tech-invite   World Map     

3GPP     Specs     Glossaries     Architecture     IMS     UICC       IETF     RFCs     Groups     SIP     ABNFs       Search

RFC 4455

 
 
 

Definition of Managed Objects for Small Computer System Interface (SCSI) Entities

Part 4 of 4, p. 76 to 88
Prev RFC Part

 


prevText      Top      Up      ToC       Page 76 
10.  Object Population Example: SCSI Target and Initiator Devices on a
     pSCSI Bus

   This section provides a sample set of values for a parallel SCSI
   scenario in which a SCSI MIB module can be implemented.  The example
   shown below is not a normative part of this document and makes some
   assumptions about the underlying implementation, which are not based
   on actual implementations.

   The respective sections describe the sequence of object
   instantiations and attempts to explain non-typical values for
   attributes that are unique to the scenario.

   Note: While populating the objects, the population of statistics is
   not considered.

   This scenario deals with a SCSI target and initiator devices attached
   to a parallel SCSI bus, defined by one of the SCSI-3 Parallel
   Interface standards (the version referenced in the MIB module is the
   4th generation, called SPI-4).  We assume that the SCSI initiator
   device is a Host Bus Adaptor (HBA), and the SCSI target device is a
   physical disk.  We assume that the SCSI target device has one
   integrated logical unit, identified by a Logical Unit Number (LUN) of
   0, which is the default LUN.  The parallel SCSI transport only
   supports port identifiers, and not port names.  The transport pointer
   is set to 0 since there is no MIB module defined for SPI-4.

   We assume an HBA as the SCSI initiator device and a disk as the SCSI
   target device.  We assume that the SCSI target device has one logical
   unit, addressed by Logical Unit Number set to 0 (LUN0), which is the
   default LUN.  Parallel SCSI has only port identifiers, no port names.
   The transport pointer for parallel SCSI is set to 0 since there is no
   reference transport (SPI) MIB module.

   Once the SCSI system is initialized, an SNMP agent should be able to
   view the values of variables populated in the ScsiDevice,
   ScsiInitiatorDevice, ScsiTargetDevice, ScsiPort, ScsiTargetPort,
   ScsiInitiatorPort, ScsiLogicalUnit, ScsiLUIdentifier objects.

   The ScsiAuthorizedIntr population depends on the transport and the
   implementation.  As this example scenario is parallel SCSI, we deal
   with the ports.  Hence the ScsiPortIndexOrZero is the index of the
   SCSI target port and ScsiAuthIntrDevOrPort is "port".  Same is the
   case with the variables in scsiDscTgtDevOrPort.

   Note that "" means zero-length string.

Top      Up      ToC       Page 77 
10.1.  scsiInstance Table:

         Attribute                         Value
         ----------                        ------
         scsiInstIndex                      1
         scsiInstAlias                      "pSCSI-1"
         scsiInstSoftwareIndex              1000
         scsiInstVendorVersion              "1.0a"
         scsiInstScsiNotificationsEnable    true
         scsiInstStorageType                nonVolatile

10.2.  scsiDevice Table:

         Attribute                Value
         ----------               ------
         scsiInstIndex            1                1
         scsiDeviceIndex          1                2
         scsiDeviceAlias          "pSCSI-HBA"      "pSCSI-Disk1"
         scsiDeviceRole           initiator(1)     target(0)
         scsiDevicePortNumber     1                1

10.3.  scsiPort Table:

         Attribute                Value
         ----------               ------
         scsiInstIndex            1                1
         scsiDeviceIndex          1                2
         scsiPortIndex            1                2
         scsiPortRole             initiator(1)     target(0)
         scsiPortTransportPtr     1                2

10.4.  scsiTransport Table:

         Attribute                Value
         ----------               ------
         scsiInstIndex            1                   1
         scsiDeviceIndex          1                   2
         scsiTransportIndex       1                   2
         scsiTransportType        scsiTransportSPI    scsiTransportSPI
         scsiTransportPointer     0.0                 0.0
         scsiTransportDevName     ""                  ""

Top      Up      ToC       Page 78 
10.5.  scsiIntrDev Table:

         Attribute                     Value
         ----------                    ------
         scsiInstIndex                 1
         scsiDeviceIndex               1
         scsiIntrDevTgtAccessMode      autoEnable(2)

10.6.  scsiInitiatorPort Table:

         Attribute                     Value
         ----------                    ------
         scsiInstIndex                 1
         scsiDeviceIndex               1
         scsiPortIndex                 1
         scsiIntrPortName              ""
         scsiIntrPortIdentifier *1     0001b

         *1 Port Identifier for SCSI is represented by 4 bits.

