draft-ietf-ips-iscsi-mib-08.txt   draft-ietf-ips-iscsi-mib-09.txt 
Internet Draft Mark Bakke Internet Draft Mark Bakke
<draft-ietf-ips-iscsi-mib-08.txt> Jim Muchow <draft-ietf-ips-iscsi-mib-09.txt> Jim Muchow
Expires May 2003 Cisco Systems Expires September 2003 Cisco Systems
Marjorie Krueger Marjorie Krueger
Hewlett-Packard Hewlett-Packard
Tom McSweeney Tom McSweeney
IBM IBM
November 2002 March 2003
Definitions of Managed Objects for iSCSI Definitions of Managed Objects for iSCSI
Status of this Memo Status of this Memo
This document is an Internet-Draft and is in full conformance with This document is an Internet-Draft and is subject to all provisions
all provisions of Section 10 of RFC2026. of Section 10 of RFC2026.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet- other groups may also distribute working documents as Internet-
Drafts. Drafts.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.html. http://www.ietf.org/ietf/1id-abstracts.html.
The list of Internet-Draft Shadow Directories can be accessed at The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html. http://www.ietf.org/shadow.html.
Copyright Notice Copyright Notice
Copyright (C) The Internet Society (2001). All Rights Reserved. Copyright (C) The Internet Society (2003). All Rights Reserved.
Abstract Abstract
This memo defines a portion of the Management Information Base (MIB) This memo defines a portion of the Management Information Base (MIB)
for use with network management protocols in TCP/IP based internets. for use with network management protocols in TCP/IP based internets.
In particular it defines objects for managing a client using the In particular it defines objects for managing a client using the
iSCSI (SCSI over TCP) protocol. iSCSI (SCSI over TCP) protocol.
Acknowledgments Acknowledgments
skipping to change at page 2, line 18 skipping to change at page 2, line 18
development of this MIB. Thanks especially to those who took the development of this MIB. Thanks especially to those who took the
time to participate in our weekly conference calls to build our time to participate in our weekly conference calls to build our
requirements, object models, table structures, and attributes: John requirements, object models, table structures, and attributes: John
Hufferd, Tom McSweeney (IBM), Kevin Gibbons (Nishan Systems), Chad Hufferd, Tom McSweeney (IBM), Kevin Gibbons (Nishan Systems), Chad
Gregory (Intel), Jack Harwood (EMC), Hari Mudaliar (Adaptec), Ie Wei Gregory (Intel), Jack Harwood (EMC), Hari Mudaliar (Adaptec), Ie Wei
Njoo (Agilent), Lawrence Lamers (SAN Valley), Satish Mali (Stonefly Njoo (Agilent), Lawrence Lamers (SAN Valley), Satish Mali (Stonefly
Networks), and William Terrell (Troika). Networks), and William Terrell (Troika).
Special thanks to Tom McSweeney, Ie Wei Njoo, and Kevin Gibbons, who Special thanks to Tom McSweeney, Ie Wei Njoo, and Kevin Gibbons, who
wrote the descriptions for many of the tables and attributes in this wrote the descriptions for many of the tables and attributes in this
MIB, and to Keith McCloghrie for serving as advisor to the team. MIB, to Ayman Ghanem for finding and suggesting changes for many
problems in the MIB, and to Keith McCloghrie for serving as advisor
to the team.
Table of Contents Table of Contents
1. The SNMP Management Framework.............................2 1. Introduction..............................................3
2. Relationship to Other MIBs................................4 2. The Internet-Standard Management Framework................3
3. Discussion................................................4 3. Relationship to Other MIBs................................3
3.1. iSCSI MIB Object Model..................................5 4. Discussion................................................4
3.2. iSCSI MIB Table Structure...............................6 4.1. iSCSI MIB Object Model..................................4
3.3. iscsiInstance...........................................7 4.2. iSCSI MIB Table Structure...............................5
3.4. iscsiPortal.............................................7 4.3. iscsiInstance...........................................6
3.5. iscsiTargetPortal.......................................8 4.4. iscsiPortal.............................................7
3.6. iscsiInitiatorPortal....................................9 4.5. iscsiTargetPortal.......................................8
3.7. iscsiNode...............................................9 4.6. iscsiInitiatorPortal....................................8
3.8. iscsiTarget.............................................9 4.7. iscsiNode...............................................8
3.9. iscsiTgtAuthorization..................................10 4.8. iscsiTarget.............................................9
3.10. iscsiInitiator........................................10 4.9. iscsiTgtAuthorization...................................9
3.11. iscsiIntrAuthorization................................10 4.10. iscsiInitiator.........................................9
3.12. iscsiSession..........................................10 4.11. iscsiIntrAuthorization................................10
3.13. iscsiConnection.......................................11 4.12. iscsiSession..........................................10
3.14. IP Addresses and TCP Port Numbers.....................11 4.13. iscsiConnection.......................................11
3.15. Descriptors: Using OIDs in Place of Enumerated Types..12 4.14. IP Addresses and TCP Port Numbers.....................11
3.16. Notifications.........................................12 4.15. Descriptors: Using OIDs in Place of Enumerated Types..11
4. MIB Definitions..........................................13 4.16. Notifications.........................................12
5. Security Considerations..................................67 5. MIB Definitions..........................................13
6. Normative References.....................................68 6. Security Considerations..................................69
7. Informative References...................................69 7. Normative References.....................................70
8. Authors' Addresses.......................................70 8. Informative References...................................70
9. Full Copyright Notice....................................71 9. Authors' Addresses.......................................70
10. IPR Notice..............................................72
1. The SNMP Management Framework 11. Full Copyright Notice...................................72
The SNMP Management Framework presently consists of five major
components:
o An overall architecture, described in RFC 2571 [RFC2571].
o Mechanisms for describing and naming objects and events for the
purpose of management. The first version of this Structure of
Management Information (SMI) is called SMIv1 and described in
STD 16, RFC 1155 [RFC1155], STD 16, RFC 1212 [RFC1212] and RFC
1215 [RFC1215]. The second version, called SMIv2, is described
in STD 58, RFC 2578 [RFC2578], STD 58, RFC 2579 [RFC2579] and
STD 58, RFC 2580 [RFC2580].
o Message protocols for transferring management information. The 1. Introduction
first version of the SNMP message protocol is called SNMPv1 and
described in STD 15, RFC 1157 [RFC1157]. A second version of
the SNMP message protocol, which is not an Internet standards
track protocol, is called SNMPv2c and described in RFC 1901
[RFC1901] and RFC 1906 [RFC1906]. The third version of the
message protocol is called SNMPv3 and described in RFC 1906
[RFC1906], RFC 2572 [RFC2572] and RFC 2574 [RFC2574].
o Protocol operations for accessing management information. The This document defines a MIB for iSCSI [ISCSI], used to manage devices
first set of protocol operations and associated PDU formats is which implement the iSCSI protocol.
described in STD 15, RFC 1157 [RFC1157]. A second set of
protocol operations and associated PDU formats is described in
RFC 1905 [RFC1905].
o A set of fundamental applications described in RFC 2573 2. The Internet-Standard Management Framework
[RFC2573] and the view-based access control mechanism described
in RFC 2575 [RFC2575].
