|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: iSCSI: reusing ISID for recoveryJulian, I disagree that it is an optimization that most of us are seeking, but more to the point... I continue to prefer option A even after this proposal. Reasons? o Attaching more semantics to X-bit is only more complexity. Only "plug command" and "reinstate connection" until now; with this additionally, "lost my way" (if TSID = 0). o This is option B (overloading X-bit instead of a new C-bit), which we all (I thought including you) agreed shouldn't be adopted. o I am unclear on the model you have in mind on authentication - going with any of these models. I am further perplexed with this response you gave to Marjorie - >When I say without authetication I meant only on option A. To quote my original email yet again, here is my phrasing: "at the end of the login process including any initiator authentication" I believe that's the only time a target must decide to invoke option A. Regards. -- Mallikarjun Mallikarjun Chadalapaka Networked Storage Architecture Network Storage Solutions Organization MS 5668 Hewlett-Packard, Roseville. cbm@rose.hp.com >Marjorie, Jim, Mallikarjun, Deva & all > >Let's attemp to close that optimization that is so dear to your hearts. >If we go for the following scheme (very close to B): > >The initiator knows "that he lost his way" (in the initiator jungle tough) >and issues a Login + ISID + TSID=0 + X bit on (meaning >" I think I have an old session - please clean it up for me" and open a new >one) then the target may do one of the following: > >- before going to the effort of authenticating the new initiator check if a >session exist (if he has the initiator name) or go to authentication if it >does not >- If he has a session then clean it and create a new one >- If he does not have a session - we have 3 options: >a)- tell him hid did not have an old session and drop him >b)- tell him he did not have an old session but nevertheless create a new >one >c)- create a new session and do not tell him > >With option a we are close to the old option c but the initiator does not >have to find the old session he can do now safely a new login >With b & c we are back at the old b. > >Which one would you give your kingdom for ( and my peace!). > >Julo > >"Dev" <deva@stargateip.com>@ece.cmu.edu on 28-08-2001 01:44:15 > >Please respond to <deva@stargateip.com> > >Sent by: owner-ips@ece.cmu.edu > > >To: "KRUEGER,MARJORIE \(HP-Roseville,ex1\)" <marjorie_krueger@hp.com>, > <ips@ece.cmu.edu> >cc: >Subject: RE: iSCSI: reusing ISID for recovery > > > >All, > >When a session is already running authenticated, a login request with the >same >ISID + initiator fails authentication. Will the session continue to run? >Or >if the target fails during parameter negotiation? > >I guess, yes. i.e. target will not act on the existing session, until >the login completes successfully. Or are there exception to these? > >Thanks > >Deva >Platys Communications > > > > > >> -----Original Message----- >> From: Julian Satran [mailto:Julian_Satran@il.ibm.com] >> Sent: Saturday, August 25, 2001 12:23 AM >> To: ips@ece.cmu.edu >> Subject: RE: iSCSI: reusing ISID for recovery >> >> >> >> It may be another OS running on the same machine or CPU >> complex or it could >> be an attack. >> In any case if the initiator is up and fine he can as well do logout. >> It is a rare enough event for us not to try to optimize. >> >> The reboot is the only case in which the initiator can't >> logout and about >> which we care. >> >> And I would like to remind you all that we where on this >> exact thread more >> tan 3 months ago (other players). >> I just restated the rationale for an (apparent) newcomer. >> >> Julo >> >> "KRUEGER,MARJORIE (HP-Roseville,ex1)" >> <marjorie_krueger@hp.com>@ece.cmu.edu >> on 25-08-2001 03:51:43 >> >> Please respond to "KRUEGER,MARJORIE (HP-Roseville,ex1)" >> <marjorie_krueger@hp.com> >> >> Sent by: owner-ips@ece.cmu.edu >> >> >> To: ips@ece.cmu.edu >> cc: >> Subject: RE: iSCSI: reusing ISID for recovery >> >> >> >> I don't see how Option A is prone to "wild closing of sessions". The >> target >> is only looking for sessions with this particular initiator >> and closing >> them >> if the ISID matches. >> >> If an initiator doesn't have a valid TSID (login w/TSID=0), >> it means it has >> lost state entirely (reboot) or knows it wants to immediately reset a >> session (NIC failure). How could there possibly be a case where the >> initiator has an active valid session with the same ISID, but >> just doesn't >> know about it?? Rejecting the login seems pointless, since >> obviously the >> initiator either has a bug or intends to quickly reset the session. >> >> The behavior chosen (Option C) will cause the initiator's >> recovery to be >> delayed while the target NOPs all the connections and