RE: IPS: iSCSI MIB last call

[Bill Studenmund <wrstuden@wasabisystems.com>]

On Wed, 23 Oct 2002, KRUEGER,MARJORIE (HP-Roseville,ex1) wrote:

> > Another thought I had was to add a session-type field. It
> > would be Normal-Only, Discovery-Only, or Both.
> >
> > This feature is designed to permit having "closed" targets
> > (where the target isn't seen in discovery, like closed 802.11
> > networks), and also to permit anyone to do discovery
> > (ipsAuthMethodNone is in the auth entry)  & find the target,
> > but not let everyone access the target.
>
> If something like this were added, there would have to be a way to indicate
> at the iSCSI target node level whether this is an "open" or "closed" target
> - this becomes the default for unlisted initiators.  In a "closed" target,
> only initiators which are in the ACL are allowed to open a session, and then
> which session type is allowed depends on an attribute of the auth entry for
> this initiator.  In an "open" target, by default initiators not listed in
> the ACL are allowed to open a discovery session.

Ahhh... Part of my understanding, based on comments in the iSCSI draft's
discussion of SendTargets, was that all targets were "closed" by default.

> That said, I don't like adding something this significant this late in the
> process, because it really requires more thorough examination of the entire
> structure of both MIBs.  Seems like this should be addressed in a separate
> draft?

Yep. I think only the iSCSI MIB needs it, but reviewing both would be good
before doing this.

Take care,

Bill