A more detailed introduction to the current SNMP Management Framework For a detailed overview of the documents that describe the current
can be found in RFC 2570 [RFC2570]. Internet-Standard Management Framework, please refer to section 7 of
RFC 3410 [RFC3410].
Managed objects are accessed via a virtual information store, termed Managed objects are accessed via a virtual information store, termed
the Management Information Base or MIB. Objects in the MIB are the Management Information Base or MIB. MIB objects are generally
defined using the mechanisms defined in the SMI. accessed through the Simple Network Management Protocol (SNMP).
Objects in the MIB are defined using the mechanisms defined in the
This memo specifies a MIB module that is compliant to the SMIv2. A Structure of Management Information (SMI). This memo specifies a MIB
MIB conforming to the SMIv1 can be produced through the appropriate module that is compliant to the SMIv2, which is described in STD 58,
translations. The resulting translated MIB must be semantically RFC 2578 [RFC2578], STD 58, RFC 2579 [RFC2579] and STD 58, RFC 2580
equivalent, except where objects or events are omitted because no [RFC2580].
translation is possible (use of Counter64). Some machine readable
information in SMIv2 will be converted into textual descriptions in
SMIv1 during the translation process. However, this loss of machine
readable information is not considered to change the semantics of the
MIB.
2. Relationship to Other MIBs 3. Relationship to Other MIBs
The iSCSI MIB is layered between the SCSI MIB [SCSI-MIB] (work in The iSCSI MIB is layered between the SCSI MIB [SCSI-MIB] (work in
progress) and the TCP MIB [RFC2012], and makes use of the IPS progress) and the TCP MIB [RFC2012], and makes use of the IPS
Identity Authentication MIB [AUTH-MIB] (work in progress). Here is Identity Authentication MIB [AUTH-MIB] (work in progress). Here is
how the MIBs are related: how the MIBs are related:
SCSI MIB Each iscsiNode, whether it has an initiator role, target SCSI MIB Each iscsiNode, whether it has an initiator role, target
role, or both, is related to one SCSI device within the role, or both, is related to one SCSI device within the
SCSI MIB. The iscsiNodeTransportType attribute points to SCSI MIB. The iscsiNodeTransportType attribute points to
the SCSI transport object within the SCSI MIB, which in the SCSI transport object within the SCSI MIB, which in
skipping to change at page 4, line 38 skipping to change at page 4, line 11
points to an identity within the IPS Identity points to an identity within the IPS Identity
Authentication MIB that will be allowed to access the Authentication MIB that will be allowed to access the
target. iSCSI nodes that serve in an initiator role can target. iSCSI nodes that serve in an initiator role can
also have a list of authorized targets. Each of the also have a list of authorized targets. Each of the
entries in this list points to an identity within the Auth entries in this list points to an identity within the Auth
MIB to which the initiator should attempt to establish MIB to which the initiator should attempt to establish
sessions. The Auth MIB includes information used to sessions. The Auth MIB includes information used to
identify initiators and targets by their iSCSI name, IP identify initiators and targets by their iSCSI name, IP
address, and/or credentials. address, and/or credentials.
3. Discussion 4. Discussion
This MIB structure supplies configuration, fault, and statistics This MIB structure supplies configuration, fault, and statistics
information for iSCSI devices [ISCSI]. It is structured around the information for iSCSI devices [ISCSI]. It is structured around the
well-known iSCSI objects, such as targets, initiators, sessions, well-known iSCSI objects, such as targets, initiators, sessions,
connections, and the like. connections, and the like.
This MIB may also be used to configure access to iSCSI targets, by This MIB may also be used to configure access to iSCSI targets, by
creating iSCSI Portals and authorization list entries. creating iSCSI Portals and authorization list entries.
It is worthwhile to note that this is an iSCSI MIB and as such It is worthwhile to note that this is an iSCSI MIB and as such
skipping to change at page 5, line 12 skipping to change at page 4, line 33
about the SCSI-layer attributes of a device. The SCSI MIB, currently about the SCSI-layer attributes of a device. The SCSI MIB, currently
under development, is related to the iSCSI MIB and contains the SCSI under development, is related to the iSCSI MIB and contains the SCSI
information about a device. information about a device.
The iSCSI MIB consists of several "objects", each of which is The iSCSI MIB consists of several "objects", each of which is
represented by one or more tables. This section contains a brief represented by one or more tables. This section contains a brief
description of the "object" hierarchy and a description of each description of the "object" hierarchy and a description of each
object, followed by a discussion of the actual MIB table structure object, followed by a discussion of the actual MIB table structure
within the objects. within the objects.
3.1. iSCSI MIB Object Model 4.1. iSCSI MIB Object Model
The top-level object in this structure is the iSCSI instance, which The top-level object in this structure is the iSCSI instance, which
"contains" all of the other objects. "contains" all of the other objects.
iscsiInstance iscsiInstance
-- A distinct iSCSI entity within the managed system. -- A distinct iSCSI entity within the managed system.
iscsiPortal iscsiPortal
-- An IP address used by this instance -- An IP address used by this instance
iscsiTargetPortal iscsiTargetPortal
-- Contains portal information relevant when the portal -- Contains portal information relevant when the portal
skipping to change at page 6, line 8 skipping to change at page 5, line 31
-- An active TCP connection within an iSCSI session -- An active TCP connection within an iSCSI session
An iSCSI Node can be an initiator, a target, or both. The iSCSI An iSCSI Node can be an initiator, a target, or both. The iSCSI
Node's portals may be used to initiate connections (initiator) or Node's portals may be used to initiate connections (initiator) or
listen for connections (target), depending on wither the iSCSI Node listen for connections (target), depending on wither the iSCSI Node
is acting as an initiator or target. The iSCSI MIB assumes that any is acting as an initiator or target. The iSCSI MIB assumes that any
target may be accessed via any portal that can take on a target role, target may be accessed via any portal that can take on a target role,
although other access controls not reflected in the MIB might limit although other access controls not reflected in the MIB might limit
this. this.
