Re: iSCSI CONNECT message

[David Robinson <David.Robinson@EBay.Sun.COM>]

Joshua Tseng/Nishan Systems wrote:
> If I am "not correctly representing the world", it is purely
> unintentional. But my references indicate that at least rlogin and
> ftp embed the destination hostname in the messaging between
> client and server (see TCP/IP Illustrated by R. Stevens, pg 396-397
> and pg 428).  In rlogin, there are three strings sent after the
> first byte--login name of the client, login name of server, and
> terminal type and speed.  In ftp, the hostnames are passed in the
> control connection.

I don't have Steven's book handy, but I have the BSD source code.
For rlogin/rsh/rcmd what is sent is the stderr port number,
local user name, remote user name, and the command string. Used
primarily as a bad inband authentication protocol. There are
no hostnames used. For FTP it is just a direct connection to port 21
then ASCII commands are sent, no hostnames are required (see RFC959).
Same for telnet, except it has some parameter negotiation available.
I would like to be proven wrong, but I have written clients, servers,
and packet sniffers for all of these in the past.

> Additionally, my real-world experience with application proxy
> firewalls indicate that this MUST be so, or the proxy firewall
> should not be working!  Am I missing something here?  Otherwise,
> how is it working???  I do not understand what you mean by "out
> of band entities".

What I mean is that the base Internet protocols were written long
before anyone dreamed up the idea of a proxy and they are simple.  As
a result the smarts is put in the proxy and not in rewriting the
base protocol. By out of band entities I mean some technique that
is not part of the standard protocol that enables proxies.

	-David