iscsi_manage.8

iscsi源代码 UNH的progect 有initiator端和target端的源码

replies are not sent.
.IP "t" 4
Forces target authentication during CHAP and SRP security negotiations.
The default is not to use target confirmation 
after an initiator successfully responds to a target challenge.
Without the t option, an initiator using CHAP needs to configure only
the px and pn options, and a target using CHAP needs to configure only
the lx, ln and cl=<size> options with matching values.
With the t option, both initiator and target
need to configure both pairs of matching options in order to complete the
CHAP negotiation successfully.
.IP "b" 4
During security negotiations,
forces reply key values
that are large binary numbers to be formated and sent using base64 format.
The default is hex format.
.IP "xok" 4
Forces the responder during negotiations to reply to an X- or X# key with
the value recieved, rather than with NotUnderstood.
.IP "tk1" 4
Forces the target to responde to SendTargets requests by sending only one
key=value per Text Response pdu.
(Target only, illegal on initiator.)
.IP "n=<number>" 4
Forces sending of nops at a periodic interval, which is given in seconds
by the number.
.IP "p=<number>" 4
Forces the initiator to retransmit any command that has not
seen any activity from target for p seconds.
On the target, forces the phase collapse on the last DataIn pdu in a command
 as follows:
.br
	p=0\ \ never use phase collapse -- the default.
.br
	p=1\ \ always use phase collapse.
.br
	p=2\ \ alternate use of phase collapse
(i.e., use it when first possible, then don't use it, then use it again, then don't, etc.).
.IP "sch=<number>" 4
Forces the initiator to use one of the following scheduling algorithms
for dispatching commands over multiple connections within a single session: 
.br
	sch=0\ \ all commands send on first connection -- the default.  
.br
	sch=1\ \ distribute commands over all connections in a round-robin fashion.
.br
	sch=2\ \ map each LUN onto exactly one connection.  When a new lun is brought up, it is
permanently assigned to the connection having the fewest luns assigned at that time.
(Initiator only, illegal on target.)
.IP "r2tp=<number>" 4
Forces the time-out value for the target's R2T timer to be the number in seconds.
(Target only, illegal on initiator.)
.IP "isidt=<number>" 4
Forces the initiator to offer this ISID type on a login.  <number> must be
0, 1, 2 or 3 only.  The default type is 2.
See Section 10.12.5 of RFC 3720 for details on the
structure of the ISID.
(Initiator only, illegal on target.)
.IP "isidn=<number>" 4
Forces the initiator to offer this ISID number on a login.
When isidt is 0, isidn is the 22-bit OUI.
When isidt is 1, isidn is the 24-bit EN.
When isidt is 2, isidn is the 24-bit random value.
When isidt is 3, isidn is ignored.
The default is 0x123456.
See Section 10.12.5 of RFC 3720 for details on the
structure of the ISID.
(Initiator only, illegal on target.)
.IP "isidq=<number>" 4
Forces the initiator to offer this ISID qualifier on a login.
When isidt is 0, isidq is the 24-bit qualifier.
When isidt is 1 or 2, isidq is the 16-bit qualifier.
When isidt is 3, isidq is ignored.
The default is 0x789a.
See Section 10.12.5 of RFC 3720 for details on the
structure of the ISID.
(Initiator only, illegal on target.)
.IP "cl=<number>" 4
Forces the
length in bytes of the large-binary-value generated as 
the value of a CHAP challenge value when sending a challenge.
The min/maximum allowed are 256 to 1024. cl always needs set to a value on the target. There is no default.
.IP "px=<string>" 4
Forces the use of <string> as the peer secret
when generating the CHAP_R response to send back
in response to a previously received CHAP_C challenge.
There is no default value, so a "px" value must be
forced on an initiator that wants to use CHAP authentication,
and on a target that wants to use CHAP target authentication.
.IP "pn=<string" 4
Forces the use of <string> as the peer name
when generating the CHAP_N response to send back
in response to a previously received CHAP_C challenge.
There is no default value, so a "pn" value must be
forced on an initiator that wants to use CHAP authentication,
and on a target that wants to use CHAP target authentication.
.IP "lx=<string>" 4
Forces the use of <string> as the local secret
when generating CHAP_C challenges to be sent,
and when checking CHAP_R responses received back in response 
to the challenge.
There is no default value, so an "lx" value must be
forced on a target that wants to use CHAP authentication,
and on an initiator that wants to use CHAP target authentication.
.IP "ln=<string>" 4
Forces the use of <string> as the local name
to check against the CHAP_N value received back in response
to a challenge.
There is no default value, so an "ln" value must be
forced on a target that wants to use CHAP authentication,
and on an initiator that wants to use CHAP target authentication.
.IP "sx=<string>" 4
Forces the use of <string> as the SRP secret when 
generating and checking SRP challenges.
There is no default value, so an "sx" 
value must be forced if SRP authentication is to 
be used.
.IP "sn=<string>" 4
Forces the use of <string> as the SRP name
when generating and checking the SRP_U key.
There is no default value, so an "sn" value must be forced if
SRP authentication is to be used.
.IP "sg=SRP-768|SRP-1024|SRP-1280|SRP-1536|SRP-2048" 4
Forces the initiator to use the indicated group during
SRP authentication.
The default is SRP_1536 if no "sg" value is forced.
(Initiator only, illegal on target.)
.IP "V=<number>" 4
Turns on Verbose mode, which causes the module to write messages
to /var/log/messages.  <number> turns on bits as defined in the
file common/debug.h.