3.2. iSCSI MIB Table Structure 4.2. iSCSI MIB Table Structure
Each iSCSI object exports of one or more tables: an attributes table, Each iSCSI object exports of one or more tables: an attributes table,
and zero or more statistics tables which augment the attributes and zero or more statistics tables which augment the attributes
table. Since iSCSI is an evolving standard, it is much cleaner to table. Since iSCSI is an evolving standard, it is much cleaner to
provide statistics and attributes as separate tables, allowing provide statistics and attributes as separate tables, allowing
attributes and statistics to be added independently. In a few cases, attributes and statistics to be added independently. In a few cases,
there are multiple categories of statistics that will likely grow; in there are multiple categories of statistics that will likely grow; in
this case, an object will contain multiple statistics tables. this case, an object will contain multiple statistics tables.
iscsiObjects iscsiObjects
skipping to change at page 7, line 14 skipping to change at page 6, line 36
iscsiSessionCxnErrorStatsTable iscsiSessionCxnErrorStatsTable
-- Counts digest errors, connection errors, etc. -- Counts digest errors, connection errors, etc.
iscsiConnection iscsiConnection
iscsiConnectionAttributesTable iscsiConnectionAttributesTable
Note that this MIB does not attempt to count everything that could be Note that this MIB does not attempt to count everything that could be
counted; it is designed to include only those counters that would be counted; it is designed to include only those counters that would be
useful for identifying performance, security, and fault problems from useful for identifying performance, security, and fault problems from
a management station. a management station.
3.3. iscsiInstance 4.3. iscsiInstance
The iscsiInstanceAttributesTable is the primary table of the iSCSI The iscsiInstanceAttributesTable is the primary table of the iSCSI
MIB. Every table entry in this MIB is "owned" by exactly one iSCSI MIB. Every table entry in this MIB is "owned" by exactly one iSCSI
instance; all other table entries in the MIB include this table's instance; all other table entries in the MIB include this table's
index as their primary index. index as their primary index.
Most implementations will include just one iSCSI instance row in this Most implementations will include just one iSCSI instance row in this
table. However, this table exists to allow for multiple virtual table. However, this table exists to allow for multiple virtual
instances. For example, many IP routing products now allow multiple instances. For example, many IP routing products now allow multiple
virtual routers. The iSCSI MIB has the same premise; a large system virtual routers. The iSCSI MIB has the same premise; a large system
skipping to change at page 7, line 39 skipping to change at page 7, line 13
one or even more instances. one or even more instances.
The instance attributes include the iSCSI vendor and version, as well The instance attributes include the iSCSI vendor and version, as well
as information on the last target or initiator at the other end of a as information on the last target or initiator at the other end of a
session that caused a session failure. session that caused a session failure.
The iscsiInstanceSsnErrorStatsTable augments the attributes table, The iscsiInstanceSsnErrorStatsTable augments the attributes table,
and provides statistics on session failures due to digest, and provides statistics on session failures due to digest,
connection, or iSCSI format errors. connection, or iSCSI format errors.
3.4. iscsiPortal 4.4. iscsiPortal
The iscsiPortalAttributesTable lists iSCSI portals that can either be The iscsiPortalAttributesTable lists iSCSI portals that can either be
used to listen for connections to targets, or initiate connections to used to listen for connections to targets, or initiate connections to
other targets, or both. other targets, or both.
Each entry in the table includes an IP address (either v4 or v6), and Each entry in the table includes an IP address (either v4 or v6), and
a transport protocol (currently only TCP is defined). Each entry a transport protocol (currently only TCP is defined). Each entry
that fulfills an initiator portal role has a corresponding entry in that fulfills an initiator portal role has a corresponding entry in
the iscsiInitiatorPortal table; each entry that has a target portal the iscsiInitiatorPortal table; each entry that has a target portal
role has an entry in the iscsiTargetPortal table. Each portal that role has an entry in the iscsiTargetPortal table. Each portal that
skipping to change at page 8, line 34 skipping to change at page 8, line 7
deleted) matches the portal if both its iscsiCxnLocalAddr matches the deleted) matches the portal if both its iscsiCxnLocalAddr matches the
iscsiPortalAddr, and the iscsiCxnLocalPort matches the iscsiPortalAddr, and the iscsiCxnLocalPort matches the
iscsiTargetPortalPort. iscsiTargetPortalPort.
Individual attributes within a portal, initiatorPortal, or Individual attributes within a portal, initiatorPortal, or
targetPortal entry may not be modified. For instance, changing the IP targetPortal entry may not be modified. For instance, changing the IP
address of a portal requires that the portal entries associated with address of a portal requires that the portal entries associated with
the old IP address be deleted, and new entries be created (in either the old IP address be deleted, and new entries be created (in either
order). order).
3.5. iscsiTargetPortal 4.5. iscsiTargetPortal
The iscsiTargetPortalAttributesTable contains target-specific The iscsiTgtPortalAttributesTable contains target-specific attributes
attributes for iSCSI Portals. Entries in this table use the same for iSCSI Portals. Entries in this table use the same indices as
indices as their corresponding entries in the their corresponding entries in the iscsiPortalAttributesTable. An
iscsiPortalAttributesTable. An entry in this table is created when entry in this table is created when the targetTypePortal bit is set
the targetTypePortal bit is set in the iscsiPortalRoles attribute; it in the iscsiPortalRoles attribute; it is destroyed when this bit is
is destroyed when this bit is cleared. cleared.
This table contains the TCP (or other protocol) port on which the This table contains the TCP (or other protocol) port on which the
socket is listening for incoming connections. It also includes a socket is listening for incoming connections. It also includes a
portal group aggregation tag; iSCSI target portals within this portal group aggregation tag; iSCSI target portals within this
instance sharing the same tag can contain connections within the same instance sharing the same tag can contain connections within the same
session. session.
This table will be empty for iSCSI instances that contain only This table will be empty for iSCSI instances that contain only
initiators (such as iSCSI host driver implementations). initiators (such as iSCSI host driver implementations).
