< draft-ietf-ips-iscsi-19.txt   draft-ietf-ips-iscsi-20.txt >
iSCSI 3-November-02 iSCSI 19-January-03
IP Storage Working Group Julian Satran IP Storage Working Group Julian Satran
Internet Draft Kalman Meth Internet Draft Kalman Meth
draft-ietf-ips-iscsi-19.txt IBM draft-ietf-ips-iscsi-20.txt IBM
Category: standards-track Category: standards-track
Costa Sapuntzakis Costa Sapuntzakis
Cisco Systems Cisco Systems
Mallikarjun Chadalapaka Mallikarjun Chadalapaka
Hewlett-Packard Co. Hewlett-Packard Co.
Efri Zeidner Efri Zeidner
SANGate SANGate
iSCSI iSCSI
Julian Satran Expires June 2003 1 Julian Satran Expires August 2003 1
iSCSI 3-November-02 iSCSI 19-January-03
Status of this Memo Status of this Memo
This document is an Internet-Draft and fully conforms to all This document is an Internet-Draft and fully conforms to all
provisions of Section 10 of RFC2026. provisions of Section 10 of RFC2026.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet- other groups may also distribute working documents as Internet-
Drafts. Internet-Drafts are draft documents valid for at most six Drafts. Internet-Drafts are draft documents valid for at most six
skipping to change at line 62 skipping to change at line 62
This document describes a transport protocol for SCSI that works on This document describes a transport protocol for SCSI that works on
top of TCP. The iSCSI protocol aims to be fully compliant with the top of TCP. The iSCSI protocol aims to be fully compliant with the
standardized SCSI architectural model. standardized SCSI architectural model.
Acknowledgements Acknowledgements
This protocol was developed by a design team that, in addition to This protocol was developed by a design team that, in addition to
the authors, included Daniel Smith, Ofer Biran, Jim Hafner and John the authors, included Daniel Smith, Ofer Biran, Jim Hafner and John
Hufferd (IBM), Mark Bakke (Cisco), Randy Haagens (HP), Matt Wakeley Hufferd (IBM), Mark Bakke (Cisco), Randy Haagens (HP), Matt Wakeley
Julian Satran Expires June 2003 2
iSCSI 3-November-02
(Agilent, now Sierra Logic), Luciano Dalle Ore (Quantum), and Paul (Agilent, now Sierra Logic), Luciano Dalle Ore (Quantum), and Paul
Von Stamwitz (Adaptec, now TrueSAN Networks). Von Stamwitz (Adaptec, now TrueSAN Networks).
Furthermore, a large group of people contributed to this work Furthermore, a large group of people contributed to this work
through their review, comments, and valuable insights. We are through their review, comments, and valuable insights. We are
grateful to all of them. We especially thank those people who found grateful to all of them. We especially thank those people who found
the time and patience to take part in our weekly phone conferences the time and patience to take part in our weekly phone conferences
and intermediate meetings in Almaden and Haifa, which helped shape and intermediate meetings in Almaden and Haifa, which helped shape
this document: Prasenjit Sarkar, Meir Toledano, John Dowdy, Steve this document: Prasenjit Sarkar, Meir Toledano, John Dowdy, Steve
Legg, Alain Azagury (IBM), Dave Nagle (CMU), David Black (EMC), John Legg, Alain Azagury (IBM), Dave Nagle (CMU), David Black (EMC), John
Matze (Veritas - now Okapi Software), Steve DeGroote, Mark Schrandt Matze (Veritas - now Okapi Software), Steve DeGroote, Mark Schrandt
(Cisco), Gabi Hecht (Gadzoox), Robert Snively and Brian Forbes (Cisco), Gabi Hecht (Gadzoox), Robert Snively and Brian Forbes
(Brocade), Nelson Nachum (StorAge), and Uri Elzur (Broadcom). Many (Brocade), Nelson Nachum (StorAge), and Uri Elzur (Broadcom). Many
others helped edit and improve this document within the IPS working others helped edit and improve this document within the IPS working
Julian Satran Expires August 2003 2
iSCSI 19-January-03
group. We are especially grateful to David Robinson and Raghavendra group. We are especially grateful to David Robinson and Raghavendra
Rao (Sun), Charles Monia, Joshua Tseng (Nishan), Somesh Gupta Rao (Sun), Charles Monia, Joshua Tseng (Nishan), Somesh Gupta
(Silverback), Michael Krause, Pierre Labat, Santosh Rao, Matthew (Silverback), Michael Krause, Pierre Labat, Santosh Rao, Matthew
Burbridge, Bob Barry, Robert Elliott, Nick Martin (HP), Stephen Burbridge, Bob Barry, Robert Elliott, Nick Martin (HP), Stephen
Bailey (Sandburst), Steve Senum, Ayman Ghanem, Dave Peterson Bailey (Sandburst), Steve Senum, Ayman Ghanem, Dave Peterson
(Cisco), Barry Reinhold (Trebia Networks), Bob Russell (UNH), Eddy (Cisco), Barry Reinhold (Trebia Networks), Bob Russell (UNH), Eddy
Quicksall (iVivity, Inc.), Bill Lynn and Michael Fischer (Adaptec), Quicksall (iVivity, Inc.), Bill Lynn and Michael Fischer (Adaptec),
Vince Cavanna, Pat Thaler (Agilent), Jonathan Stone (Stanford), Vince Cavanna, Pat Thaler (Agilent), Jonathan Stone (Stanford),
Luben Tuikov (Splentec), Paul Koning (EqualLogic), Michael Krueger Luben Tuikov (Splentec), Paul Koning (EqualLogic), Michael Krueger
(Windriver), Martins Krikis (Intel), Doug Otis (Sanlight), John (Windriver), Martins Krikis (Intel), Doug Otis (Sanlight), John
skipping to change at line 108 skipping to change at line 108
We would like to thank Steve Hetzler for his unwavering support and We would like to thank Steve Hetzler for his unwavering support and
for coming up with such a good name for the protocol, and Micky for coming up with such a good name for the protocol, and Micky
Rodeh, Jai Menon, Clod Barrera, and Andy Bechtolsheim for helping Rodeh, Jai Menon, Clod Barrera, and Andy Bechtolsheim for helping
make this work happen. make this work happen.
In addition to this document, we recommend you acquaint yourself In addition to this document, we recommend you acquaint yourself
with the following in order to get a full understanding of the iSCSI with the following in order to get a full understanding of the iSCSI
specification: "iSCSI Naming & Discovery"[NDT], "Bootstrapping specification: "iSCSI Naming & Discovery"[NDT], "Bootstrapping
Clients using the iSCSI Protocol" [BOOT], "Securing Block Storage Clients using the iSCSI Protocol" [BOOT], "Securing Block Storage
Julian Satran Expires June 2003 3
iSCSI 3-November-02
Protocols over IP"[SEC-IPS] documents, and "iSCSI Requirements and Protocols over IP"[SEC-IPS] documents, and "iSCSI Requirements and
Design Considerations" [RFC3347]. Design Considerations" [RFC3347].
The "iSCSI Naming & Discovery" document is authored by: The "iSCSI Naming & Discovery" document is authored by:
Mark Bakke (Cisco), Jim Hafner, John Hufferd, Kaladhar Voruganti Mark Bakke (Cisco), Jim Hafner, John Hufferd, Kaladhar Voruganti
(IBM), and Marjorie Krueger (HP). (IBM), and Marjorie Krueger (HP).
The "Bootstrapping Clients using the iSCSI Protocol" document is The "Bootstrapping Clients using the iSCSI Protocol" document is
authored by: authored by:
Prasenjit Sarkar (IBM), Duncan Missimer (HP), and Costa Prasenjit Sarkar (IBM), Duncan Missimer (HP), and Costa
Sapuntzakis (Cisco). Sapuntzakis (Cisco).
The "Securing Block Storage Protocols over IP" document is authored The "Securing Block Storage Protocols over IP" document is authored
by: by:
Bernard Aboba (Microsoft), Joshua Tseng (Nishan), Jesse Walker Bernard Aboba (Microsoft), Joshua Tseng (Nishan), Jesse Walker
(Intel), Venkat Rangan (Rhapsody Networks), and Franco (Intel), Venkat Rangan (Rhapsody Networks), and Franco
Travostino (Nortel Networks). Travostino (Nortel Networks).
The "iSCSI Requirements and Design Considerations" document is The "iSCSI Requirements and Design Considerations" document is
authored by: authored by:
Marjorie Krueger, Randy Haagens (HP), Costa Sapuntzakis, and Marjorie Krueger, Randy Haagens (HP), Costa Sapuntzakis, and
Mark Bakke (Cisco). Mark Bakke (Cisco).
Julian Satran Expires August 2003 3
iSCSI 19-January-03
We are grateful to all of them for their good work and for helping We are grateful to all of them for their good work and for helping
us correlate this document with the ones they produced. us correlate this document with the ones they produced.
Julian Satran Expires June 2003 4 Julian Satran Expires August 2003 4
iSCSI 3-November-02 iSCSI 19-January-03
Status of this Memo . . . . . . . . . . . . . . . . . . . . . . . 2 Status of this Memo . . . . . . . . . . . . . . . . . . . . . . . 2
Abstract . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 Abstract . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . 2 Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . 2
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 13 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 13
2. Definitions and Acronyms . . . . . . . . . . . . . . . . . . . 14 2. Definitions and Acronyms . . . . . . . . . . . . . . . . . . . 14
2.1 Definitions . . . . . . . . . . . . . . . . . . . . . . . . 14 2.1 Definitions . . . . . . . . . . . . . . . . . . . . . . . . 14
2.2 Acronyms . . . . . . . . . . . . . . . . . . . . . . . . . . 19 2.2 Acronyms . . . . . . . . . . . . . . . . . . . . . . . . . . 18
2.3 Conventions . . . . . . . . . . . . . . . . . . . . . . . . 21 2.3 Conventions . . . . . . . . . . . . . . . . . . . . . . . . 19
2.3.1 Word Rule . . . . . . . . . . . . . . . . . . . . . . . 22 2.3.1 Word Rule . . . . . . . . . . . . . . . . . . . . . . . 20
2.3.2 Half-Word Rule . . . . . . . . . . . . . . . . . . . . . 22 2.3.2 Half-Word Rule . . . . . . . . . . . . . . . . . . . . . 20
2.3.3 Byte Rule . . . . . . . . . . . . . . . . . . . . . . . 22 2.3.3 Byte Rule . . . . . . . . . . . . . . . . . . . . . . . 20
3. Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . 23 3. Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
3.1 SCSI Concepts . . . . . . . . . . . . . . . . . . . . . . . 23 3.1 SCSI Concepts . . . . . . . . . . . . . . . . . . . . . . . 21
3.2 iSCSI Concepts and Functional Overview . . . . . . . . . . . 24 3.2 iSCSI Concepts and Functional Overview . . . . . . . . . . . 21
3.2.1 Layers and Sessions . . . . . . . . . . . . . . . . . . 24 3.2.1 Layers and Sessions . . . . . . . . . . . . . . . . . . 22
3.2.2 Ordering and iSCSI Numbering . . . . . . . . . . . . . . 25 3.2.2 Ordering and iSCSI Numbering . . . . . . . . . . . . . . 23
3.2.2.1 Command Numbering and Acknowledging . . . . . . . . 26 3.2.2.1 Command Numbering and Acknowledging . . . . . . . . 23
3.2.2.2 Response/Status Numbering and Acknowledging . . . . 29 3.2.2.2 Response/Status Numbering and Acknowledging . . . . 26
3.2.2.3 Data Sequencing . . . . . . . . . . . . . . . . . . 30 3.2.2.3 Data Sequencing . . . . . . . . . . . . . . . . . . 26
3.2.3 iSCSI Login . . . . . . . . . . . . . . . . . . . . . . 30 3.2.3 iSCSI Login . . . . . . . . . . . . . . . . . . . . . . 27
3.2.4 iSCSI Full Feature Phase . . . . . . . . . . . . . . . . 32 3.2.4 iSCSI Full Feature Phase . . . . . . . . . . . . . . . . 28
3.2.4.1 Command Connection Allegiance . . . . . . . . . . . 32 3.2.4.1 Command Connection Allegiance . . . . . . . . . . . 28
3.2.4.2 Data Transfer Overview . . . . . . . . . . . . . . . 33 3.2.4.2 Data Transfer Overview . . . . . . . . . . . . . . . 29
3.2.4.3 Tags and Integrity Checks . . . . . . . . . . . . . 35 3.2.4.3 Tags and Integrity Checks . . . . . . . . . . . . . 30
3.2.4.4 Task Management . . . . . . . . . . . . . . . . . . 35 3.2.4.4 Task Management . . . . . . . . . . . . . . . . . . 30
3.2.5 iSCSI Connection Termination . . . . . . . . . . . . . . 35 3.2.5 iSCSI Connection Termination . . . . . . . . . . . . . . 31
3.2.6 iSCSI Names . . . . . . . . . . . . . . . . . . . . . . 36 3.2.6 iSCSI Names . . . . . . . . . . . . . . . . . . . . . . 31
3.2.6.1 iSCSI Name Properties . . . . . . . . . . . . . . . 37 3.2.6.1 iSCSI Name Properties . . . . . . . . . . . . . . . 31
3.2.6.2 iSCSI Name Encoding . . . . . . . . . . . . . . . . 38 3.2.6.2 iSCSI Name Encoding . . . . . . . . . . . . . . . . 33
3.2.6.3 iSCSI Name Structure . . . . . . . . . . . . . . . . 39 3.2.6.3 iSCSI Name Structure . . . . . . . . . . . . . . . . 33
3.2.6.3.1 Type "iqn." (iSCSI Qualified Name) . . . . . . . 40 3.2.6.3.1 Type "iqn." (iSCSI Qualified Name) . . . . . . . 34
3.2.6.3.2 Type "eui." (IEEE EUI-64 format) . . . . . . . . 41 3.2.6.3.2 Type "eui." (IEEE EUI-64 format) . . . . . . . . 35
3.2.7 Persistent State . . . . . . . . . . . . . . . . . . . . 41 3.2.7 Persistent State . . . . . . . . . . . . . . . . . . . . 35
3.2.8 Message Synchronization and Steering . . . . . . . . . . 42 3.2.8 Message Synchronization and Steering . . . . . . . . . . 36
3.2.8.1 Sync/Steering and iSCSI PDU Length . . . . . . . . . 43 3.2.8.1 Sync/Steering and iSCSI PDU Length . . . . . . . . . 37
3.3 iSCSI Session Types . . . . . . . . . . . . . . . . . . . . 44 3.3 iSCSI Session Types . . . . . . . . . . . . . . . . . . . . 37
3.4 SCSI to iSCSI Concepts Mapping Model . . . . . . . . . . . . 44 3.4 SCSI to iSCSI Concepts Mapping Model . . . . . . . . . . . . 37
3.4.1 iSCSI Architecture Model . . . . . . . . . . . . . . . . 45 3.4.1 iSCSI Architecture Model . . . . . . . . . . . . . . . . 38
3.4.2 SCSI Architecture Model . . . . . . . . . . . . . . . . 47 3.4.2 SCSI Architecture Model . . . . . . . . . . . . . . . . 40
3.4.3 Consequences of the Model . . . . . . . . . . . . . . . 49 3.4.3 Consequences of the Model . . . . . . . . . . . . . . . 42
3.4.3.1 I_T Nexus State . . . . . . . . . . . . . . . . . . 50 3.4.3.1 I_T Nexus State . . . . . . . . . . . . . . . . . . 43
3.5 Request/Response Summary . . . . . . . . . . . . . . . . . . 51 3.5 Request/Response Summary . . . . . . . . . . . . . . . . . . 43
3.5.1 Request/Response Types Carrying SCSI Payload . . . . . . 51 3.5.1 Request/Response Types Carrying SCSI Payload . . . . . . 43
3.5.1.1 SCSI-Command . . . . . . . . . . . . . . . . . . . . 43
Julian Satran Expires June 2003 5 3.5.1.2 SCSI-Response . . . . . . . . . . . . . . . . . . . 43
iSCSI 3-November-02 3.5.1.3 Task Management Function Request . . . . . . . . . . 44
3.5.1.4 Task Management Function Response . . . . . . . . . 44
3.5.1.1 SCSI-Command . . . . . . . . . . . . . . . . . . . . 51 3.5.1.5 SCSI Data-out and SCSI Data-in . . . . . . . . . . . 45
3.5.1.2 SCSI-Response . . . . . . . . . . . . . . . . . . . 52
3.5.1.3 Task Management Function Request . . . . . . . . . . 52
3.5.1.4 Task Management Function Response . . . . . . . . . 53
3.5.1.5 SCSI Data-out and SCSI Data-in . . . . . . . . . . . 53
3.5.1.6 Ready To Transfer (R2T) . . . . . . . . . . . . . . 54
3.5.2 Requests/Responses carrying SCSI and iSCSI Payload . . . 55
3.5.2.1 Asynchronous Message . . . . . . . . . . . . . . . . 55
3.5.3 Requests/Responses Carrying iSCSI Only Payload . . . . . 55
3.5.3.1 Text Request and Text Response . . . . . . . . . . . 55
3.5.3.2 Login Request and Login Response . . . . . . . . . . 55
3.5.3.3 Logout Request and Response . . . . . . . . . . . . 56
3.5.3.4 SNACK Request . . . . . . . . . . . . . . . . . . . 57
3.5.3.5 Reject . . . . . . . . . . . . . . . . . . . . . . . 57
3.5.3.6 NOP-Out Request and NOP-In Response . . . . . . . . 57
4. SCSI Mode Parameters for iSCSI . . . . . . . . . . . . . . . . 59
5. Login and Full Feature Phase Negotiation . . . . . . . . . . . 60
5.1 Text Format . . . . . . . . . . . . . . . . . . . . . . . . 61
5.2 Text Mode Negotiation . . . . . . . . . . . . . . . . . . . 64
5.2.1 List negotiations . . . . . . . . . . . . . . . . . . . 68
5.2.2 Simple-value Negotiations . . . . . . . . . . . . . . . 68
5.3 Login Phase . . . . . . . . . . . . . . . . . . . . . . . . 69
5.3.1 Login Phase Start . . . . . . . . . . . . . . . . . . . 72
5.3.2 iSCSI Security Negotiation . . . . . . . . . . . . . . . 75
5.3.3 Operational Parameter Negotiation During the Login Phase 76
5.3.4 Connection Reinstatement . . . . . . . . . . . . . . . . 76
5.3.5 Session Reinstatement, Closure, and Timeout . . . . . . 77
5.3.5.1 Loss of Nexus Notification . . . . . . . . . . . . . 78
5.3.6 Session Continuation and Failure . . . . . . . . . . . . 78
5.4 Operational Parameter Negotiation Outside the Login Phase . 78
6. iSCSI Error Handling and Recovery . . . . . . . . . . . . . . . 80
6.1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . 80
6.1.1 Background . . . . . . . . . . . . . . . . . . . . . . . 80
6.1.2 Goals . . . . . . . . . . . . . . . . . . . . . . . . . 80
6.1.3 Protocol Features and State Expectations . . . . . . . . 81
6.1.4 Recovery Classes . . . . . . . . . . . . . . . . . . . . 82
6.1.4.1 Recovery Within-command . . . . . . . . . . . . . . 83
6.1.4.2 Recovery Within-connection . . . . . . . . . . . . . 84
6.1.4.3 Connection Recovery . . . . . . . . . . . . . . . . 84
6.1.4.4 Session Recovery . . . . . . . . . . . . . . . . . . 85
6.1.5 Error Recovery Hierarchy . . . . . . . . . . . . . . . . 85
6.2 Retry and Reassign in Recovery . . . . . . . . . . . . . . . 87
6.2.1 Usage of Retry . . . . . . . . . . . . . . . . . . . . . 87
Julian Satran Expires June 2003 6 Julian Satran Expires August 2003 5
iSCSI 3-November-02 iSCSI 19-January-03
6.2.2 Allegiance Reassignment . . . . . . . . . . . . . . . . 88 3.5.1.6 Ready To Transfer (R2T) . . . . . . . . . . . . . . 45
6.3 Usage Of Reject PDU in Recovery . . . . . . . . . . . . . . 89 3.5.2 Requests/Responses carrying SCSI and iSCSI Payload . . . 46
6.4 Connection Timeout Management . . . . . . . . . . . . . . . 90 3.5.2.1 Asynchronous Message . . . . . . . . . . . . . . . . 46
6.4.1 Timeouts on Transport Exception Events . . . . . . . . . 90 3.5.3 Requests/Responses Carrying iSCSI Only Payload . . . . . 46
6.4.2 Timeouts on Planned Decommissioning . . . . . . . . . . 91 3.5.3.1 Text Request and Text Response . . . . . . . . . . . 46
6.5 Implicit Termination of Tasks . . . . . . . . . . . . . . . 91 3.5.3.2 Login Request and Login Response . . . . . . . . . . 46
6.6 Format Errors . . . . . . . . . . . . . . . . . . . . . . . 92 3.5.3.3 Logout Request and Response . . . . . . . . . . . . 47
6.7 Digest Errors . . . . . . . . . . . . . . . . . . . . . . . 92 3.5.3.4 SNACK Request . . . . . . . . . . . . . . . . . . . 47
6.8 Sequence Errors . . . . . . . . . . . . . . . . . . . . . . 94 3.5.3.5 Reject . . . . . . . . . . . . . . . . . . . . . . . 47
6.9 SCSI Timeouts . . . . . . . . . . . . . . . . . . . . . . . 95 3.5.3.6 NOP-Out Request and NOP-In Response . . . . . . . . 48
6.10 Negotiation Failures . . . . . . . . . . . . . . . . . . . 95 4. SCSI Mode Parameters for iSCSI . . . . . . . . . . . . . . . . 49
6.11 Protocol Errors . . . . . . . . . . . . . . . . . . . . . . 96 5. Login and Full Feature Phase Negotiation . . . . . . . . . . . 50
6.12 Connection Failures . . . . . . . . . . . . . . . . . . . . 96 5.1 Text Format . . . . . . . . . . . . . . . . . . . . . . . . 51
6.13 Session Errors . . . . . . . . . . . . . . . . . . . . . . 97 5.2 Text Mode Negotiation . . . . . . . . . . . . . . . . . . . 54
7. State Transitions . . . . . . . . . . . . . . . . . . . . . . . 99 5.2.1 List negotiations . . . . . . . . . . . . . . . . . . . 56
7.1 Standard Connection State Diagrams . . . . . . . . . . . . . 99 5.2.2 Simple-value Negotiations . . . . . . . . . . . . . . . 56
7.1.1 State Descriptions for Initiators and Targets . . . . . 99 5.3 Login Phase . . . . . . . . . . . . . . . . . . . . . . . . 57
7.1.2 State Transition Descriptions for Initiators and Targets 100 5.3.1 Login Phase Start . . . . . . . . . . . . . . . . . . . 59
7.1.3 Standard Connection State Diagram for an Initiator . . .104 5.3.2 iSCSI Security Negotiation . . . . . . . . . . . . . . . 61
7.1.4 Standard Connection State Diagram for a Target . . . . .106 5.3.3 Operational Parameter Negotiation During the Login Phase 62
7.2 Connection Cleanup State Diagram for Initiators and Targets 108 5.3.4 Connection Reinstatement . . . . . . . . . . . . . . . . 63
7.2.1 State Descriptions for Initiators and Targets . . . . .110 5.3.5 Session Reinstatement, Closure, and Timeout . . . . . . 63
7.2.2 State Transition Descriptions for Initiators and Targets 110 5.3.5.1 Loss of Nexus Notification . . . . . . . . . . . . . 64
7.3 Session State Diagrams . . . . . . . . . . . . . . . . . . .112 5.3.6 Session Continuation and Failure . . . . . . . . . . . . 64
7.3.1 Session State Diagram for an Initiator . . . . . . . . .112 5.4 Operational Parameter Negotiation Outside the Login Phase . 64
7.3.2 Session State Diagram for a Target . . . . . . . . . . .113 6. iSCSI Error Handling and Recovery . . . . . . . . . . . . . . . 66
7.3.3 State Descriptions for Initiators and Targets . . . . .114 6.1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . 66
7.3.4 State Transition Descriptions for Initiators and Targets 115 6.1.1 Background . . . . . . . . . . . . . . . . . . . . . . . 66
8. Security Considerations . . . . . . . . . . . . . . . . . . . .117 6.1.2 Goals . . . . . . . . . . . . . . . . . . . . . . . . . 66
8.1 iSCSI Security Mechanisms . . . . . . . . . . . . . . . . .117 6.1.3 Protocol Features and State Expectations . . . . . . . . 67
8.2 In-band Initiator-Target Authentication . . . . . . . . . .118 6.1.4 Recovery Classes . . . . . . . . . . . . . . . . . . . . 67
8.2.1 CHAP Considerations . . . . . . . . . . . . . . . . . .119 6.1.4.1 Recovery Within-command . . . . . . . . . . . . . . 68
8.2.2 SRP Considerations . . . . . . . . . . . . . . . . . . .120 6.1.4.2 Recovery Within-connection . . . . . . . . . . . . . 69
8.3 IPsec . . . . . . . . . . . . . . . . . . . . . . . . . . .120 6.1.4.3 Connection Recovery . . . . . . . . . . . . . . . . 69
8.3.1 Data Integrity and Authentication . . . . . . . . . . .120 6.1.4.4 Session Recovery . . . . . . . . . . . . . . . . . . 70
8.3.2 Confidentiality . . . . . . . . . . . . . . . . . . . .121 6.1.5 Error Recovery Hierarchy . . . . . . . . . . . . . . . . 70
8.3.3 Policy, Security Associations, and Key Management . . .121 6.2 Retry and Reassign in Recovery . . . . . . . . . . . . . . . 72
9. Notes to Implementers . . . . . . . . . . . . . . . . . . . . .123 6.2.1 Usage of Retry . . . . . . . . . . . . . . . . . . . . . 72
9.1 Multiple Network Adapters . . . . . . . . . . . . . . . . .123 6.2.2 Allegiance Reassignment . . . . . . . . . . . . . . . . 73
9.1.1 Conservative Reuse of ISIDs . . . . . . . . . . . . . .123 6.3 Usage Of Reject PDU in Recovery . . . . . . . . . . . . . . 74
9.1.2 iSCSI Name, ISID, and TPGT Use . . . . . . . . . . . . .124 6.4 Connection Timeout Management . . . . . . . . . . . . . . . 74
9.2 Autosense and Auto Contingent Allegiance (ACA) . . . . . . .126 6.4.1 Timeouts on Transport Exception Events . . . . . . . . . 74
9.3 iSCSI Timeouts . . . . . . . . . . . . . . . . . . . . . . .126 6.4.2 Timeouts on Planned Decommissioning . . . . . . . . . . 75
6.5 Implicit Termination of Tasks . . . . . . . . . . . . . . . 75
6.6 Format Errors . . . . . . . . . . . . . . . . . . . . . . . 76
6.7 Digest Errors . . . . . . . . . . . . . . . . . . . . . . . 76
6.8 Sequence Errors . . . . . . . . . . . . . . . . . . . . . . 77
6.9 SCSI Timeouts . . . . . . . . . . . . . . . . . . . . . . . 78
Julian Satran Expires June 2003 7 Julian Satran Expires August 2003 6
iSCSI 3-November-02 iSCSI 19-January-03
9.4 Command Retry and Cleaning Old Command Instances . . . . . .127 6.10 Negotiation Failures . . . . . . . . . . . . . . . . . . . 78
9.5 Synch and Steering Layer and Performance . . . . . . . . . .127 6.11 Protocol Errors . . . . . . . . . . . . . . . . . . . . . . 79
6.12 Connection Failures . . . . . . . . . . . . . . . . . . . . 79
6.13 Session Errors . . . . . . . . . . . . . . . . . . . . . . 80
7. State Transitions . . . . . . . . . . . . . . . . . . . . . . . 81
7.1 Standard Connection State Diagrams . . . . . . . . . . . . . 81
7.1.1 State Descriptions for Initiators and Targets . . . . . 81
7.1.2 State Transition Descriptions for Initiators and Targets 82
7.1.3 Standard Connection State Diagram for an Initiator . . . 85
7.1.4 Standard Connection State Diagram for a Target . . . . . 87
7.2 Connection Cleanup State Diagram for Initiators and Targets 89
7.2.1 State Descriptions for Initiators and Targets . . . . . 90
7.2.2 State Transition Descriptions for Initiators and Targets 91
7.3 Session State Diagrams . . . . . . . . . . . . . . . . . . . 92
7.3.1 Session State Diagram for an Initiator . . . . . . . . . 92
7.3.2 Session State Diagram for a Target . . . . . . . . . . . 93
7.3.3 State Descriptions for Initiators and Targets . . . . . 94
7.3.4 State Transition Descriptions for Initiators and Targets 94
8. Security Considerations . . . . . . . . . . . . . . . . . . . . 96
8.1 iSCSI Security Mechanisms . . . . . . . . . . . . . . . . . 96
8.2 In-band Initiator-Target Authentication . . . . . . . . . . 96
8.2.1 CHAP Considerations . . . . . . . . . . . . . . . . . . 97
8.2.2 SRP Considerations . . . . . . . . . . . . . . . . . . . 99
8.3 IPsec . . . . . . . . . . . . . . . . . . . . . . . . . . . 99
8.3.1 Data Integrity and Authentication . . . . . . . . . . . 99
8.3.2 Confidentiality . . . . . . . . . . . . . . . . . . . .100
8.3.3 Policy, Security Associations, and Cryptographic Key
Management . . . . . . . . . . . . . . . . . . . . . . . . . . . .100
9. Notes to Implementers . . . . . . . . . . . . . . . . . . . . .102
9.1 Multiple Network Adapters . . . . . . . . . . . . . . . . .102
9.1.1 Conservative Reuse of ISIDs . . . . . . . . . . . . . .102
9.1.2 iSCSI Name, ISID, and TPGT Use . . . . . . . . . . . . .103
9.2 Autosense and Auto Contingent Allegiance (ACA) . . . . . . .104
9.3 iSCSI Timeouts . . . . . . . . . . . . . . . . . . . . . . .104
9.4 Command Retry and Cleaning Old Command Instances . . . . . .105
9.5 Synch and Steering Layer and Performance . . . . . . . . . .105
9.6 Considerations for State-dependent Devices and Long-lasting SCSI 9.6 Considerations for State-dependent Devices and Long-lasting SCSI
Operations . . . . . . . . . . . . . . . . . . . . . . . . . . . .127 Operations . . . . . . . . . . . . . . . . . . . . . . . . . . . .105
9.6.1 Determining the Proper ErrorRecoveryLevel . . . . . . .128 9.6.1 Determining the Proper ErrorRecoveryLevel . . . . . . .106
10. iSCSI PDU Formats . . . . . . . . . . . . . . . . . . . . . .130 10. iSCSI PDU Formats . . . . . . . . . . . . . . . . . . . . . .107
10.1 iSCSI PDU Length and Padding . . . . . . . . . . . . . . .130 10.1 iSCSI PDU Length and Padding . . . . . . . . . . . . . . .107
10.2 PDU Template, Header, and Opcodes . . . . . . . . . . . . .130 10.2 PDU Template, Header, and Opcodes . . . . . . . . . . . . .107
10.2.1 Basic Header Segment (BHS) . . . . . . . . . . . . . .131 10.2.1 Basic Header Segment (BHS) . . . . . . . . . . . . . .108
10.2.1.1 I . . . . . . . . . . . . . . . . . . . . . . . . .132 10.2.1.1 I . . . . . . . . . . . . . . . . . . . . . . . . .108
10.2.1.2 Opcode . . . . . . . . . . . . . . . . . . . . . .132 10.2.1.2 Opcode . . . . . . . . . . . . . . . . . . . . . .108
10.2.1.3 Final (F) bit . . . . . . . . . . . . . . . . . . .133 10.2.1.3 Final (F) bit . . . . . . . . . . . . . . . . . . .109
10.2.1.4 Opcode-specific Fields . . . . . . . . . . . . . .133 10.2.1.4 Opcode-specific Fields . . . . . . . . . . . . . .109
10.2.1.5 TotalAHSLength . . . . . . . . . . . . . . . . . .133 10.2.1.5 TotalAHSLength . . . . . . . . . . . . . . . . . .109
10.2.1.6 DataSegmentLength . . . . . . . . . . . . . . . . .134
10.2.1.7 LUN . . . . . . . . . . . . . . . . . . . . . . . .134
10.2.1.8 Initiator Task Tag . . . . . . . . . . . . . . . .134
10.2.2 Additional Header Segment (AHS) . . . . . . . . . . . .134
10.2.2.1 AHSType . . . . . . . . . . . . . . . . . . . . . .135
10.2.2.2 AHSLength . . . . . . . . . . . . . . . . . . . . .135
10.2.2.3 Extended CDB AHS . . . . . . . . . . . . . . . . .135
10.2.2.4 Bidirectional Expected Read-Data Length AHS . . . .136
10.2.3 Header Digest and Data Digest . . . . . . . . . . . . .136
10.2.4 Data Segment . . . . . . . . . . . . . . . . . . . . .137
10.3 SCSI Command . . . . . . . . . . . . . . . . . . . . . . . .138
10.3.1 Flags and Task Attributes (byte 1) . . . . . . . . . .138
10.3.2 CmdSN - Command Sequence Number . . . . . . . . . . . .139
10.3.3 ExpStatSN . . . . . . . . . . . . . . . . . . . . . . .139
10.3.4 Expected Data Transfer Length . . . . . . . . . . . . .140
10.3.5 CDB - SCSI Command Descriptor Block . . . . . . . . . .140
10.3.6 Data Segment - Command Data . . . . . . . . . . . . . .141
10.4 SCSI Response . . . . . . . . . . . . . . . . . . . . . . .142
10.4.1 Flags (byte 1) . . . . . . . . . . . . . . . . . . . .142
10.4.2 Status . . . . . . . . . . . . . . . . . . . . . . . .143
10.4.3 Response . . . . . . . . . . . . . . . . . . . . . . .144
10.4.4 SNACK Tag . . . . . . . . . . . . . . . . . . . . . . .144
10.4.5 Residual Count . . . . . . . . . . . . . . . . . . . .145
10.4.6 Bidirectional Read Residual Count . . . . . . . . . . .145
10.4.7 Data Segment - Sense and Response Data Segment . . . .145
10.4.7.1 SenseLength . . . . . . . . . . . . . . . . . . . .146
10.4.7.2 Sense Data . . . . . . . . . . . . . . . . . . . .146
10.4.8 ExpDataSN . . . . . . . . . . . . . . . . . . . . . . .147
10.4.9 StatSN - Status Sequence Number . . . . . . . . . . . .147
Julian Satran Expires June 2003 8 Julian Satran Expires August 2003 7
iSCSI 3-November-02 iSCSI 19-January-03
10.4.10 ExpCmdSN - Next Expected CmdSN from this Initiator . .148 10.2.1.6 DataSegmentLength . . . . . . . . . . . . . . . . .110
10.4.11 MaxCmdSN - Maximum CmdSN from this Initiator . . . . .148 10.2.1.7 LUN . . . . . . . . . . . . . . . . . . . . . . . .110
10.5 Task Management Function Request . . . . . . . . . . . . . .149 10.2.1.8 Initiator Task Tag . . . . . . . . . . . . . . . .110
10.5.1 Function . . . . . . . . . . . . . . . . . . . . . . .149 10.2.2 Additional Header Segment (AHS) . . . . . . . . . . . .110
10.5.2 TotalAHSLength and DataSegmentLength . . . . . . . . .152 10.2.2.1 AHSType . . . . . . . . . . . . . . . . . . . . . .110
10.5.3 LUN . . . . . . . . . . . . . . . . . . . . . . . . . .153 10.2.2.2 AHSLength . . . . . . . . . . . . . . . . . . . . .111
10.5.4 Referenced Task Tag . . . . . . . . . . . . . . . . . .153 10.2.2.3 Extended CDB AHS . . . . . . . . . . . . . . . . .111
10.5.5 RefCmdSN . . . . . . . . . . . . . . . . . . . . . . .153 10.2.2.4 Bidirectional Expected Read-Data Length AHS . . . .111
10.5.6 ExpDataSN . . . . . . . . . . . . . . . . . . . . . . .153 10.2.3 Header Digest and Data Digest . . . . . . . . . . . . .111
10.6 Task Management Function Response . . . . . . . . . . . . .155 10.2.4 Data Segment . . . . . . . . . . . . . . . . . . . . .112
10.6.1 Response . . . . . . . . . . . . . . . . . . . . . . .155 10.3 SCSI Command . . . . . . . . . . . . . . . . . . . . . . . .113
10.6.2 Task Management Actions on Task Sets . . . . . . . . .157 10.3.1 Flags and Task Attributes (byte 1) . . . . . . . . . .113
10.6.3 TotalAHSLength and DataSegmentLength . . . . . . . . .158 10.3.2 CmdSN - Command Sequence Number . . . . . . . . . . . .114
10.7 SCSI Data-out & SCSI Data-in . . . . . . . . . . . . . . . .159 10.3.3 ExpStatSN . . . . . . . . . . . . . . . . . . . . . . .114
10.7.1 F (Final) Bit . . . . . . . . . . . . . . . . . . . . .161 10.3.4 Expected Data Transfer Length . . . . . . . . . . . . .114
10.7.2 A (Acknowledge) bit . . . . . . . . . . . . . . . . . .161 10.3.5 CDB - SCSI Command Descriptor Block . . . . . . . . . .115
10.7.3 Flags (byte 1) . . . . . . . . . . . . . . . . . . . .162 10.3.6 Data Segment - Command Data . . . . . . . . . . . . . .115
10.7.4 Target Transfer Tag and LUN . . . . . . . . . . . . . .163 10.4 SCSI Response . . . . . . . . . . . . . . . . . . . . . . .116
10.7.5 DataSN . . . . . . . . . . . . . . . . . . . . . . . .163 10.4.1 Flags (byte 1) . . . . . . . . . . . . . . . . . . . .116
10.7.6 Buffer Offset . . . . . . . . . . . . . . . . . . . . .163 10.4.2 Status . . . . . . . . . . . . . . . . . . . . . . . .117
10.7.7 DataSegmentLength . . . . . . . . . . . . . . . . . . .164 10.4.3 Response . . . . . . . . . . . . . . . . . . . . . . .117
10.8 Ready To Transfer (R2T) . . . . . . . . . . . . . . . . . .165 10.4.4 SNACK Tag . . . . . . . . . . . . . . . . . . . . . . .118
10.8.1 TotalAHSLength and DataSegmentLength . . . . . . . . .167 10.4.5 Residual Count . . . . . . . . . . . . . . . . . . . .118
10.8.2 R2TSN . . . . . . . . . . . . . . . . . . . . . . . . .167 10.4.6 Bidirectional Read Residual Count . . . . . . . . . . .118
10.8.3 StatSN . . . . . . . . . . . . . . . . . . . . . . . .167 10.4.7 Data Segment - Sense and Response Data Segment . . . .119
10.8.4 Desired Data Transfer Length and Buffer Offset . . . .167 10.4.7.1 SenseLength . . . . . . . . . . . . . . . . . . . .119
10.8.5 Target Transfer Tag . . . . . . . . . . . . . . . . . .167 10.4.7.2 Sense Data . . . . . . . . . . . . . . . . . . . .119
10.9 Asynchronous Message . . . . . . . . . . . . . . . . . . . .168 10.4.8 ExpDataSN . . . . . . . . . . . . . . . . . . . . . . .120
10.9.1 AsyncEvent . . . . . . . . . . . . . . . . . . . . . .169 10.4.9 StatSN - Status Sequence Number . . . . . . . . . . . .120
10.9.2 AsyncVCode . . . . . . . . . . . . . . . . . . . . . .170 10.4.10 ExpCmdSN - Next Expected CmdSN from this Initiator . .120
10.9.3 LUN . . . . . . . . . . . . . . . . . . . . . . . . . .170 10.4.11 MaxCmdSN - Maximum CmdSN from this Initiator . . . . .120
10.9.4 Sense Data and iSCSI Event Data . . . . . . . . . . . .171 10.5 Task Management Function Request . . . . . . . . . . . . . .121
10.9.4.1 SenseLength . . . . . . . . . . . . . . . . . . . .171 10.5.1 Function . . . . . . . . . . . . . . . . . . . . . . .121
10.10 Text Request . . . . . . . . . . . . . . . . . . . . . . .172 10.5.2 TotalAHSLength and DataSegmentLength . . . . . . . . .124
10.10.1 F (Final) Bit . . . . . . . . . . . . . . . . . . . .173 10.5.3 LUN . . . . . . . . . . . . . . . . . . . . . . . . . .124
10.10.2 C (Continue) Bit . . . . . . . . . . . . . . . . . . .173 10.5.4 Referenced Task Tag . . . . . . . . . . . . . . . . . .124
10.10.3 Initiator Task Tag . . . . . . . . . . . . . . . . . .173 10.5.5 RefCmdSN . . . . . . . . . . . . . . . . . . . . . . .124
10.10.4 Target Transfer Tag . . . . . . . . . . . . . . . . .173 10.5.6 ExpDataSN . . . . . . . . . . . . . . . . . . . . . . .124
10.10.5 Text . . . . . . . . . . . . . . . . . . . . . . . . .174 10.6 Task Management Function Response . . . . . . . . . . . . .126
10.11 Text Response . . . . . . . . . . . . . . . . . . . . . . .176 10.6.1 Response . . . . . . . . . . . . . . . . . . . . . . .126
10.11.1 F (Final) Bit . . . . . . . . . . . . . . . . . . . .176 10.6.2 Task Management Actions on Task Sets . . . . . . . . .127
10.11.2 C (Continue) Bit . . . . . . . . . . . . . . . . . . .177 10.6.3 TotalAHSLength and DataSegmentLength . . . . . . . . .128
10.11.3 Initiator Task Tag . . . . . . . . . . . . . . . . . .177 10.7 SCSI Data-out & SCSI Data-in . . . . . . . . . . . . . . . .129
10.7.1 F (Final) Bit . . . . . . . . . . . . . . . . . . . . .130
10.7.2 A (Acknowledge) bit . . . . . . . . . . . . . . . . . .131
10.7.3 Flags (byte 1) . . . . . . . . . . . . . . . . . . . .131
10.7.4 Target Transfer Tag and LUN . . . . . . . . . . . . . .132
10.7.5 DataSN . . . . . . . . . . . . . . . . . . . . . . . .132
Julian Satran Expires June 2003 9 Julian Satran Expires August 2003 8
iSCSI 3-November-02 iSCSI 19-January-03
10.11.4 Target Transfer Tag . . . . . . . . . . . . . . . . .177 10.7.6 Buffer Offset . . . . . . . . . . . . . . . . . . . . .132
10.11.5 StatSN . . . . . . . . . . . . . . . . . . . . . . . .178 10.7.7 DataSegmentLength . . . . . . . . . . . . . . . . . . .133
10.11.6 Text Response Data . . . . . . . . . . . . . . . . . .178 10.8 Ready To Transfer (R2T) . . . . . . . . . . . . . . . . . .134
10.12 Login Request . . . . . . . . . . . . . . . . . . . . . . .179 10.8.1 TotalAHSLength and DataSegmentLength . . . . . . . . .135
10.12.1 T (Transit) Bit . . . . . . . . . . . . . . . . . . .180 10.8.2 R2TSN . . . . . . . . . . . . . . . . . . . . . . . . .135
10.12.2 C (Continue) Bit . . . . . . . . . . . . . . . . . . .180 10.8.3 StatSN . . . . . . . . . . . . . . . . . . . . . . . .135
10.12.3 CSG and NSG . . . . . . . . . . . . . . . . . . . . .180 10.8.4 Desired Data Transfer Length and Buffer Offset . . . .135
10.12.4 Version . . . . . . . . . . . . . . . . . . . . . . .180 10.8.5 Target Transfer Tag . . . . . . . . . . . . . . . . . .136
10.12.4.1 Version-max . . . . . . . . . . . . . . . . . . .181 10.9 Asynchronous Message . . . . . . . . . . . . . . . . . . . .137
10.12.4.2 Version-min . . . . . . . . . . . . . . . . . . .181 10.9.1 AsyncEvent . . . . . . . . . . . . . . . . . . . . . .137
10.12.5 ISID . . . . . . . . . . . . . . . . . . . . . . . . .181 10.9.2 AsyncVCode . . . . . . . . . . . . . . . . . . . . . .139
10.12.6 TSIH . . . . . . . . . . . . . . . . . . . . . . . . .182 10.9.3 LUN . . . . . . . . . . . . . . . . . . . . . . . . . .139
10.12.7 Connection ID - CID . . . . . . . . . . . . . . . . .183 10.9.4 Sense Data and iSCSI Event Data . . . . . . . . . . . .139
10.12.8 CmdSN . . . . . . . . . . . . . . . . . . . . . . . .183 10.9.4.1 SenseLength . . . . . . . . . . . . . . . . . . . .139
10.12.9 ExpStatSN . . . . . . . . . . . . . . . . . . . . . .184 10.10 Text Request . . . . . . . . . . . . . . . . . . . . . . .141
10.12.10 Login Parameters . . . . . . . . . . . . . . . . . .184 10.10.1 F (Final) Bit . . . . . . . . . . . . . . . . . . . .141
10.13 Login Response . . . . . . . . . . . . . . . . . . . . . .185 10.10.2 C (Continue) Bit . . . . . . . . . . . . . . . . . . .142
10.13.1 Version-max . . . . . . . . . . . . . . . . . . . . .185 10.10.3 Initiator Task Tag . . . . . . . . . . . . . . . . . .142
10.13.2 Version-active . . . . . . . . . . . . . . . . . . . .186 10.10.4 Target Transfer Tag . . . . . . . . . . . . . . . . .142
10.13.3 TSIH . . . . . . . . . . . . . . . . . . . . . . . . .186 10.10.5 Text . . . . . . . . . . . . . . . . . . . . . . . . .143
10.13.4 StatSN . . . . . . . . . . . . . . . . . . . . . . . .186 10.11 Text Response . . . . . . . . . . . . . . . . . . . . . . .144
10.13.5 Status-Class and Status-Detail . . . . . . . . . . . .186 10.11.1 F (Final) Bit . . . . . . . . . . . . . . . . . . . .144
10.13.6 T (Transit) bit . . . . . . . . . . . . . . . . . . .189 10.11.2 C (Continue) Bit . . . . . . . . . . . . . . . . . . .145
10.13.7 C (Continue) Bit . . . . . . . . . . . . . . . . . . .190 10.11.3 Initiator Task Tag . . . . . . . . . . . . . . . . . .145
10.13.8 Login Parameters . . . . . . . . . . . . . . . . . . .190 10.11.4 Target Transfer Tag . . . . . . . . . . . . . . . . .145
10.14 Logout Request . . . . . . . . . . . . . . . . . . . . . .191 10.11.5 StatSN . . . . . . . . . . . . . . . . . . . . . . . .145
10.14.1 Reason Code . . . . . . . . . . . . . . . . . . . . .193 10.11.6 Text Response Data . . . . . . . . . . . . . . . . . .145
10.14.2 TotalAHSLength and DataSegmentLength . . . . . . . . .193 10.12 Login Request . . . . . . . . . . . . . . . . . . . . . . .147
10.14.3 CID . . . . . . . . . . . . . . . . . . . . . . . . .194 10.12.1 T (Transit) Bit . . . . . . . . . . . . . . . . . . .147
10.14.4 ExpStatSN . . . . . . . . . . . . . . . . . . . . . .194 10.12.2 C (Continue) Bit . . . . . . . . . . . . . . . . . . .147
10.14.5 Implicit termination of tasks . . . . . . . . . . . .194 10.12.3 CSG and NSG . . . . . . . . . . . . . . . . . . . . .148
10.15 Logout Response . . . . . . . . . . . . . . . . . . . . . .195 10.12.4 Version . . . . . . . . . . . . . . . . . . . . . . .148
10.15.1 Response . . . . . . . . . . . . . . . . . . . . . . .195 10.12.4.1 Version-max . . . . . . . . . . . . . . . . . . .148
10.15.2 TotalAHSLength and DataSegmentLength . . . . . . . . .196 10.12.4.2 Version-min . . . . . . . . . . . . . . . . . . .148
10.15.3 Time2Wait . . . . . . . . . . . . . . . . . . . . . .196 10.12.5 ISID . . . . . . . . . . . . . . . . . . . . . . . . .148
10.15.4 Time2Retain . . . . . . . . . . . . . . . . . . . . .196 10.12.6 TSIH . . . . . . . . . . . . . . . . . . . . . . . . .150
10.16 SNACK Request . . . . . . . . . . . . . . . . . . . . . .198 10.12.7 Connection ID - CID . . . . . . . . . . . . . . . . .150
10.16.1 Type . . . . . . . . . . . . . . . . . . . . . . . . .199 10.12.8 CmdSN . . . . . . . . . . . . . . . . . . . . . . . .150
10.16.2 Data Acknowledgement . . . . . . . . . . . . . . . . .200 10.12.9 ExpStatSN . . . . . . . . . . . . . . . . . . . . . .151
10.16.3 Resegmentation . . . . . . . . . . . . . . . . . . . .200 10.12.10 Login Parameters . . . . . . . . . . . . . . . . . .151
10.16.4 Initiator Task Tag . . . . . . . . . . . . . . . . . .201 10.13 Login Response . . . . . . . . . . . . . . . . . . . . . .152
10.16.5 Target Transfer Tag or SNACK Tag . . . . . . . . . . .201 10.13.1 Version-max . . . . . . . . . . . . . . . . . . . . .152
10.16.6 BegRun . . . . . . . . . . . . . . . . . . . . . . . .201 10.13.2 Version-active . . . . . . . . . . . . . . . . . . . .152
10.13.3 TSIH . . . . . . . . . . . . . . . . . . . . . . . . .153
10.13.4 StatSN . . . . . . . . . . . . . . . . . . . . . . . .153
10.13.5 Status-Class and Status-Detail . . . . . . . . . . . .153
10.13.6 T (Transit) bit . . . . . . . . . . . . . . . . . . .156
10.13.7 C (Continue) Bit . . . . . . . . . . . . . . . . . . .156
Julian Satran Expires June 2003 10 Julian Satran Expires August 2003 9
iSCSI 3-November-02 iSCSI 19-January-03
10.16.7 RunLength . . . . . . . . . . . . . . . . . . . . . .202 10.13.8 Login Parameters . . . . . . . . . . . . . . . . . . .156
10.17 Reject . . . . . . . . . . . . . . . . . . . . . . . . . .203 10.14 Logout Request . . . . . . . . . . . . . . . . . . . . . .157
10.17.1 Reason . . . . . . . . . . . . . . . . . . . . . . . .204 10.14.1 Reason Code . . . . . . . . . . . . . . . . . . . . .158
10.17.2 DataSN/R2TSN . . . . . . . . . . . . . . . . . . . . .205 10.14.2 TotalAHSLength and DataSegmentLength . . . . . . . . .159
10.17.3 StatSN, ExpCmdSN and MaxCmdSN . . . . . . . . . . . .205 10.14.3 CID . . . . . . . . . . . . . . . . . . . . . . . . .159
10.17.4 Complete Header of Bad PDU . . . . . . . . . . . . . .205 10.14.4 ExpStatSN . . . . . . . . . . . . . . . . . . . . . .159
10.18 NOP-Out . . . . . . . . . . . . . . . . . . . . . . . . . .206 10.14.5 Implicit termination of tasks . . . . . . . . . . . .159
10.18.1 Initiator Task Tag . . . . . . . . . . . . . . . . . .207 10.15 Logout Response . . . . . . . . . . . . . . . . . . . . . .161
10.18.2 Target Transfer Tag . . . . . . . . . . . . . . . . .207 10.15.1 Response . . . . . . . . . . . . . . . . . . . . . . .161
10.18.3 Ping Data . . . . . . . . . . . . . . . . . . . . . .207 10.15.2 TotalAHSLength and DataSegmentLength . . . . . . . . .161
10.19 NOP-In . . . . . . . . . . . . . . . . . . . . . . . . . .208 10.15.3 Time2Wait . . . . . . . . . . . . . . . . . . . . . .162
10.19.1 Target Transfer Tag . . . . . . . . . . . . . . . . .209 10.15.4 Time2Retain . . . . . . . . . . . . . . . . . . . . .162
10.19.2 StatSN . . . . . . . . . . . . . . . . . . . . . . . .209 10.16 SNACK Request . . . . . . . . . . . . . . . . . . . . . .163
10.19.3 LUN . . . . . . . . . . . . . . . . . . . . . . . . .209 10.16.1 Type . . . . . . . . . . . . . . . . . . . . . . . . .164
11. iSCSI Security Keys and Authentication Methods . . . . . . . .210 10.16.2 Data Acknowledgement . . . . . . . . . . . . . . . . .164
11.1 AuthMethod . . . . . . . . . . . . . . . . . . . . . . . .210 10.16.3 Resegmentation . . . . . . . . . . . . . . . . . . . .164
11.1.1 Kerberos . . . . . . . . . . . . . . . . . . . . . . .212 10.16.4 Initiator Task Tag . . . . . . . . . . . . . . . . . .165
11.1.2 Simple Public-Key Mechanism (SPKM) . . . . . . . . . .213 10.16.5 Target Transfer Tag or SNACK Tag . . . . . . . . . . .165
11.1.3 Secure Remote Password (SRP) . . . . . . . . . . . . .214 10.16.6 BegRun . . . . . . . . . . . . . . . . . . . . . . . .165
11.1.4 Challenge Handshake Authentication Protocol (CHAP) . .215 10.16.7 RunLength . . . . . . . . . . . . . . . . . . . . . .166
12. Login/Text Operational Keys . . . . . . . . . . . . . . . . .217 10.17 Reject . . . . . . . . . . . . . . . . . . . . . . . . . .167
12.1 HeaderDigest and DataDigest . . . . . . . . . . . . . . . .217 10.17.1 Reason . . . . . . . . . . . . . . . . . . . . . . . .167
12.2 MaxConnections . . . . . . . . . . . . . . . . . . . . . .220 10.17.2 DataSN/R2TSN . . . . . . . . . . . . . . . . . . . . .169
12.3 SendTargets . . . . . . . . . . . . . . . . . . . . . . . .220 10.17.3 StatSN, ExpCmdSN and MaxCmdSN . . . . . . . . . . . .169
12.4 TargetName . . . . . . . . . . . . . . . . . . . . . . . .220 10.17.4 Complete Header of Bad PDU . . . . . . . . . . . . . .169
12.5 InitiatorName . . . . . . . . . . . . . . . . . . . . . . .221 10.18 NOP-Out . . . . . . . . . . . . . . . . . . . . . . . . . .170
12.6 TargetAlias . . . . . . . . . . . . . . . . . . . . . . . .221 10.18.1 Initiator Task Tag . . . . . . . . . . . . . . . . . .170
12.7 InitiatorAlias . . . . . . . . . . . . . . . . . . . . . .222 10.18.2 Target Transfer Tag . . . . . . . . . . . . . . . . .171
12.8 TargetAddress . . . . . . . . . . . . . . . . . . . . . . .222 10.18.3 Ping Data . . . . . . . . . . . . . . . . . . . . . .171
12.9 TargetPortalGroupTag . . . . . . . . . . . . . . . . . . .223 10.19 NOP-In . . . . . . . . . . . . . . . . . . . . . . . . . .172
12.10 InitialR2T . . . . . . . . . . . . . . . . . . . . . . . .224 10.19.1 Target Transfer Tag . . . . . . . . . . . . . . . . .173
12.11 ImmediateData . . . . . . . . . . . . . . . . . . . . . .224 10.19.2 StatSN . . . . . . . . . . . . . . . . . . . . . . . .173
12.12 MaxRecvDataSegmentLength . . . . . . . . . . . . . . . . .225 10.19.3 LUN . . . . . . . . . . . . . . . . . . . . . . . . .173
12.13 MaxBurstLength . . . . . . . . . . . . . . . . . . . . . .226 11. iSCSI Security Text Keys and Authentication Methods . . . . .174
12.14 FirstBurstLength . . . . . . . . . . . . . . . . . . . . .226 11.1 AuthMethod . . . . . . . . . . . . . . . . . . . . . . . .174
12.15 DefaultTime2Wait . . . . . . . . . . . . . . . . . . . . .227 11.1.1 Kerberos . . . . . . . . . . . . . . . . . . . . . . .176
12.16 DefaultTime2Retain . . . . . . . . . . . . . . . . . . . .227 11.1.2 Simple Public-Key Mechanism (SPKM) . . . . . . . . . .176
12.17 MaxOutstandingR2T . . . . . . . . . . . . . . . . . . . .228 11.1.3 Secure Remote Password (SRP) . . . . . . . . . . . . .177
12.18 DataPDUInOrder . . . . . . . . . . . . . . . . . . . . . .228 11.1.4 Challenge Handshake Authentication Protocol (CHAP) . .178
12.19 DataSequenceInOrder . . . . . . . . . . . . . . . . . . .229 12. Login/Text Operational Text Keys . . . . . . . . . . . . . . .180
12.20 ErrorRecoveryLevel . . . . . . . . . . . . . . . . . . . .229 12.1 HeaderDigest and DataDigest . . . . . . . . . . . . . . . .180
12.21 SessionType . . . . . . . . . . . . . . . . . . . . . . .230 12.2 MaxConnections . . . . . . . . . . . . . . . . . . . . . .182
12.22 The Private or Public Extension Key Format . . . . . . . .230 12.3 SendTargets . . . . . . . . . . . . . . . . . . . . . . . .182
12.4 TargetName . . . . . . . . . . . . . . . . . . . . . . . .182
12.5 InitiatorName . . . . . . . . . . . . . . . . . . . . . . .183
12.6 TargetAlias . . . . . . . . . . . . . . . . . . . . . . . .183
12.7 InitiatorAlias . . . . . . . . . . . . . . . . . . . . . .184
12.8 TargetAddress . . . . . . . . . . . . . . . . . . . . . . .184
Julian Satran Expires June 2003 11 Julian Satran Expires August 2003 10
iSCSI 3-November-02 iSCSI 19-January-03
13. IANA Considerations . . . . . . . . . . . . . . . . . . . . .232 12.9 TargetPortalGroupTag . . . . . . . . . . . . . . . . . . .185
13.1 Naming Requirements . . . . . . . . . . . . . . . . . . . .234 12.10 InitialR2T . . . . . . . . . . . . . . . . . . . . . . . .185
13.2 Mechanism Specification Requirements . . . . . . . . . . .234 12.11 ImmediateData . . . . . . . . . . . . . . . . . . . . . .186
13.3 Publication Requirements . . . . . . . . . . . . . . . . .234 12.12 MaxRecvDataSegmentLength . . . . . . . . . . . . . . . . .186
13.4 Security Requirements . . . . . . . . . . . . . . . . . . .234 12.13 MaxBurstLength . . . . . . . . . . . . . . . . . . . . . .187
13.5 Registration Procedure . . . . . . . . . . . . . . . . . .235 12.14 FirstBurstLength . . . . . . . . . . . . . . . . . . . . .187
13.5.1 Present the iSCSI extension item to the Community . . .235 12.15 DefaultTime2Wait . . . . . . . . . . . . . . . . . . . . .188
13.5.2 iSCSI extension item review and IESG approval . . . . .235 12.16 DefaultTime2Retain . . . . . . . . . . . . . . . . . . . .188
13.5.3 IANA Registration . . . . . . . . . . . . . . . . . . .235 12.17 MaxOutstandingR2T . . . . . . . . . . . . . . . . . . . .188
13.5.4 Standard iSCSI extension item-label format . . . . . .235 12.18 DataPDUInOrder . . . . . . . . . . . . . . . . . . . . . .189
13.6 IANA Procedures for Registering iSCSI extension items . . .236 12.19 DataSequenceInOrder . . . . . . . . . . . . . . . . . . .189
References and Bibliography . . . . . . . . . . . . . . . . . . 237 12.20 ErrorRecoveryLevel . . . . . . . . . . . . . . . . . . . .189
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 239 12.21 SessionType . . . . . . . . . . . . . . . . . . . . . . .190
Appendix A. Sync and Steering with Fixed Interval Markers . . . .241 12.22 The Private or Public Extension Key Format . . . . . . . .190
A.1 Markers At Fixed Intervals . . . . . . . . . . . . . . . .241 13. IANA Considerations . . . . . . . . . . . . . . . . . . . . .192
A.2 Initial Marker-less Interval . . . . . . . . . . . . . . .242 13.1 Naming Requirements . . . . . . . . . . . . . . . . . . . .193
A.3 Negotiation . . . . . . . . . . . . . . . . . . . . . . . .242 13.2 Mechanism Specification Requirements . . . . . . . . . . .193
A.3.1 OFMarker, IFMarker . . . . . . . . . . . . . . . . . .242 13.3 Publication Requirements . . . . . . . . . . . . . . . . .193
A.3.2 OFMarkInt, IFMarkInt . . . . . . . . . . . . . . . . .243 13.4 Security Requirements . . . . . . . . . . . . . . . . . . .193
Appendix B. Examples . . . . . . . . . . . . . . . . . . . . . . .245 13.5 Registration Procedure . . . . . . . . . . . . . . . . . .194
B.2 Write Operation Example . . . . . . . . . . . . . . . . . .246 13.5.1 Present the iSCSI extension item to the Community . . .194
B.3 R2TSN/DataSN Use Examples . . . . . . . . . . . . . . . . .246 13.5.2 iSCSI extension item review and IESG approval . . . . .194
B.4 CRC Examples . . . . . . . . . . . . . . . . . . . . . . .250 13.5.3 IANA Registration . . . . . . . . . . . . . . . . . . .194
Appendix C. Login Phase Examples . . . . . . . . . . . . . . . . .252 13.5.4 Standard iSCSI extension item-label format . . . . . .194
Appendix D. SendTargets Operation . . . . . . . . . . . . . . . .261 13.6 IANA Procedures for Registering iSCSI extension items . . .195
Appendix E. Algorithmic Presentation of Error Recovery Classes . .266 References and Bibliography . . . . . . . . . . . . . . . . . . 196
E.2 Within-command Error Recovery Algorithms . . . . . . . . .267 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 198
E.2.1 Procedure Descriptions . . . . . . . . . . . . . . . .267 Appendix A. Sync and Steering with Fixed Interval Markers . . . .199
E.2.2 Initiator Algorithms . . . . . . . . . . . . . . . . .268 A.1 Markers At Fixed Intervals . . . . . . . . . . . . . . . .199
E.2.3 Target Algorithms . . . . . . . . . . . . . . . . . .270 A.2 Initial Marker-less Interval . . . . . . . . . . . . . . .200
E.3 Within-connection Recovery Algorithms . . . . . . . . . . .273 A.3 Negotiation . . . . . . . . . . . . . . . . . . . . . . . .200
E.3.1 Procedure Descriptions . . . . . . . . . . . . . . . .273 A.3.1 OFMarker, IFMarker . . . . . . . . . . . . . . . . . .200
E.3.2 Initiator Algorithms . . . . . . . . . . . . . . . . .274 A.3.2 OFMarkInt, IFMarkInt . . . . . . . . . . . . . . . . .201
E.3.3 Target Algorithms . . . . . . . . . . . . . . . . . .277 Appendix B. Examples . . . . . . . . . . . . . . . . . . . . . . .202
E.4 Connection Recovery Algorithms . . . . . . . . . . . . . .277 B.1 Read Operation Example . . . . . . . . . . . . . . . . . .202
E.4.1 Procedure Descriptions . . . . . . . . . . . . . . . .277 B.2 Write Operation Example . . . . . . . . . . . . . . . . . .202
E.4.2 Initiator Algorithms . . . . . . . . . . . . . . . . .278 B.3 R2TSN/DataSN Use Examples . . . . . . . . . . . . . . . . .202
E.4.3 Target Algorithms . . . . . . . . . . . . . . . . . .280 B.4 CRC Examples . . . . . . . . . . . . . . . . . . . . . . .205
Appendix F. Clearing Effects of Various Events on Targets . . . .283 Appendix C. Login Phase Examples . . . . . . . . . . . . . . . . .207
F.1 Clearing Effects on iSCSI Objects . . . . . . . . . . . . .283 Appendix D. SendTargets Operation . . . . . . . . . . . . . . . .215
F.2 Clearing Effects on SCSI Objects . . . . . . . . . . . . .288 Appendix E. Algorithmic Presentation of Error Recovery Classes . .219
Full Copyright Statement . . . . . . . . . . . . . . . . . . . . 290 E.1 General Data Structure and Procedure Description . . . . .219
E.2 Within-command Error Recovery Algorithms . . . . . . . . .220
E.2.1 Procedure Descriptions . . . . . . . . . . . . . . . .220
E.2.2 Initiator Algorithms . . . . . . . . . . . . . . . . .221
E.2.3 Target Algorithms . . . . . . . . . . . . . . . . . .223
E.3 Within-connection Recovery Algorithms . . . . . . . . . . .225
E.3.1 Procedure Descriptions . . . . . . . . . . . . . . . .225
Julian Satran Expires June 2003 12 Julian Satran Expires August 2003 11
iSCSI 3-November-02 iSCSI 19-January-03
Notice of Intellectual Property Rights . . . . . . . . . . . . . 290 E.3.2 Initiator Algorithms . . . . . . . . . . . . . . . . .226
E.3.3 Target Algorithms . . . . . . . . . . . . . . . . . .228
E.4 Connection Recovery Algorithms . . . . . . . . . . . . . .229
E.4.1 Procedure Descriptions . . . . . . . . . . . . . . . .229
E.4.2 Initiator Algorithms . . . . . . . . . . . . . . . . .229
E.4.3 Target Algorithms . . . . . . . . . . . . . . . . . .232
Appendix F. Clearing Effects of Various Events on Targets . . . .234
F.1 Clearing Effects on iSCSI Objects . . . . . . . . . . . . .234
F.2 Clearing Effects on SCSI Objects . . . . . . . . . . . . .237
Full Copyright Statement . . . . . . . . . . . . . . . . . . . . 238
Notice of Intellectual Property Rights . . . . . . . . . . . . . 238
Julian Satran Expires June 2003 13 Julian Satran Expires August 2003 12
iSCSI 3-November-02 iSCSI 19-January-03
1. Introduction 1. Introduction
The Small Computer Systems Interface (SCSI) is a popular family of The Small Computer Systems Interface (SCSI) is a popular family of
protocols for communicating with I/O devices, especially storage protocols for communicating with I/O devices, especially storage
devices. SCSI is a client-server architecture. Clients of a SCSI devices. SCSI is a client-server architecture. Clients of a SCSI
interface are called "initiators". Initiators issue SCSI "commands" interface are called "initiators". Initiators issue SCSI "commands"
to request services from components, logical units, of a server to request services from components, logical units, of a server
known as a "target". A "SCSI transport" maps the client-server SCSI known as a "target". A "SCSI transport" maps the client-server SCSI
protocol to a specific interconnect. Initiators are one endpoint of protocol to a specific interconnect. Initiators are one endpoint of
skipping to change at line 546 skipping to change at line 544
The SCSI protocol has been mapped over various transports, including The SCSI protocol has been mapped over various transports, including
Parallel SCSI, IPI, IEEE-1394 (firewire) and Fibre Channel. These Parallel SCSI, IPI, IEEE-1394 (firewire) and Fibre Channel. These
transports are I/O specific and have limited distance capabilities. transports are I/O specific and have limited distance capabilities.
The iSCSI protocol defined in this document describes a means of The iSCSI protocol defined in this document describes a means of
transporting of the SCSI packets over TCP/IP, providing for an transporting of the SCSI packets over TCP/IP, providing for an
interoperable solution which can take advantage of existing Internet interoperable solution which can take advantage of existing Internet
infrastructure, Internet management facilities and address distance infrastructure, Internet management facilities and address distance
limitations. limitations.
Julian Satran Expires June 2003 13 Julian Satran Expires August 2003 13
iSCSI 3-November-02 iSCSI 19-January-03
2. Definitions and Acronyms 2. Definitions and Acronyms
2.1 Definitions 2.1 Definitions
- Alias: An alias string can also be associated with an iSCSI Node. - Alias: An alias string can also be associated with an iSCSI Node.
The alias allows an organization to associate a user-friendly string The alias allows an organization to associate a user-friendly string
with the iSCSI Name. However, the alias string is not a substitute with the iSCSI Name. However, the alias string is not a substitute
for the iSCSI Name. for the iSCSI Name.
skipping to change at line 593 skipping to change at line 591
- iSCSI Name: The name of an iSCSI initiator or iSCSI target. - iSCSI Name: The name of an iSCSI initiator or iSCSI target.
- iSCSI Node: The iSCSI Node represents a single iSCSI initiator or - iSCSI Node: The iSCSI Node represents a single iSCSI initiator or
iSCSI target. There are one or more iSCSI Nodes within a Network iSCSI target. There are one or more iSCSI Nodes within a Network
Entity. The iSCSI Node is accessible via one or more Network Entity. The iSCSI Node is accessible via one or more Network
Portals. An iSCSI Node is identified by its iSCSI Name. The Portals. An iSCSI Node is identified by its iSCSI Name. The
separation of the iSCSI Name from the addresses used by and for the separation of the iSCSI Name from the addresses used by and for the
iSCSI Node allows multiple iSCSI nodes to use the same address, and iSCSI Node allows multiple iSCSI nodes to use the same address, and
the same iSCSI node to use multiple addresses. the same iSCSI node to use multiple addresses.
Julian Satran Expires June 2003 14
iSCSI 3-November-02
- iSCSI Target Name: The iSCSI Target Name specifies the worldwide - iSCSI Target Name: The iSCSI Target Name specifies the worldwide
unique name of the target. unique name of the target.
- iSCSI Target Node: The "target". - iSCSI Target Node: The "target".
- iSCSI Task: An iSCSI task is an iSCSI request for which a response - iSCSI Task: An iSCSI task is an iSCSI request for which a response
is expected. is expected.
- iSCSI Transfer Direction: The iSCSI transfer direction is defined - iSCSI Transfer Direction: The iSCSI transfer direction is defined
with regard to the initiator. Outbound or outgoing transfers are with regard to the initiator. Outbound or outgoing transfers are
Julian Satran Expires August 2003 14
iSCSI 19-January-03
transfers from the initiator to the target, while inbound or incoming transfers from the initiator to the target, while inbound or incoming
transfers are from the target to the initiator. transfers are from the target to the initiator.
- ISID: The initiator part of the Session Identifier. It is - ISID: The initiator part of the Session Identifier. It is
explicitly specified by the initiator during Login. explicitly specified by the initiator during Login.
- I_T nexus: According to [SAM2], the I_T nexus is a relationship - I_T nexus: According to [SAM2], the I_T nexus is a relationship
between a SCSI Initiator Port and a SCSI Target Port. For iSCSI, between a SCSI Initiator Port and a SCSI Target Port. For iSCSI,
this relationship is a session, defined as a relationship between an this relationship is a session, defined as a relationship between an
iSCSI Initiator's end of the session (SCSI Initiator Port) and the iSCSI Initiator's end of the session (SCSI Initiator Port) and the
skipping to change at line 637 skipping to change at line 636
- Network Portal: The Network Portal is a component of a Network - Network Portal: The Network Portal is a component of a Network
Entity that has a TCP/IP network address and that may be used by an Entity that has a TCP/IP network address and that may be used by an
iSCSI Node within that Network Entity for the connection(s) within iSCSI Node within that Network Entity for the connection(s) within
one of its iSCSI sessions. A Network Portal in an initiator is one of its iSCSI sessions. A Network Portal in an initiator is
identified by its IP address. A Network Portal in a target is identified by its IP address. A Network Portal in a target is
identified by its IP address and its listening TCP port. identified by its IP address and its listening TCP port.
- Originator: In a negotiation or exchange, the party that initiates - Originator: In a negotiation or exchange, the party that initiates
the negotiation or exchange. the negotiation or exchange.
Julian Satran Expires June 2003 15
iSCSI 3-November-02
- PDU (Protocol Data Unit): The initiator and target divide their - PDU (Protocol Data Unit): The initiator and target divide their
communications into messages. The term "iSCSI protocol data unit" communications into messages. The term "iSCSI protocol data unit"
(iSCSI PDU) is used for these messages. (iSCSI PDU) is used for these messages.
- Portal Groups: iSCSI supports multiple connections within the same - Portal Groups: iSCSI supports multiple connections within the same
session; some implementations will have the ability to combine session; some implementations will have the ability to combine
connections in a session across multiple Network Portals. A Portal connections in a session across multiple Network Portals. A Portal
Group defines a set of Network Portals within an iSCSI Network Group defines a set of Network Portals within an iSCSI Network
Entity that collectively supports the capability of coordinating a Entity that collectively supports the capability of coordinating a
session with connections spanning these portals. Not all Network session with connections spanning these portals. Not all Network
skipping to change at line 663 skipping to change at line 659
a given iSCSI Node, belongs to exactly one portal group within that a given iSCSI Node, belongs to exactly one portal group within that
node. node.
- Portal Group Tag: This 16-bit quantity identifies a Portal Group - Portal Group Tag: This 16-bit quantity identifies a Portal Group
within an iSCSI Node. All Network Portals with the same portal group within an iSCSI Node. All Network Portals with the same portal group
tag in the context of a given iSCSI Node are in the same Portal tag in the context of a given iSCSI Node are in the same Portal
Group. Group.
- Recovery R2T: An R2T generated by a target upon detecting the loss - Recovery R2T: An R2T generated by a target upon detecting the loss
of one or more Data-Out PDUs through one of the following means: a of one or more Data-Out PDUs through one of the following means: a
Julian Satran Expires August 2003 15
iSCSI 19-January-03
digest error, a sequence error, or a sequence reception timeout. A digest error, a sequence error, or a sequence reception timeout. A
recovery recovery
R2T carries the next unused R2TSN, but requests all or part of the R2T carries the next unused R2TSN, but requests all or part of the
data burst that an earlier R2T (with a lower R2TSN) had already data burst that an earlier R2T (with a lower R2TSN) had already
requested. requested.
- Responder: In a negotiation or exchange, the party that responds - Responder: In a negotiation or exchange, the party that responds
to the originator of the negotiation or exchange. to the originator of the negotiation or exchange.
- SCSI Device: This is the SAM2 term for an entity that contains one - SCSI Device: This is the SAM2 term for an entity that contains one
or more SCSI ports that are connected to a service delivery or more SCSI ports that are connected to a service delivery
subsystem and supports a SCSI application protocol. For example, a subsystem and supports a SCSI application protocol. For example, a
SCSI Initiator Device contains one or more SCSI Initiator Ports and SCSI Initiator Device contains one or more SCSI Initiator Ports and
zero or more application clients. A Target Device contains one or zero or more application clients. A Target Device contains one or
more SCSI Target Ports and one or more device servers and associated more SCSI Target Ports and one or more device servers and associated
logical units. For iSCSI, the SCSI Device is the component within an logical units. For iSCSI, the SCSI Device is the component within an
iSCSI Node that provides the SCSI functionality. As such, there can iSCSI Node that provides the SCSI functionality. As such, there can
be, at most, one SCSI Device within a given iSCSI Node. Access to be, at most, one SCSI Device within a given iSCSI Node. Access to
the SCSI Device can only be achieved in an iSCSI normal operational the SCSI Device can only be achieved in an iSCSI normal operational
Julian Satran Expires June 2003 16
iSCSI 3-November-02
session. The SCSI Device Name is defined to be the iSCSI Name of the session. The SCSI Device Name is defined to be the iSCSI Name of the
node. node.
- SCSI Layer: This builds/receives SCSI CDBs (Command Descriptor - SCSI Layer: This builds/receives SCSI CDBs (Command Descriptor
Blocks) and relays/receives them with the remaining command execute Blocks) and relays/receives them with the remaining command execute
[SAM2] parameters to/from the iSCSI Layer. [SAM2] parameters to/from the iSCSI Layer.
- Session: The group of TCP connections that link an initiator with - Session: The group of TCP connections that link an initiator with
a target form a session (loosely equivalent to a SCSI I-T nexus). a target form a session (loosely equivalent to a SCSI I-T nexus).
TCP connections can be added and removed from a session. Across all TCP connections can be added and removed from a session. Across all
connections within a session, an initiator sees one and the same connections within a session, an initiator sees one and the same
target. target.
- SSID (Session ID): A session between an iSCSI initiator and an - SSID (Session ID): A session between an iSCSI initiator and an
iSCSI target is defined by a session ID that is a tuple composed of iSCSI target is defined by a session ID that is a tuple composed of
an initiator part (ISID) and a target part (Target Portal Group an initiator part (ISID) and a target part (Target Portal Group
Tag). The ISID is explicitly specified by the initiator at session Tag). The ISID is explicitly specified by the initiator at session
establishment. The Target Portal Group Tag is implied by the establishment. The Target Portal Group Tag is implied by the
initiator through the selection of the TCP endpoint at connection initiator through the selection of the TCP endpoint at connection
establishment. The TargetPortalGroupTag key may also be returned by establishment. The TargetPortalGroupTag key must also be returned by
the target as a confirmation during session establishment. the target as a confimation during connection establishment.
- SCSI Initiator Port: This maps to the endpoint of an iSCSI normal - SCSI Initiator Port: This maps to the endpoint of an iSCSI normal
operational session. An iSCSI normal operational session is operational session. An iSCSI normal operational session is
negotiated through the login process between an iSCSI initiator node negotiated through the login process between an iSCSI initiator node
and an iSCSI target node. At successful completion of this process, and an iSCSI target node. At successful completion of this process,
a SCSI Initiator Port is created within the SCSI Initiator Device. a SCSI Initiator Port is created within the SCSI Initiator Device.
The SCSI Initiator Port Name and SCSI Initiator Port Identifier are The SCSI Initiator Port Name and SCSI Initiator Port Identifier are
both defined to be the iSCSI Initiator Name together with (a) a both defined to be the iSCSI Initiator Name together with (a) a
label that identifies it as an initiator port name/identifier and label that identifies it as an initiator port name/identifier and
(b) the ISID portion of the session identifier. (b) the ISID portion of the session identifier.
- SCSI Port: This is the SAM2 term for an entity in a SCSI Device - SCSI Port: This is the SAM2 term for an entity in a SCSI Device
that provides the SCSI functionality to interface with a service that provides the SCSI functionality to interface with a service
delivery subsystem. For iSCSI, the definition of the SCSI Initiator delivery subsystem. For iSCSI, the definition of the SCSI Initiator
Port and the SCSI Target Port are different. Port and the SCSI Target Port are different.
Julian Satran Expires August 2003 16
iSCSI 19-January-03
- SCSI Port Name: A name made up as UTF-8 characters and includes - SCSI Port Name: A name made up as UTF-8 characters and includes
the iSCSI Name + 'i' or 't' + ISID or Portal Group Tag. the iSCSI Name + 'i' or 't' + ISID or Portal Group Tag.
- SCSI Target Port: This maps to an iSCSI Target Portal Group. - SCSI Target Port: This maps to an iSCSI Target Portal Group.
Julian Satran Expires June 2003 17
iSCSI 3-November-02
- SCSI Target Port Name and SCSI Target Port Identifier: These are - SCSI Target Port Name and SCSI Target Port Identifier: These are
both defined to be the iSCSI Target Name together with (a) a label both defined to be the iSCSI Target Name together with (a) a label
that identifies it as a target port name/identifier and (b) the that identifies it as a target port name/identifier and (b) the
portal group tag. portal group tag.
- Target Portal Group Tag: A numerical identifier (16-bit) for an - Target Portal Group Tag: A numerical identifier (16-bit) for an
iSCSI Target Portal Group. iSCSI Target Portal Group.
- TSIH (Target Session Identifying Handle): A target assigned tag - TSIH (Target Session Identifying Handle): A target assigned tag
for a session with a specific named initiator. The target generates for a session with a specific named initiator. The target generates
it during session establishment. Its internal format and content are it during session establishment. Its internal format and content are
not defined by this protocol except for the value 0 that is reserved not defined by this protocol except for the value 0 that is reserved
and used by the initiator to indicate a new session. It is given to and used by the initiator to indicate a new session. It is given to
the target during additional connection establishment for the same the target during additional connection establishment for the same
session. session.
