|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: iSCSI bootDavid, I think you misunderstand where this code would exist. It would not be within the DHCP/PXE PROM code. Use the existing environment and previously defined parameters in conjunction with existing servers and existing protocols. Doug > Douglas Otis wrote: > > If there already is a means of discovering either LDAP or SLP > in conjunction > > with DCHP together will some security features defined within the PXE > > specification, then adding iSCSI specific information is not really > > required. If you assume there is security present within LDAP > and there is > > a defined schema, the ability to retrieve information related > to things like > > ISID, Initiator Name, Target Name, mount point, etc can be made > available > > through those standard services with security providing the > initial filter. > > LDAP can store state as it is commonly used to keep password > counts and the > > like. It is not a direct property of LDAP, but a well structured schema > > should make this task easier. I know that I will hear, "Send > in the Draft" > > but until there is consensus as to what is needed and how it is > to be used, > > it would be a likely futile venture. > > I think you are over complicating things Doug. We already have a well > defined > standard for Network Adapters to discover their identity and their > "root" > storage device using DHCP. All that is really needed by the IPS WG is > to define > the syntax and semantics of the string that indicates where the iSCSI > target is. > > While LDAP provides a lot of features and can easily be used as the > directory > service behind a DHCP server (and in fact is often is), it is highly > unlikely > that vendors will embed LDAP into the PROMs of their adapters to > retrieve > a simple string that can just as easily be served using their existing > DHCP/PXE > PROMs. > > Security is actively being worked on the the DHCP community so that > is something that iSCSI can leverage. > (draft-ietf-dhc-authentication-16.txt) > > So I won't say "Send in a Draft" but instead "The IESG won't let us > reinvent existing protocols". > > -David >
Home Last updated: Tue Sep 04 01:04:36 2001 6315 messages in chronological order |