10.7.  scsiDscTgt Table:

         Attribute                     Value
         ----------                    ------
         scsiInstIndex                 1
         scsiDeviceIndex               1
         scsiDscTgtIntrPortIndex       1
         scsiDscTgtIndex               1
         scsiDscTgtDevOrPort           port(2)
         scsiDscTgtName                ""
         scsiDscTgtConfigured          false(2)
         scsiDscTgtDiscovered          true(1)
         scsiDscTgtRowStatus           active(1)

10.8.  scsiDscLUN:

         Attribute                     Value
         ----------                    ------
         scsiInstIndex                 1
         scsiDeviceIndex               1
         scsiDscTgtIntrPortIndex       1
         scsiDscTgtIndex               1
         scsiDscLunIndex               1
         scsiDscLunLun                 0

Top      Up      ToC       Page 79 
10.9.  scsiDscLUNIdentifier:

         Attribute                     Value
         ----------                    ------
         scsiInstIndex                 1
         scsiDeviceIndex               1
         scsiDscLunIndex               1
         scsiDscLunIdIndex             1
         scsiDscLunIdCodeSet *1        2
         scsiDscLunIdAssociation *2    1
         scsiDscLunIdType        *3    1
         scsiDscLunIdValue             ASPENsl318203-001

        *1 - The identifier field will have ASCII graphic codes.
        *2 - The identifier is associated with the port that received
        the request.
         *3 - As defined in SPC.  (This value specifies that the
        scsiDscLunIdValue contains a vendorID in the first 8 bytes
        concatenated with the product identifier field and product
        serial number.)

10.10.  scsiAttTgtPort Table:

         Attribute                     Value
         ----------                    ------
         scsiInstIndex                 1
         scsiDeviceIndex               1
         scsiPortIndex                 1
         scsiAttTgtPortIndex           1
         scsiAttTgtPortDscTgtIdx       1
         scsiAttTgtPortName            ""
         scsiAttTgtPortId              0011b

10.11.  scsiTgtDev Table:

         Attribute                     Value
         ----------                    ------
         scsiInstIndex                 1
         scsiDeviceIndex               2
         scsiTgtDevNumberOfLUs         1
         scsiTgtDeviceStatus           available(2)
         scsiTgtDevNonAccessibleLUs    0

Top      Up      ToC       Page 80 
10.12.  scsiTgtPort Table:

         Attribute                     Value
         ----------                    ------
         scsiInstIndex                 1
         scsiDeviceIndex               2
         scsiPortIndex                 2
         scsiPortName                  ""
         scsiTgtPortIdentifier         0010b

10.13.  scsiLU Table:

         Attribute                     Value
         ----------                    ------
         scsiInstIndex                 1
         scsiDeviceIndex               2
         scsiLuIndex                   1
         scsiLuDefaultLun              0
         scsiLuWwnName                 ""
         scsiLuVendorId                "xyz-corp"
         scsiLuProductId               "super turbo disk"
         scsiRevisionId                02
         scsiLUPeripheralType          00
         scsiLUStatus                  available(2)
         scsiLuState                   exposed(3)

10.14.  scsiLuId Table:

         Attribute                     Value
         ----------                    ------
         scsiInstIndex                 1
         scsiDeviceIndex               2
         scsiLuIndex                   1
         scsiLuIdIndex                 1
         scsiLuIdCodeSet *1            2
         scsiLuIdAssociation *2        1
         scsiLuIdType *3               1
         scsiLuIdValue                 ASPENsl318203-0004

        *1 - The identifier field will have ASCII graphic codes.
        *2 - The identifier is associated with the port that received
        the request.
        *3 - As defined in SPC.  (This value specifies that the
        LuIdValue contains a vendorID in the first 8 bytes concatenated
        with the product identifier field and product serial number.)