Julian Satran Expires June 2003 18 Julian Satran Expires August 2003 17
iSCSI 3-November-02 iSCSI 19-January-03
2.2 Acronyms 2.2 Acronyms
AcronymDefinition AcronymDefinition
-------------------------------------------------------------- --------------------------------------------------------------
3DES Triple Data Encryption Standard 3DES Triple Data Encryption Standard
ACA Auto Contingent Allegiance ACA Auto Contingent Allegiance
AEN Asynchronous Event Notification AEN Asynchronous Event Notification
AES Advanced Encryption Standard AES Advanced Encryption Standard
AH Additional Header (not the IPsec AH!) AH Additional Header (not the IPsec AH!)
skipping to change at line 793 skipping to change at line 789
FIM Fixed Interval Marker FIM Fixed Interval Marker
Gbps Gigabits per Second Gbps Gigabits per Second
HBA Host Bus Adapter HBA Host Bus Adapter
HMAC Hashed Message Authentication Code HMAC Hashed Message Authentication Code
I_T Initiator_Target I_T Initiator_Target
I_T_L Initiator_Target_LUN I_T_L Initiator_Target_LUN
IANA Internet Assigned Numbers Authority IANA Internet Assigned Numbers Authority
ID Identifier ID Identifier
IDN Internationalized Domain Name IDN Internationalized Domain Name
IEEE Institute of Electrical & Electronics Engineers IEEE Institute of Electrical & Electronics Engineers
Julian Satran Expires June 2003 19
iSCSI 3-November-02
IETF Internet Engineering Task Force IETF Internet Engineering Task Force
IKE Internet Key Exchange IKE Internet Key Exchange
I/O Input - Output I/O Input - Output
IO Initialize Only IO Initialize Only
IP Internet Protocol IP Internet Protocol
IPsec Internet Protocol Security IPsec Internet Protocol Security
IPv4 Internet Protocol Version 4 IPv4 Internet Protocol Version 4
IPv6 Internet Protocol Version 6 IPv6 Internet Protocol Version 6
IQN iSCSI Qualified Name IQN iSCSI Qualified Name
ISID Initiator Session ID ISID Initiator Session ID
ITN iSCSI Target Name ITN iSCSI Target Name
ITT Initiator Task Tag ITT Initiator Task Tag
KRB5 Kerberos V5 KRB5 Kerberos V5
Julian Satran Expires August 2003 18
iSCSI 19-January-03
LFL Lower Functional Layer LFL Lower Functional Layer
LTDS Logical-Text-Data-Segment LTDS Logical-Text-Data-Segment
LO Leading Only LO Leading Only
LU Logical Unit LU Logical Unit
LUN Logical Unit Number LUN Logical Unit Number
MAC Message Authentication Codes MAC Message Authentication Codes
NA Not Applicable NA Not Applicable
NIC Network Interface Card NIC Network Interface Card
NOP No Operation NOP No Operation
NSG Next Stage NSG Next Stage
skipping to change at line 840 skipping to change at line 836
SCSI Small Computer Systems Interface SCSI Small Computer Systems Interface
SN Sequence Number SN Sequence Number
SNACK Selective Negative Acknowledgment - also SNACK Selective Negative Acknowledgment - also
Sequence Number Acknowledgement for data Sequence Number Acknowledgement for data
SPKM Simple Public-Key Mechanism SPKM Simple Public-Key Mechanism
SRP Secure Remote Password SRP Secure Remote Password
SSID Session ID SSID Session ID
SW Session Wide SW Session Wide
TCB Task Control Block TCB Task Control Block
TCP Transmission Control Protocol TCP Transmission Control Protocol
TPGT Target Portal Group Tag
Julian Satran Expires June 2003 20 TSIH Target Session Identifying Handle
iSCSI 3-November-02 TTT Target Transfer Tag
UFL Upper Functional Layer
TPGT Target Portal Group Tag ULP Upper Level Protocol
TSIH Target Session Identifying Handle URN Uniform Resource Names
TTT Target Transfer Tag UTF Universal Transformation Format
UFL Upper Functional Layer WG Working Group
ULP Upper Level Protocol
URN Uniform Resource Names
UTF Universal Transformation Format
WG Working Group
2.3 Conventions 2.3 Conventions
In examples, "I->" and "T->" show iSCSI PDUs sent by the initiator In examples, "I->" and "T->" show iSCSI PDUs sent by the initiator
and target respectively. and target respectively.
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC2119. document are to be interpreted as described in RFC2119.
iSCSI messages - PDUs - are represented by diagrams as in the iSCSI messages - PDUs - are represented by diagrams as in the
following example: following example:
Julian Satran Expires August 2003 19
iSCSI 19-January-03
Byte/ 0 | 1 | 2 | 3 | Byte/ 0 | 1 | 2 | 3 |
/ | | | | / | | | |
|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7| |0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
0| Basic Header Segment (BHS) | 0| Basic Header Segment (BHS) |
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
---------- ----------
+| | +| |
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
The diagrams include byte and bit numbering. The diagrams include byte and bit numbering.
The following representation and ordering rules are observed in this The following representation and ordering rules are observed in this
document: document:
- Word Rule - Word Rule
- Half-word Rule - Half-word Rule
- Byte Rule - Byte Rule
Julian Satran Expires June 2003 21
iSCSI 3-November-02
2.3.1 Word Rule 2.3.1 Word Rule
A word holds four consecutive bytes. Whenever a word has numeric A word holds four consecutive bytes. Whenever a word has numeric
content, it is considered an unsigned number in base 2 positional content, it is considered an unsigned number in base 2 positional
representation with the lowest numbered byte (e.g., byte 0) bit 0 representation with the lowest numbered byte (e.g., byte 0) bit 0
representing 2**31 and bit 1 representing 2**30 through lowest representing 2**31 and bit 1 representing 2**30 through lowest
numbered byte + 3 (e.g., byte 3) bit 7 representing 2**0. numbered byte + 3 (e.g., byte 3) bit 7 representing 2**0.
Decimal and hexadecimal representation of word values map this Decimal and hexadecimal representation of word values map this
skipping to change at line 918 skipping to change at line 910
2.3.3 Byte Rule 2.3.3 Byte Rule
For every PDU, bytes are sent and received in increasing numbered For every PDU, bytes are sent and received in increasing numbered
order (network order). order (network order).
Whenever a byte has numerical content it is considered an unsigned Whenever a byte has numerical content it is considered an unsigned
number in base 2 positional representation with bit 0 representing number in base 2 positional representation with bit 0 representing
2**7 and bit 1 representing 2**6 through bit 7 representing 2**0. 2**7 and bit 1 representing 2**6 through bit 7 representing 2**0.
Julian Satran Expires June 2003 22 Julian Satran Expires August 2003 20
iSCSI 3-November-02 iSCSI 19-January-03
3. Overview 3. Overview
3.1 SCSI Concepts 3.1 SCSI Concepts
The SCSI Architecture Model-2 [SAM2] describes in detail the The SCSI Architecture Model-2 [SAM2] describes in detail the
architecture of the SCSI family of I/O protocols. This section architecture of the SCSI family of I/O protocols. This section
provides a brief background of the SCSI architecture and is intended provides a brief background of the SCSI architecture and is intended
to familiarize readers with its terminology. to familiarize readers with its terminology.
skipping to change at line 964 skipping to change at line 956
response phase. In the data phase, information can travel from the response phase. In the data phase, information can travel from the
initiator to target (e.g., WRITE), target to initiator (e.g., READ), initiator to target (e.g., WRITE), target to initiator (e.g., READ),
or in both directions. In the response phase, the target returns the or in both directions. In the response phase, the target returns the
final status of the operation, including any errors. final status of the operation, including any errors.
Command Descriptor Blocks (CDB) are the data structures used to Command Descriptor Blocks (CDB) are the data structures used to
contain the command parameters that an initiator sends to a target. contain the command parameters that an initiator sends to a target.
The CDB content and structure is defined by [SAM2] and device-type The CDB content and structure is defined by [SAM2] and device-type
specific SCSI standards. specific SCSI standards.
Julian Satran Expires June 2003 23
iSCSI 3-November-02
3.2 iSCSI Concepts and Functional Overview 3.2 iSCSI Concepts and Functional Overview
The iSCSI protocol is a mapping of the SCSI remote procedure The iSCSI protocol is a mapping of the SCSI remote procedure
invocation model (see [SAM2]) over the TCP protocol. SCSI commands invocation model (see [SAM2]) over the TCP protocol. SCSI commands
are carried by iSCSI requests and SCSI responses and status are are carried by iSCSI requests and SCSI responses and status are
carried by iSCSI responses. iSCSI also uses the request response carried by iSCSI responses. iSCSI also uses the request response
mechanism for iSCSI protocol mechanisms. mechanism for iSCSI protocol mechanisms.
For the remainder of this document, the terms "initiator" and For the remainder of this document, the terms "initiator" and
"target" refer to "iSCSI initiator node" and "iSCSI target node", "target" refer to "iSCSI initiator node" and "iSCSI target node",
respectively (see Section 3.4.1 iSCSI Architecture Model) unless respectively (see Section 3.4.1 iSCSI Architecture Model) unless
otherwise qualified. otherwise qualified.
Julian Satran Expires August 2003 21
iSCSI 19-January-03
In keeping with similar protocols, the initiator and target divide In keeping with similar protocols, the initiator and target divide
their communications into messages. This document uses the term their communications into messages. This document uses the term
"iSCSI protocol data unit" (iSCSI PDU) for these messages. "iSCSI protocol data unit" (iSCSI PDU) for these messages.
For performance reasons, iSCSI allows a "phase-collapse". A command For performance reasons, iSCSI allows a "phase-collapse". A command
and its associated data may be shipped together from initiator to and its associated data may be shipped together from initiator to
target, and data and responses may be shipped together from targets. target, and data and responses may be shipped together from targets.
The iSCSI transfer direction is defined with respect to the The iSCSI transfer direction is defined with respect to the
initiator. Outbound or outgoing transfers are transfers from an initiator. Outbound or outgoing transfers are transfers from an
skipping to change at line 1009 skipping to change at line 1001
3.2.1 Layers and Sessions 3.2.1 Layers and Sessions
The following conceptual layering model is used to specify initiator The following conceptual layering model is used to specify initiator
and target actions and the way in which they relate to transmitted and target actions and the way in which they relate to transmitted
and received Protocol Data Units: and received Protocol Data Units:
a) the SCSI layer builds/receives SCSI CDBs (Command a) the SCSI layer builds/receives SCSI CDBs (Command
Descriptor Blocks) and passes/receives them with the remaining Descriptor Blocks) and passes/receives them with the remaining
command execute parameters ([SAM2]) to/from command execute parameters ([SAM2]) to/from
Julian Satran Expires June 2003 24
iSCSI 3-November-02
b) the iSCSI layer that builds/receives iSCSI PDUs and relays/ b) the iSCSI layer that builds/receives iSCSI PDUs and relays/
receives them to/from one or more TCP connections; the group of receives them to/from one or more TCP connections; the group of
connections form an initiator-target "session". connections form an initiator-target "session".
Communication between the initiator and target occurs over one or Communication between the initiator and target occurs over one or
more TCP connections. The TCP connections carry control messages, more TCP connections. The TCP connections carry control messages,
SCSI commands, parameters, and data within iSCSI Protocol Data Units SCSI commands, parameters, and data within iSCSI Protocol Data Units
(iSCSI PDUs). The group of TCP connections that link an initiator (iSCSI PDUs). The group of TCP connections that link an initiator
with a target form a session (loosely equivalent to a SCSI I_T with a target form a session (loosely equivalent to a SCSI I_T
nexus, see Section 3.4.2 SCSI Architecture Model). A session is nexus, see Section 3.4.2 SCSI Architecture Model). A session is
skipping to change at line 1038 skipping to change at line 1026
Across all connections within a session, an initiator sees one Across all connections within a session, an initiator sees one
"target image". All target identifying elements, such as LUN, are "target image". All target identifying elements, such as LUN, are
the same. A target also sees one "initiator image" across all the same. A target also sees one "initiator image" across all
connections within a session. Initiator identifying elements, such connections within a session. Initiator identifying elements, such
as the Initiator Task Tag, are global across the session regardless as the Initiator Task Tag, are global across the session regardless
of the connection on which they are sent or received. of the connection on which they are sent or received.
iSCSI targets and initiators MUST support at least one TCP iSCSI targets and initiators MUST support at least one TCP
connection and MAY support several connections in a session. For connection and MAY support several connections in a session. For
error recovery purposes, targets and initiators that support a error recovery purposes, targets and initiators that support a
Julian Satran Expires August 2003 22
iSCSI 19-January-03
single active connection in a session SHOULD support two connections single active connection in a session SHOULD support two connections
during recovery. during recovery.
3.2.2 Ordering and iSCSI Numbering 3.2.2 Ordering and iSCSI Numbering
iSCSI uses Command and Status numbering schemes and a Data iSCSI uses Command and Status numbering schemes and a Data
sequencing scheme. sequencing scheme.
Command numbering is session-wide and is used for ordered command Command numbering is session-wide and is used for ordered command
delivery over multiple connections. It can also be used as a delivery over multiple connections. It can also be used as a
mechanism for command flow control over a session. mechanism for command flow control over a session.
Status numbering is per connection and is used to enable missing Status numbering is per connection and is used to enable missing
status detection and recovery in the presence of transient or status detection and recovery in the presence of transient or
permanent communication errors. permanent communication errors.
Julian Satran Expires June 2003 25
iSCSI 3-November-02
Data sequencing is per command or part of a command (R2T triggered Data sequencing is per command or part of a command (R2T triggered
sequence) and is used to detect missing data and/or R2T PDUs due to sequence) and is used to detect missing data and/or R2T PDUs due to
header digest errors. header digest errors.
Typically, fields in the iSCSI PDUs communicate the Sequence Numbers Typically, fields in the iSCSI PDUs communicate the Sequence Numbers
between the initiator and target. During periods when traffic on a between the initiator and target. During periods when traffic on a
connection is unidirectional, iSCSI NOP-Out/In PDUs may be utilized connection is unidirectional, iSCSI NOP-Out/In PDUs may be utilized
to synchronize the command and status ordering counters of the to synchronize the command and status ordering counters of the
target and initiator. target and initiator.
skipping to change at line 1097 skipping to change at line 1086
Commands meant for immediate delivery are marked with an immediate Commands meant for immediate delivery are marked with an immediate
delivery flag; they MUST also carry the current CmdSN. CmdSN does delivery flag; they MUST also carry the current CmdSN. CmdSN does
not advance after a command marked for immediate delivery is sent. not advance after a command marked for immediate delivery is sent.
Command numbering starts with the first login request on the first Command numbering starts with the first login request on the first
connection of a session (the leading login on the leading connection of a session (the leading login on the leading
connection) and command numbers are incremented by 1 for every non- connection) and command numbers are incremented by 1 for every non-
immediate command issued afterwards. immediate command issued afterwards.
Julian Satran Expires August 2003 23
iSCSI 19-January-03
If immediate delivery is used with task management commands, these If immediate delivery is used with task management commands, these
commands may reach the target before the tasks on which they are commands may reach the target before the tasks on which they are
supposed to act. However their CmdSN serves as a marker of their supposed to act. However their CmdSN serves as a marker of their
Julian Satran Expires June 2003 26
iSCSI 3-November-02
position in the stream of commands. The initiator and target must position in the stream of commands. The initiator and target must
ensure that the task management commands act as specified by [SAM2]. ensure that the task management commands act as specified by [SAM2].
For example, both commands and responses appear as if delivered in For example, both commands and responses appear as if delivered in
order. Whenever CmdSN for an outgoing PDU is not specified by an order. Whenever CmdSN for an outgoing PDU is not specified by an
explicit rule, CmdSN will carry the current value of the local CmdSN explicit rule, CmdSN will carry the current value of the local CmdSN
variable (see later in this section). variable (see later in this section).
The means by which an implementation decides to mark a PDU for The means by which an implementation decides to mark a PDU for
immediate delivery or by which iSCSI decides by itself to mark a PDU immediate delivery or by which iSCSI decides by itself to mark a PDU
for immediate delivery are beyond the scope of this document. for immediate delivery are beyond the scope of this document.
skipping to change at line 1147 skipping to change at line 1135
increasing order of CmdSN, except for commands that are increasing order of CmdSN, except for commands that are
retransmitted due to digest error recovery and connection recovery. retransmitted due to digest error recovery and connection recovery.
For the numbering mechanism, the initiator and target maintain the For the numbering mechanism, the initiator and target maintain the
following three variables for each session: following three variables for each session:
- CmdSN - the current command Sequence Number, advanced by 1 on - CmdSN - the current command Sequence Number, advanced by 1 on
each command shipped except for commands marked for immediate each command shipped except for commands marked for immediate
delivery. CmdSN always contains the number to be assigned to delivery. CmdSN always contains the number to be assigned to
the next Command PDU. the next Command PDU.
- ExpCmdSN - the next expected command by the target. The
target acknowledges all commands up to, but not including,
this number. The initiator treats all commands with CmdSN less
than ExpCmdSN as acknowledged. The target iSCSI layer sets the
ExpCmdSN to the largest non-immediate CmdSN that it can
deliver for execution plus 1 (no holes in the CmdSN sequence).
- MaxCmdSN - the maximum number to be shipped. The queuing
capacity of the receiving iSCSI layer is MaxCmdSN - ExpCmdSN +
1.
Julian Satran Expires June 2003 27 Julian Satran Expires August 2003 24
iSCSI 3-November-02 iSCSI 19-January-03
- ExpCmdSN - the next expected command by the target. The
target acknowledges all commands up to, but not including,
this number. The initiator treats all commands with CmdSN less
than ExpCmdSN as acknowledged. The target iSCSI layer sets the
ExpCmdSN to the largest non-immediate CmdSN that it can
deliver for execution plus 1 (no holes in the CmdSN sequence).
- MaxCmdSN - the maximum number to be shipped. The queuing
capacity of the receiving iSCSI layer is MaxCmdSN - ExpCmdSN +
1.
The initiator's ExpCmdSN and MaxCmdSN are derived from target-to- The initiator's ExpCmdSN and MaxCmdSN are derived from target-to-
initiator PDU fields. Comparisons and arithmetic on ExpCmdSN and initiator PDU fields. Comparisons and arithmetic on ExpCmdSN and
MaxCmdSN MUST use Serial Number Arithmetic as defined in [RFC1982] MaxCmdSN MUST use Serial Number Arithmetic as defined in [RFC1982]
where SERIAL_BITS = 32. where SERIAL_BITS = 32.
The target MUST NOT transmit a MaxCmdSN that is less than ExpCmdSN- The target MUST NOT transmit a MaxCmdSN that is less than ExpCmdSN-
1. For non-immediate commands, the CmdSN field can take any value 1. For non-immediate commands, the CmdSN field can take any value
from ExpCmdSN to MaxCmdSN inclusive. The target MUST silently ignore from ExpCmdSN to MaxCmdSN inclusive. The target MUST silently ignore
any non-immediate command outside of this range or non-immediate any non-immediate command outside of this range or non-immediate
skipping to change at line 1196 skipping to change at line 1183
-If the PDU ExpCmdSN is greater than the local ExpCmdSN (in -If the PDU ExpCmdSN is greater than the local ExpCmdSN (in
Serial Arithmetic Sense), it updates the local ExpCmdSN; Serial Arithmetic Sense), it updates the local ExpCmdSN;
otherwise, it is ignored. otherwise, it is ignored.
This sequence is required because updates may arrive out of order This sequence is required because updates may arrive out of order
(e.g., the updates are sent on different TCP connections). (e.g., the updates are sent on different TCP connections).
iSCSI initiators and targets MUST support the command numbering iSCSI initiators and targets MUST support the command numbering
scheme. scheme.
Julian Satran Expires June 2003 28
iSCSI 3-November-02
A numbered iSCSI request will not change its allocated CmdSN, A numbered iSCSI request will not change its allocated CmdSN,
regardless of the number of times and circumstances in which it is regardless of the number of times and circumstances in which it is
reissued (see Section 6.2.1 Usage of Retry). At the target, CmdSN is reissued (see Section 6.2.1 Usage of Retry). At the target, CmdSN is
only relevant when the command has not created any state related to only relevant when the command has not created any state related to
its execution (execution state); afterwards, CmdSN becomes its execution (execution state); afterwards, CmdSN becomes
irrelevant. Testing for the execution state (represented by irrelevant. Testing for the execution state (represented by
identifying the Initiator Task Tag) MUST precede any other action at identifying the Initiator Task Tag) MUST precede any other action at
the target. If no execution state is found, it is followed by the target. If no execution state is found, it is followed by
ordering and delivery. If an execution state is found, it is ordering and delivery. If an execution state is found, it is
followed by delivery. followed by delivery.
If an initiator issues a command retry for a command with CmdSN R on If an initiator issues a command retry for a command with CmdSN R on
a connection when the session CmdSN value is Q, it MUST NOT advance a connection when the session CmdSN value is Q, it MUST NOT advance
the CmdSN past R + 2**31 -1 unless the connection is no longer the CmdSN past R + 2**31 -1 unless the connection is no longer
operational (i.e., it has returned to the FREE state, see Section operational (i.e., it has returned to the FREE state, see Section
7.1.3 Standard Connection State Diagram for an Initiator), the 7.1.3 Standard Connection State Diagram for an Initiator), the
connection has been reinstated (see Section 5.3.4 Connection connection has been reinstated (see Section 5.3.4 Connection
Reinstatement), or a non-immediate command with CmdSN equal or Reinstatement), or a non-immediate command with CmdSN equal or
greater than Q was issued subsequent to the command retry on the greater than Q was issued subsequent to the command retry on the
same connection and the reception of that command is acknowledged by same connection and the reception of that command is acknowledged by
Julian Satran Expires August 2003 25
iSCSI 19-January-03
the target (see Section 9.4 Command Retry and Cleaning Old Command the target (see Section 9.4 Command Retry and Cleaning Old Command
Instances). Instances).
A target MUST NOT issue a command response or DATA-In PDU with A target MUST NOT issue a command response or DATA-In PDU with
status before acknowledging the command. However, the status before acknowledging the command. However, the
acknowledgement can be included in the response or Data-in PDU. acknowledgement can be included in the response or Data-in PDU.
3.2.2.2 Response/Status Numbering and Acknowledging 3.2.2.2 Response/Status Numbering and Acknowledging
Responses in transit from the target to the initiator are numbered. Responses in transit from the target to the initiator are numbered.
skipping to change at line 1242 skipping to change at line 1230
32-bit unsigned-integers and the arithmetic operations are the 32-bit unsigned-integers and the arithmetic operations are the
regular mod(2**32) arithmetic. regular mod(2**32) arithmetic.
Status numbering starts with the Login response to the first Login Status numbering starts with the Login response to the first Login
request of the connection. The Login response includes an initial request of the connection. The Login response includes an initial
value for status numbering (any initial value is valid). value for status numbering (any initial value is valid).
To enable command recovery, the target MAY maintain enough state To enable command recovery, the target MAY maintain enough state
information for data and status recovery after a connection failure. information for data and status recovery after a connection failure.
A target doing so can safely discard all of the state information A target doing so can safely discard all of the state information
Julian Satran Expires June 2003 29
iSCSI 3-November-02
maintained for recovery of a command after the delivery of the maintained for recovery of a command after the delivery of the
status for the command (numbered StatSN) is acknowledged through status for the command (numbered StatSN) is acknowledged through
ExpStatSN. ExpStatSN.
A large absolute difference between StatSN and ExpStatSN may A large absolute difference between StatSN and ExpStatSN may
indicate a failed connection. Initiators MUST undertake recovery indicate a failed connection. Initiators MUST undertake recovery
actions if the difference is greater than an implementation defined actions if the difference is greater than an implementation defined
constant that MUST NOT exceed 2**31-1. constant that MUST NOT exceed 2**31-1.
Initiators and Targets MUST support the response-numbering scheme. Initiators and Targets MUST support the response-numbering scheme.
skipping to change at line 1277 skipping to change at line 1261
example, the first R2T has an R2TSN of 0 and advances by 1 for each example, the first R2T has an R2TSN of 0 and advances by 1 for each
subsequent R2T. For bidirectional commands, the target uses the subsequent R2T. For bidirectional commands, the target uses the
DataSN/R2TSN to sequence Data-In and R2T PDUs in one continuous DataSN/R2TSN to sequence Data-In and R2T PDUs in one continuous
sequence (undifferentiated). Unlike command and status, data PDUs sequence (undifferentiated). Unlike command and status, data PDUs
and R2Ts are not acknowledged by a field in regular outgoing PDUs. and R2Ts are not acknowledged by a field in regular outgoing PDUs.
Data-In PDUs can be acknowledged on demand by a special form of the Data-In PDUs can be acknowledged on demand by a special form of the
SNACK PDU. Data and R2T PDUs are implicitly acknowledged by status SNACK PDU. Data and R2T PDUs are implicitly acknowledged by status
for the command. The DataSN/R2TSN field enables the initiator to for the command. The DataSN/R2TSN field enables the initiator to
detect missing data or R2T PDUs. detect missing data or R2T PDUs.
Julian Satran Expires August 2003 26
iSCSI 19-January-03
For any read or bidirectional command, a target MUST issue less than For any read or bidirectional command, a target MUST issue less than
2**32 combined R2T and Data-In PDUs. Any output data sequence MUST 2**32 combined R2T and Data-In PDUs. Any output data sequence MUST
contain less than 2**32 Data-Out PDUs. contain less than 2**32 Data-Out PDUs.
3.2.3 iSCSI Login 3.2.3 iSCSI Login
The purpose of the iSCSI login is to enable a TCP connection for The purpose of the iSCSI login is to enable a TCP connection for
iSCSI use, authentication of the parties, negotiation of the iSCSI use, authentication of the parties, negotiation of the
session's parameters and marking of the connection as belonging to session's parameters and marking of the connection as belonging to
an iSCSI session. an iSCSI session.
Julian Satran Expires June 2003 30
iSCSI 3-November-02
A session is used to identify to a target all the connections with a A session is used to identify to a target all the connections with a
given initiator that belong to the same I_T nexus. (For more details given initiator that belong to the same I_T nexus. (For more details
on how a session relates to an I_T nexus, see Section 3.4.2 SCSI on how a session relates to an I_T nexus, see Section 3.4.2 SCSI
Architecture Model). Architecture Model).
The targets listen on a well-known TCP port or other TCP port for The targets listen on a well-known TCP port or other TCP port for
incoming connections. The initiator begins the login process by incoming connections. The initiator begins the login process by
connecting to one of these TCP ports. connecting to one of these TCP ports.
As part of the login process, the initiator and target SHOULD As part of the login process, the initiator and target SHOULD
skipping to change at line 1334 skipping to change at line 1318
(InitiatorName, ISID). We describe InitiatorName later in this (InitiatorName, ISID). We describe InitiatorName later in this
section. Any persistent state (e.g., persistent reservations) on the section. Any persistent state (e.g., persistent reservations) on the
target that is associated with a SCSI initiator port is identified target that is associated with a SCSI initiator port is identified
based on this value pair. Any state associated with the SCSI target based on this value pair. Any state associated with the SCSI target
port (the "T" in the "I_T nexus") is identified externally by the port (the "T" in the "I_T nexus") is identified externally by the
TargetName and portal group tag (see Section 3.4.1 iSCSI TargetName and portal group tag (see Section 3.4.1 iSCSI
Architecture Model). ISID is subject to reuse restrictions because Architecture Model). ISID is subject to reuse restrictions because
it is used to identify a persistent state (see Section 3.4.3 it is used to identify a persistent state (see Section 3.4.3
Consequences of the Model). Consequences of the Model).
Julian Satran Expires June 2003 31 Julian Satran Expires August 2003 27
iSCSI 3-November-02 iSCSI 19-January-03
Before the Full Feature Phase is established, only Login Request and Before the Full Feature Phase is established, only Login Request and
Login Response PDUs are allowed. Login requests and responses MUST Login Response PDUs are allowed. Login requests and responses MUST
be used exclusively during Login. On any connection, the login phase be used exclusively during Login. On any connection, the login phase
MUST immediately follow TCP connection establishment and a MUST immediately follow TCP connection establishment and a
subsequent Login Phase MUST NOT occur before tearing down a subsequent Login Phase MUST NOT occur before tearing down a
connection. connection.
A target receiving any PDU except a Login request before the Login A target receiving any PDU except a Login request before the Login
phase is started MUST immediately terminate the connection on which phase is started MUST immediately terminate the connection on which
skipping to change at line 1379 skipping to change at line 1363
and data to the various LUs on the target by encapsulating them in and data to the various LUs on the target by encapsulating them in
iSCSI PDUs that go over the established iSCSI session. iSCSI PDUs that go over the established iSCSI session.
3.2.4.1 Command Connection Allegiance 3.2.4.1 Command Connection Allegiance
For any iSCSI request issued over a TCP connection, the For any iSCSI request issued over a TCP connection, the
corresponding response and/or other related PDU(s) MUST be sent over corresponding response and/or other related PDU(s) MUST be sent over
the same connection. We call this "connection allegiance". If the the same connection. We call this "connection allegiance". If the
original connection fails before the command is completed, the original connection fails before the command is completed, the
connection allegiance of the command may be explicitly reassigned to connection allegiance of the command may be explicitly reassigned to
Julian Satran Expires June 2003 32
iSCSI 3-November-02
a different transport connection as described in detail in Section a different transport connection as described in detail in Section
6.2 Retry and Reassign in Recovery. 6.2 Retry and Reassign in Recovery.
Thus, if an initiator issues a READ command, the target MUST send Thus, if an initiator issues a READ command, the target MUST send
the requested data, if any, followed by the status to the initiator the requested data, if any, followed by the status to the initiator
over the same TCP connection that was used to deliver the SCSI over the same TCP connection that was used to deliver the SCSI
command. If an initiator issues a WRITE command, the initiator MUST command. If an initiator issues a WRITE command, the initiator MUST
send the data, if any, for that command over the same TCP connection send the data, if any, for that command over the same TCP connection
that was used to deliver the SCSI command. The target MUST return that was used to deliver the SCSI command. The target MUST return
Ready To Transfer (R2T), if any, and the status over the same TCP Ready To Transfer (R2T), if any, and the status over the same TCP
connection that was used to deliver the SCSI command. Retransmission connection that was used to deliver the SCSI command. Retransmission
requests (SNACK PDUs) and the data and status that they generate requests (SNACK PDUs) and the data and status that they generate
MUST also use the same connection. MUST also use the same connection.
Julian Satran Expires August 2003 28
iSCSI 19-January-03
However, consecutive commands that are part of a SCSI linked However, consecutive commands that are part of a SCSI linked
command-chain task (see [SAM2]) MAY use different connections. command-chain task (see [SAM2]) MAY use different connections.
Connection allegiance is strictly per-command and not per-task. Connection allegiance is strictly per-command and not per-task.
During the iSCSI Full Feature Phase, the initiator and target MAY During the iSCSI Full Feature Phase, the initiator and target MAY
interleave unrelated SCSI commands, their SCSI Data, and responses interleave unrelated SCSI commands, their SCSI Data, and responses
over the session. over the session.
3.2.4.2 Data Transfer Overview 3.2.4.2 Data Transfer Overview
Outgoing SCSI data (initiator to target user data or command Outgoing SCSI data (initiator to target user data or command
skipping to change at line 1425 skipping to change at line 1408
An initiator may send unsolicited data up to FirstBurstLength as An initiator may send unsolicited data up to FirstBurstLength as
immediate (up to the negotiated maximum PDU length), in a separate immediate (up to the negotiated maximum PDU length), in a separate
PDU sequence or both. All subsequent data MUST be solicited. The PDU sequence or both. All subsequent data MUST be solicited. The
maximum length of an individual data PDU or the immediate-part of maximum length of an individual data PDU or the immediate-part of
the first unsolicited burst MAY be negotiated at login. the first unsolicited burst MAY be negotiated at login.
The maximum amount of unsolicited data that can be sent with a The maximum amount of unsolicited data that can be sent with a
command is negotiated at login through the FirstBurstLength key. A command is negotiated at login through the FirstBurstLength key. A
target MAY separately enable immediate data (through the target MAY separately enable immediate data (through the
Julian Satran Expires June 2003 33
iSCSI 3-November-02
ImmediateData key) without enabling the more general (separate data ImmediateData key) without enabling the more general (separate data
PDUs) form of unsolicited data (through the InitialR2T key). PDUs) form of unsolicited data (through the InitialR2T key).
Unsolicited data on write are meant to reduce the effect of latency Unsolicited data on write are meant to reduce the effect of latency
on throughput (no R2T is needed to start sending data). In addition, on throughput (no R2T is needed to start sending data). In addition,
immediate data is meant to reduce the protocol overhead (both immediate data is meant to reduce the protocol overhead (both
bandwidth and execution time). bandwidth and execution time).
An iSCSI initiator MAY choose not to send unsolicited data, only An iSCSI initiator MAY choose not to send unsolicited data, only
immediate data or FirstBurstLength bytes of unsolicited data with a immediate data or FirstBurstLength bytes of unsolicited data with a
skipping to change at line 1457 skipping to change at line 1436
FirstBurstLength. FirstBurstLength.
An initiator MUST honor an R2T data request for a valid outstanding An initiator MUST honor an R2T data request for a valid outstanding
command (i.e., carrying a valid Initiator Task Tag) and deliver all command (i.e., carrying a valid Initiator Task Tag) and deliver all
the requested data provided the command is supposed to deliver the requested data provided the command is supposed to deliver
outgoing data and the R2T specifies data within the command bounds. outgoing data and the R2T specifies data within the command bounds.
The initiator action is unspecified for receiving an R2T request The initiator action is unspecified for receiving an R2T request
that specifies data, all or part, outside of the bounds of the that specifies data, all or part, outside of the bounds of the
command. command.
Julian Satran Expires August 2003 29
iSCSI 19-January-03
A target SHOULD NOT silently discard data and then request A target SHOULD NOT silently discard data and then request
retransmission through R2T. Initiators SHOULD NOT keep track of the retransmission through R2T. Initiators SHOULD NOT keep track of the
data transferred to or from the target (scoreboarding). SCSI targets data transferred to or from the target (scoreboarding). SCSI targets
perform residual count calculation to check how much data was perform residual count calculation to check how much data was
actually transferred to or from the device by a command. This may actually transferred to or from the device by a command. This may
differ from the amount the initiator sent and/or received for differ from the amount the initiator sent and/or received for
reasons such as retransmissions and errors. Read or bidirectional reasons such as retransmissions and errors. Read or bidirectional
commands implicitly solicit the transmission of the entire amount of commands implicitly solicit the transmission of the entire amount of
data covered by the command. SCSI data packets are matched to their data covered by the command. SCSI data packets are matched to their
corresponding SCSI commands by using tags specified in the protocol. corresponding SCSI commands by using tags specified in the protocol.
In addition, iSCSI initiators and targets MUST enforce some ordering In addition, iSCSI initiators and targets MUST enforce some ordering
rules. When unsolicited data is used, the order of the unsolicited rules. When unsolicited data is used, the order of the unsolicited
data on each connection MUST match the order in which the commands data on each connection MUST match the order in which the commands
on that connection are sent. Command and unsolicited data PDUs may on that connection are sent. Command and unsolicited data PDUs may
Julian Satran Expires June 2003 34
iSCSI 3-November-02
be interleaved on a single connection as long as the ordering be interleaved on a single connection as long as the ordering
requirements of each are maintained (e.g., command N+1 MAY be sent requirements of each are maintained (e.g., command N+1 MAY be sent
before the unsolicited Data-Out PDUs for command N, but the before the unsolicited Data-Out PDUs for command N, but the
unsolicited Data-Out PDUs for command N MUST precede the unsolicited unsolicited Data-Out PDUs for command N MUST precede the unsolicited
Data-Out PDUs of command N+1). A target that receives data out of Data-Out PDUs of command N+1). A target that receives data out of
order MAY terminate the session. order MAY terminate the session.
3.2.4.3 Tags and Integrity Checks 3.2.4.3 Tags and Integrity Checks
Initiator tags for pending commands are unique initiator-wide for a Initiator tags for pending commands are unique initiator-wide for a
session. Target tags are not strictly specified by the protocol. It session. Target tags are not strictly specified by the protocol. It
is assumed that target tags are used by the target to tag (alone or is assumed that target tags are used by the target to tag (alone or
in combination with the LUN) the solicited data. Target tags are in combination with the LUN) the solicited data. Target tags are
generated by the target and "echoed" by the initiator. These generated by the target and "echoed" by the initiator. These
mechanisms are designed to accomplish efficient data delivery along mechanisms are designed to accomplish efficient data delivery along
with a large degree of control over the data flow. with a large degree of control over the data flow.
As the Initiator Task Tag is used to identify a task during its As the Initiator Task Tag is used to identify a task during its
execution the iSCSI initiator and target MUST verify that all other execution the iSCSI initiator and target MUST verify that all other
fields used in tasks related PDUs have values that are consistent fields used in task related PDUs have values that are consistent
with the values used at the task instantiation based on Initiator with the values used at the task instantiation based on Initiator
Task Tag (e.g., the LUN used in an R2T PDU MUST be the same as the Task Tag (e.g., the LUN used in an R2T PDU MUST be the same as the
one used in the SCSI command PDU used to instantiate the task). one used in the SCSI command PDU used to instantiate the task).
Using inconsistent field values is considered a protocol error. Using inconsistent field values is considered a protocol error.
3.2.4.4 Task Management 3.2.4.4 Task Management
SCSI task management assumes that individual tasks and task groups SCSI task management assumes that individual tasks and task groups
can be aborted solely based on the task tags (for individual tasks) can be aborted solely based on the task tags (for individual tasks)
or the timing of the task management command (for task groups) and or the timing of the task management command (for task groups) and
that the task management action is executed synchronously - i.e, no that the task management action is executed synchronously - i.e, no
message involving an aborted task will be seen by the SCSI initiator message involving an aborted task will be seen by the SCSI initiator
after receiving the task management response. In iSCSI initiators after receiving the task management response. In iSCSI initiators
and targets interact asynchronously over several connections. iSCSI and targets interact asynchronously over several connections. iSCSI
specifies the protocol mechanism and implementation requirements specifies the protocol mechanism and implementation requirements
needed to present a synchronous view while using an asynchronous needed to present a synchronous view while using an asynchronous
infrastructure. infrastructure.
Julian Satran Expires August 2003 30
iSCSI 19-January-03
3.2.5 iSCSI Connection Termination 3.2.5 iSCSI Connection Termination
An iSCSI connection may be terminated by use of a transport An iSCSI connection may be terminated by use of a transport
connection shutdown or a transport reset. Transport reset is assumed connection shutdown or a transport reset. Transport reset is assumed
to be an exceptional event. to be an exceptional event.
Julian Satran Expires June 2003 35
iSCSI 3-November-02
Graceful TCP connection shutdowns are done by sending TCP FINs. A Graceful TCP connection shutdowns are done by sending TCP FINs. A
graceful transport connection shutdown SHOULD only be initiated by graceful transport connection shutdown SHOULD only be initiated by
either party when the connection is not in iSCSI Full Feature Phase. either party when the connection is not in iSCSI Full Feature Phase.
A target MAY terminate a Full Feature Phase connection on internal A target MAY terminate a Full Feature Phase connection on internal
exception events, but it SHOULD announce the fact through an exception events, but it SHOULD announce the fact through an
Asynchronous Message PDU. Connection termination with outstanding Asynchronous Message PDU. Connection termination with outstanding
commands may require recovery actions. commands may require recovery actions.
If a connection is terminated while in Full Feature Phase, If a connection is terminated while in Full Feature Phase,
connection cleanup (see section 7) is required prior to recovery. By connection cleanup (see section 7) is required prior to recovery. By
skipping to change at line 1563 skipping to change at line 1541
iSCSI names are associated with iSCSI nodes, and not iSCSI network iSCSI names are associated with iSCSI nodes, and not iSCSI network
adapter cards, to ensure that the replacement of network adapter adapter cards, to ensure that the replacement of network adapter
cards does not require reconfiguration of all SCSI and iSCSI cards does not require reconfiguration of all SCSI and iSCSI
resource allocation information. resource allocation information.
Some SCSI commands require that protocol-specific identifiers be Some SCSI commands require that protocol-specific identifiers be
communicated within SCSI CDBs. See Section 3.4.2 SCSI Architecture communicated within SCSI CDBs. See Section 3.4.2 SCSI Architecture
Model for the definition of the SCSI port name/identifier for iSCSI Model for the definition of the SCSI port name/identifier for iSCSI
ports. ports.
Julian Satran Expires June 2003 36
iSCSI 3-November-02
An initiator may discover the iSCSI Target Names to which it has An initiator may discover the iSCSI Target Names to which it has
access, along with their addresses, using the SendTargets text access, along with their addresses, using the SendTargets text
request, or other techniques discussed in [NDT]. request, or other techniques discussed in [NDT].
3.2.6.1 iSCSI Name Properties 3.2.6.1 iSCSI Name Properties
Each iSCSI node, whether an initiator or target, MUST have an iSCSI Each iSCSI node, whether an initiator or target, MUST have an iSCSI
name. name.
Julian Satran Expires August 2003 31
iSCSI 19-January-03
Initiators and targets MUST support the receipt of iSCSI names of up Initiators and targets MUST support the receipt of iSCSI names of up
to the maximum length of 223 bytes. to the maximum length of 223 bytes.
The initiator MUST present both its iSCSI Initiator Name and the The initiator MUST present both its iSCSI Initiator Name and the
iSCSI Target Name to which it wishes to connect in the first login iSCSI Target Name to which it wishes to connect in the first login
request of a new session or connection. The only exception is if a request of a new session or connection. The only exception is if a
discovery session (see Section 2.3 iSCSI Session Types) is to be discovery session (see Section 2.3 iSCSI Session Types) is to be
established. In this case, the iSCSI Initiator Name is still established. In this case, the iSCSI Initiator Name is still
required, but the iSCSI Target Name MAY be omitted. required, but the iSCSI Target Name MAY be omitted.
iSCSI names have the following properties: iSCSI names have the following properties:
a) iSCSI names are globally unique. No two initiators or a) iSCSI names are globally unique. No two initiators or
targets can have the same name. targets can have the same name.
b) iSCSI names are permanent. An iSCSI initiator node or b) iSCSI names are permanent. An iSCSI initiator node or
target node has the same name for its lifetime. target node has the same name for its lifetime.
c) iSCSI names do not imply a location or address. An iSCSI c) iSCSI names do not imply a location or address. An iSCSI
initiator or target can move, or have multiple addresses. A initiator or target can move, or have multiple addresses. A
change of address does not imply a change of name. change of address does not imply a change of name.
d) iSCSI names do not rely on a central name broker; the d) iSCSI names do not rely on a central name broker; the
naming authority is distributed. naming authority is distributed.
e) iSCSI names support integration with existing unique naming e) iSCSI names support integration with existing unique naming
schemes. schemes.
f) iSCSI names rely on existing naming authorities. iSCSI does f) iSCSI names rely on existing naming authorities. iSCSI does
not create any new naming authority. not create any new naming authority.
The encoding of an iSCSI name has the following properties: The encoding of an iSCSI name has the following properties:
a) iSCSI names have the same encoding method regardless of the a) iSCSI names have the same encoding method regardless of the
underlying protocols. underlying protocols.
b) iSCSI names are relatively simple to compare. The algorithm b) iSCSI names are relatively simple to compare. The algorithm
for comparing two iSCSI names for equivalence does not rely on for comparing two iSCSI names for equivalence does not rely on
an external server. an external server.
Julian Satran Expires June 2003 37
iSCSI 3-November-02
c) iSCSI names are composed only of displayable characters. c) iSCSI names are composed only of displayable characters.
iSCSI names allow the use of international character sets but iSCSI names allow the use of international character sets but
are not case sensitive. No whitespace characters are used in are not case sensitive. No whitespace characters are used in
iSCSI names. iSCSI names.
d) iSCSI names may be transported using both binary and ASCII- d) iSCSI names may be transported using both binary and ASCII-
based protocols. based protocols.
An iSCSI name really names a logical software entity, and is not An iSCSI name really names a logical software entity, and is not
tied to a port or other hardware that can be changed. For instance, tied to a port or other hardware that can be changed. For instance,
an initiator name should name the iSCSI initiator node, not a an initiator name should name the iSCSI initiator node, not a
particular NIC or HBA. When multiple NICs are used, they should particular NIC or HBA. When multiple NICs are used, they should
generally all present the same iSCSI initiator name to the targets, generally all present the same iSCSI initiator name to the targets,
because they are simply paths to the same SCSI layer. In most because they are simply paths to the same SCSI layer. In most
operating systems, the named entity is the operating system image. operating systems, the named entity is the operating system image.
Similarly, a target name should not be tied to hardware interfaces Similarly, a target name should not be tied to hardware interfaces
that can be changed. A target name should identify the logical that can be changed. A target name should identify the logical
target and must be the same for the target regardless of the target and must be the same for the target regardless of the
Julian Satran Expires August 2003 32
iSCSI 19-January-03
physical portion being addressed. This assists iSCSI initiators in physical portion being addressed. This assists iSCSI initiators in
determining that the two targets it has discovered are really two determining that the two targets it has discovered are really two
paths to the same target. paths to the same target.
The iSCSI name is designed to fulfill the functional requirements The iSCSI name is designed to fulfill the functional requirements
for Uniform Resource Names (URN) [RFC1737]. For example, it is for Uniform Resource Names (URN) [RFC1737]. For example, it is
required that the name have a global scope, be independent of required that the name have a global scope, be independent of
address or location, and be persistent and globally unique. Names address or location, and be persistent and globally unique. Names
must be extensible and scalable with the use of naming authorities. must be extensible and scalable with the use of naming authorities.
The name encoding should be both human and machine readable. See The name encoding should be both human and machine readable. See
[RFC1737] for further requirements. [RFC1737] for further requirements.
3.2.6.2 iSCSI Name Encoding 3.2.6.2 iSCSI Name Encoding
An iSCSI name MUST be a UTF-8 encoding of a string of Unicode An iSCSI name MUST be a UTF-8 encoding of a string of Unicode
characters with the following properties: characters with the following properties:
- It is in Normalization Form C (see "Unicode Normalization
- It is in Normalization Form C (see "Unicode Normalization Forms" [UNICODE]).
Forms" [UNICODE]).
- It only contains characters allowed by the output of the iSCSI - It only contains characters allowed by the output of the iSCSI
stringprep template (described in [STPREP-iSCSI]). stringprep template (described in [STPREP-iSCSI]).
- The following characters are used for formatting iSCSI names: - The following characters are used for formatting iSCSI names:
- dash ('-'=U+002d) - dash ('-'=U+002d)
- dot ('.'=U+002e) - dot ('.'=U+002e)
- colon (':'=U+003a) - colon (':'=U+003a)
Julian Satran Expires June 2003 38
iSCSI 3-November-02
- The UTF-8 encoding of the name is not larger than 223 bytes. - The UTF-8 encoding of the name is not larger than 223 bytes.
The stringprep process is described in [STPREP]; iSCSI's use of the The stringprep process is described in [STPREP]; iSCSI's use of the
stringprep process is described in [STPREP-iSCSI]. Stringprep is a stringprep process is described in [STPREP-iSCSI]. Stringprep is a
method designed by the Internationalized Domain Name (IDN) working method designed by the Internationalized Domain Name (IDN) working
group to translate human-typed strings into a format that can be group to translate human-typed strings into a format that can be
compared as opaque strings. Strings MUST NOT include punctuation, compared as opaque strings. Strings MUST NOT include punctuation,
spacing, diacritical marks, or other characters that could get in spacing, diacritical marks, or other characters that could get in
the way of readability. The stringprep process also converts strings the way of readability. The stringprep process also converts strings
skipping to change at line 1689 skipping to change at line 1663
An iSCSI name consists of two parts--a type designator followed by a An iSCSI name consists of two parts--a type designator followed by a
unique name string. unique name string.
The iSCSI name does not define any new naming authorities. Instead, The iSCSI name does not define any new naming authorities. Instead,
it supports two existing ways of designating naming authorities: an it supports two existing ways of designating naming authorities: an
iSCSI-Qualified Name, using domain names to identify a naming iSCSI-Qualified Name, using domain names to identify a naming
authority, and the EUI format, where the IEEE Registration Authority authority, and the EUI format, where the IEEE Registration Authority
assists in the formation of worldwide unique names (EUI-64 format). assists in the formation of worldwide unique names (EUI-64 format).
The type designator strings currently defined are: Julian Satran Expires August 2003 33
iSCSI 19-January-03
iqn. - iSCSI Qualified name The type designator strings currently defined are:
eui. - Remainder of the string is an IEEE EUI-64
identifier, in ASCII-encoded hexadecimal.
As these two naming authority designators will suffice in nearly iqn. - iSCSI Qualified name
every case for both software and hardware-based entities, the eui. - Remainder of the string is an IEEE EUI-64
creation of additional type designators is prohibited. One of these identifier, in ASCII-encoded hexadecimal.
two type strings MUST be used when constructing an iSCSI name; any
type string not listed here is not allowed, as they cannot be
guaranteed to be unique.
Julian Satran Expires June 2003 39 These two naming authority designators were considered sufficient at
iSCSI 3-November-02 the time of writing this document. The creation of additional
naming type designators for iSCSI may be considered by the IETF and
detailed in separate RFCs.
3.2.6.3.1 Type "iqn." (iSCSI Qualified Name) 3.2.6.3.1 Type "iqn." (iSCSI Qualified Name)
This iSCSI name type can be used by any organization that owns a This iSCSI name type can be used by any organization that owns a
domain name. This naming format is useful when an end user or domain name. This naming format is useful when an end user or
service provider wishes to assign iSCSI names for targets and/or service provider wishes to assign iSCSI names for targets and/or
initiators. initiators.
To generate names of this type, the person or organization To generate names of this type, the person or organization
generating the name must own a registered domain name. This domain generating the name must own a registered domain name. This domain
skipping to change at line 1726 skipping to change at line 1698
generating iSCSI names using the same domain name. generating iSCSI names using the same domain name.
Since a domain name can expire, be acquired by another entity, or Since a domain name can expire, be acquired by another entity, or
may be used to generate iSCSI names by both owners, the domain name may be used to generate iSCSI names by both owners, the domain name
must be additionally qualified by a date during which the naming must be additionally qualified by a date during which the naming
authority owned the domain name. A date code is provided as part of authority owned the domain name. A date code is provided as part of
the "iqn." format for this reason. the "iqn." format for this reason.
The iSCSI qualified name string consists of: The iSCSI qualified name string consists of:
- The string "iqn.", used to distinguish these names from "eui." - The string "iqn.", used to distinguish these names from "eui."
formatted names. formatted names.
- A date code, in yyyy-mm format. This date MUST be a date - A date code, in yyyy-mm format. This date MUST be a date
during which the naming authority owned the domain name used during which the naming authority owned the domain name used
in this format, and SHOULD be the first month in which the in this format, and SHOULD be the first month in which the
domain name was owned by this naming authority at 00:01 GMT of domain name was owned by this naming authority at 00:01 GMT of
the first day of the month. This date code uses the Gregorian the first day of the month. This date code uses the Gregorian
calendar. All four digits in the year must be present. Both calendar. All four digits in the year must be present. Both
digits of the month must be present, with January == "01" and digits of the month must be present, with January == "01" and
December == "12". The dash must be included. December == "12". The dash must be included.
- A dot "." - A dot "."
- The reversed domain name of the naming authority (person or - The reversed domain name of the naming authority (person or
organization) creating this iSCSI name. organization) creating this iSCSI name.
- An optional, colon (:) prefixed, string within the character - An optional, colon (:) prefixed, string within the character
set and length boundaries that the owner of the domain name set and length boundaries that the owner of the domain name
deems appropriate. This may contain product types, serial deems appropriate. This may contain product types, serial
numbers, host identifiers, or software keys (e.g, it may numbers, host identifiers, or software keys (e.g, it may
include colons to separate organization boundaries). With the include colons to separate organization boundaries). With the
exception of the colon prefix, the owner of the domain name exception of the colon prefix, the owner of the domain name
can assign everything after the reversed domain name as can assign everything after the reversed domain name as
desired. It is the responsibility of the entity that is the desired. It is the responsibility of the entity that is the
naming authority to ensure that the iSCSI names it assigns are naming authority to ensure that the iSCSI names it assigns are
worldwide unique. For example, "ACME Storage Arrays, Inc.",
might own the domain name "acme.com".
The following are examples of iSCSI qualified names that might be Julian Satran Expires August 2003 34
iSCSI 19-January-03
Julian Satran Expires June 2003 40 worldwide unique. For example, "Example Storage Arrays, Inc.",
iSCSI 3-November-02 might own the domain name "example.com".
generated by "ACME Storage Arrays, Inc." The following are examples of iSCSI qualified names that might be
generated by "EXAMPLE Storage Arrays, Inc."
Naming String defined by Naming String defined by
Type Date Auth "acme.com" naming authority Type Date Auth "example.com" naming authority
+--++-----+ +------+ +--------------------------------+ +--++-----+ +---------+ +--------------------------------+
| || | | | | | | || | | | | |
iqn.2001-04.com.acme:storage:diskarrays-sn-a8675309 iqn.2001-04.com.example:storage:diskarrays-sn-a8675309
iqn.2001-04.com.acme iqn.2001-04.com.example
iqn.2001-04.com.acme:storage.tape1.sys1.xyz iqn.2001-04.com.example:storage.tape1.sys1.xyz
iqn.2001-04.com.acme:storage.disk2.sys1.xyz iqn.2001-04.com.example:storage.disk2.sys1.xyz
3.2.6.3.2 Type "eui." (IEEE EUI-64 format) 3.2.6.3.2 Type "eui." (IEEE EUI-64 format)
The IEEE Registration Authority provides a service for assigning The IEEE Registration Authority provides a service for assigning
globally unique identifiers [EUI]. The EUI-64 format is used to globally unique identifiers [EUI]. The EUI-64 format is used to
build a global identifier in other network protocols. For example, build a global identifier in other network protocols. For example,
Fibre Channel defines a method of encoding it into a WorldWideName. Fibre Channel defines a method of encoding it into a WorldWideName.
For more information on registering for EUI identifiers, see [OUI]. For more information on registering for EUI identifiers, see [OUI].
The format is "eui." followed by an EUI-64 identifier (16 ASCII- The format is "eui." followed by an EUI-64 identifier (16 ASCII-
skipping to change at line 1797 skipping to change at line 1769
is already registered with the IEEE Registration Authority and uses is already registered with the IEEE Registration Authority and uses
EUI-64 formatted worldwide unique names for its products. EUI-64 formatted worldwide unique names for its products.
More examples of name construction are discussed in [NDT]. More examples of name construction are discussed in [NDT].
3.2.7 Persistent State 3.2.7 Persistent State
iSCSI does not require any persistent state maintenance across iSCSI does not require any persistent state maintenance across
sessions. However, in some cases, SCSI requires persistent sessions. However, in some cases, SCSI requires persistent
identification of the SCSI initiator port name (See Section 3.4.2 identification of the SCSI initiator port name (See Section 3.4.2
Julian Satran Expires June 2003 41
iSCSI 3-November-02
SCSI Architecture Model and Section 3.4.3 Consequences of the SCSI Architecture Model and Section 3.4.3 Consequences of the
Model). Model).
iSCSI sessions do not persist through power cycles and boot iSCSI sessions do not persist through power cycles and boot
operations. operations.
All iSCSI session and connection parameters are re-initialized on All iSCSI session and connection parameters are re-initialized on
session and connection creation. session and connection creation.
Julian Satran Expires August 2003 35
iSCSI 19-January-03
Commands persist beyond connection termination if the session Commands persist beyond connection termination if the session
persists and command recovery within the session is supported. persists and command recovery within the session is supported.
However, when a connection is dropped, command execution, as However, when a connection is dropped, command execution, as
perceived by iSCSI (i.e., involving iSCSI protocol exchanges for the perceived by iSCSI (i.e., involving iSCSI protocol exchanges for the
affected task), is suspended until a new allegiance is established affected task), is suspended until a new allegiance is established
by the 'task reassign' task management function. (See Section 10.5 by the 'task reassign' task management function. (See Section 10.5
Task Management Function Request.) Task Management Function Request.)
3.2.8 Message Synchronization and Steering 3.2.8 Message Synchronization and Steering
skipping to change at line 1844 skipping to change at line 1815
the application buffers. In iSCSI, it is desirable to steer the SCSI the application buffers. In iSCSI, it is desirable to steer the SCSI
data within these out of order TCP segments into the pre-allocated data within these out of order TCP segments into the pre-allocated
SCSI buffers rather than store them in temporary buffers. This SCSI buffers rather than store them in temporary buffers. This
decreases the need for dedicated reassembly buffers as well as the decreases the need for dedicated reassembly buffers as well as the
latency and bandwidth related to extra copies. latency and bandwidth related to extra copies.
Relying solely on the "message length" information from the iSCSI Relying solely on the "message length" information from the iSCSI
message header may make it impossible to find iSCSI message message header may make it impossible to find iSCSI message
boundaries in subsequent TCP segments due to the loss of a TCP boundaries in subsequent TCP segments due to the loss of a TCP
segment that contains the iSCSI message length. The missing TCP segment that contains the iSCSI message length. The missing TCP
Julian Satran Expires June 2003 42
iSCSI 3-November-02
segment(s) must be received before any of the following segments can segment(s) must be received before any of the following segments can
be steered to the correct SCSI buffers (due to the inability to be steered to the correct SCSI buffers (due to the inability to
determine the iSCSI message boundaries). Since these segments cannot determine the iSCSI message boundaries). Since these segments cannot
be steered to the correct location, they must be saved in temporary be steered to the correct location, they must be saved in temporary
buffers that must then be copied to the SCSI buffers. buffers that must then be copied to the SCSI buffers.
Different schemes can be used to recover synchronization. To make Different schemes can be used to recover synchronization. To make
these schemes work, iSCSI implementations have to make sure that the these schemes work, iSCSI implementations have to make sure that the
appropriate protocol layers are provided with enough information to appropriate protocol layers are provided with enough information to
implement a synchronization and/or data steering mechanism. One of implement a synchronization and/or data steering mechanism. One of
skipping to change at line 1870 skipping to change at line 1837
The Fixed Interval Markers (FIM) scheme works by inserting markers The Fixed Interval Markers (FIM) scheme works by inserting markers
in the payload stream at fixed intervals that contain the offset to in the payload stream at fixed intervals that contain the offset to
the start of the next iSCSI PDU. the start of the next iSCSI PDU.
Under normal circumstances (no PDU loss or data reception out of Under normal circumstances (no PDU loss or data reception out of
order), iSCSI data steering can be accomplished by using the order), iSCSI data steering can be accomplished by using the
identifying tag and the data offset fields in the iSCSI header in identifying tag and the data offset fields in the iSCSI header in
addition to the TCP sequence number from the TCP header. The addition to the TCP sequence number from the TCP header. The
identifying tag helps associate the PDU with a SCSI buffer address identifying tag helps associate the PDU with a SCSI buffer address
Julian Satran Expires August 2003 36
iSCSI 19-January-03
while the data offset and TCP sequence number are used to determine while the data offset and TCP sequence number are used to determine
the offset within the buffer. the offset within the buffer.
When the part of the TCP data stream containing an iSCSI PDU header When the part of the TCP data stream containing an iSCSI PDU header
is delayed or lost, markers may be used to minimize the damage as is delayed or lost, markers may be used to minimize the damage as
follows: follows:
- Markers indicate where the next iSCSI PDU starts and enable - Markers indicate where the next iSCSI PDU starts and enable
continued processing when iSCSI headers have to be dropped due continued processing when iSCSI headers have to be dropped due
to data errors discovered at iSCSI level (e.g., iSCSI header to data errors discovered at iSCSI level (e.g., iSCSI header
skipping to change at line 1891 skipping to change at line 1862
- Markers help minimize the amount of data that has to be kept - Markers help minimize the amount of data that has to be kept
by the TCP/iSCSI layer while waiting for a late TCP packet by the TCP/iSCSI layer while waiting for a late TCP packet
arrival or recovery, because later they might help find iSCSI arrival or recovery, because later they might help find iSCSI
PDU headers and use the information contained in those to PDU headers and use the information contained in those to
steer data to SCSI buffers. steer data to SCSI buffers.
3.2.8.1 Sync/Steering and iSCSI PDU Length 3.2.8.1 Sync/Steering and iSCSI PDU Length
When a large iSCSI message is sent, the TCP segment(s) that contain When a large iSCSI message is sent, the TCP segment(s) that contain
the iSCSI header may be lost. The remaining TCP segment(s) up to the the iSCSI header may be lost. The remaining TCP segment(s) up to the
Julian Satran Expires June 2003 43
iSCSI 3-November-02
next iSCSI message must be buffered (in temporary buffers) because next iSCSI message must be buffered (in temporary buffers) because
the iSCSI header that indicates to which SCSI buffers the data are the iSCSI header that indicates to which SCSI buffers the data are
to be steered was lost. To minimize the amount of buffering, it is to be steered was lost. To minimize the amount of buffering, it is
recommended that the iSCSI PDU length be restricted to a small value recommended that the iSCSI PDU length be restricted to a small value
(perhaps a few TCP segments in length). During login, each end of (perhaps a few TCP segments in length). During login, each end of
the iSCSI session specifies the maximum iSCSI PDU length it will the iSCSI session specifies the maximum iSCSI PDU length it will
accept. accept.
3.3 iSCSI Session Types 3.3 iSCSI Session Types
skipping to change at line 1925 skipping to change at line 1892
3.4 SCSI to iSCSI Concepts Mapping Model 3.4 SCSI to iSCSI Concepts Mapping Model
The following diagram shows an example of how multiple iSCSI Nodes The following diagram shows an example of how multiple iSCSI Nodes
(targets in this case) can coexist within the same Network Entity (targets in this case) can coexist within the same Network Entity
and can share Network Portals (IP addresses and TCP ports). Other and can share Network Portals (IP addresses and TCP ports). Other
more complex configurations are also possible. For detailed more complex configurations are also possible. For detailed
descriptions of the components of these diagrams, see Section 3.4.1 descriptions of the components of these diagrams, see Section 3.4.1
iSCSI Architecture Model . iSCSI Architecture Model .
Julian Satran Expires June 2003 44 Julian Satran Expires August 2003 37
iSCSI 3-November-02 iSCSI 19-January-03
+-----------------------------------+ +-----------------------------------+
| Network Entity (iSCSI Client) | | Network Entity (iSCSI Client) |
| | | |
| +-------------+ | | +-------------+ |
| | iSCSI Node | | | | iSCSI Node | |
| | (Initiator) | | | | (Initiator) | |
| +-------------+ | | +-------------+ |
| | | | | | | |
| +--------------+ +--------------+ | | +--------------+ +--------------+ |
skipping to change at line 1971 skipping to change at line 1938
This section describes the part of the iSCSI architecture model that This section describes the part of the iSCSI architecture model that
has the most bearing on the relationship between iSCSI and the SCSI has the most bearing on the relationship between iSCSI and the SCSI
Architecture Model. Architecture Model.
a) Network Entity - represents a device or gateway that is a) Network Entity - represents a device or gateway that is
accessible from the IP network. A Network Entity must have one accessible from the IP network. A Network Entity must have one
or more Network Portals (see item d), each of which can be used or more Network Portals (see item d), each of which can be used
by some iSCSI Nodes (see item (b)) contained in that Network by some iSCSI Nodes (see item (b)) contained in that Network
Entity to gain access to the IP network. Entity to gain access to the IP network.
Julian Satran Expires June 2003 45
iSCSI 3-November-02
b) iSCSI Node - represents a single iSCSI initiator or iSCSI b) iSCSI Node - represents a single iSCSI initiator or iSCSI
target. There are one or more iSCSI Nodes within a Network target. There are one or more iSCSI Nodes within a Network
Entity. The iSCSI Node is accessible via one or more Network Entity. The iSCSI Node is accessible via one or more Network
Portals (see item d). An iSCSI Node is identified by its iSCSI Portals (see item d). An iSCSI Node is identified by its iSCSI
Name (see Section 3.2.6 iSCSI Names and Chapter 12). The Name (see Section 3.2.6 iSCSI Names and Chapter 12). The
separation of the iSCSI Name from the addresses used by and for separation of the iSCSI Name from the addresses used by and for
the iSCSI node allows multiple iSCSI nodes to use the same the iSCSI node allows multiple iSCSI nodes to use the same
addresses, and the same iSCSI node to use multiple addresses. addresses, and the same iSCSI node to use multiple addresses.
Julian Satran Expires August 2003 38
iSCSI 19-January-03
c) An alias string may also be associated with an iSCSI Node. c) An alias string may also be associated with an iSCSI Node.
The alias allows an organization to associate a user friendly The alias allows an organization to associate a user friendly
string with the iSCSI Name. However, the alias string is not a string with the iSCSI Name. However, the alias string is not a
substitute for the iSCSI Name. substitute for the iSCSI Name.
d) Network Portal - a component of a Network Entity that has a d) Network Portal - a component of a Network Entity that has a
TCP/IP network address and that may be used by an iSCSI Node TCP/IP network address and that may be used by an iSCSI Node
within that Network Entity for the connection(s) within one of within that Network Entity for the connection(s) within one of
its iSCSI sessions. In an initiator, it is identified by its IP its iSCSI sessions. In an initiator, it is identified by its IP
address. In a target, it is identified by its IP address and address. In a target, it is identified by its IP address and
skipping to change at line 2007 skipping to change at line 1974
combine connections in a session across multiple Network combine connections in a session across multiple Network
Portals. A Portal Group defines a set of Network Portals within Portals. A Portal Group defines a set of Network Portals within
an iSCSI Node that collectively supports the capability of an iSCSI Node that collectively supports the capability of
coordinating a session with connections that span these coordinating a session with connections that span these
portals. Not all Network Portals within a Portal Group need to portals. Not all Network Portals within a Portal Group need to
participate in every session connected through that Portal participate in every session connected through that Portal
Group. One or more Portal Groups may provide access to an iSCSI Group. One or more Portal Groups may provide access to an iSCSI
Node. Each Network Portal, as utilized by a given iSCSI Node, Node. Each Network Portal, as utilized by a given iSCSI Node,
belongs to exactly one portal group within that node. Portal belongs to exactly one portal group within that node. Portal
Groups are identified within an iSCSI Node by a portal group Groups are identified within an iSCSI Node by a portal group
tag, a simple unsigned-integer between 1 and 65535 (see Section tag, a simple unsigned-integer between 0 and 65535 (see Section
12.3 SendTargets). All Network Portals with the same portal 12.3 SendTargets). All Network Portals with the same portal
group tag in the context of a given iSCSI Node are in the same group tag in the context of a given iSCSI Node are in the same
Portal Group. Portal Group.
Both iSCSI Initiators and iSCSI Targets have portal groups, Both iSCSI Initiators and iSCSI Targets have portal groups,
though only the iSCSI Target Portal Groups are used directly in though only the iSCSI Target Portal Groups are used directly in
the iSCSI protocol (e.g., in SendTargets). For references to the iSCSI protocol (e.g., in SendTargets). For references to
the Initiator Portal Groups, see Section 9.1.1 Conservative the Initiator Portal Groups, see Section 9.1.1 Conservative
Julian Satran Expires June 2003 46
iSCSI 3-November-02
Reuse of ISIDs. Reuse of ISIDs.
f) Portals within a Portal Group should support similar f) Portals within a Portal Group should support similar
session parameters, because they may participate in a common session parameters, because they may participate in a common
session session
The following diagram shows an example of one such configuration on The following diagram shows an example of one such configuration on
a target and how a session that shares Network Portals within a a target and how a session that shares Network Portals within a
Portal Group may be established. Portal Group may be established.
Julian Satran Expires August 2003 39
iSCSI 19-January-03
----------------------------IP Network--------------------- ----------------------------IP Network---------------------
| | | | | |
+----|---------------|-----+ +----|---------+ +----|---------------|-----+ +----|---------+
| +---------+ +---------+ | | +---------+ | | +---------+ +---------+ | | +---------+ |
| | Network | | Network | | | | Network | | | | Network | | Network | | | | Network | |
| | Portal | | Portal | | | | Portal | | | | Portal | | Portal | | | | Portal | |
| +--|------+ +---------+ | | +---------+ | | +--|------+ +---------+ | | +---------+ |
| | | | | | | | | | | | | |
| | Portal | | | | Portal | | | Portal | | | | Portal |
| | Group 1 | | | | Group 2 | | | Group 1 | | | | Group 2 |
skipping to change at line 2063 skipping to change at line 2029
3.4.2 SCSI Architecture Model 3.4.2 SCSI Architecture Model
This section describes the relationship between the SCSI This section describes the relationship between the SCSI
Architecture Model [SAM2] and constructs of the SCSI device, SCSI Architecture Model [SAM2] and constructs of the SCSI device, SCSI
port and I_T nexus, and the iSCSI constructs described in Section port and I_T nexus, and the iSCSI constructs described in Section
3.4.1 iSCSI Architecture Model. 3.4.1 iSCSI Architecture Model.
This relationship implies implementation requirements in order to This relationship implies implementation requirements in order to
conform to the SAM2 model and other SCSI operational functions. conform to the SAM2 model and other SCSI operational functions.
Julian Satran Expires June 2003 47
iSCSI 3-November-02
These requirements are detailed in Section 3.4.3 Consequences of the These requirements are detailed in Section 3.4.3 Consequences of the
Model. Model.
The following list outlines mappings of SCSI architectural elements The following list outlines mappings of SCSI architectural elements
to iSCSI. to iSCSI.
a) SCSI Device - the SAM2 term for an entity that contains one a) SCSI Device - the SAM2 term for an entity that contains one
or more SCSI ports that are connected to a service delivery or more SCSI ports that are connected to a service delivery
subsystem and supports a SCSI application protocol. For subsystem and supports a SCSI application protocol. For
example, a SCSI Initiator Device contains one or more SCSI example, a SCSI Initiator Device contains one or more SCSI
Initiator Ports and zero or more application clients. A SCSI Initiator Ports and zero or more application clients. A SCSI
Target Device contains one or more SCSI Target Ports and one or Target Device contains one or more SCSI Target Ports and one or
more logical units. For iSCSI, the SCSI Device is the component more logical units. For iSCSI, the SCSI Device is the component
within an iSCSI Node that provides the SCSI functionality. As within an iSCSI Node that provides the SCSI functionality. As
such, there can be one SCSI Device, at most, within an iSCSI such, there can be one SCSI Device, at most, within an iSCSI
Node. Access to the SCSI Device can only be achieved in an Node. Access to the SCSI Device can only be achieved in an
iSCSI normal operational session (see Section 3.3 iSCSI Session iSCSI normal operational session (see Section 3.3 iSCSI Session
Types). The SCSI Device Name is defined to be the iSCSI Name of Types). The SCSI Device Name is defined to be the iSCSI Name of
the node and its use is mandatory in the iSCSI protocol. the node and MUST be used in the iSCSI protocol.
Julian Satran Expires August 2003 40
iSCSI 19-January-03
b) SCSI Port - the SAM2 term for an entity in a SCSI Device b) SCSI Port - the SAM2 term for an entity in a SCSI Device
that provides the SCSI functionality to interface with a that provides the SCSI functionality to interface with a
service delivery subsystem or transport. For iSCSI, the service delivery subsystem or transport. For iSCSI, the
definition of SCSI Initiator Port and SCSI Target Port are definition of SCSI Initiator Port and SCSI Target Port are
different. different.
SCSI Initiator Port: This maps to one endpoint of an iSCSI SCSI Initiator Port: This maps to one endpoint of an iSCSI
normal operational session (see Section 3.3 iSCSI Session normal operational session (see Section 3.3 iSCSI Session
Types). An iSCSI normal operational session is negotiated Types). An iSCSI normal operational session is negotiated
skipping to change at line 2111 skipping to change at line 2076
together with (a) a label that identifies it as an initiator together with (a) a label that identifies it as an initiator
port name/identifier and (b) the ISID portion of the session port name/identifier and (b) the ISID portion of the session
identifier. identifier.
SCSI Target Port: This maps to an iSCSI Target Portal Group. SCSI Target Port: This maps to an iSCSI Target Portal Group.
The SCSI Target Port Name and the SCSI Target Port Identifier The SCSI Target Port Name and the SCSI Target Port Identifier
are both defined to be the iSCSI Target Name together with (a) are both defined to be the iSCSI Target Name together with (a)
a label that identifies it as a target port name/identifier and a label that identifies it as a target port name/identifier and
(b) the portal group tag. (b) the portal group tag.
Julian Satran Expires June 2003 48 The SCSI Port Name MUST be used in iSCSI. When used in SCSI
iSCSI 3-November-02
The SCSI Port Name is mandatory in iSCSI. When used in SCSI
parameter data, the SCSI port name MUST be encoded as: parameter data, the SCSI port name MUST be encoded as:
- The iSCSI Name in UTF-8 format, followed by - The iSCSI Name in UTF-8 format, followed by
- a comma separator (1 byte), followed by - a comma separator (1 byte), followed by
- the ASCII character 'i' (for SCSI Initiator Port) or - the ASCII character 'i' (for SCSI Initiator Port) or
the ASCII character 't' (for SCSI Target Port) (1 byte), the ASCII character 't' (for SCSI Target Port) (1 byte),
followed by followed by
- a comma separator (1 byte), followed by - a comma separator (1 byte), followed by
- a text encoding as a hex-constant (see Section 5.1 Text - a text encoding as a hex-constant (see Section 5.1 Text
Format) of the ISID (for SCSI initiator port) or the Format) of the ISID (for SCSI initiator port) or the
portal group tag (for SCSI target port) including the portal group tag (for SCSI target port) including the
skipping to change at line 2138 skipping to change at line 2100
identifies this port as either a SCSI Initiator Port or a identifies this port as either a SCSI Initiator Port or a
SCSI Target Port. SCSI Target Port.
c) I_T nexus - a relationship between a SCSI Initiator Port c) I_T nexus - a relationship between a SCSI Initiator Port
and a SCSI Target Port, according to [SAM2]. For iSCSI, this and a SCSI Target Port, according to [SAM2]. For iSCSI, this
relationship is a session, defined as a relationship between an relationship is a session, defined as a relationship between an
iSCSI Initiator's end of the session (SCSI Initiator Port) and iSCSI Initiator's end of the session (SCSI Initiator Port) and
the iSCSI Target's Portal Group. The I_T nexus can be the iSCSI Target's Portal Group. The I_T nexus can be
identified by the conjunction of the SCSI port names or by the identified by the conjunction of the SCSI port names or by the
iSCSI session identifier SSID. iSCSI defines the I_T nexus iSCSI session identifier SSID. iSCSI defines the I_T nexus
Julian Satran Expires August 2003 41
iSCSI 19-January-03
identifier to be the tuple (iSCSI Initiator Name + 'i' + ISID, identifier to be the tuple (iSCSI Initiator Name + 'i' + ISID,
iSCSI Target Name + 't' + Portal Group Tag). iSCSI Target Name + 't' + Portal Group Tag).
NOTE: The I_T nexus identifier is not equal to the session NOTE: The I_T nexus identifier is not equal to the session
identifier (SSID). identifier (SSID).
3.4.3 Consequences of the Model 3.4.3 Consequences of the Model
This section describes implementation and behavioral requirements This section describes implementation and behavioral requirements
that result from the mapping of SCSI constructs to the iSCSI that result from the mapping of SCSI constructs to the iSCSI
constructs defined above. Between a given SCSI initiator port and a constructs defined above. Between a given SCSI initiator port and a
given SCSI target port, only one I_T nexus (session) can exist. No given SCSI target port, only one I_T nexus (session) can exist. No
more than one nexus relationship (parallel nexus) is allowed by more than one nexus relationship (parallel nexus) is allowed by
[SAM2}. Therefore, between a given iSCSI initiator node and an iSCSI [SAM2]. Therefore, between a given iSCSI initiator node and an iSCSI
target node, at any given time, only one session can exist with the target node, at any given time, only one session can exist with the
same session identifier (SSID). same session identifier (SSID).
Julian Satran Expires June 2003 49
iSCSI 3-November-02
These assumptions lead to the following conclusions and These assumptions lead to the following conclusions and
requirements: requirements:
ISID RULE: Between a given iSCSI Initiator and iSCSI Target Portal ISID RULE: Between a given iSCSI Initiator and iSCSI Target Portal
Group (SCSI target port), there can only be one session with a given Group (SCSI target port), there can only be one session with a given
value for ISID that identifies the SCSI initiator port. See Section value for ISID that identifies the SCSI initiator port. See Section
10.12.5 ISID. 10.12.5 ISID.
The structure of the ISID that contains a naming authority component The structure of the ISID that contains a naming authority component
(see Section 10.12.5 ISID and [NDT]) provides a mechanism to (see Section 10.12.5 ISID and [NDT]) provides a mechanism to
skipping to change at line 2195 skipping to change at line 2158
NOTE: A consequence of the ISID RULE and the specification for the NOTE: A consequence of the ISID RULE and the specification for the
I_T nexus identifier is that two nexus with the same identifier I_T nexus identifier is that two nexus with the same identifier
should never exist at the same time. should never exist at the same time.
TSIH RULE: The iSCSI Target selects a non-zero value for the TSIH at TSIH RULE: The iSCSI Target selects a non-zero value for the TSIH at
session creation (when an initiator presents a 0 value at Login). session creation (when an initiator presents a 0 value at Login).
After being selected, the same TSIH value MUST be used whenever After being selected, the same TSIH value MUST be used whenever
initiator or target refers to the session and a TSIH is required. initiator or target refers to the session and a TSIH is required.
Julian Satran Expires August 2003 42
iSCSI 19-January-03
3.4.3.1 I_T Nexus State 3.4.3.1 I_T Nexus State
Certain nexus relationships contain an explicit state (e.g., Certain nexus relationships contain an explicit state (e.g.,
initiator-specific mode pages) that may need to be preserved by the initiator-specific mode pages) that may need to be preserved by the
device server [SAM2] in a logical unit through changes or failures device server [SAM2] in a logical unit through changes or failures
in the iSCSI layer (e.g., session failures). In order for that state in the iSCSI layer (e.g., session failures). In order for that state
Julian Satran Expires June 2003 50
iSCSI 3-November-02
to be restored, the iSCSI initiator should reestablish its session to be restored, the iSCSI initiator should reestablish its session
(re-login) to the same Target Portal Group using the previous ISID. (re-login) to the same Target Portal Group using the previous ISID.
That is, it should perform session recovery as described in Chapter That is, it should perform session recovery as described in Chapter
6. This is because the SCSI initiator port identifier and the SCSI 6. This is because the SCSI initiator port identifier and the SCSI
target port identifier (or relative target port) form the datum that target port identifier (or relative target port) form the datum that
the SCSI logical unit device server uses to identify the I_T nexus. the SCSI logical unit device server uses to identify the I_T nexus.
3.5 Request/Response Summary 3.5 Request/Response Summary
This section lists and briefly describes all the iSCSI PDU types This section lists and briefly describes all the iSCSI PDU types
skipping to change at line 2244 skipping to change at line 2206
In addition, the SCSI-command PDU carries information required for In addition, the SCSI-command PDU carries information required for
the proper operation of the iSCSI protocol - the command sequence the proper operation of the iSCSI protocol - the command sequence
number (CmdSN) and the expected status number (ExpStatSN) on the number (CmdSN) and the expected status number (ExpStatSN) on the
connection it is issued. connection it is issued.
All or part of the SCSI output (write) data associated with the SCSI All or part of the SCSI output (write) data associated with the SCSI
command may be sent as part of the SCSI-Command PDU as a data command may be sent as part of the SCSI-Command PDU as a data
segment. segment.
Julian Satran Expires June 2003 51
iSCSI 3-November-02
3.5.1.2 SCSI-Response 3.5.1.2 SCSI-Response
The SCSI-Response carries all the SCSI execute-command procedure The SCSI-Response carries all the SCSI execute-command procedure
call (see [SAM2]) OUT arguments and the SCSI execute-command call (see [SAM2]) OUT arguments and the SCSI execute-command
procedure call return value. procedure call return value.
The SCSI-Response contains the residual counts from the operation, The SCSI-Response contains the residual counts from the operation,
if any, an indication of whether the counts represent an overflow or if any, an indication of whether the counts represent an overflow or
an underflow, and the SCSI status if the status is valid or a an underflow, and the SCSI status if the status is valid or a
response code (a non-zero return value for the execute-command response code (a non-zero return value for the execute-command
procedure call) if the status is not valid. procedure call) if the status is not valid.
Julian Satran Expires August 2003 43
iSCSI 19-January-03
For a valid status that indicates that the command has been For a valid status that indicates that the command has been
processed, but resulted in an exception (e.g., a SCSI CHECK processed, but resulted in an exception (e.g., a SCSI CHECK
CONDITION), the PDU data segment contains the associated sense data. CONDITION), the PDU data segment contains the associated sense data.
The use of Autosense ([SAM2]) is REQUIRED by iSCSI. The use of Autosense ([SAM2]) is REQUIRED by iSCSI.
Some data segment content may also be associated (in the data Some data segment content may also be associated (in the data
segment) with a non-zero response code. segment) with a non-zero response code.
In addition, the SCSI-Response PDU carries information required for In addition, the SCSI-Response PDU carries information required for
the proper operation of the iSCSI protocol: the proper operation of the iSCSI protocol:
skipping to change at line 2291 skipping to change at line 2253
way to explicitly control the execution of one or more SCSI Tasks or way to explicitly control the execution of one or more SCSI Tasks or
iSCSI functions. The PDU carries a function identifier (which task iSCSI functions. The PDU carries a function identifier (which task
management function to perform) and enough information to management function to perform) and enough information to
unequivocally identify the task or task-set on which to perform the unequivocally identify the task or task-set on which to perform the
action, even if the task(s) to act upon has not yet arrived or has action, even if the task(s) to act upon has not yet arrived or has
been discarded due to an error. been discarded due to an error.
