tech-invite   World Map     

3GPP     Specs     Glossaries     Architecture     IMS     UICC       IETF     RFCs     Groups     SIP     ABNFs       Search

RFC 4544

 
 
 

Definitions of Managed Objects for Internet Small Computer System Interface (iSCSI)

Part 4 of 4, p. 72 to 83
Prev RFC Part

 


prevText      Top      Up      ToC       Page 72 
iscsiInitiatorAttributesGroup OBJECT-GROUP
    OBJECTS {
        iscsiIntrLoginFailures,
        iscsiIntrLastFailureTime,
        iscsiIntrLastFailureType,
        iscsiIntrLastTgtFailureName,
        iscsiIntrLastTgtFailureAddrType,
        iscsiIntrLastTgtFailureAddr
    }
    STATUS current
    DESCRIPTION
        "A collection of objects providing information about
        all local initiators."
::= { iscsiGroups 11 }

iscsiInitiatorLoginStatsGroup OBJECT-GROUP
    OBJECTS {
        iscsiIntrLoginAcceptRsps,
        iscsiIntrLoginOtherFailRsps,
        iscsiIntrLoginRedirectRsps,
        iscsiIntrLoginAuthFailRsps,
        iscsiIntrLoginAuthenticateFails,
        iscsiIntrLoginNegotiateFails
    }
    STATUS current
    DESCRIPTION
        "A collection of objects providing information about all
        login attempts by local initiators to remote targets."
::= { iscsiGroups 12 }

iscsiInitiatorLogoutStatsGroup OBJECT-GROUP
    OBJECTS {
        iscsiIntrLogoutNormals,
        iscsiIntrLogoutOthers
    }
    STATUS current
    DESCRIPTION
        "A collection of objects providing information about all
        logout events between local initiators and remote targets."
::= { iscsiGroups 13 }

iscsiInitiatorAuthGroup OBJECT-GROUP
    OBJECTS {
        iscsiIntrAuthRowStatus,
        iscsiIntrAuthStorageType,
        iscsiIntrAuthIdentity
    }
    STATUS current

Top      Up      ToC       Page 73 
    DESCRIPTION
        "A collection of objects providing information about all
        remote targets that are initiators of the local system
        that they are authorized to access."
::= { iscsiGroups 14 }

iscsiSessionAttributesGroup OBJECT-GROUP
    OBJECTS {
        iscsiSsnDirection,
        iscsiSsnInitiatorName,
        iscsiSsnTargetName,
        iscsiSsnTSIH,
        iscsiSsnISID,
        iscsiSsnInitiatorAlias,
        iscsiSsnTargetAlias,
        iscsiSsnInitialR2T,
        iscsiSsnImmediateData,
        iscsiSsnType,
        iscsiSsnMaxOutstandingR2T,
        iscsiSsnFirstBurstLength,
        iscsiSsnMaxBurstLength,
        iscsiSsnConnectionNumber,
        iscsiSsnAuthIdentity,
        iscsiSsnDataSequenceInOrder,
        iscsiSsnDataPDUInOrder,
        iscsiSsnErrorRecoveryLevel,
        iscsiSsnDiscontinuityTime
    }
    STATUS current
    DESCRIPTION
        "A collection of objects providing information applicable to
        all sessions."
::= { iscsiGroups 15 }

iscsiSessionPDUStatsGroup OBJECT-GROUP
    OBJECTS {
        iscsiSsnCmdPDUs,
        iscsiSsnRspPDUs
    }
    STATUS current
    DESCRIPTION
        "A collection of objects providing information about PDU
        traffic for each session."
::= { iscsiGroups 16 }

iscsiSessionOctetStatsGroup OBJECT-GROUP
    OBJECTS {
        iscsiSsnTxDataOctets,

Top      Up      ToC       Page 74 
        iscsiSsnRxDataOctets
    }
    STATUS current
    DESCRIPTION
        "A collection of objects providing information about octet
        traffic for each session using a Counter64 data type."
::= { iscsiGroups 17 }

iscsiSessionLCOctetStatsGroup OBJECT-GROUP
    OBJECTS {
        iscsiSsnLCTxDataOctets,
        iscsiSsnLCRxDataOctets
    }
    STATUS current
    DESCRIPTION
        "A collection of objects providing information about octet
        traffic for each session using a Counter32 data type."
::= { iscsiGroups 18 }

iscsiSessionCxnErrorStatsGroup OBJECT-GROUP
    OBJECTS {
        iscsiSsnCxnDigestErrors,
        iscsiSsnCxnTimeoutErrors
    }
    STATUS current
    DESCRIPTION
        "A collection of objects providing information about connection
        errors for all sessions."
::= { iscsiGroups 19 }

