RE: iSCSI Naming and Discovery

To: <IPS@ece.cmu.edu>
Subject: RE: iSCSI Naming and Discovery
From: "Y P Cheng" <ycheng@advansys.com>
Date: Fri, 6 Oct 2000 11:46:45 -0700
Content-Transfer-Encoding: 7bit
Content-Type: text/plain;charset="iso-8859-1"
Importance: Normal
In-Reply-To: <OF672FDE91.85813C7A-ON88256970.0051B0FE@LocalDomain>
Sender: owner-ips@ece.cmu.edu

> In short, can we split this into two independent questions:
>
> 1) what datum does an initiator need to establish the IP connection to the
> target?
>
> 2) where can an initiator get that datum?
>
> Jim Hafner

Agree!  By the way, I always need something concrete in my mind for
discussion. May be in answering the above two questions, I should put a
concrete picture around the answers.

1) What datum?
If I have a 10 TB database named YPDATA, leased from EMC, to access the data
I first send a login to: http://storage.emc.com/YPDATA, to a well-known
iSCSI port.  In the login, I supply all the necessary information for
security and authentication.  At EMC, my login request will be routed to a
server via the well-known port which validates my information and gives me
back a cookie that is a lease expiring with time.  This cookie, the datum
that you have asked, most likely is a (IP address, port) pair which let me
send my iSCSI requests.  BTW, a different port number will be given to
another initiator with data housed in the same storage subsystem.

2) Where do we get the datum
To get the datum there is a ongoing debate of using external services such
as DNS or LDAP, to which I don't pretend fully comprehend.  However, I do
know that this cookie is the only thing I need to send an INQUIRY command to
get my LUN and to validate that the LUN reaches YPDATA, the LU.  Within the
leased time, I can use this cookie to access my data.  When I am done, I
logoff.  If my computer crashes, the cookie expires.  I send all my iSCSI
commands with the LUN embedded in my PDUs.

3) Third Party Accessing
If I wish to ask a target to send iSCSI commands on my behalf, I need to
give it a cookie I obtained via step 1).  The cookie directs the access to
the third party, say storage.ibm.com/YPBACKUP, from which I obtained the
cookie.  I don't know if this constitutes security violation by giving away
my secret key.  But, I can't give all my secret information to the target
for it to obtain an access cookie from IBM.

Well, this is what I thought how everything should work.  If not, please
correct me.

Y.P. Cheng, CTO, ConnectCom Solutions Corp.

References:
- Re: iSCSI Naming and Discovery
  - From: "Jim Hafner/Almaden/IBM" <hafner@almaden.ibm.com>

Prev by Date: Technical Coordinators and new co-chair
Next by Date: Proposal into smaller documents
Prev by thread: Re: iSCSI Naming and Discovery
Next by thread: Re: iSCSI Naming and Discovery
Index(es):
- Date
- Thread

Home

Last updated: Tue Sep 04 01:06:47 2001
6315 messages in chronological order