The referenced tag identifies an individual task if the function The referenced tag identifies an individual task if the function
refers to an individual task. refers to an individual task.
Julian Satran Expires June 2003 52
iSCSI 3-November-02
The I_T_L nexus identifies task sets. In iSCSI the I_T_L nexus is The I_T_L nexus identifies task sets. In iSCSI the I_T_L nexus is
identified by the LUN and the session identification (the session identified by the LUN and the session identification (the session
identifies an I_T nexus). identifies an I_T nexus).
For task sets, the CmdSN of the Task Management function request For task sets, the CmdSN of the Task Management function request
helps identify the tasks upon which to act, namely all tasks helps identify the tasks upon which to act, namely all tasks
associated with a LUN and having a CmdSN preceding the Task associated with a LUN and having a CmdSN preceding the Task
Management function request CmdSN. Management function request CmdSN.
For a Task Management function the coordination between responses to For a Task Management function the coordination between responses to
skipping to change at line 2318 skipping to change at line 2277
The Task Management function response carries an indication of The Task Management function response carries an indication of
function completion for a Task Management function request including function completion for a Task Management function request including
how it completed (response and qualifier) and additional information how it completed (response and qualifier) and additional information
for failure responses. for failure responses.
After the Task Management response indicates Task Management After the Task Management response indicates Task Management
function completion, the initiator will not receive any additional function completion, the initiator will not receive any additional
responses from the affected tasks. responses from the affected tasks.
Julian Satran Expires August 2003 44
iSCSI 19-January-03
3.5.1.5 SCSI Data-out and SCSI Data-in 3.5.1.5 SCSI Data-out and SCSI Data-in
SCSI Data-out and SCSI Data-in are the main vehicles by which SCSI SCSI Data-out and SCSI Data-in are the main vehicles by which SCSI
data payload is carried between initiator and target. Data payload data payload is carried between initiator and target. Data payload
is associated with a specific SCSI command through the Initiator is associated with a specific SCSI command through the Initiator
Task Tag. For target convenience, outgoing solicited data also Task Tag. For target convenience, outgoing solicited data also
carries a Target Transfer Tag (copied from R2T) and the LUN. Each carries a Target Transfer Tag (copied from R2T) and the LUN. Each
PDU contains the payload length and the data offset relative to the PDU contains the payload length and the data offset relative to the
buffer address contained in the SCSI execute command procedure call. buffer address contained in the SCSI execute command procedure call.
In each direction, the data transfer is split into "sequences". An In each direction, the data transfer is split into "sequences". An
end-of-sequence is indicated by the F bit. end-of-sequence is indicated by the F bit.
An outgoing sequence is either unsolicited (only the first sequence An outgoing sequence is either unsolicited (only the first sequence
can be unsolicited) or consists of all the Data-Out PDUs sent in can be unsolicited) or consists of all the Data-Out PDUs sent in
response to an R2T. response to an R2T.
Julian Satran Expires June 2003 53
iSCSI 3-November-02
Input sequences are built to enable the direction switching for Input sequences are built to enable the direction switching for
bidirectional commands. bidirectional commands.
For input, the target may request positive acknowledgement of input For input, the target may request positive acknowledgement of input
data. This is limited to sessions that support error recovery and is data. This is limited to sessions that support error recovery and is
implemented through the A bit in the SCSI Data-in PDU header. implemented through the A bit in the SCSI Data-in PDU header.
Data-in and Data-out PDUs also carry the DataSN to enable the Data-in and Data-out PDUs also carry the DataSN to enable the
initiator and target to detect missing PDUs (discarded due to an initiator and target to detect missing PDUs (discarded due to an
error). error).
skipping to change at line 2375 skipping to change at line 2334
the initiator in the solicited SCSI Data-out PDUs. There are no the initiator in the solicited SCSI Data-out PDUs. There are no
protocol specific requirements with regard to the value of these protocol specific requirements with regard to the value of these
tags, but it is assumed that together with the LUN, they will enable tags, but it is assumed that together with the LUN, they will enable
the target to associate data with an R2T. the target to associate data with an R2T.
R2T also carries information required for proper operation of the R2T also carries information required for proper operation of the
iSCSI protocol, such as: iSCSI protocol, such as:
- R2TSN (to enable an initiator to detect a missing R2T) - R2TSN (to enable an initiator to detect a missing R2T)
- StatSN - StatSN
Julian Satran Expires August 2003 45
iSCSI 19-January-03
- ExpCmdSN - ExpCmdSN
- MaxCmdSN - MaxCmdSN
Julian Satran Expires June 2003 54
iSCSI 3-November-02
3.5.2 Requests/Responses carrying SCSI and iSCSI Payload 3.5.2 Requests/Responses carrying SCSI and iSCSI Payload
3.5.2.1 Asynchronous Message 3.5.2.1 Asynchronous Message
Asynchronous Messages are used to carry SCSI asynchronous events Asynchronous Messages are used to carry SCSI asynchronous events
(AEN) and iSCSI asynchronous messages. (AEN) and iSCSI asynchronous messages.
When carrying an AEN, the event details are reported as sense data When carrying an AEN, the event details are reported as sense data
in the data segment. in the data segment.
skipping to change at line 2424 skipping to change at line 2384
fresh) will set the Target Transfer Tag to 0xffffffff. fresh) will set the Target Transfer Tag to 0xffffffff.
Although a complete exchange is always started by the initiator, Although a complete exchange is always started by the initiator,
specific parameter negotiations may be initiated by the initiator or specific parameter negotiations may be initiated by the initiator or
target. target.
3.5.3.2 Login Request and Login Response 3.5.3.2 Login Request and Login Response
Login Requests and Responses are used exclusively during the Login Login Requests and Responses are used exclusively during the Login
Phase of each connection to set up the session and connection Phase of each connection to set up the session and connection
Julian Satran Expires June 2003 55
iSCSI 3-November-02
parameters. (The Login Phase consists of a sequence of login parameters. (The Login Phase consists of a sequence of login
requests and responses carrying the same Initiator Task Tag.) requests and responses carrying the same Initiator Task Tag.)
A connection is identified by an arbitrarily selected connection-ID A connection is identified by an arbitrarily selected connection-ID
(CID) that is unique within a session. (CID) that is unique within a session.
Similar to the Text Requests and Responses, Login Requests/Responses Similar to the Text Requests and Responses, Login Requests/Responses
carry key=value text information with a simple syntax in the data carry key=value text information with a simple syntax in the data
segment. segment.
Julian Satran Expires August 2003 46
iSCSI 19-January-03
The Login Phase proceeds through several stages (security The Login Phase proceeds through several stages (security
negotiation, operational parameter negotiation) that are selected negotiation, operational parameter negotiation) that are selected
with two binary coded fields in the header -- the "current stage" with two binary coded fields in the header -- the "current stage"
(CSG) and the "next stage" (NSG) with the appearance of the latter (CSG) and the "next stage" (NSG) with the appearance of the latter
being signaled by the "transit" flag (T). being signaled by the "transit" flag (T).
The first Login Phase of a session plays a special role, called the The first Login Phase of a session plays a special role, called the
leading login, which determines some header fields (e.g., the leading login, which determines some header fields (e.g., the
version number, the maximum number of connections, and the session version number, the maximum number of connections, and the session
identification). identification).
skipping to change at line 2471 skipping to change at line 2430
Logout Requests and Responses are used for the orderly closing of Logout Requests and Responses are used for the orderly closing of
connections for recovery or maintenance. The logout request may be connections for recovery or maintenance. The logout request may be
issued following a target prompt (through an asynchronous message) issued following a target prompt (through an asynchronous message)
or at an initiators initiative. When issued on the connection to be or at an initiators initiative. When issued on the connection to be
logged out no other request may follow it. logged out no other request may follow it.
The Logout response indicates that the connection or session cleanup The Logout response indicates that the connection or session cleanup
is completed and no other responses will arrive on the connection is completed and no other responses will arrive on the connection
(if received on the logging out connection). In addition, the Logout (if received on the logging out connection). In addition, the Logout
Response indicates how long the target will continue to hold Response indicates how long the target will continue to hold
Julian Satran Expires June 2003 56
iSCSI 3-November-02
resources for recovery (e.g., command execution that continues on a resources for recovery (e.g., command execution that continues on a
new connection) in the text key Time2Retain and how long the new connection) in the text key Time2Retain and how long the
initiator must wait before proceeding with recovery in the text key initiator must wait before proceeding with recovery in the text key
Time2Wait. Time2Wait.
3.5.3.4 SNACK Request 3.5.3.4 SNACK Request
With the SNACK Request, the initiator requests retransmission of With the SNACK Request, the initiator requests retransmission of
numbered-responses or data from the target. A single SNACK request numbered-responses or data from the target. A single SNACK request
covers a contiguous set of missing items, called a run, of a given covers a contiguous set of missing items, called a run, of a given
skipping to change at line 2497 skipping to change at line 2452
R2TSN) and the number of missed Status, Data, or R2T PDUs. For long R2TSN) and the number of missed Status, Data, or R2T PDUs. For long
data-in sequences, the target may request (at predefined minimum data-in sequences, the target may request (at predefined minimum
intervals) a positive acknowledgement for the data sent. A SNACK intervals) a positive acknowledgement for the data sent. A SNACK
request with a type field that indicates ACK and the number of Data- request with a type field that indicates ACK and the number of Data-
In PDUs acknowledged conveys this positive acknowledgement. In PDUs acknowledged conveys this positive acknowledgement.
3.5.3.5 Reject 3.5.3.5 Reject
Reject enables the target to report an iSCSI error condition (e.g., Reject enables the target to report an iSCSI error condition (e.g.,
protocol, unsupported option) that uses a Reason field in the PDU protocol, unsupported option) that uses a Reason field in the PDU
Julian Satran Expires August 2003 47
iSCSI 19-January-03
header and includes the complete header of the bad PDU in the Reject header and includes the complete header of the bad PDU in the Reject
PDU data segment. PDU data segment.
3.5.3.6 NOP-Out Request and NOP-In Response 3.5.3.6 NOP-Out Request and NOP-In Response
This request/response pair may be used by an initiator and target as This request/response pair may be used by an initiator and target as
a "ping" mechanism to verify that a connection/session is still a "ping" mechanism to verify that a connection/session is still
active and all of its components are operational. Such a ping may be active and all of its components are operational. Such a ping may be
triggered by the initiator or target. The triggering party indicates triggered by the initiator or target. The triggering party indicates
that it wants a reply by setting a value different from the default that it wants a reply by setting a value different from the default
0xffffffff in the corresponding Initiator/Target Transfer Tag. 0xffffffff in the corresponding Initiator/Target Transfer Tag.
NOP-In/NOP-Out may also be used "unidirectional" to convey to the NOP-In/NOP-Out may also be used "unidirectional" to convey to the
initiator/target command, status or data counter values when there initiator/target command, status or data counter values when there
is no other "carrier" and there is a need to update the initiator/ is no other "carrier" and there is a need to update the initiator/
target. target.
Julian Satran Expires June 2003 57 Julian Satran Expires August 2003 48
iSCSI 3-November-02 iSCSI 19-January-03
Julian Satran Expires June 2003 58
iSCSI 3-November-02
4. SCSI Mode Parameters for iSCSI 4. SCSI Mode Parameters for iSCSI
There are no iSCSI specific mode pages. There are no iSCSI specific mode pages.
Julian Satran Expires June 2003 59 Julian Satran Expires August 2003 49
iSCSI 3-November-02 iSCSI 19-January-03
5. Login and Full Feature Phase Negotiation 5. Login and Full Feature Phase Negotiation
iSCSI parameters are negotiated at session or connection iSCSI parameters are negotiated at session or connection
establishment by using Login Requests and Responses (see Section establishment by using Login Requests and Responses (see Section
3.2.3 iSCSI Login) and during Full Feature Phase (Section 3.2.4 3.2.3 iSCSI Login) and during Full Feature Phase (Section 3.2.4
iSCSI Full Feature Phase) by using Text Requests and Responses. In iSCSI Full Feature Phase) by using Text Requests and Responses. In
both cases the mechanism used is an exchange of key=value pairs. both cases the mechanism used is an exchange of iSCSI-text-key=value
pairs. For brevity iSCSI-text-keys are called just keys in the rest
of this document.
Keys are either declarative or require negotiation and the key Keys are either declarative or require negotiation and the key
description indicates if the key is declarative or requires description indicates if the key is declarative or requires
negotiation. negotiation.
For the declarative keys the declaring party sets a value for the For the declarative keys the declaring party sets a value for the
key. The key specification indicates if the key can be declared by key. The key specification indicates if the key can be declared by
the initiator, target or both. the initiator, target or both.
For the keys that require negotiation one of the parties (the For the keys that require negotiation one of the parties (the
skipping to change at line 2570 skipping to change at line 2528
Progression from stage to stage is controlled by the T (Transition) Progression from stage to stage is controlled by the T (Transition)
bit in the Login Request/Response PDU header. Through the T bit set bit in the Login Request/Response PDU header. Through the T bit set
to 1, the initiator indicates that it would like to transition. The to 1, the initiator indicates that it would like to transition. The
target agrees to the transition (and selects the next stage) when target agrees to the transition (and selects the next stage) when
ready. A field in the Login PDU header indicates the current stage ready. A field in the Login PDU header indicates the current stage
(CSG) and during transition, another field indicates the next stage (CSG) and during transition, another field indicates the next stage
(NSG) proposed (initiator) and selected (target). (NSG) proposed (initiator) and selected (target).
The Text negotiation process is used to negotiate or declare The Text negotiation process is used to negotiate or declare
operational parameters. The negotiation process is controlled by the operational parameters. The negotiation process is controlled by the
Julian Satran Expires June 2003 60
iSCSI 3-November-02
F (final) bit in the PDU header. During text negotiations, the F bit F (final) bit in the PDU header. During text negotiations, the F bit
is used by the initiator to indicate that it is ready to finish the is used by the initiator to indicate that it is ready to finish the
negotiation and by the Target to acquiesce the end of negotiation. negotiation and by the Target to acquiesce the end of negotiation.
Since some key=value pairs may not fit entirely in a single PDU, the Since some key=value pairs may not fit entirely in a single PDU, the
C (continuation) bit is used (both in Login and Text) to indicate C (continuation) bit is used (both in Login and Text) to indicate
that "more follows". that "more follows".
The text negotiation uses an additional mechanism by which a target The text negotiation uses an additional mechanism by which a target
may deliver larger amounts of data to an enquiring initiator. The may deliver larger amounts of data to an enquiring initiator. The
target sets a Target Task Tag to be used as a bookmark which when target sets a Target Task Tag to be used as a bookmark which when
Julian Satran Expires August 2003 50
iSCSI 19-January-03
returned by the initiator, means "go on". If reset to a "neutral returned by the initiator, means "go on". If reset to a "neutral
value", it means "forget about the rest". value", it means "forget about the rest".
This chapter details types of keys and values used, the syntax rules This chapter details types of keys and values used, the syntax rules
for parameter formation, and the negotiation schemes to be used with for parameter formation, and the negotiation schemes to be used with
different types of parameters. different types of parameters.
5.1 Text Format 5.1 Text Format
The initiator and target send a set of key=value pairs encoded in The initiator and target send a set of key=value pairs encoded in
skipping to change at line 2617 skipping to change at line 2575
"+" (0x2b) - plus "+" (0x2b) - plus
"@" (0x40) - commercial at "@" (0x40) - commercial at
"_" (0x5f) - underscore "_" (0x5f) - underscore
"=" (0x3d) - equal "=" (0x3d) - equal
":" (0x3a) - colon ":" (0x3a) - colon
"/" (0x2f) - solidus or slash "/" (0x2f) - solidus or slash
"[" (0x5b) - left bracket "[" (0x5b) - left bracket
"]" (0x5d) - right bracket "]" (0x5d) - right bracket
null (0x00) - null separator null (0x00) - null separator
"," (0x2c) - comma "," (0x2c) - comma
Julian Satran Expires June 2003 61
iSCSI 3-November-02
"~" (0x7e) - tilde "~" (0x7e) - tilde
Key=value pairs may span PDU boundaries. An initiator or target that Key=value pairs may span PDU boundaries. An initiator or target that
sends partial key=value text within a PDU indicates that more text sends partial key=value text within a PDU indicates that more text
follows by setting the C bit in the Text or Login Request or Text or follows by setting the C bit in the Text or Login Request or Text or
Login Response to 1. Data segments in a series of PDUs that have the Login Response to 1. Data segments in a series of PDUs that have the
C bit set to 1 and end with a PDU that have the C bit set to 0, or C bit set to 1 and end with a PDU that have the C bit set to 0, or
include a single PDU that has the C bit set to 0 have to be include a single PDU that has the C bit set to 0 have to be
considered as forming a single logical-text-data-segment (LTDS). considered as forming a single logical-text-data-segment (LTDS).
skipping to change at line 2645 skipping to change at line 2599
The term key is used frequently in this document in place of key- The term key is used frequently in this document in place of key-
name. name.
A value is whatever follows the first = in the key=value pair up to A value is whatever follows the first = in the key=value pair up to
the end of the key=value pair, but not including the null delimiter. the end of the key=value pair, but not including the null delimiter.
The following definitions will be used in the rest of this document: The following definitions will be used in the rest of this document:
standard-label: A string of one or more characters that consist standard-label: A string of one or more characters that consist
of letters, digits, dot, minus, plus, commercial at, or of letters, digits, dot, minus, plus, commercial at, or
Julian Satran Expires August 2003 51
iSCSI 19-January-03
underscore. A standard-label MUST begin with a capital letter underscore. A standard-label MUST begin with a capital letter
and must not exceed 63 characters. and must not exceed 63 characters.
key-name: A standard-label. key-name: A standard-label.
text-value: A string of zero or more characters that consist of text-value: A string of zero or more characters that consist of
letters, digits, dot, minus, plus, commercial at, underscore, letters, digits, dot, minus, plus, commercial at, underscore,
slash, left bracket, right bracket, or colon. slash, left bracket, right bracket, or colon.
iSCSI-name-value: A string of one or more characters that iSCSI-name-value: A string of one or more characters that
skipping to change at line 2667 skipping to change at line 2625
[STPREP-iSCSI] (see also Section 3.2.6.2 iSCSI Name Encoding). [STPREP-iSCSI] (see also Section 3.2.6.2 iSCSI Name Encoding).
iSCSI-local-name-value: A UTF-8 string; no null characters are iSCSI-local-name-value: A UTF-8 string; no null characters are
allowed in the string. This encoding is to be used for allowed in the string. This encoding is to be used for
localized (internationalized) aliases. localized (internationalized) aliases.
boolean-value: The string "Yes" or "No". boolean-value: The string "Yes" or "No".
hex-constant: A hexadecimal constant encoded as a string that hex-constant: A hexadecimal constant encoded as a string that
starts with "0x" or "0X" followed by one or more digits or the starts with "0x" or "0X" followed by one or more digits or the
Julian Satran Expires June 2003 62
iSCSI 3-November-02
letters a, b, c, d, e, f, A, B, C, D, E, or F. Hex-constants letters a, b, c, d, e, f, A, B, C, D, E, or F. Hex-constants
are used to encode numerical values or binary strings. When are used to encode numerical values or binary strings. When
used to encode numerical values, the excessive use of leading used to encode numerical values, the excessive use of leading
0 digits is discouraged. The string following 0X (or 0x) 0 digits is discouraged. The string following 0X (or 0x)
represents a base16 number that starts with the most represents a base16 number that starts with the most
significant base16 digit, followed by all other digits in significant base16 digit, followed by all other digits in
decreasing order of significance and ending with the least- decreasing order of significance and ending with the least-
significant base16 digit. When used to encode binary strings, significant base16 digit. When used to encode binary strings,
hexadecimal constants have an implicit byte-length that hexadecimal constants have an implicit byte-length that
includes four bits for every hexadecimal digit of the includes four bits for every hexadecimal digit of the
skipping to change at line 2705 skipping to change at line 2659
base64-constant: base64 constant encoded as a string that starts base64-constant: base64 constant encoded as a string that starts
with "0b" or "0B" followed by 1 or more digits or letters or with "0b" or "0B" followed by 1 or more digits or letters or
plus or slash or equal. The encoding is done according to plus or slash or equal. The encoding is done according to
[RFC2045] and each character, except equal, represents a [RFC2045] and each character, except equal, represents a
base64 digit or a 6-bit binary string. Base64-constants are base64 digit or a 6-bit binary string. Base64-constants are
used to encode numerical-values or binary strings. When used used to encode numerical-values or binary strings. When used
to encode numerical values, the excessive use of leading 0 to encode numerical values, the excessive use of leading 0
digits (encoded as A) is discouraged. The string following 0B digits (encoded as A) is discouraged. The string following 0B
(or 0b) represents a base64 number that starts with the most (or 0b) represents a base64 number that starts with the most
significant base64 digit, followed by all other digits in significant base64 digit, followed by all other digits in
Julian Satran Expires August 2003 52
iSCSI 19-January-03
decreasing order of significance and ending with the least- decreasing order of significance and ending with the least-
significant base64 digit; the least significant base64 digit significant base64 digit; the least significant base64 digit
may be optionally followed by pad digits (encoded as equal) may be optionally followed by pad digits (encoded as equal)
that are not considered as part of the number. When used to that are not considered as part of the number. When used to
encode binary strings, base64-constants have an implicit byte- encode binary strings, base64-constants have an implicit byte-
length that includes six bits for every character of the length that includes six bits for every character of the
constant, excluding trailing equals (i.e., a base64-constant constant, excluding trailing equals (i.e., a base64-constant
of n base64 characters excluding the trailing equals has a of n base64 characters excluding the trailing equals has a
byte-length of ((the integer part of) (n*3/4)). Correctly byte-length of ((the integer part of) (n*3/4)). Correctly
encoded base64 strings cannot have n values of 1, 5 ... k*4+1. encoded base64 strings cannot have n values of 1, 5 ... k*4+1.
numerical-value: An unsigned integer always less than 2**64 numerical-value: An unsigned integer always less than 2**64
encoded as a decimal-constant or a hex-constant. Unsigned encoded as a decimal-constant or a hex-constant. Unsigned
integer arithmetic applies to numerical-values. integer arithmetic applies to numerical-values.
Julian Satran Expires June 2003 63
iSCSI 3-November-02
large-numerical-value: An unsigned integer that can be larger large-numerical-value: An unsigned integer that can be larger
than or equal to 2**64 encoded as a hex constant, or base64- than or equal to 2**64 encoded as a hex constant, or base64-
constant. Unsigned integer arithmetic applies to large- constant. Unsigned integer arithmetic applies to large-
numeric-values. numeric-values.
numeric-range: Two numerical-values separated by a tilde where numeric-range: Two numerical-values separated by a tilde where
the value to the right of tilde must not be lower than the the value to the right of tilde must not be lower than the
value to the left. value to the left.
regular-binary-value: A binary string not longer than 64 bits regular-binary-value: A binary string not longer than 64 bits
skipping to change at line 2763 skipping to change at line 2718
delimiter (comma or zero byte). delimiter (comma or zero byte).
Any iSCSI target or initiator MUST support receiving at least 8192 Any iSCSI target or initiator MUST support receiving at least 8192
bytes of key=value data in a negotiation sequence. When proposing or bytes of key=value data in a negotiation sequence. When proposing or
accepting authentication methods that explicitly require support for accepting authentication methods that explicitly require support for
very long authentication items, the initiator and target MUST very long authentication items, the initiator and target MUST
support receiving of at least 64 kilobytes of key=value data (see support receiving of at least 64 kilobytes of key=value data (see
Appendix 11.1.2 - Simple Public-Key Mechanism (SPKM) - that require Appendix 11.1.2 - Simple Public-Key Mechanism (SPKM) - that require
support for public key certificates). support for public key certificates).
Julian Satran Expires August 2003 53
iSCSI 19-January-03
5.2 Text Mode Negotiation 5.2 Text Mode Negotiation
During login, and thereafter, some session or connection parameters During login, and thereafter, some session or connection parameters
are either declared or negotiated through an exchange of textual are either declared or negotiated through an exchange of textual
information. information.
Julian Satran Expires June 2003 64
iSCSI 3-November-02
The initiator starts the negotiation and/or declaration through a The initiator starts the negotiation and/or declaration through a
Text or Login request and indicates when it is ready for completion Text or Login request and indicates when it is ready for completion
(by setting the F bit to 1 and keeping it to 1 in a Text Request or (by setting the F bit to 1 and keeping it to 1 in a Text Request or
the T bit in the Login Request). As negotiation text may span PDU the T bit in the Login Request). As negotiation text may span PDU
boundaries, a Text or Login Request or Text or Login Response PDU boundaries, a Text or Login Request or Text or Login Response PDU
that have the C bit set to 1 MUST NOT have the F/T bit set to 1. that have the C bit set to 1 MUST NOT have the F/T bit set to 1.
A target receiving a Text or Login Request with the C bit set to 1 A target receiving a Text or Login Request with the C bit set to 1
MUST answer with a Text or Login Response with no data segment MUST answer with a Text or Login Response with no data segment
(DataSegmentLength 0). An initiator receiving a Text or Login (DataSegmentLength 0). An initiator receiving a Text or Login
skipping to change at line 2797 skipping to change at line 2752
unless explicitly required by a general or a key-specific unless explicitly required by a general or a key-specific
negotiation rule. negotiation rule.
The format of a declaration is: The format of a declaration is:
Declarer-> <key>=<valuex> Declarer-> <key>=<valuex>
The general format of text negotiation is: The general format of text negotiation is:
Proposer-> <key>=<valuex> Proposer-> <key>=<valuex>
Acceptor-> <key>=<valuey>|NotUnderstood|Irrelevant|Reject Acceptor-> <key>={<valuey>|NotUnderstood|Irrelevant|Reject}
Thus a declaration is a one-way textual exchange while a negotiation Thus a declaration is a one-way textual exchange while a negotiation
is a two-way exchange. is a two-way exchange.
The proposer or declarer can either be the initiator or the target, The proposer or declarer can either be the initiator or the target,
and the acceptor can either be the target or initiator, and the acceptor can either be the target or initiator,
respectively. Targets are not limited to respond to key=value pairs respectively. Targets are not limited to respond to key=value pairs
as proposed by the initiator. The target may propose key=value pairs as proposed by the initiator. The target may propose key=value pairs
of its own. of its own.
All negotiations are explicit (i.e., the result MUST only be based All negotiations are explicit (i.e., the result MUST only be based
on newly exchanged or declared values). There are no implicit on newly exchanged or declared values). There are no implicit
proposals. If a proposal is not made, then a reply cannot be proposals. If a proposal is not made, then a reply cannot be
expected. Conservative design also requires that default values expected. Conservative design also requires that default values
should not be relied upon when use of some other value has serious should not be relied upon when use of some other value has serious
consequences. consequences.
Julian Satran Expires June 2003 65
iSCSI 3-November-02
The value proposed or declared can be a numerical-value, a The value proposed or declared can be a numerical-value, a
numerical-range defined by lower and upper value with both integers numerical-range defined by lower and upper value with both integers
separated by tilde, a binary value, a text-value, an iSCSI-name- separated by tilde, a binary value, a text-value, an iSCSI-name-
value, an iSCSI-local-name-value, a boolean-value (Yes or No), or a value, an iSCSI-local-name-value, a boolean-value (Yes or No), or a
list of comma separated text-values. A range, a large-numerical- list of comma separated text-values. A range, a large-numerical-
value, an iSCSI-name-value and an iSCSI-local-name-value MAY ONLY be value, an iSCSI-name-value and an iSCSI-local-name-value MAY ONLY be
Julian Satran Expires August 2003 54
iSCSI 19-January-03
used if it is explicitly allowed. An accepted value can be a used if it is explicitly allowed. An accepted value can be a
numerical-value, a large-numerical-value, a text-value, or a numerical-value, a large-numerical-value, a text-value, or a
boolean-value. boolean-value.
If a specific key is not relevant for the current negotiation, the If a specific key is not relevant for the current negotiation, the
acceptor may answer with the constant "Irrelevant" for all types of acceptor may answer with the constant "Irrelevant" for all types of
negotiation. However the negotiation is not considered as failed if negotiation. However the negotiation is not considered as failed if
the answer is "Irrelevant". The "Irrelevant" answer is meant for the answer is "Irrelevant". The "Irrelevant" answer is meant for
those cases in which several keys are presented by a proposing party those cases in which several keys are presented by a proposing party
but the selection made by the acceptor for one of the keys makes but the selection made by the acceptor for one of the keys makes
skipping to change at line 2859 skipping to change at line 2815
this rule is a protocol error (in particular the use of "Reject", this rule is a protocol error (in particular the use of "Reject",
"Irrelevant", and "NotUnderstood" as proposed values). "Irrelevant", and "NotUnderstood" as proposed values).
Reject or Irrelevant are legitimate negotiation options where Reject or Irrelevant are legitimate negotiation options where
allowed but their excessive use is discouraged. A negotiation is allowed but their excessive use is discouraged. A negotiation is
considered complete when the acceptor has sent the key value pair considered complete when the acceptor has sent the key value pair
even if the value is "Reject", "Irrelevant", or "NotUnderstood. even if the value is "Reject", "Irrelevant", or "NotUnderstood.
Sending the key again would be a re-negotiation and is forbidden for Sending the key again would be a re-negotiation and is forbidden for
many keys. many keys.
Julian Satran Expires June 2003 66
iSCSI 3-November-02
If the acceptor sends "Reject" as an answer the negotiated key is If the acceptor sends "Reject" as an answer the negotiated key is
left at its current value (or default if no value was set). If the left at its current value (or default if no value was set). If the
current value is not acceptable to the proposer on the connection or current value is not acceptable to the proposer on the connection or
to the session it is sent, the proposer MAY choose to terminate the to the session it is sent, the proposer MAY choose to terminate the
connection or session. connection or session.
All keys in this document, except for the X extension formats, MUST All keys in this document, except for the X extension formats, MUST
be supported by iSCSI initiators and targets when used as specified be supported by iSCSI initiators and targets when used as specified
here. If used as specified, these keys MUST NOT be answered with here. If used as specified, these keys MUST NOT be answered with
NotUnderstood. NotUnderstood.
Implementers may introduce new keys by prefixing them with X- Implementers may introduce new keys by prefixing them with X-
followed by their (reversed) domain name, or with new keys followed by their (reversed) domain name, or with new keys
registered with IANA prefixing them with X#. For example, the entity registered with IANA prefixing them with X#. For example, the entity
owning the domain acme.com can issue: owning the domain example.com can issue:
X-com.acme.bar.foo.do_something=3 X-com.example.bar.foo.do_something=3
or a new registered key may be used as in: or a new registered key may be used as in:
Julian Satran Expires August 2003 55
iSCSI 19-January-03
X#SuperCalyPhraGilistic=Yes X#SuperCalyPhraGilistic=Yes
Implementers MAY also introduce new values, but ONLY for new keys or Implementers MAY also introduce new values, but ONLY for new keys or
authentication methods (see Section 11 iSCSI Security Keys and authentication methods (see Section 11 iSCSI Security Text Keys and
Authentication Methods), or digests (see Section 12.1 HeaderDigest Authentication Methods), or digests (see Section 12.1 HeaderDigest
and DataDigest). and DataDigest).
Whenever parameter action or acceptance are dependent on other Whenever parameter action or acceptance are dependent on other
parameters, the dependency rules and parameter sequence must be parameters, the dependency rules and parameter sequence must be
specified with the parameters. specified with the parameters.
In the Login Phase (see Section 5.3 Login Phase), every stage is a In the Login Phase (see Section 5.3 Login Phase), every stage is a
separate negotiation. In the FullFeaturePhase, a Text Request separate negotiation. In the FullFeaturePhase, a Text Request
Response sequence is a negotiation. Negotiations MUST be handled as Response sequence is a negotiation. Negotiations MUST be handled as
atomic operations. For example, all negotiated values go into effect atomic operations. For example, all negotiated values go into effect
after the negotiation concludes in agreement or are ignored if the after the negotiation concludes in agreement or are ignored if the
negotiation fails. negotiation fails.
Some parameters may be subject to integrity rules (e.g., parameter-x Some parameters may be subject to integrity rules (e.g., parameter-x
must not exceed parameter-y or parameter-u not 1 implies parameter-v must not exceed parameter-y or parameter-u not 1 implies parameter-v
be Yes). Whenever required, integrity rules are specified with the be Yes). Whenever required, integrity rules are specified with the
keys. Checking for compliance with the integrity rule must only be keys. Checking for compliance with the integrity rule must only be
performed after all the parameters are available (the existent and performed after all the parameters are available (the existent and
Julian Satran Expires June 2003 67
iSCSI 3-November-02
the newly negotiated). An iSCSI target MUST perform integrity the newly negotiated). An iSCSI target MUST perform integrity
checking before the new parameters take effect. An initiator MAY checking before the new parameters take effect. An initiator MAY
perform integrity checking. perform integrity checking.
An iSCSI initiator or target MAY terminate a negotiation that does An iSCSI initiator or target MAY terminate a negotiation that does
not end within a reasonable time or number of exchanges. not end within a reasonable time or number of exchanges.
5.2.1 List negotiations 5.2.1 List negotiations
In list negotiation, the originator sends a list of values (which In list negotiation, the originator sends a list of values (which
skipping to change at line 2941 skipping to change at line 2893
understand, or is not allowed to use any of the proposed options understand, or is not allowed to use any of the proposed options
with a specific originator, it may use the constant "Reject" or with a specific originator, it may use the constant "Reject" or
terminate the negotiation. The selection of a value not proposed terminate the negotiation. The selection of a value not proposed
MUST be handled as a protocol error. MUST be handled as a protocol error.
5.2.2 Simple-value Negotiations 5.2.2 Simple-value Negotiations
For simple-value negotiations, the accepting party MUST answer with For simple-value negotiations, the accepting party MUST answer with
the same key. The value it selects becomes the negotiation result. the same key. The value it selects becomes the negotiation result.
Julian Satran Expires August 2003 56
iSCSI 19-January-03
Proposing a value not admissible (e.g., not within the specified Proposing a value not admissible (e.g., not within the specified
bounds) MAY be answered with the constant "Reject" or the acceptor bounds) MAY be answered with the constant "Reject" or the acceptor
MAY select an admissible value. MAY select an admissible value.
The selection, by the acceptor, of a value not admissible under the The selection, by the acceptor, of a value not admissible under the
selection rules is considered a protocol error. The selection rules selection rules is considered a protocol error. The selection rules
are key-specific. are key-specific.
For a numerical range the value selected must be an integer within For a numerical range the value selected must be an integer within
the proposed range or "Reject" (if the range is unacceptable). the proposed range or "Reject" (if the range is unacceptable).
Julian Satran Expires June 2003 68
iSCSI 3-November-02
For Boolean negotiations (i.e., keys taking the values Yes or No), For Boolean negotiations (i.e., keys taking the values Yes or No),
the accepting party MUST answer with the same key and the result of the accepting party MUST answer with the same key and the result of
the negotiation when the received value does not determine that the negotiation when the received value does not determine that
result by itself. The last value transmitted becomes the negotiation result by itself. The last value transmitted becomes the negotiation
result. The rules for selecting the value to answer with are result. The rules for selecting the value to answer with are
expressed as Boolean functions of the value received, and the value expressed as Boolean functions of the value received, and the value
that the accepting party would have selected if given a choice. that the accepting party would have selected if given a choice.
Specifically, the two cases in which answers are OPTIONAL are: Specifically, the two cases in which answers are OPTIONAL are:
- The Boolean function is "AND" and the value "No" is received. - The Boolean function is "AND" and the value "No" is received.
The outcome of the negotiation is "No". The outcome of the negotiation is "No".
- The Boolean function is "OR" and the value "Yes" is received. - The Boolean function is "OR" and the value "Yes" is received.
The outcome of the negotiation is "Yes". The outcome of the negotiation is "Yes".
Responses are REQUIRED in all other cases, and the value chosen and Responses are REQUIRED in all other cases, and the value chosen and
sent by the acceptor becomes the outcome of the negotiation. sent by the acceptor becomes the outcome of the negotiation.
5.3 Login Phase 5.3 Login Phase
The Login Phase establishes an iSCSI session between an initiator The Login Phase establishes an iSCSI connection between an initiator
and a target. It sets the iSCSI protocol parameters, security and a target; it creates also a new session or associates the
parameters, and authenticates the initiator and target to each connection to an existing session. The Login Phase sets the iSCSI
other. protocol parameters, security parameters, and authenticates the
initiator and target to each other.
The Login Phase is only implemented via Login request and responses. The Login Phase is only implemented via Login request and responses.
The whole Login Phase is considered as a single task and has a The whole Login Phase is considered as a single task and has a
single Initiator Task Tag (similar to the linked SCSI commands). single Initiator Task Tag (similar to the linked SCSI commands).
The default MaxRecvDataSegmentLength is used during Login. The default MaxRecvDataSegmentLength is used during Login.
The Login Phase sequence of requests and responses proceeds as The Login Phase sequence of requests and responses proceeds as
follows: follows:
- Login initial request - Login initial request
- Login partial response (optional) - Login partial response (optional)
- More Login requests and responses (optional) - More Login requests and responses (optional)
- Login Final-Response (mandatory) - Login Final-Response (mandatory)
The initial login request of any connection MUST include the The initial login request of any connection MUST include the
InitiatorName key=value pair. The initial login request of the first InitiatorName key=value pair. The initial login request of the first
connection of a session MAY also include the SessionType key=value connection of a session MAY also include the SessionType key=value
pair. For any connection within a session whose type is not pair. For any connection within a session whose type is not
Julian Satran Expires June 2003 69 Julian Satran Expires August 2003 57
iSCSI 3-November-02 iSCSI 19-January-03
"Discovery", the first login request MUST also include the "Discovery", the first login request MUST also include the
TargetName key=value pair. TargetName key=value pair.
The Login Final-response accepts or rejects the Login request. The Login Final-response accepts or rejects the Login request.
The Login Phase MAY include a SecurityNegotiation stage and a The Login Phase MAY include a SecurityNegotiation stage and a
LoginOperationalNegotiation stage and MUST include at least one of LoginOperationalNegotiation stage and MUST include at least one of
them, but the included stage MAY be empty except for the mandatory them, but the included stage MAY be empty except for the mandatory
names. names.
skipping to change at line 3044 skipping to change at line 2997
The SecurityNegotiation keys appear in Chapter 11 and the The SecurityNegotiation keys appear in Chapter 11 and the
LoginOperationalNegotiation keys appear in Chapter 12. Only a LoginOperationalNegotiation keys appear in Chapter 12. Only a
limited set of keys (marked as Any-Stage in Chapter 12) may be used limited set of keys (marked as Any-Stage in Chapter 12) may be used
in any of the two stages. in any of the two stages.
Any given Login request or response belongs to a specific stage; Any given Login request or response belongs to a specific stage;
this determines the negotiation keys allowed with the request or this determines the negotiation keys allowed with the request or
response. It is considered to be a protocol error to send a key not response. It is considered to be a protocol error to send a key not
allowed in the current stage. allowed in the current stage.
Julian Satran Expires June 2003 70
iSCSI 3-November-02
Stage transition is performed through a command exchange (request/ Stage transition is performed through a command exchange (request/
response) that carries the T bit and the same CSG code. During this response) that carries the T bit and the same CSG code. During this
exchange, the next stage is selected by the target through the "next exchange, the next stage is selected by the target through the "next
stage" code (NSG). The selected NSG MUST NOT exceed the value stated stage" code (NSG). The selected NSG MUST NOT exceed the value stated
by the initiator. The initiator can request a transition whenever it by the initiator. The initiator can request a transition whenever it
is ready, but a target can only respond with a transition after one is ready, but a target can only respond with a transition after one
is proposed by the initiator. is proposed by the initiator.
In a negotiation sequence, the T bit settings in one pair of login In a negotiation sequence, the T bit settings in one pair of login
request-responses have no bearing on the T bit settings of the next request-responses have no bearing on the T bit settings of the next
pair. An initiator that has a T bit set to 1 in one pair and is pair. An initiator that has a T bit set to 1 in one pair and is
answered with a T bit setting of 0 may issue the next request with T answered with a T bit setting of 0 may issue the next request with T
bit set to 0. bit set to 0.
Julian Satran Expires August 2003 58
iSCSI 19-January-03
When a transition is requested by the initiator and acknowledged by When a transition is requested by the initiator and acknowledged by
the target, both the initiator and target switch to the selected the target, both the initiator and target switch to the selected
stage. stage.
Targets MUST NOT submit parameters that require an additional Targets MUST NOT submit parameters that require an additional
initiator login request in a login response with the T bit set to 1. initiator login request in a login response with the T bit set to 1.
Stage transitions during login (including entering and exit) are Stage transitions during login (including entering and exit) are
only possible as outlined in the following table: only possible as outlined in the following table:
skipping to change at line 3090 skipping to change at line 3043
| Operational | no | no | yes | | Operational | no | no | yes |
+-----------------------------------------------------------+ +-----------------------------------------------------------+
The Login Final-Response that accepts a Login Request can only come The Login Final-Response that accepts a Login Request can only come
as a response to a Login request with the T bit set to 1, and both as a response to a Login request with the T bit set to 1, and both
the request and response MUST indicate FullFeaturePhase as the next the request and response MUST indicate FullFeaturePhase as the next
phase via the NSG field. phase via the NSG field.
Neither the initiator nor the target should attempt to declare or Neither the initiator nor the target should attempt to declare or
negotiate a parameter more than once during login except for negotiate a parameter more than once during login except for
Julian Satran Expires June 2003 71
iSCSI 3-November-02
responses to specific keys that explicitly allow repeated key responses to specific keys that explicitly allow repeated key
declarations (e.g., TargetAddress). If an attempt to renegotiate/ declarations (e.g., TargetAddress). An attempt to renegotiate/
redeclare parameters not specifically allowed is detected by the redeclare parameters not specifically allowed MUST be detected by
target, the target MUST respond with Login reject (initiator error). the initiator and target. If such an attempt is detected by the
If detected by the initiator, the initiator MUST drop the target, the target MUST respond with Login reject (initiator error);
if detected by the initiator, the initiator MUST drop the
connection. connection.
5.3.1 Login Phase Start 5.3.1 Login Phase Start
The Login Phase starts with a login request from the initiator to The Login Phase starts with a login request from the initiator to
the target. The initial login request includes: the target. The initial login request includes:
-Protocol version supported by the initiator. -Protocol version supported by the initiator.
-iSCSI Initiator Name and iSCSI Target Name -iSCSI Initiator Name and iSCSI Target Name
-ISID, TSIH, and connection Ids -ISID, TSIH, and connection Ids
-Negotiation stage that the initiator is ready to enter. -Negotiation stage that the initiator is ready to enter.
A login may create a new session or it may add a connection to an A login may create a new session or it may add a connection to an
existing session. Between a given iSCSI Initiator Node (selected existing session. Between a given iSCSI Initiator Node (selected
only by an InitiatorName) and a given iSCSI target defined by an only by an InitiatorName) and a given iSCSI target defined by an
iSCSI TargetName and a Target Portal Group Tag, the login results iSCSI TargetName and a Target Portal Group Tag, the login results
are defined by the following table: are defined by the following table:
Julian Satran Expires June 2003 72 Julian Satran Expires August 2003 59
iSCSI 3-November-02 iSCSI 19-January-03
+------------------------------------------------------------------+ +------------------------------------------------------------------+
|ISID | TSIH | CID | Target action | |ISID | TSIH | CID | Target action |
+------------------------------------------------------------------+ +------------------------------------------------------------------+
|new | non-zero | any | fail the login | |new | non-zero | any | fail the login |
| | | | ("session does not exist") | | | | | ("session does not exist") |
+------------------------------------------------------------------+ +------------------------------------------------------------------+
|new | zero | any | instantiate a new session | |new | zero | any | instantiate a new session |
+------------------------------------------------------------------+ +------------------------------------------------------------------+
|existing | zero | any | do session reinstatement | |existing | zero | any | do session reinstatement |
skipping to change at line 3163 skipping to change at line 3113
-Login Response with Login reject. This is an immediate -Login Response with Login reject. This is an immediate
rejection from the target that causes the connection to rejection from the target that causes the connection to
terminate and the session to terminate if this is the first terminate and the session to terminate if this is the first
(or only) connection of a new session. The T bit and the CSG (or only) connection of a new session. The T bit and the CSG
and NSG fields are reserved. and NSG fields are reserved.
-Login Response with Login accept as a final response (T bit set -Login Response with Login accept as a final response (T bit set
to 1 and the NSG in both request and response are set to to 1 and the NSG in both request and response are set to
FullFeaturePhase). The response includes the protocol version FullFeaturePhase). The response includes the protocol version
supported by the target and the session ID, and may include supported by the target and the session ID, and may include
Julian Satran Expires June 2003 73
iSCSI 3-November-02
iSCSI operational or security parameters (that depend on the iSCSI operational or security parameters (that depend on the
current stage). current stage).
-Login Response with Login Accept as a partial response (NSG not -Login Response with Login Accept as a partial response (NSG not
set to FullFeaturePhase in both request and response) that set to FullFeaturePhase in both request and response) that
indicates the start of a negotiation sequence. The response indicates the start of a negotiation sequence. The response
includes the protocol version supported by the target and includes the protocol version supported by the target and
either security or iSCSI parameters (when no security either security or iSCSI parameters (when no security
mechanism is chosen) supported by the target. mechanism is chosen) supported by the target.
If the initiator decides to forego the SecurityNegotiation stage, it If the initiator decides to forego the SecurityNegotiation stage, it
issues the Login with the CSG set to LoginOperationalNegotiation and issues the Login with the CSG set to LoginOperationalNegotiation and
Julian Satran Expires August 2003 60
iSCSI 19-January-03
the target may reply with a Login Response that indicates that it is the target may reply with a Login Response that indicates that it is
unwilling to accept the connection (see Section 10.13 Login unwilling to accept the connection (see Section 10.13 Login
Response) without SecurityNegotiation and will terminate the Response) without SecurityNegotiation and will terminate the
connection with a response of Authentication failure (see Section connection with a response of Authentication failure (see Section
10.13.5 Status-Class and Status-Detail). 10.13.5 Status-Class and Status-Detail).
If the initiator is willing to negotiate iSCSI security, but is If the initiator is willing to negotiate iSCSI security, but is
unwilling to make the initial parameter proposal and may accept a unwilling to make the initial parameter proposal and may accept a
connection without iSCSI security, it issues the Login with the T connection without iSCSI security, it issues the Login with the T
bit set to 1, the CSG set to SecurityNegotiation, and NSG set to bit set to 1, the CSG set to SecurityNegotiation, and NSG set to
skipping to change at line 3206 skipping to change at line 3156
Login with the T bit set to 1, the CSG set to Login with the T bit set to 1, the CSG set to
LoginOperationalNegotiation, and NSG set to FullFeaturePhase. If the LoginOperationalNegotiation, and NSG set to FullFeaturePhase. If the
target is also ready to forego security and can finish its target is also ready to forego security and can finish its
LoginOperationalNegotiation, the Login response has T bit set to 1, LoginOperationalNegotiation, the Login response has T bit set to 1,
the CSG set to LoginOperationalNegotiation, and NSG set to the CSG set to LoginOperationalNegotiation, and NSG set to
FullFeaturePhase in the next stage. FullFeaturePhase in the next stage.
During the Login Phase the iSCSI target MUST return the During the Login Phase the iSCSI target MUST return the
TargetPortalGroupTag key with the first Login Response PDU with TargetPortalGroupTag key with the first Login Response PDU with
which it is allowed to do so (i.e., the first Login Response issued which it is allowed to do so (i.e., the first Login Response issued
after the first Login Request with the C bit set to 0). The after the first Login Request with the C bit set to 0) for all
TargetPortalGroupTag key value indicates the iSCSI portal group session types. The TargetPortalGroupTag key value indicates the
servicing the Login Request PDU. If the reconfiguration of iSCSI iSCSI portal group servicing the Login Request PDU. If the
portal groups is a concern in a given environment, the iSCSI reconfiguration of iSCSI portal groups is a concern in a given
environment, the iSCSI initiator should use this key to ascertain
Julian Satran Expires June 2003 74 that it had indeed initiated the Login Phase with the intended
iSCSI 3-November-02 target portal group.
initiator should use this key to ascertain that it had indeed
initiated the Login Phase with the intended target portal group.
5.3.2 iSCSI Security Negotiation 5.3.2 iSCSI Security Negotiation
The security exchange sets the security mechanism and authenticates The security exchange sets the security mechanism and authenticates
the initiator user and the target to each other. The exchange the initiator user and the target to each other. The exchange
proceeds according to the authentication method chosen in the proceeds according to the authentication method chosen in the
negotiation phase and is conducted using the login requests' and negotiation phase and is conducted using the login requests' and
responses' key=value parameters. responses' key=value parameters.
An initiator directed negotiation proceeds as follows: An initiator directed negotiation proceeds as follows:
-The initiator sends a login request with an ordered list of the -The initiator sends a login request with an ordered list of the
options it supports (authentication algorithm). The options options it supports (authentication algorithm). The options
are listed in the initiator's order of preference. The are listed in the initiator's order of preference. The
initiator MAY also send private or public extension options. initiator MAY also send private or public extension options.
-The target MUST reply with the first option in the list it -The target MUST reply with the first option in the list it
supports and is allowed to use for the specific initiator supports and is allowed to use for the specific initiator
unless it does not support any in which case it MUST answer unless it does not support any in which case it MUST answer
with "Reject" (see Section 5.2 Text Mode Negotiation). The with "Reject" (see Section 5.2 Text Mode Negotiation). The
Julian Satran Expires August 2003 61
iSCSI 19-January-03
parameters are encoded in UTF8 as key=value. For security parameters are encoded in UTF8 as key=value. For security
parameters, see Chapter 11. parameters, see Chapter 11.
-When the initiator considers that it is ready to conclude the -When the initiator considers that it is ready to conclude the
SecurityNegotiation stage, it sets the T bit to 1 and the NSG SecurityNegotiation stage, it sets the T bit to 1 and the NSG
to what it would like the next stage to be. The target will to what it would like the next stage to be. The target will
then set the T bit to 1 and set NSG to the next stage in the then set the T bit to 1 and set NSG to the next stage in the
Login response when it finishes sending its security keys. The Login response when it finishes sending its security keys. The
next stage selected will be the one the target selected. If next stage selected will be the one the target selected. If
the next stage is FullFeaturePhase, the target MUST respond the next stage is FullFeaturePhase, the target MUST respond
skipping to change at line 3257 skipping to change at line 3208
If the security negotiation fails at the target, then the target If the security negotiation fails at the target, then the target
MUST send the appropriate Login Response PDU. If the security MUST send the appropriate Login Response PDU. If the security
negotiation fails at the initiator, the initiator SHOULD close the negotiation fails at the initiator, the initiator SHOULD close the
connection. connection.
It should be noted that the negotiation might also be directed by It should be noted that the negotiation might also be directed by
the target if the initiator does support security, but is not ready the target if the initiator does support security, but is not ready
to direct the negotiation (propose options). to direct the negotiation (propose options).
Julian Satran Expires June 2003 75
iSCSI 3-November-02
5.3.3 Operational Parameter Negotiation During the Login Phase 5.3.3 Operational Parameter Negotiation During the Login Phase
Operational parameter negotiation during the login MAY be done: Operational parameter negotiation during the login MAY be done:
- Starting with the first Login request if the initiator does - Starting with the first Login request if the initiator does
not propose any security/ integrity option. not propose any security/ integrity option.
- Starting immediately after the security negotiation if the - Starting immediately after the security negotiation if the
initiator and target perform such a negotiation. initiator and target perform such a negotiation.
Operational parameter negotiation MAY involve several Login request- Operational parameter negotiation MAY involve several Login request-
skipping to change at line 3294 skipping to change at line 3242
login request that contains a zero-valued TSIH) - the leading Login login request that contains a zero-valued TSIH) - the leading Login
Phase (e.g., the maximum number of connections that can be used for Phase (e.g., the maximum number of connections that can be used for
this session). this session).
A session is operational once it has at least one connection in A session is operational once it has at least one connection in
FullFeaturePhase. New or replacement connections can only be added FullFeaturePhase. New or replacement connections can only be added
to a session after the session is operational. to a session after the session is operational.
For operational parameters, see Chapter 12. For operational parameters, see Chapter 12.
Julian Satran Expires August 2003 62
iSCSI 19-January-03
5.3.4 Connection Reinstatement 5.3.4 Connection Reinstatement
Connection reinstatement is the process of an initiator logging in Connection reinstatement is the process of an initiator logging in
with a ISID-TSIH-CID combination that is possibly active from the with a ISID-TSIH-CID combination that is possibly active from the
target's perspective, which causes the implicit logging out of the target's perspective, which causes the implicit logging out of the
connection corresponding to the CID and reinstating a new Full connection corresponding to the CID and reinstating a new Full
Feature Phase iSCSI connection in its place (with the same CID). Feature Phase iSCSI connection in its place (with the same CID).
Thus, the TSIH in the Login PDU MUST be non-zero and CID does not Thus, the TSIH in the Login PDU MUST be non-zero and CID does not
change during a connection reinstatement. The Login request performs change during a connection reinstatement. The Login request performs
the logout function of the old connection if an explicit logout was the logout function of the old connection if an explicit logout was
Julian Satran Expires June 2003 76
iSCSI 3-November-02
not performed earlier. In sessions with a single connection, this not performed earlier. In sessions with a single connection, this
may imply the opening of a second connection with the sole purpose may imply the opening of a second connection with the sole purpose
of cleaning up the first. Targets MUST support opening a second of cleaning up the first. Targets MUST support opening a second
connection even when they do not support multiple connections in connection even when they do not support multiple connections in
Full Feature Phase if ErrorRecoveryLevel is 2 and SHOULD support Full Feature Phase if ErrorRecoveryLevel is 2 and SHOULD support
opening a second connection if ErrorRecoveryLevel is less than 2. opening a second connection if ErrorRecoveryLevel is less than 2.
If the operational ErrorRecoveryLevel is 2, connection reinstatement If the operational ErrorRecoveryLevel is 2, connection reinstatement
enables future task reassignment. If the operational enables future task reassignment. If the operational
ErrorRecoveryLevel is less than 2, connection reinstatement is the ErrorRecoveryLevel is less than 2, connection reinstatement is the
replacement of the old CID without enabling task reassignment. In replacement of the old CID without enabling task reassignment. In
this case, all the tasks that were active on the old CID must be this case, all the tasks that were active on the old CID must be
immediately terminated without further notice to the initiator. immediately terminated without further notice to the initiator.
The initiator connection state MUST be CLEANUP_WAIT (section 7.1.3) The initiator connection state MUST be CLEANUP_WAIT (section 7.1.3)
when the initiator attempts a connection reinstatement. when the initiator attempts a connection reinstatement.
In practical terms, in addition the implicit logout of the old In practical terms, in addition to the implicit logout of the old
connection, reinstatement is equivalent to a new connection login. connection, reinstatement is equivalent to a new connection login.
5.3.5 Session Reinstatement, Closure, and Timeout 5.3.5 Session Reinstatement, Closure, and Timeout
Session reinstatement is the process of the initiator logging in Session reinstatement is the process of the initiator logging in
with an ISID that is possibly active from the target's perspective. with an ISID that is possibly active from the target's perspective.
Thus implicitly logging out the session that corresponds to the ISID Thus implicitly logging out the session that corresponds to the ISID
and reinstating a new iSCSI session in its place (with the same and reinstating a new iSCSI session in its place (with the same
ISID). Therefore, the TSIH in the Login PDU MUST be zero to signal ISID). Therefore, the TSIH in the Login PDU MUST be zero to signal
session reinstatement. Session reinstatement causes all the tasks session reinstatement. Session reinstatement causes all the tasks
skipping to change at line 3351 skipping to change at line 3298
Session closure is an event defined to be one of the following: Session closure is an event defined to be one of the following:
- A successful "session close" logout. - A successful "session close" logout.
- A successful "connection close" logout for the last Full - A successful "connection close" logout for the last Full
Feature Phase connection when no other connection in the Feature Phase connection when no other connection in the
session is waiting for cleanup (Section 7.2 Connection Cleanup session is waiting for cleanup (Section 7.2 Connection Cleanup
State Diagram for Initiators and Targets) and no tasks in the State Diagram for Initiators and Targets) and no tasks in the
session are waiting for reassignment. session are waiting for reassignment.
Julian Satran Expires June 2003 77
iSCSI 3-November-02
Session timeout is an event defined to occur when the last Session timeout is an event defined to occur when the last
connection state timeout expires and no tasks are waiting for connection state timeout expires and no tasks are waiting for
Julian Satran Expires August 2003 63
iSCSI 19-January-03
reassignment. This takes the session to the FREE state (N6 reassignment. This takes the session to the FREE state (N6
transition in the session state diagram). transition in the session state diagram).
5.3.5.1 Loss of Nexus Notification 5.3.5.1 Loss of Nexus Notification
The iSCSI layer provides the SCSI layer with the "I_T nexus loss" The iSCSI layer provides the SCSI layer with the "I_T nexus loss"
notification when any one of the following events happens: notification when any one of the following events happens:
a) Successful completion of session reinstatement. a) Successful completion of session reinstatement.
b) Session closure event. b) Session closure event.
skipping to change at line 3396 skipping to change at line 3344
5.4 Operational Parameter Negotiation Outside the Login Phase 5.4 Operational Parameter Negotiation Outside the Login Phase
Some operational parameters MAY be negotiated outside (after) the Some operational parameters MAY be negotiated outside (after) the
Login Phase. Login Phase.
Parameter negotiation in Full Feature Phase is done through Text Parameter negotiation in Full Feature Phase is done through Text
requests and responses. Operational parameter negotiation MAY requests and responses. Operational parameter negotiation MAY
involve several Text request-response exchanges, which the initiator involve several Text request-response exchanges, which the initiator
always starts, terminates, and uses the same Initiator Task Tag. The always starts, terminates, and uses the same Initiator Task Tag. The
Julian Satran Expires June 2003 78
iSCSI 3-November-02
initiator MUST indicate its intent to terminate the negotiation by initiator MUST indicate its intent to terminate the negotiation by
setting the F bit to 1; the target sets the F bit to 1 on the last setting the F bit to 1; the target sets the F bit to 1 on the last
response. response.
If the target responds to a Text request with the F bit set to 1 If the target responds to a Text request with the F bit set to 1
with a Text response with the F bit set to 0 , the initiator should with a Text response with the F bit set to 0 , the initiator should
keep sending the Text request (even empty) with the F bit set to 1, keep sending the Text request (even empty) with the F bit set to 1,
while it still wants to finish the negotiation, until it receives while it still wants to finish the negotiation, until it receives
the Text response with the F bit set to 1. Responding to a Text the Text response with the F bit set to 1. Responding to a Text
request with the F bit set to 1 with an empty (no key=value pairs) request with the F bit set to 1 with an empty (no key=value pairs)
response with the F bit set to 0 is discouraged. response with the F bit set to 0 is discouraged.
Targets MUST NOT submit parameters that require an additional Targets MUST NOT submit parameters that require an additional
initiator Text request in a Text response with the F bit set to 1. initiator Text request in a Text response with the F bit set to 1.
Julian Satran Expires August 2003 64
iSCSI 19-January-03
In a negotiation sequence, the F bit settings in one pair of Text In a negotiation sequence, the F bit settings in one pair of Text
request-responses have no bearing on the F bit settings of the next request-responses have no bearing on the F bit settings of the next
pair. An initiator that has the F bit set to 1 in a request and is pair. An initiator that has the F bit set to 1 in a request and is
being answered with an F bit setting of 0 may issue the next request being answered with an F bit setting of 0 may issue the next request
with the F bit set to 0. with the F bit set to 0.
Whenever the target responds with the F bit set to 0, it MUST set Whenever the target responds with the F bit set to 0, it MUST set
the Target Transfer Tag to a value other than the default the Target Transfer Tag to a value other than the default
0xffffffff. 0xffffffff.
skipping to change at line 3443 skipping to change at line 3390
negotiate a parameter more than once during any negotiation sequence negotiate a parameter more than once during any negotiation sequence
without an intervening operational parameter negotiation reset, without an intervening operational parameter negotiation reset,
except for responses to specific keys that explicitly allow repeated except for responses to specific keys that explicitly allow repeated
key declarations (e.g., TargetAddress). If detected by the target, key declarations (e.g., TargetAddress). If detected by the target,
this MUST result in a Reject PDU with a reason of "protocol error". this MUST result in a Reject PDU with a reason of "protocol error".
The initiator MUST reset the negotiation as outlined above. The initiator MUST reset the negotiation as outlined above.
Parameters negotiated by a text exchange negotiation sequence only Parameters negotiated by a text exchange negotiation sequence only
become effective after the negotiation sequence is completed. become effective after the negotiation sequence is completed.
Julian Satran Expires June 2003 79 Julian Satran Expires August 2003 65
iSCSI 3-November-02 iSCSI 19-January-03
6. iSCSI Error Handling and Recovery 6. iSCSI Error Handling and Recovery
6.1 Overview 6.1 Overview
6.1.1 Background 6.1.1 Background
The following two considerations prompted the design of much of the The following two considerations prompted the design of much of the
error recovery functionality in iSCSI: error recovery functionality in iSCSI:
skipping to change at line 3488 skipping to change at line 3435
6.1.2 Goals 6.1.2 Goals
The major design goals of the iSCSI error recovery scheme are as The major design goals of the iSCSI error recovery scheme are as
follows: follows:
a) Allow iSCSI implementations to meet different requirements a) Allow iSCSI implementations to meet different requirements
by defining a collection of error recovery mechanisms that by defining a collection of error recovery mechanisms that
implementations may choose from. implementations may choose from.
b) Ensure interoperability between any two implementations b) Ensure interoperability between any two implementations
supporting different sets of error recovery capabilities. supporting different sets of error recovery capabilities.
Julian Satran Expires June 2003 80
iSCSI 3-November-02
c) Define the error recovery mechanisms to ensure command c) Define the error recovery mechanisms to ensure command
ordering even in the face of errors, for initiators that demand ordering even in the face of errors, for initiators that demand
ordering. ordering.
d) Do not make additions in the fast path, but allow moderate d) Do not make additions in the fast path, but allow moderate
complexity in the error recovery path. complexity in the error recovery path.
e) Prevent both the initiator and target from attempting to e) Prevent both the initiator and target from attempting to
recover the same set of PDUs at the same time. For example, recover the same set of PDUs at the same time. For example,
there must be a clear "error recovery functionality there must be a clear "error recovery functionality
distribution" between the initiator and target. distribution" between the initiator and target.
Julian Satran Expires August 2003 66
iSCSI 19-January-03
6.1.3 Protocol Features and State Expectations 6.1.3 Protocol Features and State Expectations
The initiator mechanisms defined in connection with error recovery The initiator mechanisms defined in connection with error recovery
are: are:
a) NOP-OUT to probe sequence numbers of the target (section a) NOP-OUT to probe sequence numbers of the target (section
10.18) 10.18)
b) Command retry (section 6.2.1) b) Command retry (section 6.2.1)
c) Recovery R2T support (section 6.7) c) Recovery R2T support (section 6.7)
d) Requesting retransmission of status/data/R2T using the d) Requesting retransmission of status/data/R2T using the
skipping to change at line 3535 skipping to change at line 3481
c) SNACK support (section 10.16) c) SNACK support (section 10.16)
d) Requesting that parts of read data be acknowledged (section d) Requesting that parts of read data be acknowledged (section
10.7.2) 10.7.2)
e) Allegiance reassignment support (section 6.2.2) e) Allegiance reassignment support (section 6.2.2)
f) Terminating the entire iSCSI session to force the initiator f) Terminating the entire iSCSI session to force the initiator
to start over (section 6.1.4.4) to start over (section 6.1.4.4)
For any outstanding SCSI command, it is assumed that iSCSI, in For any outstanding SCSI command, it is assumed that iSCSI, in
conjunction with SCSI at the initiator, is able to keep enough conjunction with SCSI at the initiator, is able to keep enough
information to be able to rebuild the command PDU, and that outgoing information to be able to rebuild the command PDU, and that outgoing
Julian Satran Expires June 2003 81
iSCSI 3-November-02
data is available (in host memory) for retransmission while the data is available (in host memory) for retransmission while the
command is outstanding. It is also assumed that at the target, command is outstanding. It is also assumed that at the target,
incoming data (read data) MAY be kept for recovery or it can be incoming data (read data) MAY be kept for recovery or it can be
reread from a device server. reread from a device server.
It is further assumed that a target will keep the "status & sense" It is further assumed that a target will keep the "status & sense"
for a command it has executed if it supports status retransmission. for a command it has executed if it supports status retransmission.
A target that agrees to support data retransmission is expected to A target that agrees to support data retransmission is expected to
be prepared to retransmit the outgoing data (i.e., Data-In) on be prepared to retransmit the outgoing data (i.e., Data-In) on
request until either the status for the completed command is request until either the status for the completed command is
acknowledged, or the data in question has been separately acknowledged, or the data in question has been separately
acknowledged. acknowledged.
6.1.4 Recovery Classes 6.1.4 Recovery Classes
iSCSI enables the following classes of recovery (in the order of iSCSI enables the following classes of recovery (in the order of
increasing scope of affected iSCSI tasks): increasing scope of affected iSCSI tasks):
Julian Satran Expires August 2003 67
iSCSI 19-January-03
- Within a command (i.e., without requiring command restart). - Within a command (i.e., without requiring command restart).
- Within a connection (i.e., without requiring the connection to - Within a connection (i.e., without requiring the connection to
be rebuilt, but perhaps requiring command restart). be rebuilt, but perhaps requiring command restart).
- Connection recovery (i.e., perhaps requiring connections to be - Connection recovery (i.e., perhaps requiring connections to be
rebuilt and commands to be reissued). rebuilt and commands to be reissued).
- Session recovery. - Session recovery.
The recovery scenarios detailed in the rest of this section are The recovery scenarios detailed in the rest of this section are
representative rather than exclusive. In every case, they detail the representative rather than exclusive. In every case, they detail the
lowest class recovery that MAY be attempted. The implementer is left lowest class recovery that MAY be attempted. The implementer is left
skipping to change at line 3581 skipping to change at line 3526
of the cases identified in the following discussion. of the cases identified in the following discussion.
In all classes, the implementer has the choice of deferring errors In all classes, the implementer has the choice of deferring errors
to the SCSI initiator (with an appropriate response code), in which to the SCSI initiator (with an appropriate response code), in which
case the task, if any, has to be removed from the target and all the case the task, if any, has to be removed from the target and all the
side-effects, such as ACA, must be considered. side-effects, such as ACA, must be considered.
Use of within-connection and within-command recovery classes MUST Use of within-connection and within-command recovery classes MUST
NOT be attempted before the connection is in Full Feature Phase. NOT be attempted before the connection is in Full Feature Phase.
Julian Satran Expires June 2003 82
iSCSI 3-November-02
In the detailed description of the recover classes the mandating In the detailed description of the recover classes the mandating
terms (MUST, SHOULD, MAY, etc.) indicate normative actions to be terms (MUST, SHOULD, MAY, etc.) indicate normative actions to be
executed if the recovery class is supported and used. executed if the recovery class is supported and used.
6.1.4.1 Recovery Within-command 6.1.4.1 Recovery Within-command
At the target, the following cases lend themselves to within-command At the target, the following cases lend themselves to within-command
recovery: recovery:
- Lost data PDU - realized through one of the following: - Lost data PDU - realized through one of the following:
skipping to change at line 3612 skipping to change at line 3554
in Section 6.8 Sequence Errors, using the option of a recovery in Section 6.8 Sequence Errors, using the option of a recovery
R2T. R2T.
At the initiator, the following cases lend themselves to within- At the initiator, the following cases lend themselves to within-
command recovery: command recovery:
Lost data PDU or lost R2T - realized through one of the Lost data PDU or lost R2T - realized through one of the
following: following:
a) Data digest error - dealt with as specified in Section 6.7 a) Data digest error - dealt with as specified in Section 6.7
Digest Errors, using the option of a SNACK. Digest Errors, using the option of a SNACK.
Julian Satran Expires August 2003 68
iSCSI 19-January-03
b) Sequence reception timeout (no status) or response b) Sequence reception timeout (no status) or response
reception timeout - dealt with as specified in Section 6.8 reception timeout - dealt with as specified in Section 6.8
Sequence Errors, using the option of a SNACK. Sequence Errors, using the option of a SNACK.
c) Header digest error, which manifests as a sequence c) Header digest error, which manifests as a sequence
reception timeout or a sequence error - dealt with as specified reception timeout or a sequence error - dealt with as specified
in Section 6.8 Sequence Errors, using the option of a SNACK. in Section 6.8 Sequence Errors, using the option of a SNACK.
To avoid a race with the target, which may already have a recovery To avoid a race with the target, which may already have a recovery
R2T or a termination response on its way, an initiator SHOULD NOT R2T or a termination response on its way, an initiator SHOULD NOT
originate a SNACK for an R2T based on its internal timeouts (if originate a SNACK for an R2T based on its internal timeouts (if
any). Recovery in this case is better left to the target. any). Recovery in this case is better left to the target.
The timeout values used by the initiator and target are outside the The timeout values used by the initiator and target are outside the
scope of this document. Sequence reception timeout is generally a scope of this document. Sequence reception timeout is generally a
large enough value to allow the data sequence transfer to be large enough value to allow the data sequence transfer to be
complete. complete.
Julian Satran Expires June 2003 83
iSCSI 3-November-02
6.1.4.2 Recovery Within-connection 6.1.4.2 Recovery Within-connection
At the initiator, the following cases lend themselves to within- At the initiator, the following cases lend themselves to within-
connection recovery: connection recovery:
- Requests not acknowledged for a long time. Requests are - Requests not acknowledged for a long time. Requests are
acknowledged explicitly through ExpCmdSN or implicitly by acknowledged explicitly through ExpCmdSN or implicitly by
receiving data and/or status. The initiator MAY retry non- receiving data and/or status. The initiator MAY retry non-
acknowledged commands as specified in Section 6.2 Retry and acknowledged commands as specified in Section 6.2 Retry and
Reassign in Recovery. Reassign in Recovery.
skipping to change at line 3669 skipping to change at line 3612
detect any missing StatSN(s) and issue a SNACK for the status. detect any missing StatSN(s) and issue a SNACK for the status.
The timeout values used by the initiator and the target are outside The timeout values used by the initiator and the target are outside
the scope of this document. the scope of this document.
6.1.4.3 Connection Recovery 6.1.4.3 Connection Recovery
At an iSCSI initiator, the following cases lend themselves to At an iSCSI initiator, the following cases lend themselves to
connection recovery: connection recovery:
Julian Satran Expires August 2003 69
iSCSI 19-January-03
- TCP connection failure: The initiator MUST close the - TCP connection failure: The initiator MUST close the
connection. It then MUST either implicitly or explicitly connection. It then MUST either implicitly or explicitly
logout the failed connection with the reason code "remove the logout the failed connection with the reason code "remove the
connection for recovery" and reassign connection allegiance connection for recovery" and reassign connection allegiance
for all commands still in progress associated with the failed for all commands still in progress associated with the failed
connection on one or more connections (some or all of which connection on one or more connections (some or all of which
MAY be newly established connections) using the "Task MAY be newly established connections) using the "Task
reassign" task management function (see Section 10.5.1 reassign" task management function (see Section 10.5.1
Function). For an initiator, a command is in progress as long Function). For an initiator, a command is in progress as long
Julian Satran Expires June 2003 84
iSCSI 3-November-02
as it has not received a response or a Data-In PDU including as it has not received a response or a Data-In PDU including
status. status.
Note: The logout function is mandatory. However, a new Note: The logout function is mandatory. However, a new
connection establishment is only mandatory if the failed connection establishment is only mandatory if the failed
connection was the last or only connection in the session. connection was the last or only connection in the session.
- Receiving an Asynchronous Message that indicates one or all - Receiving an Asynchronous Message that indicates one or all
connections in a session has been dropped. The initiator MUST connections in a session has been dropped. The initiator MUST
handle it as a TCP connection failure for the connection(s) handle it as a TCP connection failure for the connection(s)
skipping to change at line 3726 skipping to change at line 3668
For possible clearing effects of session recovery on SCSI and iSCSI For possible clearing effects of session recovery on SCSI and iSCSI
objects, refer to Appendix F. - Clearing Effects of Various Events objects, refer to Appendix F. - Clearing Effects of Various Events
on Targets -. on Targets -.
6.1.5 Error Recovery Hierarchy 6.1.5 Error Recovery Hierarchy
The error recovery classes described so far are organized into a The error recovery classes described so far are organized into a
hierarchy for ease in understanding and to limit the implementation hierarchy for ease in understanding and to limit the implementation
complexity. With few and well defined recovery levels complexity. With few and well defined recovery levels
Julian Satran Expires June 2003 85
iSCSI 3-November-02
interoperability is easier to achieve. The attributes of this interoperability is easier to achieve. The attributes of this
hierarchy are as follows: hierarchy are as follows:
Julian Satran Expires August 2003 70
iSCSI 19-January-03
a) Each level is a superset of the capabilities of the a) Each level is a superset of the capabilities of the
previous level. For example, Level 1 support implies supporting previous level. For example, Level 1 support implies supporting
all capabilities of Level 0 and more. all capabilities of Level 0 and more.
b) As a corollary, supporting a higher error recovery level b) As a corollary, supporting a higher error recovery level
means increased sophistication and possibly an increase in means increased sophistication and possibly an increase in
resource requirements. resource requirements.
c) Supporting error recovery level "n" is advertised and c) Supporting error recovery level "n" is advertised and
negotiated by each iSCSI entity by exchanging the text key negotiated by each iSCSI entity by exchanging the text key
"ErrorRecoveryLevel=n". The lower of the two exchanged values "ErrorRecoveryLevel=n". The lower of the two exchanged values
is the operational ErrorRecoveryLevel for the session. is the operational ErrorRecoveryLevel for the session.
skipping to change at line 3772 skipping to change at line 3713
| | (Section 6.1.4.4 Session Recovery) | | | (Section 6.1.4.4 Session Recovery) |
+-------------------+--------------------------------------------+ +-------------------+--------------------------------------------+
| 1 | Digest failure recovery (See Note below.) | | 1 | Digest failure recovery (See Note below.) |
| | plus the capabilities of ER Level 0 | | | plus the capabilities of ER Level 0 |
+-------------------+--------------------------------------------+ +-------------------+--------------------------------------------+
| 2 | Connection recovery class | | 2 | Connection recovery class |
| | (Section 6.1.4.3 Connection Recovery) | | | (Section 6.1.4.3 Connection Recovery) |
| | plus the capabilities of ER Level 1 | | | plus the capabilities of ER Level 1 |
+-------------------+--------------------------------------------+ +-------------------+--------------------------------------------+
Julian Satran Expires June 2003 86
iSCSI 3-November-02
Note: Digest failure recovery is comprised of two recovery classes: Note: Digest failure recovery is comprised of two recovery classes:
Within-Connection recovery class (Section 6.1.4.2 Recovery Within- Within-Connection recovery class (Section 6.1.4.2 Recovery Within-
connection) and Within-Command recovery class (Section 6.1.4.1 connection) and Within-Command recovery class (Section 6.1.4.1
Recovery Within-command). Recovery Within-command).
When a defined value of ErrorRecoveryLevel is proposed by an When a defined value of ErrorRecoveryLevel is proposed by an
originator in a text negotiation, the originator MUST support the originator in a text negotiation, the originator MUST support the
functionality defined for the proposed value and additionally, functionality defined for the proposed value and additionally,
functionality corresponding to any defined value numerically less functionality corresponding to any defined value numerically less
than the proposed. When a defined value of ErrorRecoveryLevel is than the proposed. When a defined value of ErrorRecoveryLevel is
returned by a responder in a text negotiation, the responder MUST returned by a responder in a text negotiation, the responder MUST
support the functionality corresponding to the ErrorRecoveryLevel it support the functionality corresponding to the ErrorRecoveryLevel it
is accepting. is accepting.
Julian Satran Expires August 2003 71
iSCSI 19-January-03
When either party attempts to use error recovery functionality When either party attempts to use error recovery functionality
beyond what is negotiated, the recovery attempts MAY fail unless an beyond what is negotiated, the recovery attempts MAY fail unless an
apriori agreement outside the scope of this document exists between apriori agreement outside the scope of this document exists between
the two parties to provide such support. the two parties to provide such support.
Supporting error recovery level "0" is mandatory, while the rest are Implementations MUST support error recovery level "0", while the
optional to implement. In implementation terms, the above striation rest are OPTIONAL to implement. In implementation terms, the above
means that the following incremental sophistication with each level striation means that the following incremental sophistication with
is required. each level is required.
+-------------------+---------------------------------------------+ +-------------------+---------------------------------------------+
|Level transition | Incremental requirement | |Level transition | Incremental requirement |
+-------------------+---------------------------------------------+ +-------------------+---------------------------------------------+
| 0->1 | PDU retransmissions on the same connection | | 0->1 | PDU retransmissions on the same connection |
+-------------------+---------------------------------------------+ +-------------------+---------------------------------------------+
| 1->2 | Retransmission across connections and | | 1->2 | Retransmission across connections and |
| | allegiance reassignment | | | allegiance reassignment |
+-------------------+---------------------------------------------+ +-------------------+---------------------------------------------+
6.2 Retry and Reassign in Recovery 6.2 Retry and Reassign in Recovery
This section summarizes two important and somewhat related iSCSI This section summarizes two important and somewhat related iSCSI
protocol features used in error recovery. protocol features used in error recovery.
6.2.1 Usage of Retry 6.2.1 Usage of Retry
By resending the same iSCSI command PDU ("retry") in the absence of By resending the same iSCSI command PDU ("retry") in the absence of
a command acknowledgement (by way of an ExpCmdSN update) or a a command acknowledgement (by way of an ExpCmdSN update) or a
response, an initiator attempts to "plug" (what it thinks are) the response, an initiator attempts to "plug" (what it thinks are) the
Julian Satran Expires June 2003 87
iSCSI 3-November-02
discontinuities in CmdSN ordering on the target end. Discarded discontinuities in CmdSN ordering on the target end. Discarded
command PDUs, due to digest errors, may have created these command PDUs, due to digest errors, may have created these
discontinuities. discontinuities.
Retry MUST NOT be used for reasons other than plugging command Retry MUST NOT be used for reasons other than plugging command
sequence gaps, and in particular, cannot be used for requesting PDU sequence gaps, and in particular, cannot be used for requesting PDU
retransmissions from a target. Any such PDU retransmission requests retransmissions from a target. Any such PDU retransmission requests
for a currently allegiant command in progress may be made using the for a currently allegiant command in progress may be made using the
SNACK mechanism described in section 10.16, although the usage of SNACK mechanism described in section 10.16, although the usage of
SNACK is OPTIONAL. SNACK is OPTIONAL.
skipping to change at line 3846 skipping to change at line 3783
in CmdSN ordering), the duplicate commands are silently ignored by in CmdSN ordering), the duplicate commands are silently ignored by
targets as specified in section 3.2.2.1. targets as specified in section 3.2.2.1.
When an iSCSI command is retried, the command PDU MUST carry the When an iSCSI command is retried, the command PDU MUST carry the
original Initiator Task Tag and the original operational attributes original Initiator Task Tag and the original operational attributes
(e.g., flags, function names, LUN, CDB etc.) as well as the original (e.g., flags, function names, LUN, CDB etc.) as well as the original
CmdSN. The command being retried MUST be sent on the same connection CmdSN. The command being retried MUST be sent on the same connection
as the original command unless the original connection was already as the original command unless the original connection was already
successfully logged out. successfully logged out.
Julian Satran Expires August 2003 72
iSCSI 19-January-03
6.2.2 Allegiance Reassignment 6.2.2 Allegiance Reassignment
By issuing a "task reassign" task management request (Section 10.5.1 By issuing a "task reassign" task management request (Section 10.5.1
Function), the initiator signals its intent to continue an already Function), the initiator signals its intent to continue an already
active command (but with no current connection allegiance) as part active command (but with no current connection allegiance) as part
of connection recovery. This means that a new connection allegiance of connection recovery. This means that a new connection allegiance
is requested for the command, which seeks to associate it to the is requested for the command, which seeks to associate it to the
connection on which the task management request is being issued. connection on which the task management request is being issued.
Before the allegiance reassignment is attempted for a task, an Before the allegiance reassignment is attempted for a task, an
implicit or explicit Logout with the reason code "remove the implicit or explicit Logout with the reason code "remove the
connection for recovery" ( see section 10.14) MUST be successfully connection for recovery" ( see section 10.14) MUST be successfully
completed for the previous connection to which the task was completed for the previous connection to which the task was
allegiant. allegiant.
