< draft-ietf-storm-iscsimib-03.txt   draft-ietf-storm-iscsimib-04.txt >
INTERNET-DRAFT Mark Bakke INTERNET-DRAFT Mark Bakke
STORM Working Group Dell STORM Working Group Dell
Intended status: Proposed Standard Prakash Venkatesen Intended status: Proposed Standard Prakash Venkatesen
Expires: April 2013 HCL Technologies Expires: October 2013 HCL Technologies
Obsoletes: 4544 October 3, 2012 Obsoletes: 4544 April 2, 2013
Definitions of Managed Objects for Internet Small Computer System Definitions of Managed Objects for Internet Small Computer System
Interface (iSCSI) Interface (iSCSI)
draft-ietf-storm-iscsimib-03.txt draft-ietf-storm-iscsimib-04.txt
Status of this Memo Status of this Memo
This Internet-Draft is submitted to IETF in full conformance with the This Internet-Draft is submitted to IETF in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet- other groups may also distribute working documents as Internet-
Drafts. Drafts.
skipping to change at page 1, line 33 skipping to change at page 1, line 33
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt http://www.ietf.org/ietf/1id-abstracts.txt
The list of Internet-Draft Shadow Directories can be accessed at The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html http://www.ietf.org/shadow.html
This Internet-Draft will expire on April 3, 2013. This Internet-Draft will expire on October 2, 2013.
Copyright Notice Copyright Notice
Copyright (c) 2012 IETF Trust and the persons identified as the Copyright (c) 2013 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
skipping to change at page 2, line 36 skipping to change at page 2, line 36
This document obsoletes RFC4544. This document obsoletes RFC4544.
Table of Contents Table of Contents
1. The Internet-Standard Management Framework.....................3 1. The Internet-Standard Management Framework.....................3
2. Introduction...................................................3 2. Introduction...................................................3
3. Relationship to Other MIB Modules..............................3 3. Relationship to Other MIB Modules..............................3
4. Relationship to SNMP Contexts..................................4 4. Relationship to SNMP Contexts..................................4
5. Differences from RFC 4544......................................5 5. Differences from RFC 4544......................................5
6. Discussion.....................................................5 6. Discussion.....................................................5
6.1. iSCSI MIB Object Model....................................5 6.1. iSCSI MIB Object Model....................................6
6.2. iSCSI MIB Table Structure.................................6 6.2. iSCSI MIB Table Structure.................................7
6.3. iscsiInstance.............................................7 6.3. iscsiInstance.............................................8
6.4. iscsiPortal...............................................8 6.4. iscsiPortal...............................................8
6.5. iscsiTargetPortal.........................................9 6.5. iscsiTargetPortal.........................................9
6.6. iscsiInitiatorPortal......................................9 6.6. iscsiInitiatorPortal.....................................10
6.7. iscsiNode................................................10 6.7. iscsiNode................................................10
6.8. iscsiTarget..............................................11 6.8. iscsiTarget..............................................11
6.9. iscsiTgtAuthorization....................................11 6.9. iscsiTgtAuthorization....................................11
6.10. iscsiInitiator..........................................11 6.10. iscsiInitiator..........................................11
6.11. iscsiIntrAuthorization..................................11 6.11. iscsiIntrAuthorization..................................12
6.12. iscsiSession............................................11 6.12. iscsiSession............................................12
6.13. iscsiConnection.........................................12 6.13. iscsiConnection.........................................12
6.14. IP Addresses and TCP Port Numbers.......................13 6.14. IP Addresses and TCP Port Numbers.......................13
6.15. Descriptors: Using OIDs in Place of Enumerated Types....13 6.15. Descriptors: Using OIDs in Place of Enumerated Types....13
6.16. Notifications...........................................13 6.16. Notifications...........................................13
7. MIB Definition................................................14 7. MIB Definition................................................14
8. Security Considerations.......................................85 8. Security Considerations.......................................85
9. IANA Considerations...........................................86 9. IANA Considerations...........................................86
10. References...................................................86 10. References...................................................87
10.1. Normative References....................................86 10.1. Normative References....................................87
10.2. Informative References..................................87 10.2. Informative References..................................88
11. Acknowledgments..............................................88 11. Acknowledgments..............................................89
1. The Internet-Standard Management Framework 1. The Internet-Standard Management Framework
For a detailed overview of the documents that describe the current For a detailed overview of the documents that describe the current
Internet-Standard Management Framework, please refer to section 7 of Internet-Standard Management Framework, please refer to section 7 of
RFC 3410 [RFC3410]. RFC 3410 [RFC3410].
