1.3 Overview
The routing and remote access service (RRAS) server management (RRASM) protocol enables remote management (configuration and monitoring) of RRAS routers. This protocol exposes the RRAS management data objects (described in sections 1.3.1, 1.3.2, 1.3.3, 1.3.4, and 1.3.5) and the methods to manage these objects remotely. An RRAS implementation that exposes its configuration in the form of these objects and methods can be managed remotely using the RRASM protocol. The RRASM protocol is responsible for providing the remote management capability only. The way the management objects are used in order to provide RRAS functionality, is specific to the RRAS implementation and is outside the scope of this protocol.
The remote procedure call (RPC) protocol provides the mechanism to define methods and data structures that are passed as parameters to these methods. It also provides the underlying with which these methods can be invoked remotely as well as the data passed as parameters.
This document, in addition, specifies the registry keys and values that can be used to specify an RRAS server configuration. These registry keys can be remotely configured using the [MS-RRP] protocol. They form the initial configuration for the RRAS implementation. Runtime configuration changes are done through the RPC protocol itself. An RRAS implementation that understands these registry keys and realizes their intended semantics can then be configured remotely using the [MS-RRP] protocol.
This document also specifies the format of the phonebook file that can be used to specify site-to-site connection settings. An RRAS implementation that understands the semantics of this phonebook file can then be configured to provide site-to-site connectivity. The phonebook file can be created remotely at a well-known location using any remote file management mechanism such as the Server Message Block (SMB) protocol. The RRAS implementation can read the settings and realize the configuration based on the semantics specified.
The client-side Remote Access Service (RAS) is a point-to-point or point-to-site service that is not in this RRASM protocol server site-to-site router remote access service. See legacy information in [MSDOCS-RRAS] and [MSDOCS-ROUT-API]. Some of the functions in the RAS API are supported only on network servers, and other functions are supported only on network clients. See legacy information in [MSDOCS-RA-API]. RAS client uses a different phonebook file; see legacy information in [MSDOCS-RASpbk].
The interaction between a RRASM client and a RRASM server itself is stateless and is accomplished through RPC method invocation. Each RPC method request is independent of others and no context is maintained by RRASM pertaining to the sequence of operations. Each method involves passing of certain parameters from the RRASM client to the RRAS implementation through the RRASM RPC server. The RRAS server performs the required operation locally in response to the RPC method request and provides the result of the operation to the RRASM server in the form of result information and associated data. The RRASM server is responsible for transporting the result information and the data associated, back to the client that originated the request. This request-response mechanism is provided by the RPC protocol as defined in [MS-RPCE]. In a nutshell, the RRASM client and server act as the endpoints providing remote communication to the RRAS implementation which already has these objects defined and managed locally.
The following two figures respectively show the Client/server message exchange and the RRAS conceptual model.
Figure 1: Client/server message exchange
Figure 2: RRAS conceptual model
The RRASM client and server interact with each other using RPC and Distributed Component Object Model (DCOM) interfaces. There are two RPC interfaces supported by RRASM: DIMSVC and RASRPC. There is a DCOM interface supported by RRAS: REMRAS. These interfaces are specified in section 3.
The RRAS implementation can be viewed as comprising the following components:
Router Managers
Interface Manager
Connection Manager
Router Managers are responsible for managing various routing protocols. Router Managers start as a part of the RRAS server initialization. The RRAS server will read the router configuration as specified in the registry store and will initialize the Router Managers with their configuration. There is one Router Manager per transport (for example, the IPv4 Router Manager). The Router Manager in turn is responsible for configuring the various routing protocols (for example, Routing Information Protocol (RIP) for IPv4 transport) for which the configuration is available. The Router Manager interacts with Interface Manager to monitor the various interfaces and their status. This in turn enables the Router Manager (and the routing protocols) to apply the routing configuration on the various interfaces. The Router Manager is also responsible for providing status and statistical information in the form of a Management Information Base (MIB).
The Interface Manager is the component responsible for managing the various interfaces (LAN/WAN) on the RRAS server. The LAN interface refers to the Ethernet interfaces that can participate in routing. The WAN interface can be a dial-in interface (the interface that collectively represents all the remote access clients that are connected to the RRAS server), or a demand-dial interface (a WAN interface that is connected on demand to realize secure site-to-site router-level connectivity). For demand-dial interfaces, the Interface Manager is responsible for initiating the connection. The connection settings are managed by the Interface Manager using the phonebook file format. The manager reads the phonebook entry for the demand-dial connection settings and passes it to the Connection Manager to perform the task of setting up the connection using a specific protocol.
The Connection Manager is the component responsible for managing remote access connections. It provides the implementation of the various protocols as mentioned in the conceptual model (such as PPTP, L2TP, PPP, and so on). It is also responsible for providing authentication, accounting, auditing, and authorization (AAAA) support for the remote access connections. This provides connection-specific detailed information for monitoring purposes.
These three components of RRAS server implement their own providers for configuration and monitoring tasks based on the defined objects and semantics. RRASM can then be used to perform these tasks remotely. The way these tasks are actually realized is outside the scope of the RRASM protocol itself.
The high-level data objects defined for an RRAS implementation to understand and operate on, and remotely managed by the RRASM protocol, are as follows:
Interface
Transport
Management Information Base
Port
Connection
Server
The RRAS implementation is defined to be the provider of these methods and objects for local management. These methods and objects are made available for the RRASM server to call into. The RRASM protocol makes these objects and methods available remotely over RPC interfaces, thereby enabling remote management.