In reassigning connection allegiance for a command, the targets In reassigning connection allegiance for a command, the targets
SHOULD continue the command from its current state. For example, SHOULD continue the command from its current state. For example,
when reassigning read commands, the target SHOULD take advantage of when reassigning read commands, the target SHOULD take advantage of
the ExpDataSN field provided by the Task Management function request the ExpDataSN field provided by the Task Management function request
(which must be set to zero if there was no data transfer) and bring (which must be set to zero if there was no data transfer) and bring
Julian Satran Expires June 2003 88
iSCSI 3-November-02
the read command to completion by sending the remaining data and the read command to completion by sending the remaining data and
sending (or resending) the status. ExpDataSN acknowledges all data sending (or resending) the status. ExpDataSN acknowledges all data
sent up to, but not including, the Data-In PDU and or R2T with sent up to, but not including, the Data-In PDU and or R2T with
DataSN (or R2TSN) equal to ExpDataSN. However, targets may choose to DataSN (or R2TSN) equal to ExpDataSN. However, targets may choose to
send/receive all unacknowledged data or all of the data on a send/receive all unacknowledged data or all of the data on a
reassignment of connection allegiance if unable to recover or reassignment of connection allegiance if unable to recover or
maintain accurate an state. Initiators MUST not subsequently maintain accurate an state. Initiators MUST not subsequently
request data retransmission through Data SNACK for PDUs numbered request data retransmission through Data SNACK for PDUs numbered
less than ExpDataSN (i.e., prior to the acknowledged sequence less than ExpDataSN (i.e., prior to the acknowledged sequence
number). For all types of commands, a reassignment request implies number). For all types of commands, a reassignment request implies
skipping to change at line 3905 skipping to change at line 3841
allegiant". allegiant".
If allegiance reassignment is supported by the target, the Task If allegiance reassignment is supported by the target, the Task
Management response to the reassignment request MUST be issued Management response to the reassignment request MUST be issued
before the reassignment becomes effective. before the reassignment becomes effective.
If a SCSI Command that involves data input is reassigned, any SNACK If a SCSI Command that involves data input is reassigned, any SNACK
Tag it holds for a final response from the original connection is Tag it holds for a final response from the original connection is
deleted and the default value of 0 MUST be used instead. deleted and the default value of 0 MUST be used instead.
Julian Satran Expires August 2003 73
iSCSI 19-January-03
6.3 Usage Of Reject PDU in Recovery 6.3 Usage Of Reject PDU in Recovery
Targets MUST NOT implicitly terminate an active task by sending a Targets MUST NOT implicitly terminate an active task by sending a
Reject PDU for any PDU exchanged during the life of the task. If the Reject PDU for any PDU exchanged during the life of the task. If the
target decides to terminate the task, a Response PDU (SCSI, Text, target decides to terminate the task, a Response PDU (SCSI, Text,
Task, etc.) must be returned by the target to conclude the task. If Task, etc.) must be returned by the target to conclude the task. If
the task had never been active before the Reject (i.e., the Reject the task had never been active before the Reject (i.e., the Reject
Julian Satran Expires June 2003 89
iSCSI 3-November-02
is on the command PDU), targets should not send any further is on the command PDU), targets should not send any further
responses because the command itself is being discarded. responses because the command itself is being discarded.
The above rule means that the initiator can eventually expect a The above rule means that the initiator can eventually expect a
response on receiving Rejects, if the received Reject is for a PDU response on receiving Rejects, if the received Reject is for a PDU
other than the command PDU itself. The non-command Rejects only have other than the command PDU itself. The non-command Rejects only have
diagnostic value in logging the errors, and they can be used for diagnostic value in logging the errors, and they can be used for
retransmission decisions by the initiators. retransmission decisions by the initiators.
The CmdSN of the rejected command PDU (if it is a non-immediate The CmdSN of the rejected command PDU (if it is a non-immediate
skipping to change at line 3959 skipping to change at line 3894
maintained on the target to cater to a possible recovery attempt. maintained on the target to cater to a possible recovery attempt.
Recovery attempts for the connection and/or task(s) SHOULD NOT be Recovery attempts for the connection and/or task(s) SHOULD NOT be
made before Time2Wait seconds, but MUST be completed within made before Time2Wait seconds, but MUST be completed within
Time2Retain seconds after that initial Time2Wait waiting period. Time2Retain seconds after that initial Time2Wait waiting period.
6.4.1 Timeouts on Transport Exception Events 6.4.1 Timeouts on Transport Exception Events
A transport connection shutdown or a transport reset without any A transport connection shutdown or a transport reset without any
preceding iSCSI protocol interactions informing the end-points of preceding iSCSI protocol interactions informing the end-points of
the fact causes a Full Feature Phase iSCSI connection to be abruptly the fact causes a Full Feature Phase iSCSI connection to be abruptly
Julian Satran Expires June 2003 90
iSCSI 3-November-02
terminated. The timeout values to be used in this case are the terminated. The timeout values to be used in this case are the
negotiated values of defaultTime2Wait (Section 12.15 negotiated values of defaultTime2Wait (Section 12.15
DefaultTime2Wait) and DefaultTime2Retain (Section 12.16 DefaultTime2Wait) and DefaultTime2Retain (Section 12.16
DefaultTime2Retain) text keys for the session. DefaultTime2Retain) text keys for the session.
Julian Satran Expires August 2003 74
iSCSI 19-January-03
6.4.2 Timeouts on Planned Decommissioning 6.4.2 Timeouts on Planned Decommissioning
Any planned decommissioning of a Full Feature Phase iSCSI connection Any planned decommissioning of a Full Feature Phase iSCSI connection
is preceded by either a Logout Response PDU, or an Async Message is preceded by either a Logout Response PDU, or an Async Message
PDU. The Time2Wait and Time2Retain field values (section 10.15) in a PDU. The Time2Wait and Time2Retain field values (section 10.15) in a
Logout Response PDU, and the Parameter2 and Parameter3 fields of an Logout Response PDU, and the Parameter2 and Parameter3 fields of an
Async Message (AsyncEvent types "drop the connection" or "drop all Async Message (AsyncEvent types "drop the connection" or "drop all
the connections"; section 10.9.1) specify the timeout values to be the connections"; section 10.9.1) specify the timeout values to be
used in each of these cases. used in each of these cases.
These timeout values are only applicable for the affected These timeout values are only applicable for the affected
connection, and the tasks active on that connection. These timeout connection, and the tasks active on that connection. These timeout
values have no bearing on initiator timers (if any) that are already values have no bearing on initiator timers (if any) that are already
running on connections or tasks associated with that session. running on connections or tasks associated with that session.
6.5 Implicit Termination of Tasks 6.5 Implicit Termination of Tasks
A target implicitly terminates the active tasks in three cases due A target implicitly terminates the active tasks due to iSCSI
to iSCSI protocol dynamics: protocol dynamics in the following cases:
a) When a connection is implicitly or explicitly logged out a) When a connection is implicitly or explicitly logged out
with the reason code of "Close the connection" and there are with the reason code of "Close the connection" and there are
active tasks allegiant to that connection. active tasks allegiant to that connection.
b) When a connection fails and eventually the connection state b) When a connection fails and eventually the connection state
times out (state transition M1 in Section 7.2.2 State times out (state transition M1 in Section 7.2.2 State
Transition Descriptions for Initiators and Targets) and there Transition Descriptions for Initiators and Targets) and there
are active tasks allegiant to that connection. are active tasks allegiant to that connection.
c) When a successful Logout with the reason code of "remove c) When a successful Logout with the reason code of "remove
the connection for recovery" is performed while there are the connection for recovery" is performed while there are
active tasks allegiant to that connection, and those tasks active tasks allegiant to that connection, and those tasks
eventually time out after the Time2Wait and Time2Retain periods eventually time out after the Time2Wait and Time2Retain periods
without allegiance reassignment. without allegiance reassignment.
d) When a connection is implicitly or explicitly logged out d) When a connection is implicitly or explicitly logged out
with the reason code of "Close the session" and there are with the reason code of "Close the session" and there are
active tasks in that session.
Julian Satran Expires June 2003 91 If the tasks terminated in the above cases a), b, c) and d)are SCSI
iSCSI 3-November-02 tasks, they must be internally terminated as if with CHECK CONDITION
status. This status is only meaningful for appropriately handling
active tasks in that session. the internal SCSI state and SCSI side effects with respect to
ordering because this status is never communicated back as a
terminating status to the initiator. However additional actions may
have to be taken at SCSI level depending on the SCSI context as
defined by the SCSI standards (e.g., queued commands and ACA, UA for
the next command on the I_T nexus in cases a), b), and c) etc. - see
[SAM] and [SPC3]).
If the tasks terminated in the above cases a), b) and c)are SCSI Julian Satran Expires August 2003 75
tasks, they must be internally terminated with CHECK CONDITION iSCSI 19-January-03
status with a sense key of unit attention and ASC/ASCQ values of
0x6E/0x00 (COMMAND TO LOGICAL UNIT FAILED). This status is only
meaningful for appropriately handling the internal SCSI state with
respect to ordering aspects such as queued commands because this
status is never communicated back as a terminating status to the
initiator.
6.6 Format Errors 6.6 Format Errors
The following two explicit violations of PDU layout rules are format The following two explicit violations of PDU layout rules are format
errors: errors:
a) Illegal contents of any PDU header field except the Opcode a) Illegal contents of any PDU header field except the Opcode
(legal values are specified in Section 10 iSCSI PDU Formats). (legal values are specified in Section 10 iSCSI PDU Formats).
b) Inconsistent field contents (consistent field contents are b) Inconsistent field contents (consistent field contents are
specified in Section 10 iSCSI PDU Formats). specified in Section 10 iSCSI PDU Formats).
Format errors indicate a major implementation flaw in one of the Format errors indicate a major implementation flaw in one of the
parties. parties.
When a target or an initiator receives an iSCSI PDU with a format When a target or an initiator receives an iSCSI PDU with a format
error, it MUST immediately terminate all transport connections in error, it MUST immediately terminate all transport connections in
the session either with a connection close or with a connection the session either with a connection close or with a connection
reset and escalate the format error to session recovery (see Section reset and escalate the format error to session recovery (see Section
6.1.4.4 Session Recovery). 6.1.4.4 Session Recovery).
skipping to change at line 4051 skipping to change at line 3986
The discussion of the legal choices in handling digest errors below The discussion of the legal choices in handling digest errors below
excludes session recovery as an explicit option, but either party excludes session recovery as an explicit option, but either party
detecting a digest error may choose to escalate the error to session detecting a digest error may choose to escalate the error to session
recovery. recovery.
When a target or an initiator receives any iSCSI PDU, with a header When a target or an initiator receives any iSCSI PDU, with a header
digest error, it MUST either discard the header and all data up to digest error, it MUST either discard the header and all data up to
the beginning of a later PDU or close the connection. Because the the beginning of a later PDU or close the connection. Because the
digest error indicates that the length field of the header may have digest error indicates that the length field of the header may have
been corrupted, the location of the beginning of a later PDU needs been corrupted, the location of the beginning of a later PDU needs
Julian Satran Expires June 2003 92
iSCSI 3-November-02
to be reliably ascertained by other means such as the operation of a to be reliably ascertained by other means such as the operation of a
sync and steering layer. sync and steering layer.
When a target receives any iSCSI PDU with a payload digest error, it When a target receives any iSCSI PDU with a payload digest error, it
MUST answer with a Reject PDU with a reason code of Data-Digest- MUST answer with a Reject PDU with a reason code of Data-Digest-
Error and discard the PDU. Error and discard the PDU.
- If the discarded PDU is a solicited or unsolicited iSCSI data - If the discarded PDU is a solicited or unsolicited iSCSI data
PDU (for immediate data in a command PDU, non-data PDU rule PDU (for immediate data in a command PDU, non-data PDU rule
below applies), the target MUST do one of the following: below applies), the target MUST do one of the following:
a) Request retransmission with a recovery R2T. a) Request retransmission with a recovery R2T.
b) Terminate the task with a response PDU with a CHECK b) Terminate the task with a response PDU with a CHECK
CONDITION Status and an iSCSI Condition of "protocol CONDITION Status and an iSCSI Condition of "protocol
service CRC error" (Section 10.4.7.2 Sense Data). If the service CRC error" (Section 10.4.7.2 Sense Data). If the
target chooses to implement this option, it MUST wait to target chooses to implement this option, it MUST wait to
receive all the data (signaled by a Data PDU with the receive all the data (signaled by a Data PDU with the
final bit set for all outstanding R2Ts) before sending final bit set for all outstanding R2Ts) before sending
the response PDU. A task management command (such as an the response PDU. A task management command (such as an
abort task) from the initiator during this wait may also abort task) from the initiator during this wait may also
conclude the task. conclude the task.
- No further action is necessary for targets if the discarded - No further action is necessary for targets if the discarded
PDU is a non-data PDU. In case of immediate data being PDU is a non-data PDU. In case of immediate data being
present on a discarded command, the immediate data is
implicitly recovered when the task is retried (see section Julian Satran Expires August 2003 76
6.2.1) followed by the entire data transfer for the task. iSCSI 19-January-03
present on a discarded command, the immediate data is
implicitly recovered when the task is retried (see section
6.2.1) followed by the entire data transfer for the task.
When an initiator receives any iSCSI PDU with a payload digest When an initiator receives any iSCSI PDU with a payload digest
error, it MUST discard the PDU. error, it MUST discard the PDU.
- If the discarded PDU is an iSCSI data PDU, the initiator MUST
do one of the following:
- If the discarded PDU is an iSCSI data PDU, the initiator MUST a) Request the desired data PDU through SNACK. In response
do one of the following:
a) Request the desired data PDU through SNACK. In response
to the SNACK, the target MUST either resend the data PDU to the SNACK, the target MUST either resend the data PDU
or reject the SNACK with a Reject PDU with a reason code or reject the SNACK with a Reject PDU with a reason code
of "SNACK reject" in which case: of "SNACK reject" in which case:
i)If the status has not already been sent for the i)If the status has not already been sent for the
command, the target MUST terminate the command with command, the target MUST terminate the command with
a CHECK CONDITION Status and an iSCSI Condition of a CHECK CONDITION Status and an iSCSI Condition of
"SNACK rejected" (Section 10.4.7.2 Sense Data). "SNACK rejected" (Section 10.4.7.2 Sense Data).
ii)If the status was already sent, no further action ii)If the status was already sent, no further action
is necessary for the target. The initiator in this is necessary for the target. The initiator in this
case MUST wait for the status to be received and case MUST wait for the status to be received and
then discard it, so as to internally signal the then discard it, so as to internally signal the
completion with CHECK CONDITION Status and an iSCSI completion with CHECK CONDITION Status and an iSCSI
Julian Satran Expires June 2003 93
iSCSI 3-November-02
Condition of "protocol service CRC error" (Section Condition of "protocol service CRC error" (Section
10.4.7.2 Sense Data). 10.4.7.2 Sense Data).
b) Abort the task and terminate the command with an error. b) Abort the task and terminate the command with an error.
- If the discarded PDU is a response PDU, the initiator MUST do - If the discarded PDU is a response PDU, the initiator MUST do
one of the following: one of the following:
a) Request PDU retransmission with a status SNACK. a) Request PDU retransmission with a status SNACK.
b) Logout the connection for recovery and continue the b) Logout the connection for recovery and continue the
tasks on a different connection instance as described in tasks on a different connection instance as described in
skipping to change at line 4132 skipping to change at line 4062
ensure that the correct operational behavior will result in ensure that the correct operational behavior will result in
these cases despite the discarded PDU. these cases despite the discarded PDU.
6.8 Sequence Errors 6.8 Sequence Errors
When an initiator receives an iSCSI R2T/data PDU with an out of When an initiator receives an iSCSI R2T/data PDU with an out of
order R2TSN/DataSN or a SCSI response PDU with an ExpDataSN that order R2TSN/DataSN or a SCSI response PDU with an ExpDataSN that
implies missing data PDU(s), it means that the initiator must have implies missing data PDU(s), it means that the initiator must have
detected a header or payload digest error on one or more earlier detected a header or payload digest error on one or more earlier
R2T/data PDUs. The initiator MUST address these implied digest R2T/data PDUs. The initiator MUST address these implied digest
Julian Satran Expires August 2003 77
iSCSI 19-January-03
errors as described in Section 6.7 Digest Errors. When a target errors as described in Section 6.7 Digest Errors. When a target
receives a data PDU with an out of order DataSN, it means that the receives a data PDU with an out of order DataSN, it means that the
target must have hit a header or payload digest error on at least target must have hit a header or payload digest error on at least
one of the earlier data PDUs. The target MUST address these implied one of the earlier data PDUs. The target MUST address these implied
digest errors as described in Section 6.7 Digest Errors. digest errors as described in Section 6.7 Digest Errors.
When an initiator receives an iSCSI status PDU with an out of order When an initiator receives an iSCSI status PDU with an out of order
StatSN that implies missing responses, it MUST address the one or StatSN that implies missing responses, it MUST address the one or
more missing status PDUs as described in Section 6.7 Digest Errors. more missing status PDUs as described in Section 6.7 Digest Errors.
As a side effect of receiving the missing responses, the initiator As a side effect of receiving the missing responses, the initiator
may discover missing data PDUs. If the initiator wants to recover may discover missing data PDUs. If the initiator wants to recover
the missing data for a command, it MUST NOT acknowledge the received the missing data for a command, it MUST NOT acknowledge the received
responses that start from the StatSN of the relevant command, until responses that start from the StatSN of the relevant command, until
it has completed receiving all the data PDUs of the command. it has completed receiving all the data PDUs of the command.
Julian Satran Expires June 2003 94
iSCSI 3-November-02
When an initiator receives duplicate R2TSNs (due to proactive When an initiator receives duplicate R2TSNs (due to proactive
retransmission of R2Ts by the target) or duplicate DataSNs (due to retransmission of R2Ts by the target) or duplicate DataSNs (due to
proactive SNACKs by the initiator), it MUST discard the duplicates. proactive SNACKs by the initiator), it MUST discard the duplicates.
6.9 SCSI Timeouts 6.9 SCSI Timeouts
An iSCSI initiator MAY attempt to plug a command sequence gap on the An iSCSI initiator MAY attempt to plug a command sequence gap on the
target end (in the absence of an acknowledgement of the command by target end (in the absence of an acknowledgement of the command by
way of ExpCmdSN) before the ULP timeout by retrying the way of ExpCmdSN) before the ULP timeout by retrying the
unacknowledged command, as described in Section 6.2 Retry and unacknowledged command, as described in Section 6.2 Retry and
skipping to change at line 4191 skipping to change at line 4122
6.10 Negotiation Failures 6.10 Negotiation Failures
Text request and response sequences, when used to set/negotiate Text request and response sequences, when used to set/negotiate
operational parameters, constitute the negotiation/parameter operational parameters, constitute the negotiation/parameter
setting. A negotiation failure is considered to be one or more of setting. A negotiation failure is considered to be one or more of
the following: the following:
- None of the choices, or the stated value, is acceptable to one - None of the choices, or the stated value, is acceptable to one
of the sides in the negotiation. of the sides in the negotiation.
Julian Satran Expires August 2003 78
iSCSI 19-January-03
- The text request timed out and possibly terminated. - The text request timed out and possibly terminated.
- The text request was answered with a Reject PDU. - The text request was answered with a Reject PDU.
Julian Satran Expires June 2003 95
iSCSI 3-November-02
The following two rules should be used to address negotiation The following two rules should be used to address negotiation
failures: failures:
- During Login, any failure in negotiation MUST be considered a - During Login, any failure in negotiation MUST be considered a
login process failure and the Login Phase must be terminated, login process failure and the Login Phase must be terminated,
and with it, the connection. If the target detects the and with it, the connection. If the target detects the
failure, it must terminate the login with the appropriate failure, it must terminate the login with the appropriate
login response code. login response code.
- A failure in negotiation, while in the Full Feature Phase, - A failure in negotiation, while in the Full Feature Phase,
skipping to change at line 4218 skipping to change at line 4150
consist of a series of text requests that use the same consist of a series of text requests that use the same
Initiator Task Tag. The operational parameters of the session Initiator Task Tag. The operational parameters of the session
or the connection MUST continue to be the values agreed upon or the connection MUST continue to be the values agreed upon
during an earlier successful negotiation (i.e., any partial during an earlier successful negotiation (i.e., any partial
results of this unsuccessful negotiation MUST NOT take effect results of this unsuccessful negotiation MUST NOT take effect
and MUST be discarded). and MUST be discarded).
6.11 Protocol Errors 6.11 Protocol Errors
Mapping framed messages over a "stream" connection, such as TCP, Mapping framed messages over a "stream" connection, such as TCP,
make the proposed mechanisms vulnerable to simple software framing makes the proposed mechanisms vulnerable to simple software framing
errors. On the other hand, the introduction of framing mechanisms to errors. On the other hand, the introduction of framing mechanisms to
limit the effects of these errors may be onerous on performance for limit the effects of these errors may be onerous on performance for
simple implementations. Command Sequence Numbers and the above simple implementations. Command Sequence Numbers and the above
mechanisms for connection drop and reestablishment help handle this mechanisms for connection drop and reestablishment help handle this
type of mapping errors. type of mapping errors.
All violations of iSCSI PDU exchange sequences specified in this All violations of iSCSI PDU exchange sequences specified in this
draft are also protocol errors. This category of errors can only be draft are also protocol errors. This category of errors can only be
addressed by fixing the implementations; iSCSI defines Reject and addressed by fixing the implementations; iSCSI defines Reject and
response codes to enable this. response codes to enable this.
skipping to change at line 4240 skipping to change at line 4172
6.12 Connection Failures 6.12 Connection Failures
iSCSI can keep a session in operation if it is able to keep/ iSCSI can keep a session in operation if it is able to keep/
establish at least one TCP connection between the initiator and the establish at least one TCP connection between the initiator and the
target in a timely fashion. Targets and/or initiators may recognize target in a timely fashion. Targets and/or initiators may recognize
a failing connection by either transport level means (TCP), a gap in a failing connection by either transport level means (TCP), a gap in
the command sequence number, a response stream that is not filled the command sequence number, a response stream that is not filled
for a long time, or by a failing iSCSI NOP (acting as a ping). The for a long time, or by a failing iSCSI NOP (acting as a ping). The
latter MAY be used periodically to increase the speed and likelihood latter MAY be used periodically to increase the speed and likelihood
of detecting connection failures. Initiators and targets MAY also of detecting connection failures. Initiators and targets MAY also
Julian Satran Expires June 2003 96
iSCSI 3-November-02
use the keep-alive option on the TCP connection to enable early link use the keep-alive option on the TCP connection to enable early link
failure detection on otherwise idle links. failure detection on otherwise idle links.
On connection failure, the initiator and target MUST do one of the On connection failure, the initiator and target MUST do one of the
following: following:
- Attempt connection recovery within the session (Section - Attempt connection recovery within the session (Section
6.1.4.3 Connection Recovery). 6.1.4.3 Connection Recovery).
Julian Satran Expires August 2003 79
iSCSI 19-January-03
- Logout the connection with the reason code "closes the - Logout the connection with the reason code "closes the
connection" (Section 10.14.5 Implicit termination of tasks), connection" (Section 10.14.5 Implicit termination of tasks),
re-issue missing commands, and implicitly terminate all active re-issue missing commands, and implicitly terminate all active
commands. This option requires support for the within- commands. This option requires support for the within-
connection recovery class (Section 6.1.4.2 Recovery Within- connection recovery class (Section 6.1.4.2 Recovery Within-
connection). connection).
- Perform session recovery (Section 6.1.4.4 Session Recovery). - Perform session recovery (Section 6.1.4.4 Session Recovery).
Either side may choose to escalate to session recovery (via the Either side may choose to escalate to session recovery (via the
initiator dropping all the connections, or via an Async Message that initiator dropping all the connections, or via an Async Message that
skipping to change at line 4288 skipping to change at line 4220
- Terminates all outstanding requests with an appropriate - Terminates all outstanding requests with an appropriate
response before initiating a new session. If the same I_T response before initiating a new session. If the same I_T
nexus is intended to be reestablished, the initiator MUST nexus is intended to be reestablished, the initiator MUST
employ session reinstatement (see section 5.3.5). employ session reinstatement (see section 5.3.5).
When the session timeout (the connection state timeout for the last When the session timeout (the connection state timeout for the last
failed connection) happens on the target, it takes the following failed connection) happens on the target, it takes the following
actions: actions:
- Resets or closes the TCP connections (closes the session). - Resets or closes the TCP connections (closes the session).
Julian Satran Expires June 2003 97
iSCSI 3-November-02
- Terminates all active tasks that were allegiant to the - Terminates all active tasks that were allegiant to the
connection(s) that constituted the session. connection(s) that constituted the session.
A target MUST also be prepared to handle a session reinstatement A target MUST also be prepared to handle a session reinstatement
request from the initiator, that may be addressing session errors. request from the initiator, that may be addressing session errors.
Julian Satran Expires June 2003 98 Julian Satran Expires August 2003 80
iSCSI 3-November-02 iSCSI 19-January-03
7. State Transitions 7. State Transitions
iSCSI connections and iSCSI sessions go through several well-defined iSCSI connections and iSCSI sessions go through several well-defined
states from the time they are created to the time they are cleared. states from the time they are created to the time they are cleared.
The connection state transitions are described in two separate but The connection state transitions are described in two separate but
dependent state diagrams for ease in understanding. The first dependent state diagrams for ease in understanding. The first
diagram, "standard connection state diagram", describes the diagram, "standard connection state diagram", describes the
connection state transitions when the iSCSI connection is not connection state transitions when the iSCSI connection is not
waiting for, or undergoing, a cleanup by way of an explicit or waiting for, or undergoing, a cleanup by way of an explicit or
implicit Logout. The second diagram, "connection cleanup state implicit Logout. The second diagram, "connection cleanup state
diagram", describes the connection state transitions while diagram", describes the connection state transitions while
performing the iSCSI connection cleanup. performing the iSCSI connection cleanup.
The "session state diagram" describes the state transitions an iSCSI The "session state diagram" describes the state transitions an iSCSI
session would go through during its lifetime, and it depends on the session would go through during its lifetime, and it depends on the
states of possibly multiple iSCSI connections that participate in states of possibly multiple iSCSI connections that participate in
the session. the session.
States and transitions are described in text, tables and diagrams.
The diagrams are used for illustration. The text and the tables are
the governing specification
7.1 Standard Connection State Diagrams 7.1 Standard Connection State Diagrams
7.1.1 State Descriptions for Initiators and Targets 7.1.1 State Descriptions for Initiators and Targets
State descriptions for the standard connection state diagram are as State descriptions for the standard connection state diagram are as
follows: follows:
-S1: FREE -S1: FREE
-initiator: State on instantiation, or after successful -initiator: State on instantiation, or after successful
connection closure. connection closure.
-target: State on instantiation, or after successful -target: State on instantiation, or after successful
skipping to change at line 4338 skipping to change at line 4270
connection closure. connection closure.
-target: State on instantiation, or after successful -target: State on instantiation, or after successful
connection closure. connection closure.
-S2: XPT_WAIT -S2: XPT_WAIT
-initiator: Waiting for a response to its transport connection -initiator: Waiting for a response to its transport connection
establishment request. establishment request.
-target: Illegal -target: Illegal
-S3: XPT_UP -S3: XPT_UP
-initiator: Illegal -initiator: Illegal
-target: Waiting for the Login process to commence. -target: Waiting for the Login process to commence.
-S4: IN_LOGIN -S4: IN_LOGIN
-initiator: Waiting for the Login process to conclude, -initiator: Waiting for the Login process to conclude,
possibly involving several PDU exchanges. possibly involving several PDU exchanges.
-target: Waiting for the Login process to conclude, possibly -target: Waiting for the Login process to conclude, possibly
involving several PDU exchanges. involving several PDU exchanges.
-S5: LOGGED_IN -S5: LOGGED_IN
Julian Satran Expires June 2003 99
iSCSI 3-November-02
-initiator: In Full Feature Phase, waiting for all internal, -initiator: In Full Feature Phase, waiting for all internal,
iSCSI, and transport events. iSCSI, and transport events.
-target: In Full Feature Phase, waiting for all internal, -target: In Full Feature Phase, waiting for all internal,
iSCSI, and transport events. iSCSI, and transport events.
Julian Satran Expires August 2003 81
iSCSI 19-January-03
-S6: IN_LOGOUT -S6: IN_LOGOUT
-initiator: Waiting for a Logout response. -initiator: Waiting for a Logout response.
-target: Waiting for an internal event signaling completion of -target: Waiting for an internal event signaling completion of
logout processing. logout processing.
-S7: LOGOUT_REQUESTED -S7: LOGOUT_REQUESTED
-initiator: Waiting for an internal event signaling readiness -initiator: Waiting for an internal event signaling readiness
to proceed with Logout. to proceed with Logout.
-target: Waiting for the Logout process to start after having -target: Waiting for the Logout process to start after having
requested a Logout via an Async Message. requested a Logout via an Async Message.
-S8: CLEANUP_WAIT -S8: CLEANUP_WAIT
skipping to change at line 4389 skipping to change at line 4322
-initiator: Illegal -initiator: Illegal
-target: Received a valid transport connection request that -target: Received a valid transport connection request that
establishes the transport connection. establishes the transport connection.
-T4: -T4:
-initiator: Transport connection established, thus prompting -initiator: Transport connection established, thus prompting
the initiator to start the iSCSI Login. the initiator to start the iSCSI Login.
-target: Initial iSCSI Login request was received. -target: Initial iSCSI Login request was received.
-T5: -T5:
-initiator: The final iSCSI Login response with a Status-Class -initiator: The final iSCSI Login response with a Status-Class
of zero was received. of zero was received.
Julian Satran Expires June 2003 100
iSCSI 3-November-02
-target: The final iSCSI Login request to conclude the Login -target: The final iSCSI Login request to conclude the Login
Phase was received, thus prompting the target to send the Phase was received, thus prompting the target to send the
final iSCSI Login response with a Status-Class of zero. final iSCSI Login response with a Status-Class of zero.
-T6: -T6:
-initiator: Illegal -initiator: Illegal
-target: Timed out waiting for an iSCSI Login, transport -target: Timed out waiting for an iSCSI Login, transport
disconnect indication was received, transport reset was disconnect indication was received, transport reset was
received, or an internal event indicating a transport timeout received, or an internal event indicating a transport timeout
was received. In all these cases, the connection is to be was received. In all these cases, the connection is to be
closed. closed.
Julian Satran Expires August 2003 82
iSCSI 19-January-03
-T7: -T7:
-initiator - one of the following events caused the -initiator - one of the following events caused the
transition: transition:
- The final iSCSI Login response was received with a non- - The final iSCSI Login response was received with a non-
zero Status-Class. zero Status-Class.
- Login timed out. - Login timed out.
- A transport disconnect indication was received. - A transport disconnect indication was received.
- A transport reset was received. - A transport reset was received.
- An internal event indicating a transport timeout was - An internal event indicating a transport timeout was
received. received.
skipping to change at line 4435 skipping to change at line 4368
- Transport reset was received. - Transport reset was received.
- An internal event indicating a transport timeout was - An internal event indicating a transport timeout was
received . received .
- On another connection a "close the session" Logout - On another connection a "close the session" Logout
request was received. request was received.
In all these cases, the connection is to be closed. In all these cases, the connection is to be closed.
-T8: -T8:
-initiator: An internal event of receiving a Logout response -initiator: An internal event of receiving a Logout response
(success) on another connection for a "close the session" (success) on another connection for a "close the session"
Logout request was received, thus closing this connection
Julian Satran Expires June 2003 101 requiring no further cleanup.
iSCSI 3-November-02
Logout request was received, thus closing this connection
requiring no further cleanup.
-target: An internal event of sending a Logout response -target: An internal event of sending a Logout response
(success) on another connection for a "close the session" (success) on another connection for a "close the session"
Logout request was received, or an internal event of a Logout request was received, or an internal event of a
successful connection/session reinstatement is received, thus successful connection/session reinstatement is received, thus
prompting the target to close this connection cleanly. prompting the target to close this connection cleanly.
-T9, T10: -T9, T10:
-initiator: An internal event that indicates the readiness to -initiator: An internal event that indicates the readiness to
start the Logout process was received, thus prompting an start the Logout process was received, thus prompting an
iSCSI Logout to be sent by the initiator. iSCSI Logout to be sent by the initiator.
-target: An iSCSI Logout request was received. -target: An iSCSI Logout request was received.
-T11, T12: -T11, T12:
-initiator: Async PDU with AsyncEvent "Request Logout" was -initiator: Async PDU with AsyncEvent "Request Logout" was
received. received.
Julian Satran Expires August 2003 83
iSCSI 19-January-03
-target: An internal event that requires the decommissioning -target: An internal event that requires the decommissioning
of the connection is received, thus causing an Async PDU with of the connection is received, thus causing an Async PDU with
an AsyncEvent "Request Logout" to be sent. an AsyncEvent "Request Logout" to be sent.
-T13: -T13:
-initiator: An iSCSI Logout response (success) was received, -initiator: An iSCSI Logout response (success) was received,
or an internal event of receiving a Logout response (success) or an internal event of receiving a Logout response (success)
on another connection for a "close the session" Logout on another connection for a "close the session" Logout
request was received. request was received.
-target: An internal event was received that indicates -target: An internal event was received that indicates
successful processing of the Logout, which prompts an iSCSI successful processing of the Logout, which prompts an iSCSI
Logout response (success) to be sent; an internal event of Logout response (success) to be sent; an internal event of
sending a Logout response (success) on another connection for sending a Logout response (success) on another connection for
a "close the session" Logout request was received; or an a "close the session" Logout request was received; or an
internal event of a successful connection/session internal event of a successful connection/session
reinstatement is received. In all these cases, the transport reinstatement is received. In all these cases, the transport
connection is closed. connection is closed.
-T14: -T14:
-initiator: Async PDU with AsyncEvent "Request Logout" was -initiator: Async PDU with AsyncEvent "Request Logout" was
received again. received again.
-target: Illegal -target: Illegal
-T15, T16: -T15, T16:
-initiator: One or more of the following events caused this -initiator: One or more of the following events caused this
transition: transition:
-Internal event that indicates a transport connection -Internal event that indicates a transport connection
timeout was received thus prompting transport RESET or timeout was received thus prompting transport RESET or
transport connection closure. transport connection closure.
-A transport RESET. -A transport RESET.
Julian Satran Expires June 2003 102
iSCSI 3-November-02
-A transport disconnect indication. -A transport disconnect indication.
-Async PDU with AsyncEvent "Drop connection" (for this -Async PDU with AsyncEvent "Drop connection" (for this
CID). CID).
-Async PDU with AsyncEvent "Drop all connections". -Async PDU with AsyncEvent "Drop all connections".
-target: One or more of the following events caused this -target: One or more of the following events caused this
transition: transition:
-Internal event that indicates a transport connection -Internal event that indicates a transport connection
timeout was received, thus prompting transport RESET or timeout was received, thus prompting transport RESET or
transport connection closure. transport connection closure.
-An internal event of a failed connection/session -An internal event of a failed connection/session
reinstatement is received. reinstatement is received.
-A transport RESET. -A transport RESET.
-A transport disconnect indication. -A transport disconnect indication.
-Internal emergency cleanup event was received which -Internal emergency cleanup event was received which
prompts an Async PDU with AsyncEvent "Drop connection" prompts an Async PDU with AsyncEvent "Drop connection"
(for this CID), or event "Drop all connections". (for this CID), or event "Drop all connections".
-T17: -T17:
-initiator: One or more of the following events caused this -initiator: One or more of the following events caused this
transition: transition:
-Logout response, (failure i.e., a non-zero status) was
received, or Logout timed out. Julian Satran Expires August 2003 84
-Any of the events specified for T15 and T16. iSCSI 19-January-03
-target: One or more of the following events caused this
transition: -Logout response, (failure i.e., a non-zero status) was
-Internal event that indicates a failure of the Logout received, or Logout timed out.
-Any of the events specified for T15 and T16.
-target: One or more of the following events caused this
transition:
-Internal event that indicates a failure of the Logout
processing was received, which prompts a Logout response processing was received, which prompts a Logout response
(failure, i.e., a non-zero status) to be sent. (failure, i.e., a non-zero status) to be sent.
-Any of the events specified for T15 and T16. -Any of the events specified for T15 and T16.
-T18: -T18:
-initiator: An internal event of receiving a Logout response -initiator: An internal event of receiving a Logout response
(success) on another connection for a "close the session" (success) on another connection for a "close the session"
Logout request was received. Logout request was received.
-target: An internal event of sending a Logout response -target: An internal event of sending a Logout response
(success) on another connection for a "close the session" (success) on another connection for a "close the session"
Logout request was received, or an internal event of a Logout request was received, or an internal event of a
successful connection/session reinstatement is received. In successful connection/session reinstatement is received. In
both these cases, the connection is closed. both these cases, the connection is closed.
Julian Satran Expires June 2003 103
iSCSI 3-November-02
The CLEANUP_WAIT state (S8) implies that there are possible iSCSI The CLEANUP_WAIT state (S8) implies that there are possible iSCSI
tasks that have not reached conclusion and are still considered tasks that have not reached conclusion and are still considered
busy. busy.
7.1.3 Standard Connection State Diagram for an Initiator 7.1.3 Standard Connection State Diagram for an Initiator
Symbolic names for States: Symbolic names for States:
S1: FREE S1: FREE
skipping to change at line 4550 skipping to change at line 4480
S5: LOGGED_IN S5: LOGGED_IN
S6: IN_LOGOUT S6: IN_LOGOUT
S7: LOGOUT_REQUESTED S7: LOGOUT_REQUESTED
S8: CLEANUP_WAIT S8: CLEANUP_WAIT
States S5, S6, and S7 constitute the Full Feature Phase operation of States S5, S6, and S7 constitute the Full Feature Phase operation of
the connection. the connection.
The state diagram is as follows: The state diagram is as follows:
Julian Satran Expires June 2003 104 Julian Satran Expires August 2003 85
iSCSI 3-November-02 iSCSI 19-January-03
-------<-------------+ -------<-------------+
+--------->/ S1 \<----+ | +--------->/ S1 \<----+ |
T13| +->\ /<-+ \ | T13| +->\ /<-+ \ |
| / ---+--- \ \ | | / ---+--- \ \ |
| / | T2 \ | | | / | T2 \ | |
| T8 | |T1 | | | | T8 | |T1 | | |
| | | / |T7 | | | | / |T7 |
| | | / | | | | | / | |
| | | / | | | | | / | |
skipping to change at line 4594 skipping to change at line 4524
| ------- --+----+------+T17 | ------- --+----+------+T17
+---------------------------+ +---------------------------+
The following state transition table represents the above diagram. The following state transition table represents the above diagram.
Each row represents the starting state for a given transition, which Each row represents the starting state for a given transition, which
after taking a transition marked in a table cell would end in the after taking a transition marked in a table cell would end in the
state represented by the column of the cell. For example, from state state represented by the column of the cell. For example, from state
S1, the connection takes the T1 transition to arrive at state S2. S1, the connection takes the T1 transition to arrive at state S2.
The fields marked "-" correspond to undefined transitions. The fields marked "-" correspond to undefined transitions.
Julian Satran Expires June 2003 105 Julian Satran Expires August 2003 86
iSCSI 3-November-02 iSCSI 19-January-03
+----+---+---+---+---+----+---+ +----+---+---+---+---+----+---+
|S1 |S2 |S4 |S5 |S6 |S7 |S8 | |S1 |S2 |S4 |S5 |S6 |S7 |S8 |
---+----+---+---+---+---+----+---+ ---+----+---+---+---+---+----+---+
S1| - |T1 | - | - | - | - | - | S1| - |T1 | - | - | - | - | - |
---+----+---+---+---+---+----+---+ ---+----+---+---+---+---+----+---+
S2|T2 |- |T4 | - | - | - | - | S2|T2 |- |T4 | - | - | - | - |
---+----+---+---+---+---+----+---+ ---+----+---+---+---+---+----+---+
S4|T7 |- |- |T5 | - | - | - | S4|T7 |- |- |T5 | - | - | - |
---+----+---+---+---+---+----+---+ ---+----+---+---+---+---+----+---+
skipping to change at line 4631 skipping to change at line 4561
S5: LOGGED_IN S5: LOGGED_IN
S6: IN_LOGOUT S6: IN_LOGOUT
S7: LOGOUT_REQUESTED S7: LOGOUT_REQUESTED
S8: CLEANUP_WAIT S8: CLEANUP_WAIT
States S5, S6, and S7 constitute the Full Feature Phase operation of States S5, S6, and S7 constitute the Full Feature Phase operation of
the connection. the connection.
The state diagram is as follows: The state diagram is as follows:
Julian Satran Expires June 2003 106 Julian Satran Expires August 2003 87
iSCSI 3-November-02 iSCSI 19-January-03
-------<-------------+ -------<-------------+
+--------->/ S1 \<----+ | +--------->/ S1 \<----+ |
T13| +->\ /<-+ \ | T13| +->\ /<-+ \ |
| / ---+--- \ \ | | / ---+--- \ \ |
| / | T6 \ | | | / | T6 \ | |
| T8 | |T3 | | | | T8 | |T3 | | |
| | | / |T7 | | | | / |T7 |
| | | / | | | | | / | |
| | | / | | | | | / | |
skipping to change at line 4671 skipping to change at line 4601
| | V / / V \ / | | V / / V \ /
| | ---+-+- ------- ------- | | ---+-+- ------- -------
| | / S5 \T9 / S6 \ ^ | | / S5 \T9 / S6 \ ^
| +-----\ /--->\ / | | +-----\ /--->\ / |
| ------- --+----+--------+T17 | ------- --+----+--------+T17
+---------------------------+ +---------------------------+
The following state transition table represents the above diagram, The following state transition table represents the above diagram,
and follows the conventions described for the initiator diagram. and follows the conventions described for the initiator diagram.
Julian Satran Expires June 2003 107 Julian Satran Expires August 2003 88
iSCSI 3-November-02 iSCSI 19-January-03
+----+---+---+---+---+----+---+ +----+---+---+---+---+----+---+
|S1 |S3 |S4 |S5 |S6 |S7 |S8 | |S1 |S3 |S4 |S5 |S6 |S7 |S8 |
---+----+---+---+---+---+----+---+ ---+----+---+---+---+---+----+---+
S1| - |T3 | - | - | - | - | - | S1| - |T3 | - | - | - | - | - |
---+----+---+---+---+---+----+---+ ---+----+---+---+---+---+----+---+
S3|T6 |- |T4 | - | - | - | - | S3|T6 |- |T4 | - | - | - | - |
---+----+---+---+---+---+----+---+ ---+----+---+---+---+---+----+---+
S4|T7 |- |- |T5 | - | - | - | S4|T7 |- |- |T5 | - | - | - |
---+----+---+---+---+---+----+---+ ---+----+---+---+---+---+----+---+
skipping to change at line 4717 skipping to change at line 4647
the CID that corresponds to CSM-C (either as a connection or session the CID that corresponds to CSM-C (either as a connection or session
logout) needs to be performed to complete the cleanup. In the CSM-I logout) needs to be performed to complete the cleanup. In the CSM-I
case, an implicit logout for the CID that corresponds to CSM-C needs case, an implicit logout for the CID that corresponds to CSM-C needs
to be performed by way of connection reinstatement (section 5.3.4) to be performed by way of connection reinstatement (section 5.3.4)
for that CID. In either case, the protocol exchanges on CSM-E or for that CID. In either case, the protocol exchanges on CSM-E or
CSM-I determine the state transitions for CSM-C. Therefore, this CSM-I determine the state transitions for CSM-C. Therefore, this
cleanup state diagram is only applicable to the instance of the cleanup state diagram is only applicable to the instance of the
connection in cleanup (i.e., CSM-C). In the case of an implicit connection in cleanup (i.e., CSM-C). In the case of an implicit
logout for example, CSM-C reaches FREE (R3) at the time CSM-I logout for example, CSM-C reaches FREE (R3) at the time CSM-I
reaches LOGGED_IN. In the case of an explicit logout, CSM-C reaches reaches LOGGED_IN. In the case of an explicit logout, CSM-C reaches
Julian Satran Expires June 2003 108
iSCSI 3-November-02
FREE (R3) when CSM-E receives a successful logout response while FREE (R3) when CSM-E receives a successful logout response while
continuing to be in the LOGGED_IN state. continuing to be in the LOGGED_IN state.
An initiator must initiate an explicit or implicit connection logout An initiator must initiate an explicit or implicit connection logout
for a connection in the CLEANUP_WAIT state, if the initiator intends for a connection in the CLEANUP_WAIT state, if the initiator intends
to continue using the associated iSCSI session. to continue using the associated iSCSI session.
The following state diagram applies to both initiators and targets. The following state diagram applies to both initiators and targets.
Julian Satran Expires August 2003 89
iSCSI 19-January-03
------- -------
/ R1 / R1
+--\ /<-+ +--\ /<-+
/ ---+--- / ---+---
/ | \ M3 / | \ M3
M1 | |M2 | M1 | |M2 |
| | / | | /
| | / | | /
| | / | | /
| V / | V /
skipping to change at line 4758 skipping to change at line 4687
| | | |
| V | V
| ------- | -------
| / R3 | / R3
+---->\ / +---->\ /
------- -------
The following state transition table represents the above diagram, The following state transition table represents the above diagram,
and follows the same conventions as in earlier sections. and follows the same conventions as in earlier sections.
Julian Satran Expires June 2003 109
iSCSI 3-November-02
+----+----+----+ +----+----+----+
|R1 |R2 |R3 | |R1 |R2 |R3 |
-----+----+----+----+ -----+----+----+----+
R1 | - |M2 |M1 | R1 | - |M2 |M1 |
-----+----+----+----+ -----+----+----+----+
R2 |M3 | - |M4 | R2 |M3 | - |M4 |
-----+----+----+----+ -----+----+----+----+
R3 | - | - | - | R3 | - | - | - |
-----+----+----+----+ -----+----+----+----+
skipping to change at line 4786 skipping to change at line 4712
-target: Waiting for the cleanup process to start for CSM-C. -target: Waiting for the cleanup process to start for CSM-C.
-R2: IN_CLEANUP -R2: IN_CLEANUP
-initiator: Waiting for the connection cleanup process to -initiator: Waiting for the connection cleanup process to
conclude for CSM-C. conclude for CSM-C.
-target: Waiting for the connection cleanup process to -target: Waiting for the connection cleanup process to
conclude for CSM-C. conclude for CSM-C.
-R3: FREE (Same as S1) -R3: FREE (Same as S1)
-initiator: End state for CSM-C. -initiator: End state for CSM-C.
-target: End state for CSM-C. -target: End state for CSM-C.
Julian Satran Expires August 2003 90
iSCSI 19-January-03
7.2.2 State Transition Descriptions for Initiators and Targets 7.2.2 State Transition Descriptions for Initiators and Targets
-M1: One or more of the following events was received: -M1: One or more of the following events was received:
-initiator: -initiator:
-An internal event that indicates connection state -An internal event that indicates connection state
timeout. timeout.
-An internal event of receiving a successful Logout -An internal event of receiving a successful Logout
response on a different connection for a "close the response on a different connection for a "close the
session" Logout. session" Logout.
-target: -target:
-An internal event that indicates connection state -An internal event that indicates connection state
timeout. timeout.
-An internal event of sending a Logout response (success) -An internal event of sending a Logout response (success)
on a different connection for a "close the session" on a different connection for a "close the session"
Logout request. Logout request.
-M2: An implicit/explicit logout process was initiated by the -M2: An implicit/explicit logout process was initiated by the
initiator. initiator.
Julian Satran Expires June 2003 110
iSCSI 3-November-02
-In CSM-I usage: -In CSM-I usage:
-initiator: An internal event requesting the connection -initiator: An internal event requesting the connection
(or session) reinstatement was received, thus prompting a (or session) reinstatement was received, thus prompting a
connection (or session) reinstatement Login to be sent connection (or session) reinstatement Login to be sent
transitioning CSM-I to state IN_LOGIN. transitioning CSM-I to state IN_LOGIN.
-target: A connection/session reinstatement Login was -target: A connection/session reinstatement Login was
received while in state XPT_UP. received while in state XPT_UP.
-In CSM-E usage: -In CSM-E usage:
-initiator: An internal event that indicates that an -initiator: An internal event that indicates that an
explicit logout was sent for this CID in state LOGGED_IN. explicit logout was sent for this CID in state LOGGED_IN.
-target: An explicit logout was received for this CID in -target: An explicit logout was received for this CID in
state LOGGED_IN. state LOGGED_IN.
-M3: Logout failure detected -M3: Logout failure detected
-In CSM-I usage: -In CSM-I usage:
-initiator: CSM-I failed to reach LOGGED_IN and arrived -initiator: CSM-I failed to reach LOGGED_IN and arrived
into FREE instead. into FREE instead.
-target: CSM-I failed to reach LOGGED_IN and arrived into -target: CSM-I failed to reach LOGGED_IN and arrived into
FREE instead. FREE instead.
-In CSM-E usage: -In CSM-E usage:
-initiator: CSM-E either moved out of LOGGED_IN, or Logout -initiator: CSM-E either moved out of LOGGED_IN, or Logout
timed out and/or aborted, or Logout response (failure) timed out and/or aborted, or Logout response (failure)
was received. was received.
-target: CSM-E either moved out of LOGGED_IN, Logout -target: CSM-E either moved out of LOGGED_IN, Logout
timed out and/or aborted, or an internal event that timed out and/or aborted, or an internal event that
indicates a failed Logout processing was received. A indicates a failed Logout processing was received. A
Logout response (failure) was sent in the last case. Logout response (failure) was sent in the last case.
-M4: Successful implicit/explicit logout was performed. -M4: Successful implicit/explicit logout was performed.
- In CSM-I usage: - In CSM-I usage:
Julian Satran Expires August 2003 91
iSCSI 19-January-03
-initiator: CSM-I reached state LOGGED_IN, or an internal -initiator: CSM-I reached state LOGGED_IN, or an internal
event of receiving a Logout response (success) on another event of receiving a Logout response (success) on another
connection for a "close the session" Logout request was connection for a "close the session" Logout request was
received. received.
-target: CSM-I reached state LOGGED_IN, or an internal -target: CSM-I reached state LOGGED_IN, or an internal
event of sending a Logout response (success) on a event of sending a Logout response (success) on a
different connection for a "close the session" Logout different connection for a "close the session" Logout
request was received. request was received.
- In CSM-E usage: - In CSM-E usage:
-initiator: CSM-E stayed in LOGGED_IN and received a -initiator: CSM-E stayed in LOGGED_IN and received a
Logout response (success), or an internal event of Logout response (success), or an internal event of
receiving a Logout response (success) on another receiving a Logout response (success) on another
Julian Satran Expires June 2003 111
iSCSI 3-November-02
connection for a "close the session" Logout request was connection for a "close the session" Logout request was
received. received.
-target: CSM-E stayed in LOGGED_IN and an internal event -target: CSM-E stayed in LOGGED_IN and an internal event
indicating a successful Logout processing was received, indicating a successful Logout processing was received,
or an internal event of sending a Logout response or an internal event of sending a Logout response
(success) on a different connection for a "close the (success) on a different connection for a "close the
session" Logout request was received. session" Logout request was received.
7.3 Session State Diagrams 7.3 Session State Diagrams
skipping to change at line 4893 skipping to change at line 4818
| | | | / | | | | /
| | | | / | | | | /
| | V V / | | V V /
-+--+-- -----+- -+--+-- -----+-
/ Q4 \ N5 / Q3 / Q4 \ N5 / Q3
\ /<---\ / \ /<---\ /
------- ------- ------- -------
The state transition table is as follows: The state transition table is as follows:
Julian Satran Expires June 2003 112 Julian Satran Expires August 2003 92
iSCSI 3-November-02 iSCSI 19-January-03
+----+----+----+ +----+----+----+
|Q1 |Q3 |Q4 | |Q1 |Q3 |Q4 |
-----+----+----+----+ -----+----+----+----+
Q1 | - |N1 | - | Q1 | - |N1 | - |
-----+----+----+----+ -----+----+----+----+
Q3 |N3 | - |N5 | Q3 |N3 | - |N5 |
-----+----+----+----+ -----+----+----+----+
Q4 |N6 |N4 | - | Q4 |N6 |N4 | - |
-----+----+----+----+ -----+----+----+----+
skipping to change at line 4920 skipping to change at line 4845
Q1: FREE Q1: FREE
Q2: ACTIVE Q2: ACTIVE
Q3: LOGGED_IN Q3: LOGGED_IN
Q4: FAILED Q4: FAILED
Q5: IN_CONTINUE Q5: IN_CONTINUE
State Q3 represents the Full Feature Phase operation of the session. State Q3 represents the Full Feature Phase operation of the session.
The state diagram is as follows: The state diagram is as follows:
Julian Satran Expires June 2003 113
iSCSI 3-November-02
------- -------
+------------------>/ Q1 +------------------>/ Q1
/ +-------------->\ /<-+ / +-------------->\ /<-+
| | ---+--- | | | ---+--- |
| | ^ | |N3 | | ^ | |N3
N6 | |N11 N9| V N1 | N6 | |N11 N9| V N1 |
| | +------ | | | +------ |
| | / Q2 \ | | | / Q2 \ |
| | \ / | | | \ / |
| --+---- +--+--- | | --+---- +--+--- |
skipping to change at line 4946 skipping to change at line 4868
| ^ | | | / | ^ | | | /
|N7| |N8 | | / |N7| |N8 | | /
| | | | V / | | | | V /
-+--+-V V----+- -+--+-V V----+-
/ Q4 \ N5 / Q3 / Q4 \ N5 / Q3
\ /<-------------\ / \ /<-------------\ /
------- ------- ------- -------
The state transition table is as follows: The state transition table is as follows:
Julian Satran Expires August 2003 93
iSCSI 19-January-03
+----+----+----+----+----+ +----+----+----+----+----+
|Q1 |Q2 |Q3 |Q4 |Q5 | |Q1 |Q2 |Q3 |Q4 |Q5 |
-----+----+----+----+----+----+ -----+----+----+----+----+----+
Q1 | - |N1 | - | - | - | Q1 | - |N1 | - | - | - |
-----+----+----+----+----+----+ -----+----+----+----+----+----+
Q2 |N9 | - |N2 | - | - | Q2 |N9 | - |N2 | - | - |
-----+----+----+----+----+----+ -----+----+----+----+----+----+
Q3 |N3 | - | - |N5 | - | Q3 |N3 | - | - |N5 | - |
-----+----+----+----+----+----+ -----+----+----+----+----+----+
Q4 |N6 | - | - | - |N7 | Q4 |N6 | - | - | - |N7 |
-----+----+----+----+----+----+ -----+----+----+----+----+----+
Q5 |N11 | - |N10 |N8 | - | Q5 |N11 | - |N10 |N8 | - |
-----+----+----+----+----+----+ -----+----+----+----+----+----+
7.3.3 State Descriptions for Initiators and Targets 7.3.3 State Descriptions for Initiators and Targets
-Q1: FREE -Q1: FREE
-initiator: State on instantiation or after cleanup. -initiator: State on instantiation or after cleanup.
-target: State on instantiation or after cleanup. -target: State on instantiation or after cleanup.
Julian Satran Expires June 2003 114
iSCSI 3-November-02
-Q2: ACTIVE -Q2: ACTIVE
-initiator: Illegal. -initiator: Illegal.
-target: The first iSCSI connection in the session -target: The first iSCSI connection in the session
transitioned to IN_LOGIN, waiting for it to complete the transitioned to IN_LOGIN, waiting for it to complete the
login process. login process.
-Q3: LOGGED_IN -Q3: LOGGED_IN
-initiator: Waiting for all session events. -initiator: Waiting for all session events.
-target: Waiting for all session events. -target: Waiting for all session events.
-Q4: FAILED -Q4: FAILED
-initiator: Waiting for session recovery or session -initiator: Waiting for session recovery or session
continuation. continuation.
-target: Waiting for session recovery or session continuation. -target: Waiting for session recovery or session continuation.
-Q5: IN_CONTINUE -Q5: IN_CONTINUE
-initiator: Illegal. -initiator: Illegal.
-target: Waiting for session continuation attempt to reach a -target: Waiting for session continuation attempt to reach a
conclusion. conclusion.
7.3.4 State Transition Descriptions for Initiators and Targets 7.3.4 State Transition Descriptions for Initiators and Targets
-N1: -N1:
-initiator: At least one transport connection reached the -initiator: At least one transport connection reached the
LOGGED_IN state. LOGGED_IN state.
-target: The first iSCSI connection in the session had reached -target: The first iSCSI connection in the session had reached
the IN_LOGIN state. the IN_LOGIN state.
-N2: -N2:
-initiator: Illegal. -initiator: Illegal.
-target: At least one iSCSI connection reached the LOGGED_IN -target: At least one iSCSI connection reached the LOGGED_IN
state. state.
Julian Satran Expires August 2003 94
iSCSI 19-January-03
-N3: -N3:
-initiator: Graceful closing of the session via session -initiator: Graceful closing of the session via session
closure (Section 5.3.6 Session Continuation and Failure). closure (Section 5.3.6 Session Continuation and Failure).
-target: Graceful closing of the session via session closure -target: Graceful closing of the session via session closure
(Section 5.3.6 Session Continuation and Failure) or a (Section 5.3.6 Session Continuation and Failure) or a
successful session reinstatement cleanly closed the session. successful session reinstatement cleanly closed the session.
-N4: -N4:
-initiator: A session continuation attempt succeeded. -initiator: A session continuation attempt succeeded.
-target: Illegal. -target: Illegal.
-N5: -N5:
-initiator: Session failure (Section 5.3.6 Session -initiator: Session failure (Section 5.3.6 Session
Continuation and Failure) occurred. Continuation and Failure) occurred.
-target: Session failure (Section 5.3.6 Session Continuation -target: Session failure (Section 5.3.6 Session Continuation
and Failure) occurred. and Failure) occurred.
Julian Satran Expires June 2003 115
iSCSI 3-November-02
-N6: -N6:
-initiator: Session state timeout occurred, or a session -initiator: Session state timeout occurred, or a session
reinstatement cleared this session instance. This results in reinstatement cleared this session instance. This results in
the freeing of all associated resources and the session state the freeing of all associated resources and the session state
is discarded. is discarded.
-target: Session state timeout occurred, or a session -target: Session state timeout occurred, or a session
reinstatement cleared this session instance. This results in reinstatement cleared this session instance. This results in
the freeing of all associated resources and the session state the freeing of all associated resources and the session state
is discarded. is discarded.
-N7: -N7:
-initiator: Illegal. -initiator: Illegal.
-target: A session continuation attempt is initiated. -target: A session continuation attempt is initiated.
-N8: -N8:
-initiator: Illegal. -initiator: Illegal.
-target: The last session continuation attempt failed. -target: The last session continuation attempt failed.
-N9: -N9:
-initiator: Illegal. -initiator: Illegal.
-target: Login attempt on the leading connection failed. -target: Login attempt on the leading connection failed.
-N10: -N10:
-initiator: Illegal. -initiator: Illegal.
-target: A session continuation attempt succeeded. -target: A session continuation attempt succeeded.
-N11: -N11:
-initiator: Illegal. -initiator: Illegal.
-target: A successful session reinstatement cleanly closed the -target: A successful session reinstatement cleanly closed the
session. session.
Julian Satran Expires June 2003 116 Julian Satran Expires August 2003 95
iSCSI 3-November-02 iSCSI 19-January-03
8. Security Considerations 8. Security Considerations
Historically, native storage systems have not had to consider Historically, native storage systems have not had to consider
security because their environments offered minimal security risks. security because their environments offered minimal security risks.
That is, these environments consisted of storage devices either That is, these environments consisted of storage devices either
directly attached to hosts or connected via a Storage Area Network directly attached to hosts or connected via a Storage Area Network
(SAN) distinctly separate from the communications network. The use (SAN) distinctly separate from the communications network. The use
of storage protocols, such as SCSI, over IP-networks requires that of storage protocols, such as SCSI, over IP-networks requires that
security concerns be addressed. iSCSI implementations MUST provide security concerns be addressed. iSCSI implementations MUST provide
skipping to change at line 5086 skipping to change at line 5015
authentication, and confidentiality) by IPsec at the IP level. The authentication, and confidentiality) by IPsec at the IP level. The
two security mechanisms complement each other. The in-band two security mechanisms complement each other. The in-band
authentication provides end-to-end trust (at login time) between the authentication provides end-to-end trust (at login time) between the
iSCSI initiator and the target while IPsec provides a secure channel iSCSI initiator and the target while IPsec provides a secure channel
between the IP communication end points. between the IP communication end points.
Further details on typical iSCSI scenarios and the relation between Further details on typical iSCSI scenarios and the relation between
the initiators, targets, and the communication end points can be the initiators, targets, and the communication end points can be
found in [SEC-IPS]. found in [SEC-IPS].
Julian Satran Expires June 2003 117
iSCSI 3-November-02
8.2 In-band Initiator-Target Authentication 8.2 In-band Initiator-Target Authentication
During login, the target MUST authenticate the initiator and the During login, the target MUST authenticate the initiator and the
initiator MAY authenticate the target. The authentication is initiator MAY authenticate the target. The authentication is
performed on every new iSCSI connection by an exchange of iSCSI performed on every new iSCSI connection by an exchange of iSCSI
Login PDUs using a negotiated authentication method. Login PDUs using a negotiated authentication method.
The authentication method cannot assume an underlying IPsec The authentication method cannot assume an underlying IPsec
protection, because IPsec is optional to use. An attacker should protection, because IPsec is optional to use. An attacker should
gain as little advantage as possible by inspecting the gain as little advantage as possible by inspecting the
authentication phase PDUs. Therefore, a method using clear text (or authentication phase PDUs. Therefore, a method using clear text (or
equivalent) passwords is not acceptable; on the other hand, identity equivalent) passwords is not acceptable; on the other hand, identity
protection is not strictly required. protection is not strictly required.
Julian Satran Expires August 2003 96
iSCSI 19-January-03
The authentication mechanism protects against an unauthorized login The authentication mechanism protects against an unauthorized login
to storage resources by using a false identity (spoofing). Once the to storage resources by using a false identity (spoofing). Once the
authentication phase is completed, if the underlying IPsec is not authentication phase is completed, if the underlying IPsec is not
used, all PDUs are sent and received in clear. The authentication used, all PDUs are sent and received in clear. The authentication
mechanism alone (without underlying IPsec) should only be used when mechanism alone (without underlying IPsec) should only be used when
there is no risk of eavesdropping, message insertion, deletion, there is no risk of eavesdropping, message insertion, deletion,
modification, and replaying. modification, and replaying.
Section 11 iSCSI Security Keys and Authentication Methods defines Section 11 iSCSI Security Text Keys and Authentication Methods
several authentication methods and the exact steps that must be defines several authentication methods and the exact steps that must
followed in each of them, including the keys and their allowed be followed in each of them, including the iSCSI-text-keys and their
values in each step. Whenever an iSCSI initiator gets a response allowed values in each step. Whenever an iSCSI initiator gets a
whose keys, or their values, are not according to the step response whose keys, or their values, are not according to the step
definition, it MUST abort the connection. Whenever an iSCSI target definition, it MUST abort the connection. Whenever an iSCSI target
gets a response whose keys, or their values, are not according to gets a response whose keys, or their values, are not according to
the step definition, it MUST answer with a Login reject with the the step definition, it MUST answer with a Login reject with the
"Initiator Error" or "Missing Parameter" status. These statuses are "Initiator Error" or "Missing Parameter" status. These statuses are
not intended for cryptographically incorrect values such as the CHAP not intended for cryptographically incorrect values such as the CHAP
response, for which "Authentication Failure" status MUST be response, for which "Authentication Failure" status MUST be
specified. The importance of this rule can be illustrated in CHAP specified. The importance of this rule can be illustrated in CHAP
with target authentication (see Section 11.1.4 Challenge Handshake with target authentication (see Section 11.1.4 Challenge Handshake
Authentication Protocol (CHAP)) where the initiator would have been Authentication Protocol (CHAP)) where the initiator would have been
able to conduct a reflection attack by omitting his response key able to conduct a reflection attack by omitting his response key
(CHAP_R) using the same CHAP challenge as the target and reflecting (CHAP_R) using the same CHAP challenge as the target and reflecting
the target's response back to the target. In CHAP, this is prevented the target's response back to the target. In CHAP, this is prevented
because the target must answer the missing CHAP_R key with a Login because the target must answer the missing CHAP_R key with a Login
reject with the "Missing Parameter" status. reject with the "Missing Parameter" status.
Julian Satran Expires June 2003 118
iSCSI 3-November-02
For some of the authentication methods, a key specifies the identity For some of the authentication methods, a key specifies the identity
of the iSCSI initiator or target for authentication purposes. The of the iSCSI initiator or target for authentication purposes. The
value associated with that key MAY be different from the iSCSI name value associated with that key MAY be different from the iSCSI name
and SHOULD be configurable. (CHAP_N, see Section 11.1.4 Challenge and SHOULD be configurable. (CHAP_N, see Section 11.1.4 Challenge
Handshake Authentication Protocol (CHAP) and SRP_U, see Section Handshake Authentication Protocol (CHAP) and SRP_U, see Section
11.1.3 Secure Remote Password (SRP)). 11.1.3 Secure Remote Password (SRP)).
8.2.1 CHAP Considerations 8.2.1 CHAP Considerations
Compliant iSCSI initiators and targets MUST implement the CHAP Compliant iSCSI initiators and targets MUST implement the CHAP
skipping to change at line 5159 skipping to change at line 5085
vulnerable to an off-line dictionary attack. Implementations MUST vulnerable to an off-line dictionary attack. Implementations MUST
support use of up to 128 bit random CHAP secrets, including the support use of up to 128 bit random CHAP secrets, including the
means to generate such secrets and to accept them from an external means to generate such secrets and to accept them from an external
generation source. Implementations MUST NOT provide secret generation source. Implementations MUST NOT provide secret
generation (or expansion) means other than random generation. generation (or expansion) means other than random generation.
An administrative entity of an environment in which CHAP is used An administrative entity of an environment in which CHAP is used
with a secret that has less than 96 random bits MUST enforce IPsec with a secret that has less than 96 random bits MUST enforce IPsec
encryption (according to the implementation requirements in Section encryption (according to the implementation requirements in Section
8.3.2 Confidentiality) to protect the connection. Moreover, in this 8.3.2 Confidentiality) to protect the connection. Moreover, in this
case IKE authentication with group pre-shared keys SHOULD NOT be case IKE authentication with group pre-shared cryptographic keys
used unless it is not essential to protect group members against
off-line dictionary attacks by other members. Julian Satran Expires August 2003 97
iSCSI 19-January-03
SHOULD NOT be used unless it is not essential to protect group
members against off-line dictionary attacks by other members.
A compliant implementation SHOULD NOT continue with the login step A compliant implementation SHOULD NOT continue with the login step
in which it should send a CHAP response (CHAP_R, Section 11.1.4 in which it should send a CHAP response (CHAP_R, Section 11.1.4
Challenge Handshake Authentication Protocol (CHAP)) unless it can Challenge Handshake Authentication Protocol (CHAP)) unless it can
verify that the CHAP secret is at least 96 bits, or that IPsec verify that the CHAP secret is at least 96 bits, or that IPsec
encryption is being used to protect the connection. encryption is being used to protect the connection.
Any CHAP secret used for initiator authentication MUST NOT be
configured for authentication of any target, and any CHAP secret
used for target authentication MUST NOT be configured for
authentication of any initiator. If the CHAP response received by
one end of an iSCSI connection is the same as the CHAP response that
the receiving endpoint would have generated for the same CHAP
challenge, the response MUST be treated as an authentication failure
and cause the connection to close (this ensures that the same CHAP
secret is not used for authentication in both directions). Also, if
an iSCSI implementation can function as both initiator and target,
different CHAP secrets and identities MUST be configured for these
two roles. The following is an example of the attacks prevented by
the above requirements:
Rogue wants to impersonate Storage to Alice, and knows that a
single secret is used for both directions of Storage-Alice
authentication.
Rogue convinces Alice to open two connections to Rogue, and
Rogue identifies itself as Storage on both connections.
Rogue issues a CHAP challenge on connection 1, waits for Alice
to respond, and then reflects Alice's challenge as the initial
challenge to Alice on connection 2.
If Alice doesn't check for the reflection across connections,
Alice's response on connection 2 enables Rogue to impersonate
Storage on connection 1, even though Rogue does not know the
Alice-Storage CHAP secret.
Originators MUST NOT reuse the CHAP challenge sent by the Responder Originators MUST NOT reuse the CHAP challenge sent by the Responder
for the other direction of a bidirectional authentication. for the other direction of a bidirectional authentication.
Responders MUST check for this condition and close the iSCSI TCP Responders MUST check for this condition and close the iSCSI TCP
connection if it occurs. connection if it occurs.
Julian Satran Expires June 2003 119 The same CHAP secret SHOULD NOT be configured for authentication of
iSCSI 3-November-02 multiple initiators or multiple targets, as this enables any of them
to impersonate any other one of them, and compromising one of them
enables the attacker to impersonate any of them. It is recommended
that iSCSI implementations check for use of identical CHAP secrets
by different peers when this check is feasible, and take appropriate
measures to warn users and/or administrators when this is detected.
A single CHAP secret MAY be used for authentication of an individual
initiator to multiple targets. Likewise, a single CHAP secret MAY be
used for authentication of an individual target to multiple
initiators.
Julian Satran Expires August 2003 98
iSCSI 19-January-03
8.2.2 SRP Considerations 8.2.2 SRP Considerations
The strength of the SRP authentication method (specified in The strength of the SRP authentication method (specified in
[RFC2945]) is dependent on the characteristics of the group being [RFC2945]) is dependent on the characteristics of the group being
used (i.e., the prime modulus N and generator g). As described in used (i.e., the prime modulus N and generator g). As described in
[RFC2945], N is required to be a Sophie-German prime (of the form N [RFC2945], N is required to be a Sophie-German prime (of the form N
= 2q + 1, where q is also prime) and the generator g is a primitive = 2q + 1, where q is also prime) and the generator g is a primitive
root of GF(n). In iSCSI authentication, the prime modulus N MUST be root of GF(n). In iSCSI authentication, the prime modulus N MUST be
at least 768 bits. at least 768 bits.
The list of allowed SRP groups is provided in [SEC-IPS]. The list of allowed SRP groups is provided in [SEC-IPS].
8.3 IPsec 8.3 IPsec
iSCSI uses the IPsec mechanism for packet protection (cryptographic iSCSI uses the IPsec mechanism for packet protection (cryptographic
integrity, authentication, and confidentiality) at the IP level integrity, authentication, and confidentiality) at the IP level
between the iSCSI communicating end points. The following sections between the iSCSI communicating end points. The following sections
describe the IPsec protocols that must be implemented for data describe the IPsec protocols that must be implemented for data
integrity and authentication, confidentiality, and key management. integrity and authentication, confidentiality, and cryptographic key
management.
An iSCSI initiator or target may provide the required IPsec support An iSCSI initiator or target may provide the required IPsec support
fully integrated or in conjunction with an IPsec front-end device. fully integrated or in conjunction with an IPsec front-end device.
In the latter case, the compliance requirements with regard to IPsec In the latter case, the compliance requirements with regard to IPsec
support apply to the "combined device". Only the "combined device" support apply to the "combined device". Only the "combined device"
is to be considered an iSCSI device. is to be considered an iSCSI device.
Detailed considerations and recommendations for using IPsec for Detailed considerations and recommendations for using IPsec for
iSCSI are provided in [SEC-IPS]. iSCSI are provided in [SEC-IPS].
8.3.1 Data Integrity and Authentication 8.3.1 Data Integrity and Authentication
Data authentication and integrity is provided by a keyed Message Data authentication and integrity is provided by a cryptographic
Authentication Code in every sent packet. This code protects against keyed Message Authentication Code in every sent packet. This code
message insertion, deletion, and modification. Protection against protects against message insertion, deletion, and modification.
message replay is realized by using a sequence counter. Protection against message replay is realized by using a sequence
counter.
An iSCSI compliant initiator or target MUST provide data integrity An iSCSI compliant initiator or target MUST provide data integrity
and authentication by implementing IPsec [RFC2401] with ESP and authentication by implementing IPsec [RFC2401] with ESP
[RFC2406] in tunnel mode and MAY provide data integrity and [RFC2406] in tunnel mode and MAY provide data integrity and
authentication by implementing IPsec with ESP in transport mode. The authentication by implementing IPsec with ESP in transport mode. The
IPsec implementation MUST fulfill the following iSCSI specific IPsec implementation MUST fulfill the following iSCSI specific
requirements: requirements:
Julian Satran Expires June 2003 120
iSCSI 3-November-02
- HMAC-SHA1 MUST be implemented [RFC2404]. - HMAC-SHA1 MUST be implemented [RFC2404].
- AES CBC MAC with XCBC extensions SHOULD be implemented - AES CBC MAC with XCBC extensions SHOULD be implemented
[AESCBC]. [AESCBC].
The ESP anti-replay service MUST also be implemented. The ESP anti-replay service MUST also be implemented.
At the high speeds iSCSI is expected to operate, a single IPsec SA At the high speeds iSCSI is expected to operate, a single IPsec SA
could rapidly cycle through the 32-bit IPsec sequence number space. could rapidly cycle through the 32-bit IPsec sequence number space.
In view of this, it may be desirable in the future for an iSCSI In view of this, it may be desirable in the future for an iSCSI
implementation that operates at speeds of 1 Gbps or greater to implementation that operates at speeds of 1 Gbps or greater to
implement the IPsec sequence number extension [SEQ-EXT]. implement the IPsec sequence number extension [SEQ-EXT].
Julian Satran Expires August 2003 99
iSCSI 19-January-03
8.3.2 Confidentiality 8.3.2 Confidentiality
Confidentiality is provided by encrypting the data in every packet. Confidentiality is provided by encrypting the data in every packet.
When confidentiality is used it MUST be accompanied by data When confidentiality is used it MUST be accompanied by data
integrity and authentication to provide comprehensive protection integrity and authentication to provide comprehensive protection
against eavesdropping, message insertion, deletion, modification, against eavesdropping, message insertion, deletion, modification,
and replaying. and replaying.
An iSCSI compliant initiator or target MUST provide confidentiality An iSCSI compliant initiator or target MUST provide confidentiality
by implementing IPsec [RFC2401] with ESP [RFC2406] in tunnel mode by implementing IPsec [RFC2401] with ESP [RFC2406] in tunnel mode
and MAY provide confidentiality by implementing IPsec with ESP in and MAY provide confidentiality by implementing IPsec with ESP in
transport mode, with the following iSCSI specific requirements: transport mode, with the following iSCSI specific requirements:
- 3DES in CBC mode MUST be implemented [RFC2451]. - 3DES in CBC mode MUST be implemented [RFC2451].
- AES in Counter mode SHOULD be implemented [AESCTR]. - AES in Counter mode SHOULD be implemented [AESCTR].
DES in CBC mode SHOULD NOT be used due to its inherent weakness. DES in CBC mode SHOULD NOT be used due to its inherent weakness.
The NULL encryption algorithm MUST also be implemented. The NULL encryption algorithm MUST also be implemented.
8.3.3 Policy, Security Associations, and Key Management 8.3.3 Policy, Security Associations, and Cryptographic Key Management
A compliant iSCSI implementation MUST meet the key management
requirements of the IPsec protocol suite. Authentication, security
association negotiation, and key management MUST be provided by
implementing IKE [RFC2409] using the IPsec DOI [RFC2407] with the
following iSCSI specific requirements:
- Peer authentication using a pre-shared key MUST be supported. A compliant iSCSI implementation MUST meet the cryptographic key
Certificate-based peer authentication using digital signatures management requirements of the IPsec protocol suite. Authentication,
MAY be supported. Peer authentication using the public key security association negotiation, and cryptographic key management
encryption methods outlined in IKE sections 5.2 and 5.3[7] MUST be provided by implementing IKE [RFC2409] using the IPsec DOI
SHOULD NOT be used. [RFC2407] with the following iSCSI specific requirements:
Julian Satran Expires June 2003 121 - Peer authentication using a pre-shared cryptographic key MUST
iSCSI 3-November-02 be supported. Certificate-based peer authentication using
digital signatures MAY be supported. Peer authentication using
the public key encryption methods outlined in IKE sections 5.2
and 5.3[7] SHOULD NOT be used.
- When digital signatures are used to achieve authentication, an - When digital signatures are used to achieve authentication, an
IKE negotiator SHOULD use IKE Certificate Request Payload(s) IKE negotiator SHOULD use IKE Certificate Request Payload(s)
to specify the certificate authority. IKE negotiators SHOULD to specify the certificate authority. IKE negotiators SHOULD
check the pertinent Certificate Revocation List (CRL) before check the pertinent Certificate Revocation List (CRL) before
accepting a PKI certificate for use in IKE authentication accepting a PKI certificate for use in IKE authentication
procedures. procedures.
- Conformant iSCSI implementations MUST support IKE Main Mode - Conformant iSCSI implementations MUST support IKE Main Mode
and SHOULD support Aggressive Mode. IKE main mode with pre- and SHOULD support Aggressive Mode. IKE main mode with pre-
skipping to change at line 5292 skipping to change at line 5263
IP addresses. While in many cases pre-shared keys offer good IP addresses. While in many cases pre-shared keys offer good
security, situations in which dynamically assigned addresses security, situations in which dynamically assigned addresses
are used force the use of a group pre-shared key, which are used force the use of a group pre-shared key, which
creates vulnerability to a man-in-the-middle attack. creates vulnerability to a man-in-the-middle attack.
- In the IKE Phase 2 Quick Mode, exchanges for creating the - In the IKE Phase 2 Quick Mode, exchanges for creating the
Phase 2 SA, the Identity Payload, fields MUST be present. Phase 2 SA, the Identity Payload, fields MUST be present.
ID_IPV4_ADDR, ID_IPV6_ADDR (if the protocol stack supports ID_IPV4_ADDR, ID_IPV6_ADDR (if the protocol stack supports
IPv6) and ID_FQDN Identity payloads MUST be supported; IPv6) and ID_FQDN Identity payloads MUST be supported;
ID_USER_FQDN SHOULD be supported. The IP Subnet, IP Address ID_USER_FQDN SHOULD be supported. The IP Subnet, IP Address
Julian Satran Expires August 2003 100
iSCSI 19-January-03
Range, ID_DER_ASN1_DN, and ID_DER_ASN1_GN formats SHOULD NOT Range, ID_DER_ASN1_DN, and ID_DER_ASN1_GN formats SHOULD NOT
be used. The ID_KEY_ID Identity Payload MUST NOT be used. be used. The ID_KEY_ID Identity Payload MUST NOT be used.
Manual keying MUST NOT be used because it does not provide the Manual cryptographic keying MUST NOT be used because it does not
necessary re-keying support. provide the necessary re-keying support.
When IPsec is used, the receipt of an IKE Phase 2 delete message When IPsec is used, the receipt of an IKE Phase 2 delete message
SHOULD NOT be interpreted as a reason for tearing down the iSCSI TCP SHOULD NOT be interpreted as a reason for tearing down the iSCSI TCP
connection. If additional traffic is sent on it, a new IKE Phase 2 connection. If additional traffic is sent on it, a new IKE Phase 2
SA will be created to protect it. SA will be created to protect it.
The method used by the initiator to determine whether the target The method used by the initiator to determine whether the target
should be connected using IPsec is regarded as an issue of IPsec should be connected using IPsec is regarded as an issue of IPsec
policy administration, and thus not defined in the iSCSI standard. policy administration, and thus not defined in the iSCSI standard.
If an iSCSI target is discovered via a SendTargets request in a If an iSCSI target is discovered via a SendTargets request in a
discovery session not using IPsec, the initiator should assume that discovery session not using IPsec, the initiator should assume that
it does not need IPsec to establish a session to that target. If an it does not need IPsec to establish a session to that target. If an
iSCSI target is discovered using a discovery session that does use iSCSI target is discovered using a discovery session that does use
IPsec, the initiator SHOULD use IPsec when establishing a session to IPsec, the initiator SHOULD use IPsec when establishing a session to
that target. that target.
Julian Satran Expires June 2003 122 Julian Satran Expires August 2003 101
iSCSI 3-November-02 iSCSI 19-January-03
9. Notes to Implementers 9. Notes to Implementers
This section notes some of the performance and reliability This section notes some of the performance and reliability
considerations of the iSCSI protocol. This protocol was designed to considerations of the iSCSI protocol. This protocol was designed to
allow efficient silicon and software implementations. The iSCSI task allow efficient silicon and software implementations. The iSCSI task
tag mechanism was designed to enable Direct Data Placement (DDP - a tag mechanism was designed to enable Direct Data Placement (DDP - a
DMA form) at the iSCSI level or lower. DMA form) at the iSCSI level or lower.
