SORT BY:

LIST ORDER
THREAD
AUTHOR
SUBJECT


SEARCH

IPS HOME


    [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

    RE: iSCSI: Login negotiation space



    Julian,
    
    4.1 contains a requirement that initiators and targets support receiving at least 16384 bytes of key=value data (when not supporting very long authentication items). This is overkill and is making drivers larger than they need to be. 
    
    My calculations are that Security negotiation using the CHAP method (including the Any-stage keys) takes less than 1600 bytes. Operational negotiation requires 1276 bytes (also including the Any-stage keys). All the operational plus security keys are 1911 bytes.
    
    Therefore an implementation could hold all the necessary keys in 2 Kbytes. And, the implementation doesn't need to keep the security keys after the security negotiation is done so it could clear some of that out to make room for future keys or vendor specific keys. 16 K bytes is about 10 times the necessary storage in that case.
    
    The number of negotiation bytes that a device is required to support should be reduced substantially - preferably to 2048 bytes.
    
    Regards,
    Pat
    
    
    The numbers:
    
      43		AuthMethod
               CHAP keys 
     264		Name (no defined size limit - using 255)
      11		Algorithm
      11		Identifier
     264		Challenge
      42		Response (for MD5)
    _____
     635 Chap negotiation length
     892 Any-stage keys
    ----
    1527
    
    Operational negotiation keys
      24		HeaderDigest
      24        DataDigest
      49        MaxConnections
     270		TargetName* or InitiatorName*
     271		TargetAlias* or InitiatorAlias*
     273        TargetAddress*
      55		TargetPortalGroupTag*
      15		InitialR2T
      19		BidiInitialR2T
      18		ImmediateData
      34		MaxRecvDataSegmentLength
      24		MaxBurstLength
      26		FirstBurstLength
      24		DefaultTime2Wait
      26		DefaultTime2Retain
      25		MaxOutstandingR2T
      18		DataPDUInOrder
      24		DataSequenceInOrder
      24		ErrorRecoveryLevel
      23		SessionType*
    ------
     892 Any-stage keys
     384 Not Any-stage
    ------
    1276 Operational keys
    
    
    
    
    
    


Home

Last updated: Tue Jul 09 03:18:52 2002
11201 messages in chronological order