iscsiConnectionAttributesGroup OBJECT-GROUP
    OBJECTS {
        iscsiCxnCid,
        iscsiCxnState,
        iscsiCxnProtocol,
        iscsiCxnAddrType,
        iscsiCxnLocalAddr,
        iscsiCxnLocalPort,
        iscsiCxnRemoteAddr,
        iscsiCxnRemotePort,
        iscsiCxnMaxRecvDataSegLength,
        iscsiCxnMaxXmitDataSegLength,
        iscsiCxnHeaderIntegrity,
        iscsiCxnDataIntegrity,
        iscsiCxnRecvMarker,
        iscsiCxnSendMarker,
        iscsiCxnVersionActive
    }

Top      Up      ToC       Page 75 
    STATUS current
    DESCRIPTION
        "A collection of objects providing information about all
        connections used by all sessions."
::= { iscsiGroups 20 }

iscsiTgtLgnNotificationsGroup NOTIFICATION-GROUP
    NOTIFICATIONS {
        iscsiTgtLoginFailure
    }
    STATUS current
    DESCRIPTION
        "A collection of notifications that indicate a login
        failure from a remote initiator to a local target."
::= { iscsiGroups 21 }

iscsiIntrLgnNotificationsGroup NOTIFICATION-GROUP
    NOTIFICATIONS {
        iscsiIntrLoginFailure
    }
    STATUS current
    DESCRIPTION
        "A collection of notifications that indicate a login
        failure from a local initiator to a remote target."
::= { iscsiGroups 22 }

iscsiSsnFlrNotificationsGroup NOTIFICATION-GROUP
    NOTIFICATIONS {
        iscsiInstSessionFailure
    }
    STATUS current
    DESCRIPTION
        "A collection of notifications that indicate session
        failures occurring after login."
::= { iscsiGroups 23 }

--**********************************************************************

iscsiComplianceV1 MODULE-COMPLIANCE
    STATUS current
    DESCRIPTION
        "Initial version of compliance statement based on
        initial version of this MIB module.

        If an implementation can be both a target and an
        initiator, all groups are mandatory."
    MODULE       -- this module
    MANDATORY-GROUPS {

Top      Up      ToC       Page 76 
        iscsiInstanceAttributesGroup,
        iscsiInstanceSsnErrorStatsGroup,
        iscsiPortalAttributesGroup,
        iscsiNodeAttributesGroup,
        iscsiSessionAttributesGroup,
        iscsiSessionPDUStatsGroup,
        iscsiSessionCxnErrorStatsGroup,
        iscsiConnectionAttributesGroup,
        iscsiSsnFlrNotificationsGroup
    }

    -- Conditionally mandatory groups depending on the ability
    -- to support Counter64 data types and/or to provide counter
    -- information to SNMPv1 applications.

    GROUP iscsiSessionOctetStatsGroup
    DESCRIPTION
        "This group is mandatory for all iSCSI implementations
        that can support Counter64 data types."

    GROUP iscsiSessionLCOctetStatsGroup
    DESCRIPTION
        "This group is mandatory for all iSCSI implementations
        that provide information to SNMPv1-only applications;
        this includes agents that cannot support Counter64
        data types."

    -- Conditionally mandatory groups to be included with
    -- the mandatory groups when the implementation has
    -- iSCSI target facilities.

    GROUP iscsiTgtPortalAttributesGroup
    DESCRIPTION
        "This group is mandatory for all iSCSI implementations
        that have iSCSI target facilities."

    OBJECT iscsiPortalMaxRecvDataSegLength
    MIN-ACCESS read-only
    DESCRIPTION
        "Write access is not required."

    OBJECT iscsiNodeStorageType
    MIN-ACCESS read-only
    DESCRIPTION
        "Write access is not required; an implementation may
         choose to allow this object to be set to 'volatile'
         or 'nonVolatile'."

Top      Up      ToC       Page 77 
    GROUP iscsiTargetAttributesGroup
    DESCRIPTION
        "This group is mandatory for all iSCSI implementations
        that have iSCSI target facilities."

    GROUP iscsiTargetLoginStatsGroup
    DESCRIPTION
        "This group is mandatory for all iSCSI implementations
        that have iSCSI target facilities."

    GROUP iscsiTargetLogoutStatsGroup
    DESCRIPTION
        "This group is mandatory for all iSCSI implementations
        that have iSCSI target facilities."

    GROUP iscsiTgtLgnNotificationsGroup
    DESCRIPTION
        "This group is mandatory for all iSCSI implementations
        that have iSCSI target facilities."

    GROUP iscsiTargetAuthGroup
    DESCRIPTION
        "This group is mandatory for all iSCSI implementations
        that have iSCSI target facilities."