Managed objects are accessed via a virtual information store, termed Managed objects are accessed via a virtual information store, termed
the Management Information Base or MIB. MIB objects are generally the Management Information Base or MIB. MIB objects are generally
accessed through the Simple Network Management Protocol (SNMP). accessed through the Simple Network Management Protocol (SNMP).
skipping to change at page 3, line 38 skipping to change at page 3, line 38
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in "OPTIONAL" in this document are to be interpreted as described in
[RFC2119]. [RFC2119].
2. Introduction 2. Introduction
-- RFC Editor:replace cccc in RFCcccc at all the places in which it is -- RFC Editor:replace cccc in RFCcccc at all the places in which it is
-- used in this document, with the RFC number assigned to -- used in this document, with the RFC number assigned to
-- draft-ietf-storm-iscsi-cons-08 & remove this note.
This document defines a MIB module for iSCSI [RFCcccc], used to This document defines a MIB module for iSCSI [RFCcccc], used to
manage devices that implement the iSCSI protocol. It obsoletes RFC manage devices that implement the iSCSI protocol. It obsoletes RFC
4544 [RFC4544]. 4544 [RFC4544].
3. Relationship to Other MIB Modules 3. Relationship to Other MIB Modules
The iSCSI MIB module is normally layered between the SCSI MIB module The iSCSI MIB module is normally layered between the SCSI MIB module
[RFC4455] and the TCP MIB module [RFC4022], and makes use of the IP [RFC4455] and the TCP MIB module [RFC4022], and makes use of the IP
Storage (IPS) Identity Authentication MIB module [RFC4545]. Here is Storage (IPS) Identity Authentication MIB module [RFC4545]. Here is
skipping to change at page 5, line 16 skipping to change at page 5, line 16
[RFCcccc] updates several RFCs, including [RFC3720]. This document [RFCcccc] updates several RFCs, including [RFC3720]. This document
updates the iSCSI MIB correspondingly. The document uses updates the iSCSI MIB correspondingly. The document uses
iSCSIProtocolLevel as defined in [RFCssss]. It obsoletes [RFC4544]. iSCSIProtocolLevel as defined in [RFCssss]. It obsoletes [RFC4544].
Below is a brief description of the changes: Below is a brief description of the changes:
. Added iscsiInstXNodeArchitecture to InstanceAttributes . Added iscsiInstXNodeArchitecture to InstanceAttributes
. Added iscsiSsnTaskReporting of type BITS to SessionAttributes . Added iscsiSsnTaskReporting of type BITS to SessionAttributes
. Added iscsiSsnProtocolLevel to SessionAttributes . Added iscsiSsnProtocolLevel to SessionAttributes
. Deprecated the marker objects . Deprecated the marker objects
. Changed the conformance statements to match the above
. Fixed the errata to [RFC4544] . Fixed the errata to [RFC4544]
. Added NOP counters at iSCSI session scope for heartbeat tracking
. Added port number to the iscsiTgtLoginFailure and
iscsiIntrLoginFailure notifications, and to the last failure info
in iscsiInitiatorAttributesEntry
. Added description string to the iSCSI portal
. Added iscsiInstSsnTgtUnmappedErrors to support "Target Unmapped"
session failure reporting in the iscsiInstSessionFailure
notification
. Added iscsiTgtLogoutCxnClosed and iscsiTgtLogoutCxnRemoved which
maintain the count of Logout Command PDUs received by the target
with reason codes 1 and 2 respectively
. Changed the conformance statements to match the above
6. Discussion 6. Discussion
This MIB module structure supplies configuration, fault, and This MIB module structure supplies configuration, fault, and
statistics information for iSCSI devices [RFCcccc]. It is structured statistics information for iSCSI devices [RFCcccc]. It is structured
around the well-known iSCSI objects, such as targets, initiators, around the well-known iSCSI objects, such as targets, initiators,
sessions, connections, and the like. sessions, connections, and the like.
