📄 rfc3721.txt
字号:
Network Working Group M. Bakke
Request for Comments: 3721 Cisco
Category: Informational J. Hafner
J. Hufferd
K. Voruganti
IBM
M. Krueger
Hewlett-Packard
April 2004
Internet Small Computer Systems Interface (iSCSI)
Naming and Discovery
Status of this Memo
This memo provides information for the Internet community. It does
not specify an Internet standard of any kind. Distribution of this
memo is unlimited.
Copyright Notice
Copyright (C) The Internet Society (2004). All Rights Reserved.
Abstract
This document provides examples of the Internet Small Computer
Systems Interface (iSCSI; or SCSI over TCP) name construction and
discussion of discovery of iSCSI resources (targets) by iSCSI
initiators. This document complements the iSCSI protocol document.
Flexibility is the key guiding principle behind this document. That
is, an effort has been made to satisfy the needs of both small
isolated environments, as well as large environments requiring
secure/scalable solutions.
Bakke, et al. Informational [Page 1]
RFC 3721 iSCSI Naming and Discovery April 2004
Table of Contents
1. iSCSI Names and Addresses. . . . . . . . . . . . . . . . . . . 3
1.1. Constructing iSCSI names using the iqn. format . . . . . 5
1.2. Constructing iSCSI names using the eui. format . . . . . 8
2. iSCSI Alias. . . . . . . . . . . . . . . . . . . . . . . . . . 8
2.1. Purpose of an Alias. . . . . . . . . . . . . . . . . . . 8
2.2. Target Alias . . . . . . . . . . . . . . . . . . . . . . 9
2.3. Initiator Alias. . . . . . . . . . . . . . . . . . . . . 10
3. iSCSI Discovery. . . . . . . . . . . . . . . . . . . . . . . . 12
4. Security Considerations. . . . . . . . . . . . . . . . . . . . 13
5. References . . . . . . . . . . . . . . . . . . . . . . . . . . 13
5.1. Normative References . . . . . . . . . . . . . . . . . . 13
5.2. Informative References . . . . . . . . . . . . . . . . . 14
6. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 14
Appendix A: iSCSI Naming Notes. . . . . . . . . . . . . . . . . . 15
Appendix B: Interaction with Proxies and Firewalls. . . . . . . . 16
B.1. Port Redirector . . . . . . . . . . . . . . . . 16
B.2. SOCKS server. . . . . . . . . . . . . . . . . . 17
B.3. SCSI gateway. . . . . . . . . . . . . . . . . . 17
B.4. iSCSI Proxy . . . . . . . . . . . . . . . . . . 18
B.5. Stateful Inspection Firewall. . . . . . . . . . 18
Appendix C: iSCSI Names and Security Identifiers. . . . . . . . . 19
Authors' Addresses. . . . . . . . . . . . . . . . . . . . . . . . 21
Full Copyright Statement. . . . . . . . . . . . . . . . . . . . . 22
Bakke, et al. Informational [Page 2]
RFC 3721 iSCSI Naming and Discovery April 2004
1. iSCSI Names and Addresses
The main addressable, discoverable entity in iSCSI is an iSCSI Node.
An iSCSI node can be either an initiator, a target, or both. The
rules for constructing an iSCSI name are specified in [RFC3720].
This document provides examples of name construction that might be
used by a naming authority.
Both targets and initiators require names for the purpose of
identification, so that iSCSI storage resources can be managed
regardless of location (address). An iSCSI name is the unique
identifier for an iSCSI node, and is also the SCSI device name [SAM2]
of an iSCSI device. The iSCSI name is the principal object used in
authentication of targets to initiators and initiators to targets.
This name is also used to identify and manage iSCSI storage
resources.
Furthermore, iSCSI names are associated with iSCSI nodes instead of
with network adapter cards to ensure the free movement of network
HBAs between hosts without loss of SCSI state information
(reservations, mode page settings etc) and authorization
configuration.
An iSCSI node also has one or more addresses. An iSCSI address
specifies a single path to an iSCSI node and consists of the iSCSI
name, plus a transport (TCP) address which uses the following format:
<domain-name>[:<port>]
Where <domain-name> is one of:
- IPv4 address, in dotted decimal notation. Assumed if the name
contains exactly four numbers, separated by dots (.), where each
number is in the range 0..255.
- IPv6 address, in colon-separated hexadecimal notation, as
specified in [RFC3513] and enclosed in "[" and "]" characters, as
specified in [RFC2732].
- Fully Qualified Domain Name (host name). Assumed if the <domain-
name> is neither an IPv4 nor an IPv6 address.