waits >> for them to >> time >> out - this will only delay the initiators recovery >> unnecessarily. I can't >> help but think this will cause long term problems for the protocol. >> >> Marjorie Krueger >> Networked Storage Architecture >> Networked Storage Solutions Org. >> Hewlett-Packard >> tel: +1 916 785 2656 >> fax: +1 916 785 0391 >> email: marjorie_krueger@hp.com >> >> > -----Original Message----- >> > From: Julian Satran [mailto:Julian_Satran@il.ibm.com] >> > Sent: Thursday, August 23, 2001 9:39 PM >> > To: ips@ece.cmu.edu >> > Subject: Re: iSCSI: reusing ISID for recovery (Was: RE: iSCSI >> > - Change - >> > Login/Text...) >> > >> > >> > >> > Mallikarjun, >> > >> > On your point 1 that is what is stated today in the draft. >> > >> > On your point 2 option C is the one we took in the draft, after some >> > debate. >> > >> > Option A is prone to "wild closing of sessions" and option B is also >> > relaying to much on the good behaviour of the >> > client. It also introduces a "feature" that complicates >> login/logout. >> > >> > Our postion on this is that the initiator should logout the session >> > explicitly if it can (and in this case it can as the target >> > has ascertained >> > that the session is alive). >> > >> > I agree that you may want to update the stayte diagram to >> > reflect this. >> > >> > Julo >> > >> > >> > "Mallikarjun C." <cbm@rose.hp.com>@ece.cmu.edu on >> 24-08-2001 01:46:40 >> > >> > Please respond to cbm@rose.hp.com >> > >> > Sent by: owner-ips@ece.cmu.edu >> > >> > >> > To: ips@ece.cmu.edu >> > cc: >> > Subject: iSCSI: reusing ISID for recovery (Was: RE: iSCSI >> - Change - >> > Login/Text...) >> > >> > >> > >> > Julian and all: >> > >> > This thread mirrors another discussion some of us are >> > having in a different forum. Following (two bullets 1 >> > & 2 below) is what I proposed there, attempting to address >> > two issues - >> > a) how to recover sessions when target and the initiator >> > have conflicting views of the same TCP connection(s)? >> > (Initiator NIC fails, but there's no I/O activity, >> > and the target doesn't see any connection failure.) >> > b) More specifically, how to address the above problem >> > when the initiator *does not want* to re-instate failed >> > connections since it only implements the mandatory >> > session recovery? >> > >> > This could add clarity or muddle things up here, though hopefully >> > the former... >> > >> > 1 If login is sent with the same ISID, same TSID, same CID >> and X-bit, >> > then it means a failed connection is being re-instated (whether >> > or not there are multiple connections in the session). This login >> > attempt must be done before the connection timeout >> (transition M1), >> > or if this is the only connection in the session, also before the >> > session timeout (transition N6) - to be counted as a connection >> > reinstatement effort. >> > o CmdSN counters (CmdSN, ExpCmdSN) are continued. >> > Initiator >> > must do command plugging when there's a mismatch >> > between its CmdSN and ExpCmdSN in the login response. >> > o Since this is an implicit connection logout, all >> > the active >> > tasks on the connection are either internally >> terminated, >> > or made non-allegiant (based on ErrorRecoveryLevel=x/y, >> > TBD) for recovery. >> > >> > 2 If login is sent with the same ISID and TSID=0, the session (if it >> > exists on the target) is being cleared and any active connections >> > that the target sees must be immediately (at the end of the login >> > process including any initiator authentication) transport reset. >> > Initiator may attempt this only after it ascertains a >> > session failure >> > on its end (ie. all connections entered RECOVERY_START). >> > o CmdSN counters get reset. Initiator has to perform the >> > currently defined session recovery actions. >> > o All active tasks of the session are internally >> > terminated. >> > >> > >> > Essentially, I was proposing extending the same notion of "implicit >> > logout" of a connection to the session level. The options that I >> > see are - >> > >> > A) Should iSCSI let it happen by default as stated above (ie. >> > same ISID, TSID=0 always wipes out the >> pre-existing session >> > on target, since we are mandating it to be used only when >> > initiator sees a session failure)? >> > B) Should iSCSI mandate making this intended cleanup explicit >> > by setting a bit (Say C-bit, for Clear) in the >> Login Command >> > PDU to prevent an accidental session cleanup with a buggy >> > initiator code? >> > C) Should iSCSI merely state that targets must ascertain >> > the connection state(s) whenever a new session creation >> > attempt is made with a known ISID and TSID=0? (sort of >> > defeats the intention of the initiator wanting quicker >> > session recovery since the Login command PDU would have >> > to idle