3.6. iscsiInitiatorPortal 4.6. iscsiInitiatorPortal
The iscsiInitiatorPortalAttributesTable contains initiator-specific The iscsiIntrPortalAttributesTable contains initiator-specific
attributes for iSCSI Portals. Entries in this table use the same attributes for iSCSI Portals. Entries in this table use the same
indices as their corresponding entries in the indices as their corresponding entries in the
iscsiPortalAttributesTable. An entry in this table is created when iscsiPortalAttributesTable. An entry in this table is created when
the initiatorTypePortal bit is set in the iscsiPortalRoles attribute; the initiatorTypePortal bit is set in the iscsiPortalRoles attribute;
it is destroyed when this bit is cleared. it is destroyed when this bit is cleared.
Each entry in this table contains a portal group aggregation tag, Each entry in this table contains a portal group aggregation tag,
indicating which portals an initiator may use together within a indicating which portals an initiator may use together within a
multiple-connection session. multiple-connection session.
This table will be empty for iSCSI instances that contain only This table will be empty for iSCSI instances that contain only
targets (such as most iSCSI devices). targets (such as most iSCSI devices).
3.7. iscsiNode 4.7. iscsiNode
The iscsiNodeAttributesTable contains a list of iSCSI nodes, each of The iscsiNodeAttributesTable contains a list of iSCSI nodes, each of
which may have an initiator role, a target role, or both. which may have an initiator role, a target role, or both.
This table contains the node's attributes which are common to both This table contains the node's attributes which are common to both
roles, such as its iSCSI Name and alias string. Attributes specific roles, such as its iSCSI Name and alias string. Attributes specific
to initiators or targets are available in the iscsiTarget and to initiators or targets are available in the iscsiTarget and
iscsiInitiator objects. Each entry in this table that can fulfill a iscsiInitiator objects. Each entry in this table that can fulfill a
target role has a corresponding entry in the iscsiTarget table; each target role has a corresponding entry in the iscsiTarget table; each
entry that fulfills an initiator role has an entry in the entry that fulfills an initiator role has an entry in the
iscsiInitiator table. Nodes such as copy managers that can take on iscsiInitiator table. Nodes such as copy managers that can take on
both roles have a corresponding entry in each table. both roles have a corresponding entry in each table.
This table also contains the login negotiations preferences for this This table also contains the login negotiations preferences for this
node. These objects indicate the values this node will offer or node. These objects indicate the values this node will offer or
prefer in the operational negotiation phase of the login process. prefer in the operational negotiation phase of the login process.
Each entry in the table also contains a RowPointer to the transport Each entry in the table also contains a RowPointer to the transport
table entry in the SCSI MIB which this iSCSI node represents. table entry in the SCSI MIB which this iSCSI node represents.
3.8. iscsiTarget 4.8. iscsiTarget
The iscsiTargetAttributesTable contains target-specific attributes The iscsiTargetAttributesTable contains target-specific attributes
for iSCSI nodes. Each entry in this table uses the same index values for iSCSI nodes. Each entry in this table uses the same index values
as its corresponding iscsiNode entry. as its corresponding iscsiNode entry.
This table contains attributes used to indicate the last failure that This table contains attributes used to indicate the last failure that
was (or should have been) sent as a notification or trap. was (or should have been) sent as a notification or trap.
This table is augmented by the iscsiTargetLoginStatsTable and the This table is augmented by the iscsiTargetLoginStatsTable and the
iscsiTargetLogoutStatsTable, which count the numbers of normal and iscsiTargetLogoutStatsTable, which count the numbers of normal and
abnormal logins and logouts to this target. abnormal logins and logouts to this target.
3.9. iscsiTgtAuthorization 4.9. iscsiTgtAuthorization
The iscsiTgtAuthAttributesTable contains an entry for each initiator The iscsiTgtAuthAttributesTable contains an entry for each initiator
identifier that will be allowed to access the target under which it identifier that will be allowed to access the target under which it
appears. Each entry contains a RowPointer to a user identity in the appears. Each entry contains a RowPointer to a user identity in the
IPS Identity Authentication MIB, which contains the name, address, IPS Identity Authentication MIB, which contains the name, address,
and credential information necessary to authenticate the initiator. and credential information necessary to authenticate the initiator.
3.10. iscsiInitiator 4.10. iscsiInitiator
The iscsiInitiatorAttributesTable contains a list of initiator- The iscsiInitiatorAttributesTable contains a list of initiator-
specific attributes for iSCSI nodes. Each entry in this table uses specific attributes for iSCSI nodes. Each entry in this table uses
the same index values as its corresponding iscsiNode entry. the same index values as its corresponding iscsiNode entry.
Most implementations will include a single entry in this table, Most implementations will include a single entry in this table,
regardless of the number of physical interfaces the initiator may regardless of the number of physical interfaces the initiator may
use. use.
This table is augmented by the iscsiInitiatorLoginStatsTable and the This table is augmented by the iscsiInitiatorLoginStatsTable and the
iscsiInitiatorLogoutStatsTable, which count the numbers of normal and iscsiInitiatorLogoutStatsTable, which count the numbers of normal and
abnormal logins and logouts to this target. abnormal logins and logouts from this initiator.
3.11. iscsiIntrAuthorization 4.11. iscsiIntrAuthorization
The iscsiIntrAuthAttributesTable contains an entry for each target The iscsiIntrAuthAttributesTable contains an entry for each target
identifier to which the initiator is configured to establish a identifier to which the initiator is configured to establish a
session. session.
Each entry contains a RowPointer to a user identity in the IPS Each entry contains a RowPointer to a user identity in the IPS
Identity Authentication MIB, which contains the name, address, and Identity Authentication MIB, which contains the name, address, and
credential information necessary to identify (for discovery purposes) credential information necessary to identify (for discovery purposes)
and authenticate the target. and authenticate the target.
3.12. iscsiSession 4.12. iscsiSession
The iscsiSessionAttributesTable contains a set of rows that list the The iscsiSessionAttributesTable contains a set of rows that list the
sessions known to be existing locally for each node in each iSCSI sessions known to be existing locally for each node in each iSCSI
instance. instance.
The session type for each session indicates whether the session is The session type for each session indicates whether the session is
used for normal SCSI commands or for discovery using the SendTargets used for normal SCSI commands or for discovery using the SendTargets
text command. Discovery sessions that do not belong to any text command. Discovery sessions that do not belong to any
particular node have a node index attribute of zero. particular node have a node index attribute of zero.
skipping to change at page 11, line 25 skipping to change at page 11, line 5
other MIBs, such as an enterprise MIB. other MIBs, such as an enterprise MIB.
