: enabled, stats, tos ordisabled. The meaning of these values is described in "Interface Definition".
baIfMulticast
Used in baIf
Description: Specifies how multicast packets are forwarded. This attribute can have only one of the following values: none, all or direct. The meaning of these values is described in "IP-Transparent Mode". This attribute is not required if Solaris Bandwidth Manager is working in IP transparent mode.
baIfName
Used in baIf
Description: Specifies the device name of the interface described by the entry. Suffixed with _in or _out to indicate the direction of traffic handled.
baIfNetwork
Used in baIf
Description: Specifies the name of the device used to communicate with the network. This attribute is required if Solaris Bandwidth Manager is working in IP transparent mode.
baIfNonIP
Used in baIf
Description: Specifies how non-IP packets are forwarded. This attribute can have only one of the following values: ipqos or direct. The meaning of these values is described in "IP-Transparent Mode". This attribute is not required if Solaris Bandwidth Manager is working in IP transparent mode.
baIfRate
Used in baIf
Description: Indicates the operating bandwidth rate associated with the interface described by the entry. Enter in bits per second.
baIfRtrAddr
Used in baIf
Description: Gives the list of IP addresses or the hostname of the router. If you specify several IP addresses, they must be separated by commas. This attribute is required if Solaris Bandwidth Manager is working in IP transparent mode.
baIfRtrMac
Used in baIf
Description: Specifies the MAC address of the router described by the entry. Can be either a hexadecimal address or a hostname listed in the ethers table. This attribute is required if Solaris Bandwidth Manager is working in IP transparent mode.
baTimeout
Used in baConf
Description: Specifies a timeout on the configuration. Expressed in seconds.
ceilingRate
Used in LSaction
Description: Indicates the maximum bandwidth allocated across a link. The value of this attribute can be expressed in bytes per second (bps) or as a percentage of bandwidth. If expressed in bytes per second the syntax is 1:x, if expressed as a percentage the syntax is 2:x, where x is the value in bps or a percentage.
destinationGroup
Used in IProuteCondition
Description: Provides a pointer to an entry of type baGroup.
destinationIPHost
Used in IProuteCondition
Description: Specifies the name of the destination host in an entry describing an IP route condition.
destinationNetwork
Used in IProuteCondition
Description: Specifies the name of the destination network in an entry describing an IP route condition.
destinationPortNumberRanges
Used in IPserviceCondition
Description: Specifies the port or range of ports to which the condition described by the entry applies.
flowEvent
Used in LSaction
Description: Indicates that "flow added" events are generated when a new flow is detected in the class. The value is a string used by the directory M-bean when searching for a quality of service.
groupMember
Used in baGroup
Description: Provides the address of a host or subnet to include in a group described by a baGroup entry.
guaranteedRate
Used in LSaction
Description: Indicates the guaranteed bandwidth across a link. The value of this attribute can be expressed in bytes per second (bps) or as a percentage of bandwidth. If expressed in bytes per second the syntax is 1:x, if expressed as a percentage the syntax is 2:x, where x is the value in bps or a percentage.
interfaceName
Used in interfaceCondition
Description: Specifies the name of the interface to which the condition described by the entry applies. The syntax is device:direction, where device is expressed in local terms, for example hme0, eth0 and direction is INCOMING, OUTGOING or BOTH.
networkMask
Used in baConf
Description: Specifies the subnet mask of the subnet group described by the entry. The subnet mask is specified in dot format, or by the name of a subnet mask defined in the hosts file or the networks file. You cannot use the + style of specifying a netmask. When this attribute is not present, the group described by the entry is a host group. This attribute is mandatory to describe a subnet group.
parent
Used in LSaction
Description: The name of a class's parent class.
policyActionList
Used in policy
Description: Provides references to a set of policyAction objects. The actions described by the policyAction entries are performed when all the conditions defined by the policy entry have been satisfied.