.PP
If the action is "snack", the parameter=value forms are:
.IP "a=y|n" 4
On the target, indicates if the A bit should be set on the
last DataIn pdu in each sequence (i.e., on all DataIn pdus with
the F bit set) in order to provoke a DataACK SNACK back from
the initiator.  (Target only, illegal on initiator.)
.IP "d=y|n" 4
Indicates if the data snack is enabled (y) or not (n).
This is used by both initiator and target modules.
.IP "s=y|n" 4
Indicates if the status snack is enabled (y) or not (n).
This is used by both initiator and target modules.
.IP "h=<number>" 4
Indicates how the UNH target module will handle the data snack request.
The target may either retransmit or reject a data snack request:  
.Vb 2
\&         1 \- data retransmission
\&         2 \- snack reject
.Ve

.SH EXAMPLES

.IP "\(bu" 4
If the initiator wants to restore the default values of all the
parameters to its original state (state when the module was
initially loaded) for session 1
.Vb 1
\&   iscsi_manage init restore target=1
.Ve

.IP "\(bu" 4
If the initiator wants to offer no authentication for session creation
.Vb 2
\&   iscsi_manage init set AuthMethod=none
\&   iscsi_manage init set Sessiontype=Normal
.Ve

.IP "\(bu" 4
If the initiator wants to offer SRP authentication for a discovery session
.Vb 5
\&   iscsi_manage init set AuthMethod=SRP,None 
\&   iscsi_manage init set Sessiontype=Discovery
\&   iscsi_manage init force sx="secret"    (used in all challenges)
\&   iscsi_manage init force cn="name"      (used in all challenges)
\&   iscsi_manage init force sg=SRP-768
.Ve

.IP "\(bu" 4
If the initiator wants to offer CHAP authentication for session creation
.Vb 5
\&   iscsi_manage init set AuthMethod=CHAP,None  (or some other list)
\&   iscsi_manage init set Sessiontype=Discovery
\&   iscsi_manage init force px="peer secret"    (1st challenge)
\&   iscsi_manage init force pn="peer name"      (1st challenge)
\&   iscsi_manage init force cl=256              (length)
.Ve

.IP "\(bu" 4
If the initiator wants to offer CHAP authentication with an target
challenge for session creation
.Vb 8
\&   iscsi_manage init set AuthMethod=CHAP,None  (or some other list)
\&   iscsi_manage init set Sessiontype=Discovery
\&   iscsi_manage init force px="peer secret"    (1st challenge)
\&   iscsi_manage init force pn="peer name"      (1st challenge)
\&   iscsi_manage init force cl=256              (length)
\&   iscsi_manage init force t
\&   iscsi_manage init force lx="local secret"   (2nd challenge)
\&   iscsi_manage init force ln="local name"     (2nd challenge)
.Ve

.IP "\(bu" 4
If the initiator supports both the options (Yes/No) but likes
the no value as the default for InitialR2T, then we might want 
to configure the initiator like this
.Vb 1
\&   iscsi_manage init set InitialR2T=No
.Ve

.IP "\(bu" 4
If the initiator wants to change the default behavior of
the key InitialR2T (from Yes to No) but does not want to
negotiate this
with the target (presumably for purposes of testing the target), use
.Vb 1
\&   iscsi_manage init setp InitialR2T=No
.Ve

.IP "\(bu" 4
If the initiator wants to use up to 5 (for example) connections
within a single session, but is able to use fewer, it should use
.Vb 1
\&   iscsi_manage initiator set MaxConnections=5
.Ve

The target will reply with a number in the range [1..5] indicating
the actual number that the target can support (and therefore, that
the initiator can use).
.IP "\(bu" 4
If the initiator must be able to use up to 3 (for example) connections
within a single session,
it has to use:
.Vb 1
\&   iscsi_manage initiator setr MaxConnections=3
.Ve

This will cause the initiator to fail the login negotiations if the target
responds to this offer with a value less than 3 (indicating that
it cannot support 3 connections within a single session).
.IP "\(bu" 4
If the target can accept just a single connection within a session,
it can just leave the MaxConnections parameter at the default value,
which is 1.  It can also explicitly set it using either
.Vb 1
\&   iscsi_manage target set MaxConnections=1
.Ve
or 
.Vb 1
\&   iscsi_manage target setr MaxConnections=1
.Ve

.IP "\(bu" 4
If the initiator wants to force NopOut PDUs to be sent to the
target if there has been no activity on a connection for more 
than 20 seconds, then use
.Vb 1
\&   iscsi_manage init force n=20
.Ve

.IP "\(bu" 4
To enable the initiator to print a minimal trace of its actions
to /var/log/messages
(assuming the initiator was compiled to generate such information)
.Vb 1
\&   iscsi_manage init force V=4
.Ve

.SH NOTES
.PP
Generally, an iscsi_config(8) command must be executed after iscsi_manage 
command(s) are issued for the majority of the Text Login options
to take affect. These commands are typically executed from 
the UNH startup scripts found at /opt/unh/iscsi/conf. 

.SH BUGS
.PP
Report bugs to <unh_iscsi_bugs@lists.sourceforge.net>

.SH COPYRIGHT
.PP
Copyright (c) 2003-2004 UNH Interoperability Lab.
This is free software; see the source for copying conditions.
There is NO warranty; not even for MERCHANTABILITY 
or FITNESS FOR A PARTICULAR PURPOSE.

.SH SEE ALSO
.PP
iscsi_config(8)