The guiding assumption made throughout the design of this protocol The guiding assumption made throughout the design of this protocol
skipping to change at line 5360 skipping to change at line 5335
iSCSI however, the SCSI initiator ports are the endpoints of iSCSI however, the SCSI initiator ports are the endpoints of
dynamically created sessions, so the presumptions of "static and dynamically created sessions, so the presumptions of "static and
physical" do not apply. In any case, the model clauses physical" do not apply. In any case, the model clauses
(particularly, Section 3.4.2 SCSI Architecture Model) provide for (particularly, Section 3.4.2 SCSI Architecture Model) provide for
persistent, reusable names for the iSCSI-type SCSI initiator ports persistent, reusable names for the iSCSI-type SCSI initiator ports
even though there does not need to be any physical entity bound to even though there does not need to be any physical entity bound to
these names. these names.
To both minimize the disruption of legacy applications and to better To both minimize the disruption of legacy applications and to better
facilitate the SCSI features that rely on persistent names for SCSI facilitate the SCSI features that rely on persistent names for SCSI
Julian Satran Expires June 2003 123
iSCSI 3-November-02
ports, iSCSI implementations SHOULD attempt to provide a stable ports, iSCSI implementations SHOULD attempt to provide a stable
presentation of SCSI Initiator Ports (both to the upper OS-layers presentation of SCSI Initiator Ports (both to the upper OS-layers
and to the targets to which they connect). This can be achieved in and to the targets to which they connect). This can be achieved in
an initiator implementation by conservatively reusing ISIDs. In an initiator implementation by conservatively reusing ISIDs. In
other words, the same ISID should be used in the Login process to other words, the same ISID should be used in the Login process to
multiple target portal groups (of the same iSCSI Target or different multiple target portal groups (of the same iSCSI Target or different
iSCSI Targets). The ISID RULE (Section 3.4.3 Consequences of the iSCSI Targets). The ISID RULE (Section 3.4.3 Consequences of the
Model) only prohibits reuse to the same target portal group. It does Model) only prohibits reuse to the same target portal group. It does
not "preclude" reuse to other target portal groups. not "preclude" reuse to other target portal groups.
The principle of conservative reuse "encourages" reuse to other The principle of conservative reuse "encourages" reuse to other
target portal groups. When a SCSI target device sees the same target portal groups. When a SCSI target device sees the same
(InitiatorName, ISID) pair in different sessions to different target (InitiatorName, ISID) pair in different sessions to different target
portal groups, it can identify the underlying SCSI Initiator Port on portal groups, it can identify the underlying SCSI Initiator Port on
Julian Satran Expires August 2003 102
iSCSI 19-January-03
each session as the same SCSI port. In effect, it can recognize each session as the same SCSI port. In effect, it can recognize
multiple paths from the same source. multiple paths from the same source.
9.1.2 iSCSI Name, ISID, and TPGT Use 9.1.2 iSCSI Name, ISID, and TPGT Use
The designers of the iSCSI protocol envisioned there being one iSCSI The designers of the iSCSI protocol envisioned there being one iSCSI
Initiator Node Name per operating system image on a machine. This Initiator Node Name per operating system image on a machine. This
enables SAN resource configuration and authentication schemes based enables SAN resource configuration and authentication schemes based
on a system's identity. It supports the notion that it should be on a system's identity. It supports the notion that it should be
possible to assign access to storage resources based on "initiator possible to assign access to storage resources based on "initiator
skipping to change at line 5407 skipping to change at line 5382
For targets, because of the closed environment, implementation of For targets, because of the closed environment, implementation of
this entity should be straightforward. However, vendors of iSCSI this entity should be straightforward. However, vendors of iSCSI
hardware (e.g., NICs or HBAs) intended for targets, SHOULD provide hardware (e.g., NICs or HBAs) intended for targets, SHOULD provide
mechanisms for configuration of the iSCSI Node Name across the mechanisms for configuration of the iSCSI Node Name across the
portal groups instantiated by multiple instances of these components portal groups instantiated by multiple instances of these components
within a target. within a target.
However, complex targets making use of multiple Target Portal Group However, complex targets making use of multiple Target Portal Group
Tags may reconfigure them to achieve various quality goals. The Tags may reconfigure them to achieve various quality goals. The
Julian Satran Expires June 2003 124
iSCSI 3-November-02
initiators have two mechanisms at their disposal to discover and/or initiators have two mechanisms at their disposal to discover and/or
check reconfiguring targets - the discovery session type and a key check reconfiguring targets - the discovery session type and a key
returned by the target during login to confirm the TPGT. An returned by the target during login to confirm the TPGT. An
initiator should attempt to "rediscover" the target configuration initiator should attempt to "rediscover" the target configuration
anytime a session is terminated unexpectedly. anytime a session is terminated unexpectedly.
For initiators, in the long term, it is expected that operating For initiators, in the long term, it is expected that operating
system vendors will take on the role of this entity and provide system vendors will take on the role of this entity and provide
standard APIs that can inform components of their iSCSI Node Name standard APIs that can inform components of their iSCSI Node Name
and can configure and/or coordinate ISID allocation, use, and reuse. and can configure and/or coordinate ISID allocation, use, and reuse.
skipping to change at line 5436 skipping to change at line 5407
creation and login. This may be done either by pointing the creation and login. This may be done either by pointing the
component to a vendor-specific location for this datum or to a component to a vendor-specific location for this datum or to a
system-wide location. The structure of the ISID namespace (see system-wide location. The structure of the ISID namespace (see
Section 10.12.5 ISID and [NDT]) facilitates implementation of the Section 10.12.5 ISID and [NDT]) facilitates implementation of the
ISID coordination by allowing each component vendor to independently ISID coordination by allowing each component vendor to independently
(of other vendor's components) coordinate allocation, use, and reuse (of other vendor's components) coordinate allocation, use, and reuse
of its own partition of the ISID namespace in a vendor-specific of its own partition of the ISID namespace in a vendor-specific
manner. Partitioning of the ISID namespace within initiator portal manner. Partitioning of the ISID namespace within initiator portal
groups managed by that vendor allows each such initiator portal groups managed by that vendor allows each such initiator portal
group to act independently of all other portal groups when selecting group to act independently of all other portal groups when selecting
Julian Satran Expires August 2003 103
iSCSI 19-January-03
an ISID for a login; this facilitates enforcement of the ISID RULE an ISID for a login; this facilitates enforcement of the ISID RULE
(see Section 3.4.3 Consequences of the Model) at the initiator. (see Section 3.4.3 Consequences of the Model) at the initiator.
A vendor of iSCSI hardware (e.g., NICs or HBAs) intended for use in A vendor of iSCSI hardware (e.g., NICs or HBAs) intended for use in
initiators MUST implement a mechanism for configuring the iSCSI Node initiators MUST implement a mechanism for configuring the iSCSI Node
Name. Vendors, and administrators must ensure that iSCSI Node Names Name. Vendors, and administrators must ensure that iSCSI Node Names
are unique worldwide. It is therefore important that when one are unique worldwide. It is therefore important that when one
chooses to reuse the iSCSI Node Name of a disabled unit, not to re- chooses to reuse the iSCSI Node Name of a disabled unit, not to re-
assign that name to the original unit unless its worldwide assign that name to the original unit unless its worldwide
uniqueness can be ascertained again. uniqueness can be ascertained again.
In addition, a vendor of iSCSI hardware must implement a mechanism In addition, a vendor of iSCSI hardware must implement a mechanism
to configure and/or coordinate ISIDs for all sessions managed by to configure and/or coordinate ISIDs for all sessions managed by
multiple instances of that hardware within a given iSCSI Node. Such multiple instances of that hardware within a given iSCSI Node. Such
configuration might be either permanently pre-assigned at the configuration might be either permanently pre-assigned at the
factory (in a necessarily globally unique way), statically assigned factory (in a necessarily globally unique way), statically assigned
(e.g., partitioned across all the NICs at initialization in a (e.g., partitioned across all the NICs at initialization in a
locally unique way), or dynamically assigned (e.g., on-line locally unique way), or dynamically assigned (e.g., on-line
Julian Satran Expires June 2003 125
iSCSI 3-November-02
allocator, also in a locally unique way). In the latter two cases, allocator, also in a locally unique way). In the latter two cases,
the configuration may be via public APIs (perhaps driven by an the configuration may be via public APIs (perhaps driven by an
independent vendor's software, such as the OS vendor) or via private independent vendor's software, such as the OS vendor) or via private
APIs driven by the vendor's own software. APIs driven by the vendor's own software.
9.2 Autosense and Auto Contingent Allegiance (ACA) 9.2 Autosense and Auto Contingent Allegiance (ACA)
Autosense refers to the automatic return of sense data to the Autosense refers to the automatic return of sense data to the
initiator in case a command did not complete successfully. iSCSI initiator in case a command did not complete successfully. iSCSI
initiators and targets MUST support and use autosense. initiators and targets MUST support and use autosense.
skipping to change at line 5482 skipping to change at line 5453
9.3 iSCSI Timeouts 9.3 iSCSI Timeouts
iSCSI recovery actions are often dependent on iSCSI time-outs being iSCSI recovery actions are often dependent on iSCSI time-outs being
recognized and acted upon before SCSI time-outs. Determining the recognized and acted upon before SCSI time-outs. Determining the
right time-outs to use for various iSCSI actions (command right time-outs to use for various iSCSI actions (command
acknowledgements expected, status acknowledgements, etc.) is very acknowledgements expected, status acknowledgements, etc.) is very
much dependent on infrastructure (hardware, links, TCP/IP stack, much dependent on infrastructure (hardware, links, TCP/IP stack,
iSCSI driver). As a guide, the implementer may use an average Nop- iSCSI driver). As a guide, the implementer may use an average Nop-
Out/Nop-In turnaround delay multiplied by a "safety factor" (e.g., Out/Nop-In turnaround delay multiplied by a "safety factor" (e.g.,
4) with a minimum of several milliseconds as a good estimate for the 4) as a good estimate for the basic delay of the iSCSI stack for a
basic delay of the iSCSI stack for a given connection. given connection. The safety factor should account for the network
load variability. For connection teardown the implementer may want
to consider also TCP common practice for the given infrastructure.
Text negotiations MAY also be subject to either time-limits or Text negotiations MAY also be subject to either time-limits or
limits in the number of exchanges. Those SHOULD be generous enough limits in the number of exchanges. Those SHOULD be generous enough
to avoid affecting interoperability (e.g., allowing each key to be to avoid affecting interoperability (e.g., allowing each key to be
negotiated on a separate exchange). negotiated on a separate exchange).
The relation between iSCSI timeouts and SCSI timeouts should also be The relation between iSCSI timeouts and SCSI timeouts should also be
considered. SCSI timeouts should be longer than iSCSI timeouts plus considered. SCSI timeouts should be longer than iSCSI timeouts plus
the time required for iSCSI recovery whenever iSCSI recovery is the time required for iSCSI recovery whenever iSCSI recovery is
planned. Alternatively, an implementer may choose to interlock iSCSI planned. Alternatively, an implementer may choose to interlock iSCSI
Julian Satran Expires August 2003 104
iSCSI 19-January-03
timeouts and recovery with SCSI timeouts so that SCSI recovery will timeouts and recovery with SCSI timeouts so that SCSI recovery will
become active only where iSCSI is not planned to, or failed to, become active only where iSCSI is not planned to, or failed to,
recover. recover.
The implementer may also want to consider the interaction between The implementer may also want to consider the interaction between
various iSCSI exception events - such as a digest failure - and various iSCSI exception events - such as a digest failure - and
subsequent timeouts. When iSCSI error recovery is active, a digest subsequent timeouts. When iSCSI error recovery is active, a digest
Julian Satran Expires June 2003 126
iSCSI 3-November-02
failure is likely to result in discovering a missing command or data failure is likely to result in discovering a missing command or data
PDU. In these cases, an implementer may want to lower the timeout PDU. In these cases, an implementer may want to lower the timeout
values to enable faster initiation for recovery procedures. values to enable faster initiation for recovery procedures.
9.4 Command Retry and Cleaning Old Command Instances 9.4 Command Retry and Cleaning Old Command Instances
To avoid having old, retried command instances appear in a valid To avoid having old, retried command instances appear in a valid
command window after a command sequence number wrap around, the command window after a command sequence number wrap around, the
protocol requires (see Section 3.2.2.1 Command Numbering and protocol requires (see Section 3.2.2.1 Command Numbering and
Acknowledging) that on every connection on which a retry has been Acknowledging) that on every connection on which a retry has been
skipping to change at line 5548 skipping to change at line 5521
Sequential access devices operate on the principle that the position Sequential access devices operate on the principle that the position
of the device is based on the last command processed. As such, of the device is based on the last command processed. As such,
command processing order and knowledge of whether or not the command processing order and knowledge of whether or not the
previous command was processed is of the utmost importance to previous command was processed is of the utmost importance to
maintain data integrity. For example, inadvertent retries of SCSI maintain data integrity. For example, inadvertent retries of SCSI
commands when it is not known if the previous SCSI command was commands when it is not known if the previous SCSI command was
processed is a potential data integrity risk. processed is a potential data integrity risk.
For a sequential access device, consider the scenario in which a For a sequential access device, consider the scenario in which a
SCSI SPACE command to backspace one filemark is issued and then re- SCSI SPACE command to backspace one filemark is issued and then re-
Julian Satran Expires June 2003 127
iSCSI 3-November-02
issued due to no status received for the command. If the first SPACE issued due to no status received for the command. If the first SPACE
command was actually processed, the re-issued SPACE command, if command was actually processed, the re-issued SPACE command, if
processed, will cause the position to change. Thus, a subsequent processed, will cause the position to change. Thus, a subsequent
write operation will write data to the wrong position and any write operation will write data to the wrong position and any
previous data at that position will be overwritten. previous data at that position will be overwritten.
Julian Satran Expires August 2003 105
iSCSI 19-January-03
For a medium changer device, consider the scenario in which an For a medium changer device, consider the scenario in which an
EXCHANGE MEDIUM command (the SOURCE ADDRESS and DESTINATION ADDRESS EXCHANGE MEDIUM command (the SOURCE ADDRESS and DESTINATION ADDRESS
are the same thus performing a swap) is issued and then re-issued are the same thus performing a swap) is issued and then re-issued
due to no status received for the command. If the first EXCHANGE due to no status received for the command. If the first EXCHANGE
MEDIUM command was actually processed, the re-issued EXCHANGE MEDIUM MEDIUM command was actually processed, the re-issued EXCHANGE MEDIUM
command, if processed, will perform the swap again. The net effect command, if processed, will perform the swap again. The net effect
is no swap was performed thus leaving a data integrity exposure. is no swap was performed thus leaving a data integrity exposure.
All commands that change the state of the device (as in SPACE All commands that change the state of the device (as in SPACE
commands for sequential access devices, and EXCHANGE MEDIUM for commands for sequential access devices, and EXCHANGE MEDIUM for
skipping to change at line 5590 skipping to change at line 5562
connection replacement while commands are running (e.g., during an connection replacement while commands are running (e.g., during an
extended copy operation). extended copy operation).
9.6.1 Determining the Proper ErrorRecoveryLevel 9.6.1 Determining the Proper ErrorRecoveryLevel
The implementation and use of a specific ErrorRecoveryLevel should The implementation and use of a specific ErrorRecoveryLevel should
be determined based on the deployment scenarios of a given iSCSI be determined based on the deployment scenarios of a given iSCSI
implementation. Generally, the following factors must be implementation. Generally, the following factors must be
considered before deciding on the proper level of recovery: considered before deciding on the proper level of recovery:
a) Application resilience to I/O failures. a) Application resilience to I/O failures.
b) Required level of availability in the face of transport b) Required level of availability in the face of transport
connection failures. connection failures.
Julian Satran Expires June 2003 128
iSCSI 3-November-02
c) Probability of transport layer "checksum escape". This in c) Probability of transport layer "checksum escape". This in
turn decides the iSCSI digest failure frequency, and thus the turn decides the iSCSI digest failure frequency, and thus the
criticality of iSCSI-level error recovery. The details of criticality of iSCSI-level error recovery. The details of
estimating this probability are outside the scope of this estimating this probability are outside the scope of this
document. document.
A consideration of the above factors for SCSI tape devices as an A consideration of the above factors for SCSI tape devices as an
example suggests that implementations SHOULD use example suggests that implementations SHOULD use
ErrorRecoveryLevel=1 when transport connection failure is not a ErrorRecoveryLevel=1 when transport connection failure is not a
concern and SCSI level recovery is unavailable, and concern and SCSI level recovery is unavailable, and
ErrorRecoveryLevel=2 when the connection failure is also of high ErrorRecoveryLevel=2 when the connection failure is also of high
likelihood during a backup/retrieval. likelihood during a backup/retrieval.
For extended copy operations, implementations SHOULD use For extended copy operations, implementations SHOULD use
ErrorRecoveryLevel=2 whenever there is a relatively high likelihood ErrorRecoveryLevel=2 whenever there is a relatively high likelihood
of connection failure. of connection failure.
Julian Satran Expires June 2003 129 Julian Satran Expires August 2003 106
iSCSI 3-November-02 iSCSI 19-January-03
10. iSCSI PDU Formats 10. iSCSI PDU Formats
All multi-byte integers that are specified in formats defined in All multi-byte integers that are specified in formats defined in
this document are to be represented in network byte order (i.e., big this document are to be represented in network byte order (i.e., big
endian). Any field that appears in this document assumes that the endian). Any field that appears in this document assumes that the
most significant byte is the lowest numbered byte and the most most significant byte is the lowest numbered byte and the most
significant bit (within byte or field) is the lowest numbered bit significant bit (within byte or field) is the lowest numbered bit
unless specified otherwise. unless specified otherwise.
skipping to change at line 5654 skipping to change at line 5622
data segment. After the entire header segment group a header-digest data segment. After the entire header segment group a header-digest
MAY follow. The data segment MAY also be followed by a data-digest. MAY follow. The data segment MAY also be followed by a data-digest.
The Basic Header Segment (BHS) is the first segment in all of the The Basic Header Segment (BHS) is the first segment in all of the
iSCSI PDUs. The BHS is a fixed-length 48-byte header segment. It MAY iSCSI PDUs. The BHS is a fixed-length 48-byte header segment. It MAY
be followed by Additional Header Segments (AHS), a Header-Digest, a be followed by Additional Header Segments (AHS), a Header-Digest, a
Data Segment, and/or a Data-Digest. Data Segment, and/or a Data-Digest.
The overall structure of an iSCSI PDU is as follows: The overall structure of an iSCSI PDU is as follows:
Julian Satran Expires June 2003 130
iSCSI 3-November-02
Byte/ 0 | 1 | 2 | 3 | Byte/ 0 | 1 | 2 | 3 |
/ | | | | / | | | |
|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7| |0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
0/ Basic Header Segment (BHS) / 0/ Basic Header Segment (BHS) /
+/ / +/ /
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
48/ Additional Header Segment 1 (AHS) (optional) / 48/ Additional Header Segment 1 (AHS) (optional) /
+/ / +/ /
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
/ Additional Header Segment 2 (AHS) (optional) / / Additional Header Segment 2 (AHS) (optional) /
+/ / +/ /
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
---- ----
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
/ Additional Header Segment n (AHS) (optional) / / Additional Header Segment n (AHS) (optional) /
+/ / +/ /
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
Julian Satran Expires August 2003 107
iSCSI 19-January-03
---- ----
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
k/ Header-Digest (optional) / k/ Header-Digest (optional) /
+/ / +/ /
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
l/ Data Segment(optional) / l/ Data Segment(optional) /
+/ / +/ /
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
m/ Data-Digest (optional) / m/ Data-Digest (optional) /
+/ / +/ /
skipping to change at line 5701 skipping to change at line 5670
iSCSI response PDUs do not have AH Segments. iSCSI response PDUs do not have AH Segments.
10.2.1 Basic Header Segment (BHS) 10.2.1 Basic Header Segment (BHS)
The BHS is 48 bytes long. The Opcode and DataSegmentLength fields The BHS is 48 bytes long. The Opcode and DataSegmentLength fields
appear in all iSCSI PDUs. In addition, when used, the Initiator Task appear in all iSCSI PDUs. In addition, when used, the Initiator Task
Tag and Logical Unit Number always appear in the same location in Tag and Logical Unit Number always appear in the same location in
the header. the header.
Julian Satran Expires June 2003 131
iSCSI 3-November-02
The format of the BHS is: The format of the BHS is:
Byte/ 0 | 1 | 2 | 3 | Byte/ 0 | 1 | 2 | 3 |
/ | | | | / | | | |
|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7| |0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
0|.|I| Opcode |F| Opcode-specific fields | 0|.|I| Opcode |F| Opcode-specific fields |
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
4|TotalAHSLength | DataSegmentLength | 4|TotalAHSLength | DataSegmentLength |
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
skipping to change at line 5734 skipping to change at line 5700
10.2.1.1 I 10.2.1.1 I
For request PDUs, the I bit set to 1 is an immediate delivery For request PDUs, the I bit set to 1 is an immediate delivery
marker. marker.
10.2.1.2 Opcode 10.2.1.2 Opcode
The Opcode indicates the type of iSCSI PDU the header encapsulates. The Opcode indicates the type of iSCSI PDU the header encapsulates.
Julian Satran Expires August 2003 108
iSCSI 19-January-03
The Opcodes are divided into two categories: initiator opcodes and The Opcodes are divided into two categories: initiator opcodes and
target opcodes. Initiator opcodes are in PDUs sent by the initiator target opcodes. Initiator opcodes are in PDUs sent by the initiator
(request PDUs). Target opcodes are in PDUs sent by the target (request PDUs). Target opcodes are in PDUs sent by the target
(response PDUs). (response PDUs).
Initiators MUST NOT use target opcodes and targets MUST NOT use Initiators MUST NOT use target opcodes and targets MUST NOT use
initiator opcodes. initiator opcodes.
Initiator opcodes defined in this specification are: Initiator opcodes defined in this specification are:
Julian Satran Expires June 2003 132
iSCSI 3-November-02
0x00 NOP-Out 0x00 NOP-Out
0x01 SCSI Command (encapsulates a SCSI Command Descriptor Block) 0x01 SCSI Command (encapsulates a SCSI Command Descriptor Block)
0x02 SCSI Task Management function request 0x02 SCSI Task Management function request
0x03 Login Request 0x03 Login Request
0x04 Text Request 0x04 Text Request
0x05 SCSI Data-out (for WRITE operations) 0x05 SCSI Data-out (for WRITE operations)
0x06 Logout Request 0x06 Logout Request
0x10 SNACK Request 0x10 SNACK Request
0x1c-0x1e Vendor specific codes 0x1c-0x1e Vendor specific codes
skipping to change at line 5789 skipping to change at line 5755
10.2.1.4 Opcode-specific Fields 10.2.1.4 Opcode-specific Fields
These fields have different meanings for different opcode types. These fields have different meanings for different opcode types.
10.2.1.5 TotalAHSLength 10.2.1.5 TotalAHSLength
Total length of all AHS header segments in units of four byte words Total length of all AHS header segments in units of four byte words
including padding, if any. including padding, if any.
Julian Satran Expires August 2003 109
iSCSI 19-January-03
The TotalAHSLength is only used in PDUs that have an AHS and MUST be The TotalAHSLength is only used in PDUs that have an AHS and MUST be
0 in all other PDUs. 0 in all other PDUs.
Julian Satran Expires June 2003 133
iSCSI 3-November-02
10.2.1.6 DataSegmentLength 10.2.1.6 DataSegmentLength
This is the data segment payload length in bytes (excluding This is the data segment payload length in bytes (excluding
padding). The DataSegmentLength MUST be 0 whenever the PDU has no padding). The DataSegmentLength MUST be 0 whenever the PDU has no
data segment. data segment.
10.2.1.7 LUN 10.2.1.7 LUN
Some opcodes operate on a specific Logical Unit. The Logical Unit Some opcodes operate on a specific Logical Unit. The Logical Unit
Number (LUN) field identifies which Logical Unit. If the opcode does Number (LUN) field identifies which Logical Unit. If the opcode does
skipping to change at line 5826 skipping to change at line 5792
SCSI may also use the initiator task tag as part of the SCSI task SCSI may also use the initiator task tag as part of the SCSI task
identifier when the timespan during which an iSCSI initiator task identifier when the timespan during which an iSCSI initiator task
tag must be unique extends over the timespan during which a SCSI tag must be unique extends over the timespan during which a SCSI
task tag must be unique. However, the iSCSI Initiator Task Tag must task tag must be unique. However, the iSCSI Initiator Task Tag must
exist and be unique even for untagged SCSI commands. exist and be unique even for untagged SCSI commands.
10.2.2 Additional Header Segment (AHS) 10.2.2 Additional Header Segment (AHS)
The general format of an AHS is: The general format of an AHS is:
Julian Satran Expires June 2003 134
iSCSI 3-November-02
Byte/ 0 | 1 | 2 | 3 | Byte/ 0 | 1 | 2 | 3 |
/ | | | | / | | | |
|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7| |0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
0| AHSLength | AHSType | AHS-Specific | 0| AHSLength | AHSType | AHS-Specific |
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
4/ AHS-Specific / 4/ AHS-Specific /
+/ / +/ /
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
x x
skipping to change at line 5851 skipping to change at line 5814
The AHSType field is coded as follows: The AHSType field is coded as follows:
bit 0-1 - Reserved bit 0-1 - Reserved
bit 2-7 - AHS code bit 2-7 - AHS code
0 - Reserved 0 - Reserved
1 - Extended CDB 1 - Extended CDB
2 - Expected Bidirectional Read Data Length 2 - Expected Bidirectional Read Data Length
Julian Satran Expires August 2003 110
iSCSI 19-January-03
3 - 63 Reserved 3 - 63 Reserved
10.2.2.2 AHSLength 10.2.2.2 AHSLength
This field contains the effective length in bytes of the AHS This field contains the effective length in bytes of the AHS
excluding AHSType and AHSLength and padding, if any. The AHS is excluding AHSType and AHSLength and padding, if any. The AHS is
padded to the smallest integer number of 4 byte words (i.e., from 0 padded to the smallest integer number of 4 byte words (i.e., from 0
up to 3 padding bytes). up to 3 padding bytes).
10.2.2.3 Extended CDB AHS 10.2.2.3 Extended CDB AHS
The format of the Extended CDB AHS is: The format of the Extended CDB AHS is:
Julian Satran Expires June 2003 135
iSCSI 3-November-02
Byte/ 0 | 1 | 2 | 3 | Byte/ 0 | 1 | 2 | 3 |
/ | | | | / | | | |
|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7| |0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
0| AHSLength (CDBLength-15) | 0x01 | Reserved | 0| AHSLength (CDBLength-15) | 0x01 | Reserved |
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
4/ ExtendedCDB...+padding / 4/ ExtendedCDB...+padding /
+/ / +/ /
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
x x
skipping to change at line 5909 skipping to change at line 5873
and data, respectively. The digests, if present, are located, and data, respectively. The digests, if present, are located,
respectively, after the header and PDU-specific data, and cover the respectively, after the header and PDU-specific data, and cover the
proper data and the padding bytes. proper data and the padding bytes.
The existence and type of digests are negotiated during the Login The existence and type of digests are negotiated during the Login
Phase. Phase.
The separation of the header and data digests is useful in iSCSI The separation of the header and data digests is useful in iSCSI
routing applications, in which only the header changes when a routing applications, in which only the header changes when a
Julian Satran Expires June 2003 136 Julian Satran Expires August 2003 111
iSCSI 3-November-02 iSCSI 19-January-03
message is forwarded. In this case, only the header digest should be message is forwarded. In this case, only the header digest should be
recalculated. recalculated.
Digests are not included in data or header length fields. Digests are not included in data or header length fields.
A zero-length Data Segment also implies a zero-length data-digest. A zero-length Data Segment also implies a zero-length data-digest.
10.2.4 Data Segment 10.2.4 Data Segment
The (optional) Data Segment contains PDU associated data. Its The (optional) Data Segment contains PDU associated data. Its
payload effective length is provided in the BHS field - payload effective length is provided in the BHS field -
DataSegmentLength. The Data Segment is also padded to an integer DataSegmentLength. The Data Segment is also padded to an integer
number of 4 byte words. number of 4 byte words.
Julian Satran Expires June 2003 137 Julian Satran Expires August 2003 112
iSCSI 3-November-02 iSCSI 19-January-03
10.3 SCSI Command 10.3 SCSI Command
The format of the SCSI Command PDU is: The format of the SCSI Command PDU is:
Byte/ 0 | 1 | 2 | 3 | Byte/ 0 | 1 | 2 | 3 |
/ | | | | / | | | |
|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7| |0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
0|.|I| 0x01 |F|R|W|. .|ATTR | Reserved | 0|.|I| 0x01 |F|R|W|. .|ATTR | Reserved |
skipping to change at line 5971 skipping to change at line 5935
+/ / +/ /
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
z/ Data Digest (Optional) / z/ Data Digest (Optional) /
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
10.3.1 Flags and Task Attributes (byte 1) 10.3.1 Flags and Task Attributes (byte 1)
The flags for a SCSI Command are: The flags for a SCSI Command are:
bit 0 (F) is set to 1 when no unsolicited SCSI Data-Out PDUs bit 0 (F) is set to 1 when no unsolicited SCSI Data-Out PDUs
follow this PDU. When F=1 for a write and if Expected Data follow this PDU. When F=1 for a write and if Expected Data
Julian Satran Expires June 2003 138
iSCSI 3-November-02
Transfer Length is larger than the DataSegmentLength, the Transfer Length is larger than the DataSegmentLength, the
target may solicit additional data through R2T. target may solicit additional data through R2T.
bit 1 (R) is set to 1 when the command is expected to input bit 1 (R) is set to 1 when the command is expected to input
data. data.
bit 2 (W) is set to 1 when the command is expected to output bit 2 (W) is set to 1 when the command is expected to output
data. data.
bit 3-4 Reserved. bit 3-4 Reserved.
bit 5-7 contains Task Attributes. bit 5-7 contains Task Attributes.
Julian Satran Expires August 2003 113
iSCSI 19-January-03
Task Attributes (ATTR) have one of the following integer values (see Task Attributes (ATTR) have one of the following integer values (see
[SAM2] for details): [SAM2] for details):
0 - Untagged 0 - Untagged
1 - Simple 1 - Simple
2 - Ordered 2 - Ordered
3 - Head of Queue 3 - Head of Queue
4 - ACA 4 - ACA
5-7 - Reserved 5-7 - Reserved
skipping to change at line 6017 skipping to change at line 5980
10.3.2 CmdSN - Command Sequence Number 10.3.2 CmdSN - Command Sequence Number
Enables ordered delivery across multiple connections in a single Enables ordered delivery across multiple connections in a single
session. session.
10.3.3 ExpStatSN 10.3.3 ExpStatSN
Command responses up to ExpStatSN-1 (mod 2**32) have been received Command responses up to ExpStatSN-1 (mod 2**32) have been received
(acknowledges status) on the connection. (acknowledges status) on the connection.
Julian Satran Expires June 2003 139
iSCSI 3-November-02
10.3.4 Expected Data Transfer Length 10.3.4 Expected Data Transfer Length
For unidirectional operations, the Expected Data Transfer Length For unidirectional operations, the Expected Data Transfer Length
field contains the number of bytes of data involved in this SCSI field contains the number of bytes of data involved in this SCSI
operation. For a unidirectional write operation (W flag set to 1 and operation. For a unidirectional write operation (W flag set to 1 and
R flag set to 0), the initiator uses this field to specify the R flag set to 0), the initiator uses this field to specify the
number of bytes of data it expects to transfer for this operation. number of bytes of data it expects to transfer for this operation.
For a unidirectional read operation (W flag set to 0 and R flag set For a unidirectional read operation (W flag set to 0 and R flag set
to 1), the initiator uses this field to specify the number of bytes to 1), the initiator uses this field to specify the number of bytes
of data it expects the target to transfer to the initiator. It of data it expects the target to transfer to the initiator. It
skipping to change at line 6047 skipping to change at line 6007
Transfer Length field and the Bidirectional Read Expected Data Transfer Length field and the Bidirectional Read Expected Data
Transfer Length field correspond to the SAM2 byte count Transfer Length field correspond to the SAM2 byte count
If the Expected Data Transfer Length for a write and the length of If the Expected Data Transfer Length for a write and the length of
the immediate data part that follows the command (if any) are the the immediate data part that follows the command (if any) are the
same, then no more data PDUs are expected to follow. In this case, same, then no more data PDUs are expected to follow. In this case,
the F bit MUST be set to 1. the F bit MUST be set to 1.
If the Expected Data Transfer Length is higher than the If the Expected Data Transfer Length is higher than the
FirstBurstLength (the negotiated maximum amount of unsolicited data FirstBurstLength (the negotiated maximum amount of unsolicited data
Julian Satran Expires August 2003 114
iSCSI 19-January-03
the target will accept), the initiator MUST send the maximum amount the target will accept), the initiator MUST send the maximum amount
of unsolicited data OR ONLY the immediate data, if any. of unsolicited data OR ONLY the immediate data, if any.
Upon completion of a data transfer, the target informs the initiator Upon completion of a data transfer, the target informs the initiator
(through residual counts) of how many bytes were actually processed (through residual counts) of how many bytes were actually processed
(sent and/or received) by the target. (sent and/or received) by the target.
10.3.5 CDB - SCSI Command Descriptor Block 10.3.5 CDB - SCSI Command Descriptor Block
There are 16 bytes in the CDB field to accommodate the commonly used There are 16 bytes in the CDB field to accommodate the commonly used
CDBs. Whenever the CDB is larger than 16 bytes, an Extended CDB AHS CDBs. Whenever the CDB is larger than 16 bytes, an Extended CDB AHS
MUST be used to contain the CDB spillover. MUST be used to contain the CDB spillover.
Julian Satran Expires June 2003 140
iSCSI 3-November-02
10.3.6 Data Segment - Command Data 10.3.6 Data Segment - Command Data
Some SCSI commands require additional parameter data to accompany Some SCSI commands require additional parameter data to accompany
the SCSI command. This data may be placed beyond the boundary of the the SCSI command. This data may be placed beyond the boundary of the
iSCSI header in a data segment. Alternatively, user data (e.g., iSCSI header in a data segment. Alternatively, user data (e.g.,
from a WRITE operation) can be placed in the data segment (both from a WRITE operation) can be placed in the data segment (both
cases are referred to as immediate data). These data are governed by cases are referred to as immediate data). These data are governed by
the rules for solicited vs. unsolicited data outlined in Section the rules for solicited vs. unsolicited data outlined in Section
3.2.4.2 Data Transfer Overview. 3.2.4.2 Data Transfer Overview.
Julian Satran Expires June 2003 141 Julian Satran Expires August 2003 115
iSCSI 3-November-02 iSCSI 19-January-03
10.4 SCSI Response 10.4 SCSI Response
The format of the SCSI Response PDU is: The format of the SCSI Response PDU is:
Byte/ 0 | 1 | 2 | 3 | Byte/ 0 | 1 | 2 | 3 |
/ | | | | / | | | |
|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7| |0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
0|.|.| 0x21 |1|. .|o|u|O|U|.| Response | Status | 0|.|.| 0x21 |1|. .|o|u|O|U|.| Response | Status |
skipping to change at line 6120 skipping to change at line 6081
/ Data Segment (Optional) / / Data Segment (Optional) /
+/ / +/ /
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
| Data-Digest (Optional) | | Data-Digest (Optional) |
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
10.4.1 Flags (byte 1) 10.4.1 Flags (byte 1)
bit 1-2 Reserved. bit 1-2 Reserved.
Julian Satran Expires June 2003 142
iSCSI 3-November-02
bit 3 - (o) set for Bidirectional Read Residual Overflow. In bit 3 - (o) set for Bidirectional Read Residual Overflow. In
this case, the Bidirectional Read Residual Count indicates the this case, the Bidirectional Read Residual Count indicates the
number of bytes that were not transferred to the initiator number of bytes that were not transferred to the initiator
because the initiator's Expected Bidirectional Read Data because the initiator's Expected Bidirectional Read Data
Transfer Length was not sufficient. Transfer Length was not sufficient.
bit 4 - (u) set for Bidirectional Read Residual Underflow. In bit 4 - (u) set for Bidirectional Read Residual Underflow. In
this case, the Bidirectional Read Residual Count indicates the this case, the Bidirectional Read Residual Count indicates the
number of bytes that were not transferred to the initiator out number of bytes that were not transferred to the initiator out
of the number of bytes expected to be transferred. of the number of bytes expected to be transferred.
Julian Satran Expires August 2003 116
iSCSI 19-January-03
bit 5 - (O) set for Residual Overflow. In this case, the bit 5 - (O) set for Residual Overflow. In this case, the
Residual Count indicates the number of bytes that were not Residual Count indicates the number of bytes that were not
transferred because the initiator's Expected Data Transfer transferred because the initiator's Expected Data Transfer
Length was not sufficient. For a bidirectional operation, the Length was not sufficient. For a bidirectional operation, the
Residual Count contains the residual for the write operation. Residual Count contains the residual for the write operation.
bit 6 - (U) set for Residual Underflow. In this case, the bit 6 - (U) set for Residual Underflow. In this case, the
Residual Count indicates the number of bytes that were not Residual Count indicates the number of bytes that were not
transferred out of the number of bytes that were expected to transferred out of the number of bytes that were expected to
be transferred. For a bidirectional operation, the Residual be transferred. For a bidirectional operation, the Residual
skipping to change at line 6171 skipping to change at line 6132
0x00 GOOD 0x00 GOOD
0x02 CHECK CONDITION 0x02 CHECK CONDITION
0x08 BUSY 0x08 BUSY
0x18 RESERVATION CONFLICT 0x18 RESERVATION CONFLICT
0x28 TASK SET FULL 0x28 TASK SET FULL
0x30 ACA ACTIVE 0x30 ACA ACTIVE
0x40 TASK ABORTED 0x40 TASK ABORTED
See [SAM2] for the complete list and definitions. See [SAM2] for the complete list and definitions.
Julian Satran Expires June 2003 143
iSCSI 3-November-02
If a SCSI device error is detected while data from the initiator is If a SCSI device error is detected while data from the initiator is
still expected (the command PDU did not contain all the data and the still expected (the command PDU did not contain all the data and the
target has not received a Data PDU with the final bit Set), the target has not received a Data PDU with the final bit Set), the
target MUST wait until it receives a Data PDU with the F bit set in target MUST wait until it receives a Data PDU with the F bit set in
the last expected sequence before sending the Response PDU. the last expected sequence before sending the Response PDU.
10.4.3 Response 10.4.3 Response
This field contains the iSCSI service response. This field contains the iSCSI service response.
iSCSI service response codes defined in this specification are: iSCSI service response codes defined in this specification are:
0x00 - Command Completed at Target 0x00 - Command Completed at Target
0x01 - Target Failure 0x01 - Target Failure
0x80-0xff - Vendor specific 0x80-0xff - Vendor specific
All other response codes are reserved. All other response codes are reserved.
Julian Satran Expires August 2003 117
iSCSI 19-January-03
The Response is used to report a Service Response. The mapping of The Response is used to report a Service Response. The mapping of
the response code into a SCSI service response code value, if the response code into a SCSI service response code value, if
needed, is outside the scope of this document. However, in symbolic needed, is outside the scope of this document. However, in symbolic
terms response value 0x00 maps to the SCSI service response (see terms response value 0x00 maps to the SCSI service response (see
[SAM2] and [SPC3]) of TASK COMPLETE or LINKED COMMAND COMPLETE. All [SAM2] and [SPC3]) of TASK COMPLETE or LINKED COMMAND COMPLETE. All
other Response values map to the SCSI service response of SERVICE other Response values map to the SCSI service response of SERVICE
DELIVERY OR TARGET FAILURE. DELIVERY OR TARGET FAILURE.
If a SCSI Response PDU does not arrive before the session is If a SCSI Response PDU does not arrive before the session is
terminated, the SCSI service response is SERVICE DELIVERY OR TARGET terminated, the SCSI service response is SERVICE DELIVERY OR TARGET
skipping to change at line 6216 skipping to change at line 6177
10.4.4 SNACK Tag 10.4.4 SNACK Tag
This field contains a copy of the SNACK Tag of the last SNACK Tag This field contains a copy of the SNACK Tag of the last SNACK Tag
accepted by the target on the same connection and for the command accepted by the target on the same connection and for the command
for which the response is issued. Otherwise it is reserved and for which the response is issued. Otherwise it is reserved and
should be set to 0. should be set to 0.
After issuing a R-Data SNACK the initiator must discard any SCSI After issuing a R-Data SNACK the initiator must discard any SCSI
status unless contained in an SCSI Response PDU carrying the same status unless contained in an SCSI Response PDU carrying the same
Julian Satran Expires June 2003 144
iSCSI 3-November-02
SNACK Tag as the last issued R-Data SNACK for the SCSI command on SNACK Tag as the last issued R-Data SNACK for the SCSI command on
the current connection. the current connection.
For a detailed discussion on R-Data SNACK see Section 10.16 SNACK For a detailed discussion on R-Data SNACK see Section 10.16 SNACK
Request. Request.
10.4.5 Residual Count 10.4.5 Residual Count
The Residual Count field MUST be valid in the case where either the The Residual Count field MUST be valid in the case where either the
U bit or the O bit is set. If neither bit is set, the Residual Count U bit or the O bit is set. If neither bit is set, the Residual Count
skipping to change at line 6253 skipping to change at line 6210
set, the Bidirectional Read Residual Count field is reserved. set, the Bidirectional Read Residual Count field is reserved.
Targets may set the Bidirectional Read Residual Count and initiators Targets may set the Bidirectional Read Residual Count and initiators
may use it when the response code is "completed at target". If the o may use it when the response code is "completed at target". If the o
bit is set, the Bidirectional Read Residual Count indicates the bit is set, the Bidirectional Read Residual Count indicates the
number of bytes that were not transferred to the initiator because number of bytes that were not transferred to the initiator because
the initiator's Expected Bidirectional Read Transfer Length was not the initiator's Expected Bidirectional Read Transfer Length was not
sufficient. If the u bit is set, the Bidirectional Read Residual sufficient. If the u bit is set, the Bidirectional Read Residual
Count indicates the number of bytes that were not transferred to the Count indicates the number of bytes that were not transferred to the
initiator out of the number of bytes expected to be transferred. initiator out of the number of bytes expected to be transferred.
Julian Satran Expires August 2003 118
iSCSI 19-January-03
10.4.7 Data Segment - Sense and Response Data Segment 10.4.7 Data Segment - Sense and Response Data Segment
iSCSI targets MUST support and enable autosense. If Status is CHECK iSCSI targets MUST support and enable autosense. If Status is CHECK
CONDITION (0x02), then the Data Segment MUST contain sense data for CONDITION (0x02), then the Data Segment MUST contain sense data for
the failed command. the failed command.
For some iSCSI responses, the response data segment MAY contain some For some iSCSI responses, the response data segment MAY contain some
response related information, (e.g., for a target failure, it may response related information, (e.g., for a target failure, it may
contain a vendor specific detailed description of the failure). contain a vendor specific detailed description of the failure).
Julian Satran Expires June 2003 145
iSCSI 3-November-02
If the DataSegmentLength is not 0, the format of the Data Segment is If the DataSegmentLength is not 0, the format of the Data Segment is
as follows: as follows:
Byte/ 0 | 1 | 2 | 3 | Byte/ 0 | 1 | 2 | 3 |
/ | | | | / | | | |
|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7| |0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
0|SenseLength | Sense Data | 0|SenseLength | Sense Data |
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
x/ Sense Data / x/ Sense Data /
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
skipping to change at line 6294 skipping to change at line 6251
10.4.7.2 Sense Data 10.4.7.2 Sense Data
The Sense Data contains detailed information about a check condition The Sense Data contains detailed information about a check condition
and [SPC3] specifies the format and content of the Sense Data. and [SPC3] specifies the format and content of the Sense Data.
Certain iSCSI conditions result in the command being terminated at Certain iSCSI conditions result in the command being terminated at
the target (response Command Completed at Target) with a SCSI Check the target (response Command Completed at Target) with a SCSI Check
Condition Status as outlined in the next table: Condition Status as outlined in the next table:
Julian Satran Expires June 2003 146
iSCSI 3-November-02
+--------------------------+----------+---------------------------+ +--------------------------+----------+---------------------------+
| iSCSI Condition |Sense | Additional Sense Code & | | iSCSI Condition |Sense | Additional Sense Code & |
| |Key | Qualifier | | |Key | Qualifier |
+--------------------------+----------+---------------------------+ +--------------------------+----------+---------------------------+
| Unexpected unsolicited |Aborted | ASC = 0x0c ASCQ = 0x0c | | Unexpected unsolicited |Aborted | ASC = 0x0c ASCQ = 0x0c |
| data |Command-0B| Write Error | | data |Command-0B| Write Error |
+--------------------------+----------+---------------------------+ +--------------------------+----------+---------------------------+
| Incorrect amount of data |Aborted | ASC = 0x0c ASCQ = 0x0d | | Incorrect amount of data |Aborted | ASC = 0x0c ASCQ = 0x0d |
| |Command-0B| Write Error | | |Command-0B| Write Error |
+--------------------------+----------+---------------------------+ +--------------------------+----------+---------------------------+
| Protocol Service CRC |Aborted | ASC = 0x47 ASCQ = 0x05 | | Protocol Service CRC |Aborted | ASC = 0x47 ASCQ = 0x05 |
| error |Command-0B| CRC Error Detected | | error |Command-0B| CRC Error Detected |
+--------------------------+----------+---------------------------+ +--------------------------+----------+---------------------------+
| SNACK rejected |Aborted | ASC = 0x11 ASCQ = 0x13 | | SNACK rejected |Aborted | ASC = 0x11 ASCQ = 0x13 |
| |Command-0B| Read Error | | |Command-0B| Read Error |
+--------------------------+----------+---------------------------+ +--------------------------+----------+---------------------------+
Julian Satran Expires August 2003 119
iSCSI 19-January-03
The target reports the "Incorrect amount of data" condition if The target reports the "Incorrect amount of data" condition if
during data output the total data length to output is greater than during data output the total data length to output is greater than
FirstBurstLength and the initiator sent unsolicited non-immediate FirstBurstLength and the initiator sent unsolicited non-immediate
data but the total amount of unsolicited data is different than data but the total amount of unsolicited data is different than
FirstBurstLength. The target reports the same error when the amount FirstBurstLength. The target reports the same error when the amount
of data sent as a reply to an R2T does not match the amount of data sent as a reply to an R2T does not match the amount
requested. requested.
10.4.8 ExpDataSN 10.4.8 ExpDataSN
skipping to change at line 6340 skipping to change at line 6297
10.4.9 StatSN - Status Sequence Number 10.4.9 StatSN - Status Sequence Number
StatSN is a Sequence Number that the target iSCSI layer generates StatSN is a Sequence Number that the target iSCSI layer generates
per connection and that in turn, enables the initiator to per connection and that in turn, enables the initiator to
acknowledge status reception. StatSN is incremented by 1 for every acknowledge status reception. StatSN is incremented by 1 for every
response/status sent on a connection except for responses sent as a response/status sent on a connection except for responses sent as a
result of a retry or SNACK. In the case of responses sent due to a result of a retry or SNACK. In the case of responses sent due to a
retransmission request, the StatSN MUST be the same as the first retransmission request, the StatSN MUST be the same as the first
time the PDU was sent unless the connection has since been time the PDU was sent unless the connection has since been
restarted. restarted.
Julian Satran Expires June 2003 147
iSCSI 3-November-02
10.4.10 ExpCmdSN - Next Expected CmdSN from this Initiator 10.4.10 ExpCmdSN - Next Expected CmdSN from this Initiator
ExpCmdSN is a Sequence Number that the target iSCSI returns to the ExpCmdSN is a Sequence Number that the target iSCSI returns to the
initiator to acknowledge command reception. It is used to update a initiator to acknowledge command reception. It is used to update a
local variable with the same name. An ExpCmdSN equal to MaxCmdSN+1 local variable with the same name. An ExpCmdSN equal to MaxCmdSN+1
indicates that the target cannot accept new commands. indicates that the target cannot accept new commands.
10.4.11 MaxCmdSN - Maximum CmdSN from this Initiator 10.4.11 MaxCmdSN - Maximum CmdSN from this Initiator
MaxCmdSN is a Sequence Number that the target iSCSI returns to the MaxCmdSN is a Sequence Number that the target iSCSI returns to the
initiator to indicate the maximum CmdSN the initiator can send. It initiator to indicate the maximum CmdSN the initiator can send. It
is used to update a local variable with the same name. If MaxCmdSN is used to update a local variable with the same name. If MaxCmdSN
is equal to ExpCmdSN-1, this indicates to the initiator that the is equal to ExpCmdSN-1, this indicates to the initiator that the
target cannot receive any additional commands. When MaxCmdSN changes target cannot receive any additional commands. When MaxCmdSN changes
at the target while the target has no pending PDUs to convey this at the target while the target has no pending PDUs to convey this
information to the initiator, it MUST generate a NOP-IN to carry the information to the initiator, it MUST generate a NOP-IN to carry the
new MaxCmdSN. new MaxCmdSN.
Julian Satran Expires June 2003 148 Julian Satran Expires August 2003 120
iSCSI 3-November-02 iSCSI 19-January-03
10.5 Task Management Function Request 10.5 Task Management Function Request
Byte/ 0 | 1 | 2 | 3 | Byte/ 0 | 1 | 2 | 3 |
/ | | | | / | | | |
|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7| |0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
0|.|I| 0x02 |1| Function | Reserved | 0|.|I| 0x02 |1| Function | Reserved |
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
4|TotalAHSLength | DataSegmentLength | 4|TotalAHSLength | DataSegmentLength |
skipping to change at line 6410 skipping to change at line 6363
explicitly control the execution of one or more Tasks (SCSI and explicitly control the execution of one or more Tasks (SCSI and
iSCSI tasks). The Task Management function codes are listed below. iSCSI tasks). The Task Management function codes are listed below.
For a more detailed description of SCSI task management, see [SAM2]. For a more detailed description of SCSI task management, see [SAM2].
1 - ABORT TASK - aborts the task identified by the Referenced 1 - ABORT TASK - aborts the task identified by the Referenced
Task Tag field. Task Tag field.
2 - ABORT TASK SET - aborts all Tasks issued via this session 2 - ABORT TASK SET - aborts all Tasks issued via this session
on the logical unit. on the logical unit.
Julian Satran Expires June 2003 149
iSCSI 3-November-02
3 - CLEAR ACA - clears the Auto Contingent Allegiance 3 - CLEAR ACA - clears the Auto Contingent Allegiance
condition. condition.
4 - CLEAR TASK SET - aborts all Tasks in the appropriate task 4 - CLEAR TASK SET - aborts all Tasks in the appropriate task
set as defined by the TST field in the Control mode page (see set as defined by the TST field in the Control mode page (see
[SPC3]). [SPC3]).
5 - LOGICAL UNIT RESET 5 - LOGICAL UNIT RESET
6 - TARGET WARM RESET 6 - TARGET WARM RESET
Julian Satran Expires August 2003 121
iSCSI 19-January-03
7 - TARGET COLD RESET 7 - TARGET COLD RESET
8 - TASK REASSIGN - reassigns connection allegiance for the 8 - TASK REASSIGN - reassigns connection allegiance for the
task identified by the Initiator Task Tag field to this task identified by the Initiator Task Tag field to this
connection, thus resuming the iSCSI exchanges for the task. connection, thus resuming the iSCSI exchanges for the task.
For all these functions, the Task Management function response MUST For all these functions, the Task Management function response MUST
be returned as detailed in Section 10.6 Task Management Function be returned as detailed in Section 10.6 Task Management Function
Response. All these functions apply to the referenced tasks Response. All these functions apply to the referenced tasks
regardless of whether they are proper SCSI tasks or tagged iSCSI regardless of whether they are proper SCSI tasks or tagged iSCSI
skipping to change at line 6458 skipping to change at line 6411
response. The iSCSI initiator MAY deliver to the SCSI layer all response. The iSCSI initiator MAY deliver to the SCSI layer all
responses received before the Task Management response (i.e., it is responses received before the Task Management response (i.e., it is
a matter of implementation if the SCSI responses, received before a matter of implementation if the SCSI responses, received before
the Task Management response but after the task management request the Task Management response but after the task management request
was issued, are delivered to the SCSI layer by the iSCSI layer in was issued, are delivered to the SCSI layer by the iSCSI layer in
the initiator). The iSCSI target MUST ensure that no responses for the initiator). The iSCSI target MUST ensure that no responses for
the tasks covered by a task management function are delivered to the the tasks covered by a task management function are delivered to the
iSCSI initiator after the Task Management response except for a task iSCSI initiator after the Task Management response except for a task
covered by a TASK REASSIGN. covered by a TASK REASSIGN.
Julian Satran Expires June 2003 150
iSCSI 3-November-02
For ABORT TASK SET and CLEAR TASK SET, the issuing initiator MUST For ABORT TASK SET and CLEAR TASK SET, the issuing initiator MUST
continue to respond to all valid target transfer tags (received via continue to respond to all valid target transfer tags (received via
R2T, Text Response, NOP-In, or SCSI Data-in PDUs) related to the R2T, Text Response, NOP-In, or SCSI Data-in PDUs) related to the
affected task set, even after issuing the task management request. affected task set, even after issuing the task management request.
The issuing initiator SHOULD however terminate (i.e., by setting the The issuing initiator SHOULD however terminate (i.e., by setting the
F-bit to 1) these response sequences as quickly as possible. The F-bit to 1) these response sequences as quickly as possible. The
target on its part MUST wait for responses on all affected target target on its part MUST wait for responses on all affected target
transfer tags before acting on either of these two task management transfer tags before acting on either of these two task management
requests. In case all or part of the response sequence is not requests. In case all or part of the response sequence is not
received (due to digest errors) for a valid TTT, the target MAY received (due to digest errors) for a valid TTT, the target MAY
skipping to change at line 6483 skipping to change at line 6433
ErrorRecoveryLevel >= 1, or alternatively may drop the connection to ErrorRecoveryLevel >= 1, or alternatively may drop the connection to
complete the requested task set function. complete the requested task set function.
If an ABORT TASK is issued for a task created by an immediate If an ABORT TASK is issued for a task created by an immediate
command then RefCmdSN MUST be that of the Task Management request command then RefCmdSN MUST be that of the Task Management request
itself (i.e. CmdSN and RefCmdSN are equal); otherwise RefCmdSN MUST itself (i.e. CmdSN and RefCmdSN are equal); otherwise RefCmdSN MUST
be set to the CmdSN of the task to be aborted (lower than CmdSN). be set to the CmdSN of the task to be aborted (lower than CmdSN).
If the connection is still active (it is not undergoing an implicit If the connection is still active (it is not undergoing an implicit
or explicit logout), ABORT TASK MUST be issued on the same or explicit logout), ABORT TASK MUST be issued on the same
Julian Satran Expires August 2003 122
iSCSI 19-January-03
connection to which the task to be aborted is allegiant at the time connection to which the task to be aborted is allegiant at the time
the Task Management Request is issued. If the connection is the Task Management Request is issued. If the connection is
implicitly or explicitly logged out (i.e., no other request will be implicitly or explicitly logged out (i.e., no other request will be
issued on the failing connection and no other response will be issued on the failing connection and no other response will be
received on the failing connection), then an ABORT TASK function received on the failing connection), then an ABORT TASK function
request may be issued on another connection. This Task Management request may be issued on another connection. This Task Management
request will then establish a new allegiance for the command to be request will then establish a new allegiance for the command to be
aborted as well as abort it (i.e., the task to be aborted will not aborted as well as abort it (i.e., the task to be aborted will not
have to be retried or reassigned, and its status, if issued but not have to be retried or reassigned, and its status, if issued but not
acknowledged, will be reissued followed by the Task Management acknowledged, will be reissued followed by the Task Management
response). response).
At the target an ABORT TASK function MUST NOT be executed on a Task At the target an ABORT TASK function MUST NOT be executed on a Task
Management request; such a request MUST result in Task Management Management request; such a request MUST result in Task Management
response of "Function rejected". response of "Function rejected".
For the LOGICAL UNIT RESET function, the target MUST behave as For the LOGICAL UNIT RESET function, the target MUST behave as
dictated by the Logical Unit Reset function in [SAM2]. dictated by the Logical Unit Reset function in [SAM2].
Julian Satran Expires June 2003 151
iSCSI 3-November-02
The implementation of the TARGET WARM RESET function and the TARGET The implementation of the TARGET WARM RESET function and the TARGET
COLD RESET function is OPTIONAL and when implemented, should act as COLD RESET function is OPTIONAL and when implemented, should act as
described below. The TARGET WARM RESET is also subject to SCSI described below. The TARGET WARM RESET is also subject to SCSI
access controls on the requesting initiator as defined in [SPC3]. access controls on the requesting initiator as defined in [SPC3].
When authorization fails at the target, the appropriate response as When authorization fails at the target, the appropriate response as
described in Section 10.6 Task Management Function Response MUST be described in Section 10.6 Task Management Function Response MUST be
returned by the target. The TARGET COLD RESET function is not returned by the target. The TARGET COLD RESET function is not
subject to SCSI access controls, but its execution privileges may be subject to SCSI access controls, but its execution privileges may be
managed by iSCSI mechanisms such as login authentication. managed by iSCSI mechanisms such as login authentication.
skipping to change at line 6539 skipping to change at line 6490
connection allegiance to this new connection (and thus resume iSCSI connection allegiance to this new connection (and thus resume iSCSI
exchanges for the task). TASK REASSIGN MUST ONLY be received by the exchanges for the task). TASK REASSIGN MUST ONLY be received by the
target after the connection on which the command was previously target after the connection on which the command was previously
executing has been successfully logged-out. The Task Management executing has been successfully logged-out. The Task Management
response MUST be issued before the reassignment becomes effective. response MUST be issued before the reassignment becomes effective.
For additional usage semantics see Section 6.2 Retry and Reassign in For additional usage semantics see Section 6.2 Retry and Reassign in
Recovery. Recovery.
At the target a TASK REASSIGN function request MUST NOT be executed At the target a TASK REASSIGN function request MUST NOT be executed
to reassign the connection allegiance of a Task Management function to reassign the connection allegiance of a Task Management function
request an active text negotiation task, or a Logout task; such a request, an active text negotiation task, or a Logout task; such a
request MUST result in Task Management response of "Function request MUST result in Task Management response of "Function
rejected". rejected".
Julian Satran Expires August 2003 123
iSCSI 19-January-03
TASK REASSIGN MUST be issued as an immediate command. TASK REASSIGN MUST be issued as an immediate command.
10.5.2 TotalAHSLength and DataSegmentLength 10.5.2 TotalAHSLength and DataSegmentLength
For this PDU TotalAHSLength and DataSegmentLength MUST be 0. For this PDU TotalAHSLength and DataSegmentLength MUST be 0.
Julian Satran Expires June 2003 152
iSCSI 3-November-02
10.5.3 LUN 10.5.3 LUN
This field is required for functions that address a specific LU This field is required for functions that address a specific LU
(ABORT TASK, CLEAR TASK SET, ABORT TASK SET, CLEAR ACA, LOGICAL UNIT (ABORT TASK, CLEAR TASK SET, ABORT TASK SET, CLEAR ACA, LOGICAL UNIT
RESET) and is reserved in all others. RESET) and is reserved in all others.
10.5.4 Referenced Task Tag 10.5.4 Referenced Task Tag
The Initiator Task Tag of the task to be aborted for the ABORT TASK The Initiator Task Tag of the task to be aborted for the ABORT TASK
function or reassigned for the TASK REASSIGN function. function or reassigned for the TASK REASSIGN function.
skipping to change at line 6594 skipping to change at line 6545
this number is set to 0. If the function is TASK REASSIGN, which this number is set to 0. If the function is TASK REASSIGN, which
establishes a new connection allegiance for a previously issued Read establishes a new connection allegiance for a previously issued Read
or Bidirectional command, ExpDataSN will contain an updated data or Bidirectional command, ExpDataSN will contain an updated data
acknowledgement reference number or the value 0; the latter acknowledgement reference number or the value 0; the latter
indicating that the data acknowledgement reference number is indicating that the data acknowledgement reference number is
unchanged. The initiator MUST discard any data PDUs from the unchanged. The initiator MUST discard any data PDUs from the
previous execution that it did not acknowledge and the target MUST previous execution that it did not acknowledge and the target MUST
transmit all Data-in PDUs (if any) starting with the data transmit all Data-in PDUs (if any) starting with the data
acknowledgement reference number. The number of retransmitted PDUs acknowledgement reference number. The number of retransmitted PDUs
may or may not be the same as the original transmission depending on may or may not be the same as the original transmission depending on
Julian Satran Expires June 2003 153
iSCSI 3-November-02
if there was a change in MaxRecvDataSegmentLength in the if there was a change in MaxRecvDataSegmentLength in the
reassignment. The target MAY also send no more Data-In PDUs if all reassignment. The target MAY also send no more Data-In PDUs if all
data has been acknowledged. data has been acknowledged.
The value of ExpDataSN MUST be 0 or higher than the DataSN of the The value of ExpDataSN MUST be 0 or higher than the DataSN of the
last acknowledged Data-In PDU, but not larger than DataSN+1 of the last acknowledged Data-In PDU, but not larger than DataSN+1 of the
Julian Satran Expires August 2003 124
iSCSI 19-January-03
last Data-IN PDU sent by the target. Any other value MUST be ignored last Data-IN PDU sent by the target. Any other value MUST be ignored
by the target. by the target.
For other functions this field is reserved. For other functions this field is reserved.
Julian Satran Expires June 2003 154 Julian Satran Expires August 2003 125
iSCSI 3-November-02 iSCSI 19-January-03
10.6 Task Management Function Response 10.6 Task Management Function Response
Byte/ 0 | 1 | 2 | 3 | Byte/ 0 | 1 | 2 | 3 |
/ | | | | / | | | |
|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7| |0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
0|.|.| 0x22 |1| Reserved | Response | Reserved | 0|.|.| 0x22 |1| Reserved | Response | Reserved |
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
4|TotalAHSLength | DataSegmentLength | 4|TotalAHSLength | DataSegmentLength |
skipping to change at line 6655 skipping to change at line 6606
For TASK REASSIGN, the new connection allegiance MUST ONLY become For TASK REASSIGN, the new connection allegiance MUST ONLY become
effective at the target after the target issues the Task Management effective at the target after the target issues the Task Management
Response. Response.
10.6.1 Response 10.6.1 Response
The target provides a Response, which may take on the following The target provides a Response, which may take on the following
values: values:
a) 0 - Function complete. a) 0 - Function complete.
Julian Satran Expires June 2003 155
iSCSI 3-November-02
b) 1 - Task does not exist. b) 1 - Task does not exist.
c) 2 - LUN does not exist. c) 2 - LUN does not exist.
d) 3 - Task still allegiant. d) 3 - Task still allegiant.
e) 4 - Task allegiance reassignment not supported. e) 4 - Task allegiance reassignment not supported.
f) 5 - Task management function not supported. f) 5 - Task management function not supported.
g) 6 - Function authorization failed. g) 6 - Function authorization failed.
h) 255 - Function rejected. h) 255 - Function rejected.
All other values are reserved. All other values are reserved.
Julian Satran Expires August 2003 126
iSCSI 19-January-03
For a discussion on usage of response codes 3 and 4, see Section For a discussion on usage of response codes 3 and 4, see Section
6.2.2 Allegiance Reassignment. 6.2.2 Allegiance Reassignment.
For the TARGET COLD RESET and TARGET WARM RESET functions, the For the TARGET COLD RESET and TARGET WARM RESET functions, the
target cancels all pending operations across all Logical Units known target cancels all pending operations across all Logical Units known
to the issuing initiator. For the TARGET COLD RESET function, the to the issuing initiator. For the TARGET COLD RESET function, the
target MUST then close all of its TCP connections to all initiators target MUST then close all of its TCP connections to all initiators
(terminates all sessions). (terminates all sessions).
The mapping of the response code into a SCSI service response code The mapping of the response code into a SCSI service response code
skipping to change at line 6702 skipping to change at line 6652
have been confirmed (acknowledged through ExpStatSN) by the have been confirmed (acknowledged through ExpStatSN) by the
initiator on all connections of this session. For the exact initiator on all connections of this session. For the exact
timeline of events, refer to Section 10.6.2 Task Management Actions timeline of events, refer to Section 10.6.2 Task Management Actions
on Task Sets. on Task Sets.
For the ABORT TASK function, For the ABORT TASK function,
a) If the Referenced Task Tag identifies a valid task leading a) If the Referenced Task Tag identifies a valid task leading
to a successful termination, then targets must return the to a successful termination, then targets must return the
"Function complete" response. "Function complete" response.
Julian Satran Expires June 2003 156
iSCSI 3-November-02
b) If the Referenced Task Tag does not identify an existing b) If the Referenced Task Tag does not identify an existing
task, but if the CmdSN indicated by the RefCmdSN field in the task, but if the CmdSN indicated by the RefCmdSN field in the
Task Management function request is within the valid CmdSN Task Management function request is within the valid CmdSN
window and less than the CmdSN of the Task Management function window and less than the CmdSN of the Task Management function
request itself, then targets must consider the CmdSN received request itself, then targets must consider the CmdSN received
and return the "Function complete" response. and return the "Function complete" response.
c) If the Referenced Task Tag does not identify an existing c) If the Referenced Task Tag does not identify an existing
task and if the CmdSN indicated by the RefCmdSN field in the task and if the CmdSN indicated by the RefCmdSN field in the
Task Management function request is outside the valid CmdSN Task Management function request is outside the valid CmdSN
window, then targets must return the "Task does not exist" window, then targets must return the "Task does not exist"
response. response.
10.6.2 Task Management Actions on Task Sets 10.6.2 Task Management Actions on Task Sets
The execution of ABORT TASK SET and CLEAR TASK SET Task Management The execution of ABORT TASK SET and CLEAR TASK SET Task Management
function requests consists of the following sequence of events in function requests consists of the following sequence of events in
the specified order on each of the entities. the specified order on each of the entities.
The initiator: The initiator:
Julian Satran Expires August 2003 127
iSCSI 19-January-03
a) Issues ABORT TASK SET/CLEAR TASK SET request. a) Issues ABORT TASK SET/CLEAR TASK SET request.
b) Continues to respond to each target transfer tag b) Continues to respond to each target transfer tag
received for the affected task set. received for the affected task set.
c) Receives any responses for the tasks in the affected c) Receives any responses for the tasks in the affected
task set (may process them as usual because they are task set (may process them as usual because they are
guaranteed to be valid). guaranteed to be valid).
d) Receives the task set management response, thus d) Receives the task set management response, thus
concluding all the tasks in the affected task set. concluding all the tasks in the affected task set.
The target: The target:
skipping to change at line 6749 skipping to change at line 6698
and for all affected tasks in the task set to be and for all affected tasks in the task set to be
received. received.
c) Propagates the command to and receives the response from c) Propagates the command to and receives the response from
the target SCSI layer. the target SCSI layer.
d) Takes note of last-sent StatSN on each of the d) Takes note of last-sent StatSN on each of the
connections in the session, and waits for connections in the session, and waits for
acknowledgement of each StatSN (may solicit for acknowledgement of each StatSN (may solicit for
acknowledgement by way of a NOP-In). acknowledgement by way of a NOP-In).
e) Sends the task set management response. e) Sends the task set management response.
Julian Satran Expires June 2003 157
iSCSI 3-November-02
10.6.3 TotalAHSLength and DataSegmentLength 10.6.3 TotalAHSLength and DataSegmentLength
For this PDU TotalAHSLength and DataSegmentLength MUST be 0. For this PDU TotalAHSLength and DataSegmentLength MUST be 0.
Julian Satran Expires June 2003 158 Julian Satran Expires August 2003 128
iSCSI 3-November-02 iSCSI 19-January-03
10.7 SCSI Data-out & SCSI Data-in 10.7 SCSI Data-out & SCSI Data-in
The SCSI Data-out PDU for WRITE operations has the following format: The SCSI Data-out PDU for WRITE operations has the following format:
Byte/ 0 | 1 | 2 | 3 | Byte/ 0 | 1 | 2 | 3 |
/ | | | | / | | | |
|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7| |0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
0|.|.| 0x05 |F| Reserved | 0|.|.| 0x05 |F| Reserved |
skipping to change at line 6801 skipping to change at line 6747
48| Header-Digest (Optional) | 48| Header-Digest (Optional) |
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
/ DataSegment / / DataSegment /
+/ / +/ /
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
| Data-Digest (Optional) | | Data-Digest (Optional) |
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
The SCSI Data-in PDU for READ operations has the following format: The SCSI Data-in PDU for READ operations has the following format:
Julian Satran Expires June 2003 159 Julian Satran Expires August 2003 129
iSCSI 3-November-02 iSCSI 19-January-03
Byte/ 0 | 1 | 2 | 3 | Byte/ 0 | 1 | 2 | 3 |
/ | | | | / | | | |
|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7| |0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
0|.|.| 0x25 |F|A|0 0 0|O|U|S| Reserved |Status or Rsvd | 0|.|.| 0x25 |F|A|0 0 0|O|U|S| Reserved |Status or Rsvd |
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
4|TotalAHSLength | DataSegmentLength | 4|TotalAHSLength | DataSegmentLength |
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
8| LUN or Reserved | 8| LUN or Reserved |
skipping to change at line 6845 skipping to change at line 6791
+/ / +/ /
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
| Data-Digest (Optional) | | Data-Digest (Optional) |
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
Status can accompany the last Data-in PDU if the command did not end Status can accompany the last Data-in PDU if the command did not end
with an exception (i.e., the status is "good status" - GOOD, with an exception (i.e., the status is "good status" - GOOD,
CONDITION MET or INTERMEDIATE CONDITION MET). The presence of CONDITION MET or INTERMEDIATE CONDITION MET). The presence of
status (and of a residual count) is signaled though the S flag bit. status (and of a residual count) is signaled though the S flag bit.
Although targets MAY choose to send even non-exception status in Although targets MAY choose to send even non-exception status in
Julian Satran Expires June 2003 160
iSCSI 3-November-02
separate responses, initiators MUST support non-exception status in separate responses, initiators MUST support non-exception status in
Data-In PDUs. Data-In PDUs.
10.7.1 F (Final) Bit 10.7.1 F (Final) Bit
For outgoing data, this bit is 1 for the last PDU of unsolicited For outgoing data, this bit is 1 for the last PDU of unsolicited
data or the last PDU of a sequence that answers an R2T. data or the last PDU of a sequence that answers an R2T.
For incoming data, this bit is 1 for the last input (read) data PDU For incoming data, this bit is 1 for the last input (read) data PDU
of a sequence. Input can be split into several sequences, each of a sequence. Input can be split into several sequences, each
having its own F bit. Splitting the data stream into sequences does having its own F bit. Splitting the data stream into sequences does
not affect DataSN counting on Data-In PDUs. It MAY be used as a not affect DataSN counting on Data-In PDUs. It MAY be used as a
"change direction" indication for Bidirectional operations that need "change direction" indication for Bidirectional operations that need
such a change. such a change.
Julian Satran Expires August 2003 130
iSCSI 19-January-03
DataSegmentLength MUST not exceed MaxRecvDataSegmentLength for the DataSegmentLength MUST not exceed MaxRecvDataSegmentLength for the
direction it is sent and the total of all the DataSegmentLength of direction it is sent and the total of all the DataSegmentLength of
all PDUs in a sequence MUST not exceed MaxBurstLength (or all PDUs in a sequence MUST not exceed MaxBurstLength (or
FirstBurstLength for unsolicited data). However the number of FirstBurstLength for unsolicited data). However the number of
individual PDUs in a sequence (or in total) may be higher than the individual PDUs in a sequence (or in total) may be higher than the
MaxBurstLength (or FirstBurstLength) to MaxRecvDataSegmentLength MaxBurstLength (or FirstBurstLength) to MaxRecvDataSegmentLength
ratio (as PDUs may be limited in length by the sender capabilities). ratio (as PDUs may be limited in length by the sender capabilities).
Using DataSegmentLength of 0 may increase beyond what is reasonable Using DataSegmentLength of 0 may increase beyond what is reasonable
for the number of PDUs and should therefore be avoided. for the number of PDUs and should therefore be avoided.
skipping to change at line 6892 skipping to change at line 6837
target should use the A bit moderately; it MAY only set the A bit to target should use the A bit moderately; it MAY only set the A bit to
1 once every MaxBurstLength bytes, or on the last Data-In PDU that 1 once every MaxBurstLength bytes, or on the last Data-In PDU that
concludes the entire requested read data transfer for the task from concludes the entire requested read data transfer for the task from
the target's perspective, and it MUST NOT do so more frequently. The the target's perspective, and it MUST NOT do so more frequently. The
target MUST NOT set to 1 the A bit for sessions with target MUST NOT set to 1 the A bit for sessions with
ErrorRecoveryLevel=0. The initiator MUST ignore the A bit set to 1 ErrorRecoveryLevel=0. The initiator MUST ignore the A bit set to 1
for sessions with ErrorRecoveryLevel=0. for sessions with ErrorRecoveryLevel=0.
On receiving a Data-In PDU with the A bit set to 1 on a session with On receiving a Data-In PDU with the A bit set to 1 on a session with
ErrorRecoveryLevel greater than 0, if there are no holes in the read ErrorRecoveryLevel greater than 0, if there are no holes in the read
Julian Satran Expires June 2003 161
iSCSI 3-November-02
data until that Data-In PDU, the initiator MUST issue a SNACK of data until that Data-In PDU, the initiator MUST issue a SNACK of
type DataACK except when it is able to acknowledge the status for type DataACK except when it is able to acknowledge the status for
the task immediately via ExpStatSN on other outbound PDUs if the the task immediately via ExpStatSN on other outbound PDUs if the
status for the task is also received. In the latter case status for the task is also received. In the latter case
(acknowledgement through ExpStatSN), sending a SNACK of type DataACK (acknowledgement through ExpStatSN), sending a SNACK of type DataACK
in response to the A bit is not mandatory, but if it is done, it in response to the A bit is OPTIONAL, but if it is done, it must not
must not be sent after the status acknowledgement through ExpStatSN. be sent after the status acknowledgement through ExpStatSN. If the
If the initiator has detected holes in the read data prior to that initiator has detected holes in the read data prior to that Data-In
Data-In PDU, it MUST postpone issuing the SNACK of type DataACK PDU, it MUST postpone issuing the SNACK of type DataACK until the
until the holes are filled. An initiator also MUST NOT acknowledge holes are filled. An initiator also MUST NOT acknowledge the status
the status for the task before those holes are filled. A status for the task before those holes are filled. A status
acknowledgement for a task that generated the Data-In PDUs is acknowledgement for a task that generated the Data-In PDUs is
considered by the target as an implicit acknowledgement of the Data- considered by the target as an implicit acknowledgement of the Data-
In PDUs if such an acknowledgement was requested by the target. In PDUs if such an acknowledgement was requested by the target.
10.7.3 Flags (byte 1) 10.7.3 Flags (byte 1)
The last SCSI Data packet sent from a target to an initiator for a The last SCSI Data packet sent from a target to an initiator for a
SCSI command that completed successfully (with a status of GOOD, SCSI command that completed successfully (with a status of GOOD,
CONDITION MET, INTERMEDIATE or INTERMEDIATE CONDITION MET) may also CONDITION MET, INTERMEDIATE or INTERMEDIATE CONDITION MET) may also
optionally contain the Status for the data transfer. In this case, optionally contain the Status for the data transfer. In this case,
Sense Data cannot be sent together with the Command Status. If the Sense Data cannot be sent together with the Command Status. If the
command is completed with an error, then the response and sense data command is completed with an error, then the response and sense data
MUST be sent in a SCSI Response PDU (i.e., MUST NOT be sent in a MUST be sent in a SCSI Response PDU (i.e., MUST NOT be sent in a
SCSI Data packet). For Bidirectional commands, the status MUST be SCSI Data packet). For Bidirectional commands, the status MUST be
sent in a SCSI Response PDU. sent in a SCSI Response PDU.
Julian Satran Expires August 2003 131
iSCSI 19-January-03
bit 2-4 - Reserved. bit 2-4 - Reserved.
bit 5-6 - used the same as in a SCSI Response. These bits are bit 5-6 - used the same as in a SCSI Response. These bits are
only valid when S is set to 1. For details see Section 10.4.1 only valid when S is set to 1. For details see Section 10.4.1
Flags (byte 1). Flags (byte 1).
bit 7 S (status)- set to indicate that the Command Status field bit 7 S (status)- set to indicate that the Command Status field
contains status. If this bit is set to 1, the F bit MUST also contains status. If this bit is set to 1, the F bit MUST also
be set to 1. be set to 1.
The fields StatSN, Status, and Residual Count only have meaningful The fields StatSN, Status, and Residual Count only have meaningful
content if the S bit is set to 1 and their values are defined in content if the S bit is set to 1 and their values are defined in
Section 10.4 SCSI Response. Section 10.4 SCSI Response.
Julian Satran Expires June 2003 162
iSCSI 3-November-02
10.7.4 Target Transfer Tag and LUN 10.7.4 Target Transfer Tag and LUN
On outgoing data, the Target Transfer Tag is provided to the target On outgoing data, the Target Transfer Tag is provided to the target
if the transfer is honoring an R2T. In this case, the Target if the transfer is honoring an R2T. In this case, the Target
Transfer Tag field is a replica of the Target Transfer Tag provided Transfer Tag field is a replica of the Target Transfer Tag provided
with the R2T. with the R2T.
On incoming data, the Target Transfer Tag and LUN MUST be provided On incoming data, the Target Transfer Tag and LUN MUST be provided
by the target if the A bit is set to 1; otherwise they are reserved. by the target if the A bit is set to 1; otherwise they are reserved.
The Target Transfer Tag and LUN are copied by the initiator into the The Target Transfer Tag and LUN are copied by the initiator into the
skipping to change at line 6982 skipping to change at line 6923
or is a data sequence generated for one R2T (for data solicited or is a data sequence generated for one R2T (for data solicited
through R2T). through R2T).
10.7.6 Buffer Offset 10.7.6 Buffer Offset
The Buffer Offset field contains the offset of this PDU payload data The Buffer Offset field contains the offset of this PDU payload data
within the complete data transfer. The sum of the buffer offset and within the complete data transfer. The sum of the buffer offset and
length should not exceed the expected transfer length for the length should not exceed the expected transfer length for the
command. command.
Julian Satran Expires June 2003 163 Julian Satran Expires August 2003 132
iSCSI 3-November-02 iSCSI 19-January-03
The order of data PDUs within a sequence is determined by The order of data PDUs within a sequence is determined by
DataPDUInOrder. When set to Yes, it means that PDUs have to be in DataPDUInOrder. When set to Yes, it means that PDUs have to be in
increasing Buffer Offset order and overlays are forbidden. increasing Buffer Offset order and overlays are forbidden.
The ordering between sequences is determined by DataSequenceInOrder. The ordering between sequences is determined by DataSequenceInOrder.
When set to Yes, it means that sequences have to be in increasing When set to Yes, it means that sequences have to be in increasing
Buffer Offset order and overlays are forbidden. Buffer Offset order and overlays are forbidden.
10.7.7 DataSegmentLength 10.7.7 DataSegmentLength
This is the data payload length of a SCSI Data-In or SCSI Data-Out This is the data payload length of a SCSI Data-In or SCSI Data-Out
PDU. The sending of 0 length data segments should be avoided, but PDU. The sending of 0 length data segments should be avoided, but
initiators and targets MUST be able to properly receive 0 length initiators and targets MUST be able to properly receive 0 length
data segments. data segments.
The Data Segments of Data-in and Data-out PDUs SHOULD be filled to The Data Segments of Data-in and Data-out PDUs SHOULD be filled to
the integer number of 4 byte words (real payload) unless the F bit the integer number of 4 byte words (real payload) unless the F bit
is set to 1. is set to 1.
Julian Satran Expires June 2003 164 Julian Satran Expires August 2003 133
iSCSI 3-November-02 iSCSI 19-January-03
10.8 Ready To Transfer (R2T) 10.8 Ready To Transfer (R2T)
Byte/ 0 | 1 | 2 | 3 | Byte/ 0 | 1 | 2 | 3 |
/ | | | | / | | | |
|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7| |0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
0|.|.| 0x31 |1| Reserved | 0|.|.| 0x31 |1| Reserved |
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
4|TotalAHSLength | DataSegmentLength | 4|TotalAHSLength | DataSegmentLength |
skipping to change at line 7048 skipping to change at line 6989
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
When an initiator has submitted a SCSI Command with data that passes When an initiator has submitted a SCSI Command with data that passes
from the initiator to the target (WRITE), the target may specify from the initiator to the target (WRITE), the target may specify
which blocks of data it is ready to receive. The target may request which blocks of data it is ready to receive. The target may request
that the data blocks be delivered in whichever order is convenient that the data blocks be delivered in whichever order is convenient
for the target at that particular instant. This information is for the target at that particular instant. This information is
passed from the target to the initiator in the Ready To Transfer passed from the target to the initiator in the Ready To Transfer
(R2T) PDU. (R2T) PDU.