    -- Conditionally mandatory groups to be included with
    -- the mandatory groups when the implementation has
    -- iSCSI initiator facilities.

    GROUP iscsiIntrPortalAttributesGroup
    DESCRIPTION
        "This group is mandatory for all iSCSI implementations
        that have iSCSI initiator facilities."

    GROUP iscsiInitiatorAttributesGroup
    DESCRIPTION
        "This group is mandatory for all iSCSI implementations
        that have iSCSI initiator facilities."

    GROUP iscsiInitiatorLoginStatsGroup
    DESCRIPTION
        "This group is mandatory for all iSCSI implementations
        that have iSCSI initiator facilities."

    GROUP iscsiInitiatorLogoutStatsGroup
    DESCRIPTION
        "This group is mandatory for all iSCSI implementations
        that have iSCSI initiator facilities."

Top      Up      ToC       Page 78 
    GROUP iscsiIntrLgnNotificationsGroup
    DESCRIPTION
        "This group is mandatory for all iSCSI implementations
        that have iSCSI initiator facilities."

    GROUP iscsiInitiatorAuthGroup
    DESCRIPTION
        "This group is mandatory for all iSCSI implementations
        that have iSCSI initiator facilities."

    OBJECT       iscsiNodeErrorRecoveryLevel
    SYNTAX       Unsigned32 (0..2)
    DESCRIPTION
        "Only values 0-2 are defined at present."

::= { iscsiCompliances 1 }

END

Top      Up      ToC       Page 79 
8.  Security Considerations

   There are a number of management objects defined in this MIB module
   with a MAX-ACCESS clause of read-write and/or read-create.  Such
   objects may be considered sensitive or vulnerable in some network
   environments.  The support for SET operations in a non-secure
   environment without proper protection can have a negative effect on
   network operations.  These are the tables and objects and their
   sensitivity/vulnerability:

      iscsiPortalAttributesTable, iscsiTgtPortalAttributesTable, and
      iscsiIntrPortalAttributesTable can be used to add or remove IP
      addresses to be used by iSCSI.

      iscsiTgtAuthAttributesTable entries can be added or removed, to
      allow or disallow access to a target by an initiator.

   Some of the readable objects in this MIB module (i.e., objects with a
   MAX-ACCESS other than not-accessible) may be considered sensitive or
   vulnerable in some network environments.  It is thus important to
   control even GET and/or NOTIFY access to these objects and possibly
   to even encrypt the values of these objects when sending them over
   the network via SNMP.  These are the tables and objects and their
   sensitivity/vulnerability:

      iscsiNodeAttributesTable, iscsiTargetAttributesTable, and
      iscsiTgtAuthorization can be used to glean information needed to
      make connections to the iSCSI targets this module represents.
      However, it is the responsibility of the initiators and targets
      involved to authenticate each other to ensure that an
      inappropriately advertised or discovered initiator or target does
      not compromise their security.  These issues are discussed in
      [RFC3720].

   SNMP versions prior to SNMPv3 did not include adequate security.
   Even if the network itself is secure (for example by using IPsec),
   even then, there is no control as to who on the secure network is
   allowed to access and GET/SET (read/change/create/delete) the objects
   in this MIB module.

   It is RECOMMENDED that implementors consider the security features as
   provided by the SNMPv3 framework (see [RFC3410], section 8),
   including full support for the SNMPv3 cryptographic mechanisms (for
   authentication and privacy).

   Further, deployment of SNMP versions prior to SNMPv3 is NOT
   RECOMMENDED.  Instead, it is RECOMMENDED to deploy SNMPv3 and to
   enable cryptographic security.  It is then a customer/operator

Top      Up      ToC       Page 80 
   responsibility to ensure that the SNMP entity giving access to an
   instance of this MIB module is properly configured to give access to
   the objects only to those principals (users) that have legitimate
   rights to indeed GET or SET (change/create/delete) them.

9.  IANA Considerations

   The IANA has assigned a MIB OID number under the mib-2 branch for the
   ISCSI-MIB.

10.  Normative References

   [RFC3720]   Satran, J., Meth, K., Sapuntzakis, C., Chadalapaka, M.,
               and E. Zeidner, "Internet Small Computer Systems
               Interface (iSCSI)", RFC 3720, March 2004.

   [RFC2119]   Bradner, S., "Key words for use in RFCs to Indicate
               Requirement Levels", BCP 14, RFC 2119, March 1997.

   [RFC2578]   McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J.,
               Rose, M., and S. Waldbusser, "Structure of Management
               Information Version 2 (SMIv2)", STD 58, RFC 2578, April
               1999.