This MIB module may also be used to configure access to iSCSI This MIB module may also be used to configure access to iSCSI
targets, by creating iSCSI Portals and authorization list entries. targets, by creating iSCSI Portals and authorization list entries.
skipping to change at page 79, line 33 skipping to change at page 79, line 46
} }
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"A collection of objects providing information about all "A collection of objects providing information about all
connections used by all sessions." connections used by all sessions."
::= { iscsiGroups 25 } ::= { iscsiGroups 25 }
iscsiNewObjectsV2 OBJECT-GROUP iscsiNewObjectsV2 OBJECT-GROUP
OBJECTS { OBJECTS {
iscsiInstSsnTgtUnmappedErrors, iscsiInstXNodeArchitecture,
iscsiPortalDescr, iscsiSsnTaskReporting,
iscsiSsnProtocolLevel,
iscsiSsnNopReceivedPDUs,
iscsiSsnNopSentPDUs,
iscsiIntrLastTgtFailurePort,
iscsiTgtLastIntrFailurePort, iscsiTgtLastIntrFailurePort,
iscsiPortalDescr,
iscsiInstSsnTgtUnmappedErrors,
iscsiTgtLogoutCxnClosed, iscsiTgtLogoutCxnClosed,
iscsiTgtLogoutCxnRemoved, iscsiTgtLogoutCxnRemoved
iscsiIntrLastTgtFailurePort,
iscsiSsnNopReceivedPDUs,
iscsiSsnNopSentPDUs
} }
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"A collection of objects added in the second version of the "A collection of objects added in the second version of the
iSCSI MIB. This group is unconditionally optional for iSCSI MIB."
compliance to the MIB module."
::= { iscsiGroups 26 } ::= { iscsiGroups 26 }
--********************************************************************** --**********************************************************************
iscsiComplianceV1 MODULE-COMPLIANCE iscsiComplianceV1 MODULE-COMPLIANCE
STATUS deprecated STATUS deprecated
DESCRIPTION DESCRIPTION
"Initial version of compliance statement. "Initial version of compliance statement.
If an implementation can be both a target and an If an implementation can be both a target and an
skipping to change at page 85, line 6 skipping to change at page 85, line 21
GROUP iscsiInitiatorAuthGroup GROUP iscsiInitiatorAuthGroup
DESCRIPTION DESCRIPTION
"This group is mandatory for all iSCSI implementations "This group is mandatory for all iSCSI implementations
that have iSCSI initiator facilities." that have iSCSI initiator facilities."
OBJECT iscsiNodeErrorRecoveryLevel OBJECT iscsiNodeErrorRecoveryLevel
SYNTAX Unsigned32 (0..2) SYNTAX Unsigned32 (0..2)
DESCRIPTION DESCRIPTION
"Only values 0-2 are defined at present." "Only values 0-2 are defined at present."
-- Unconditionally optional groups
GROUP iscsiNewObjectsV2 GROUP iscsiNewObjectsV2
DESCRIPTION DESCRIPTION
"This group is unconditionally optional." "This group is mandatory for all iSCSI implementations
that support a value of the iSCSIProtocolLevel key of
2 or greater."
::= { iscsiCompliances 2 } ::= { iscsiCompliances 2 }
END END
8. Security Considerations 8. Security Considerations
There are a number of management objects defined in this MIB module There are a number of management objects defined in this MIB module
with a MAX-ACCESS clause of read-write and/or read-create. Such with a MAX-ACCESS clause of read-write and/or read-create. Such
objects may be considered sensitive or vulnerable in some network objects may be considered sensitive or vulnerable in some network
skipping to change at page 86, line 7 skipping to change at page 86, line 22
inappropriately advertised or discovered initiator or target does inappropriately advertised or discovered initiator or target does
not compromise their security. These issues are discussed in not compromise their security. These issues are discussed in
[RFCcccc]. [RFCcccc].
