|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: iSCSI: current UNH PlugfestI am reluctant to say this because I think most people think the initiator/target must check for correctness ... but, it is my feeling that that job should be up to a basher program. The target should not be in the business of diagnosing the initiator. The only time a target should check a field is when it could crash the system or data. Some format errors may have no consequences whatsoever. Eddy -----Original Message----- From: Robert D. Russell [mailto:rdr@mars.iol.unh.edu] Sent: Wednesday, October 31, 2001 05:39 PM To: ips@ece.cmu.edu Subject: Re: iSCSI: current UNH Plugfest Attached are the new issues that arose during the iSCSI plugfest at UNH on Wednesday 31-Oct-2001. (Note: these issues do not take into account any modifications or clarifications that occured in the standard due to the issues raised on Monday or Tuesday.) Bob Russell InterOperability Lab University of New Hampshire rdr@iol.unh.edu 603-862-3774 ------------------------------------------------------------------------ ---- 1. Are receivers (initiator or target) REQUIRED to check that reserved bits and/or fields are set to 0? Section 3 on page 48 of draft 8 says: "Any bits not defined MUST be set to zero. Any reserved fields and values MUST be 0 unless specified otherwise." and Section 8.3 on page 127 of draft 8 says: "Explicit violations of the PDU layout rules stated in this document are format errors. This when detected, usually indicates a major implementation flaw in one of the parties. When a target or an initiator receives an iSCSI PDU with a format error, it MUST reset all transport connections in the session immediately and escalate the format error to session recovery (section 8.11.4)." According to these rules, a PDU with reserved bits and/or fields that are not set to 0 violates the PDU layout rules. Therefore, if an initiator or target receives such a PDU, it should immediately close all connections in the session and go to session recovery. Clearly a format error has extremely severe consequences! Although all vendors are setting reserved bits and fields to 0 on PDUs they are sending, many are NOT checking PDUs they are receiving to see if these bits and fields are set to 0. Basically, vendors are saying "who cares if reserved bits and/or fields in incoming PDUs are not zero? We do not want to take the time to do this checking, and there is no benefit to doing it. As long as the non-reserved bits and fields are set properly, we can and should proceed. Any time devoted to doing this checking is wasted in 99+% of the cases, and in the (unlikely) case that a non-zero bit or field is found, the consequences are too severe." There should be some statement in the standard to clarify what checking is required and what is optional. 2. A similar situation arises with respect to checking the consistency of fields such as Version-max, Version-min and Version-active in Login Requests and Login Responses. For example, consider the Version-max field. Section 3.12.5 says: "All Login requests within the Login phase MUST carry the same Version-max." All vendor initiators are setting Version-max correctly on all login requests they are sending, but many vendor targets are NOT checking received login requests to ensure that this rule is enforced. In particular, many targets simply use the Version-max and Version-min on the first login request they receive on a new connection, and then they ignore these fields on all subsequent login requests in the same login phase. Strictly speaking, a change in the Version-max field during the login phase constitutes a protocol error according to section 8.8 on page 130 of draft 8: "All violations of iSCSI PDU exchange sequences specified in this draft are also protocol errors. This category of errors can be addressed only by fixing the implementations; iSCSI defines Reject and response codes to enable this". Therefore the target should send back a login response with a status of 0x0200 and then close the connection. However, Section 3.12.5 also says: "The target MUST use the value presented with the first login request." This rule seems to imply that the value CAN change, because if it cannot change, then it doesn't matter which one of the login requests it is taken from, they are all the same anyway. The suggestion is to keep the requirement that the target MUST use the value presented on the first login request, but to allowed the target to ignore the value presented on all subsequent login requests in the same login phase. A similar rewording should be done for the other fields. 