   [RFC2579]   McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J.,
               Rose, M., and S. Waldbusser, "Textual Conventions for
               SMIv2", STD 58, RFC 2579, April 1999.

   [RFC2580]   McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J.,
               Rose, M., and S. Waldbusser, "Conformance Statements for
               SMIv2", STD 58, RFC 2580, April 1999.

   [RFC4001]   Daniele, M., Haberman, B., Routhier, S., and J.
               Schoenwaelder, "Textual Conventions for Internet Network
               Addresses", RFC 4001, February 2005.

   [RFC3411]   Harrington, D., Presuhn, R., and B. Wijnen, "An
               Architecture for Describing Simple Network Management
               Protocol (SNMP) Management Frameworks", STD 62, RFC 3411,
               December 2002.

   [RFC4545]   Bakke, M. and J. Muchow, "Definitions of Managed Objects
               for IP Storage User Identity Authorization", RFC 4545,
               May 2006.

Top      Up      ToC       Page 81 
11.  Informative References

   [RFC3410]   Case, J., Mundy, R., Partain, D., and B. Stewart,
               "Introduction and Applicability Statements for Internet-
               Standard Management Framework", RFC 3410, December 2002.

   [RFC4022]   Raghunarayan, R., "Management Information Base for the
               Transmission Control Protocol (TCP)", RFC 4022, March
               2005.

   [RFC4455]   Hallak-Stamler, M., Bakke, M., Lederman, Y., Krueger, M.,
               and K. McCloghrie, "Definition of Managed Objects for
               Small Computer System Interface (SCSI) Entities", RFC
               4455, April 2006.

12.  Acknowledgements

   In addition to the authors, several people contributed to the
   development of this MIB module.  Thanks especially to those who took
   the time to participate in our weekly conference calls to build our
   requirements, object models, table structures, and attributes: John
   Hufferd, Tom McSweeney (IBM), Kevin Gibbons (Nishan Systems), Chad
   Gregory (Intel), Jack Harwood (EMC), Hari Mudaliar (Adaptec), Ie Wei
   Njoo (Agilent), Lawrence Lamers (SAN Valley), Satish Mali (Stonefly
   Networks), and William Terrell (Troika).

   Special thanks to Tom McSweeney, Ie Wei Njoo, and Kevin Gibbons, who
   wrote the descriptions for many of the tables and attributes in this
   MIB module, to Ayman Ghanem for finding and suggesting changes for
   many problems in this module, and to Keith McCloghrie for serving as
   advisor to the team.

Top      Up      ToC       Page 82 
Authors' Addresses

   Mark Bakke
   Cisco Systems, Inc
   7900 International Drive, Suite 400
   Bloomington, MN
   USA 55425

   EMail: mbakke@cisco.com


   Marjorie Krueger
   Hewlett-Packard
   Networked Storage Architecture
   Networked Storage Solutions Org.
   8000 Foothills Blvd.
   Roseville, CA
   USA 95747

   EMail: marjorie_krueger@hp.com


   Tom McSweeney
   IBM Corporation
   600 Park Offices Drive
   Research Triangle Park, NC
   USA 27709

   EMail: tommcs@us.ibm.com


   James Muchow
   Qlogic Corp.
   6321 Bury Drive
   Eden Prairie, MN
   USA 55346

   EMail: james.muchow@qlogic.com

Top      Up      ToC       Page 83 
Full Copyright Statement

   Copyright (C) The Internet Society (2006).

   This document is subject to the rights, licenses and restrictions
   contained in BCP 78, and except as set forth therein, the authors
   retain all their rights.

   This document and the information contained herein are provided on an
   "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
   OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
   ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
   INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
   INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
   WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.

Intellectual Property

   The IETF takes no position regarding the validity or scope of any
   Intellectual Property Rights or other rights that might be claimed to
   pertain to the implementation or use of the technology described in
   this document or the extent to which any license under such rights
   might or might not be available; nor does it represent that it has
   made any independent effort to identify any such rights.  Information
   on the procedures with respect to rights in RFC documents can be
   found in BCP 78 and BCP 79.

   Copies of IPR disclosures made to the IETF Secretariat and any
   assurances of licenses to be made available, or the result of an
   attempt made to obtain a general license or permission for the use of
   such proprietary rights by implementers or users of this
   specification can be obtained from the IETF on-line IPR repository at
   http://www.ietf.org/ipr.

   The IETF invites any interested party to bring to its attention any
   copyrights, patents or patent applications, or other proprietary
   rights that may cover technology that may be required to implement
   this standard.  Please address the information to the IETF at
   ietf-ipr@ietf.org.

Acknowledgement

   Funding for the RFC Editor function is provided by the IETF
   Administrative Support Activity (IASA).