Tech Support

Internet Exchange Frequently Asked Questions

Internet Exchange Directory Server
Architecture Overview

Introduction
The Internet Exchange Messaging Server Directory Server is based upon the open Internet directory standard LDAP (Lightweight Directory Access Protocol).   LDAP is a protocol designed to provide read/write access to open X.500 directory service and proprietary directories that support the X.500 standard without incurring the hefty resource requirements of its predecessor, the DAP or Directory Access Protocol.  Unlike the DAP, the LDAP does not require the upper layers of the OSI protocol stack and runs directly on TCP/IP or other reliable transport protocols.

The Internet Exchange Directory Server allows the system administrator to manipulate stored information via the Web interface.  This provides the system administrator with a user/administrator interface to the Directory Server's front-end engine.  The Web Interface users the LDAP API to access the Directory Server and to update or modify information contained in the directory.  By using the Web interface, the system administrator can perform the following functions:

  • add new entries
  • delete existing entries
  • search for a particular entry
  • modify existing entries
  • start or stop the Directory Server

The Internet Exchange Directory Server consists of two major subsystems: the front-end protocol engine and the back-end database engine.  The front-end protocol engine receives requests from LDAP clients and processes these requests by invoking read and write functions in the back-end database engine.  Among the operations performed by the front-end protocol engine are the bind, unbind, search, modify, modify RDN, delete, and abandon operations.  The back-end database engine searches for information in the directory and modifies it based on commands from the protocol engine.   It communicates with the front-end engine via a well-defined API.  The slapd back-end (SLAPI) consists of twelve commands, none of which correspond to the LDAP protocol operations.  The other three commands are for initializing the back-end engine, shutting down the back-end engine, and handling back-end specific configuration.

Directory Data Storage
The Internet Exchange Messaging Server provides a default directory schema for email applications.  The directory data includes user account information, group information, and mail routing information.  The user account information consists of the unique user id (Mail Address), user password, mail address, and other user-related profiles.   The group information consists of data on users that have the same access rights to the same directory.  General information, like the email addresses and user name, can be accessed by an LDAP client.   Access to sensitive information, such as password and confidential user profiles, is restricted by an authentication mechanism.

Directory Information Tree
Directory entries in the Directory Server are organized using a directory information tree (DIT).  The root of the DIT is represented by a special entry whose Distinguised Name is called the directory suffix.   The Intenet Exchange Directory Server uses a new LDAP design, which is based on the recommendations in RFC-2377.    This recommendation proposes a LDAP directory structure based on the domain part of a users email address.   The Internet Exchange Directory Server uses the 'mail' and 'dc' components to construct the LDAP tree.

Additional LDAP Resources
For additional information and an introduction to the Lightweight Directory Access Protocol, please see the article, The Lightweight Directory Access Protocol (LDAP): An Overview in the December, 1998 issue of Internet Exchange News.