The iscsiSessionStatsTable includes statistics related to The iscsiSessionStatsTable includes statistics related to
performance; it counts iSCSI data bytes and PDUs. performance; it counts iSCSI data bytes and PDUs.
For implementations that support error recovery without terminating a For implementations that support error recovery without terminating a
session, the iscsiSessionCxnErrorStatsTable contains counters for the session, the iscsiSessionCxnErrorStatsTable contains counters for the
numbers of digest and connection errors that have occurred within the numbers of digest and connection errors that have occurred within the
session. session.
3.13. iscsiConnection 4.13. iscsiConnection
The iscsiConnectionAttributesTable contains a list of active The iscsiConnectionAttributesTable contains a list of active
connections within each session. It contains the IP addresses and connections within each session. It contains the IP addresses and
TCP (or other protocol) ports of both the local and remote side of TCP (or other protocol) ports of both the local and remote side of
the connection. These may be used to locate other connection-related the connection. These may be used to locate other connection-related
information and statistics in the TCP MIB [RFC2012]. information and statistics in the TCP MIB [RFC2012].
The attributes table also contains a connection state. This state is The attributes table also contains a connection state. This state is
not meant to directly map to the state tables included within the not meant to directly map to the state tables included within the
iSCSI specification; they are meant to be simplified, higher-level iSCSI specification; they are meant to be simplified, higher-level
definitions of connection state that provide information more useful definitions of connection state that provide information more useful
to a user or network manager. to a user or network manager.
No statistics are kept for connections. No statistics are kept for connections.
3.14. IP Addresses and TCP Port Numbers 4.14. IP Addresses and TCP Port Numbers
The IP addresses in this MIB are represented by two attributes, one The IP addresses in this MIB are represented by two attributes, one
of type InetAddressType, and the other of type InetAddress. These of type InetAddressType, and the other of type InetAddress. These
are taken from [RFC3291], which specifies how to support addresses are taken from [RFC3291], which specifies how to support addresses
that may be either IPv4 or IPv6. that may be either IPv4 or IPv6.
The TCP port numbers that appear in a few of the structures are The TCP port numbers that appear in a few of the structures are
described as simply port numbers, with a protocol attribute described as simply port numbers, with a protocol attribute
indicating whether they are TCP ports, or something else. This will indicating whether they are TCP ports, or something else. This will
allow the MIB to be compatible with iSCSI over transports other than allow the MIB to be compatible with iSCSI over transports other than
TCP in the future. TCP in the future.
3.15. Descriptors: Using OIDs in Place of Enumerated Types 4.15. Descriptors: Using OIDs in Place of Enumerated Types
The iSCSI MIB has a few attributes, such as the authentication and The iSCSI MIB has a few attributes, such as the authentication and
digest method attributes, where an enumerated type would work well, digest method attributes, where an enumerated type would work well,
except that an implementation may need to extend the attribute and except that an implementation may need to extend the attribute and
add types of its own. To make this work, the MIB defines a set of add types of its own. To make this work, the MIB defines a set of
object identities within iscsiDescriptors. Each of these object object identities within the iscsiDescriptors subtree. Each of these
identities is basically an enumerated type. object identities is basically an enumerated type.
Attributes that make use of these object identities have a value Attributes that make use of these object identities have a value
which is an OID instead of an enumerated type. These OIDs can either which is an OID instead of an enumerated type. These OIDs can either
indicate the object identities defined in this MIB, or object indicate the object identities defined in this MIB, or object
identities defined elsewhere, such as in an enterprise MIB. Those identities defined elsewhere, such as in an enterprise MIB. Those
implementations that add their own authentication and digest methods implementations that add their own authentication and digest methods
should also define a corresponding object identity for each of these should also define a corresponding object identity for each of these
methods within their own enterprise MIB, and return its OID whenever methods within their own enterprise MIB, and return its OID whenever
one of these attributes is using that method. one of these attributes is using that method.
3.16. Notifications 4.16. Notifications
Three notifications are provided. One is sent by an initiator Three notifications are provided. One is sent by an initiator
detecting a critical login failure; another is sent by a target detecting a critical login failure; another is sent by a target
detecting a critical login failure, and the third is sent upon a detecting a critical login failure, and the third is sent upon a
session being terminated due to an abnormal connection or digest session being terminated due to an abnormal connection or digest
failure. Critical failures are defined as those that may expose failure. Critical failures are defined as those that may expose
security-related problems that may require immediate action, such as security-related problems that may require immediate action, such as
failures due to authentication, authorization, or negotiation failures due to authentication, authorization, or negotiation
problems. Attributes in the initiator, target, and instance objects problems. Attributes in the initiator, target, and instance objects
provide the information necessary to send in the notification, such provide the information necessary to send in the notification, such
skipping to change at page 13, line 5 skipping to change at page 13, line 5
errors counted, an SNMP agent implementing the iSCSI MIB should not errors counted, an SNMP agent implementing the iSCSI MIB should not
send more than three iSCSI notifications in any 10-second period. send more than three iSCSI notifications in any 10-second period.
The 3-in-10 rule was chosen because one notification every three The 3-in-10 rule was chosen because one notification every three
seconds was deemed often enough, but should two or three different seconds was deemed often enough, but should two or three different
notifications happen at the same time, it would not be desirable to notifications happen at the same time, it would not be desirable to
suppress them. Three notifications in ten seconds is a happy medium, suppress them. Three notifications in ten seconds is a happy medium,
where a short burst of notifications is allowed, without inundating where a short burst of notifications is allowed, without inundating
the network and/or trap host with a large number of notifications. the network and/or trap host with a large number of notifications.
4. MIB Definitions 5. MIB Definitions
ISCSI-MIB DEFINITIONS ::= BEGIN ISCSI-MIB DEFINITIONS ::= BEGIN
IMPORTS IMPORTS
MODULE-IDENTITY, OBJECT-TYPE, OBJECT-IDENTITY, NOTIFICATION-TYPE, MODULE-IDENTITY, OBJECT-TYPE, OBJECT-IDENTITY, NOTIFICATION-TYPE,
Unsigned32, Counter32, Counter64, Gauge32, Unsigned32, Counter32, Counter64, Gauge32,
experimental experimental
FROM SNMPv2-SMI FROM SNMPv2-SMI
TEXTUAL-CONVENTION, TruthValue, RowPointer, TimeStamp, RowStatus, TEXTUAL-CONVENTION, TruthValue, RowPointer, TimeStamp, RowStatus,
skipping to change at page 15, line 34 skipping to change at page 15, line 34
a digest (NOTE: implementations must support a digest (NOTE: implementations must support
digests to be compliant with the iSCSI RFC); digests to be compliant with the iSCSI RFC);
CRC32c - require a CRC32C digest." CRC32c - require a CRC32C digest."