Top      Up      ToC       Page 81 
10.15.  scsiLunMap Table:

         Attribute                     Value
         ----------                    ------
         scsiInstIndex                 1
         scsiDeviceIndex               2
         scsiLunMapIndex               1
         scsiLunMapLun                 0
         scsiLunMapLuIndex             1
         scsiLunMapLunRowStatus        active(1)

10.16.  scsiAuthorizedIntr Table:

         Attribute                     Value
         ----------                    ------
         scsiInstIndex                 1
         scsiDeviceIndex               2
         scsiAuthIntrTgtPortIndex      2
         scsiAuthIntrIndex             1
         scsiAuthIntrDevOrPort         port(2)
         scsiAuthIntrName              ""
         scsiAuthIntrLunMapIndex       1
         scsiAuthIntrRowStatus         active(1)

10.17.  scsiAttIntrPort Table:

         Attribute                     Value
         ----------                    ------
         scsiInstIndex                 1
         scsiDeviceIndex               2
         scsiPortIndex                 2
         scsiAttIntrPortIdx            1
         scsiAttIntrPortAuthIntrIdx    1
         scsiAttIntrPortName           ""
         scsiAttIntrPortIdentifier     0011b

11.  Security Considerations

   There are a number of management objects defined in this MIB module
   that have a MAX-ACCESS clause of read-write and/or read-create.  Such
   objects may be considered sensitive or vulnerable in some network
   environments.  The support for SET operations in a non-secure
   environment without proper protection can have a negative effect on
   network operations.  These are the following:

   o  scsiInstAlias, scsiInstScsiNotificationsEnable,
      scsiInstStorageType and scsiDeviceAlias: these objects can be
      manipulated to affect the management of a SCSI instance and its

Top      Up      ToC       Page 82 
      devices; specifically, the SCSI instance's administrative alias,
      whether it generates notifications, whether its non-default
      parameter settings are retained over restarts, and the
      administrative alias for each of its devices.

   o  scsiIntrDevTgtAccessMode: this object can be manipulated to allow
      immediate access by local SCSI initiator devices to discovered
      SCSI target devices without waiting for administrator approval,
      where such approval might not be forthcoming.

   o  scsiDscTgtTable: the objects in this table can be manipulated to
      remove administrator-specified controls on access by local SCSI
      initiator devices to discovered SCSI target devices.

   o  scsiAuthorizedIntrTable: the objects in this table can be
      manipulated to remove administrator-specified controls on access
      by remote SCSI initiator devices to local SCSI target devices.

   o  scsiLunMapTable: the objects in this table can be manipulated to
      provide access by a remote SCSI initiator device to logical units
      that an administrator has configured as not accessible to said
      initiator.

   In each of the last four cases, the objects in the tables can also be
   manipulated to cause a denial of service attack, by preventing
   administrator-authorized access.

   Some of the readable objects in this MIB module (i.e., objects with a
   MAX-ACCESS other than not-accessible) may be considered sensitive or
   vulnerable in some network environments.  It is thus important to
   control even GET and/or NOTIFY access to these objects and possibly
   to even encrypt the values of these objects when sending them over
   the network via SNMP.  All seventeen of the tables in this MIB module
   contain information which might be considered sensitive to read
   access in some environments, e.g.,

   o  the settings of all read-write/read-create parameter objects
      mentioned above,

   o  scsiInstSoftwareIndex, scsiInstVendorVersion
      --which version of which software is running;

   o  scsiDeviceRole, scsiPortRole, scsiTransportType,
      scsiTransportPointer, scsiTransportDevName, scsiDscLunIdCodeSet,
      scsiDscLunIdAssociation, scsiDscLunIdType, scsiDscLunIdValue plus
      information in several tables: scsiTgtDevTable, scsiLuTable,
      scsiLuIdTable, scsiLunMapTable

