[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Google
  Web www.spinics.net

Re: no DHCP-assigned InitiatorName





Julian Satran wrote:
Michael - I am not sure what you are looking for? A standard parameter as those described by the iBOOT RFC?

Yes, I am looking for a specific DHCP parameter that defines what InitiatorName is to be used by the iSCSI boot client.

It seems to me that the purpose of RFC4173 was/is to allow stateless clients to boot. The target parameters that are specified in RFC4173 are necessary, but not sufficient. On many commercial iSCSI target servers you must have the InitiatorName in order to be able to log in to the target. This is the case for NetApp and SANRAD, and I strongly for many others.

In any case the initiator name is not the only way to control what a server will access.

CbCS (stands for Credential Based Command Security) available for any SCSI device at the SCSI layer (see the T10 site) is probably safer/better and does not depend on things that can be so easy faked by an initiator as the initiator name and may be easier to deploy.

This is not something that I am familiar with ...

*** 10 minutes later ***

I could find no reference to CbCS or Command Based Command Security at the NetApp support site now.netapp.com

A quick search at www.t10.org didn't turn anything up either ... I'll keep looking.


There may (and should) be other/better security mechanisms working their way through the standardization and implementation processes.

As a practical measure, I believe that a DHCP-supplied InitiatorName is needed because InitiatorName is required by many commercial iSCSI target servers.


Michael
_______________________________________________
Ips mailing list
Ips@xxxxxxxx
https://www.ietf.org/mailman/listinfo/ips

[IETF]     [Linux iSCSI]     [Linux SCSI]     [Linux Resources]     [Yosemite News]     [IETF Announcements]     [IETF Discussion]     [SCSI]

Add to Google Powered by Linux