till target ascertains the connection state(s)). >> > >> > I prefer A, or B. >> > >> > Going with A or B means that the description of transition N3 >> > in the session state diagram would have to change to: >> > Last LOGGED_IN connection had ceased to be LOGGED_IN, >> > or a Login Command requesting clearing the session (also >> > with C-bit set, if option B) was received by the target. >> > >> > The transition N7's description would have to be augmented as >> > well to: >> > Session recovery attempt with an implicit logout, >> > or connection reinstatement/new CID addition. >> > >> > Comments? >> > -- >> > Mallikarjun >> > >> > >> > Mallikarjun Chadalapaka >> > Networked Storage Architecture >> > Network Storage Solutions Organization >> > MS 5668 Hewlett-Packard, Roseville. >> > cbm@rose.hp.com >> > >> > >> > >Stephen, >> > > >> > >That can happen as the target may set-up completely new TCP >> > connections >> > >(the old sockets are still there and look OK). >> > >Untill the login is progessing he assumes that this is >> just another >> > >open-session attempt. Then he checks the old session and the >> > session is >> > >dead (initiator has closed the connections). >> > > >> > >The target has to distinguish only between a session that is >> > alive (and >> > >reject the new one) and one that its dead in which case it >> > can clean-up. >> > > >> > >Julo >> > > >> > >"Wheat, Stephen R" <stephen.r.wheat@intel.com> on >> 23-08-2001 22:50:56 >> > > >> > >Please respond to "Wheat, Stephen R" <stephen.r.wheat@intel.com> >> > > >> > >To: Julian Satran/Haifa/IBM@IBMIL, ips@ece.cmu.edu >> > >cc: >> > >Subject: RE: iSCSI - Change - Login/Text commands with the >> > binary stage >> > co >> > > de >> > > >> > > >> > > >> > >Julian, >> > > >> > >I don't understand your answer. For the scenario given, I >> > would presume >> > >then that the target would reject the new session attempt, >> > as it sees the >> > >previous session still "alive". What is there to tell the >> > target that >> > this >> > >is any different from when the Initiator is erroneously using the >> > >repetitive >> > >session id? >> > > >> > >Thanks, >> > >Stephen >> > > >> > >-----Original Message----- >> > >From: Julian Satran [mailto:Julian_Satran@il.ibm.com] >> > >Sent: Thursday, August 23, 2001 11:15 AM >> > >To: ips@ece.cmu.edu >> > >Subject: Re: iSCSI - Change - Login/Text commands with the >> > binary stage >> > >co de >> > > >> > > >> > >Stephen, >> > > >> > >1.If the initiator goes away for a while and reboots and >> there was no >> > >activity on the connections >> > >the target may see a session alive (I am not sure that it >> > has to appear on >> > >the state diagram but maybe). >> > > >> > >2.Again - I am not sure that the curent state diagram >> > includes death of >> > the >> > >initiator >> > > >> > >Julo >> > > >> > >"Wheat, Stephen R" <stephen.r.wheat@intel.com>@ece.cmu.edu >> > on 23-08-2001 >> > >19:58:34 >> > > >> > >Please respond to "Wheat, Stephen R" <stephen.r.wheat@intel.com> >> > > >> > >Sent by: owner-ips@ece.cmu.edu >> > > >> > > >> > >To: ips@ece.cmu.edu >> > >cc: >> > >Subject: Re: iSCSI - Change - Login/Text commands with the >> > binary stage >> > co >> > > de >> > > >> > > >> > > >> > >Julian, >> > > >> > >1.3.6 ISID states that the target should check to see if the >> > old session >> > is >> > >still active when a duplicate session is detected. >> > > >> > >I have two questions, the second only if you answer in the >> > affirmative on >> > >the first ;^) >> > > >> > >1. Is there a properly executed sequence of events (i.e., no >> > coding error >> > >on >> > >the target side) where the session is not active, but the >> > target hadn't >> > >taken notice of it? It appears this as a protocol-specified >> > means to work >> > >around a flaw in a target's implementation. I interpret the >> > state diagram >> > >transitions as being atomic wrt other commands. I.e., the >> > last logout >> > >would >> > >result in the various transitions of the connection/session >> > prior to the >> > >initiator starting the session up again. And the target would have >> > >completed the transitions prior to handling a new session request. >> > > >> > >2. If you answered (1) in the affirmative, then the word >> > "Active" is not >> > >consistent with the 6.3 Session State Diagram. Does this >> > mean the target >> > >got lost, due to transport failures of any sort, in its >> > transition from >> > >Q3-to-Q2-to-Q1? It sounds like the intent is to close the >> > old session if >> > >the session was in Q2 or Q4, presuming if it were in Q1, it >> > would not >> > have >> > >been found as a duplicate. >> > > >> > >Stephen >> > > >> > > >> > > >> > > >> > > >> > > >> > > >> > > >> > >> > >> > >> > >> > >> >> >> > > > > >
Home Last updated: Tue Sep 04 01:03:52 2001 6315 messages in chronological order |