Re: [Ips] no DHCP-assigned InitiatorName
Michael Howard <michael.howard@scalent.com> Mon, 22 September 2008 13:16 UTC
Return-Path: <ips-bounces@ietf.org>
X-Original-To: ips-archive@optimus.ietf.org
Delivered-To: ietfarch-ips-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 372CB28C0FC; Mon, 22 Sep 2008 06:16:19 -0700 (PDT)
X-Original-To: ips@core3.amsl.com
Delivered-To: ips@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 3E96A3A6988 for <ips@core3.amsl.com>; Mon, 22 Sep 2008 06:16:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.431
X-Spam-Level: *
X-Spam-Status: No, score=1.431 tagged_above=-999 required=5 tests=[AWL=1.079, BAYES_00=-2.599, FH_HOST_EQ_D_D_D_D=0.765, FH_HOST_EQ_D_D_D_DB=0.888, HELO_MISMATCH_COM=0.553, HOST_MISMATCH_NET=0.311, IP_NOT_FRIENDLY=0.334, RDNS_DYNAMIC=0.1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OthoT6CNRdyr for <ips@core3.amsl.com>; Mon, 22 Sep 2008 06:16:17 -0700 (PDT)
Received: from mymail.scalent.com (69-233-57-200.ded.pacbell.net [69.233.57.200]) by core3.amsl.com (Postfix) with ESMTP id 649B328C108 for <ips@ietf.org>; Mon, 22 Sep 2008 06:16:17 -0700 (PDT)
Received: from exchange.scalent.central ([192.168.151.1]) by mymail.scalent.com with Microsoft SMTPSVC(6.0.3790.3959); Mon, 22 Sep 2008 06:16:12 -0700
Received: from [192.168.0.119] ([10.10.100.77]) by exchange.scalent.central with Microsoft SMTPSVC(6.0.3790.3959); Mon, 22 Sep 2008 06:16:11 -0700
Message-ID: <48D79AA6.9040104@scalent.com>
Date: Mon, 22 Sep 2008 09:16:22 -0400
From: Michael Howard <michael.howard@scalent.com>
User-Agent: Thunderbird 2.0.0.16 (Windows/20080708)
MIME-Version: 1.0
To: Julian Satran <Julian_Satran@il.ibm.com>
References: <48D6F3EB.1080400@scalent.com> <OF51EB8C4B.4A802DE0-ON852574CC.003C9899-852574CC.003D1E7C@il.ibm.com>
In-Reply-To: <OF51EB8C4B.4A802DE0-ON852574CC.003C9899-852574CC.003D1E7C@il.ibm.com>
X-OriginalArrivalTime: 22 Sep 2008 13:16:11.0708 (UTC) FILETIME=[6216A7C0:01C91CB5]
Cc: ips@ietf.org
Subject: Re: [Ips] no DHCP-assigned InitiatorName
X-BeenThere: ips@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IP Storage <ips.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ips>, <mailto:ips-request@ietf.org?subject=unsubscribe>
List-Archive: <https://www.ietf.org/mailman/private/ips>
List-Post: <mailto:ips@ietf.org>
List-Help: <mailto:ips-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ips>, <mailto:ips-request@ietf.org?subject=subscribe>
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"; Format="flowed"
Sender: ips-bounces@ietf.org
Errors-To: ips-bounces@ietf.org
Julian Satran wrote: > Michael - I am not sure what you are looking for? A standard parameter > as those described by the iBOOT RFC? Yes, I am looking for a specific DHCP parameter that defines what InitiatorName is to be used by the iSCSI boot client. It seems to me that the purpose of RFC4173 was/is to allow stateless clients to boot. The target parameters that are specified in RFC4173 are necessary, but not sufficient. On many commercial iSCSI target servers you must have the InitiatorName in order to be able to log in to the target. This is the case for NetApp and SANRAD, and I strongly for many others. > In any case the initiator name is not the only way to control what a > server will access. > > CbCS (stands for Credential Based Command Security) available for any > SCSI device at the SCSI layer (see the T10 site) is probably > safer/better and does not depend on things that can be so easy faked by > an initiator as the initiator name and may be easier to deploy. This is not something that I am familiar with ... *** 10 minutes later *** I could find no reference to CbCS or Command Based Command Security at the NetApp support site now.netapp.com A quick search at www.t10.org didn't turn anything up either ... I'll keep looking. There may (and should) be other/better security mechanisms working their way through the standardization and implementation processes. As a practical measure, I believe that a DHCP-supplied InitiatorName is needed because InitiatorName is required by many commercial iSCSI target servers. Michael _______________________________________________ Ips mailing list Ips@ietf.org https://www.ietf.org/mailman/listinfo/ips
- [Ips] no DHCP-assigned InitiatorName Michael Howard
- Re: [Ips] no DHCP-assigned InitiatorName Julian Satran
- Re: [Ips] no DHCP-assigned InitiatorName Michael Howard
- Re: [Ips] no DHCP-assigned InitiatorName Julian Satran
- Re: [Ips] no DHCP-assigned InitiatorName Michael Howard
- Re: [Ips] no DHCP-assigned InitiatorName Black_David
- [Ips] no DHCP-assigned InitiatorName: Procedural … Black_David
- Re: [Ips] no DHCP-assigned InitiatorName: Procedu… Michael Howard
- Re: [Ips] no DHCP-assigned InitiatorName Julian Satran
- Re: [Ips] no DHCP-assigned InitiatorName Michael Howard
- Re: [Ips] no DHCP-assigned InitiatorName Michael Howard
- Re: [Ips] no DHCP-assigned InitiatorName Shyam_Iyer
- Re: [Ips] no DHCP-assigned InitiatorName Michael Howard
- Re: [Ips] no DHCP-assigned InitiatorName G_Chawla
- Re: [Ips] no DHCP-assigned InitiatorName Shyam_Iyer
- Re: [Ips] no DHCP-assigned InitiatorName G_Chawla
- Re: [Ips] no DHCP-assigned InitiatorName Sivan Tal
- Re: [Ips] no DHCP-assigned InitiatorName Michael Howard