SYNTAX INTEGER { SYNTAX INTEGER {
none(1), none(1),
other(2), other(2),
noDigest(3), noDigest(3),
crc32c(4) crc32c(4)
} }
IscsiName ::= TEXTUAL-CONVENTION
DISPLAY-HINT "223a"
STATUS current
DESCRIPTION
"This data type is a local refinement of the SnmpAdminString
used to define an iSCSI Name."
REFERENCE
"iSCSI Protocol Specification, Section 3.2.6, iSCSI Names."
SYNTAX OCTET STRING (SIZE(16..223))
------------------------------------------------------------------------ ------------------------------------------------------------------------
iscsiDescriptors OBJECT IDENTIFIER ::= { iscsiObjects 1 } iscsiDescriptors OBJECT IDENTIFIER ::= { iscsiObjects 1 }
iscsiHeaderIntegrityTypes OBJECT IDENTIFIER ::= { iscsiDescriptors 1 } iscsiHeaderIntegrityTypes OBJECT IDENTIFIER ::= { iscsiDescriptors 1 }
iscsiHdrIntegrityNone OBJECT-IDENTITY iscsiHdrIntegrityNone OBJECT-IDENTITY
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The authoritative identifier when no integrity "The authoritative identifier when no integrity
skipping to change at page 17, line 17 skipping to change at page 17, line 27
iscsiInstDescr SnmpAdminString, iscsiInstDescr SnmpAdminString,
iscsiInstVersionMin INTEGER, iscsiInstVersionMin INTEGER,
iscsiInstVersionMax INTEGER, iscsiInstVersionMax INTEGER,
iscsiInstVendorID SnmpAdminString, iscsiInstVendorID SnmpAdminString,
iscsiInstVendorVersion SnmpAdminString, iscsiInstVendorVersion SnmpAdminString,
iscsiInstPortalNumber Unsigned32, iscsiInstPortalNumber Unsigned32,
iscsiInstNodeNumber Unsigned32, iscsiInstNodeNumber Unsigned32,
iscsiInstSessionNumber Unsigned32, iscsiInstSessionNumber Unsigned32,
iscsiInstSsnFailures Counter32, iscsiInstSsnFailures Counter32,
iscsiInstLastSsnFailureType AutonomousType, iscsiInstLastSsnFailureType AutonomousType,
iscsiInstLastSsnRmtNodeName SnmpAdminString iscsiInstLastSsnRmtNodeName IscsiName
} }
iscsiInstIndex OBJECT-TYPE iscsiInstIndex OBJECT-TYPE
SYNTAX Unsigned32 (1..4294967295) SYNTAX Unsigned32 (1..4294967295)
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"An arbitrary integer used to uniquely identify a particular "An arbitrary integer used to uniquely identify a particular
ISCSI instance." ISCSI instance."
::= { iscsiInstanceAttributesEntry 1 } ::= { iscsiInstanceAttributesEntry 1 }
iscsiInstDescr OBJECT-TYPE iscsiInstDescr OBJECT-TYPE
SYNTAX SnmpAdminString SYNTAX SnmpAdminString
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"An octet string, determined by the implementation to describe "An octet string, determined by the implementation to
the iSCSI instance. When only a single instance is present, describe the iSCSI instance. When only a single instance
this object may be set to the zero-length string; with multiple is present, this object may be set to the zero-length
iSCSI instances, it may be used in an implementation-dependent string; with multiple iSCSI instances, it may be used in
manner to describe the purpose of the respective instance." an implementation-dependent manner to describe the purpose
of the respective instance."
::= { iscsiInstanceAttributesEntry 2 } ::= { iscsiInstanceAttributesEntry 2 }
iscsiInstVersionMin OBJECT-TYPE iscsiInstVersionMin OBJECT-TYPE
SYNTAX INTEGER (0..255) SYNTAX INTEGER (0..255)
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"Minimum version number of the iSCSI specification supported "The minimum version number of the iSCSI specification
by this instance." such that this iSCSI instance supports this minimum
value, the maximum value indicated by the corresponding
instance in iscsiInstVersionMax, and all versions in
between."
::= { iscsiInstanceAttributesEntry 3 } ::= { iscsiInstanceAttributesEntry 3 }
iscsiInstVersionMax OBJECT-TYPE iscsiInstVersionMax OBJECT-TYPE
SYNTAX INTEGER (0..255) SYNTAX INTEGER (0..255)
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"Maximum version number of the iSCSI specification supported "The maximum version number of the iSCSI specification
by this instance." such that this iSCSI instance supports this maximum
value, the minimum value indicated by the corresponding
instance in iscsiInstVersionMin, and all versions in
between."
::= { iscsiInstanceAttributesEntry 4 } ::= { iscsiInstanceAttributesEntry 4 }
iscsiInstVendorID OBJECT-TYPE iscsiInstVendorID OBJECT-TYPE
SYNTAX SnmpAdminString SYNTAX SnmpAdminString
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"An octet string describing the manufacturer of the "An octet string describing the manufacturer of the
implementation of this instance." implementation of this instance."
::= { iscsiInstanceAttributesEntry 5 } ::= { iscsiInstanceAttributesEntry 5 }
skipping to change at page 19, line 37 skipping to change at page 20, line 6
DESCRIPTION DESCRIPTION
"The counter object in the iscsiInstSsnErrorStatsTable "The counter object in the iscsiInstSsnErrorStatsTable
that was incremented when the last session failure occurred. that was incremented when the last session failure occurred.
If the reason for failure is not found in the If the reason for failure is not found in the
iscsiInstSsnErrorStatsTable, the value { 0.0 } is iscsiInstSsnErrorStatsTable, the value { 0.0 } is
used instead." used instead."
::= { iscsiInstanceAttributesEntry 11 } ::= { iscsiInstanceAttributesEntry 11 }
iscsiInstLastSsnRmtNodeName OBJECT-TYPE iscsiInstLastSsnRmtNodeName OBJECT-TYPE
SYNTAX SnmpAdminString SYNTAX IscsiName
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"An octet string describing the name of the remote node "An octet string describing the name of the remote node
from the failed session." from the failed session."
