iSCSI: SendTargets & NAT

To: <ips@ece.cmu.edu>
Subject: iSCSI: SendTargets & NAT
From: Bill Studenmund <wrstuden@wasabisystems.com>
Date: Mon, 29 Apr 2002 20:03:31 -0700 (PDT)
Content-Type: TEXT/PLAIN; charset=US-ASCII
In-Reply-To: <OF539CC13F.6D040F4A-ONC2256BAB.0002F6DC@telaviv.ibm.com>
Sender: owner-ips@ece.cmu.edu

Another concern that came up in looking into TargetAddress is that having
explicit (numeric) IP addresses in a protocol is considered bad, since it
breaks in the presence of NAT. DNS names are bad enough, but you can play
games with local DNS to get around them.

Since these elements are configured by an administrator, I'm not going to
suggest we get rid of the literal IP syntax.

Instead I'd like to propose another change to the TargetAddress entries.
I'd like to suggest a syntax which makes the IP address optional and you
give just a port. This syntax would represent something like a daemon
listening on INADDR_ANY or its IPv6 equivalent.

I'm not sure what would be a good syntax. Just ":<tcp-port>" (":3260")? Or
"*:<tcp-port>"?

In terms of the draft, the suggestion is

     Followed by zero or more address keys of the form:

       TargetAddress=<hostname-or-ipaddress>[:<tcp-port>],<portal-
         group-tag>

be described so that <hostname-or-ipaddress> can be something which
represents all IP addresses on this host.

Obviously this would be something that an admin could choose to include or
not include. I'd like us to add a way though for an admin to be able to
specify it.

Take care,

Bill

References:
- Re: iSCSI: large keys during login?
  - From: "Julian Satran" <Julian_Satran@il.ibm.com>

Prev by Date: Re: iSCSI: question about numeric IPv6 addr
Next by Date: Re: iSCSI: SendTargets & NAT
Prev by thread: Re: iSCSI: large keys during login?
Next by thread: Re: iSCSI: large keys during login?
Index(es):
- Date
- Thread

Home

Last updated: Wed May 01 02:18:30 2002
9909 messages in chronological order