For iSCSI targets, the <port> in the address is optional; if
specified, it is the TCP port on which the target is listening for
connections. If the <port> is not specified, the default port 3260,
assigned by IANA, will be assumed. For iSCSI initiators, the <port>
is omitted.
Bakke, et al. Informational [Page 3]
RFC 3721 iSCSI Naming and Discovery April 2004
Examples of addresses:
192.0.2.2
192.0.2.23:5003
[FEDC:BA98:7654:3210:FEDC:BA98:7654:3210]
[1080:0:0:0:8:800:200C:417A]
[3ffe:2a00:100:7031::1]
[1080::8:800:200C:417A]
[1080::8:800:200C:417A]:3260
[::192.0.2.5]
mydisks.example.com
moredisks.example.com:5003
The concepts of names and addresses have been carefully separated in
iSCSI:
- An iSCSI Name is a location-independent, permanent identifier for
an iSCSI node. An iSCSI node has one iSCSI name, which stays
constant for the life of the node. The terms "initiator name" and
"target name" also refer to an iSCSI name.
- An iSCSI Address specifies not only the iSCSI name of an iSCSI
node, but also a location of that node. The address consists of a
host name or IP address, a TCP port number (for the target), and
the iSCSI Name of the node. An iSCSI node can have any number of
addresses, which can change at any time, particularly if they are
assigned via DHCP.
A similar analogy exists for people. A person in the USA might be:
Robert Smith
SSN+DateOfBirth: 333-44-5555 14-MAR-1960
Phone: +1 (763) 555.1212
Home Address: 555 Big Road, Minneapolis, MN 55444
Work Address: 222 Freeway Blvd, St. Paul, MN 55333
In this case, Robert's globally unique name is really his Social
Security Number plus Date of Birth. His common name, "Robert Smith",
is not guaranteed to be unique. Robert has three locations at which
he may be reached; two Physical addresses, and a phone number.
In this example, Robert's SSN+DOB is like the iSCSI Name (date of
birth is required to disambiguate SSNs that have been reused), his
phone number and addresses are analogous to an iSCSI node's TCP
addresses, and "Robert Smith" would be a human-friendly label for
this person.
Bakke, et al. Informational [Page 4]
RFC 3721 iSCSI Naming and Discovery April 2004
To assist in providing a more human-readable user interface for
devices that contain iSCSI targets and initiators, a target or
initiator may also provide an alias. This alias is a simple UTF-8
string, is not globally unique, and is never interpreted or used to
identify an initiator or device within the iSCSI protocol. Its use
is described further in section 2.
1.1. Constructing iSCSI names using the iqn. format
The iSCSI naming scheme was constructed to give an organizational
naming authority the flexibility to further subdivide the
responsibility for name creation to subordinate naming authorities.
The iSCSI qualified name format is defined in [RFC3720] and contains
(in order):
- The string "iqn."
- A date code specifying the year and month in which the
organization registered the domain or sub-domain name used as the
naming authority string.
- The organizational naming authority string, which consists of a
valid, reversed domain or subdomain name.
- Optionally, a ':', followed by a string of the assigning
organization's choosing, which must make each assigned iSCSI name
unique.
The following is an example of an iSCSI qualified name from an
equipment vendor:
Organizational Subgroup Naming Authority
Naming and/or string Defined by
Type Date Auth Org. or Local Naming Authority
+--++-----+ +---------+ +--------------------------------+
| || | | | | |
iqn.2001-04.com.example:diskarrays-sn-a8675309
Where:
"iqn" specifies the use of the iSCSI qualified name as the
authority.
Bakke, et al. Informational [Page 5]
RFC 3721 iSCSI Naming and Discovery April 2004
"2001-04" is the year and month on which the naming authority
acquired the domain name used in this iSCSI name. This is used to
ensure that when domain names are sold or transferred to another
organization, iSCSI names generated by these organizations will be
unique.
"com.example" is a reversed DNS name, and defines the
organizational naming authority. The owner of the DNS name
"example.com" has the sole right of use of this name as this part
of an iSCSI name, as well as the responsibility to keep the
remainder of the iSCSI name unique. In this case, example.com
happens to manufacture disk arrays.
"diskarrays" was picked arbitrarily by example.com to identify the
disk arrays they manufacture. Another product that ACME makes
might use a different name, and have its own namespace independent
of the disk array group. The owner of "example.com" is
responsible for keeping this structure unique.
"sn" was picked by the disk array group of ACME to show that what
follows is a serial number. They could have just assumed that all
iSCSI Names are based on serial numbers, but they thought that
perhaps later products might be better identified by something
else. Adding "sn" was a future-proof measure.
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -