|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: iSCSI: Canonical Targets> > How about this instead: > > 2. A discovery target MUST be accessible on the default tcp port > on each IP address on which an iSCSI implementation is listening > for iSCSI connections. This default tcp port will often be the > IANA-assigned TCP port for iSCSI. If the implementation is > listening on multiple TCP ports, the discovery target MAY be > accessible on each TCP port. I feel this "MUST" is a "MAY". The comments in this thread seem to focus on enabling I-T discovery in an "easy", insecure way. It seems to me there are many possibilities for "discovery models" ranging from initiators probe targets "discovery" ports to initiators access "domain-specific directories" (this has also been referred to as "storage name servers", but I think that model is a narrow subset of a network resource management soln) In the environments where initiators get their storage resource information from a "directory server", it would be desirable to disable this "discovery target" to guard against unintended/unauthorized access to targets. Initiators may be authenticating to "directory servers" who then pass specific information about targets to attach to, as well as an authentication token. The initiator could then log into the specific targets with the authentication token and the target is freed from the task of assigning/managing initiator lists. Marjorie Krueger Networked Storage Architecture Networked Storage Solutions Org. Hewlett-Packard tel: +1 916 785 2656 fax: +1 916 785 0391 email: marjorie_krueger@hp.com
Home Last updated: Tue Sep 04 01:04:41 2001 6315 messages in chronological order |