Julian Satran Expires June 2003 165
iSCSI 3-November-02
In order to allow write operations without an explicit initial R2T, In order to allow write operations without an explicit initial R2T,
the initiator and target MUST have negotiated the key InitialR2T to the initiator and target MUST have negotiated the key InitialR2T to
No during Login. No during Login.
An R2T MAY be answered with one or more SCSI Data-out PDUs with a An R2T MAY be answered with one or more SCSI Data-out PDUs with a
matching Target Transfer Tag. If an R2T is answered with a single matching Target Transfer Tag. If an R2T is answered with a single
Data-out PDU, the Buffer Offset in the Data PDU MUST be the same as Data-out PDU, the Buffer Offset in the Data PDU MUST be the same as
the one specified by the R2T, and the data length of the Data PDU the one specified by the R2T, and the data length of the Data PDU
MUST be the same as the Desired Data Transfer Length specified in MUST be the same as the Desired Data Transfer Length specified in
the R2T. If the R2T is answered with a sequence of Data PDUs, the the R2T. If the R2T is answered with a sequence of Data PDUs, the
Buffer Offset and Length MUST be within the range of those specified Buffer Offset and Length MUST be within the range of those specified
by R2T, and the last PDU MUST have the F bit set to 1. If the last by R2T, and the last PDU MUST have the F bit set to 1. If the last
PDU (marked with the F bit) is received before the Desired Data PDU (marked with the F bit) is received before the Desired Data
Transfer Length is transferred, a target MAY choose to Reject that Transfer Length is transferred, a target MAY choose to Reject that
Julian Satran Expires August 2003 134
iSCSI 19-January-03
PDU with "Protocol error" reason code. DataPDUInOrder governs the PDU with "Protocol error" reason code. DataPDUInOrder governs the
Data-Out PDU ordering. If DataPDUInOrder is set to Yes, the Buffer Data-Out PDU ordering. If DataPDUInOrder is set to Yes, the Buffer
Offsets and Lengths for consecutive PDUs MUST form a continuous non- Offsets and Lengths for consecutive PDUs MUST form a continuous non-
overlapping range and the PDUs MUST be sent in increasing offset overlapping range and the PDUs MUST be sent in increasing offset
order. order.
The target may send several R2T PDUs. It, therefore, can have a The target may send several R2T PDUs. It, therefore, can have a
number of pending data transfers. The number of outstanding R2T number of pending data transfers. The number of outstanding R2T
PDUs are limited by the value of the negotiated key PDUs are limited by the value of the negotiated key
MaxOutstandingR2T. Within a connection, outstanding R2Ts MUST be MaxOutstandingR2T. Within a connection, outstanding R2Ts MUST be
skipping to change at line 7094 skipping to change at line 7036
A Recovery-R2T carries the next unused R2TSN, but requests part of A Recovery-R2T carries the next unused R2TSN, but requests part of
or the entire data burst that an earlier R2T (with a lower R2TSN) or the entire data burst that an earlier R2T (with a lower R2TSN)
had already requested. had already requested.
DataSequenceInOrder governs the buffer offset ordering in DataSequenceInOrder governs the buffer offset ordering in
consecutive R2Ts. If DataSequenceInOrder is Yes, then consecutive consecutive R2Ts. If DataSequenceInOrder is Yes, then consecutive
R2Ts MUST refer to continuous non-overlapping ranges except for R2Ts MUST refer to continuous non-overlapping ranges except for
Recovery-R2Ts. Recovery-R2Ts.
Julian Satran Expires June 2003 166
iSCSI 3-November-02
10.8.1 TotalAHSLength and DataSegmentLength 10.8.1 TotalAHSLength and DataSegmentLength
For this PDU TotalAHSLength and DataSegmentLength MUST be 0. For this PDU TotalAHSLength and DataSegmentLength MUST be 0.
10.8.2 R2TSN 10.8.2 R2TSN
R2TSN is the R2T PDU input PDU number within the command identified R2TSN is the R2T PDU input PDU number within the command identified
by the Initiator Task Tag. by the Initiator Task Tag.
For bidirectional commands R2T and Data-In PDUs share the input PDU For bidirectional commands R2T and Data-In PDUs share the input PDU
skipping to change at line 7125 skipping to change at line 7064
The target specifies how many bytes it wants the initiator to send The target specifies how many bytes it wants the initiator to send
because of this R2T PDU. The target may request the data from the because of this R2T PDU. The target may request the data from the
initiator in several chunks, not necessarily in the original order initiator in several chunks, not necessarily in the original order
of the data. The target, therefore, also specifies a Buffer Offset of the data. The target, therefore, also specifies a Buffer Offset
that indicates the point at which the data transfer should begin, that indicates the point at which the data transfer should begin,
relative to the beginning of the total data transfer. The Desired relative to the beginning of the total data transfer. The Desired
Data Transfer Length MUST NOT be 0 and MUST not exceed Data Transfer Length MUST NOT be 0 and MUST not exceed
MaxBurstLength. MaxBurstLength.
Julian Satran Expires August 2003 135
iSCSI 19-January-03
10.8.5 Target Transfer Tag 10.8.5 Target Transfer Tag
The target assigns its own tag to each R2T request that it sends to The target assigns its own tag to each R2T request that it sends to
the initiator. This tag can be used by the target to easily identify the initiator. This tag can be used by the target to easily identify
the data it receives. The Target Transfer Tag and LUN are copied in the data it receives. The Target Transfer Tag and LUN are copied in
the outgoing data PDUs and are only used by the target. There is no the outgoing data PDUs and are only used by the target. There is no
protocol rule about the Target Transfer Tag except that the value protocol rule about the Target Transfer Tag except that the value
0xffffffff is reserved and MUST NOT be sent by a target in an R2T. 0xffffffff is reserved and MUST NOT be sent by a target in an R2T.
Julian Satran Expires June 2003 167 Julian Satran Expires August 2003 136
iSCSI 3-November-02 iSCSI 19-January-03
10.9 Asynchronous Message 10.9 Asynchronous Message
An Asynchronous Message may be sent from the target to the initiator An Asynchronous Message may be sent from the target to the initiator
without correspondence to a particular command. The target specifies without correspondence to a particular command. The target specifies
the reason for the event and sense data. the reason for the event and sense data.
Byte/ 0 | 1 | 2 | 3 | Byte/ 0 | 1 | 2 | 3 |
/ | | | | / | | | |
|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7| |0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|
skipping to change at line 7179 skipping to change at line 7121
44| Reserved | 44| Reserved |
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
48| Header-Digest (Optional) | 48| Header-Digest (Optional) |
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
/ DataSegment - Sense Data and iSCSI Event Data / / DataSegment - Sense Data and iSCSI Event Data /
+/ / +/ /
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
| Data-Digest (Optional) | | Data-Digest (Optional) |
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
Julian Satran Expires June 2003 168
iSCSI 3-November-02
Some Asynchronous Messages are strictly related to iSCSI while Some Asynchronous Messages are strictly related to iSCSI while
others are related to SCSI [SAM2]. others are related to SCSI [SAM2].
StatSN counts this PDU as an acknowledgeable event (StatSN is StatSN counts this PDU as an acknowledgeable event (StatSN is
advanced), which allows for initiator and target state advanced), which allows for initiator and target state
synchronization. synchronization.
10.9.1 AsyncEvent 10.9.1 AsyncEvent
The codes used for iSCSI Asynchronous Messages (events) are: The codes used for iSCSI Asynchronous Messages (events) are:
0 - a SCSI Asynchronous Event is reported in the sense data. 0 - a SCSI Asynchronous Event is reported in the sense data.
Sense Data that accompanies the report, in the data segment, Sense Data that accompanies the report, in the data segment,
Julian Satran Expires August 2003 137
iSCSI 19-January-03
identifies the condition. The sending of a SCSI Event identifies the condition. The sending of a SCSI Event
(Asynchronous Event Reporting in SCSI terminology) is (Asynchronous Event Reporting in SCSI terminology) is
dependent on the target support for SCSI asynchronous event dependent on the target support for SCSI asynchronous event
reporting (see [SAM2]) as indicated in the standard INQUIRY reporting (see [SAM2]) as indicated in the standard INQUIRY
data (see [SPC3]). Its use may be enabled by parameters in the data (see [SPC3]). Its use may be enabled by parameters in the
SCSI Control mode page (see [SPC3]). SCSI Control mode page (see [SPC3]).
1 - target requests Logout. This Async Message MUST be sent on 1 - target requests Logout. This Async Message MUST be sent on
the same connection as the one requesting to be logged out. the same connection as the one requesting to be logged out.
The initiator MUST honor this request by issuing a Logout as The initiator MUST honor this request by issuing a Logout as
skipping to change at line 7230 skipping to change at line 7173
to be dropped. to be dropped.
The Parameter2 field (Time2Wait) indicates, in seconds, the The Parameter2 field (Time2Wait) indicates, in seconds, the
minimum time to wait before attempting to reconnect or minimum time to wait before attempting to reconnect or
reassign. reassign.
The Parameter3 field (Time2Retain) indicates the maximum time The Parameter3 field (Time2Retain) indicates the maximum time
allowed to reassign commands after the initial wait (in allowed to reassign commands after the initial wait (in
Parameter2). Parameter2).
If the initiator does not attempt to reconnect and/or reassign If the initiator does not attempt to reconnect and/or reassign
the outstanding commands within the time specified by the outstanding commands within the time specified by
Parameter3, or if Parameter3 is 0, the target will terminate Parameter3, or if Parameter3 is 0, the target will terminate
Julian Satran Expires June 2003 169
iSCSI 3-November-02
all outstanding commands on this connection. In this case, no all outstanding commands on this connection. In this case, no
other responses should be expected from the target for the other responses should be expected from the target for the
outstanding commands on this connection. outstanding commands on this connection.
A value of 0 for Parameter2 indicates that reconnect can be A value of 0 for Parameter2 indicates that reconnect can be
attempted immediately. attempted immediately.
3 - target indicates it will drop all the connections of this 3 - target indicates it will drop all the connections of this
session. session.
Parameter1 field is reserved. Parameter1 field is reserved.
The Parameter2 field (Time2Wait) indicates, in seconds, the The Parameter2 field (Time2Wait) indicates, in seconds, the
minimum time to wait before attempting to reconnect. minimum time to wait before attempting to reconnect.
The Parameter3 field (Time2Retain) indicates the maximum time The Parameter3 field (Time2Retain) indicates the maximum time
allowed to reassign commands after the initial wait (in allowed to reassign commands after the initial wait (in
Parameter2). Parameter2).
If the initiator does not attempt to reconnect and/or reassign If the initiator does not attempt to reconnect and/or reassign
the outstanding commands within the time specified by the outstanding commands within the time specified by
Parameter3, or if Parameter3 is 0, the session is terminated. Parameter3, or if Parameter3 is 0, the session is terminated.
In this case, the target will terminate all outstanding In this case, the target will terminate all outstanding
commands in this session; no other responses should be commands in this session; no other responses should be
expected from the target for the outstanding commands in this expected from the target for the outstanding commands in this
session. A value of 0 for Parameter2 indicates that reconnect
can be attempted immediately. Julian Satran Expires August 2003 138
iSCSI 19-January-03
session. A value of 0 for Parameter2 indicates that reconnect
can be attempted immediately.
4 - target requests parameter negotiation on this connection. 4 - target requests parameter negotiation on this connection.
The initiator MUST honor this request by issuing a Text The initiator MUST honor this request by issuing a Text
Request (that can be empty) on the same connection as early as Request (that can be empty) on the same connection as early as
possible, but no later than Parameter3 seconds, unless a Text possible, but no later than Parameter3 seconds, unless a Text
Request is already pending on the connection, or by issuing a Request is already pending on the connection, or by issuing a
Logout Request. If the initiator does not issue a Text Request Logout Request. If the initiator does not issue a Text Request
the target may reissue the Asynchronous Message requesting the target may reissue the Asynchronous Message requesting
parameter negotiation. parameter negotiation.
255 - vendor specific iSCSI Event. The AsyncVCode details the 255 - vendor specific iSCSI Event. The AsyncVCode details the
vendor code, and data MAY accompany the report. vendor code, and data MAY accompany the report.
All other event codes are reserved. All other event codes are reserved.
10.9.2 AsyncVCode 10.9.2 AsyncVCode
AsyncVCode is a vendor specific detail code that is only valid if AsyncVCode is a vendor specific detail code that is only valid if
the AsyncEvent field indicates a vendor specific event. Otherwise, the AsyncEvent field indicates a vendor specific event. Otherwise,
it is reserved. it is reserved.
10.9.3 LUN 10.9.3 LUN
The LUN field MUST be valid if AsyncEvent is 0. Otherwise, this The LUN field MUST be valid if AsyncEvent is 0. Otherwise, this
field is reserved. field is reserved.
Julian Satran Expires June 2003 170
iSCSI 3-November-02
10.9.4 Sense Data and iSCSI Event Data 10.9.4 Sense Data and iSCSI Event Data
For a SCSI event, this data accompanies the report in the data For a SCSI event, this data accompanies the report in the data
segment and identifies the condition. segment and identifies the condition.
For an iSCSI event, additional vendor-unique data MAY accompany the For an iSCSI event, additional vendor-unique data MAY accompany the
Async event. Initiators MAY ignore the data when not understood Async event. Initiators MAY ignore the data when not understood
while processing the rest of the PDU. while processing the rest of the PDU.
If the DataSegmentLength is not 0, the format of the DataSegment is If the DataSegmentLength is not 0, the format of the DataSegment is
skipping to change at line 7314 skipping to change at line 7253
y/ iSCSI Event Data / y/ iSCSI Event Data /
/ / / /
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
z| z|
10.9.4.1 SenseLength 10.9.4.1 SenseLength
This is the length of Sense Data. When the Sense Data field is empty This is the length of Sense Data. When the Sense Data field is empty
(e.g., the event is not a SCSI event) SenseLength is 0. (e.g., the event is not a SCSI event) SenseLength is 0.
Julian Satran Expires June 2003 171 Julian Satran Expires August 2003 139
iSCSI 3-November-02 iSCSI 19-January-03
Julian Satran Expires August 2003 140
iSCSI 19-January-03
10.10 Text Request 10.10 Text Request
The Text Request is provided to allow for the exchange of The Text Request is provided to allow for the exchange of
information and for future extensions. It permits the initiator to information and for future extensions. It permits the initiator to
inform a target of its capabilities or to request some special inform a target of its capabilities or to request some special
operations. operations.
Byte/ 0 | 1 | 2 | 3 | Byte/ 0 | 1 | 2 | 3 |
/ | | | | / | | | |
skipping to change at line 7358 skipping to change at line 7300
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
/ DataSegment (Text) / / DataSegment (Text) /
+/ / +/ /
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
| Data-Digest (Optional) | | Data-Digest (Optional) |
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
An initiator MUST have at most one outstanding Text Request on a An initiator MUST have at most one outstanding Text Request on a
connection at any given time. connection at any given time.
Julian Satran Expires June 2003 172
iSCSI 3-November-02
On a connection failure, an initiator must either explicitly abort On a connection failure, an initiator must either explicitly abort
any active allegiant text negotiation task or must cause such a task any active allegiant text negotiation task or must cause such a task
to be implicitly terminated by the target. to be implicitly terminated by the target.
10.10.1 F (Final) Bit 10.10.1 F (Final) Bit
When set to 1, indicates that this is the last or only text request When set to 1, indicates that this is the last or only text request
in a sequence of Text Requests; otherwise, it indicates that more in a sequence of Text Requests; otherwise, it indicates that more
Text Requests will follow. Text Requests will follow.
Julian Satran Expires August 2003 141
iSCSI 19-January-03
10.10.2 C (Continue) Bit 10.10.2 C (Continue) Bit
When set to 1, indicates that the text (set of key=value pairs) in When set to 1, indicates that the text (set of key=value pairs) in
this Text Request is not complete (it will be continued on this Text Request is not complete (it will be continued on
subsequent Text Requests); otherwise, it indicates that this Text subsequent Text Requests); otherwise, it indicates that this Text
Request ends a set of key=value pairs. A Text Request with the C Request ends a set of key=value pairs. A Text Request with the C
bit set to 1 MUST have the F bit set to 0. bit set to 1 MUST have the F bit set to 0.
10.10.3 Initiator Task Tag 10.10.3 Initiator Task Tag
skipping to change at line 7404 skipping to change at line 7346
The target sets the Target Transfer Tag in a text response to a The target sets the Target Transfer Tag in a text response to a
value other than the reserved value 0xffffffff whenever it indicates value other than the reserved value 0xffffffff whenever it indicates
that it has more data to send or more operations to perform that are that it has more data to send or more operations to perform that are
associated with the specified Initiator Task Tag. It MUST do so associated with the specified Initiator Task Tag. It MUST do so
whenever it sets the F bit to 0 in the response. By copying the whenever it sets the F bit to 0 in the response. By copying the
Target Transfer Tag from the response to the next Text Request, the Target Transfer Tag from the response to the next Text Request, the
initiator tells the target to continue the operation for the initiator tells the target to continue the operation for the
specific Initiator Task Tag. The initiator MUST ignore the Target specific Initiator Task Tag. The initiator MUST ignore the Target
Transfer Tag in the Text Response when the F bit is set to 1. Transfer Tag in the Text Response when the F bit is set to 1.
Julian Satran Expires June 2003 173
iSCSI 3-November-02
This mechanism allows the initiator and target to transfer a large This mechanism allows the initiator and target to transfer a large
amount of textual data over a sequence of text-command/text-response amount of textual data over a sequence of text-command/text-response
exchanges, or to perform extended negotiation sequences. exchanges, or to perform extended negotiation sequences.
If the Target Transfer Tag is not 0xffffffff, the LUN field MUST be If the Target Transfer Tag is not 0xffffffff, the LUN field MUST be
sent by the target in the Text Response. sent by the target in the Text Response.
A target MAY reset its internal negotiation state if an exchange is A target MAY reset its internal negotiation state if an exchange is
stalled by the initiator for a long time or if it is running out of stalled by the initiator for a long time or if it is running out of
resources. resources.
skipping to change at line 7428 skipping to change at line 7367
Long text responses are handled as in the following example: Long text responses are handled as in the following example:
I->T Text SendTargets=All (F=1,TTT=0xffffffff) I->T Text SendTargets=All (F=1,TTT=0xffffffff)
T->I Text <part 1> (F=0,TTT=0x12345678) T->I Text <part 1> (F=0,TTT=0x12345678)
I->T Text <empty> (F=1, TTT=0x12345678) I->T Text <empty> (F=1, TTT=0x12345678)
T->I Text <part 2> (F=0, TTT=0x12345678) T->I Text <part 2> (F=0, TTT=0x12345678)
I->T Text <empty> (F=1, TTT=0x12345678) I->T Text <empty> (F=1, TTT=0x12345678)
... ...
T->I Text <part n> (F=1, TTT=0xffffffff) T->I Text <part n> (F=1, TTT=0xffffffff)
Julian Satran Expires August 2003 142
iSCSI 19-January-03
10.10.5 Text 10.10.5 Text
The data lengths of a text request MUST NOT exceed the iSCSI target The data lengths of a text request MUST NOT exceed the iSCSI target
MaxRecvDataSegmentLength (a per connection and per direction MaxRecvDataSegmentLength (a per connection and per direction
negotiated parameter). The text format is specified in Section 5.2 negotiated parameter). The text format is specified in Section 5.2
Text Mode Negotiation. Text Mode Negotiation.
Chapter 11 and Chapter 12 list some basic Text key=value pairs, some Chapter 11 and Chapter 12 list some basic Text key=value pairs, some
of which can be used in Login Request/Response and some in Text of which can be used in Login Request/Response and some in Text
Request/Response. Request/Response.
skipping to change at line 7452 skipping to change at line 7394
a key=value pair. a key=value pair.
The target responds by sending its response back to the initiator. The target responds by sending its response back to the initiator.
The response text format is similar to the request text format. The response text format is similar to the request text format.
The text response MAY refer to key=value pairs presented in an The text response MAY refer to key=value pairs presented in an
earlier text request and the text in the request may refer to earlier text request and the text in the request may refer to
earlier responses. earlier responses.
Chapter 5 details the rules for the Text Requests and Responses. Chapter 5 details the rules for the Text Requests and Responses.
Julian Satran Expires June 2003 174
iSCSI 3-November-02
Text operations are usually meant for parameter setting/ Text operations are usually meant for parameter setting/
negotiations, but can also be used to perform some long lasting negotiations, but can also be used to perform some long lasting
operations. operations.
Text operations that take a long time should be placed in their own Text operations that take a long time should be placed in their own
Text request. Text request.
Julian Satran Expires June 2003 175 Julian Satran Expires August 2003 143
iSCSI 3-November-02 iSCSI 19-January-03
10.11 Text Response 10.11 Text Response
The Text Response PDU contains the target's responses to the The Text Response PDU contains the target's responses to the
initiator's Text request. The format of the Text field matches that initiator's Text request. The format of the Text field matches that
of the Text request. of the Text request.
Byte/ 0 | 1 | 2 | 3 | Byte/ 0 | 1 | 2 | 3 |
/ | | | | / | | | |
|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7| |0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|
skipping to change at line 7508 skipping to change at line 7447
/ DataSegment (Text) / / DataSegment (Text) /
+/ / +/ /
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
| Data-Digest (Optional) | | Data-Digest (Optional) |
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
10.11.1 F (Final) Bit 10.11.1 F (Final) Bit
When set to 1, in response to a Text Request with the Final bit set When set to 1, in response to a Text Request with the Final bit set
to 1, the F bit indicates that the target has finished the whole to 1, the F bit indicates that the target has finished the whole
Julian Satran Expires June 2003 176
iSCSI 3-November-02
operation. Otherwise, if set to 0 in response to a Text Request operation. Otherwise, if set to 0 in response to a Text Request
with the Final Bit set to 1, it indicates that the target has more with the Final Bit set to 1, it indicates that the target has more
work to do (invites a follow-on text request). A Text Response with work to do (invites a follow-on text request). A Text Response with
the F bit set to 1 in response to a Text Request with the F bit set the F bit set to 1 in response to a Text Request with the F bit set
to 0 is a protocol error. to 0 is a protocol error.
A Text Response with the F bit set to 1 MUST NOT contain key=value A Text Response with the F bit set to 1 MUST NOT contain key=value
pairs that may require additional answers from the initiator. pairs that may require additional answers from the initiator.
A Text Response with the F bit set to 1 MUST have a Target Transfer A Text Response with the F bit set to 1 MUST have a Target Transfer
Tag field set to the reserved value of 0xffffffff. Tag field set to the reserved value of 0xffffffff.
Julian Satran Expires August 2003 144
iSCSI 19-January-03
A Text Response with the F bit set to 0 MUST have a Target Transfer A Text Response with the F bit set to 0 MUST have a Target Transfer
Tag field set to a value other than the reserved 0xffffffff. Tag field set to a value other than the reserved 0xffffffff.
10.11.2 C (Continue) Bit 10.11.2 C (Continue) Bit
When set to 1, indicates that the text (set of key=value pairs) in When set to 1, indicates that the text (set of key=value pairs) in
this Text Response is not complete (it will be continued on this Text Response is not complete (it will be continued on
subsequent Text Responses); otherwise, it indicates that this Text subsequent Text Responses); otherwise, it indicates that this Text
Response ends a set of key=value pairs. A Text Response with the C Response ends a set of key=value pairs. A Text Response with the C
bit set to 1 MUST have the F bit set to 0. bit set to 1 MUST have the F bit set to 0.
skipping to change at line 7555 skipping to change at line 7493
Target Transfer Tag to a value other than the reserved value of Target Transfer Tag to a value other than the reserved value of
0xffffffff. Otherwise, the Target Transfer Tag MUST be set to 0xffffffff. Otherwise, the Target Transfer Tag MUST be set to
0xffffffff. 0xffffffff.
When the Target Transfer Tag is not 0xffffffff, the LUN field may be When the Target Transfer Tag is not 0xffffffff, the LUN field may be
significant. significant.
The initiator MUST copy the Target Transfer Tag and LUN in its next The initiator MUST copy the Target Transfer Tag and LUN in its next
request to indicate that it wants the rest of the data. request to indicate that it wants the rest of the data.
Julian Satran Expires June 2003 177
iSCSI 3-November-02
When the target receives a Text Request with the Target Transfer Tag When the target receives a Text Request with the Target Transfer Tag
set to the reserved value of 0xffffffff, it resets its internal set to the reserved value of 0xffffffff, it resets its internal
information (resets state) associated with the given Initiator Task information (resets state) associated with the given Initiator Task
Tag (restarts the negotiation). Tag (restarts the negotiation).
When a target cannot finish the operation in a single Text Response, When a target cannot finish the operation in a single Text Response,
and does not have enough resources to continue, it rejects the Text and does not have enough resources to continue, it rejects the Text
Request with the appropriate Reject code. Request with the appropriate Reject code.
A target may reset its internal state associated with an Initiator A target may reset its internal state associated with an Initiator
skipping to change at line 7583 skipping to change at line 7518
10.11.5 StatSN 10.11.5 StatSN
The target StatSN variable is advanced by each Text Response sent. The target StatSN variable is advanced by each Text Response sent.
10.11.6 Text Response Data 10.11.6 Text Response Data
The data lengths of a text response MUST NOT exceed the iSCSI The data lengths of a text response MUST NOT exceed the iSCSI
initiator MaxRecvDataSegmentLength (a per connection and per initiator MaxRecvDataSegmentLength (a per connection and per
direction negotiated parameter). direction negotiated parameter).
Julian Satran Expires August 2003 145
iSCSI 19-January-03
The text in the Text Response Data is governed by the same rules as The text in the Text Response Data is governed by the same rules as
the text in the Text Request Data (see Section 10.10.5 Text). the text in the Text Request Data (see Section 10.10.5 Text).
Although the initiator is the requesting party and controls the Although the initiator is the requesting party and controls the
request-response initiation and termination, the target can offer request-response initiation and termination, the target can offer
key=value pairs of its own as part of a sequence and not only in key=value pairs of its own as part of a sequence and not only in
response to the initiator. response to the initiator.
Julian Satran Expires June 2003 178 Julian Satran Expires August 2003 146
iSCSI 3-November-02 iSCSI 19-January-03
10.12 Login Request 10.12 Login Request
After establishing a TCP connection between an initiator and a After establishing a TCP connection between an initiator and a
target, the initiator MUST start a Login Phase to gain further target, the initiator MUST start a Login Phase to gain further
access to the target's resources. access to the target's resources.
The Login Phase (see Chapter 5) consists of a sequence of Login The Login Phase (see Chapter 5) consists of a sequence of Login
requests and responses that carry the same Initiator Task Tag. requests and responses that carry the same Initiator Task Tag.
skipping to change at line 7636 skipping to change at line 7574
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
36| Reserved | 36| Reserved |
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
40/ Reserved / 40/ Reserved /
+/ / +/ /
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
48/ DataSegment - Login Parameters in Text request Format / 48/ DataSegment - Login Parameters in Text request Format /
+/ / +/ /
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
Julian Satran Expires June 2003 179
iSCSI 3-November-02
10.12.1 T (Transit) Bit 10.12.1 T (Transit) Bit
If set to 1, indicates that the initiator is ready to transit to the If set to 1, indicates that the initiator is ready to transit to the
next stage. next stage.
If the T bit is set to 1 and NSG is FullFeaturePhase, then this also If the T bit is set to 1 and NSG is FullFeaturePhase, then this also
indicates that the initiator is ready for the Final Login Response indicates that the initiator is ready for the Final Login Response
(see Chapter 5). (see Chapter 5).
10.12.2 C (Continue) Bit 10.12.2 C (Continue) Bit
When set to 1, indicates that the text (set of key=value pairs) in When set to 1, indicates that the text (set of key=value pairs) in
this Login Request is not complete (it will be continued on this Login Request is not complete (it will be continued on
subsequent Login Requests); otherwise, it indicates that this Login subsequent Login Requests); otherwise, it indicates that this Login
Julian Satran Expires August 2003 147
iSCSI 19-January-03
Request ends a set of key=value pairs. A Login Request with the C Request ends a set of key=value pairs. A Login Request with the C
bit set to 1 MUST have the T bit set to 0. bit set to 1 MUST have the T bit set to 0.
10.12.3 CSG and NSG 10.12.3 CSG and NSG
Through these fields, Current Stage (CSG) and Next Stage (NSG), the Through these fields, Current Stage (CSG) and Next Stage (NSG), the
Login negotiation requests and responses are associated with a Login negotiation requests and responses are associated with a
specific stage in the session (SecurityNegotiation, specific stage in the session (SecurityNegotiation,
LoginOperationalNegotiation, FullFeaturePhase) and may indicate the LoginOperationalNegotiation, FullFeaturePhase) and may indicate the
next stage to which they want to move (see Chapter 5). The next next stage to which they want to move (see Chapter 5). The next
skipping to change at line 7680 skipping to change at line 7619
- 3 - FullFeaturePhase - 3 - FullFeaturePhase
All other codes are reserved. All other codes are reserved.
10.12.4 Version 10.12.4 Version
The version number of the current draft is 0x00. As such, all The version number of the current draft is 0x00. As such, all
devices MUST carry version 0x00 for both Version-min and Version- devices MUST carry version 0x00 for both Version-min and Version-
max. max.
Julian Satran Expires June 2003 180
iSCSI 3-November-02
10.12.4.1 Version-max 10.12.4.1 Version-max
Maximum Version number supported. Maximum Version number supported.
All Login requests within the Login Phase MUST carry the same All Login requests within the Login Phase MUST carry the same
Version-max. Version-max.
The target MUST use the value presented with the first login The target MUST use the value presented with the first login
request. request.
skipping to change at line 7705 skipping to change at line 7641
All Login requests within the Login Phase MUST carry the same All Login requests within the Login Phase MUST carry the same
Version-min. The target MUST use the value presented with the first Version-min. The target MUST use the value presented with the first
login request. login request.
10.12.5 ISID 10.12.5 ISID
This is an initiator-defined component of the session identifier and This is an initiator-defined component of the session identifier and
is structured as follows (see [NDT] and Section 9.1.1 Conservative is structured as follows (see [NDT] and Section 9.1.1 Conservative
Reuse of ISIDs for details): Reuse of ISIDs for details):
Julian Satran Expires August 2003 148
iSCSI 19-January-03
Byte/ 0 | 1 | 2 | 3 | Byte/ 0 | 1 | 2 | 3 |
/ | | | | / | | | |
|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7| |0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
8| T | A | B | C | 8| T | A | B | C |
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
12| D | 12| D |
+---------------+---------------+ +---------------+---------------+
The T field identifies the format and usage of A, B, C, and D as The T field identifies the format and usage of A, B, C, and D as
indicated below: indicated below:
T T
00b OUI-Format
A&B are a 22 bit OUI
(the I/G & U/L bits are omitted)
C&D 24 bit qualifier
01b EN - Format (IANA Enterprise Number)
A - Reserved
Julian Satran Expires June 2003 181
iSCSI 3-November-02
00b OUI-Format
A&B are a 22 bit OUI
(the I/G & U/L bits are omitted)
C&D 24 bit qualifier
01b EN - Format (IANA Enterprise Number)
A - Reserved
B&C EN (IANA Enterprise Number) B&C EN (IANA Enterprise Number)
D - Qualifier D - Qualifier
10b "Random" 10b "Random"
A - Reserved A - Reserved
B&C Random B&C Random
D - Qualifier D - Qualifier
11b A,B,C&D Reserved 11b A,B,C&D Reserved
For the T field values 00b and 01b, a combination of A and B (for For the T field values 00b and 01b, a combination of A and B (for
00b) or B and C (for 01b) identifies the vendor or organization 00b) or B and C (for 01b) identifies the vendor or organization
skipping to change at line 7766 skipping to change at line 7701
The T field value of 11b is reserved. The T field value of 11b is reserved.
If the ISID is derived from something assigned to a hardware adapter If the ISID is derived from something assigned to a hardware adapter
or interface by a vendor, as a preset default value, it MUST be or interface by a vendor, as a preset default value, it MUST be
configurable to a value assigned according to the SCSI port behavior configurable to a value assigned according to the SCSI port behavior
desired by the system in which it is installed (see Section 9.1.1 desired by the system in which it is installed (see Section 9.1.1
Conservative Reuse of ISIDs and Section 9.1.2 iSCSI Name, ISID, and Conservative Reuse of ISIDs and Section 9.1.2 iSCSI Name, ISID, and
TPGT Use). The resultant ISID MUST also be persistent over power TPGT Use). The resultant ISID MUST also be persistent over power
cycles, reboot, card swap, etc. cycles, reboot, card swap, etc.
Julian Satran Expires August 2003 149
iSCSI 19-January-03
10.12.6 TSIH 10.12.6 TSIH
TSIH must be set in the first Login Request. The reserved value 0 TSIH must be set in the first Login Request. The reserved value 0
MUST be used on the first connection for a new session. Otherwise, MUST be used on the first connection for a new session. Otherwise,
the TSIH sent by the target at the conclusion of the successful the TSIH sent by the target at the conclusion of the successful
login of the first connection for this session MUST be used. The login of the first connection for this session MUST be used. The
Julian Satran Expires June 2003 182
iSCSI 3-November-02
TSIH identifies to the target the associated existing session for TSIH identifies to the target the associated existing session for
this new connection. this new connection.
All Login requests within a Login Phase MUST carry the same TSIH. All Login requests within a Login Phase MUST carry the same TSIH.
The target MUST check the value presented with the first login The target MUST check the value presented with the first login
request and act as specified in Section 5.3.1 Login Phase Start. request and act as specified in Section 5.3.1 Login Phase Start.
10.12.7 Connection ID - CID 10.12.7 Connection ID - CID
skipping to change at line 7820 skipping to change at line 7754
in FullFeaturePhase also carries the CmdSN 123. in FullFeaturePhase also carries the CmdSN 123.
- Login on other than a leading connection - if the current - Login on other than a leading connection - if the current
CmdSN at the time the first login on the connection is issued CmdSN at the time the first login on the connection is issued
is 500, then that PDU carries CmdSN=500. Subsequent login is 500, then that PDU carries CmdSN=500. Subsequent login
requests that are needed to complete this login phase may requests that are needed to complete this login phase may
carry a CmdSN higher than 500 if non-immediate requests that carry a CmdSN higher than 500 if non-immediate requests that
were issued on other connections in the same session advance were issued on other connections in the same session advance
CmdSN. CmdSN.
Julian Satran Expires June 2003 183
iSCSI 3-November-02
If the login request is a leading login request, the target MUST use If the login request is a leading login request, the target MUST use
the value presented in CmdSN as the target value for ExpCmdSN. the value presented in CmdSN as the target value for ExpCmdSN.
Julian Satran Expires August 2003 150
iSCSI 19-January-03
10.12.9 ExpStatSN 10.12.9 ExpStatSN
For the first Login Request on a connection this is ExpStatSN for For the first Login Request on a connection this is ExpStatSN for
the old connection and this field is only valid if the Login request the old connection and this field is only valid if the Login request
restarts a connection (see Section 5.3.4 Connection Reinstatement). restarts a connection (see Section 5.3.4 Connection Reinstatement).
For subsequent Login Requests it is used to acknowledge the Login For subsequent Login Requests it is used to acknowledge the Login
Responses with their increasing StatSN values. Responses with their increasing StatSN values.
10.12.10 Login Parameters 10.12.10 Login Parameters
skipping to change at line 7849 skipping to change at line 7783
resources and the initial text parameters for the security exchange. resources and the initial text parameters for the security exchange.
All the rules specified in Section 10.10.5 Text for text requests All the rules specified in Section 10.10.5 Text for text requests
also hold for login requests. Keys and their explanations are also hold for login requests. Keys and their explanations are
listed in Chapter 11 (security negotiation keys) and Chapter 12 listed in Chapter 11 (security negotiation keys) and Chapter 12
(operational parameter negotiation keys). All keys in Chapter 12, (operational parameter negotiation keys). All keys in Chapter 12,
except for the X extension formats, MUST be supported by iSCSI except for the X extension formats, MUST be supported by iSCSI
initiators and targets. Keys in Chapter 11 only need to be supported initiators and targets. Keys in Chapter 11 only need to be supported
when the function to which they refer is mandatory to implement. when the function to which they refer is mandatory to implement.
Julian Satran Expires June 2003 184 Julian Satran Expires August 2003 151
iSCSI 3-November-02 iSCSI 19-January-03
10.13 Login Response 10.13 Login Response
The Login Response indicates the progress and/or end of the Login The Login Response indicates the progress and/or end of the Login
Phase. Phase.
Byte/ 0 | 1 | 2 | 3 | Byte/ 0 | 1 | 2 | 3 |
/ | | | | / | | | |
|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7| |0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
skipping to change at line 7895 skipping to change at line 7829
+/ / +/ /
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
10.13.1 Version-max 10.13.1 Version-max
This is the highest version number supported by the target. This is the highest version number supported by the target.
All Login responses within the Login Phase MUST carry the same All Login responses within the Login Phase MUST carry the same
Version-max. Version-max.
Julian Satran Expires June 2003 185
iSCSI 3-November-02
The initiator MUST use the value presented as a response to the The initiator MUST use the value presented as a response to the
first login request. first login request.
10.13.2 Version-active 10.13.2 Version-active
Indicates the highest version supported by the target and initiator. Indicates the highest version supported by the target and initiator.
If the target does not support a version within the range specified If the target does not support a version within the range specified
by the initiator, the target rejects the login and this field by the initiator, the target rejects the login and this field
indicates the lowest version supported by the target. indicates the lowest version supported by the target.
All Login responses within the Login Phase MUST carry the same All Login responses within the Login Phase MUST carry the same
Version-active. Version-active.
Julian Satran Expires August 2003 152
iSCSI 19-January-03
The initiator MUST use the value presented as a response to the The initiator MUST use the value presented as a response to the
first login request. first login request.
10.13.3 TSIH 10.13.3 TSIH
The TSIH is the target assigned session identifying handle. Its The TSIH is the target assigned session identifying handle. Its
internal format and content are not defined by this protocol except internal format and content are not defined by this protocol except
for the value 0 that is reserved. With the exception of the Login for the value 0 that is reserved. With the exception of the Login
Final-Response in a new session, this field should be set to the Final-Response in a new session, this field should be set to the
TSIH provided by the initiator in the Login Request. For a new TSIH provided by the initiator in the Login Request. For a new
skipping to change at line 7942 skipping to change at line 7876
10.13.5 Status-Class and Status-Detail 10.13.5 Status-Class and Status-Detail
The Status returned in a Login Response indicates the execution The Status returned in a Login Response indicates the execution
status of the Login Phase. The status includes: status of the Login Phase. The status includes:
Status-Class Status-Class
Status-Detail Status-Detail
0 Status-Class indicates success. 0 Status-Class indicates success.
Julian Satran Expires June 2003 186
iSCSI 3-November-02
A non-zero Status-Class indicates an exception. In this case, A non-zero Status-Class indicates an exception. In this case,
Status-Class is sufficient for a simple initiator to use when Status-Class is sufficient for a simple initiator to use when
handling exceptions, without having to look at the Status-Detail. handling exceptions, without having to look at the Status-Detail.
The Status-Detail allows finer-grained exception handling for more The Status-Detail allows finer-grained exception handling for more
sophisticated initiators and for better information for logging. sophisticated initiators and for better information for logging.
The status classes are as follows: The status classes are as follows:
0 - Success - indicates that the iSCSI target successfully 0 - Success - indicates that the iSCSI target successfully
received, understood, and accepted the request. The numbering received, understood, and accepted the request. The numbering
fields (StatSN, ExpCmdSN, MaxCmdSN) are only valid if Status- fields (StatSN, ExpCmdSN, MaxCmdSN) are only valid if Status-
Class is 0. Class is 0.
1 - Redirection - indicates that the initiator must take further 1 - Redirection - indicates that the initiator must take further
action to complete the request. This is usually due to the action to complete the request. This is usually due to the
target moving to a different address. All of the redirection target moving to a different address. All of the redirection
status class responses MUST return one or more text key status class responses MUST return one or more text key
parameters of the type "TargetAddress", which indicates the parameters of the type "TargetAddress", which indicates the
target's new address. target's new address. A redirection response MAY be issued by
a target prior or after completing a security negotiation if a
security negotiation is required. A redirection SHOULD be
accepted by an initiator even without having the target
complete a security negotiation if any security negotiation is
required, and MUST be accepted by the initiator after the
Julian Satran Expires August 2003 153
iSCSI 19-January-03
completion of the security negotiation if any security
negotiation is required.
2 - Initiator Error (not a format error) - indicates that the 2 - Initiator Error (not a format error) - indicates that the
initiator most likely caused the error. This MAY be due to a initiator most likely caused the error. This MAY be due to a
request for a resource for which the initiator does not have request for a resource for which the initiator does not have
permission. The request should not be tried again. permission. The request should not be tried again.
3 - Target Error - indicates that the target sees no errors in 3 - Target Error - indicates that the target sees no errors in
the initiator's login request, but is currently incapable of the initiator's login request, but is currently incapable of
fulfilling the request. The initiator may re-try the same fulfilling the request. The initiator may re-try the same
login request later. login request later.
The table below shows all of the currently allocated status codes. The table below shows all of the currently allocated status codes.
The codes are in hexadecimal; the first byte is the status class and The codes are in hexadecimal; the first byte is the status class and
the second byte is the status detail. the second byte is the status detail.
Julian Satran Expires June 2003 187 Julian Satran Expires August 2003 154
iSCSI 3-November-02 iSCSI 19-January-03
----------------------------------------------------------------- -----------------------------------------------------------------
Status | Code | Description Status | Code | Description
|(hex) | |(hex) |
----------------------------------------------------------------- -----------------------------------------------------------------
Success | 0000 | Login is proceeding OK (*1). Success | 0000 | Login is proceeding OK (*1).
----------------------------------------------------------------- -----------------------------------------------------------------
Target Moved | 0101 | The requested iSCSI Target Name (ITN) Target moved | 0101 | The requested iSCSI Target Name (ITN)
Temporarily | | has temporarily moved temporarily | | has temporarily moved
| | to the address provided. | | to the address provided.
----------------------------------------------------------------- -----------------------------------------------------------------
Target Moved | 0102 | The requested ITN has permanently moved Target moved | 0102 | The requested ITN has permanently moved
Permanently | | to the address provided. permanently | | to the address provided.
----------------------------------------------------------------- -----------------------------------------------------------------
Initiator | 0200 | Miscellaneous iSCSI initiator Initiator | 0200 | Miscellaneous iSCSI initiator
Error | | errors. error | | errors.
---------------------------------------------------------------- ----------------------------------------------------------------
Authentication| 0201 | The initiator could not be Authentication| 0201 | The initiator could not be
Failure | | successfully authenticated. failure | | successfully authenticated or target
| | authentication is not supported.
----------------------------------------------------------------- -----------------------------------------------------------------
Authorization | 0202 | The initiator is not allowed access Authorization | 0202 | The initiator is not allowed access
Failure | | to the given target. failure | | to the given target.
----------------------------------------------------------------- -----------------------------------------------------------------
Not Found | 0203 | The requested ITN does not Not found | 0203 | The requested ITN does not
| | exist at this address. | | exist at this address.
----------------------------------------------------------------- -----------------------------------------------------------------
Target Removed| 0204 | The requested ITN has been removed and Target removed| 0204 | The requested ITN has been removed and
| |no forwarding address is provided. | |no forwarding address is provided.
----------------------------------------------------------------- -----------------------------------------------------------------
Unsupported | 0205 | The requested iSCSI version range is Unsupported | 0205 | The requested iSCSI version range is
Version | | not supported by the target. version | | not supported by the target.
----------------------------------------------------------------- -----------------------------------------------------------------
Too many | 0206 | Too many connections on this SSID. Too many | 0206 | Too many connections on this SSID.
connections | | connections | |
----------------------------------------------------------------- -----------------------------------------------------------------
Missing | 0207 | Missing parameters (e.g., iSCSI Missing | 0207 | Missing parameters (e.g., iSCSI
parameter | | Initiator and/or Target Name). parameter | | Initiator and/or Target Name).
----------------------------------------------------------------- -----------------------------------------------------------------
Can't include | 0208 | Target does not support session Can't include | 0208 | Target does not support session
in session | | spanning to this connection (address). in session | | spanning to this connection (address).
----------------------------------------------------------------- -----------------------------------------------------------------
Session type | 0209 | Target does not support this type of Session type | 0209 | Target does not support this type of
Not supported | | of session or not from this Initiator. not supported | | of session or not from this Initiator.
----------------------------------------------------------------- -----------------------------------------------------------------
Julian Satran Expires June 2003 188
iSCSI 3-November-02
Session does | 020a | Attempt to add a connection Session does | 020a | Attempt to add a connection
not exist | | to a non-existent session. not exist | | to a non-existent session.
----------------------------------------------------------------- -----------------------------------------------------------------
Invalid during| 020b | Invalid Request type during Login. Invalid during| 020b | Invalid Request type during Login.
login | | login | |
----------------------------------------------------------------- -----------------------------------------------------------------
Target Error | 0300 | Target hardware or software error. Target error | 0300 | Target hardware or software error.
----------------------------------------------------------------- -----------------------------------------------------------------
Service | 0301 | The iSCSI service or target is not Service | 0301 | The iSCSI service or target is not
Unavailable | | currently operational. unavailable | | currently operational.
----------------------------------------------------------------- -----------------------------------------------------------------
Out of | 0302 | The target has insufficient session, Out of | 0302 | The target has insufficient session,
Resources | | connection, or other resources.
Julian Satran Expires August 2003 155
iSCSI 19-January-03
resources | | connection, or other resources.
----------------------------------------------------------------- -----------------------------------------------------------------
(*1)If the response T bit is 1 in both the request and the matching (*1)If the response T bit is 1 in both the request and the matching
response, and the NSG is FullFeaturePhase in both the request and response, and the NSG is FullFeaturePhase in both the request and
the matching response, the Login Phase is finished and the initiator the matching response, the Login Phase is finished and the initiator
may proceed to issue SCSI commands. may proceed to issue SCSI commands.
If the Status Class is not 0, the initiator and target MUST close If the Status Class is not 0, the initiator and target MUST close
the TCP connection. the TCP connection.
skipping to change at line 8069 skipping to change at line 8012
the Final Login Response (see Chapter 5). A T bit of 0 indicates a the Final Login Response (see Chapter 5). A T bit of 0 indicates a
"partial" response, which means "more negotiation needed". "partial" response, which means "more negotiation needed".
A login response with a T bit set to 1 MUST NOT contain key=value A login response with a T bit set to 1 MUST NOT contain key=value
pairs that may require additional answers from the initiator within pairs that may require additional answers from the initiator within
the same stage. the same stage.
If the status class is 0, the T bit MUST NOT be set to 1 if the T If the status class is 0, the T bit MUST NOT be set to 1 if the T
bit in the request was set to 0. bit in the request was set to 0.
Julian Satran Expires June 2003 189
iSCSI 3-November-02
10.13.7 C (Continue) Bit 10.13.7 C (Continue) Bit
When set to 1, indicates that the text (set of key=value pairs) in When set to 1, indicates that the text (set of key=value pairs) in
this Login Response is not complete (it will be continued on this Login Response is not complete (it will be continued on
subsequent Login Responses); otherwise, it indicates that this Login subsequent Login Responses); otherwise, it indicates that this Login
Response ends a set of key=value pairs. A Login Response with the C Response ends a set of key=value pairs. A Login Response with the C
bit set to 1 MUST have the T bit set to 0. bit set to 1 MUST have the T bit set to 0.
10.13.8 Login Parameters 10.13.8 Login Parameters
skipping to change at line 8095 skipping to change at line 8035
All the rules specified in Section 10.11.6 Text Response Data for All the rules specified in Section 10.11.6 Text Response Data for
text responses also hold for login responses. Keys and their text responses also hold for login responses. Keys and their
explanations are listed in Chapter 11 (security negotiation keys) explanations are listed in Chapter 11 (security negotiation keys)
and Chapter 12 (operational parameter negotiation keys). All keys in and Chapter 12 (operational parameter negotiation keys). All keys in
Chapter 12, except for the X extension formats, MUST be supported by Chapter 12, except for the X extension formats, MUST be supported by
iSCSI initiators and targets. Keys in Chapter 11, only need to be iSCSI initiators and targets. Keys in Chapter 11, only need to be
supported when the function to which they refer is mandatory to supported when the function to which they refer is mandatory to
implement. implement.
Julian Satran Expires June 2003 190 Julian Satran Expires August 2003 156
iSCSI 3-November-02 iSCSI 19-January-03
10.14 Logout Request 10.14 Logout Request
The Logout request is used to perform a controlled closing of a The Logout request is used to perform a controlled closing of a
connection. connection.
An initiator MAY use a logout request to remove a connection from a An initiator MAY use a logout request to remove a connection from a
session or to close an entire session. session or to close an entire session.
After sending the Logout request PDU, an initiator MUST NOT send any After sending the Logout request PDU, an initiator MUST NOT send any
skipping to change at line 8141 skipping to change at line 8081
connection for the CID is implied with a Logout. connection for the CID is implied with a Logout.
All commands that were not terminated or not completed (with status) All commands that were not terminated or not completed (with status)
and acknowledged when the connection is closed completely can be and acknowledged when the connection is closed completely can be
reassigned to a new connection if the target supports connection reassigned to a new connection if the target supports connection
recovery. recovery.
If an initiator intends to start recovery for a failing connection, If an initiator intends to start recovery for a failing connection,
it MUST use the Logout request to "clean-up" the target end of a it MUST use the Logout request to "clean-up" the target end of a
failing connection and enable recovery to start, or the Login failing connection and enable recovery to start, or the Login
Julian Satran Expires June 2003 191
iSCSI 3-November-02
request with a non-zero TSIH and the same CID on a new connection request with a non-zero TSIH and the same CID on a new connection
for the same effect (see Section 10.14.3 CID). In sessions with a for the same effect (see Section 10.14.3 CID). In sessions with a
single connection, the connection can be closed and then a new single connection, the connection can be closed and then a new
connection reopened. A connection reinstatement login can be used connection reopened. A connection reinstatement login can be used
for recovery (see Section 5.3.4 Connection Reinstatement). for recovery (see Section 5.3.4 Connection Reinstatement).
A successful completion of a logout request with the reason code of A successful completion of a logout request with the reason code of
"close the connection" or "remove the connection for recovery" "close the connection" or "remove the connection for recovery"
results at the target in the discarding of unacknowledged commands results at the target in the discarding of unacknowledged commands
received on the connection being logged out. These are commands that received on the connection being logged out. These are commands that
have arrived on the connection being logged out, but have not been have arrived on the connection being logged out, but have not been
delivered to SCSI because one or more commands with a smaller CmdSN delivered to SCSI because one or more commands with a smaller CmdSN
has not been received by iSCSI. See Section 3.2.2.1 Command has not been received by iSCSI. See Section 3.2.2.1 Command
Julian Satran Expires August 2003 157
iSCSI 19-January-03
Numbering and Acknowledging. The resulting holes the in command Numbering and Acknowledging. The resulting holes the in command
sequence numbers will have to be handled by appropriate recovery sequence numbers will have to be handled by appropriate recovery
(see Chapter 6) unless the session is also closed. (see Chapter 6) unless the session is also closed.
The entire logout discussion in this section is also applicable for The entire logout discussion in this section is also applicable for
an implicit Logout affected by way of a connection reinstatement or an implicit Logout affected by way of a connection reinstatement or
session reinstatement. When a Login Request performs an implicit session reinstatement. When a Login Request performs an implicit
Logout, the implicit Logout is performed as if having the reason Logout, the implicit Logout is performed as if having the reason
codes specified below: codes specified below:
Reason code Type of implicit Logout Reason code Type of implicit Logout
------------------------------------------- -------------------------------------------
0 session reinstatement 0 session reinstatement
1 connection reinstatement when 1 connection reinstatement when
the operational ErrorRecoveryLevel < 2 the operational ErrorRecoveryLevel < 2
2 connection reinstatement when 2 connection reinstatement when
the operational ErrorRecoveryLevel = 2 the operational ErrorRecoveryLevel = 2
Julian Satran Expires June 2003 192
iSCSI 3-November-02
Byte/ 0 | 1 | 2 | 3 | Byte/ 0 | 1 | 2 | 3 |
/ | | | | / | | | |
|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7| |0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
0|.|I| 0x06 |1| Reason Code | Reserved | 0|.|I| 0x06 |1| Reason Code | Reserved |
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
4|TotalAHSLength | DataSegmentLength | 4|TotalAHSLength | DataSegmentLength |
+---------------------------------------------------------------+ +---------------------------------------------------------------+
8/ Reserved / 8/ Reserved /
+/ / +/ /
skipping to change at line 8214 skipping to change at line 8151
10.14.1 Reason Code 10.14.1 Reason Code
Reason Code indicates the reason for Logout as follows: Reason Code indicates the reason for Logout as follows:
0 - close the session. All commands associated with the session 0 - close the session. All commands associated with the session
(if any) are terminated. (if any) are terminated.
1 - close the connection. All commands associated with 1 - close the connection. All commands associated with
connection (if any) are terminated. connection (if any) are terminated.
Julian Satran Expires August 2003 158
iSCSI 19-January-03
2 - remove the connection for recovery. Connection is closed and 2 - remove the connection for recovery. Connection is closed and
all commands associated with it, if any, are to be prepared all commands associated with it, if any, are to be prepared
for a new allegiance. for a new allegiance.
All other values are reserved. All other values are reserved.
10.14.2 TotalAHSLength and DataSegmentLength 10.14.2 TotalAHSLength and DataSegmentLength
For this PDU TotalAHSLength and DataSegmentLength MUST be 0. For this PDU TotalAHSLength and DataSegmentLength MUST be 0.
Julian Satran Expires June 2003 193
iSCSI 3-November-02
10.14.3 CID 10.14.3 CID
This is the connection ID of the connection to be closed (including This is the connection ID of the connection to be closed (including
closing the TCP stream). This field is only valid if the reason code closing the TCP stream). This field is only valid if the reason code
is not "close the session". is not "close the session".
10.14.4 ExpStatSN 10.14.4 ExpStatSN
This is the last ExpStatSN value for the connection to be closed. This is the last ExpStatSN value for the connection to be closed.
10.14.5 Implicit termination of tasks 10.14.5 Implicit termination of tasks
A target implicitly terminates the active tasks in three cases due A target implicitly terminates the active tasks due to the iSCSI
to iSCSI protocol: protocol in the following cases:
a) When a connection is implicitly or explicitly logged out a) When a connection is implicitly or explicitly logged out
with the reason code of "Close the connection" and there are with the reason code of "Close the connection" and there are
active tasks allegiant to that connection. active tasks allegiant to that connection.
b) When a connection fails and eventually the connection state b) When a connection fails and eventually the connection state
times out (state transition M1 in Section 7.2.2 State times out (state transition M1 in Section 7.2.2 State
Transition Descriptions for Initiators and Targets) and there Transition Descriptions for Initiators and Targets) and there
are active tasks allegiant to that connection. are active tasks allegiant to that connection.
c) When a successful recovery Logout is performed while there c) When a successful recovery Logout is performed while there
are active tasks allegiant to that connection, and those tasks are active tasks allegiant to that connection, and those tasks
eventually time out after the Time2Wait and Time2Retain periods eventually time out after the Time2Wait and Time2Retain periods
without allegiance reassignment. without allegiance reassignment.
d) When a connection is implicitly or explicitly logged out
with the reason code of "Close the session" and there are
active tasks in that session.
If the tasks terminated in any of the above cases are SCSI tasks, If the tasks terminated in any of the above cases are SCSI tasks,
they must be internally terminated with CHECK CONDITION status with they must be internally terminated as if with CHECK CONDITION
a sense key of unit attention and ASC/ASCQ values of 0x6E/0x00 status. This status is only meaningful for appropriately handling
(COMMAND TO LOGICAL UNIT FAILED). This status is only meaningful the internal SCSI state and SCSI side effects with respect to
for appropriately handling the internal SCSI state with respect to ordering because this status is never communicated back as a
ordering aspects such as queued commands, because this status is terminating status to the initiator. However additional actions may
never communicated back as a terminating status to the initiator. have to be taken at SCSI level depending on the SCSI context as
defined by the SCSI standards (e.g., queued commands and ACA, UA for
Julian Satran Expires June 2003 194 Julian Satran Expires August 2003 159
iSCSI 3-November-02 iSCSI 19-January-03
the next command on the I_T nexus in cases a), b), and c) etc. - see
[SAM] and [SPC3]).
Julian Satran Expires August 2003 160
iSCSI 19-January-03
10.15 Logout Response 10.15 Logout Response
The logout response is used by the target to indicate if the cleanup The logout response is used by the target to indicate if the cleanup
operation for the connection(s) has completed. operation for the connection(s) has completed.
After Logout, the TCP connection referred by the CID MUST be closed After Logout, the TCP connection referred by the CID MUST be closed
at both ends (or all connections must be closed if the logout reason at both ends (or all connections must be closed if the logout reason
was session close). was session close).
skipping to change at line 8310 skipping to change at line 8258
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
44| Reserved | 44| Reserved |
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
48| Header-Digest (Optional) | 48| Header-Digest (Optional) |
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
10.15.1 Response 10.15.1 Response
Logout response: Logout response:
Julian Satran Expires June 2003 195
iSCSI 3-November-02
0 - connection or session closed successfully. 0 - connection or session closed successfully.
1 - CID not found. 1 - CID not found.
2 - connection recovery is not supported. If Logout reason code 2 - connection recovery is not supported. If Logout reason code
was recovery and target does not support it as indicated by was recovery and target does not support it as indicated by
the ErrorRecoveryLevel. the ErrorRecoveryLevel.
3 - cleanup failed for various reasons. 3 - cleanup failed for various reasons.
10.15.2 TotalAHSLength and DataSegmentLength 10.15.2 TotalAHSLength and DataSegmentLength
For this PDU TotalAHSLength and DataSegmentLength MUST be 0. For this PDU TotalAHSLength and DataSegmentLength MUST be 0.
Julian Satran Expires August 2003 161
iSCSI 19-January-03
10.15.3 Time2Wait 10.15.3 Time2Wait
If the Logout response code is 0 and if the operational If the Logout response code is 0 and if the operational
ErrorRecoveryLevel is 2, this is the minimum amount of time, in ErrorRecoveryLevel is 2, this is the minimum amount of time, in
seconds, to wait before attempting task reassignment. If the Logout seconds, to wait before attempting task reassignment. If the Logout
response code is 0 and if the operational ErrorRecoveryLevel is less response code is 0 and if the operational ErrorRecoveryLevel is less
than 2, this field is to be ignored. than 2, this field is to be ignored.
This field is invalid if the Logout response code is 1. This field is invalid if the Logout response code is 1.
skipping to change at line 8356 skipping to change at line 8304
If the Logout response code is 0 and if the operational If the Logout response code is 0 and if the operational
ErrorRecoveryLevel is 2, this is the maximum amount of time, in ErrorRecoveryLevel is 2, this is the maximum amount of time, in
seconds, after the initial wait (Time2Wait), the target waits for seconds, after the initial wait (Time2Wait), the target waits for
the allegiance reassignment for any active task after which the task the allegiance reassignment for any active task after which the task
state is discarded. If the Logout response code is 0 and if the state is discarded. If the Logout response code is 0 and if the
operational ErrorRecoveryLevel is less than 2, this field is to be operational ErrorRecoveryLevel is less than 2, this field is to be
ignored. ignored.
This field is invalid if the Logout response code is 1. This field is invalid if the Logout response code is 1.
Julian Satran Expires June 2003 196
iSCSI 3-November-02
If the Logout response code is 2 or 3, this field specifies the If the Logout response code is 2 or 3, this field specifies the
maximum amount of time, in seconds, after the initial wait maximum amount of time, in seconds, after the initial wait
(Time2Wait), the target waits for a new implicit or explicit logout. (Time2Wait), the target waits for a new implicit or explicit logout.
If it is the last connection of a session, the whole session state If it is the last connection of a session, the whole session state
is discarded after Time2Retain. is discarded after Time2Retain.
If Time2Retain is 0, the target has already discarded the connection If Time2Retain is 0, the target has already discarded the connection
(and possibly the session) state along with the task states. No (and possibly the session) state along with the task states. No
reassignment or Logout is required in this case. reassignment or Logout is required in this case.
Julian Satran Expires June 2003 197 Julian Satran Expires August 2003 162
iSCSI 3-November-02 iSCSI 19-January-03
10.16 SNACK Request 10.16 SNACK Request
Byte/ 0 | 1 | 2 | 3 | Byte/ 0 | 1 | 2 | 3 |
/ | | | | / | | | |
|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7| |0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
0|.|.| 0x10 |1|.|.|.| Type | Reserved | 0|.|.| 0x10 |1|.|.|.| Type | Reserved |
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
4|TotalAHSLength | DataSegmentLength | 4|TotalAHSLength | DataSegmentLength |
skipping to change at line 8405 skipping to change at line 8350
32/ Reserved / 32/ Reserved /
+/ / +/ /
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
40| BegRun | 40| BegRun |
+---------------------------------------------------------------+ +---------------------------------------------------------------+
44| RunLength | 44| RunLength |
+---------------------------------------------------------------+ +---------------------------------------------------------------+
48| Header-Digest (Optional) | 48| Header-Digest (Optional) |
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
Support for all SNACK types is mandatory if the implementation If the implementation supports ErrorRecoveryLevel greater than zero,
supports ErrorRecoveryLevel greater than zero. it MUST support all SNACK types.
The SNACK is used by the initiator to request the retransmission of The SNACK is used by the initiator to request the retransmission of
numbered-responses, data, or R2T PDUs from the target. The SNACK numbered-responses, data, or R2T PDUs from the target. The SNACK
request indicates the numbered-responses or data "runs" whose request indicates the numbered-responses or data "runs" whose
retransmission is requested by the target, where the run starts with retransmission is requested by the target, where the run starts with
the first StatSN, DataSN, or R2TSN whose retransmission is requested the first StatSN, DataSN, or R2TSN whose retransmission is requested
and indicates the number of Status, Data, or R2T PDUs requested and indicates the number of Status, Data, or R2T PDUs requested
including the first. 0 has special meaning when used as a starting including the first. 0 has special meaning when used as a starting
number and length: number and length:
Julian Satran Expires June 2003 198
iSCSI 3-November-02
- When used in RunLength, it means all PDUs starting with the - When used in RunLength, it means all PDUs starting with the
initial. initial.
- When used in both BegRun and RunLength, it means all - When used in both BegRun and RunLength, it means all
unacknowledged PDUs. unacknowledged PDUs.
The numbered-response(s) or R2T(s), requested by a SNACK, MUST be The numbered-response(s) or R2T(s), requested by a SNACK, MUST be
delivered as exact replicas of the ones that the target transmitted delivered as exact replicas of the ones that the target transmitted
originally except for the fields ExpCmdSN, MaxCmdSN, and ExpDataSN, originally except for the fields ExpCmdSN, MaxCmdSN, and ExpDataSN,
which MUST carry the current values. R2T(s)requested by SNACK MUST which MUST carry the current values. R2T(s)requested by SNACK MUST
also carry the current value of StatSN. also carry the current value of StatSN.
Julian Satran Expires August 2003 163
iSCSI 19-January-03
The numbered Data-In PDUs, requested by a Data SNACK MUST be The numbered Data-In PDUs, requested by a Data SNACK MUST be
delivered as exact replicas of the ones that the target transmitted delivered as exact replicas of the ones that the target transmitted
originally except for the fields ExpCmdSN and MaxCmdSN, which MUST originally except for the fields ExpCmdSN and MaxCmdSN, which MUST
carry the current values and except for resegmentation (see Section carry the current values and except for resegmentation (see Section
10.16.3 Resegmentation). 10.16.3 Resegmentation).
Any SNACK that requests a numbered-response, Data, or R2T that was Any SNACK that requests a numbered-response, Data, or R2T that was
not sent by the target or was already acknowledged by the initiator, not sent by the target or was already acknowledged by the initiator,
MUST be rejected with a reason code of "Protocol error". MUST be rejected with a reason code of "Protocol error".
skipping to change at line 8461 skipping to change at line 8406
2-DataACK - positively acknowledges Data-In PDUs. 2-DataACK - positively acknowledges Data-In PDUs.
3-R-Data SNACK - requesting retransmission of Data-In PDUs with 3-R-Data SNACK - requesting retransmission of Data-In PDUs with
possible resegmentation and status tagging. possible resegmentation and status tagging.
All other values are reserved. All other values are reserved.
Data/R2T SNACK, Status SNACK, or R-Data SNACK for a command MUST Data/R2T SNACK, Status SNACK, or R-Data SNACK for a command MUST
precede status acknowledgement for the given command. precede status acknowledgement for the given command.
Julian Satran Expires June 2003 199
iSCSI 3-November-02
10.16.2 Data Acknowledgement 10.16.2 Data Acknowledgement
If an initiator operates at ErrorRecoveryLevel 1 or higher, it MUST If an initiator operates at ErrorRecoveryLevel 1 or higher, it MUST
issue a SNACK of type DataACK after receiving a Data-In PDU with the issue a SNACK of type DataACK after receiving a Data-In PDU with the
A bit set to 1. However, if the initiator has detected holes in the A bit set to 1. However, if the initiator has detected holes in the
input sequence, it MUST postpone issuing the SNACK of type DataACK input sequence, it MUST postpone issuing the SNACK of type DataACK
until the holes are filled. An initiator MAY ignore the A bit if it until the holes are filled. An initiator MAY ignore the A bit if it
deems that the bit is being set aggressively by the target (i.e., deems that the bit is being set aggressively by the target (i.e.,
before the MaxBurstLength limit is reached). before the MaxBurstLength limit is reached).
skipping to change at line 8489 skipping to change at line 8431
10.16.3 Resegmentation 10.16.3 Resegmentation
If the initiator MaxRecvDataSegmentLength changed between the If the initiator MaxRecvDataSegmentLength changed between the
original transmission and the time the initiator requests original transmission and the time the initiator requests
retransmission, the initiator MUST issue a R-Data SNACK (see Section retransmission, the initiator MUST issue a R-Data SNACK (see Section
10.16.1 Type). With R-Data SNACK, the initiator indicates that it 10.16.1 Type). With R-Data SNACK, the initiator indicates that it
discards all the unacknowledged data and expects the target to discards all the unacknowledged data and expects the target to
resend it. It also expects resegmentation. In this case, the resend it. It also expects resegmentation. In this case, the
retransmitted Data-In PDUs MAY be different from the ones originally retransmitted Data-In PDUs MAY be different from the ones originally
Julian Satran Expires August 2003 164
iSCSI 19-January-03
sent in order to reflect changes in MaxRecvDataSegmentLength. Their sent in order to reflect changes in MaxRecvDataSegmentLength. Their
DataSN starts with the BegRun of the last DataACK received by the DataSN starts with the BegRun of the last DataACK received by the
target if any was received; otherwise it starts with 0 and is target if any was received; otherwise it starts with 0 and is
increased by 1 for each resent Data-In PDU. increased by 1 for each resent Data-In PDU.
A target that has received a R-Data SNACK MUST return a SCSI A target that has received a R-Data SNACK MUST return a SCSI
Response Response
that contains a copy of the SNACK Tag field from the R-Data SNACK in that contains a copy of the SNACK Tag field from the R-Data SNACK in
the SCSI Response SNACK Tag field as its last or only Response. For the SCSI Response SNACK Tag field as its last or only Response. For
example, if it has already sent a response containing another value example, if it has already sent a response containing another value
in the SNACK Tag field or had the status included in the last Data- in the SNACK Tag field or had the status included in the last Data-
In PDU, it must send a new SCSI Response PDU. If a target sends more In PDU, it must send a new SCSI Response PDU. If a target sends more
than one SCSI Response PDU due to this rule, all SCSI responses must than one SCSI Response PDU due to this rule, all SCSI responses must
carry the same StatSN (see Section 10.4.4 SNACK Tag). If an carry the same StatSN (see Section 10.4.4 SNACK Tag). If an
initiator attempts to recover a lost SCSI Response (with a Status- initiator attempts to recover a lost SCSI Response (with a Status-
SNACK, see Section 10.16.1 Type) when more than one response has SNACK, see Section 10.16.1 Type) when more than one response has
been sent, the target will send the SCSI Response with the latest been sent, the target will send the SCSI Response with the latest
Julian Satran Expires June 2003 200
iSCSI 3-November-02
content known to the target, including the last SNACK Tag for the content known to the target, including the last SNACK Tag for the
command. command.
For considerations in allegiance reassignment of a task to a For considerations in allegiance reassignment of a task to a
connection with a different MaxRecvDataSegmentLength, refer to connection with a different MaxRecvDataSegmentLength, refer to
Section 6.2.2 Allegiance Reassignment. Section 6.2.2 Allegiance Reassignment.
10.16.4 Initiator Task Tag 10.16.4 Initiator Task Tag
For Status SNACK and DataACK, the Initiator Task Tag MUST be set to For Status SNACK and DataACK, the Initiator Task Tag MUST be set to
skipping to change at line 8548 skipping to change at line 8490
10.16.6 BegRun 10.16.6 BegRun
The DataSN, R2TSN, or StatSN of the first PDU whose retransmission The DataSN, R2TSN, or StatSN of the first PDU whose retransmission
is requested (Data/R2T and Status SNACK), or the next expected is requested (Data/R2T and Status SNACK), or the next expected
DataSN (DataACK SNACK). DataSN (DataACK SNACK).
BegRun 0 when used in conjunction with RunLength 0 means resend all BegRun 0 when used in conjunction with RunLength 0 means resend all
unacknowledged Data-In, R2T or Response PDUs. unacknowledged Data-In, R2T or Response PDUs.
BegRun MUST be 0 for a R-Data SNACK. Julian Satran Expires August 2003 165
iSCSI 19-January-03
Julian Satran Expires June 2003 201 BegRun MUST be 0 for a R-Data SNACK.
iSCSI 3-November-02
10.16.7 RunLength 10.16.7 RunLength
The number of PDUs whose retransmission is requested. The number of PDUs whose retransmission is requested.
RunLength 0 signals that all Data-In, R2T, or Response PDUs carrying RunLength 0 signals that all Data-In, R2T, or Response PDUs carrying
the numbers equal to or greater than BegRun have to be resent. the numbers equal to or greater than BegRun have to be resent.
The RunLength MUST also be 0 for a DataACK SNACK in addition to R- The RunLength MUST also be 0 for a DataACK SNACK in addition to R-
Data SNACK. Data SNACK.
Julian Satran Expires June 2003 202 Julian Satran Expires August 2003 166
iSCSI 3-November-02 iSCSI 19-January-03
10.17 Reject 10.17 Reject
Byte/ 0 | 1 | 2 | 3 | Byte/ 0 | 1 | 2 | 3 |
/ | | | | / | | | |
|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7| |0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
0|.|.| 0x3f |1| Reserved | Reason | Reserved | 0|.|.| 0x3f |1| Reserved | Reason | Reserved |
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
4|TotalAHSLength | DataSegmentLength | 4|TotalAHSLength | DataSegmentLength |
skipping to change at line 8609 skipping to change at line 8551
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
yy/Vendor specific data (if any) / yy/Vendor specific data (if any) /
/ / / /
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
zz| Data-Digest (Optional) | zz| Data-Digest (Optional) |
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
Reject is used to indicate an iSCSI error condition (protocol, Reject is used to indicate an iSCSI error condition (protocol,
unsupported option, etc.). unsupported option, etc.).
Julian Satran Expires June 2003 203
iSCSI 3-November-02
10.17.1 Reason 10.17.1 Reason
The reject Reason is coded as follows: The reject Reason is coded as follows:
Julian Satran Expires August 2003 167
iSCSI 19-January-03
+------+----------------------------------------+------------------+ +------+----------------------------------------+------------------+
| Code | Explanation | Can the original | | Code | Explanation | Can the original |
| (hex)| | PDU be re-sent? | | (hex)| | PDU be re-sent? |
+------+----------------------------------------+------------------+ +------+----------------------------------------+------------------+
| 0x01 | Reserved | no | | 0x01 | Reserved | no |
| | | | | | | |
| 0x02 | Data (payload) Digest Error | yes (Note 1) | | 0x02 | Data (payload) Digest Error | yes (Note 1) |
| | | | | | | |
| 0x03 | SNACK Reject | yes | | 0x03 | SNACK Reject | yes |
| | | | | | | |
skipping to change at line 8653 skipping to change at line 8595
| 0x0b | Negotiation Reset | no | | 0x0b | Negotiation Reset | no |
| | | | | | | |
| 0x0c | Waiting for Logout | no | | 0x0c | Waiting for Logout | no |
+------+----------------------------------------+------------------+ +------+----------------------------------------+------------------+
Note 1: For iSCSI, Data-Out PDU retransmission is only done if the Note 1: For iSCSI, Data-Out PDU retransmission is only done if the
target requests retransmission with a recovery R2T. However, if this target requests retransmission with a recovery R2T. However, if this
is the data digest error on immediate data, the initiator may choose is the data digest error on immediate data, the initiator may choose
to retransmit the whole PDU including the immediate data. to retransmit the whole PDU including the immediate data.
Julian Satran Expires June 2003 204
iSCSI 3-November-02
Note 2: A target should use this reason code for all invalid values Note 2: A target should use this reason code for all invalid values
of PDU fields that are meant to describe a task, a response, or a of PDU fields that are meant to describe a task, a response, or a
data transfer. Some examples are invalid TTT/ITT, buffer offset, data transfer. Some examples are invalid TTT/ITT, buffer offset,
LUN qualifying a TTT, and an invalid sequence number in a SNACK. LUN qualifying a TTT, and an invalid sequence number in a SNACK.
All other values for Reason are reserved. All other values for Reason are reserved.
In all the cases in which a pre-instantiated SCSI task is terminated In all the cases in which a pre-instantiated SCSI task is terminated
because of the reject, the target MUST issue a proper SCSI command because of the reject, the target MUST issue a proper SCSI command
response with CHECK CONDITION as described in Section 10.4.3 response with CHECK CONDITION as described in Section 10.4.3
Response. In these cases in which a status for the SCSI task was Response. In these cases in which a status for the SCSI task was
already sent before the reject, no additional status is required. If already sent before the reject, no additional status is required. If
the error is detected while data from the initiator is still the error is detected while data from the initiator is still
expected (i.e., the command PDU did not contain all the data and the expected (i.e., the command PDU did not contain all the data and the
target has not received a Data-out PDU with the Final bit set to 1 target has not received a Data-out PDU with the Final bit set to 1
for the unsolicited data, if any, and all outstanding R2Ts, if any), for the unsolicited data, if any, and all outstanding R2Ts, if any),
the target MUST wait until it receives the last expected Data-out the target MUST wait until it receives the last expected Data-out
PDUs with the F bit set to 1 before sending the Response PDU. PDUs with the F bit set to 1 before sending the Response PDU.
Julian Satran Expires August 2003 168
iSCSI 19-January-03
For additional usage semantics of Reject PDU, see Section 6.3 Usage For additional usage semantics of Reject PDU, see Section 6.3 Usage
Of Reject PDU in Recovery. Of Reject PDU in Recovery.
10.17.2 DataSN/R2TSN 10.17.2 DataSN/R2TSN
This field is only valid if the rejected PDU is a Data/R2T SNACK and This field is only valid if the rejected PDU is a Data/R2T SNACK and
the Reject reason code is "Protocol error" (see Section 10.16 SNACK the Reject reason code is "Protocol error" (see Section 10.16 SNACK
Request). The DataSN/R2TSN is the next Data/R2T sequence number Request). The DataSN/R2TSN is the next Data/R2T sequence number
that the target would send for the task, if any. that the target would send for the task, if any.
10.17.3 StatSN, ExpCmdSN and MaxCmdSN 10.17.3 StatSN, ExpCmdSN and MaxCmdSN
These fields carry their usual values and are not related to the These fields carry their usual values and are not related to the
rejected command rejected command
10.17.4 Complete Header of Bad PDU 10.17.4 Complete Header of Bad PDU
The target returns the header (not including digest) of the PDU in The target returns the header (not including digest) of the PDU in
error as the data of the response. error as the data of the response.
Julian Satran Expires June 2003 205 Julian Satran Expires August 2003 169
iSCSI 3-November-02 iSCSI 19-January-03
10.18 NOP-Out 10.18 NOP-Out
Byte/ 0 | 1 | 2 | 3 | Byte/ 0 | 1 | 2 | 3 |
/ | | | | / | | | |
|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7| |0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
0|.|I| 0x00 |1| Reserved | 0|.|I| 0x00 |1| Reserved |
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
4|TotalAHSLength | DataSegmentLength | 4|TotalAHSLength | DataSegmentLength |
skipping to change at line 8740 skipping to change at line 8682
A NOP-Out may be used by an initiator as a "ping request" to verify A NOP-Out may be used by an initiator as a "ping request" to verify
that a connection/session is still active and all its components are that a connection/session is still active and all its components are
operational. The NOP-In response is the "ping echo". operational. The NOP-In response is the "ping echo".
A NOP-Out is also sent by an initiator in response to a NOP-In. A NOP-Out is also sent by an initiator in response to a NOP-In.
A NOP-Out may also be used to confirm a changed ExpStatSN if another A NOP-Out may also be used to confirm a changed ExpStatSN if another
PDU will not be available for a long time. PDU will not be available for a long time.
Julian Satran Expires June 2003 206
iSCSI 3-November-02
Upon receipt of a NOP-In with the Target Transfer Tag set to a valid Upon receipt of a NOP-In with the Target Transfer Tag set to a valid
value (not the reserved 0xffffffff), the initiator MUST respond with value (not the reserved 0xffffffff), the initiator MUST respond with
a NOP-Out. In this case, the NOP-Out Target Transfer Tag MUST a NOP-Out. In this case, the NOP-Out Target Transfer Tag MUST
contain a copy of the NOP-In Target Transfer Tag. contain a copy of the NOP-In Target Transfer Tag.
10.18.1 Initiator Task Tag 10.18.1 Initiator Task Tag
The NOP-Out MUST have the Initiator Task Tag set to a valid value The NOP-Out MUST have the Initiator Task Tag set to a valid value
only if a response in the form of NOP-In is requested (i.e., the only if a response in the form of NOP-In is requested (i.e., the
NOP-Out is used as a ping request). Otherwise, the Initiator Task NOP-Out is used as a ping request). Otherwise, the Initiator Task
Tag MUST be set to 0xffffffff. Tag MUST be set to 0xffffffff.
When a target receives the NOP-Out with a valid Initiator Task Tag, When a target receives the NOP-Out with a valid Initiator Task Tag,
it MUST respond with a Nop-In Response (see Section 10.19 NOP-In). it MUST respond with a Nop-In Response (see Section 10.19 NOP-In).
Julian Satran Expires August 2003 170
iSCSI 19-January-03
If the Initiator Task Tag contains 0xffffffff, the I bit MUST be set If the Initiator Task Tag contains 0xffffffff, the I bit MUST be set
to 1 and the CmdSN is not advanced after this PDU is sent. to 1 and the CmdSN is not advanced after this PDU is sent.
10.18.2 Target Transfer Tag 10.18.2 Target Transfer Tag
A target assigned identifier for the operation. A target assigned identifier for the operation.
The NOP-Out MUST only have the Target Transfer Tag set if it is The NOP-Out MUST only have the Target Transfer Tag set if it is
issued in response to a NOP-In with a valid Target Transfer Tag. In issued in response to a NOP-In with a valid Target Transfer Tag. In
this case, it copies the Target Transfer Tag from the NOP-In PDU. this case, it copies the Target Transfer Tag from the NOP-In PDU.
skipping to change at line 8781 skipping to change at line 8723
0xffffffff, the LUN field MUST also be copied from the NOP-In. 0xffffffff, the LUN field MUST also be copied from the NOP-In.
10.18.3 Ping Data 10.18.3 Ping Data
Ping data are reflected in the NOP-In Response. The length of the Ping data are reflected in the NOP-In Response. The length of the
reflected data are limited to MaxRecvDataSegmentLength. The length reflected data are limited to MaxRecvDataSegmentLength. The length
of ping data are indicated by the DataSegmentLength. 0 is a valid of ping data are indicated by the DataSegmentLength. 0 is a valid
value for the DataSegmentLength and indicates the absence of ping value for the DataSegmentLength and indicates the absence of ping
data. data.