Top      Up      ToC       Page 83 
      --topology information indicating which devices/ports are targets,
      about the transport protocols they use, and more specific
      information about such targets, including detailed information
      about the LUNs they expose and how they are mapped onto logical
      units;

   o  scsiIntrPortOutCommands,
      scsiIntrPortWrittenMegaBytes, scsiIntrPortReadMegaBytes,
      scsiIntrPortHSOutCommands scsiDscTgtInCommands,
      scsiDscTgtWrittenMegaBytes, scsiDscTgtReadMegaBytes,
      scsiDscTgtHSInCommands, scsiTgtPortInCommands,
      scsiTgtPortWrittenMegaBytes, scsiTgtPortReadMegaBytes,
      scsiTgtPortHSInCommands, scsiAuthIntrAttachedTimes,
      scsiAuthIntrOutCommands, scsiAuthIntrReadMegaBytes,
      scsiAuthIntrWrittenMegaBytes, scsiAuthIntrHSOutCommands,
      scsiLuInCommands, scsiLuReadMegaBytes, scsiLuWrittenMegaBytes,
      scsiLuHSInCommands
      -- statistics that could be used for traffic analysis.

   o  scsiAttTgtPortTable
      -- information on which initiators are connected to which targets
      that could be used for traffic analysis.

   o  scsiAuthorizedIntrTable and scsiAttIntrPortTable tables
      -- information about which initiators are authorized to connect to
      that targets.

   These information may need to be kept private in sensitive
   environments.

   SNMP versions prior to SNMPv3 did not include adequate security.
   Even if the network itself is secure (for example, by using IPsec),
   even then, there is no control as to who on the secure network is
   allowed to access and GET/SET (read/change/create/delete) the objects
   in this MIB module.

   It is RECOMMENDED that implementers consider the security features as
   provided by the SNMPv3 framework (see [RFC3410], section 8),
   including full support for the SNMPv3 cryptographic mechanisms (for
   authentication and privacy).

   Further, deployment of SNMP versions prior to SNMPv3 is NOT
   RECOMMENDED.  Instead, it is RECOMMENDED to deploy SNMPv3 and to
   enable cryptographic security.  It is then a customer/operator
   responsibility to ensure that the SNMP entity giving access to an
   instance of this MIB module is properly configured to give access to
   the objects only to those principals (users) that have legitimate
   rights to indeed GET or SET (change/create/delete) them.

Top      Up      ToC       Page 84 
12.  Acknowledgements

   This document is the result of the work of the SCSI MIB Group.  In
   particular, the contributions of Sajay Selvaraj (HCL Technologies),
   George Penokie (IBM), and Roger Cummings (Veritas Software) were
   critical to the formulation of this specification.

13.  IANA Considerations

   IANA has made a MIB OID assignment under the mib-2 branch for the
   SCSI-MIB.

14.  References

14.1.  Normative References

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119, March 1997.

   [RFC2578]  McCloghrie, K., Perkins, D., and J. Schoenwaelder,
              "Structure of Management Information Version 2 (SMIv2)",
              STD 58, RFC 2578, April 1999.

   [RFC2579]  McCloghrie, K., Perkins, D., and J. Schoenwaelder,
              "Textual Conventions for SMIv2", STD 58, RFC 2579, April
              1999.

   [RFC2580]  McCloghrie, K., Perkins, D., and J. Schoenwaelder,
              "Conformance Statements for SMIv2", STD 58, RFC 2580,
              April 1999.

   [RFC2790]  Waldbusser, S. and P. Grillo, "Host Resources MIB", RFC
              2790, March 2000.

   [RFC3411]  Harrington, D., Presuhn, R., and B. Wijnen, "An
              Architecture for Describing Simple Network Management
              Protocol (SNMP) Management Frameworks", STD 62, RFC 3411,
              December 2002.

   [RFC3413]  Levi, D., Meyer, P., and B. Stewart, "Simple Network
              Management Protocol (SNMP) Applications", STD 62, RFC
              3413, December 2002.

   [SAM2]     ANSI INCITS 366-2003, "SCSI Architecture Model-2 (SAM-2)",
              SAM-2 Revision 24, September 2002.

   [SPC2]     ANSI INCITS 351-2001, "SCSI Primary Commands - 2 (SPC-2)",
              SPC-2 Revision 20, July 2001.

Top      Up      ToC       Page 85 
14.2.  Informative References

   [FCP2]     ANSI INCITS 350-2003, "Fibre Channel Protocol for SCSI
              (FCP-2)", FCP-2 Revision 08, September 2002.