::= { iscsiInstanceAttributesEntry 12 } ::= { iscsiInstanceAttributesEntry 12 }
-- Instance Session Failure Stats Table -- Instance Session Failure Stats Table
iscsiInstanceSsnErrorStatsTable OBJECT-TYPE iscsiInstanceSsnErrorStatsTable OBJECT-TYPE
skipping to change at page 22, line 28 skipping to change at page 22, line 45
initiatorTypePortal(1) initiatorTypePortal(1)
} }
MAX-ACCESS read-create MAX-ACCESS read-create
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"A portal can operate in one or both of two roles: "A portal can operate in one or both of two roles:
as a target portal and/or an initiator portal. If as a target portal and/or an initiator portal. If
the portal will operate in both roles, both bits the portal will operate in both roles, both bits
must be set. must be set.
When a new iscsiPortalAttributesEntry is to be created, This object will define a corresponding row that
the agent should use this object as a hint for the will exist or must be created in the
creation of a new iscsiTgtPortalAttributesEntry and/or iscsiTgtPortalAttributesTable, the
iscsiIntrPortalAttributesEntry." iscsiIntrPortalAttributesTable or both. If the
targetTypePortal bit is set, a corresponding
iscsiTgtPortalAttributesEntry will be found or must
be created. If the initiatorTypePortal bit is set,
a corresponding iscsiIntrPortalAttributesEntry will be
found or must be created. If both bits are set, a
corresponding iscsiTgtPortalAttributesEntry and
iscsiIntrPortalAttributesEntry will be found or must be
created."
::= { iscsiPortalAttributesEntry 3 } ::= { iscsiPortalAttributesEntry 3 }
iscsiPortalAddrType OBJECT-TYPE iscsiPortalAddrType OBJECT-TYPE
SYNTAX InetAddressType SYNTAX InetAddressType
MAX-ACCESS read-create MAX-ACCESS read-create
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The type of Internet Network Address in the iscsiPortalAddr." "The type of Internet Network Address contained in the
corresponding instance of the iscsiPortalAddr."
DEFVAL { ipv4 } DEFVAL { ipv4 }
::= { iscsiPortalAttributesEntry 4 } ::= { iscsiPortalAttributesEntry 4 }
iscsiPortalAddr OBJECT-TYPE iscsiPortalAddr OBJECT-TYPE
SYNTAX InetAddress SYNTAX InetAddress
MAX-ACCESS read-create MAX-ACCESS read-create
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The portal's Internet Network Address." "The portal's Internet Network Address."
::= { iscsiPortalAttributesEntry 5 } ::= { iscsiPortalAttributesEntry 5 }
skipping to change at page 23, line 19 skipping to change at page 23, line 45
DEFVAL { 6 } -- TCP DEFVAL { 6 } -- TCP
::= { iscsiPortalAttributesEntry 6 } ::= { iscsiPortalAttributesEntry 6 }
iscsiPortalMaxRecvDataSegLength OBJECT-TYPE iscsiPortalMaxRecvDataSegLength OBJECT-TYPE
SYNTAX INTEGER (512..16777215) SYNTAX INTEGER (512..16777215)
MAX-ACCESS read-create MAX-ACCESS read-create
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The maximum PDU length this portal can receive. "The maximum PDU length this portal can receive.
This may be constrained by hardware characteristics This may be constrained by hardware characteristics
and individual implementations may chose not to and individual implementations may choose not to
allow this object to be changed." allow this object to be changed."
DEFVAL { 8192 } DEFVAL { 8192 }
::= { iscsiPortalAttributesEntry 7 } ::= { iscsiPortalAttributesEntry 7 }
iscsiPortalPrimaryHdrDigest OBJECT-TYPE iscsiPortalPrimaryHdrDigest OBJECT-TYPE
SYNTAX IscsiDigestMethod SYNTAX IscsiDigestMethod
MAX-ACCESS read-create MAX-ACCESS read-create
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The preferred header digest for this portal." "The preferred header digest for this portal."
skipping to change at page 27, line 4 skipping to change at page 27, line 29
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"An entry (row) containing management information applicable "An entry (row) containing management information applicable
to a particular iSCSI node." to a particular iSCSI node."
INDEX { iscsiInstIndex, iscsiNodeIndex } INDEX { iscsiInstIndex, iscsiNodeIndex }
::= { iscsiNodeAttributesTable 1 } ::= { iscsiNodeAttributesTable 1 }
IscsiNodeAttributesEntry ::= SEQUENCE { IscsiNodeAttributesEntry ::= SEQUENCE {
iscsiNodeIndex Unsigned32, iscsiNodeIndex Unsigned32,
iscsiNodeName SnmpAdminString, iscsiNodeName IscsiName,
iscsiNodeAlias SnmpAdminString, iscsiNodeAlias SnmpAdminString,
iscsiNodeRoles BITS, iscsiNodeRoles BITS,
iscsiNodeTransportType RowPointer, iscsiNodeTransportType RowPointer,
iscsiNodeInitialR2T TruthValue, iscsiNodeInitialR2T TruthValue,
iscsiNodeImmediateData TruthValue, iscsiNodeImmediateData TruthValue,
iscsiNodeMaxOutstandingR2T INTEGER, iscsiNodeMaxOutstandingR2T INTEGER,
iscsiNodeFirstBurstLength INTEGER, iscsiNodeFirstBurstLength INTEGER,
iscsiNodeMaxBurstLength INTEGER, iscsiNodeMaxBurstLength INTEGER,
iscsiNodeMaxConnections INTEGER, iscsiNodeMaxConnections INTEGER,
iscsiNodeDataSequenceInOrder TruthValue, iscsiNodeDataSequenceInOrder TruthValue,
skipping to change at page 27, line 28 skipping to change at page 28, line 4
iscsiNodeErrorRecoveryLevel INTEGER iscsiNodeErrorRecoveryLevel INTEGER
} }
iscsiNodeIndex OBJECT-TYPE iscsiNodeIndex OBJECT-TYPE
SYNTAX Unsigned32 (1..4294967295) SYNTAX Unsigned32 (1..4294967295)
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"An arbitrary integer used to uniquely identify a particular "An arbitrary integer used to uniquely identify a particular
node within an iSCSI instance present on the local system." node within an iSCSI instance present on the local system."