3. Can commands be sent out of order on the same connection? The behavior of targets is clearly specified in Section 2.2.2.3 on page 25 of draft 8, which says: "Except for the commands marked for immediate delivery the iSCSI target layer MUST eliver the commands for execution in the order specified by CmdSN." Section 2.2.2.3 on page 26 of draft 8 also says: "- CmdSN - the current command Sequence Number advanced by 1 on each command shipped except for commands marked for immediate delivery." but the meaning of the term "shipped" is vague, and does not necessarily require that the PDUs arrive on the other end of a TCP connection in the same order that the CmdSN values were assigned to these PDUs. Some initiators have been designed to send commands out of CmdSN order on one connection. Consider the situation where there is only one connection and a high-level dispatcher creates a PDU for a SCSI command that involves writing immediate data to the target. This PDU is enqueued to a lower-level layer which has to setup, start, and wait-for a DMA operation to move the immediate data into an onboard buffer before the PDU can be put onto the wire. While this is happening, the dispatcher creates another unrelated PDU for a SCSI read command (for example), and when this PDU is passed to the lower-level layer it can be sent immediately, ahead of the previous write PDU and therefore out of order on this connection. The standard clearly allows this to happen if the two PDUs were sent on different connections, and seems to imply that this can also happen when the two PDUs are sent on the same connection. The suggestion is to put in the standard an explicit statement that this is allowed or not allowed, as appropriate. If this is allowed, such a statement would avoid the erroneous assumption being made by some target implementers that within a single connection, commands will arrive in order. If this is not allowed, such a statement would avoid the erroneous assumption being made by some initiator implementers that within a single connection, commands can be put on the wire out of order. 4. Three numeric keys (MaxRecvPDULength, MaxBurstSize, FirstBurstSize) now allow: "A value of 0 indicates no limit." Is this useful? Does it buy anything? The difficulties implementers are having with this are: 1) It is a special case. 2) It causes discontinuous ranges (for example, [0,64..2**24]) 3) It violates the min/max function normally used for the key. 4) There is always a limit anyway. Consider FirstBurstSize, which can have a value that is described as "<0|number-64-2**24>", and for which the minimum of the 2 numbers is selected. I one side offers 0 to mean unlimited, and the other side has a limit, it will reply with that limit, say 128 Kbytes. Therefore, the result is not min(0, 128K) but rather max(0, 128K). The statement in the standard that "the minimum of the 2 numbers is selected" is therefore wrong when one of the numbers is 0. Furthermore, when an initiator or target receives an offer for one of these keys, it cannot simply check that the offered value is legal by testing it against some minimum and maximum. It must first check for 0 and then only if that check shows the value is non-zero can it do the min/max range check for legality (i.e., 64-2**24). Finally, there is always a limit. If nothing else it is the limit imposed by the 24-bit DataSegmentLength field of the PDU requesting the transfer. It is useless to specify a FirstBurstSize (or MaxRecvPDULength or MaxBurstSize) any bigger than that, because the largest possible DataSegmentLength in any PDU that can use this value is 2**24-1. The suggestion is to just eliminate this special case of 0 and require that the range 64-to-(2**24-1) be used instead -- it has exactly the same effect in all cases, it is easier to describe in the standard because it avoids all the extra words, and it is easier to code because it avoids all the special cases. NOTE: the standard should specify the limit in the ranges for MaxRecvPDULength, MaxBurstSize, and FirstBurstSize as 2**24-1 instead of 2**24. The number 2**24 cannot be represented in the 24-bit DataSegmentLength field and therefore can never be used. 5. This is a suggestion for a minor rewording in the standard to avoid misunderstandings. In Appendix E on page 188 of draft 8 it says: "The response to this command is a text response containing a list of targets and their addresses. Each target is returned as a target record. A target record begins with the TargetName text key, followed by a list of TargetAddress text keys, ..." In fact, there are situations where there are no targets and/or no addresses. These situations are clearly defined in the draft after the sentences quoted above, but it would help if those sentences at least hinted at the possibility that the lists could be empty or might not contain addresses. A possible rewording would be: "The response to this command is a text response containing a list of zero or more targets and, optionally, their addresses. Each target is returned as a target record. A target record begins with the TargetName text key, followed by a list of zero or more TargetAddress text keys, ..." 6. This is a suggestion for another very minor rewording in the standard. At the end of section 2.2.3 on page 29 of draft 8 it says: "Before full feature phase is established, only Login PDUs are allowed. ..." The suggested rewording is: "Before full feature phase is established, only Login Request and Login Response PDUs are allowed. ..."
Home Last updated: Thu Nov 01 12:17:47 2001 7503 messages in chronological order |