Re: More on iSCSI boot

To: Douglas Otis <dotis@sanlight.net>
Subject: Re: More on iSCSI boot
From: Glen Turner <glen.turner@aarnet.edu.au>
Date: Fri, 01 Jun 2001 16:18:10 +0930
CC: Black_David@emc.com, ips@ece.cmu.edu
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset=us-ascii
Organization: Australian Academic and Research Network
References: <NEBBJGDMMLHHCIKHGBEJMEDPCIAA.dotis@sanlight.net>
Sender: owner-ips@ece.cmu.edu


> You are making several assumptions as to what exists on each machine by
> assuming a new boot protocol may be available in PROM.

Naturally.  It's a new protocol, so sysadms may choose to
upgrade flash BIOSes or purchase new PROMS.  Or they may
choose not to.  <shrug>

> Can DHCP securely support both an iSCSI and TFTP boot process?

DHCP can't even securely support a TFTP boot as it stands today.
That's not IPS's problem.  IPS's responsibility is to ensure than
when a secure DHCP is developed, any IPS protocol used in the boot
process then allows an end-to-end secure boot.

> Here you will run into not only the problem of initially setting
> shared secrets

Not a protocol problem, a vendor problem.  For example, there is
nothing to prevent vendors from reading the secret from the
network, or a floppy disk  or a PC Card keyloader when asked
to do so from the BIOS configuration.

Again, not IPS's problem.

> Two ways to do the same thing should suggest this optional iSCSI
> approach is not a good one.  If just one is to be used, it can not be an
> initial iSCSI boot.

I can't agree.  TFTP and iSCSI appeal to differing market segments.
Enterprises will have significant robust iSCSI storage, engineered
for serious uptime.  That in turn makes it cheap to use iSCSI
boot to obtain a boot image rather than implement a set of TFTP
servers that won't offer the same availability.

Similarly, high threat environments like universities are attracted
to iSCSI boot because the boot image can be held on a iSCSI CD drive,
requiring physical access or hacked routers for students to subvert
the network boot process.

The large group in the middle will probably be happy to continue
to boot from attached disk with its higher per-unit sysadm costs,
with small workgroups using TFTP becuase of its ubiquity.

If you want to criticise the iSCSI boot proposal, then how about
pointing out that iSCSI boot doesn't exploit the expected
availability of an iSCSI network by defining further boot
devices should the first device be unavailable.  Now doing
that using DHCP gets problematic...

Regards,
Glen

Follow-Ups:
- RE: More on iSCSI boot
  - From: "Douglas Otis" <dotis@sanlight.net>

References:
- RE: More on iSCSI boot
  - From: "Douglas Otis" <dotis@sanlight.net>

Prev by Date: iscsi: out of order unsolicited data
Next by Date: Re: More on iSCSI boot
Prev by thread: RE: More on iSCSI boot
Next by thread: RE: More on iSCSI boot
Index(es):
- Date
- Thread

Home

Last updated: Tue Sep 04 01:04:34 2001
6315 messages in chronological order