Julian Satran Expires June 2003 207 Julian Satran Expires August 2003 171
iSCSI 3-November-02 iSCSI 19-January-03
10.19 NOP-In 10.19 NOP-In
Byte/ 0 | 1 | 2 | 3 | Byte/ 0 | 1 | 2 | 3 |
/ | | | | / | | | |
|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7| |0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
0|.|.| 0x20 |1| Reserved | 0|.|.| 0x20 |1| Reserved |
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
4|TotalAHSLength | DataSegmentLength | 4|TotalAHSLength | DataSegmentLength |
skipping to change at line 8826 skipping to change at line 8768
| Data-Digest (Optional) | | Data-Digest (Optional) |
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
NOP-In is either sent by a target as a response to a NOP-Out, as a NOP-In is either sent by a target as a response to a NOP-Out, as a
"ping" to an initiator, or as a means to carry a changed ExpCmdSN "ping" to an initiator, or as a means to carry a changed ExpCmdSN
and/or MaxCmdSN if another PDU will not be available for a long time and/or MaxCmdSN if another PDU will not be available for a long time
(as determined by the target). (as determined by the target).
When a target receives the NOP-Out with a valid Initiator Task Tag When a target receives the NOP-Out with a valid Initiator Task Tag
(not the reserved value 0xffffffff), it MUST respond with a NOP-In (not the reserved value 0xffffffff), it MUST respond with a NOP-In
Julian Satran Expires June 2003 208
iSCSI 3-November-02
with the same Initiator Task Tag that was provided in the NOP-Out with the same Initiator Task Tag that was provided in the NOP-Out
request. It MUST also duplicate up to the first request. It MUST also duplicate up to the first
MaxRecvDataSegmentLength bytes of the initiator provided Ping Data. MaxRecvDataSegmentLength bytes of the initiator provided Ping Data.
For such a response, the Target Transfer Tag MUST be 0xffffffff. For such a response, the Target Transfer Tag MUST be 0xffffffff.
Otherwise, when a target sends a NOP-In that is not a response to a Otherwise, when a target sends a NOP-In that is not a response to a
Nop-Out received from the initiator, the Initiator Task Tag MUST be Nop-Out received from the initiator, the Initiator Task Tag MUST be
set to 0xffffffff and the Data Segment MUST NOT contain any data set to 0xffffffff and the Data Segment MUST NOT contain any data
(DataSegmentLength MUST be 0). (DataSegmentLength MUST be 0).
Julian Satran Expires August 2003 172
iSCSI 19-January-03
10.19.1 Target Transfer Tag 10.19.1 Target Transfer Tag
If the target is responding to a NOP-Out, this is set to the If the target is responding to a NOP-Out, this is set to the
reserved value 0xffffffff. reserved value 0xffffffff.
If the target is sending a NOP-In as a Ping (intending to receive a If the target is sending a NOP-In as a Ping (intending to receive a
corresponding NOP-Out), this field is set to a valid value (not the corresponding NOP-Out), this field is set to a valid value (not the
reserved 0xffffffff). reserved 0xffffffff).
If the target is initiating a NOP-In without wanting to receive a If the target is initiating a NOP-In without wanting to receive a
skipping to change at line 8864 skipping to change at line 8805
The StatSN field will always contain the next StatSN. However, when The StatSN field will always contain the next StatSN. However, when
the Initiator Task Tag is set to 0xffffffff StatSN for the the Initiator Task Tag is set to 0xffffffff StatSN for the
connection is not advanced after this PDU is sent. connection is not advanced after this PDU is sent.
10.19.3 LUN 10.19.3 LUN
A LUN MUST be set to a correct value when the Target Transfer Tag is A LUN MUST be set to a correct value when the Target Transfer Tag is
valid (not the reserved value 0xffffffff). valid (not the reserved value 0xffffffff).
Julian Satran Expires June 2003 209 Julian Satran Expires August 2003 173
iSCSI 3-November-02 iSCSI 19-January-03
11. iSCSI Security Keys and Authentication Methods 11. iSCSI Security Text Keys and Authentication Methods
Only the following keys are used during the SecurityNegotiation Only the following keys are used during the SecurityNegotiation
stage of the Login Phase: stage of the Login Phase:
SessionType SessionType
InitiatorName InitiatorName
TargetName TargetName
TargetAddress TargetAddress
InitiatorAlias InitiatorAlias
TargetAlias TargetAlias
skipping to change at line 8907 skipping to change at line 8848
AuthMethod = <list-of-values> AuthMethod = <list-of-values>
The main item of security negotiation is the authentication method The main item of security negotiation is the authentication method
(AuthMethod). (AuthMethod).
The authentication methods that can be used (appear in the list-of- The authentication methods that can be used (appear in the list-of-
values) are either those listed in the following table or are values) are either those listed in the following table or are
vendor-unique methods: vendor-unique methods:
Julian Satran Expires June 2003 210 Julian Satran Expires August 2003 174
iSCSI 3-November-02 iSCSI 19-January-03
+------------------------------------------------------------+ +------------------------------------------------------------+
| Name | Description | | Name | Description |
+------------------------------------------------------------+ +------------------------------------------------------------+
| KRB5 | Kerberos V5 - defined in [RFC1510] | | KRB5 | Kerberos V5 - defined in [RFC1510] |
+------------------------------------------------------------+ +------------------------------------------------------------+
| SPKM1 | Simple Public-Key GSS-API Mechanism | | SPKM1 | Simple Public-Key GSS-API Mechanism |
| | defined in [RFC2025] | | | defined in [RFC2025] |
+------------------------------------------------------------+ +------------------------------------------------------------+
| SPKM2 | Simple Public-Key GSS-API Mechanism | | SPKM2 | Simple Public-Key GSS-API Mechanism |
skipping to change at line 8942 skipping to change at line 8883
The authentication method proposal may be made by either the The authentication method proposal may be made by either the
initiator or the target. However the initiator MUST make the first initiator or the target. However the initiator MUST make the first
step specific to the selected authentication method as soon as it is step specific to the selected authentication method as soon as it is
selected. It follows that if the target makes the authentication selected. It follows that if the target makes the authentication
method proposal the initiator sends the first keys(s) of the method proposal the initiator sends the first keys(s) of the
exchange together with its authentication method selection. exchange together with its authentication method selection.
The authentication exchange authenticates the initiator to the The authentication exchange authenticates the initiator to the
target, and optionally, the target to the initiator. Authentication target, and optionally, the target to the initiator. Authentication
is not mandatory to use but MUST be supported by the target and is OPTIONAL to use but MUST be supported by the target and
initiator. initiator.
The initiator and target MUST implement CHAP. All other The initiator and target MUST implement CHAP. All other
authentication methods are OPTIONAL. authentication methods are OPTIONAL.
Private or public extension algorithms MAY also be negotiated for Private or public extension algorithms MAY also be negotiated for
authentication methods. Whenever a private or public extension authentication methods. Whenever a private or public extension
algorithm is offered, "None" or "CHAP" MUST be listed as an option algorithm is part of the default offer (the offer made in absence of
in order to guarantee interoperability. explicit administrative action) the implementer MUST ensure that
CHAP is listed as an alternative in the default offer and "None" is
Julian Satran Expires June 2003 211 not part of the default offer.
iSCSI 3-November-02
Extension authentication methods MUST be named using one of the Extension authentication methods MUST be named using one of the
following two formats: following two formats:
a) Z-reversed.vendor.dns_name.do_something= a) Z-reversed.vendor.dns_name.do_something=
b) Z<#><IANA-registered-string>= b) Z<#><IANA-registered-string>=
Authentication methods named using the Z- format are used as private Authentication methods named using the Z- format are used as private
extensions. Authentication methods named using the Z# format are extensions. Authentication methods named using the Z# format are
Julian Satran Expires August 2003 175
iSCSI 19-January-03
used as public extensions that must be registered with IANA and MUST used as public extensions that must be registered with IANA and MUST
be described by an informational RFC. be described by an informational RFC.
For all of the public or private extension authentication methods, For all of the public or private extension authentication methods,
the method specific keys MUST conform to the format specified in the method specific keys MUST conform to the format specified in
Section 5.1 Text Format for standard-label. Section 5.1 Text Format for standard-label.
To identify the vendor for private extension authentication methods, To identify the vendor for private extension authentication methods,
we suggest you use the reversed DNS-name as a prefix to the proper we suggest you use the reversed DNS-name as a prefix to the proper
digest names. digest names.
skipping to change at line 8993 skipping to change at line 8937
first step is always done by the initiator. first step is always done by the initiator.
11.1.1 Kerberos 11.1.1 Kerberos
For KRB5 (Kerberos V5) [RFC1510], the initiator MUST use: For KRB5 (Kerberos V5) [RFC1510], the initiator MUST use:
KRB_AP_REQ=<KRB_AP_REQ> KRB_AP_REQ=<KRB_AP_REQ>
where KRB_AP_REQ is the client message as defined in [RFC1510]. where KRB_AP_REQ is the client message as defined in [RFC1510].
The default principal name assumed by an iSCSI initiator or target
(prior to any administrative configuration action) MUST be the iSCSI
Initiator Name or iSCSI Target Name respectively, prefixed by the
string "iscsi/".
If the initiator authentication fails, the target MUST respond with If the initiator authentication fails, the target MUST respond with
a Login reject with "Authentication Failure" status. Otherwise, if a Login reject with "Authentication Failure" status. Otherwise, if
the initiator has selected the mutual authentication option (by the initiator has selected the mutual authentication option (by
setting MUTUAL-REQUIRED in the ap-options field of the KRB_AP_REQ), setting MUTUAL-REQUIRED in the ap-options field of the KRB_AP_REQ),
the target MUST reply with: the target MUST reply with:
Julian Satran Expires June 2003 212
iSCSI 3-November-02
KRB_AP_REP=<KRB_AP_REP> KRB_AP_REP=<KRB_AP_REP>
where KRB_AP_REP is the server's response message as defined in where KRB_AP_REP is the server's response message as defined in
[RFC1510]. [RFC1510].
If mutual authentication was selected and target authentication If mutual authentication was selected and target authentication
fails, the initiator MUST close the connection. fails, the initiator MUST close the connection.
KRB_AP_REQ and KRB_AP_REP are binary-values and their binary length KRB_AP_REQ and KRB_AP_REP are binary-values and their binary length
(not the length of the character string that represents them in (not the length of the character string that represents them in
encoded form) MUST not exceed 65536 bytes. encoded form) MUST not exceed 65536 bytes.
11.1.2 Simple Public-Key Mechanism (SPKM) 11.1.2 Simple Public-Key Mechanism (SPKM)
For SPKM1 and SPKM2 [RFC2025], the initiator MUST use: For SPKM1 and SPKM2 [RFC2025], the initiator MUST use:
Julian Satran Expires August 2003 176
iSCSI 19-January-03
SPKM_REQ=<SPKM-REQ> SPKM_REQ=<SPKM-REQ>
where SPKM-REQ is the first initiator token as defined in [RFC2025]. where SPKM-REQ is the first initiator token as defined in [RFC2025].
[RFC2025] defines situations where each side may send an error token [RFC2025] defines situations where each side may send an error token
that may cause the peer to re-generate and resend its last token. that may cause the peer to re-generate and resend its last token.
This scheme is followed in iSCSI, and the error token syntax is: This scheme is followed in iSCSI, and the error token syntax is:
SPKM_ERROR=<SPKM-ERROR> SPKM_ERROR=<SPKM-ERROR>
skipping to change at line 9044 skipping to change at line 8993
In the following sections, we assume that no SPKM-ERROR tokens are In the following sections, we assume that no SPKM-ERROR tokens are
required. required.
If the initiator authentication fails, the target MUST return an If the initiator authentication fails, the target MUST return an
error. Otherwise, if the AuthMethod is SPKM1 or if the initiator has error. Otherwise, if the AuthMethod is SPKM1 or if the initiator has
selected the mutual authentication option (by setting mutual-state selected the mutual authentication option (by setting mutual-state
bit in the options field of the REQ-TOKEN in the SPKM-REQ), the bit in the options field of the REQ-TOKEN in the SPKM-REQ), the
target MUST reply with: target MUST reply with:
Julian Satran Expires June 2003 213
iSCSI 3-November-02
SPKM_REP_TI=<SPKM-REP-TI> SPKM_REP_TI=<SPKM-REP-TI>
where SPKM-REP-TI is the target token as defined in [RFC2025]. where SPKM-REP-TI is the target token as defined in [RFC2025].
If mutual authentication was selected and target authentication If mutual authentication was selected and target authentication
fails, the initiator MUST close the connection. Otherwise, if the fails, the initiator MUST close the connection. Otherwise, if the
AuthMethod is SPKM1, the initiator MUST continue with: AuthMethod is SPKM1, the initiator MUST continue with:
SPKM_REP_IT=<SPKM-REP-IT> SPKM_REP_IT=<SPKM-REP-IT>
skipping to change at line 9076 skipping to change at line 9022
11.1.3 Secure Remote Password (SRP) 11.1.3 Secure Remote Password (SRP)
For SRP [RFC2945], the initiator MUST use: For SRP [RFC2945], the initiator MUST use:
SRP_U=<U> TargetAuth=Yes /* or TargetAuth=No */ SRP_U=<U> TargetAuth=Yes /* or TargetAuth=No */
The target MUST answer with a Login reject with the "Authorization The target MUST answer with a Login reject with the "Authorization
Failure" status or reply with: Failure" status or reply with:
Julian Satran Expires August 2003 177
iSCSI 19-January-03
SRP_GROUP=<G1,G2...> SRP_s=<s> SRP_GROUP=<G1,G2...> SRP_s=<s>
Where G1,G2... are proposed groups, in order of preference. Where G1,G2... are proposed groups, in order of preference.
The initiator MUST either close the connection or continue with: The initiator MUST either close the connection or continue with:
SRP_A=<A> SRP_GROUP=<G> SRP_A=<A> SRP_GROUP=<G>
Where G is one of G1,G2... that were proposed by the target. Where G is one of G1,G2... that were proposed by the target.
The target MUST answer with a Login reject with the "Authentication The target MUST answer with a Login reject with the "Authentication
Failure" status or reply with: Failure" status or reply with:
Julian Satran Expires June 2003 214
iSCSI 3-November-02
SRP_B=<B> SRP_B=<B>
The initiator MUST close the connection or continue with: The initiator MUST close the connection or continue with:
SRP_M=<M> SRP_M=<M>
If the initiator authentication fails, the target MUST answer with a If the initiator authentication fails, the target MUST answer with a
Login reject with "Authentication Failure" status. Otherwise, if the Login reject with "Authentication Failure" status. Otherwise, if the
initiator sent TargetAuth=Yes in the first message (requiring target initiator sent TargetAuth=Yes in the first message (requiring target
authentication), the target MUST reply with: authentication), the target MUST reply with:
skipping to change at line 9134 skipping to change at line 9080
CHAP_A=<A1,A2...> CHAP_A=<A1,A2...>
Where A1,A2... are proposed algorithms, in order of preference. Where A1,A2... are proposed algorithms, in order of preference.
The target MUST answer with a Login reject with the "Authentication The target MUST answer with a Login reject with the "Authentication
Failure" status or reply with: Failure" status or reply with:
CHAP_A=<A> CHAP_I=<I> CHAP_C=<C> CHAP_A=<A> CHAP_I=<I> CHAP_C=<C>
Julian Satran Expires June 2003 215 Julian Satran Expires August 2003 178
iSCSI 3-November-02 iSCSI 19-January-03
Where A is one of A1,A2... that were proposed by the initiator. Where A is one of A1,A2... that were proposed by the initiator.
The initiator MUST continue with: The initiator MUST continue with:
CHAP_N=<N> CHAP_R=<R> CHAP_N=<N> CHAP_R=<R>
or, if it requires target authentication, with: or, if it requires target authentication, with:
CHAP_N=<N> CHAP_R=<R> CHAP_I=<I> CHAP_C=<C> CHAP_N=<N> CHAP_R=<R> CHAP_I=<I> CHAP_C=<C>
If the initiator authentication fails, the target MUST answer with a If the initiator authentication fails, the target MUST answer with a
Login reject with "Authentication Failure" status. Otherwise, if the Login reject with "Authentication Failure" status. Otherwise, if the
initiator required target authentication, the target MUST reply initiator required target authentication, the target MUST either
answer with a Login reject with "Authentication Failure" or reply
with: with:
CHAP_N=<N> CHAP_R=<R> CHAP_N=<N> CHAP_R=<R>
If target authentication fails, the initiator MUST close the If target authentication fails, the initiator MUST close the
connection. connection.
Where N, (A,A1,A2), I, C, and R are (correspondingly) the Name, Where N, (A,A1,A2), I, C, and R are (correspondingly) the Name,
Algorithm, Identifier, Challenge, and Response as defined in Algorithm, Identifier, Challenge, and Response as defined in
[RFC1994], N is a text string, A,A1,A2, and I are numbers, and C and [RFC1994], N is a text string, A,A1,A2, and I are numbers, and C and
skipping to change at line 9172 skipping to change at line 9119
exceed 1024 bytes. exceed 1024 bytes.
For the Algorithm, as stated in [RFC1994], one value is required For the Algorithm, as stated in [RFC1994], one value is required
to be implemented: to be implemented:
5 (CHAP with MD5) 5 (CHAP with MD5)
To guarantee interoperability, initiators MUST always offer it as To guarantee interoperability, initiators MUST always offer it as
one of the proposed algorithms. one of the proposed algorithms.
Julian Satran Expires June 2003 216 Julian Satran Expires August 2003 179
iSCSI 3-November-02 iSCSI 19-January-03
12. Login/Text Operational Keys 12. Login/Text Operational Text Keys
Some session specific parameters MUST only be carried on the leading Some session specific parameters MUST only be carried on the leading
connection and cannot be changed after the leading connection login connection and cannot be changed after the leading connection login
(e.g., MaxConnections, the maximum number of connections). This (e.g., MaxConnections, the maximum number of connections). This
holds for a single connection session with regard to connection holds for a single connection session with regard to connection
restart. The keys that fall into this category have the use: LO restart. The keys that fall into this category have the use: LO
(Leading Only). (Leading Only).
Keys that can only be used during login have the use: IO (initialize Keys that can only be used during login have the use: IO (initialize
only), while those that can be used in both the Login Phase and Full only), while those that can be used in both the Login Phase and Full
skipping to change at line 9219 skipping to change at line 9166
12.1 HeaderDigest and DataDigest 12.1 HeaderDigest and DataDigest
Use: IO Use: IO
Senders: Initiator and Target Senders: Initiator and Target
Scope: CO Scope: CO
HeaderDigest = <list-of-values> HeaderDigest = <list-of-values>
DataDigest = <list-of-values> DataDigest = <list-of-values>
Julian Satran Expires June 2003 217
iSCSI 3-November-02
Default is None for both HeaderDigest and DataDigest. Default is None for both HeaderDigest and DataDigest.
Digests enable the checking of end-to-end, non-cryptographic data Digests enable the checking of end-to-end, non-cryptographic data
integrity beyond the integrity checks provided by the link layers integrity beyond the integrity checks provided by the link layers
and the covering of the whole communication path including all and the covering of the whole communication path including all
elements that may change the network level PDUs such as routers, elements that may change the network level PDUs such as routers,
switches, and proxies. switches, and proxies.
The following table lists cyclic integrity checksums that can be The following table lists cyclic integrity checksums that can be
negotiated for the digests and that MUST be implemented by every negotiated for the digests and that MUST be implemented by every
iSCSI initiator and target. These digest options only have error iSCSI initiator and target. These digest options only have error
detection significance. detection significance.
Julian Satran Expires August 2003 180
iSCSI 19-January-03
+---------------------------------------------+ +---------------------------------------------+
| Name | Description | Generator | | Name | Description | Generator |
+---------------------------------------------+ +---------------------------------------------+
| CRC32C | 32 bit CRC |0x11edc6f41| | CRC32C | 32 bit CRC |0x11edc6f41|
+---------------------------------------------+ +---------------------------------------------+
| None | no digest | | None | no digest |
+---------------------------------------------+ +---------------------------------------------+
The generator polynomial for this digest is given in hex- The generator polynomial for this digest is given in hex-
notation(e.g., 0x3b stands for 0011 1011 and the polynomial is notation(e.g., 0x3b stands for 0011 1011 and the polynomial is
skipping to change at line 9264 skipping to change at line 9211
results as the following process: results as the following process:
- The PDU bits are considered as the coefficients of a - The PDU bits are considered as the coefficients of a
polynomial M(x) of degree n-1; bit 7 of the lowest numbered polynomial M(x) of degree n-1; bit 7 of the lowest numbered
byte is considered the most significant bit (x^n-1), followed byte is considered the most significant bit (x^n-1), followed
by bit 6 of the lowest numbered byte through bit 0 of the by bit 6 of the lowest numbered byte through bit 0 of the
highest numbered byte (x^0). highest numbered byte (x^0).
- The most significant 32 bits are complemented. - The most significant 32 bits are complemented.
Julian Satran Expires June 2003 218
iSCSI 3-November-02
- The polynomial is multiplied by x^32 then divided by G(x). The - The polynomial is multiplied by x^32 then divided by G(x). The
generator polynomial produces a remainder R(x) of degree <= generator polynomial produces a remainder R(x) of degree <=
31. 31.
- The coefficients of R(x) are considered a 32 bit sequence. - The coefficients of R(x) are considered a 32 bit sequence.
- The bit sequence is complemented and the result is the CRC. - The bit sequence is complemented and the result is the CRC.
- The CRC bits are mapped into the digest word. The x^31 - The CRC bits are mapped into the digest word. The x^31
coefficient in bit 7 of the lowest numbered byte of the digest coefficient in bit 7 of the lowest numbered byte of the digest
skipping to change at line 9292 skipping to change at line 9236
- Computing the CRC over any segment (data or header) extended - Computing the CRC over any segment (data or header) extended
to include the CRC built using the generator 0x11edc6f41 will to include the CRC built using the generator 0x11edc6f41 will
always get the value 0x1c2d19ed as its final remainder (R(x)). always get the value 0x1c2d19ed as its final remainder (R(x)).
This value is given here in its polynomial form (i.e., not This value is given here in its polynomial form (i.e., not
mapped as the digest word). mapped as the digest word).
For a discussion about selection criteria for the CRC, see [iSCSI- For a discussion about selection criteria for the CRC, see [iSCSI-
CRC]. For a detailed analysis of the iSCSI polynomial, see CRC]. For a detailed analysis of the iSCSI polynomial, see
[Castagnoli93]. [Castagnoli93].
Julian Satran Expires August 2003 181
iSCSI 19-January-03
Private or public extension algorithms MAY also be negotiated for Private or public extension algorithms MAY also be negotiated for
digests. Whenever a private or public extension algorithm is digests. Whenever a private or public digest extension algorithm is
offered, "None" or "CRC32C" MUST be listed as an option in order to part of the default offer (the offer made in absence of explicit
guarantee interoperability. administrative action) the implementer MUST ensure that CRC32C is
listed as an alternative in the default offer and "None" is not
part of the default offer.
Extension digest algorithms MUST be named using one of the following Extension digest algorithms MUST be named using one of the following
two formats: two formats:
a) Y-reversed.vendor.dns_name.do_something= a) Y-reversed.vendor.dns_name.do_something=
b) Y<#><IANA-registered-string>= b) Y<#><IANA-registered-string>=
Digests named using the Y- format are used for private purposes Digests named using the Y- format are used for private purposes
(unregistered). Digests named using the Y# format (public extension) (unregistered). Digests named using the Y# format (public extension)
must be registered with IANA and MUST be described by an must be registered with IANA and MUST be described by an
informational RFC. informational RFC.
For private extension digests, to identify the vendor, we suggest For private extension digests, to identify the vendor, we suggest
you use the reversed DNS-name as a prefix to the proper digest you use the reversed DNS-name as a prefix to the proper digest
names. names.
Julian Satran Expires June 2003 219
iSCSI 3-November-02
The part of digest-name following Y- and Y# MUST conform to the The part of digest-name following Y- and Y# MUST conform to the
format for standard-label specified in Section 5.1 Text Format. format for standard-label specified in Section 5.1 Text Format.
Support for public or private extension digests is OPTIONAL. Support for public or private extension digests is OPTIONAL.
12.2 MaxConnections 12.2 MaxConnections
Use: LO Use: LO
Senders: Initiator and Target Senders: Initiator and Target
Scope: SW Scope: SW
skipping to change at line 9348 skipping to change at line 9294
Senders: Initiator Senders: Initiator
Scope: SW Scope: SW
For a complete description, see Appendix D. - SendTargets Operation For a complete description, see Appendix D. - SendTargets Operation
-. -.
12.4 TargetName 12.4 TargetName
Use: IO by initiator, FFPO by target - only as response to a Use: IO by initiator, FFPO by target - only as response to a
SendTargets, Declarative, Any-Stage SendTargets, Declarative, Any-Stage
Julian Satran Expires August 2003 182
iSCSI 19-January-03
Senders: Initiator and Target Senders: Initiator and Target
Scope: SW Scope: SW
TargetName=<iSCSI-name-value> TargetName=<iSCSI-name-value>
Examples: Examples:
TargetName=iqn.1993-11.com.disk-vendor:diskarrays.sn.45678 TargetName=iqn.1993-11.com.disk-vendor:diskarrays.sn.45678
TargetName=eui.020000023B040506 TargetName=eui.020000023B040506
Julian Satran Expires June 2003 220
iSCSI 3-November-02
The initiator of the TCP connection MUST provide this key to the The initiator of the TCP connection MUST provide this key to the
remote endpoint in the first login request if the initiator is not remote endpoint in the first login request if the initiator is not
establishing a discovery session. The iSCSI Target Name specifies establishing a discovery session. The iSCSI Target Name specifies
the worldwide unique name of the target. the worldwide unique name of the target.
The TargetName key may also be returned by the "SendTargets" text The TargetName key may also be returned by the "SendTargets" text
request (which is its only use when issued by a target). request (which is its only use when issued by a target).
TargetName MUST not be redeclared within the login phase. TargetName MUST not be redeclared within the login phase.
skipping to change at line 9386 skipping to change at line 9333
InitiatorName=<iSCSI-name-value> InitiatorName=<iSCSI-name-value>
Examples: Examples:
InitiatorName=iqn.1992-04.com.os-vendor.plan9:cdrom.12345 InitiatorName=iqn.1992-04.com.os-vendor.plan9:cdrom.12345
InitiatorName=iqn.2001-02.com.ssp.users:customer235.host90 InitiatorName=iqn.2001-02.com.ssp.users:customer235.host90
The initiator of the TCP connection MUST provide this key to the The initiator of the TCP connection MUST provide this key to the
remote endpoint at the first Login of the Login Phase for every remote endpoint at the first Login of the Login Phase for every
connection. The Initiator key enables the initiator to identify connection. The InitiatorName key enables the initiator to identify
itself to the remote endpoint. itself to the remote endpoint.
InitiatorName MUST not be redeclared within the login phase. InitiatorName MUST not be redeclared within the login phase.
12.6 TargetAlias 12.6 TargetAlias
Use: ALL, Declarative, Any-Stage Use: ALL, Declarative, Any-Stage
Senders: Target Senders: Target
Scope: SW Scope: SW
TargetAlias=<iSCSI-local-name-value> TargetAlias=<iSCSI-local-name-value>
Examples: Examples:
TargetAlias=Bob-s Disk TargetAlias=Bob-s Disk
TargetAlias=Database Server 1 Log Disk TargetAlias=Database Server 1 Log Disk
TargetAlias=Web Server 3 Disk 20 TargetAlias=Web Server 3 Disk 20
Julian Satran Expires June 2003 221
iSCSI 3-November-02
If a target has been configured with a human-readable name or If a target has been configured with a human-readable name or
description, this name SHOULD be communicated to the initiator description, this name SHOULD be communicated to the initiator
Julian Satran Expires August 2003 183
iSCSI 19-January-03
during a Login Response PDU if SessionType=Normal (see Section 12.21 during a Login Response PDU if SessionType=Normal (see Section 12.21
SessionType). This string is not used as an identifier, nor is it SessionType). This string is not used as an identifier, nor is it
meant to be used for authentication or authorization decisions. It meant to be used for authentication or authorization decisions. It
can be displayed by the initiator's user interface in a list of can be displayed by the initiator's user interface in a list of
targets to which it is connected. targets to which it is connected.
12.7 InitiatorAlias 12.7 InitiatorAlias
Use: ALL, Declarative, Any-Stage Use: ALL, Declarative, Any-Stage
Senders: Initiator Senders: Initiator
skipping to change at line 9450 skipping to change at line 9398
Use: ALL, Declarative, Any-Stage Use: ALL, Declarative, Any-Stage
Senders: Target Senders: Target
Scope: SW Scope: SW
TargetAddress=domainname[:port][,portal-group-tag] TargetAddress=domainname[:port][,portal-group-tag]
The domainname can be specified as either a DNS host name, a dotted- The domainname can be specified as either a DNS host name, a dotted-
decimal IPv4 address, or a bracketed IPv6 address as specified in decimal IPv4 address, or a bracketed IPv6 address as specified in
[RFC2732]. [RFC2732].
Julian Satran Expires June 2003 222
iSCSI 3-November-02
If the TCP port is not specified, it is assumed to be the IANA- If the TCP port is not specified, it is assumed to be the IANA-
assigned default port for iSCSI (see Section 13 IANA assigned default port for iSCSI (see Section 13 IANA
Considerations). Considerations).
If the TargetAddress is returned as the result of a redirect status If the TargetAddress is returned as the result of a redirect status
in a login response, the comma and portal group tag MUST be omitted. in a login response, the comma and portal group tag MUST be omitted.
If the TargetAddress is returned within a SendTargets response, the If the TargetAddress is returned within a SendTargets response, the
portal group tag MUST be included. portal group tag MUST be included.
Examples: Examples:
TargetAddress=10.0.0.1:5003,1 TargetAddress=10.0.0.1:5003,1
TargetAddress=[1080:0:0:0:8:800:200C:417A],65 TargetAddress=[1080:0:0:0:8:800:200C:417A],65
TargetAddress=[1080::8:800:200C:417A]:5003,1 TargetAddress=[1080::8:800:200C:417A]:5003,1
TargetAddress=computingcenter.acme.com,23 TargetAddress=computingcenter.example.com,23
Julian Satran Expires August 2003 184
iSCSI 19-January-03
Use of the portal-group-tag is described in Appendix D. - Use of the portal-group-tag is described in Appendix D. -
SendTargets Operation -. The formats for the port and portal-group- SendTargets Operation -. The formats for the port and portal-group-
tag are the same as the one specified in Section 12.9 tag are the same as the one specified in Section 12.9
TargetPortalGroupTag. TargetPortalGroupTag.
12.9 TargetPortalGroupTag 12.9 TargetPortalGroupTag
Use: IO by target, Declarative, Any-Stage Use: IO by target, Declarative, Any-Stage
Senders: Target Senders: Target
skipping to change at line 9496 skipping to change at line 9444
The target portal group tag is a 16-bit binary-value that uniquely The target portal group tag is a 16-bit binary-value that uniquely
identifies a portal group within an iSCSI target node. This key identifies a portal group within an iSCSI target node. This key
carries the value of the tag of the portal group that is servicing carries the value of the tag of the portal group that is servicing
the Login request. The iSCSI target returns this key to the the Login request. The iSCSI target returns this key to the
initiator in the Login Response PDU to the first Login Request PDU initiator in the Login Response PDU to the first Login Request PDU
that has the C bit set to 0. that has the C bit set to 0.
For the complete usage expectations of this key see Section 5.3 For the complete usage expectations of this key see Section 5.3
Login Phase. Login Phase.
Julian Satran Expires June 2003 223
iSCSI 3-November-02
12.10 InitialR2T 12.10 InitialR2T
Use: LO Use: LO
Senders: Initiator and Target Senders: Initiator and Target
Scope: SW Scope: SW
Irrelevant when: SessionType=Discovery Irrelevant when: SessionType=Discovery
InitialR2T=<boolean-value> InitialR2T=<boolean-value>
Examples: Examples:
skipping to change at line 9526 skipping to change at line 9471
The InitialR2T key is used to turn off the default use of R2T for The InitialR2T key is used to turn off the default use of R2T for
unidirectional and the output part of bidirectional commands, thus unidirectional and the output part of bidirectional commands, thus
allowing an initiator to start sending data to a target as if it has allowing an initiator to start sending data to a target as if it has
received an initial R2T with Buffer Offset=Immediate Data Length and received an initial R2T with Buffer Offset=Immediate Data Length and
Desired Data Transfer Length=(min(FirstBurstLength, Expected Data Desired Data Transfer Length=(min(FirstBurstLength, Expected Data
Transfer Length) - Received Immediate Data Length). Transfer Length) - Received Immediate Data Length).
The default action is that R2T is required, unless both the The default action is that R2T is required, unless both the
initiator and the target send this key-pair attribute specifying initiator and the target send this key-pair attribute specifying
InitialR2T=No. Only the first outgoing data burst (immediate data InitialR2T=No. Only the first outgoing data burst (immediate data
Julian Satran Expires August 2003 185
iSCSI 19-January-03
and/or separate PDUs) can be sent unsolicited (i.e., not requiring and/or separate PDUs) can be sent unsolicited (i.e., not requiring
an explicit R2T). an explicit R2T).
12.11 ImmediateData 12.11 ImmediateData
Use: LO Use: LO
Senders: Initiator and Target Senders: Initiator and Target
Scope: SW Scope: SW
Irrelevant when: SessionType=Discovery Irrelevant when: SessionType=Discovery
ImmediateData=<boolean-value> ImmediateData=<boolean-value>
Default is Yes. Default is Yes.
Result function is AND. Result function is AND.
Julian Satran Expires June 2003 224
iSCSI 3-November-02
The initiator and target negotiate support for immediate data. To The initiator and target negotiate support for immediate data. To
turn immediate data off, the initiator or target must state its turn immediate data off, the initiator or target must state its
desire to do so. ImmediateData can be turned on if both the desire to do so. ImmediateData can be turned on if both the
initiator and target have ImmediateData=Yes. initiator and target have ImmediateData=Yes.
If ImmediateData is set to Yes and InitialR2T is set to Yes If ImmediateData is set to Yes and InitialR2T is set to Yes
(default), then only immediate data are accepted in the first burst. (default), then only immediate data are accepted in the first burst.
If ImmediateData is set to No and InitialR2T is set to Yes, then the If ImmediateData is set to No and InitialR2T is set to Yes, then the
initiator MUST NOT send unsolicited data and the target MUST reject initiator MUST NOT send unsolicited data and the target MUST reject
skipping to change at line 9585 skipping to change at line 9531
+----------+-------------+------------------+--------------+ +----------+-------------+------------------+--------------+
| Yes | Yes | No | Yes | | Yes | Yes | No | Yes |
+----------+-------------+------------------+--------------+ +----------+-------------+------------------+--------------+
12.12 MaxRecvDataSegmentLength 12.12 MaxRecvDataSegmentLength
Use: ALL, Declarative Use: ALL, Declarative
Senders: Initiator and Target Senders: Initiator and Target
Scope: CO Scope: CO
MaxRecvDataSegmentLength=<numerical-value-512-to-(2**24-1)> Julian Satran Expires August 2003 186
iSCSI 19-January-03
Julian Satran Expires June 2003 225 MaxRecvDataSegmentLength=<numerical-value-512-to-(2**24-1)>
iSCSI 3-November-02
Default is 8192 bytes. Default is 8192 bytes.
The initiator or target declares the maximum data segment length in The initiator or target declares the maximum data segment length in
bytes it can receive in an iSCSI PDU. bytes it can receive in an iSCSI PDU.
The transmitter (initiator or target) is required to send PDUs with The transmitter (initiator or target) is required to send PDUs with
a data segment that does not exceed MaxRecvDataSegmentLength of the a data segment that does not exceed MaxRecvDataSegmentLength of the
receiver. receiver.
skipping to change at line 9633 skipping to change at line 9579
12.14 FirstBurstLength 12.14 FirstBurstLength
Use: LO Use: LO
Senders: Initiator and Target Senders: Initiator and Target
Scope: SW Scope: SW
Irrelevant when: SessionType=Discovery Irrelevant when: SessionType=Discovery
Irrelevant when: ( InitialR2T=Yes and ImmediateData=No ) Irrelevant when: ( InitialR2T=Yes and ImmediateData=No )
FirstBurstLength=<numerical-value-512-to-(2**24-1)> FirstBurstLength=<numerical-value-512-to-(2**24-1)>
Julian Satran Expires June 2003 226
iSCSI 3-November-02
Default is 65536 (64 Kbytes). Default is 65536 (64 Kbytes).
Result function is Minimum. Result function is Minimum.
The initiator and target negotiate the maximum amount in bytes of The initiator and target negotiate the maximum amount in bytes of
unsolicited data an iSCSI initiator may send to the target during unsolicited data an iSCSI initiator may send to the target during
the execution of a single SCSI command. This covers the immediate the execution of a single SCSI command. This covers the immediate
data (if any) and the sequence of unsolicited Data-Out PDUs (if any) data (if any) and the sequence of unsolicited Data-Out PDUs (if any)
that follow the command. that follow the command.
FirstBurstLength MUST NOT exceed MaxBurstLength. FirstBurstLength MUST NOT exceed MaxBurstLength.
Julian Satran Expires August 2003 187
iSCSI 19-January-03
12.15 DefaultTime2Wait 12.15 DefaultTime2Wait
Use: LO Use: LO
Senders: Initiator and Target Senders: Initiator and Target
Scope: SW Scope: SW
DefaultTime2Wait=<numerical-value-0-to-3600> DefaultTime2Wait=<numerical-value-0-to-3600>
Default is 2. Default is 2.
Result function is Maximum. Result function is Maximum.
skipping to change at line 9677 skipping to change at line 9623
Use: LO Use: LO
Senders: Initiator and Target Senders: Initiator and Target
Scope: SW Scope: SW
DefaultTime2Retain=<numerical-value-0-to-3600> DefaultTime2Retain=<numerical-value-0-to-3600>
Default is 20. Default is 20.
Result function is Minimum. Result function is Minimum.
Julian Satran Expires June 2003 227
iSCSI 3-November-02
The initiator and target negotiate the maximum time, in seconds The initiator and target negotiate the maximum time, in seconds
after an initial wait (Time2Wait), before which an active task after an initial wait (Time2Wait), before which an active task
reassignment is still possible after an unexpected connection reassignment is still possible after an unexpected connection
termination or a connection reset. termination or a connection reset.
This value is also the session state timeout if the connection in This value is also the session state timeout if the connection in
question is the last LOGGED_IN connection in the session. question is the last LOGGED_IN connection in the session.
A value of 0 indicates that connection/task state is immediately A value of 0 indicates that connection/task state is immediately
discarded by the target. discarded by the target.
skipping to change at line 9705 skipping to change at line 9648
Scope: SW Scope: SW
MaxOutstandingR2T=<numerical-value-from-1-to-65535> MaxOutstandingR2T=<numerical-value-from-1-to-65535>
Irrelevant when: SessionType=Discovery Irrelevant when: SessionType=Discovery
Default is 1. Default is 1.
Result function is Minimum. Result function is Minimum.
Initiator and target negotiate the maximum number of outstanding Initiator and target negotiate the maximum number of outstanding
R2Ts per task, excluding any implied initial R2T that might be part R2Ts per task, excluding any implied initial R2T that might be part
Julian Satran Expires August 2003 188
iSCSI 19-January-03
of that task. An R2T is considered outstanding until the last data of that task. An R2T is considered outstanding until the last data
PDU (with the F bit set to 1) is transferred, or a sequence PDU (with the F bit set to 1) is transferred, or a sequence
reception timeout (Section 6.1.4.1 Recovery Within-command) is reception timeout (Section 6.1.4.1 Recovery Within-command) is
encountered for that data sequence. encountered for that data sequence.
12.18 DataPDUInOrder 12.18 DataPDUInOrder
Use: LO Use: LO
Senders: Initiator and Target Senders: Initiator and Target
Scope: SW Scope: SW
Irrelevant when: SessionType=Discovery Irrelevant when: SessionType=Discovery
DataPDUInOrder=<boolean-value> DataPDUInOrder=<boolean-value>
Default is Yes. Default is Yes.
Result function is OR. Result function is OR.
Julian Satran Expires June 2003 228
iSCSI 3-November-02
No is used by iSCSI to indicate that the data PDUs within sequences No is used by iSCSI to indicate that the data PDUs within sequences
can be in any order. Yes is used to indicate that data PDUs within can be in any order. Yes is used to indicate that data PDUs within
sequences have to be at continuously increasing addresses and sequences have to be at continuously increasing addresses and
overlays are forbidden. overlays are forbidden.
12.19 DataSequenceInOrder 12.19 DataSequenceInOrder
Use: LO Use: LO
Senders: Initiator and Target Senders: Initiator and Target
Scope: SW Scope: SW
skipping to change at line 9764 skipping to change at line 9708
If DataSequenceInOrder is set to Yes, a target may retry at most the If DataSequenceInOrder is set to Yes, a target may retry at most the
last R2T, and an initiator may at most request retransmission for last R2T, and an initiator may at most request retransmission for
the last read data sequence. For this reason, if ErrorRecoveryLevel the last read data sequence. For this reason, if ErrorRecoveryLevel
is not 0 and DataSequenceInOrder is set to Yes then MaxOustandingR2T is not 0 and DataSequenceInOrder is set to Yes then MaxOustandingR2T
MUST be set to 1. MUST be set to 1.
12.20 ErrorRecoveryLevel 12.20 ErrorRecoveryLevel
Use: LO Use: LO
Julian Satran Expires August 2003 189
iSCSI 19-January-03
Senders: Initiator and Target Senders: Initiator and Target
Scope: SW Scope: SW
ErrorRecoveryLevel=<numerical-value-0-to-2> ErrorRecoveryLevel=<numerical-value-0-to-2>
Julian Satran Expires June 2003 229
iSCSI 3-November-02
Default is 0. Default is 0.
Result function is Minimum. Result function is Minimum.
The initiator and target negotiate the recovery level supported. The initiator and target negotiate the recovery level supported.
Recovery levels represent a combination of recovery capabilities. Recovery levels represent a combination of recovery capabilities.
Each recovery level includes all the capabilities of the lower Each recovery level includes all the capabilities of the lower
recovery levels and adds some new ones to them. recovery levels and adds some new ones to them.
In the description of recovery mechanisms, certain recovery classes In the description of recovery mechanisms, certain recovery classes
skipping to change at line 9814 skipping to change at line 9759
the default and an explicit setting. the default and an explicit setting.
12.22 The Private or Public Extension Key Format 12.22 The Private or Public Extension Key Format
Use: ALL Use: ALL
Senders: Initiator and Target Senders: Initiator and Target
Scope: specific key dependent Scope: specific key dependent
X-reversed.vendor.dns_name.do_something= X-reversed.vendor.dns_name.do_something=
Julian Satran Expires June 2003 230
iSCSI 3-November-02
or or
X<#><IANA-registered-string>= X<#><IANA-registered-string>=
Keys with this format are used for public or private extension Keys with this format are used for public or private extension
purposes. These keys always start with X- if unregistered with IANA purposes. These keys always start with X- if unregistered with IANA
(private) or X# if registered with IANA (public). (private) or X# if registered with IANA (public).
Julian Satran Expires August 2003 190
iSCSI 19-January-03
For unregistered keys, to identify the vendor, we suggest you use For unregistered keys, to identify the vendor, we suggest you use
the reversed DNS-name as a prefix to the key-proper. the reversed DNS-name as a prefix to the key-proper.
The part of key-name following X- and X# MUST conform to the format The part of key-name following X- and X# MUST conform to the format
for key-name specified in Section 5.1 Text Format. for key-name specified in Section 5.1 Text Format.
For IANA registered keys the string following X# must be registered For IANA registered keys the string following X# must be registered
with IANA and the use of the key MUST be described by an with IANA and the use of the key MUST be described by an
informational RFC. informational RFC.
Vendor specific keys MUST ONLY be used in normal sessions. Vendor specific keys MUST ONLY be used in normal sessions.
Support for public or private extension keys is OPTIONAL. Support for public or private extension keys is OPTIONAL.
Julian Satran Expires June 2003 231 Julian Satran Expires August 2003 191
iSCSI 3-November-02 iSCSI 19-January-03
13. IANA Considerations 13. IANA Considerations
The well-known TCP port number for iSCSI connections assigned by The well-known TCP port number for iSCSI connections assigned by
IANA is 3260. A system port must be assigned by IANA when this draft IANA is 3260. A system port must be assigned by IANA when this draft
is approved to become a RFC. is approved to become a RFC.
Extension keys, authentication methods, or digest types for which a Extension keys, authentication methods, or digest types for which a
vendor or group of vendors intend to provide publicly available vendor or group of vendors intend to provide publicly available
descriptions MUST be described by an RFC and MUST be registered with descriptions MUST be described by an RFC and MUST be registered with
skipping to change at line 9872 skipping to change at line 9817
Standard iSCSI extension item-label format. Standard iSCSI extension item-label format.
For the iSCSI authentication methods registry and the iSCSI digests For the iSCSI authentication methods registry and the iSCSI digests
registry, IANA MUST also assign a 16-bit unsigned integer number registry, IANA MUST also assign a 16-bit unsigned integer number
(the method number for the authentication method and the digest (the method number for the authentication method and the digest
number for the digest). number for the digest).
The following initial values for the registry for authentication The following initial values for the registry for authentication
methods are specified by the standards action of this document: methods are specified by the standards action of this document:
Julian Satran Expires June 2003 232
iSCSI 3-November-02
Authentication Method | Number | Authentication Method | Number |
+----------------------------------------+--------+ +----------------------------------------+--------+
| CHAP | 1 | | CHAP | 1 |
+----------------------------------------+--------+ +----------------------------------------+--------+
| SRP | 2 | | SRP | 2 |
+----------------------------------------+--------+ +----------------------------------------+--------+
| KRB5 | 3 | | KRB5 | 3 |
+----------------------------------------+--------+ +----------------------------------------+--------+
| SPKM1 | 4 | | SPKM1 | 4 |
+----------------------------------------+--------+ +----------------------------------------+--------+
skipping to change at line 9897 skipping to change at line 9839
All other record numbers from 0 to 255 are reserved. IANA will All other record numbers from 0 to 255 are reserved. IANA will
register numbers above 255. register numbers above 255.
Authentication methods with numbers above 255 MUST be unique within Authentication methods with numbers above 255 MUST be unique within
the registry and MUST be used with the prefix Y#. the registry and MUST be used with the prefix Y#.
The following initial values for the registry for digests are The following initial values for the registry for digests are
specified by the standards action of this document: specified by the standards action of this document:
Julian Satran Expires August 2003 192
iSCSI 19-January-03
Digest | Number | Digest | Number |
+----------------------------------------+--------+ +----------------------------------------+--------+
| CRC32C | 1 | | CRC32C | 1 |
+----------------------------------------+--------+ +----------------------------------------+--------+
All other record numbers from 0 to 255 are reserved. IANA will All other record numbers from 0 to 255 are reserved. IANA will
register numbers above 255. register numbers above 255.
Digests with numbers above 255 MUST be unique within the registry Digests with numbers above 255 MUST be unique within the registry
and MUST be used with the prefix Z#. and MUST be used with the prefix Z#.
The RFC that describes the item to be registered MUST indicate in The RFC that describes the item to be registered MUST indicate in
the IANA consideration section the string and iSCSI registry to the IANA consideration section the string and iSCSI registry to
which it should be recorded. which it should be recorded.
Extension Keys, Authentication Methods, and digests (iSCSI extension Extension Keys, Authentication Methods, and digests (iSCSI extension
items) must conform to a number of requirements as described below. items) must conform to a number of requirements as described below.
Julian Satran Expires June 2003 233
iSCSI 3-November-02
13.1 Naming Requirements 13.1 Naming Requirements
Each iSCSI extension item must have a unique name in its category. Each iSCSI extension item must have a unique name in its category.
This name will be used as a standard-label for the key, access This name will be used as a standard-label for the key, access
method, or digest and must conform to the syntax specified in method, or digest and must conform to the syntax specified in
Section 13.5.4 Standard iSCSI extension item-label format for iSCSI Section 13.5.4 Standard iSCSI extension item-label format for iSCSI
extension item-labels. extension item-labels.
13.2 Mechanism Specification Requirements 13.2 Mechanism Specification Requirements
skipping to change at line 9956 skipping to change at line 9898
Any known security issues that arise from the use of the iSCSI Any known security issues that arise from the use of the iSCSI
extension item must be completely and fully described. It is not extension item must be completely and fully described. It is not
required that the iSCSI extension item be secure or that it be free required that the iSCSI extension item be secure or that it be free
from risks, but that the known risks be identified. Publication of from risks, but that the known risks be identified. Publication of
a new iSCSI extension item does not require an exhaustive security a new iSCSI extension item does not require an exhaustive security
review, and the security considerations section is subject to review, and the security considerations section is subject to
continuing evaluation. continuing evaluation.
Additional security considerations should be addressed by publishing Additional security considerations should be addressed by publishing
Julian Satran Expires August 2003 193
iSCSI 19-January-03
revised versions of the iSCSI extension item specification. revised versions of the iSCSI extension item specification.
For each of these registries, IANA must record the registered For each of these registries, IANA must record the registered
string, which MUST conform to the format rules described in Section string, which MUST conform to the format rules described in Section
13.5.4 Standard iSCSI extension item-label format for iSCSI 13.5.4 Standard iSCSI extension item-label format for iSCSI
Julian Satran Expires June 2003 234
iSCSI 3-November-02
extension item-labels, and the RFC number that describes it. The key extension item-labels, and the RFC number that describes it. The key
prefix (X#, Y# or Z#) is not part of the recorded string. prefix (X#, Y# or Z#) is not part of the recorded string.
13.5 Registration Procedure 13.5 Registration Procedure
Registration of a new iSCSI extension item starts with the Registration of a new iSCSI extension item starts with the
construction of a draft of an RFC. construction of a draft of an RFC.
13.5.1 Present the iSCSI extension item to the Community 13.5.1 Present the iSCSI extension item to the Community
skipping to change at line 10008 skipping to change at line 9950
Provided that the iSCSI extension item has either passed review or Provided that the iSCSI extension item has either passed review or
has been successfully appealed to the IESG, and the specification is has been successfully appealed to the IESG, and the specification is
published as an RFC, then IANA will register the iSCSI extension published as an RFC, then IANA will register the iSCSI extension
item and make the registration available to the community. item and make the registration available to the community.
13.5.4 Standard iSCSI extension item-label format 13.5.4 Standard iSCSI extension item-label format
The following character symbols are used iSCSI extension item-labels The following character symbols are used iSCSI extension item-labels
(the hexadecimal values represent Unicode code points): (the hexadecimal values represent Unicode code points):
Julian Satran Expires June 2003 235
iSCSI 3-November-02
(a-z, A-Z) - letters (a-z, A-Z) - letters
(0-9) - digits (0-9) - digits
"." (0x2e) - dot "." (0x2e) - dot
"-" (0x2d) - minus "-" (0x2d) - minus
"+" (0x2b) - plus "+" (0x2b) - plus
"@" (0x40) - commercial at "@" (0x40) - commercial at
"_" (0x5f) - underscore "_" (0x5f) - underscore
Julian Satran Expires August 2003 194
iSCSI 19-January-03
An iSCSI extension item-label is a string of one or more characters An iSCSI extension item-label is a string of one or more characters
that consist of letters, digits, dot, minus, plus, commercial at, or that consist of letters, digits, dot, minus, plus, commercial at, or
underscore. An iSCSI extension item-label MUST begin with a capital underscore. An iSCSI extension item-label MUST begin with a capital
letter and must not exceed 63 characters. letter and must not exceed 63 characters.
13.6 IANA Procedures for Registering iSCSI extension items 13.6 IANA Procedures for Registering iSCSI extension items
The identity of the iSCSI extension item reviewer is communicated to The identity of the iSCSI extension item reviewer is communicated to
the IANA by the IESG. Then, the IANA only acts in response to iSCSI the IANA by the IESG. Then, the IANA only acts in response to iSCSI
extension item definitions that are approved by the iSCSI extension extension item definitions that are approved by the iSCSI extension
item reviewer and forwarded by the reviewer to the IANA for item reviewer and forwarded by the reviewer to the IANA for
registration, or in response to a communication from the IESG that registration, or in response to a communication from the IESG that
an iSCSI extension item definition appeal has overturned the iSCSI an iSCSI extension item definition appeal has overturned the iSCSI
extension item reviewer's ruling. extension item reviewer's ruling.
Julian Satran Expires June 2003 236 Julian Satran Expires August 2003 195
iSCSI 3-November-02 iSCSI 19-January-03
References and Bibliography References and Bibliography
Normative References Normative References
[AESCBC] Frankel, S., Kelly, S., Glenn, R., "The AES Cipher [AESCBC] Frankel, S., Kelly, S., Glenn, R., "The AES Cipher
Algorithm and Its Use with IPsec", draft-ietf-ipsec-ciph-aes- Algorithm and Its Use with IPsec", draft-ietf-ipsec-ciph-aes-
cbc-03.txt, November 2001 (Work In Progress). cbc-03.txt, November 2001 (Work In Progress).
[AESCTR] draft-ietf-ipsec-ciph-aes-ctr-00.txt R. Housley 23- [AESCTR] draft-ietf-ipsec-ciph-aes-ctr-00.txt R. Housley 23-
Jul-02 (Work In Progress). Jul-02 (Work In Progress).
skipping to change at line 10087 skipping to change at line 10029
Unicode and ISO 10646", October 1996. Unicode and ISO 10646", October 1996.
[RFC2045] N. Borenstein, N. Freed, "MIME (Multipurpose Internet [RFC2045] N. Borenstein, N. Freed, "MIME (Multipurpose Internet
Mail Extensions) Part One: Mechanisms for Specifying and Mail Extensions) Part One: Mechanisms for Specifying and
Describing the Format of Internet Message Bodies", November Describing the Format of Internet Message Bodies", November
1996. 1996.
[RFC2119] Bradner, S. "Key Words for use in RFCs to Indicate [RFC2119] Bradner, S. "Key Words for use in RFCs to Indicate
Requirement Levels", BCP 14, March 1997. Requirement Levels", BCP 14, March 1997.
[RFC2234] D. Crocker, P. Overell Augmented BNF for Syntax [RFC2234] D. Crocker, P. Overell Augmented BNF for Syntax
Specifications: ABNF. Specifications: ABNF.
[RFC2246] T. Dierks, C. Allen, " The TLS Protocol Version 1.0. [RFC2246] T. Dierks, C. Allen, " The TLS Protocol Version 1.0.
Julian Satran Expires June 2003 237
iSCSI 3-November-02
[RFC2373] Hinden, R. and S. Deering, "IP Version 6 Addressing [RFC2373] Hinden, R. and S. Deering, "IP Version 6 Addressing
Architecture", July 1998. Architecture", July 1998.
[RFC2396] T. Berners-Lee, R. Fielding, L. Masinter "Uniform [RFC2396] T. Berners-Lee, R. Fielding, L. Masinter "Uniform
Resource Identifiers". Resource Identifiers".
[RFC2401] S. Kent, R. Atkinson, "Security Architecture for the [RFC2401] S. Kent, R. Atkinson, "Security Architecture for the
Internet Protocol", November 1998. Internet Protocol", November 1998.
Julian Satran Expires August 2003 196
iSCSI 19-January-03
[RFC2404] C. Madson, R. Glenn, "The Use of HMAC-SHA-1-96 within ESP [RFC2404] C. Madson, R. Glenn, "The Use of HMAC-SHA-1-96 within ESP
and AH", November 1998. and AH", November 1998.
[RFC2406] S. Kent, R. Atkinson, "IP Encapsulating Security Payload [RFC2406] S. Kent, R. Atkinson, "IP Encapsulating Security Payload
(ESP)", November 1998. (ESP)", November 1998.
[RFC2407] D. Piper, "The Internet IP Security Domain of [RFC2407] D. Piper, "The Internet IP Security Domain of
Interpretation of ISAKMP", November 1998. Interpretation of ISAKMP", November 1998.
[RFC2409] D. Harkins, D. Carrel, "The Internet Key Exchange [RFC2409] D. Harkins, D. Carrel, "The Internet Key Exchange
(IKE)", November 1998. (IKE)", November 1998.
[RFC2434] T. Narten, and H. Avestrand, "Guidelines for Writing [RFC2434] T. Narten, and H. Avestrand, "Guidelines for Writing
an IANA Considerations Section in RFCs.", October 1998. an IANA Considerations Section in RFCs.", October 1998.
[RFC2451] R. Pereira, R. Adams " The ESP CBC-Mode Cipher [RFC2451] R. Pereira, R. Adams " The ESP CBC-Mode Cipher
Algorithms". Algorithms".
[RFC2732] R. Hinden, B. Carpenter, L. Masinter, "Format for [RFC2732] R. Hinden, B. Carpenter, L. Masinter, "Format for
Literal IPv6 Addresses in URL's", December 1999. Literal IPv6 Addresses in URL's", December 1999.
skipping to change at line 10138 skipping to change at line 10081
Progress). Progress).
[UNICODE] Unicode Standard Annex #15, "Unicode Normalization [UNICODE] Unicode Standard Annex #15, "Unicode Normalization
Forms", http://www.unicode.org/unicode/reports/tr15 Forms", http://www.unicode.org/unicode/reports/tr15
Informative References: Informative References:
[BOOT] P. Sarkar & team draft-ietf-ips-iscsi-boot-03.txt (Work [BOOT] P. Sarkar & team draft-ietf-ips-iscsi-boot-03.txt (Work
In Progress). In Progress).
[Castagnoli93] G. Castagnoli, S. Braeuer and M. Herrman [Castagnoli93] G. Castagnoli, S. Braeuer and M. Herrman
"Optimization of Cyclic Redundancy-Check Codes with 24 and 32 "Optimization of Cyclic Redundancy-Check Codes with 24 and 32
Julian Satran Expires June 2003 238
iSCSI 3-November-02
Parity Bits", IEEE Transact. on Communications, Vol. 41, No. Parity Bits", IEEE Transact. on Communications, Vol. 41, No.
6, June 1993. 6, June 1993.
[CRC] ISO 3309, High-Level Data Link Control (CRC 32). [CRC] ISO 3309, High-Level Data Link Control (CRC 32).
[NDT] M. Bakke & team, draft-ietf-ips-iscsi-name-disc-07.txt [NDT] M. Bakke & team, draft-ietf-ips-iscsi-name-disc-07.txt
(Work In Progress) (Work In Progress)
[RFC3347] M. Krueger & team, Small Computer Systems Interface [RFC3347] M. Krueger & team, Small Computer Systems Interface
protocol over the Internet (iSCSI) Requirements and Design protocol over the Internet (iSCSI) Requirements and Design
Considerations Considerations
[RFC3385] D. Sheinwald & team, Internet Protocol Small Computer [RFC3385] D. Sheinwald & team, Internet Protocol Small Computer
System Interface (iSCSI) Cyclic Redundancy Check (CRC)/ System Interface (iSCSI) Cyclic Redundancy Check (CRC)/
Checksum Considerations Checksum Considerations
Julian Satran Expires August 2003 197
iSCSI 19-January-03
[Schneier] B. Schneier, "Applied Cryptography: Protocols, [Schneier] B. Schneier, "Applied Cryptography: Protocols,
Algorithms, and Source Code in C", 2nd edition, John Wiley & Algorithms, and Source Code in C", 2nd edition, John Wiley &
Sons, New York, NY, 1996. Sons, New York, NY, 1996.
Authors' Addresses Authors' Addresses
Julian Satran Julian Satran
IBM, Haifa Research Lab IBM, Haifa Research Lab
Haifa University Campus - Mount Carmel Haifa University Campus - Mount Carmel
Haifa 31905, Israel Haifa 31905, Israel
Phone +972.4.829.6264 Phone +972.4.829.6264
E-mail: Julian_Satran@il.ibm.com E-mail: Julian_Satran@il.ibm.com
skipping to change at line 10190 skipping to change at line 10133
Efri Zeidner Efri Zeidner
SANgate Systems, Inc. SANgate Systems, Inc.
41 Hameyasdim Street 41 Hameyasdim Street
P.O.B. 1486 P.O.B. 1486
Even-Yehuda, Israel 40500 Even-Yehuda, Israel 40500
Phone: +972.9.891.9555 Phone: +972.9.891.9555
E-mail: efri@sangate.com E-mail: efri@sangate.com
Mallikarjun Chadalapaka Mallikarjun Chadalapaka
Hewlett-Packard Company Hewlett-Packard Company
Julian Satran Expires June 2003 239
iSCSI 3-November-02
8000 Foothills Blvd. 8000 Foothills Blvd.
Roseville, CA 95747-5668, USA Roseville, CA 95747-5668, USA
Phone: +1.916.785.5621 Phone: +1.916.785.5621
E-mail: cbm@rose.hp.com E-mail: cbm@rose.hp.com
Comments may be sent to Julian Satran Comments may be sent to Julian Satran
Julian Satran Expires June 2003 240 Julian Satran Expires August 2003 198
iSCSI 3-November-02 iSCSI 19-January-03
Appendix A. Sync and Steering with Fixed Interval Markers Appendix A. Sync and Steering with Fixed Interval Markers
This appendix presents a simple scheme for synchronization (PDU This appendix presents a simple scheme for synchronization (PDU
boundary retrieval). It uses markers that include synchronization boundary retrieval). It uses markers that include synchronization
information placed at fixed intervals in the TCP stream. information placed at fixed intervals in the TCP stream.
A Marker consists of: A Marker consists of:
Byte / 0 | 1 | 2 | 3 | Byte / 0 | 1 | 2 | 3 |
skipping to change at line 10247 skipping to change at line 10186
The use of markers is negotiable. The initiator and target MAY The use of markers is negotiable. The initiator and target MAY
indicate their readiness to receive and/or send markers during login indicate their readiness to receive and/or send markers during login
separately for each connection. The default is No. separately for each connection. The default is No.
A.1 Markers At Fixed Intervals A.1 Markers At Fixed Intervals
A marker is inserted at fixed intervals in the TCP byte stream. A marker is inserted at fixed intervals in the TCP byte stream.
During login, each end of the iSCSI session specifies the interval During login, each end of the iSCSI session specifies the interval
at which it is willing to receive the marker, or it disables the at which it is willing to receive the marker, or it disables the
marker altogether. If a receiver indicates that it desires a marker, marker altogether. If a receiver indicates that it desires a marker,
Julian Satran Expires June 2003 241
iSCSI 3-November-02
the sender MAY agree (during negotiation) and provide the marker at the sender MAY agree (during negotiation) and provide the marker at
the desired interval. However, in certain environments, a sender the desired interval. However, in certain environments, a sender
that does not provide markers to a receiver that wants markers may that does not provide markers to a receiver that wants markers may
suffer an appreciable performance degradation. suffer an appreciable performance degradation.
The marker interval and the initial marker-less interval are counted The marker interval and the initial marker-less interval are counted
in terms of the bytes placed in the TCP stream data by iSCSI. in terms of the bytes placed in the TCP stream data by iSCSI.
When reduced to iSCSI terms, markers MUST indicate the offset to a When reduced to iSCSI terms, markers MUST indicate the offset to a
4-byte word boundary in the stream. The least significant two bits 4-byte word boundary in the stream. The least significant two bits
of each marker word are reserved and are considered 0 for offset of each marker word are reserved and are considered 0 for offset
computation. computation.
Julian Satran Expires August 2003 199
iSCSI 19-January-03
Padding iSCSI PDU payloads to 4-byte word boundaries simplifies Padding iSCSI PDU payloads to 4-byte word boundaries simplifies
marker manipulation. marker manipulation.
A.2 Initial Marker-less Interval A.2 Initial Marker-less Interval
To enable the connection setup including the Login Phase To enable the connection setup including the Login Phase
negotiation, marking (if any) is only started at the first marker negotiation, marking (if any) is only started at the first marker
interval after the end of the Login Phase. However, in order to interval after the end of the Login Phase. However, in order to
enable the marker inclusion and exclusion mechanism to work without enable the marker inclusion and exclusion mechanism to work without
knowledge of the length of the Login Phase, the first marker will be knowledge of the length of the Login Phase, the first marker will be
skipping to change at line 10294 skipping to change at line 10232
A.3 Negotiation A.3 Negotiation
The following operational key=value pairs are used to negotiate the The following operational key=value pairs are used to negotiate the
fixed interval markers. The direction (output or input) is relative fixed interval markers. The direction (output or input) is relative
to the initiator. to the initiator.
A.3.1 OFMarker, IFMarker A.3.1 OFMarker, IFMarker
Use: IO Use: IO
Julian Satran Expires June 2003 242
iSCSI 3-November-02
Senders: Initiator and Target Senders: Initiator and Target
Scope: CO Scope: CO
OFMarker=<boolean-value> OFMarker=<boolean-value>
IFMarker=<boolean-value> IFMarker=<boolean-value>
Default is No. Default is No.
Result function is AND. Result function is AND.
skipping to change at line 10325 skipping to change at line 10259
T->OFMarker=Yes,IFMarker=Yes T->OFMarker=Yes,IFMarker=Yes
Results in the Marker being used in both directions while: Results in the Marker being used in both directions while:
I->OFMarker=Yes,IFMarker=Yes I->OFMarker=Yes,IFMarker=Yes
T->OFMarker=Yes,IFMarker=No T->OFMarker=Yes,IFMarker=No
Results in Marker being used from the initiator to the target, but Results in Marker being used from the initiator to the target, but
not from the target to initiator. not from the target to initiator.
Julian Satran Expires August 2003 200
iSCSI 19-January-03
A.3.2 OFMarkInt, IFMarkInt A.3.2 OFMarkInt, IFMarkInt
Use: IO Use: IO
Senders: Initiator and Target Senders: Initiator and Target
Scope: CO Scope: CO
OFMarkInt is Irrelevant when: OFMarker=No OFMarkInt is Irrelevant when: OFMarker=No
IFMarkInt is Irrelevant when: IFMarker=No IFMarkInt is Irrelevant when: IFMarker=No
Offering: Offering:
OFMarkInt=<numeric-range-from-1-to-65535> OFMarkInt=<numeric-range-from-1-to-65535>
IFMarkInt=<numeric-range-from-1-to-65535> IFMarkInt=<numeric-range-from-1-to-65535>
Responding: Responding:
OFMarkInt=<numeric-value-from-1-to-65535>|Reject OFMarkInt=<numeric-value-from-1-to-65535>|Reject
IFMarkInt=<numeric-value-from-1-to-65535>|Reject IFMarkInt=<numeric-value-from-1-to-65535>|Reject
Julian Satran Expires June 2003 243
iSCSI 3-November-02
OFMarkInt is used to set the interval for the initiator to target OFMarkInt is used to set the interval for the initiator to target
markers on the connection. IFMarkInt is used to set the interval markers on the connection. IFMarkInt is used to set the interval
for the target to initiator markers on the connection. for the target to initiator markers on the connection.
For the offering, the initiator or target indicates the minimum to For the offering, the initiator or target indicates the minimum to
maximum interval (in 4-byte words) it wants the markers for one or maximum interval (in 4-byte words) it wants the markers for one or
both directions. In case it only wants a specific value, only a both directions. In case it only wants a specific value, only a
single value has to be specified. The responder selects a value single value has to be specified. The responder selects a value
within the minimum and maximum offered or the only value offered or within the minimum and maximum offered or the only value offered or
indicates through the xFMarker key=value its inability to set and/or indicates through the xFMarker key=value its inability to set and/or
receive markers. When the interval is unacceptable the responder receive markers. When the interval is unacceptable the responder
answers with "Reject". Reject is resetting the marker function in answers with "Reject". Reject is resetting the marker function in
the specified direction (Output or Input) to No. the specified direction (Output or Input) to No.
The interval is measured from the end of a marker to the beginning The interval is measured from the end of a marker to the beginning
of the next marker. For example, a value of 1024 means 1024 words of the next marker. For example, a value of 1024 means 1024 words
(4096 bytes of iSCSI payload between markers). (4096 bytes of iSCSI payload between markers).
The default is 2048. The default is 2048.
Julian Satran Expires June 2003 244 Julian Satran Expires August 2003 201
iSCSI 3-November-02 iSCSI 19-January-03
Appendix B. Examples Appendix B. Examples
B.1 Read Operation Example B.1 Read Operation Example
+------------------+-----------------------+----------------------+ +------------------+-----------------------+----------------------+
|Initiator Function| PDU Type | Target Function | |Initiator Function| PDU Type | Target Function |
+------------------+-----------------------+----------------------+ +------------------+-----------------------+----------------------+
| Command request |SCSI Command (READ)>>> | | | Command request |SCSI Command (READ)>>> | |
| (read) | | | | (read) | | |
skipping to change at line 10392 skipping to change at line 10326
+------------------+-----------------------+----------------------+ +------------------+-----------------------+----------------------+
| Receive Data | <<< SCSI Data-in | Send Data | | Receive Data | <<< SCSI Data-in | Send Data |
+------------------+-----------------------+----------------------+ +------------------+-----------------------+----------------------+
| Receive Data | <<< SCSI Data-in | Send Data | | Receive Data | <<< SCSI Data-in | Send Data |
+------------------+-----------------------+----------------------+ +------------------+-----------------------+----------------------+
| | <<< SCSI Response |Send Status and Sense | | | <<< SCSI Response |Send Status and Sense |
+------------------+-----------------------+----------------------+ +------------------+-----------------------+----------------------+
| Command Complete | | | | Command Complete | | |
+------------------+-----------------------+----------------------+ +------------------+-----------------------+----------------------+
Julian Satran Expires June 2003 245
iSCSI 3-November-02
B.2 Write Operation Example B.2 Write Operation Example
+------------------+-----------------------+---------------------+ +------------------+-----------------------+---------------------+
|Initiator Function| PDU Type | Target Function | |Initiator Function| PDU Type | Target Function |
+------------------+-----------------------+---------------------+ +------------------+-----------------------+---------------------+
| Command request |SCSI Command (WRITE)>>>| Receive command | | Command request |SCSI Command (WRITE)>>>| Receive command |
| (write) | | and queue it | | (write) | | and queue it |
+------------------+-----------------------+---------------------+ +------------------+-----------------------+---------------------+
| | | Process old commands| | | | Process old commands|
+------------------+-----------------------+---------------------+ +------------------+-----------------------+---------------------+
skipping to change at line 10427 skipping to change at line 10358
+------------------+-----------------------+---------------------+ +------------------+-----------------------+---------------------+
| | <<< SCSI Response |Send Status and Sense| | | <<< SCSI Response |Send Status and Sense|
+------------------+-----------------------+---------------------+ +------------------+-----------------------+---------------------+
| Command Complete | | | | Command Complete | | |
+------------------+-----------------------+---------------------+ +------------------+-----------------------+---------------------+
B.3 R2TSN/DataSN Use Examples B.3 R2TSN/DataSN Use Examples
Output (write) data DataSN/R2TSN Example Output (write) data DataSN/R2TSN Example
Julian Satran Expires June 2003 246 Julian Satran Expires August 2003 202
iSCSI 3-November-02 iSCSI 19-January-03
+------------------+-----------------------+----------------------+ +------------------+-----------------------+----------------------+
|Initiator Function| PDU Type & Content | Target Function | |Initiator Function| PDU Type & Content | Target Function |
+------------------+-----------------------+----------------------+ +------------------+-----------------------+----------------------+
| Command request |SCSI Command (WRITE)>>>| Receive command | | Command request |SCSI Command (WRITE)>>>| Receive command |
| (write) | | and queue it | | (write) | | and queue it |
+------------------+-----------------------+----------------------+ +------------------+-----------------------+----------------------+
| | | Process old commands | | | | Process old commands |
+------------------+-----------------------+----------------------+ +------------------+-----------------------+----------------------+
| | <<< R2T | Ready for data | | | <<< R2T | Ready for data |
skipping to change at line 10461 skipping to change at line 10392
| for R2TSN 1 | DataSN = 0, F=1 | | | for R2TSN 1 | DataSN = 0, F=1 | |
+------------------+-----------------------+----------------------+ +------------------+-----------------------+----------------------+
| | <<< SCSI Response |Send Status and Sense | | | <<< SCSI Response |Send Status and Sense |
| | ExpDataSN = 0 | | | | ExpDataSN = 0 | |
+------------------+-----------------------+----------------------+ +------------------+-----------------------+----------------------+
| Command Complete | | | | Command Complete | | |
+------------------+-----------------------+----------------------+ +------------------+-----------------------+----------------------+
Input (read) data DataSN Example Input (read) data DataSN Example
Julian Satran Expires June 2003 247
iSCSI 3-November-02
+------------------+-----------------------+----------------------+ +------------------+-----------------------+----------------------+
|Initiator Function| PDU Type | Target Function | |Initiator Function| PDU Type | Target Function |
+------------------+-----------------------+----------------------+ +------------------+-----------------------+----------------------+
| Command request |SCSI Command (READ)>>> | | | Command request |SCSI Command (READ)>>> | |
| (read) | | | | (read) | | |
+------------------+-----------------------+----------------------+ +------------------+-----------------------+----------------------+
| | | Prepare Data Transfer| | | | Prepare Data Transfer|
+------------------+-----------------------+----------------------+ +------------------+-----------------------+----------------------+
| Receive Data | <<< SCSI Data-in | Send Data | | Receive Data | <<< SCSI Data-in | Send Data |
| | DataSN = 0, F=0 | | | | DataSN = 0, F=0 | |
skipping to change at line 10487 skipping to change at line 10415
+------------------+-----------------------+----------------------+ +------------------+-----------------------+----------------------+
| Receive Data | <<< SCSI Data-in | Send Data | | Receive Data | <<< SCSI Data-in | Send Data |
| | DataSN = 2, F=1 | | | | DataSN = 2, F=1 | |
+------------------+-----------------------+----------------------+ +------------------+-----------------------+----------------------+
| | <<< SCSI Response |Send Status and Sense | | | <<< SCSI Response |Send Status and Sense |
| | ExpDataSN = 3 | | | | ExpDataSN = 3 | |
+------------------+-----------------------+----------------------+ +------------------+-----------------------+----------------------+
| Command Complete | | | | Command Complete | | |
+------------------+-----------------------+----------------------+ +------------------+-----------------------+----------------------+
Bidirectional DataSN Example Julian Satran Expires August 2003 203
iSCSI 19-January-03
Julian Satran Expires June 2003 248 Bidirectional DataSN Example
iSCSI 3-November-02
+------------------+-----------------------+----------------------+ +------------------+-----------------------+----------------------+
|Initiator Function| PDU Type | Target Function | |Initiator Function| PDU Type | Target Function |
+------------------+-----------------------+----------------------+ +------------------+-----------------------+----------------------+
| Command request |SCSI Command >>> | | | Command request |SCSI Command >>> | |
| (Read-Write) | Read-Write | | | (Read-Write) | Read-Write | |
+------------------+-----------------------+----------------------+ +------------------+-----------------------+----------------------+
| | | Process old commands | | | | Process old commands |
+------------------+-----------------------+----------------------+ +------------------+-----------------------+----------------------+
| | <<< R2T | Ready to process | | | <<< R2T | Ready to process |
skipping to change at line 10525 skipping to change at line 10453
| Command Complete | | | | Command Complete | | |
+------------------+-----------------------+----------------------+ +------------------+-----------------------+----------------------+
*) Send data and Receive Data may be transferred simultaneously as *) Send data and Receive Data may be transferred simultaneously as
in an atomic Read-Old-Write-New or sequentially as in an atomic in an atomic Read-Old-Write-New or sequentially as in an atomic
Read-Update-Write (in the latter case the R2T may follow the Read-Update-Write (in the latter case the R2T may follow the
received data). received data).
Unsolicited and immediate output (write) data with DataSN Example Unsolicited and immediate output (write) data with DataSN Example
Julian Satran Expires June 2003 249 Julian Satran Expires August 2003 204
iSCSI 3-November-02 iSCSI 19-January-03
+------------------+-----------------------+----------------------+ +------------------+-----------------------+----------------------+
|Initiator Function| PDU Type & Content | Target Function | |Initiator Function| PDU Type & Content | Target Function |
+------------------+-----------------------+----------------------+ +------------------+-----------------------+----------------------+
| Command request |SCSI Command (WRITE)>>>| Receive command | | Command request |SCSI Command (WRITE)>>>| Receive command |
| (write) |F=0 | and data | | (write) |F=0 | and data |
|+ immediate data | | and queue it | |+ immediate data | | and queue it |
+------------------+-----------------------+----------------------+ +------------------+-----------------------+----------------------+
| Send Unsolicited | SCSI Write Data >>> | Receive more Data | | Send Unsolicited | SCSI Write Data >>> | Receive more Data |
| Data | DataSN = 0, F=1 | | | Data | DataSN = 0, F=1 | |
skipping to change at line 10571 skipping to change at line 10499
... ...
28: 00 00 00 00 28: 00 00 00 00
CRC: aa 36 91 8a CRC: aa 36 91 8a
32 bytes of ones: 32 bytes of ones:
Byte: 0 1 2 3 Byte: 0 1 2 3
0: ff ff ff ff 0: ff ff ff ff
Julian Satran Expires June 2003 250
iSCSI 3-November-02
... ...
28: ff ff ff ff 28: ff ff ff ff
CRC: 43 ab a8 62 CRC: 43 ab a8 62
32 bytes of incrementing 00..1f: 32 bytes of incrementing 00..1f:
Byte: 0 1 2 3 Byte: 0 1 2 3
0: 00 01 02 03 0: 00 01 02 03
... ...
28: 1c 1d 1e 1f 28: 1c 1d 1e 1f
Julian Satran Expires August 2003 205
iSCSI 19-January-03
CRC: 4e 79 dd 46 CRC: 4e 79 dd 46
32 bytes of decrementing 1f..00: 32 bytes of decrementing 1f..00:
Byte: 0 1 2 3 Byte: 0 1 2 3
0: 1f 1e 1d 1c 0: 1f 1e 1d 1c
... ...
28: 03 02 01 00 28: 03 02 01 00
skipping to change at line 10619 skipping to change at line 10546
20: 00 00 04 00 20: 00 00 04 00
24: 00 00 00 14 24: 00 00 00 14
28: 00 00 00 18 28: 00 00 00 18
32: 28 00 00 00 32: 28 00 00 00
36: 00 00 00 00 36: 00 00 00 00
40: 02 00 00 00 40: 02 00 00 00
44: 00 00 00 00 44: 00 00 00 00
CRC: 56 3a 96 d9 CRC: 56 3a 96 d9
Julian Satran Expires June 2003 251 Julian Satran Expires August 2003 206
iSCSI 3-November-02 iSCSI 19-January-03
Appendix C. Login Phase Examples Appendix C. Login Phase Examples
In the first example, the initiator and target authenticate each In the first example, the initiator and target authenticate each
other via Kerberos: other via Kerberos:
I-> Login (CSG,NSG=0,1 T=1) I-> Login (CSG,NSG=0,1 T=1)
InitiatorName=iqn.1999-07.com.os:hostid.77 InitiatorName=iqn.1999-07.com.os:hostid.77
TargetName=iqn.1999-07.com.acme:diskarray.sn.88 TargetName=iqn.1999-07.com.example:diskarray.sn.88
AuthMethod=KRB5,SRP,None AuthMethod=KRB5,SRP,None
T-> Login (CSG,NSG=0,0 T=0) T-> Login (CSG,NSG=0,0 T=0)
AuthMethod=KRB5 AuthMethod=KRB5
I-> Login (CSG,NSG=0,1 T=1) I-> Login (CSG,NSG=0,1 T=1)
KRB_AP_REQ=<krb_ap_req> KRB_AP_REQ=<krb_ap_req>
(krb_ap_req contains the Kerberos V5 ticket and authenticator (krb_ap_req contains the Kerberos V5 ticket and authenticator
with MUTUAL-REQUIRED set in the ap-options field) with MUTUAL-REQUIRED set in the ap-options field)
skipping to change at line 10672 skipping to change at line 10599
I-> Login (CSG,NSG=1,3 T=1) I-> Login (CSG,NSG=1,3 T=1)
optional iSCSI parameters optional iSCSI parameters
T-> Login (CSG,NSG=1,3 T=1) "login accept" T-> Login (CSG,NSG=1,3 T=1) "login accept"
If the initiator's authentication by the target is not If the initiator's authentication by the target is not
successful, the target responds with: successful, the target responds with:
T-> Login "login reject" T-> Login "login reject"
Julian Satran Expires June 2003 252
iSCSI 3-November-02
instead of the Login KRB_AP_REP message, and terminates the instead of the Login KRB_AP_REP message, and terminates the
connection. connection.
Julian Satran Expires August 2003 207
iSCSI 19-January-03
If the target's authentication by the initiator is not If the target's authentication by the initiator is not
successful, the initiator terminates the connection (without successful, the initiator terminates the connection (without
responding to the Login KRB_AP_REP message). responding to the Login KRB_AP_REP message).