policyActionName
Used in policyAction
Description: The user friendly name of the policy action described by the entry.
policyConditionList
Used in policy
Description: Provides references to a set of policyCondition objects. The policy described by the entry is applicable when this set of conditions is satisfied.
policyConditionName
Used in policyCondition
Description: The user friendly name of the policy condition described by the entry. This attribute is not a naming attribute, and therefore cannot be used in the RDN of an entry.
policyEnabled
Used in policy
Description: Indicates whether the policy described by the entry is currently enabled. This attribute can have only one of the following values: TRUE or FALSE.
policyKeywords
Used in policy
Description: Provides a list of keywords that can be used in a search for the policy entry.
policyName
Used in policy
Description: The user friendly name of the policy described by the entry. This attribute is not a naming attribute, and therefore cannot be used in the RDN of an entry.
policyRef
Used in policyAux
Description: Provides a reference to a policy. This attribute is used to associate a policy with other types of entries, for example a remote user entry.
policyUsage
Used in policy
Description: Provides guidelines for using the policy described by the entry.
portNumberPairs
Used in IPserviceCondition
Description: Indicates pairs of source and destination ports, with the following syntax: source:destination.
previous
Used in LSaction
Description: Specifies the name of the class that was verified before the current one. If the previous class was root, this is blank.
protocolNumber
Used in IPserviceCondition
Description: Provides the name of the protocol described in the condition. This attribute can have only one value and can be either ANY or the name of any protocol defined in the /etc/protocols file..
queueName
Used in LSaction
Description: Specifies the classname of the queue to which the actions described by the entry apply.
queuePriority
Used in LSaction
Description: As part of the actions described by the entry, it indicates the priority assigned to the flow.
receivedDSByteCheck
Used in DScondition
Description: Specifies a condition for traffic based on the contents of the differentiated services (DS) byte of the received packet's IP header. The format is a string of the form xxxxxxxx:xxxxxxxx, where x is 0 or 1. The left substring is a Mask, and the right substring a Match. The DS byte of the received packet's IP header is ANDed with Mask, and the result is compared against Match. Therefore, the condition can be expressed as follows:
(receivedPacketTOSbyte & Mask == Match)?
where & indicates the bitwise AND operation, and == the bitwise compare operation.
The combination of Mask and Match makes it possible to define DS byte-based profiles where certain bits in the DS byte may be ignored for the purpose of comparison.
sourceGroupRef
Used in IProuteCondition
Description: Provides a pointer to an entry of type baGroup.
sourceIPHost
Used in IProuteCondition
Description: Specifies the name of the source host in an entry describing an IP route condition.
sourceNetwork
Used in IProuteCondition
Description: Specifies the name of the source network in an entry describing an IP route condition.
sourcePortNumberRanges
Used in IPserviceCondition
Description: Specifies the port or range of ports to which the condition described by the entry applies.
tosWrite
Used in LSaction
Description: As part of the actions described by the entry, specifies the type of service provided. The value of this attribute is an integer between 0 and 255.
URLgroupMember
Used in baURLgroup
Description: Provides a pointer to a baURLgroup entry.
URLmatch
Used in URLcondition
Description: Specifies a URL used to construct a filter for the URL condition described by the entry. This URL can contain wildcards.
Naming Conventions for Solaris Bandwidth Manager
When you create a Solaris Bandwidth Manager configuration either by editing the configuration file ba.conf, or by using the configuration tool batool, and then saving it to a directory, naming conventions are handled automatically for you. When creating a configuration in a directory service, you must observe the following conventions:
-
policyNames, groupNames and serviceNames must be unique within a configuration. The policyName becomes the filter name when the configuration is run in Solaris Bandwidth Manager.
-
classNames must be unique within an interface. As each class is associated with a particular interface, more than one class with the same name can exist as long as they are associated with different interfaces.
- © 2010, Oracle Corporation and/or its affiliates