SNMP versions prior to SNMPv3 did not include adequate security. SNMP versions prior to SNMPv3 did not include adequate security.
Even if the network itself is secure (for example by using IPsec), Even if the network itself is secure (for example by using IPsec),
even then, there is no control as to who on the secure network is even then, there is no control as to who on the secure network is
allowed to access and GET/SET (read/change/create/delete) the objects allowed to access and GET/SET (read/change/create/delete) the objects
in this MIB module. in this MIB module.
It is RECOMMENDED that implementers consider the security features as Implementations SHOULD provide the security features described by the
provided by the SNMPv3 framework (see [RFC3410], section 8), SNMPv3 framework (see [RFC3410]), and implementations claiming
including full support for SNMPv3 cryptographic mechanisms (for compliance to the SNMPv3 standard MUST include full support for
authentication and privacy). authentication and privacy via the User-based Security Model (USM)
[RFC3414] with the AES cipher algorithm [RFC3826]. Implementations
MAY also provide support for the Transport Security Model (TSM)
[RFC5591] in combination with a secure transport such as SSH[RFC5592]
or TLS/DTLS [RFC6353].
Further, deployment of SNMP versions prior to SNMPv3 is NOT Further, deployment of SNMP versions prior to SNMPv3 is NOT
RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to
enable cryptographic security. It is then a customer/operator enable cryptographic security. It is then a customer/operator
responsibility to ensure that the SNMP entity giving access to an responsibility to ensure that the SNMP entity giving access to an
instance of this MIB module is properly configured to give access to instance of this MIB module is properly configured to give access to
the objects only to those principals (users) that have legitimate the objects only to those principals (users) that have legitimate
rights to indeed GET or SET (change/create/delete) them. rights to indeed GET or SET (change/create/delete) them.
9. IANA Considerations 9. IANA Considerations
The MIB module in this document uses the following IANA-assigned The MIB module in this document uses the following IANA-assigned
OBJECT IDENTIFIER values recorded in the SMI Numbers registry: OBJECT IDENTIFIER values recorded in the SMI Numbers registry:
Descriptor OBJECT IDENTIFIER value Descriptor OBJECT IDENTIFIER value
---------- ----------------------- ---------- -----------------------
iscsiMibModule { mib-2 142 } iscsiMibModule { mib-2 142 }
RFC Editor's Note (to be removed prior to publication): this draft RFC Editor's Note (to be removed prior to publication): this draft
makes no additional requests of the IANA. makes no additional requests of the IANA. IANA is required to update
the reference for the mib-2 142 to this document.
10. References 10. References
10.1. Normative References 10.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997. Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC2578] McCloghrie, K., Perkins, D., and J. Schoenwaelder, [RFC2578] McCloghrie, K., Perkins, D., and J. Schoenwaelder,
"Structure of Management Information Version 2 (SMIv2)", "Structure of Management Information Version 2 (SMIv2)",
skipping to change at page 87, line 14 skipping to change at page 87, line 31
[RFC2580] McCloghrie, K., Perkins, D., and J. Schoenwaelder, [RFC2580] McCloghrie, K., Perkins, D., and J. Schoenwaelder,
"Conformance Statements for SMIv2", STD 58, RFC 2580, "Conformance Statements for SMIv2", STD 58, RFC 2580,
April 1999. April 1999.
[RFC3411] Harrington, D., Presuhn, R., and B. Wijnen, "An [RFC3411] Harrington, D., Presuhn, R., and B. Wijnen, "An
Architecture for Describing Simple Network Management Architecture for Describing Simple Network Management
Protocol (SNMP) Management Frameworks", STD 62, RFC 3411, Protocol (SNMP) Management Frameworks", STD 62, RFC 3411,
December 2002. December 2002.