   [ISCSI]    Bakke, M., "Definitions of Managed Objects for iSCSI",
              Work in Progress, October 2005.

   [RFC3410]  Case, J., Mundy, R., Partain, D., and B. Stewart,
              "Introduction and Applicability Statements for Internet-
              Standard Management Framework", RFC 3410, December 2002.

   [RFC3720]  Satran, J., Meth, K., Sapuntzakis, C., Chadalapaka, M.,
              and E. Zeidner, "Internet Small Computer Systems Interface
              (iSCSI)", RFC 3720, April 2004.

   [RFC4022]  Raghunarayan, R., "Management Information Base for the
              Transmission Control Protocol (TCP)", RFC 4022, March
              2005.

   [RFC4044]  McCloghrie, K., "Fibre Channel Management MIB", RFC 4044,
              May 2005.

   [SAS-1.1]  T10 Project #1601-D, "Serial Attached SCSI - 1.1 (SAS-
              1.1)", SAS-1.1 Revision 10, September 2005.

   [SBP3]     ANSI INCITS 375-2004, "Serial Bus Protocol 3 (SBP-3)",
              SBP-3 Revision 05, September 2003.

   [SCC2]     ANSI INCITS 318-1998, "SCSI Controller Commands - 2 (SCC-
              2)", SCC-2 Revision 04, September 1997.

   [SPI4]     ANSI INCITS 362-2002, "SCSI Parallel Interface-4 (SPI4)",
              SPI-4 Revision 10, May 2002.

   [SRP]      ANSI INCITS 365-2002, "SCSI RDMA Protocol (SRP)", SRP
              Revision 16a, July 2002.

Top      Up      ToC       Page 86 
Authors' Addresses

   Michele Hallak-Stamler
   Sanrad Intelligent Storage
   27 Habarzel Street
   Tel Aviv  69710
   IL

   Phone: +972 3 7674809
   EMail: michele@sanrad.com
   URI:   http://www.sanrad.com/


   Mark Bakke
   Cisco Systems, Inc.
   7900 International Drive, Suite 400
   Bloomington, MN  55425
   USA

   EMail: mbakke@cisco.com
   URI:   http://www.cisco.com/


   Yaron Lederman
   Siliquent Technologies
   21 Etzel Street
   Ramat Gan
   IL

   Phone: +972 54 5308833
   EMail: yaronled@bezeqint.net


   Marjorie Krueger
   Hewlett-Packard
   8000 Foothills Blvd
   Roseville, CA  95747
   US

   Phone: +1 916-785-2656
   EMail: marjorie_krueger@hp.com

Top      Up      ToC       Page 87 
   Keith McCloghrie
   Cisco Systems, Inc.
   170 West Tasman Drive
   San Jose, CA  95134
   US

   Phone: +1 408 526-5260
   EMail: kzm@cisco.com

Top      Up      ToC       Page 88 
Full Copyright Statement

   Copyright (C) The Internet Society (2006).

   This document is subject to the rights, licenses and restrictions
   contained in BCP 78, and except as set forth therein, the authors
   retain all their rights.

   This document and the information contained herein are provided on an
   "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
   OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
   ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
   INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
   INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
   WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.

Intellectual Property

   The IETF takes no position regarding the validity or scope of any
   Intellectual Property Rights or other rights that might be claimed to
   pertain to the implementation or use of the technology described in
   this document or the extent to which any license under such rights
   might or might not be available; nor does it represent that it has
   made any independent effort to identify any such rights.  Information
   on the procedures with respect to rights in RFC documents can be
   found in BCP 78 and BCP 79.

   Copies of IPR disclosures made to the IETF Secretariat and any
   assurances of licenses to be made available, or the result of an
   attempt made to obtain a general license or permission for the use of
   such proprietary rights by implementers or users of this
   specification can be obtained from the IETF on-line IPR repository at
   http://www.ietf.org/ipr.

   The IETF invites any interested party to bring to its attention any
   copyrights, patents or patent applications, or other proprietary
   rights that may cover technology that may be required to implement
   this standard.  Please address the information to the IETF at
   ietf-ipr@ietf.org.

Acknowledgement

   Funding for the RFC Editor function is provided by the IETF
   Administrative Support Activity (IASA).