In the next example only the initiator is authenticated by the In the next example only the initiator is authenticated by the
target via Kerberos: target via Kerberos:
I-> Login (CSG,NSG=0,1 T=1) I-> Login (CSG,NSG=0,1 T=1)
InitiatorName=iqn.1999-07.com.os:hostid.77 InitiatorName=iqn.1999-07.com.os:hostid.77
TargetName=iqn.1999-07.com.acme:diskarray.sn.88 TargetName=iqn.1999-07.com.example:diskarray.sn.88
AuthMethod=SRP,KRB5,None AuthMethod=SRP,KRB5,None
T-> Login-PR (CSG,NSG=0,0 T=0) T-> Login-PR (CSG,NSG=0,0 T=0)
AuthMethod=KRB5 AuthMethod=KRB5
I-> Login (CSG,NSG=0,1 T=1) I-> Login (CSG,NSG=0,1 T=1)
KRB_AP_REQ=krb_ap_req KRB_AP_REQ=krb_ap_req
(MUTUAL-REQUIRED not set in the ap-options field of krb_ap_req) (MUTUAL-REQUIRED not set in the ap-options field of krb_ap_req)
skipping to change at line 10717 skipping to change at line 10644
. . . . . .
T-> Login (CSG,NSG=1,3 T=1)"login accept" T-> Login (CSG,NSG=1,3 T=1)"login accept"
In the next example, the initiator and target authenticate each In the next example, the initiator and target authenticate each
other via SPKM1: other via SPKM1:
I-> Login (CSG,NSG=0,1 T=1) I-> Login (CSG,NSG=0,1 T=1)
InitiatorName=iqn.1999-07.com.os:hostid.77 InitiatorName=iqn.1999-07.com.os:hostid.77
TargetName=iqn.1999-07.com.acme:diskarray.sn.88 TargetName=iqn.1999-07.com.example:diskarray.sn.88
AuthMethod=SPKM1,KRB5,None AuthMethod=SPKM1,KRB5,None
T-> Login (CSG,NSG=0,0 T=0) T-> Login (CSG,NSG=0,0 T=0)
AuthMethod=SPKM1 AuthMethod=SPKM1
Julian Satran Expires June 2003 253
iSCSI 3-November-02
I-> Login (CSG,NSG=0,0 T=0) I-> Login (CSG,NSG=0,0 T=0)
SPKM_REQ=<spkm-req> SPKM_REQ=<spkm-req>
(spkm-req is the SPKM-REQ token with the mutual-state bit in the (spkm-req is the SPKM-REQ token with the mutual-state bit in the
options field of the REQ-TOKEN set) options field of the REQ-TOKEN set)
T-> Login (CSG,NSG=0,0 T=0) T-> Login (CSG,NSG=0,0 T=0)
SPKM_REP_TI=<spkm-rep-ti> SPKM_REP_TI=<spkm-rep-ti>
If the authentication is successful, the initiator proceeds: If the authentication is successful, the initiator proceeds:
Julian Satran Expires August 2003 208
iSCSI 19-January-03
I-> Login (CSG,NSG=0,1 T=1) I-> Login (CSG,NSG=0,1 T=1)
SPKM_REP_IT=<spkm-rep-it> SPKM_REP_IT=<spkm-rep-it>
If the authentication is successful, the target proceeds with: If the authentication is successful, the target proceeds with:
T-> Login (CSG,NSG=0,1 T=1) T-> Login (CSG,NSG=0,1 T=1)
The initiator may proceed: The initiator may proceed:
I-> Login (CSG,NSG=1,0 T=0) ... iSCSI parameters I-> Login (CSG,NSG=1,0 T=0) ... iSCSI parameters
skipping to change at line 10772 skipping to change at line 10699
T-> Login "login reject" T-> Login "login reject"
instead of the Login "proceed and change stage" message, and instead of the Login "proceed and change stage" message, and
terminates the connection. terminates the connection.
In the next example, the initiator and target authenticate each In the next example, the initiator and target authenticate each
other via SPKM2: other via SPKM2:
I-> Login (CSG,NSG=0,0 T=0) I-> Login (CSG,NSG=0,0 T=0)
Julian Satran Expires June 2003 254
iSCSI 3-November-02
InitiatorName=iqn.1999-07.com.os:hostid.77 InitiatorName=iqn.1999-07.com.os:hostid.77
TargetName=iqn.1999-07.com.acme:diskarray.sn.88 TargetName=iqn.1999-07.com.example:diskarray.sn.88
AuthMethod=SPKM1,SPKM2 AuthMethod=SPKM1,SPKM2
T-> Login-PR (CSG,NSG=0,0 T=0) T-> Login-PR (CSG,NSG=0,0 T=0)
AuthMethod=SPKM2 AuthMethod=SPKM2
I-> Login (CSG,NSG=0,1 T=1) I-> Login (CSG,NSG=0,1 T=1)
SPKM_REQ=<spkm-req> SPKM_REQ=<spkm-req>
(spkm-req is the SPKM-REQ token with the mutual-state bit in the (spkm-req is the SPKM-REQ token with the mutual-state bit in the
options field of the REQ-TOKEN not set) options field of the REQ-TOKEN not set)
If the authentication is successful, the target proceeds with: If the authentication is successful, the target proceeds with:
T-> Login (CSG,NSG=0,1 T=1) T-> Login (CSG,NSG=0,1 T=1)
The initiator may proceed: The initiator may proceed:
Julian Satran Expires August 2003 209
iSCSI 19-January-03
I-> Login (CSG,NSG=1,0 T=0) I-> Login (CSG,NSG=1,0 T=0)
... iSCSI parameters ... iSCSI parameters
T-> Login (CSG,NSG=1,0 T=0) T-> Login (CSG,NSG=1,0 T=0)
... iSCSI parameters ... iSCSI parameters
And at the end: And at the end:
I-> Login (CSG,NSG=1,3 T=1) I-> Login (CSG,NSG=1,3 T=1)
optional iSCSI parameters optional iSCSI parameters
T-> Login (CSG,NSG=1,3 T=1) "login accept" T-> Login (CSG,NSG=1,3 T=1) "login accept"
In the next example, the initiator and target authenticate each In the next example, the initiator and target authenticate each
other via SRP: other via SRP:
I-> Login (CSG,NSG=0,1 T=1) I-> Login (CSG,NSG=0,1 T=1)
InitiatorName=iqn.1999-07.com.os:hostid.77 InitiatorName=iqn.1999-07.com.os:hostid.77
TargetName=iqn.1999-07.com.acme:diskarray.sn.88 TargetName=iqn.1999-07.com.example:diskarray.sn.88
AuthMethod=KRB5,SRP,None AuthMethod=KRB5,SRP,None
T-> Login-PR (CSG,NSG=0,0 T=0) T-> Login-PR (CSG,NSG=0,0 T=0)
AuthMethod=SRP AuthMethod=SRP
I-> Login (CSG,NSG=0,0 T=0) I-> Login (CSG,NSG=0,0 T=0)
SRP_U=<user> SRP_U=<user>
TargetAuth=Yes TargetAuth=Yes
T-> Login (CSG,NSG=0,0 T=0) T-> Login (CSG,NSG=0,0 T=0)
Julian Satran Expires June 2003 255
iSCSI 3-November-02
SRP_N=<N> SRP_N=<N>
SRP_g=<g> SRP_g=<g>
SRP_s=<s> SRP_s=<s>
I-> Login (CSG,NSG=0,0 T=0) I-> Login (CSG,NSG=0,0 T=0)
SRP_A=<A> SRP_A=<A>
T-> Login (CSG,NSG=0,0 T=0) T-> Login (CSG,NSG=0,0 T=0)
SRP_B=<B> SRP_B=<B>
I-> Login (CSG,NSG=0,1 T=1) I-> Login (CSG,NSG=0,1 T=1)
SRP_M=<M> SRP_M=<M>
If the initiator authentication is successful, the target If the initiator authentication is successful, the target
proceeds: proceeds:
T-> Login (CSG,NSG=0,1 T=1) T-> Login (CSG,NSG=0,1 T=1)
SRP_HM=<H(A | M | K)> SRP_HM=<H(A | M | K)>
Where N, g, s, A, B, M, and H(A | M | K) are defined in Where N, g, s, A, B, M, and H(A | M | K) are defined in
[RFC2945]. [RFC2945].
If the target authentication is not successful, the initiator If the target authentication is not successful, the initiator
terminates the connection; otherwise, it proceeds. terminates the connection; otherwise, it proceeds.
Julian Satran Expires August 2003 210
iSCSI 19-January-03
I-> Login (CSG,NSG=1,0 T=0) I-> Login (CSG,NSG=1,0 T=0)
... iSCSI parameters ... iSCSI parameters
T-> Login (CSG,NSG=1,0 T=0) T-> Login (CSG,NSG=1,0 T=0)
... iSCSI parameters ... iSCSI parameters
And at the end: And at the end:
I-> Login (CSG,NSG=1,3 T=1) I-> Login (CSG,NSG=1,3 T=1)
optional iSCSI parameters optional iSCSI parameters
T-> Login (CSG,NSG=1,3 T=1) "login accept" T-> Login (CSG,NSG=1,3 T=1) "login accept"
If the initiator authentication is not successful, the target If the initiator authentication is not successful, the target
responds with: responds with:
T-> Login "login reject" T-> Login "login reject"
Instead of the T-> Login SRP_HM=<H(A | M | K)> message and Instead of the T-> Login SRP_HM=<H(A | M | K)> message and
terminates the connection. terminates the connection.
In the next example, only the initiator is authenticated by the In the next example, only the initiator is authenticated by the
target via SRP: target via SRP:
Julian Satran Expires June 2003 256
iSCSI 3-November-02
I-> Login (CSG,NSG=0,1 T=1) I-> Login (CSG,NSG=0,1 T=1)
InitiatorName=iqn.1999-07.com.os:hostid.77 InitiatorName=iqn.1999-07.com.os:hostid.77
TargetName=iqn.1999-07.com.acme:diskarray.sn.88 TargetName=iqn.1999-07.com.example:diskarray.sn.88
AuthMethod=KRB5,SRP,None AuthMethod=KRB5,SRP,None
T-> Login-PR (CSG,NSG=0,0 T=0) T-> Login-PR (CSG,NSG=0,0 T=0)
AuthMethod=SRP AuthMethod=SRP
I-> Login (CSG,NSG=0,0 T=0) I-> Login (CSG,NSG=0,0 T=0)
SRP_U=<user> SRP_U=<user>
TargetAuth=No TargetAuth=No
T-> Login (CSG,NSG=0,0 T=0) T-> Login (CSG,NSG=0,0 T=0)
skipping to change at line 10912 skipping to change at line 10834
I-> Login (CSG,NSG=0,1 T=1) I-> Login (CSG,NSG=0,1 T=1)
SRP_M=<M> SRP_M=<M>
If the initiator authentication is successful, the target If the initiator authentication is successful, the target
proceeds: proceeds:
T-> Login (CSG,NSG=0,1 T=1) T-> Login (CSG,NSG=0,1 T=1)
I-> Login (CSG,NSG=1,0 T=0) I-> Login (CSG,NSG=1,0 T=0)
Julian Satran Expires August 2003 211
iSCSI 19-January-03
... iSCSI parameters ... iSCSI parameters
T-> Login (CSG,NSG=1,0 T=0) T-> Login (CSG,NSG=1,0 T=0)
... iSCSI parameters ... iSCSI parameters
And at the end: And at the end:
I-> Login (CSG,NSG=1,3 T=1) I-> Login (CSG,NSG=1,3 T=1)
optional iSCSI parameters optional iSCSI parameters
T-> Login (CSG,NSG=1,3 T=1) "login accept" T-> Login (CSG,NSG=1,3 T=1) "login accept"
In the next example the initiator and target authenticate each other In the next example the initiator and target authenticate each other
via CHAP: via CHAP:
I-> Login (CSG,NSG=0,0 T=0) I-> Login (CSG,NSG=0,0 T=0)
Julian Satran Expires June 2003 257
iSCSI 3-November-02
InitiatorName=iqn.1999-07.com.os:hostid.77 InitiatorName=iqn.1999-07.com.os:hostid.77
TargetName=iqn.1999-07.com.acme:diskarray.sn.88 TargetName=iqn.1999-07.com.example:diskarray.sn.88
AuthMethod=KRB5,CHAP,None AuthMethod=KRB5,CHAP,None
T-> Login-PR (CSG,NSG=0,0 T=0) T-> Login-PR (CSG,NSG=0,0 T=0)
AuthMethod=CHAP AuthMethod=CHAP
I-> Login (CSG,NSG=0,0 T=0) I-> Login (CSG,NSG=0,0 T=0)
CHAP_A=<A1,A2> CHAP_A=<A1,A2>
T-> Login (CSG,NSG=0,0 T=0) T-> Login (CSG,NSG=0,0 T=0)
CHAP_A=<A1> CHAP_A=<A1>
skipping to change at line 10971 skipping to change at line 10893
aborts the connection; otherwise, it proceeds. aborts the connection; otherwise, it proceeds.
I-> Login (CSG,NSG=1,0 T=0) I-> Login (CSG,NSG=1,0 T=0)
... iSCSI parameters ... iSCSI parameters
T-> Login (CSG,NSG=1,0 T=0) T-> Login (CSG,NSG=1,0 T=0)
... iSCSI parameters ... iSCSI parameters
And at the end: And at the end:
I-> Login (CSG,NSG=1,3 T=1) I-> Login (CSG,NSG=1,3 T=1)
Julian Satran Expires August 2003 212
iSCSI 19-January-03
optional iSCSI parameters optional iSCSI parameters
T-> Login (CSG,NSG=1,3 T=1) "login accept" T-> Login (CSG,NSG=1,3 T=1) "login accept"
If the initiator authentication is not successful, the target If the initiator authentication is not successful, the target
responds with: responds with:
T-> Login "login reject" T-> Login "login reject"
Julian Satran Expires June 2003 258
iSCSI 3-November-02
Instead of the Login CHAP_R=<response> "proceed and change Instead of the Login CHAP_R=<response> "proceed and change
stage" stage"
message and terminates the connection. message and terminates the connection.
In the next example, only the initiator is authenticated by the In the next example, only the initiator is authenticated by the
target via CHAP: target via CHAP:
I-> Login (CSG,NSG=0,1 T=0) I-> Login (CSG,NSG=0,1 T=0)
InitiatorName=iqn.1999-07.com.os:hostid.77 InitiatorName=iqn.1999-07.com.os:hostid.77
TargetName=iqn.1999-07.com.acme:diskarray.sn.88 TargetName=iqn.1999-07.com.example:diskarray.sn.88
AuthMethod=KRB5,CHAP,None AuthMethod=KRB5,CHAP,None
T-> Login-PR (CSG,NSG=0,0 T=0) T-> Login-PR (CSG,NSG=0,0 T=0)
AuthMethod=CHAP AuthMethod=CHAP
I-> Login (CSG,NSG=0,0 T=0) I-> Login (CSG,NSG=0,0 T=0)
CHAP_A=<A1,A2> CHAP_A=<A1,A2>
T-> Login (CSG,NSG=0,0 T=0) T-> Login (CSG,NSG=0,0 T=0)
CHAP_A=<A1> CHAP_A=<A1>
skipping to change at line 11028 skipping to change at line 10951
T-> Login (CSG,NSG=1,0 T=0) T-> Login (CSG,NSG=1,0 T=0)
... iSCSI parameters ... iSCSI parameters
And at the end: And at the end:
I-> Login (CSG,NSG=1,3 T=1) I-> Login (CSG,NSG=1,3 T=1)
optional iSCSI parameters optional iSCSI parameters
T-> Login (CSG,NSG=1,3 T=1) "login accept" T-> Login (CSG,NSG=1,3 T=1) "login accept"
Julian Satran Expires June 2003 259 Julian Satran Expires August 2003 213
iSCSI 3-November-02 iSCSI 19-January-03
In the next example, the initiator does not offer any security In the next example, the initiator does not offer any security
parameters. It therefore may offer iSCSI parameters on the Login PDU parameters. It therefore may offer iSCSI parameters on the Login PDU
with the T bit set to 1, and the target may respond with a final with the T bit set to 1, and the target may respond with a final
Login Response PDU immediately: Login Response PDU immediately:
I-> Login (CSG,NSG=1,3 T=1) I-> Login (CSG,NSG=1,3 T=1)
InitiatorName=iqn.1999-07.com.os:hostid.77 InitiatorName=iqn.1999-07.com.os:hostid.77
TargetName=iqn.1999-07.com.acme:diskarray.sn.88 TargetName=iqn.1999-07.com.example:diskarray.sn.88
... iSCSI parameters ... iSCSI parameters
T-> Login (CSG,NSG=1,3 T=1) "login accept" T-> Login (CSG,NSG=1,3 T=1) "login accept"
... ISCSI parameters ... ISCSI parameters
In the next example, the initiator does offer security In the next example, the initiator does offer security
parameters on the Login PDU, but the target does not choose parameters on the Login PDU, but the target does not choose
any (i.e., chooses the "None" values): any (i.e., chooses the "None" values):
I-> Login (CSG,NSG=0,1 T=1) I-> Login (CSG,NSG=0,1 T=1)
InitiatorName=iqn.1999-07.com.os:hostid.77 InitiatorName=iqn.1999-07.com.os:hostid.77
TargetName=iqn.1999-07.com.acme:diskarray.sn.88 TargetName=iqn.1999-07.com.example:diskarray.sn.88
AuthMethod=KRB5,SRP,None AuthMethod=KRB5,SRP,None
T-> Login-PR (CSG,NSG=0,1 T=1) T-> Login-PR (CSG,NSG=0,1 T=1)
AuthMethod=None AuthMethod=None
I-> Login (CSG,NSG=1,0 T=0) I-> Login (CSG,NSG=1,0 T=0)
... iSCSI parameters ... iSCSI parameters
T-> Login (CSG,NSG=1,0 T=0) T-> Login (CSG,NSG=1,0 T=0)
... iSCSI parameters ... iSCSI parameters
And at the end: And at the end:
I-> Login (CSG,NSG=1,3 T=1) I-> Login (CSG,NSG=1,3 T=1)
optional iSCSI parameters optional iSCSI parameters
T-> Login (CSG,NSG=1,3 T=1) "login accept" T-> Login (CSG,NSG=1,3 T=1) "login accept"
Julian Satran Expires June 2003 260 Julian Satran Expires August 2003 214
iSCSI 3-November-02 iSCSI 19-January-03
Appendix D. SendTargets Operation Appendix D. SendTargets Operation
To reduce the amount of configuration required on an initiator, To reduce the amount of configuration required on an initiator,
iSCSI provides the SendTargets text request. The initiator uses the iSCSI provides the SendTargets text request. The initiator uses the
SendTargets request to get a list of targets to which it may have SendTargets request to get a list of targets to which it may have
access, as well as the list of addresses (IP address and TCP port) access, as well as the list of addresses (IP address and TCP port)
on which these targets may be accessed. on which these targets may be accessed.
To make use of SendTargets, an initiator must first establish one of To make use of SendTargets, an initiator must first establish one of
skipping to change at line 11116 skipping to change at line 11039
The value must be one of: The value must be one of:
All All
The initiator is requesting that information on all relevant The initiator is requesting that information on all relevant
targets known to the implementation be returned. This value targets known to the implementation be returned. This value
MUST be supported on a discovery session, and MUST NOT be MUST be supported on a discovery session, and MUST NOT be
supported on an operational session. supported on an operational session.
Julian Satran Expires June 2003 261
iSCSI 3-November-02
<iSCSI-target-name> <iSCSI-target-name>
If an iSCSI target name is specified, the session should respond If an iSCSI target name is specified, the session should respond
with addresses for only the named target, if possible. This with addresses for only the named target, if possible. This
value MUST be supported on discovery sessions. A discovery value MUST be supported on discovery sessions. A discovery
session MUST be capable of returning addresses for those session MUST be capable of returning addresses for those
targets that would have been returned had value=All been targets that would have been returned had value=All been
designated. designated.
<nothing> <nothing>
Julian Satran Expires August 2003 215
iSCSI 19-January-03
The session should only respond with addresses for the target to The session should only respond with addresses for the target to
which the session is logged in. This MUST be supported on which the session is logged in. This MUST be supported on
operational sessions, and MUST NOT return targets other than operational sessions, and MUST NOT return targets other than
the one to which the session is logged in. the one to which the session is logged in.
The response to this command is a text response that contains a list The response to this command is a text response that contains a list
of zero or more targets and, optionally, their addresses. Each of zero or more targets and, optionally, their addresses. Each
target is returned as a target record. A target record begins with target is returned as a target record. A target record begins with
the TargetName text key, followed by a list of TargetAddress text the TargetName text key, followed by a list of TargetAddress text
keys, and bounded by the end of the text response or the next keys, and bounded by the end of the text response or the next
skipping to change at line 11165 skipping to change at line 11088
Each target record starts with one text key of the form: Each target record starts with one text key of the form:
TargetName=<target-name-goes-here> TargetName=<target-name-goes-here>
Followed by zero or more address keys of the form: Followed by zero or more address keys of the form:
TargetAddress=<hostname-or-ipaddress>[:<tcp-port>],<portal- TargetAddress=<hostname-or-ipaddress>[:<tcp-port>],<portal-
group-tag> group-tag>
Julian Satran Expires June 2003 262
iSCSI 3-November-02
The hostname-or-ipaddress contains a domain name, IPv4 address, or The hostname-or-ipaddress contains a domain name, IPv4 address, or
IPv6 address, as specified for the TargetAddress key. IPv6 address, as specified for the TargetAddress key.
Each TargetAddress belongs to a portal group, identified by its Each TargetAddress belongs to a portal group, identified by its
numeric portal group tag (as in Section 12.9 TargetPortalGroupTag). numeric portal group tag (as in Section 12.9 TargetPortalGroupTag).
The iSCSI target name, together with this tag, constitutes the SCSI The iSCSI target name, together with this tag, constitutes the SCSI
port identifier; the tag only needs to be unique within a given port identifier; the tag only needs to be unique within a given
target's name list of addresses. target's name list of addresses.
Multiple-connection sessions can span iSCSI addresses that belong to Multiple-connection sessions can span iSCSI addresses that belong to
skipping to change at line 11189 skipping to change at line 11109
Multiple-connection sessions cannot span iSCSI addresses that belong Multiple-connection sessions cannot span iSCSI addresses that belong
to different portal groups. to different portal groups.
If a SendTargets response reports an iSCSI address for a target, it If a SendTargets response reports an iSCSI address for a target, it
SHOULD also report all other addresses in its portal group in the SHOULD also report all other addresses in its portal group in the
same response. same response.
A SendTargets text response can be longer than a single Text A SendTargets text response can be longer than a single Text
Response Response
Julian Satran Expires August 2003 216
iSCSI 19-January-03
PDU, and makes use of the long text responses as specified. PDU, and makes use of the long text responses as specified.
After obtaining a list of targets from the discovery target session, After obtaining a list of targets from the discovery target session,
an iSCSI initiator may initiate new sessions to log in to the an iSCSI initiator may initiate new sessions to log in to the
discovered targets for full operation. The initiator MAY keep the discovered targets for full operation. The initiator MAY keep the
discovery session open, and MAY send subsequent SendTargets commands discovery session open, and MAY send subsequent SendTargets commands
to to
discover new targets. discover new targets.
Examples: Examples:
This example is the SendTargets response from a single target that This example is the SendTargets response from a single target that
has no other interface ports. has no other interface ports.
Initiator sends text request that contains: Initiator sends text request that contains:
SendTargets=All SendTargets=All
Target sends a text response that contains: Target sends a text response that contains:
TargetName=iqn.1993-11.com.acme:diskarray.sn.8675309 TargetName=iqn.1993-11.com.example:diskarray.sn.8675309
Julian Satran Expires June 2003 263
iSCSI 3-November-02
All the target had to return in the simple case was the target All the target had to return in the simple case was the target
name. It is assumed by the initiator that the IP address and TCP name. It is assumed by the initiator that the IP address and TCP
port for this target are the same as used on the current connection port for this target are the same as used on the current connection
to the default iSCSI target. to the default iSCSI target.
The next example has two internal iSCSI targets, each accessible via The next example has two internal iSCSI targets, each accessible via
two different ports with different IP addresses. The following is two different ports with different IP addresses. The following is
the text response: the text response:
TargetName=iqn.1993-11.com.acme:diskarray.sn.8675309 TargetName=iqn.1993-11.com.example:diskarray.sn.8675309
TargetAddress=10.1.0.45:3000,1 TargetAddress=10.1.0.45:3000,1
TargetAddress=10.1.1.45:3000,2 TargetAddress=10.1.1.45:3000,2
TargetName=iqn.1993-11.com.acme:diskarray.sn.1234567 TargetName=iqn.1993-11.com.example:diskarray.sn.1234567
TargetAddress=10.1.0.45:3000,1 TargetAddress=10.1.0.45:3000,1
TargetAddress=10.1.1.45:3000,2 TargetAddress=10.1.1.45:3000,2
Both targets share both addresses; the multiple addresses are likely Both targets share both addresses; the multiple addresses are likely
used to provide multi-path support. The initiator may connect to used to provide multi-path support. The initiator may connect to
either target name on either address. Each of the addresses has its either target name on either address. Each of the addresses has its
own portal group tag; they do not support spanning multiple- own portal group tag; they do not support spanning multiple-
connection sessions with each other. Keep in mind that the portal connection sessions with each other. Keep in mind that the portal
group tags for the two named targets are independent of one another; group tags for the two named targets are independent of one another;
portal group "1" on the first target is not necessarily the same as portal group "1" on the first target is not necessarily the same as
portal group "1" on the second target. portal group "1" on the second target.
In the above example, a DNS host name or an IPv6 address could have In the above example, a DNS host name or an IPv6 address could have
been returned instead of an IPv4 address. been returned instead of an IPv4 address.
The next text response shows a target that supports spanning The next text response shows a target that supports spanning
sessions across multiple addresses, and further illustrates the use sessions across multiple addresses, and further illustrates the use
of the portal group tags: of the portal group tags:
TargetName=iqn.1993-11.com.acme:diskarray.sn.8675309 TargetName=iqn.1993-11.com.example:diskarray.sn.8675309
Julian Satran Expires August 2003 217
iSCSI 19-January-03
TargetAddress=10.1.0.45:3000,1 TargetAddress=10.1.0.45:3000,1
TargetAddress=10.1.1.46:3000,1 TargetAddress=10.1.1.46:3000,1
TargetAddress=10.1.0.47:3000,2 TargetAddress=10.1.0.47:3000,2
TargetAddress=10.1.1.48:3000,2 TargetAddress=10.1.1.48:3000,2
TargetAddress=10.1.1.49:3000,3 TargetAddress=10.1.1.49:3000,3
In this example, any of the target addresses can be used to reach In this example, any of the target addresses can be used to reach
the same target. A single-connection session can be established to the same target. A single-connection session can be established to
any of these TCP addresses. A multiple-connection session could any of these TCP addresses. A multiple-connection session could
span addresses .45 and .46 or .47 and .48, but cannot span any other span addresses .45 and .46 or .47 and .48, but cannot span any other
Julian Satran Expires June 2003 264
iSCSI 3-November-02
combination. A TargetAddress with its own tag (.49) cannot be combination. A TargetAddress with its own tag (.49) cannot be
combined with any other address within the same session. combined with any other address within the same session.
This SendTargets response does not indicate whether .49 supports This SendTargets response does not indicate whether .49 supports
multiple connections per session; it communicated via the multiple connections per session; it is communicated via the
MaxConnections text key upon login to the target. MaxConnections text key upon login to the target.
Julian Satran Expires June 2003 265 Julian Satran Expires August 2003 218
iSCSI 3-November-02 iSCSI 19-January-03
Appendix E. Algorithmic Presentation of Error Recovery Classes Appendix E. Algorithmic Presentation of Error Recovery Classes
This appendix illustrates the error recovery classes using a pseudo- This appendix illustrates the error recovery classes using a pseudo-
programming-language. The procedure names are chosen to be obvious programming-language. The procedure names are chosen to be obvious
to most implementers. Each of the recovery classes described has to most implementers. Each of the recovery classes described has
initiator procedures as well as target procedures. These algorithms initiator procedures as well as target procedures. These algorithms
focus on outlining the mechanics of error recovery classes, and do focus on outlining the mechanics of error recovery classes, and do
not exhaustively describe all other aspects/cases. Examples of this not exhaustively describe all other aspects/cases. Examples of this
approach are: approach are:
skipping to change at line 11316 skipping to change at line 11237
}; };
struct TCB { /* task control block */ struct TCB { /* task control block */
Boolean SoFarInOrder; Boolean SoFarInOrder;
int ExpectedDataSN; /* used for both R2Ts, and Data */ int ExpectedDataSN; /* used for both R2Ts, and Data */
int MissingDataSNList[MaxMissingDPDU]; int MissingDataSNList[MaxMissingDPDU];
Boolean FbitReceived; Boolean FbitReceived;
Boolean StatusXferd; Boolean StatusXferd;
Boolean CurrentlyAllegiant; Boolean CurrentlyAllegiant;
int ActiveR2Ts; int ActiveR2Ts;
Julian Satran Expires June 2003 266
iSCSI 3-November-02
int Response; int Response;
char *Reason; char *Reason;
struct TransferContext struct TransferContext
TransferContextList[MaxOutStandingR2T]; TransferContextList[MaxOutStandingR2T];
int InitiatorTaskTag; int InitiatorTaskTag;
int CmdSN; int CmdSN;
int SNACK_Tag; int SNACK_Tag;
Julian Satran Expires August 2003 219
iSCSI 19-January-03
}; };
struct Connection { struct Connection {
struct Session SessionReference; struct Session SessionReference;
Boolean SoFarInOrder; Boolean SoFarInOrder;
int CID; int CID;
int State; int State;
int CurrentTimeout; int CurrentTimeout;
int ExpectedStatSN; int ExpectedStatSN;
int MissingStatSNList[MaxMissingSPDU]; int MissingStatSNList[MaxMissingSPDU];
Boolean PerformConnectionCleanup; Boolean PerformConnectionCleanup;
}; };
struct Session { struct Session {
int NumConnections; int NumConnections;
int CmdSN; int CmdSN;
int Maxconnections; int Maxconnections;
skipping to change at line 11363 skipping to change at line 11286
Build-And-Send-Reject(transport connection, bad PDU, reason code); Build-And-Send-Reject(transport connection, bad PDU, reason code);
E.2 Within-command Error Recovery Algorithms E.2 Within-command Error Recovery Algorithms
E.2.1 Procedure Descriptions E.2.1 Procedure Descriptions
Recover-Data-if-Possible(last required DataSN, task control Recover-Data-if-Possible(last required DataSN, task control
block); block);
Build-And-Send-DSnack(task control block); Build-And-Send-DSnack(task control block);
Build-And-Send-RDSnack(task control block); Build-And-Send-RDSnack(task control block);
Julian Satran Expires June 2003 267
iSCSI 3-November-02
Build-And-Send-Abort(task control block); Build-And-Send-Abort(task control block);
SCSI-Task-Completion(task control block); SCSI-Task-Completion(task control block);
Build-And-Send-A-Data-Burst(transport connection, data-descriptor, Build-And-Send-A-Data-Burst(transport connection, data-descriptor,
task control block); task control block);
Build-And-Send-R2T(transport connection, data-descriptor, Build-And-Send-R2T(transport connection, data-descriptor,
task control block); task control block);
Build-And-Send-Status(transport connection, task control block); Build-And-Send-Status(transport connection, task control block);
Transfer-Context-Timeout-Handler(transfer context); Transfer-Context-Timeout-Handler(transfer context);
Notes: Notes:
Julian Satran Expires August 2003 220
iSCSI 19-January-03
- One procedure used in this section: Handle-Status-SNACK- - One procedure used in this section: Handle-Status-SNACK-
request is defined in Within-connection recovery algorithms. request is defined in Within-connection recovery algorithms.
- The Response processing pseudo-code, shown in the target - The Response processing pseudo-code, shown in the target
algorithms, applies to all solicited PDUs that carry StatSN - algorithms, applies to all solicited PDUs that carry StatSN -
SCSI Response, Text Response etc. SCSI Response, Text Response etc.
E.2.2 Initiator Algorithms E.2.2 Initiator Algorithms
Recover-Data-if-Possible(LastRequiredDataSN, TCB) Recover-Data-if-Possible(LastRequiredDataSN, TCB)
skipping to change at line 11411 skipping to change at line 11333
TCB.Reason = "Protocol service CRC error"; TCB.Reason = "Protocol service CRC error";
} }
} else { } else {
TCB.Reason = "Protocol service CRC error"; TCB.Reason = "Protocol service CRC error";
} }
if (TCB.Reason == "Protocol service CRC error") { if (TCB.Reason == "Protocol service CRC error") {
Clear the missing PDU list in the TCB. Clear the missing PDU list in the TCB.
if (TCB.StatusXferd is not TRUE) if (TCB.StatusXferd is not TRUE)
Build-And-Send-Abort(TCB); Build-And-Send-Abort(TCB);
} }
Julian Satran Expires June 2003 268
iSCSI 3-November-02
} }
Receive-a-In-PDU(Connection, CurrentPDU) Receive-a-In-PDU(Connection, CurrentPDU)
{ {
check-basic-validity(CurrentPDU); check-basic-validity(CurrentPDU);
if (Header-Digest-Bad) discard, return; if (Header-Digest-Bad) discard, return;
Retrieve TCB for CurrentPDU.InitiatorTaskTag. Retrieve TCB for CurrentPDU.InitiatorTaskTag.
if ((CurrentPDU.type == Data) if ((CurrentPDU.type == Data)
or (CurrentPDU.type = R2T)) { or (CurrentPDU.type = R2T)) {
if (Data-Digest-Bad for Data) { if (Data-Digest-Bad for Data) {
send-data-SNACK = TRUE; send-data-SNACK = TRUE;
LastRequiredDataSN = CurrentPDU.DataSN; LastRequiredDataSN = CurrentPDU.DataSN;
} else { } else {
if (TCB.SoFarInOrder = TRUE) { if (TCB.SoFarInOrder = TRUE) {
if (current DataSN is expected) { if (current DataSN is expected) {
Increment TCB.ExpectedDataSN. Increment TCB.ExpectedDataSN.
} else { } else {
TCB.SoFarInOrder = FALSE;
send-data-SNACK = TRUE; Julian Satran Expires August 2003 221
iSCSI 19-January-03
TCB.SoFarInOrder = FALSE;
send-data-SNACK = TRUE;
} }
} else { } else {
if (current DataSN was considered missing) { if (current DataSN was considered missing) {
remove current DataSN from missing PDU list. remove current DataSN from missing PDU list.
} else if (current DataSN is higher than expected) } else if (current DataSN is higher than expected)
{ {
send-data-SNACK = TRUE; send-data-SNACK = TRUE;
} else { } else {
discard, return; discard, return;
} }
Adjust TCB.ExpectedDataSN if appropriate. Adjust TCB.ExpectedDataSN if appropriate.
} }
LastRequiredDataSN = CurrentPDU.DataSN - 1; LastRequiredDataSN = CurrentPDU.DataSN - 1;
} }
if (send-data-SNACK is TRUE and if (send-data-SNACK is TRUE and
task is not already considered failed) { task is not already considered failed) {
Recover-Data-if-Possible(LastRequiredDataSN, TCB); Recover-Data-if-Possible(LastRequiredDataSN, TCB);
} }
if (missing data PDU list is empty) { if (missing data PDU list is empty) {
TCB.SoFarInOrder = TRUE; TCB.SoFarInOrder = TRUE;
} }
if (CurrentPDU.type == R2T) { if (CurrentPDU.type == R2T) {
Increment ActiveR2Ts for this task. Increment ActiveR2Ts for this task.
Create a data-descriptor for the data burst.
Julian Satran Expires June 2003 269
iSCSI 3-November-02
Create a data-descriptor for the data burst.
Build-And-Send-A-Data-Burst(Connection, data-descriptor, Build-And-Send-A-Data-Burst(Connection, data-descriptor,
TCB); TCB);
} }
} else if (CurrentPDU.type == Response) { } else if (CurrentPDU.type == Response) {
if (Data-Digest-Bad) { if (Data-Digest-Bad) {
send-status-SNACK = TRUE; send-status-SNACK = TRUE;
} else { } else {
TCB.StatusXferd = TRUE; TCB.StatusXferd = TRUE;
Store the status information in TCB. Store the status information in TCB.
if (ExpDataSN does not match) { if (ExpDataSN does not match) {
TCB.SoFarInOrder = FALSE; TCB.SoFarInOrder = FALSE;
Recover-Data-if-Possible(current DataSN, TCB); Recover-Data-if-Possible(current DataSN, TCB);
} }
if (missing data PDU list is empty) { if (missing data PDU list is empty) {
TCB.SoFarInOrder = TRUE; TCB.SoFarInOrder = TRUE;
} }
} }
} else { /* REST UNRELATED TO WITHIN-COMMAND-RECOVERY, NOT } else { /* REST UNRELATED TO WITHIN-COMMAND-RECOVERY, NOT
SHOWN */ SHOWN */
} }
if ((TCB.SoFarInOrder == TRUE) and if ((TCB.SoFarInOrder == TRUE) and
(TCB.StatusXferd == TRUE)) {
Julian Satran Expires August 2003 222
iSCSI 19-January-03
(TCB.StatusXferd == TRUE)) {
SCSI-Task-Completion(TCB); SCSI-Task-Completion(TCB);
} }
} }
E.2.3 Target Algorithms E.2.3 Target Algorithms
Receive-a-In-PDU(Connection, CurrentPDU) Receive-a-In-PDU(Connection, CurrentPDU)
{ {
check-basic-validity(CurrentPDU); check-basic-validity(CurrentPDU);
if (Header-Digest-Bad) discard, return; if (Header-Digest-Bad) discard, return;
skipping to change at line 11505 skipping to change at line 11429
if (CurrentPDU.type == Data) { if (CurrentPDU.type == Data) {
Retrieve TContext from CurrentPDU.TargetTransferTag; Retrieve TContext from CurrentPDU.TargetTransferTag;
if (Data-Digest-Bad) { if (Data-Digest-Bad) {
Build-And-Send-Reject(Connection, CurrentPDU, Build-And-Send-Reject(Connection, CurrentPDU,
Payload-Digest-Error); Payload-Digest-Error);
Note the missing data PDUs in MissingDataRange[]. Note the missing data PDUs in MissingDataRange[].
send-recovery-R2T = TRUE; send-recovery-R2T = TRUE;
} else { } else {
if (current DataSN is not expected) { if (current DataSN is not expected) {
Note the missing data PDUs in MissingDataRange[]. Note the missing data PDUs in MissingDataRange[].
send-recovery-R2T = TRUE;
Julian Satran Expires June 2003 270 }
iSCSI 3-November-02
send-recovery-R2T = TRUE;
}
if (CurrentPDU.Fbit == TRUE) { if (CurrentPDU.Fbit == TRUE) {
if (current PDU is solicited) { if (current PDU is solicited) {
Decrement TCB.ActiveR2Ts. Decrement TCB.ActiveR2Ts.
} }
if ((current PDU is unsolicited and if ((current PDU is unsolicited and
data received is less than I/O length and data received is less than I/O length and
data received is less than FirstBurstLength) data received is less than FirstBurstLength)
or (current PDU is solicited and the length of or (current PDU is solicited and the length of
this burst is less than expected)) { this burst is less than expected)) {
send-recovery-R2T = TRUE; send-recovery-R2T = TRUE;
Note the missing data in MissingDataRange[]. Note the missing data in MissingDataRange[].
} }
} }
} }
Increment TContext.ExpectedDataSN. Increment TContext.ExpectedDataSN.
if (send-recovery-R2T is TRUE and if (send-recovery-R2T is TRUE and
task is not already considered failed) { task is not already considered failed) {
if (operational ErrorRecoveryLevel > 0) { if (operational ErrorRecoveryLevel > 0) {
Increment TCB.ActiveR2Ts. Increment TCB.ActiveR2Ts.
Create a data-descriptor for the data burst Create a data-descriptor for the data burst
from MissingDataRange. from MissingDataRange.
Build-And-Send-R2T(Connection, data-descriptor, TCB); Build-And-Send-R2T(Connection, data-descriptor, TCB);
} else { } else {
if (current PDU is the last unsolicited) if (current PDU is the last unsolicited)
Julian Satran Expires August 2003 223
iSCSI 19-January-03
TCB.Reason = "Not enough unsolicited data"; TCB.Reason = "Not enough unsolicited data";
else else
TCB.Reason = "Protocol service CRC error"; TCB.Reason = "Protocol service CRC error";
} }
} }
if (TCB.ActiveR2Ts == 0) { if (TCB.ActiveR2Ts == 0) {
Build-And-Send-Status(Connection, TCB); Build-And-Send-Status(Connection, TCB);
} }
} else if (CurrentPDU.type == SNACK) { } else if (CurrentPDU.type == SNACK) {
snack-failure = FALSE; snack-failure = FALSE;
skipping to change at line 11548 skipping to change at line 11472
} }
} }
if (TCB.ActiveR2Ts == 0) { if (TCB.ActiveR2Ts == 0) {
Build-And-Send-Status(Connection, TCB); Build-And-Send-Status(Connection, TCB);
} }
} else if (CurrentPDU.type == SNACK) { } else if (CurrentPDU.type == SNACK) {
snack-failure = FALSE; snack-failure = FALSE;
if (operational ErrorRecoveryLevel > 0) { if (operational ErrorRecoveryLevel > 0) {
if (CurrentPDU.type == Data/R2T) { if (CurrentPDU.type == Data/R2T) {
if (the request is satisfiable) { if (the request is satisfiable) {
if (request for Data) { if (request for Data) {
Create a data-descriptor for the data burst Create a data-descriptor for the data burst
from BegRun and RunLength. from BegRun and RunLength.
Build-And-Send-A-Data-Burst(Connection, Build-And-Send-A-Data-Burst(Connection,
Julian Satran Expires June 2003 271
iSCSI 3-November-02
data-descriptor, TCB); data-descriptor, TCB);
} else { /* R2T */ } else { /* R2T */
Create a data-descriptor for the data burst Create a data-descriptor for the data burst
from BegRun and RunLength. from BegRun and RunLength.
Build-And-Send-R2T(Connection, data- Build-And-Send-R2T(Connection, data-
descriptor, descriptor,
TCB); TCB);
} }
} else { } else {
snack-failure = TRUE; snack-failure = TRUE;
} }
} else if (CurrentPDU.type == status) { } else if (CurrentPDU.type == status) {
Handle-Status-SNACK-request(Connection, CurrentPDU); Handle-Status-SNACK-request(Connection, CurrentPDU);
} else if (CurrentPDU.type == DataACK) { } else if (CurrentPDU.type == DataACK) {
Consider all data upto CurrentPDU.BegRun as Consider all data upto CurrentPDU.BegRun as
acknowledged. acknowledged.
skipping to change at line 11577 skipping to change at line 11500
} else if (CurrentPDU.type == status) { } else if (CurrentPDU.type == status) {
Handle-Status-SNACK-request(Connection, CurrentPDU); Handle-Status-SNACK-request(Connection, CurrentPDU);
} else if (CurrentPDU.type == DataACK) { } else if (CurrentPDU.type == DataACK) {
Consider all data upto CurrentPDU.BegRun as Consider all data upto CurrentPDU.BegRun as
acknowledged. acknowledged.
Free up the retransmission resources for that data. Free up the retransmission resources for that data.
} else if (CurrentPDU.type == R-Data SNACK) { } else if (CurrentPDU.type == R-Data SNACK) {
Create a data descriptor for a data burst covering Create a data descriptor for a data burst covering
all unacknowledged data. all unacknowledged data.
Build-And-Send-A-Data-Burst(Connection, Build-And-Send-A-Data-Burst(Connection,
data-descriptor, TCB); data-descriptor, TCB);
TCB.SNACK_Tag = CurrentPDU.SNACK_Tag; TCB.SNACK_Tag = CurrentPDU.SNACK_Tag;
if (there's no more data to send) { if (there's no more data to send) {
Build-And-Send-Status(Connection, TCB); Build-And-Send-Status(Connection, TCB);
} }
} }
} else { /* operational ErrorRecoveryLevel = 0 */ } else { /* operational ErrorRecoveryLevel = 0 */
snack-failure = TRUE; snack-failure = TRUE;
} }
if (snack-failure == TRUE) { if (snack-failure == TRUE) {
Julian Satran Expires August 2003 224
iSCSI 19-January-03
Build-And-Send-Reject(Connection, CurrentPDU, Build-And-Send-Reject(Connection, CurrentPDU,
SNACK-Reject); SNACK-Reject);
if (TCB.StatusXferd != TRUE) { if (TCB.StatusXferd != TRUE) {
TCB.Reason = "SNACK Rejected"; TCB.Reason = "SNACK Rejected";
Build-And-Send-Status(Connection, TCB); Build-And-Send-Status(Connection, TCB);
} }
} }
} else { /* REST UNRELATED TO WITHIN-COMMAND-RECOVERY, NOT SHOWN } else { /* REST UNRELATED TO WITHIN-COMMAND-RECOVERY, NOT SHOWN
*/ */
} }
} }
Julian Satran Expires June 2003 272
iSCSI 3-November-02
Transfer-Context-Timeout-Handler(TContext) Transfer-Context-Timeout-Handler(TContext)
{ {
Retrieve TCB and Connection from TContext. Retrieve TCB and Connection from TContext.
Decrement TCB.ActiveR2Ts. Decrement TCB.ActiveR2Ts.
if (operational ErrorRecoveryLevel > 0 and if (operational ErrorRecoveryLevel > 0 and
task is not already considered failed) { task is not already considered failed) {
Note the missing data PDUs in MissingDataRange[]. Note the missing data PDUs in MissingDataRange[].
Create a data-descriptor for the data burst Create a data-descriptor for the data burst
from MissingDataRange[]. from MissingDataRange[].
Build-And-Send-R2T(Connection, data-descriptor, TCB); Build-And-Send-R2T(Connection, data-descriptor, TCB);
skipping to change at line 11638 skipping to change at line 11564
Evaluate-a-StatSN(transport connection, currently received PDU); Evaluate-a-StatSN(transport connection, currently received PDU);
Retransmit-Command-if-Possible(transport connection, CmdSN); Retransmit-Command-if-Possible(transport connection, CmdSN);
Build-And-Send-SSnack(transport connection); Build-And-Send-SSnack(transport connection);
Build-And-Send-Command(transport connection, task control block); Build-And-Send-Command(transport connection, task control block);
Command-Acknowledge-Timeout-Handler(task control block); Command-Acknowledge-Timeout-Handler(task control block);
Status-Expect-Timeout-Handler(transport connection); Status-Expect-Timeout-Handler(transport connection);
Build-And-Send-Nop-Out(transport connection); Build-And-Send-Nop-Out(transport connection);
Handle-Status-SNACK-request(transport connection, status SNACK Handle-Status-SNACK-request(transport connection, status SNACK
PDU); PDU);
Retransmit-Status-Burst(status SNACK, task control block); Retransmit-Status-Burst(status SNACK, task control block);
Julian Satran Expires August 2003 225
iSCSI 19-January-03
Is-Acknowledged(beginning StatSN, run length); Is-Acknowledged(beginning StatSN, run length);
Implementation-specific tunables: Implementation-specific tunables:
InitiatorProactiveSNACKEnabled InitiatorProactiveSNACKEnabled
Notes: Notes:
Julian Satran Expires June 2003 273
iSCSI 3-November-02
- The initiator algorithms only deal with unsolicited Nop-In - The initiator algorithms only deal with unsolicited Nop-In
PDUs for generating status SNACKs. A solicited Nop-In PDU has PDUs for generating status SNACKs. A solicited Nop-In PDU has
an assigned StatSN, which, when out of order, could trigger an assigned StatSN, which, when out of order, could trigger
the out of order StatSN handling in Within-command algorithms, the out of order StatSN handling in Within-command algorithms,
again leading to Recover-Status-if-Possible. again leading to Recover-Status-if-Possible.
- The pseudo-code shown may result in the retransmission of - The pseudo-code shown may result in the retransmission of
unacknowledged commands in more cases than necessary. This unacknowledged commands in more cases than necessary. This
will not, however, affect the correctness of the operation will not, however, affect the correctness of the operation
because the target is required to discard the duplicate because the target is required to discard the duplicate
skipping to change at line 11677 skipping to change at line 11603
E.3.2 Initiator Algorithms E.3.2 Initiator Algorithms
Recover-Status-if-Possible(Connection, CurrentPDU) Recover-Status-if-Possible(Connection, CurrentPDU)
{ {
if ((Connection.state == LOGGED_IN) and if ((Connection.state == LOGGED_IN) and
connection is not already considered failed) { connection is not already considered failed) {
if (operational ErrorRecoveryLevel > 0) { if (operational ErrorRecoveryLevel > 0) {
if (# of missing PDUs is trackable) { if (# of missing PDUs is trackable) {
Note the missing StatSNs in Connection Note the missing StatSNs in Connection
that were not already requested with SNACK; that were not already requested with SNACK;
Build-And-Send-SSnack(Connection); Build-And-Send-SSnack(Connection);
} else { } else {
Connection.PerformConnectionCleanup = TRUE; Connection.PerformConnectionCleanup = TRUE;
} }
} else { } else {
Connection.PerformConnectionCleanup = TRUE; Connection.PerformConnectionCleanup = TRUE;
} }
if (Connection.PerformConnectionCleanup == TRUE) { if (Connection.PerformConnectionCleanup == TRUE) {
Start-Timer(Connection-Cleanup-Handler, Connection, 0); Start-Timer(Connection-Cleanup-Handler, Connection, 0);
} }
} }
} }
Retransmit-Command-if-Possible(Connection, CmdSN) Retransmit-Command-if-Possible(Connection, CmdSN)
{ {
Julian Satran Expires June 2003 274 Julian Satran Expires August 2003 226
iSCSI 3-November-02 iSCSI 19-January-03
if (operational ErrorRecoveryLevel > 0) { if (operational ErrorRecoveryLevel > 0) {
Retrieve the InitiatorTaskTag, and thus TCB for the CmdSN. Retrieve the InitiatorTaskTag, and thus TCB for the CmdSN.
Build-And-Send-Command(Connection, TCB); Build-And-Send-Command(Connection, TCB);
} }
} }
Evaluate-a-StatSN(Connection, CurrentPDU) Evaluate-a-StatSN(Connection, CurrentPDU)
{ {
send-status-SNACK = FALSE; send-status-SNACK = FALSE;
skipping to change at line 11740 skipping to change at line 11667
} }
Receive-a-In-PDU(Connection, CurrentPDU) Receive-a-In-PDU(Connection, CurrentPDU)
{ {
check-basic-validity(CurrentPDU); check-basic-validity(CurrentPDU);
if (Header-Digest-Bad) discard, return; if (Header-Digest-Bad) discard, return;
Retrieve TCB for CurrentPDU.InitiatorTaskTag. Retrieve TCB for CurrentPDU.InitiatorTaskTag.
if (CurrentPDU.type == Nop-In) { if (CurrentPDU.type == Nop-In) {
if (the PDU is unsolicited) { if (the PDU is unsolicited) {
if (current StatSN is not expected) { if (current StatSN is not expected) {
Recover-Status-if-Possible(Connection,
Julian Satran Expires June 2003 275
iSCSI 3-November-02
Recover-Status-if-Possible(Connection,
CurrentPDU); CurrentPDU);
} }
if (current ExpCmdSN is not Session.CmdSN) { if (current ExpCmdSN is not Session.CmdSN) {
Retransmit-Command-if-Possible(Connection, Retransmit-Command-if-Possible(Connection,
Julian Satran Expires August 2003 227
iSCSI 19-January-03
CurrentPDU.ExpCmdSN); CurrentPDU.ExpCmdSN);
} }
} }
} else if (CurrentPDU.type == Reject) { } else if (CurrentPDU.type == Reject) {
if (it is a data digest error on immediate data) { if (it is a data digest error on immediate data) {
Retransmit-Command-if-Possible(Connection, Retransmit-Command-if-Possible(Connection,
CurrentPDU.BadPDUHeader.CmdSN); CurrentPDU.BadPDUHeader.CmdSN);
} }
} else if (CurrentPDU.type == Response) { } else if (CurrentPDU.type == Response) {
send-status-SNACK = Evaluate-a-StatSN(Connection, send-status-SNACK = Evaluate-a-StatSN(Connection,
skipping to change at line 11779 skipping to change at line 11706
Retrieve the Connection for TCB. Retrieve the Connection for TCB.
Retransmit-Command-if-Possible(Connection, TCB.CmdSN); Retransmit-Command-if-Possible(Connection, TCB.CmdSN);
} }
Status-Expect-Timeout-Handler(Connection) Status-Expect-Timeout-Handler(Connection)
{ {
if (operational ErrorRecoveryLevel > 0) { if (operational ErrorRecoveryLevel > 0) {
Build-And-Send-Nop-Out(Connection); Build-And-Send-Nop-Out(Connection);
} else if (InitiatorProactiveSNACKEnabled){ } else if (InitiatorProactiveSNACKEnabled){
if ((Connection.state == LOGGED_IN) and if ((Connection.state == LOGGED_IN) and
connection is not already considered failed) { connection is not already considered failed) {
Build-And-Send-SSnack(Connection); Build-And-Send-SSnack(Connection);
} }
} }
} }
Julian Satran Expires June 2003 276
iSCSI 3-November-02
E.3.3 Target Algorithms E.3.3 Target Algorithms
Handle-Status-SNACK-request(Connection, CurrentPDU) Handle-Status-SNACK-request(Connection, CurrentPDU)
{ {
if (operational ErrorRecoveryLevel > 0) { if (operational ErrorRecoveryLevel > 0) {
if (request for an acknowledged run) { if (request for an acknowledged run) {
Build-And-Send-Reject(Connection, CurrentPDU, Build-And-Send-Reject(Connection, CurrentPDU,
Protocol-Error); Protocol-Error);
} else if (request for an untransmitted run) { } else if (request for an untransmitted run) {
discard, return; discard, return;
} else { } else {
Retransmit-Status-Burst(CurrentPDU, TCB); Retransmit-Status-Burst(CurrentPDU, TCB);
Julian Satran Expires August 2003 228
iSCSI 19-January-03
} }
} else { } else {
Build-And-Send-Async(Connection, DroppedConnection, Build-And-Send-Async(Connection, DroppedConnection,
DefaultTime2Wait, DefaultTime2Wait,
DefaultTime2Retain); DefaultTime2Retain);
} }
} }
E.4 Connection Recovery Algorithms E.4 Connection Recovery Algorithms
skipping to change at line 11831 skipping to change at line 11759
Build-And-Send-Command(transport connection, task control block); Build-And-Send-Command(transport connection, task control block);
Connection-Cleanup-Handler(transport connection); Connection-Cleanup-Handler(transport connection);
Connection-Resource-Timeout-Handler(transport connection); Connection-Resource-Timeout-Handler(transport connection);
Quiesce-And-Prepare-for-New-Allegiance(session, task control Quiesce-And-Prepare-for-New-Allegiance(session, task control
block); block);
Build-And-Send-Logout-Response(transport connection, Build-And-Send-Logout-Response(transport connection,
CID of connection in recovery, reason CID of connection in recovery, reason
code); code);
Build-And-Send-TaskMgmt-Response(transport connection, Build-And-Send-TaskMgmt-Response(transport connection,
task mgmt command PDU, response code); task mgmt command PDU, response code);
Julian Satran Expires June 2003 277
iSCSI 3-November-02
Establish-New-Allegiance(task control block, transport Establish-New-Allegiance(task control block, transport
connection); connection);
Schedule-Command-To-Continue(task control block); Schedule-Command-To-Continue(task control block);
Notes: Notes:
- Transport exception conditions, such as unexpected connection - Transport exception conditions, such as unexpected connection
termination, connection reset, and hung connection while the termination, connection reset, and hung connection while the
connection is in the full-feature phase, are all assumed to be connection is in the full-feature phase, are all assumed to be
asynchronously signaled to the iSCSI layer using the asynchronously signaled to the iSCSI layer using the
Transport_Exception_Handler procedure. Transport_Exception_Handler procedure.
E.4.2 Initiator Algorithms E.4.2 Initiator Algorithms
Receive-a-In-PDU(Connection, CurrentPDU) Receive-a-In-PDU(Connection, CurrentPDU)
{ {
check-basic-validity(CurrentPDU); check-basic-validity(CurrentPDU);
if (Header-Digest-Bad) discard, return; if (Header-Digest-Bad) discard, return;
Julian Satran Expires August 2003 229
iSCSI 19-January-03
Retrieve TCB from CurrentPDU.InitiatorTaskTag. Retrieve TCB from CurrentPDU.InitiatorTaskTag.
if (CurrentPDU.type == Async) { if (CurrentPDU.type == Async) {
if (CurrentPDU.AsyncEvent == ConnectionDropped) { if (CurrentPDU.AsyncEvent == ConnectionDropped) {
Retrieve the AffectedConnection for Retrieve the AffectedConnection for
CurrentPDU.Parameter1. CurrentPDU.Parameter1.
AffectedConnection.CurrentTimeout = CurrentPDU.Parameter3; AffectedConnection.CurrentTimeout = CurrentPDU.Parameter3;
AffectedConnection.State = CLEANUP_WAIT; AffectedConnection.State = CLEANUP_WAIT;
Start-Timer(Connection-Cleanup-Handler, Start-Timer(Connection-Cleanup-Handler,
AffectedConnection, AffectedConnection,
CurrentPDU.Parameter2); CurrentPDU.Parameter2);
} else if (CurrentPDU.AsyncEvent == LogoutRequest)) { } else if (CurrentPDU.AsyncEvent == LogoutRequest)) {
AffectedConnection = Connection; AffectedConnection = Connection;
AffectedConnection.State = LOGOUT_REQUESTED; AffectedConnection.State = LOGOUT_REQUESTED;
AffectedConnection.PerformConnectionCleanup = TRUE; AffectedConnection.PerformConnectionCleanup = TRUE;
AffectedConnection.CurrentTimeout =
AffectedConnection.CurrentTimeout =
CurrentPDU.Parameter3; CurrentPDU.Parameter3;
Start-Timer(Connection-Cleanup-Handler, Start-Timer(Connection-Cleanup-Handler,
AffectedConnection, 0); AffectedConnection, 0);
} else if (CurrentPDU.AsyncEvent == SessionDropped)) { } else if (CurrentPDU.AsyncEvent == SessionDropped)) {
for (each Connection) { for (each Connection) {
Connection.State = CLEANUP_WAIT; Connection.State = CLEANUP_WAIT;
Connection.CurrentTimeout = CurrentPDU.Parameter3; Connection.CurrentTimeout = CurrentPDU.Parameter3;
Start-Timer(Connection-Cleanup-Handler, Start-Timer(Connection-Cleanup-Handler,
Connection, CurrentPDU.Parameter2); Connection, CurrentPDU.Parameter2);
} }
Session.state = FAILED; Session.state = FAILED;
Julian Satran Expires June 2003 278
iSCSI 3-November-02
} }
} else if (CurrentPDU.type == LogoutResponse) { } else if (CurrentPDU.type == LogoutResponse) {
Retrieve the CleanupConnection for CurrentPDU.CID. Retrieve the CleanupConnection for CurrentPDU.CID.
if (CurrentPDU.Response = failure) { if (CurrentPDU.Response = failure) {
CleanupConnection.State = CLEANUP_WAIT; CleanupConnection.State = CLEANUP_WAIT;
} else { } else {
CleanupConnection.State = FREE; CleanupConnection.State = FREE;
} }
} else if (CurrentPDU.type == LoginResponse) { } else if (CurrentPDU.type == LoginResponse) {
skipping to change at line 11903 skipping to change at line 11829
Retrieve the CleanupConnection. Retrieve the CleanupConnection.
if (successful) { if (successful) {
CleanupConnection.State = FREE; CleanupConnection.State = FREE;
Connection.State = LOGGED_IN; Connection.State = LOGGED_IN;
} else { } else {
CleanupConnection.State = CLEANUP_WAIT; CleanupConnection.State = CLEANUP_WAIT;
DestroyTransportConnection(Connection); DestroyTransportConnection(Connection);
} }
} }
} else { /* REST UNRELATED TO CONNECTION-RECOVERY, } else { /* REST UNRELATED TO CONNECTION-RECOVERY,
Julian Satran Expires August 2003 230
iSCSI 19-January-03
* NOT SHOWN */ * NOT SHOWN */
} }
if (CleanupConnection.State == FREE) { if (CleanupConnection.State == FREE) {
for (each command that was active on CleanupConnection) { for (each command that was active on CleanupConnection) {
/* Establish new connection allegiance */ /* Establish new connection allegiance */
NewConnection = Pick-A-Logged-In-Connection(Session); NewConnection = Pick-A-Logged-In-Connection(Session);
Build-And-Send-Command(NewConnection, TCB); Build-And-Send-Command(NewConnection, TCB);
} }
} }
} }
skipping to change at line 11925 skipping to change at line 11855
{ {
Retrieve Session from Connection. Retrieve Session from Connection.
if (Connection can still exchange iSCSI PDUs) { if (Connection can still exchange iSCSI PDUs) {
NewConnection = Connection; NewConnection = Connection;
} else { } else {
Start-Timer(Connection-Resource-Timeout-Handler, Start-Timer(Connection-Resource-Timeout-Handler,
Connection, Connection.CurrentTimeout); Connection, Connection.CurrentTimeout);
if (there are other logged-in connections) { if (there are other logged-in connections) {
NewConnection = Pick-A-Logged-In-Connection(Session); NewConnection = Pick-A-Logged-In-Connection(Session);
} else { } else {
Julian Satran Expires June 2003 279
iSCSI 3-November-02
NewConnection = NewConnection =
CreateTransportConnection(Session.OtherEndInfo); CreateTransportConnection(Session.OtherEndInfo);
Initiate an implicit Logout on NewConnection for Initiate an implicit Logout on NewConnection for
Connection.CID. Connection.CID.
return; return;
} }
} }
Build-And-Send-Logout(NewConnection, Connection.CID, Build-And-Send-Logout(NewConnection, Connection.CID,
RecoveryRemove); RecoveryRemove);
} }
skipping to change at line 11945 skipping to change at line 11871
} }
Build-And-Send-Logout(NewConnection, Connection.CID, Build-And-Send-Logout(NewConnection, Connection.CID,
RecoveryRemove); RecoveryRemove);
} }
Transport_Exception_Handler(Connection) Transport_Exception_Handler(Connection)
{ {
Connection.PerformConnectionCleanup = TRUE; Connection.PerformConnectionCleanup = TRUE;
if (the event is an unexpected transport disconnect) { if (the event is an unexpected transport disconnect) {
Connection.State = CLEANUP_WAIT; Connection.State = CLEANUP_WAIT;
Connection.CurrentTimeout = DefaultTime2Retain; Connection.CurrentTimeout = DefaultTime2Retain;
Start-Timer(Connection-Cleanup-Handler, Connection, Start-Timer(Connection-Cleanup-Handler, Connection,
DefaultTime2Wait); DefaultTime2Wait);
} else { } else {
Connection.State = FREE; Connection.State = FREE;
} }
} }
Julian Satran Expires August 2003 231
iSCSI 19-January-03
E.4.3 Target Algorithms E.4.3 Target Algorithms
Receive-a-In-PDU(Connection, CurrentPDU) Receive-a-In-PDU(Connection, CurrentPDU)
{ {
check-basic-validity(CurrentPDU); check-basic-validity(CurrentPDU);
if (Header-Digest-Bad) discard, return; if (Header-Digest-Bad) discard, return;
else if (Data-Digest-Bad) { else if (Data-Digest-Bad) {
Build-And-Send-Reject(Connection, CurrentPDU, Build-And-Send-Reject(Connection, CurrentPDU,
Payload-Digest-Error); Payload-Digest-Error);
discard, return; discard, return;
} }
Retrieve TCB and Session. Retrieve TCB and Session.
if (CurrentPDU.type == Logout) { if (CurrentPDU.type == Logout) {
if (CurrentPDU.ReasonCode = RecoveryRemove) { if (CurrentPDU.ReasonCode = RecoveryRemove) {
Retrieve the CleanupConnection from CurrentPDU.CID). Retrieve the CleanupConnection from CurrentPDU.CID).
for (each command active on CleanupConnection) { for (each command active on CleanupConnection) {
Quiesce-And-Prepare-for-New-Allegiance(Session, Quiesce-And-Prepare-for-New-Allegiance(Session,
TCB); TCB);
Julian Satran Expires June 2003 280
iSCSI 3-November-02
TCB.CurrentlyAllegiant = FALSE; TCB.CurrentlyAllegiant = FALSE;
} }
Cleanup-Connection-State(CleanupConnection); Cleanup-Connection-State(CleanupConnection);
if ((quiescing successful) and (cleanup successful)) { if ((quiescing successful) and (cleanup successful)) {
Build-And-Send-Logout-Response(Connection, Build-And-Send-Logout-Response(Connection,
CleanupConnection.CID, CleanupConnection.CID,
Success); Success);
} else { } else {
Build-And-Send-Logout-Response(Connection, Build-And-Send-Logout-Response(Connection,
CleanupConnection.CID, CleanupConnection.CID,
skipping to change at line 12006 skipping to change at line 11932
} }
Cleanup-Connection-State(CleanupConnection); Cleanup-Connection-State(CleanupConnection);
if ((quiescing successful) and (cleanup successful)) { if ((quiescing successful) and (cleanup successful)) {
Continue with the rest of the Login processing; Continue with the rest of the Login processing;
} else { } else {
Build-And-Send-Login-Response(Connection, Build-And-Send-Login-Response(Connection,
CleanupConnection.CID, Target CleanupConnection.CID, Target
Error); Error);
} }
} }
Julian Satran Expires August 2003 232
iSCSI 19-January-03
} else if (CurrentPDU.type == TaskManagement) { } else if (CurrentPDU.type == TaskManagement) {
if (CurrentPDU.function == "TaskReassign") { if (CurrentPDU.function == "TaskReassign") {
if (Session.ErrorRecoveryLevel < 2) { if (Session.ErrorRecoveryLevel < 2) {
Build-And-Send-TaskMgmt-Response(Connection, Build-And-Send-TaskMgmt-Response(Connection,
CurrentPDU, "Allegiance reassignment CurrentPDU, "Allegiance reassignment
not supported"); not supported");
} else if (task is not found) { } else if (task is not found) {
Build-And-Send-TaskMgmt-Response(Connection, Build-And-Send-TaskMgmt-Response(Connection,
CurrentPDU, "Task not in task set"); CurrentPDU, "Task not in task set");
} else if (task is currently allegiant) { } else if (task is currently allegiant) {
Build-And-Send-TaskMgmt-Response(Connection, Build-And-Send-TaskMgmt-Response(Connection,
CurrentPDU, "Task still allegiant"); CurrentPDU, "Task still allegiant");
} else { } else {
Julian Satran Expires June 2003 281
iSCSI 3-November-02
Establish-New-Allegiance(TCB, Connection); Establish-New-Allegiance(TCB, Connection);
TCB.CurrentlyAllegiant = TRUE; TCB.CurrentlyAllegiant = TRUE;
Schedule-Command-To-Continue(TCB); Schedule-Command-To-Continue(TCB);
} }
} }
} else { /* REST UNRELATED TO CONNECTION-RECOVERY, } else { /* REST UNRELATED TO CONNECTION-RECOVERY,
* NOT SHOWN */ * NOT SHOWN */
} }
} }
skipping to change at line 12055 skipping to change at line 11981
Pick-A-Logged-In-Connection(Session); Pick-A-Logged-In-Connection(Session);
Build-And-Send-Async(DifferentConnection, Build-And-Send-Async(DifferentConnection,
DroppedConnection, DefaultTime2Wait, DroppedConnection, DefaultTime2Wait,
DefaultTime2Retain); DefaultTime2Retain);
} }
} else { } else {
Connection.State = FREE; Connection.State = FREE;
} }
} }
Julian Satran Expires June 2003 282 Julian Satran Expires August 2003 233
iSCSI 3-November-02 iSCSI 19-January-03
Appendix F. Clearing Effects of Various Events on Targets Appendix F. Clearing Effects of Various Events on Targets
F.1 Clearing Effects on iSCSI Objects F.1 Clearing Effects on iSCSI Objects
The following tables describe the target behavior on receiving the The following tables describe the target behavior on receiving the
events specified in the rows of the table. The second table is an events specified in the rows of the table. The second table is an
extension of the first table and defines clearing actions for more extension of the first table and defines clearing actions for more
objects on the same events. The legend is: objects on the same events. The legend is:
Y = Yes (cleared/discarded/reset on the event specified in the Y = Yes (cleared/discarded/reset on the event specified in the
row). Unless otherwise noted, the clearing action is only row). Unless otherwise noted, the clearing action is only
applicable for the issuing initiator port. applicable for the issuing initiator port.
N = No (not affected on the event specified in the row, i.e., N = No (not affected on the event specified in the row, i.e.,
stays at previous value). stays at previous value).
NA = Not Applicable or Not Defined. NA = Not Applicable or Not Defined.
Julian Satran Expires June 2003 283
iSCSI 3-November-02
+-----+-----+-----+-----+-----+ +-----+-----+-----+-----+-----+
|IT(1)|IC(2)|CT(5)|ST(6)|PP(7)| |IT(1)|IC(2)|CT(5)|ST(6)|PP(7)|
+---------------------+-----+-----+-----+-----+-----+ +---------------------+-----+-----+-----+-----+-----+
|connection failure(8)|Y |Y |N |N |Y | |connection failure(8)|Y |Y |N |N |Y |
+---------------------+-----+-----+-----+-----+-----+ +---------------------+-----+-----+-----+-----+-----+
|connection state |NA |NA |Y |N |NA | |connection state |NA |NA |Y |N |NA |
|timeout (9) | | | | | | |timeout (9) | | | | | |
+---------------------+-----+-----+-----+-----+-----+ +---------------------+-----+-----+-----+-----+-----+
|session timeout/ |Y |Y |Y |Y |Y(14)| |session timeout/ |Y |Y |Y |Y |Y(14)|
|closure/reinstatement| | | | | | |closure/reinstatement| | | | | |
skipping to change at line 12117 skipping to change at line 12040
+---------------------+-----+-----+-----+-----+-----+ +---------------------+-----+-----+-----+-----+-----+
|target cold reset(16)|Y |Y |Y |Y |Y | |target cold reset(16)|Y |Y |Y |Y |Y |
+---------------------+-----+-----+-----+-----+-----+ +---------------------+-----+-----+-----+-----+-----+
|target warm reset(16)|Y |Y |Y |Y |Y | |target warm reset(16)|Y |Y |Y |Y |Y |
+---------------------+-----+-----+-----+-----+-----+ +---------------------+-----+-----+-----+-----+-----+
|LU reset(19) |Y |Y |Y |Y |Y | |LU reset(19) |Y |Y |Y |Y |Y |
+---------------------+-----+-----+-----+-----+-----+ +---------------------+-----+-----+-----+-----+-----+
|powercycle(16) |Y |Y |Y |Y |Y | |powercycle(16) |Y |Y |Y |Y |Y |
+---------------------+-----+-----+-----+-----+-----+ +---------------------+-----+-----+-----+-----+-----+
Julian Satran Expires August 2003 234
iSCSI 19-January-03
1.Incomplete TTTs - Target Transfer Tags on which the target is 1.Incomplete TTTs - Target Transfer Tags on which the target is
still expecting PDUs to be received. Examples include TTTs received still expecting PDUs to be received. Examples include TTTs received
via R2T, NOP-IN, etc. via R2T, NOP-IN, etc.
Julian Satran Expires June 2003 284
iSCSI 3-November-02
2.Immediate Commands - immediate commands, but waiting for execution 2.Immediate Commands - immediate commands, but waiting for execution
on a target. For example, Abort Task Set. on a target. For example, Abort Task Set.
5.Connection Tasks - tasks that are active on the iSCSI connection 5.Connection Tasks - tasks that are active on the iSCSI connection
in question. in question.
6.Session Tasks - tasks that are active on the entire iSCSI session. 6.Session Tasks - tasks that are active on the entire iSCSI session.
A union of "connection tasks" on all participating connections. A union of "connection tasks" on all participating connections.
7.Partial PDUs (if any) - PDUs that are partially sent and waiting 7.Partial PDUs (if any) - PDUs that are partially sent and waiting
skipping to change at line 12165 skipping to change at line 12088
13.This clearing effect is only valid if the connection is being 13.This clearing effect is only valid if the connection is being
logged out on a different connection and when the connection being logged out on a different connection and when the connection being
logged out on the target may have some partial PDUs pending to be logged out on the target may have some partial PDUs pending to be
sent. In all other cases, the effect is "NA". sent. In all other cases, the effect is "NA".
14.This clearing effect is only valid for a "close the session" 14.This clearing effect is only valid for a "close the session"
logout in a multi-connection session. In all other cases, the logout in a multi-connection session. In all other cases, the
effect is "NA". effect is "NA".
Julian Satran Expires June 2003 285
iSCSI 3-November-02
15.Only applicable if this leading connection login is a session 15.Only applicable if this leading connection login is a session
reinstatement. If this is not the case, it is "NA". reinstatement. If this is not the case, it is "NA".
16.This operation affects all logged-in initiators. 16.This operation affects all logged-in initiators.
18.Session failure is defined in Section 5.3.6 Session Continuation 18.Session failure is defined in Section 5.3.6 Session Continuation
and Failure. and Failure.
19.This operation affects all logged-in initiators and the clearing 19.This operation affects all logged-in initiators and the clearing
effects are only applicable to the LU being reset. effects are only applicable to the LU being reset.
Julian Satran Expires June 2003 286 Julian Satran Expires August 2003 235
iSCSI 3-November-02 iSCSI 19-January-03
+-----+-----+-----+-----+-----+ +-----+-----+-----+-----+-----+
|DC(1)|DD(2)|SS(3)|CS(4)|DS(5)| |DC(1)|DD(2)|SS(3)|CS(4)|DS(5)|
+---------------------+-----+-----+-----+-----+-----+ +---------------------+-----+-----+-----+-----+-----+
|connection failure |N |Y |N |N |N | |connection failure |N |Y |N |N |N |
+---------------------+-----+-----+-----+-----+-----+ +---------------------+-----+-----+-----+-----+-----+
|connection state |Y |NA |Y |N |NA | |connection state |Y |NA |Y |N |NA |
|timeout | | | | | | |timeout | | | | | |
+---------------------+-----+-----+-----+-----+-----+ +---------------------+-----+-----+-----+-----+-----+
|session timeout/ |Y |Y |Y(7) |Y |NA | |session timeout/ |Y |Y |Y(7) |Y |NA |
skipping to change at line 12226 skipping to change at line 12146
+---------------------+-----+-----+-----+-----+-----+ +---------------------+-----+-----+-----+-----+-----+
|powercycle |Y |Y |Y |Y(10)|NA | |powercycle |Y |Y |Y |Y(10)|NA |
+---------------------+-----+-----+-----+-----+-----+ +---------------------+-----+-----+-----+-----+-----+
1.Discontiguous Commands - commands allegiant to the connection in 1.Discontiguous Commands - commands allegiant to the connection in
question and waiting to be reordered in the iSCSI layer. All "Y"s in question and waiting to be reordered in the iSCSI layer. All "Y"s in
this column assume that the task causing the event (if indeed the this column assume that the task causing the event (if indeed the
event is the result of a task) is issued as an immediate command, event is the result of a task) is issued as an immediate command,
because the discontiguities can be ahead of the task. because the discontiguities can be ahead of the task.
Julian Satran Expires June 2003 287
iSCSI 3-November-02
2.Discontiguous Data - data PDUs received for the task in question 2.Discontiguous Data - data PDUs received for the task in question
and waiting to be reordered due to prior discontiguities in DataSN. and waiting to be reordered due to prior discontiguities in DataSN.
3.StatSN 3.StatSN
4.CmdSN 4.CmdSN
5.DataSN 5.DataSN
7.It clears the StatSN on all the connections. 7.It clears the StatSN on all the connections.
8.This sequence number is instantiated on this event. 8.This sequence number is instantiated on this event.
Julian Satran Expires August 2003 236
iSCSI 19-January-03
9.A logout failure drives the connection state machine to the 9.A logout failure drives the connection state machine to the
CLEANUP_WAIT state, similar to the connection failure event. Hence, CLEANUP_WAIT state, similar to the connection failure event. Hence,
it has a similar effect on this and several other protocol aspects. it has a similar effect on this and several other protocol aspects.
10.This is cleared by virtue of the fact that all sessions with all 10.This is cleared by virtue of the fact that all sessions with all
initiators are terminated. initiators are terminated.
11.This clearing effect is "Y" if it is a connection reinstatement. 11.This clearing effect is "Y" if it is a connection reinstatement.
12.This clearing effect is "Y" only if it is a connection 12.This clearing effect is "Y" only if it is a connection
skipping to change at line 12272 skipping to change at line 12192
of this notification on a variety of SCSI attributes. In addition, of this notification on a variety of SCSI attributes. In addition,
SCSI standards documents (such as [SAM2] and [SBC]) define SCSI standards documents (such as [SAM2] and [SBC]) define
additional clearing actions that may take place for several SCSI additional clearing actions that may take place for several SCSI
objects on SCSI events such as LU resets and power-on resets. objects on SCSI events such as LU resets and power-on resets.
Since iSCSI defines a target cold reset as a protocol-equivalent to Since iSCSI defines a target cold reset as a protocol-equivalent to
a target power-cycle, the iSCSI target cold reset must also be a target power-cycle, the iSCSI target cold reset must also be
considered as the power-on reset event in interpreting the actions considered as the power-on reset event in interpreting the actions
defined in the SCSI standards. defined in the SCSI standards.
Julian Satran Expires June 2003 288
iSCSI 3-November-02
When the iSCSI session is reconstructed (between the same SCSI ports When the iSCSI session is reconstructed (between the same SCSI ports
with the same nexus identifier) reestablishing the same I_T nexus, with the same nexus identifier) reestablishing the same I_T nexus,
all SCSI objects that are defined to not clear on the "I_T nexus all SCSI objects that are defined to not clear on the "I_T nexus
loss" notification event, such as persistent reservations, are loss" notification event, such as persistent reservations, are
automatically associated to this new session. automatically associated to this new session.
Julian Satran Expires June 2003 289 Julian Satran Expires August 2003 237
iSCSI 3-November-02 iSCSI 19-January-03
Full Copyright Statement Full Copyright Statement
"Copyright (C) The Internet Society (date). All Rights Reserved. "Copyright (C) The Internet Society (date). All Rights Reserved.
This document and translations of it may be copied and furnished to This document and translations of it may be copied and furnished to
others, and derivative works that comment on or otherwise explain it others, and derivative works that comment on or otherwise explain it
or assist in its implementation may be prepared, copied, published or assist in its implementation may be prepared, copied, published
and distributed, in whole or in part, without restriction of any and distributed, in whole or in part, without restriction of any
kind, provided that the above copyright notice and this paragraph kind, provided that the above copyright notice and this paragraph
are included on all such copies and derivative works. However, this are included on all such copies and derivative works. However, this
skipping to change at line 12327 skipping to change at line 12244
The IETF takes no position regarding the validity or scope of any The IETF takes no position regarding the validity or scope of any
intellectual property or other rights that might be claimed to intellectual property or other rights that might be claimed to
pertain to the implementation or use of the technology described in pertain to the implementation or use of the technology described in
this document or the extent to which any license under such rights this document or the extent to which any license under such rights
might or might not be available; neither does it represent that it might or might not be available; neither does it represent that it
has made any effort to identify any such rights. Information on the has made any effort to identify any such rights. Information on the
IETF's procedures with respect to rights in standards-track and IETF's procedures with respect to rights in standards-track and
standards-related documentation can be found in BCP-11. Copies of standards-related documentation can be found in BCP-11. Copies of
claims of rights made available for publication and any assurances claims of rights made available for publication and any assurances
Julian Satran Expires June 2003 290
iSCSI 3-November-02
of licenses to be made available, or the result of an attempt made of licenses to be made available, or the result of an attempt made
to obtain a general license or permission for the use of such to obtain a general license or permission for the use of such
proprietary rights by implementors or users of this specification proprietary rights by implementors or users of this specification
can be obtained from the IETF Secretariat. can be obtained from the IETF Secretariat.
The IETF invites any interested party to bring to its attention any The IETF invites any interested party to bring to its attention any
copyrights, patents or patent applications, or other proprietary copyrights, patents or patent applications, or other proprietary
rights which may cover technology that may be required to practice rights which may cover technology that may be required to practice
this standard. Please address the information to the IETF Executive this standard. Please address the information to the IETF Executive
Director. Director.
Julian Satran Expires June 2003 291 Julian Satran Expires August 2003 238
 End of changes. 617 change blocks. 
1611 lines changed or deleted 1524 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/