[RFC3414] Blumenthal, U., and B. Wijnen,
"User-based Security Model (USM) for version 3 of the
Simple Network Management Protocol (SNMPv3)", RFC 3414,
December 2002.
[RFC3720] Satran, J., Meth, K., Sapuntzakis, C., Chadalapaka, M., [RFC3720] Satran, J., Meth, K., Sapuntzakis, C., Chadalapaka, M.,
and E. Zeidner, "Internet Small Computer Systems and E. Zeidner, "Internet Small Computer Systems
Interface (iSCSI)", RFC 3720, March 2004. Interface (iSCSI)", RFC 3720, March 2004.
[RFC3826] Blumenthal, U., Maino, F., and K. McCloghrie,
"The Advanced Encryption Standard (AES) Cipher
Algorithm in the SNMP User-based Security Model",
RFC 3826, June 2004.
[RFC4001] Daniele, M., Haberman, B., Routhier, S., and J. [RFC4001] Daniele, M., Haberman, B., Routhier, S., and J.
Schoenwaelder, "Textual Conventions for Internet Network Schoenwaelder, "Textual Conventions for Internet Network
Addresses", RFC 4001, February 2005. Addresses", RFC 4001, February 2005.
[RFC4545] Bakke, M. and J. Muchow, "Definitions of Managed Objects [RFC4545] Bakke, M. and J. Muchow, "Definitions of Managed Objects
for IP Storage User Identity Authorization", RFC 4545, for IP Storage User Identity Authorization", RFC 4545,
May 2006. May 2006.
[RFCcccc] Chadalapaka, M., Satran, J., and K. Meth, "iSCSI [RFC5591] Harrington, D., and W. Hardaker,
Protocol (Consolidated)", RFC cccc, mmyy "Transport Security Model for the Simple Network
Management Protocol (SNMP)", June 2009.
[RFC5592] Harrington, D., Saloway, J., and W. Hardaker,
"Secure Shell Transport Model for the Simple Network
Management Protocol (SNMP)", June 2009.
[RFC6353] W. Hardaker, "Transport Layer Security (TLS) Transport
Model for the Simple Network Management Protocol (SNMP)",
July 2011.
[RFCcccc] Chadalapaka, M., Satran, J., and K. Meth, "iSCSI
Protocol (Consolidated)", RFC cccc, mmyy.
-- RFC Editor:replace cccc with the RFC number assigned to -- RFC Editor:replace cccc with the RFC number assigned to
-- draft-ietf-storm-iscsi-cons-08 & remove this note.
-- RFC Editor:replace mmyy with the RFC month and year assigned to -- RFC Editor:replace mmyy with the RFC month and year assigned to
-- draft-ietf-storm-iscsi-cons-08 & remove this note.
[RFCssss] Knight, F., Chadalapaka, M., "Internet Small [RFCssss] Knight, F., Chadalapaka, M., "Internet Small
Computer Systems Interface (iSCSI) Update", RFC ssss, Computer Systems Interface (iSCSI) Update", RFC ssss,
mmyy mmyy.
-- RFC Editor: replace ssss with the RFC number assigned to -- RFC Editor: replace ssss with the RFC number assigned to
-- draft-ietf-storm-iscsi-sam-06 & remove this note. -- draft-ietf-storm-iscsi-sam-06 & remove this note.
-- RFC Editor: replace mmyy with the RFC month and year assigned to -- RFC Editor: replace mmyy with the RFC month and year assigned to
-- draft-ietf-storm-iscsi-sam-06 & remove this note. -- draft-ietf-storm-iscsi-sam-06 & remove this note.
10.2. Informative References 10.2. Informative References
[RFC3410] Case, J., Mundy, R., Partain, D., and B. Stewart, [RFC3410] Case, J., Mundy, R., Partain, D., and B. Stewart,
"Introduction and Applicability Statements for Internet- "Introduction and Applicability Statements for Internet-
Standard Management Framework", RFC 3410, December 2002. Standard Management Framework", RFC 3410, December 2002.
 End of changes. 26 change blocks. 
36 lines changed or deleted 79 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/