::= { iscsiNodeAttributesEntry 1 } ::= { iscsiNodeAttributesEntry 1 }
iscsiNodeName OBJECT-TYPE iscsiNodeName OBJECT-TYPE
SYNTAX SnmpAdminString SYNTAX IscsiName
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"A character string that is a globally unique identifier for "A character string that is a globally unique identifier for
this iSCSI node. The node name is independent of the location this iSCSI node. The node name is independent of the location
of the node, and can be resolved into a set of addresses of the node, and can be resolved into a set of addresses
through various discovery services." through various discovery services."
::= { iscsiNodeAttributesEntry 2 } ::= { iscsiNodeAttributesEntry 2 }
iscsiNodeAlias OBJECT-TYPE iscsiNodeAlias OBJECT-TYPE
skipping to change at page 28, line 7 skipping to change at page 28, line 32
DESCRIPTION DESCRIPTION
"A character string that is a human-readable name or "A character string that is a human-readable name or
description of the iSCSI node. If configured, this alias description of the iSCSI node. If configured, this alias
may be communicated to the initiator or target node at may be communicated to the initiator or target node at
the remote end of the connection during a Login Request the remote end of the connection during a Login Request
or Response message. This string is not used as an or Response message. This string is not used as an
identifier, but can be displayed by the system's user identifier, but can be displayed by the system's user
interface in a list of initiators and/or targets to interface in a list of initiators and/or targets to
which it is connected. which it is connected.
If no alias is configured, this object is a zero-length If no alias exists, the value is a zero-length string."
string."
::= { iscsiNodeAttributesEntry 3 } ::= { iscsiNodeAttributesEntry 3 }
iscsiNodeRoles OBJECT-TYPE iscsiNodeRoles OBJECT-TYPE
SYNTAX BITS { SYNTAX BITS {
targetTypeNode(0), targetTypeNode(0),
initiatorTypeNode(1) initiatorTypeNode(1)
} }
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"A node can operate in one or both of two roles: "A node can operate in one or both of two roles:
a target role and/or an initiator role. If the node a target role and/or an initiator role. If the node
will operate in both roles, both bits must be set. will operate in both roles, both bits must be set.
When a new iscsiNodeAttributesEntry is to be created, This object will also define the corresponding rows that
the agent should use this object as a hint for the will exist in the iscsiTargetAttributesTable, the
creation of a new iscsiTargetAttributesEntry and/or iscsiInitiatorAttributesTable or both. If the
iscsiInitiatorAttributesEntry." targetTypeNode bit is set, there will be a corresponding
iscsiTargetAttributesEntry. If the initiatorTypeNode bit
is set, there will be a corresponding
iscsiInitiatorAttributesEntry. If both bits are set,
there will be a corresponding iscsiTgtPortalAttributesEntry
and iscsiPortalAttributesEntry."
::= { iscsiNodeAttributesEntry 4 } ::= { iscsiNodeAttributesEntry 4 }
iscsiNodeTransportType OBJECT-TYPE iscsiNodeTransportType OBJECT-TYPE
SYNTAX RowPointer SYNTAX RowPointer
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"A pointer to the corresponding scsiTrnspt object in "A pointer to the corresponding row in the appropriate
the SCSI MIB (which in turn points to this iSCSI node) table for this SCSI transport, thereby allowing management
allowing management stations to locate the SCSI-level stations to locate the SCSI-level device that is represented
Device that is represented by this iscsiNode." by this iscsiNode. For example, it could point to the
corresponding scsiTrnspt object in the SCSI MIB.
If no corresponding row exists, the value 0.0 must be
used to indicate this."
REFERENCE REFERENCE
"SCSI-MIB" "SCSI-MIB"
::= { iscsiNodeAttributesEntry 5 } ::= { iscsiNodeAttributesEntry 5 }
iscsiNodeInitialR2T OBJECT-TYPE iscsiNodeInitialR2T OBJECT-TYPE
SYNTAX TruthValue SYNTAX TruthValue
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"This object indicates the InitialR2T preference for this "This object indicates the InitialR2T preference for this
node: node:
True = YES, True = YES,
False = will try to negotiate NO, will accept YES " False = will try to negotiate NO, will accept YES "
DEFVAL { true }
::= { iscsiNodeAttributesEntry 6 } ::= { iscsiNodeAttributesEntry 6 }
iscsiNodeImmediateData OBJECT-TYPE iscsiNodeImmediateData OBJECT-TYPE
SYNTAX TruthValue SYNTAX TruthValue
MAX-ACCESS read-write MAX-ACCESS read-write
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"This object indicates ImmediateData preference for this "This object indicates ImmediateData preference for this
node node
True = YES (but will accept NO), True = YES (but will accept NO),
False = NO " False = NO "
DEFVAL { true } DEFVAL { true }
::= { iscsiNodeAttributesEntry 7 } ::= { iscsiNodeAttributesEntry 7 }
iscsiNodeMaxOutstandingR2T OBJECT-TYPE iscsiNodeMaxOutstandingR2T OBJECT-TYPE
SYNTAX INTEGER (1..65535) SYNTAX INTEGER (1..65535)
MAX-ACCESS read-write MAX-ACCESS read-write
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"Maximum number of outstanding R2Ts allowed per task." "Maximum number of outstanding R2Ts allowed per ISCSI task."
DEFVAL { 1 } DEFVAL { 1 }
::= { iscsiNodeAttributesEntry 8 } ::= { iscsiNodeAttributesEntry 8 }
iscsiNodeFirstBurstLength OBJECT-TYPE iscsiNodeFirstBurstLength OBJECT-TYPE
SYNTAX INTEGER (512..16777215) SYNTAX INTEGER (512..16777215)
UNITS "bytes" UNITS "bytes"
MAX-ACCESS read-write MAX-ACCESS read-write
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The maximum length (bytes) supported for unsolicited data "The maximum length (bytes) supported for unsolicited data
skipping to change at page 30, line 41 skipping to change at page 31, line 24
"The DataPDUInOrder preference of this node. "The DataPDUInOrder preference of this node.
False (=No) indicates that iSCSI data PDUs within sequences False (=No) indicates that iSCSI data PDUs within sequences
may be in any order. True (=Yes) indicates that data PDUs may be in any order. True (=Yes) indicates that data PDUs
within sequences must be at continuously increasing within sequences must be at continuously increasing
addresses, with no gaps or overlay between PDUs." addresses, with no gaps or overlay between PDUs."
DEFVAL { true } DEFVAL { true }
::= { iscsiNodeAttributesEntry 13 } ::= { iscsiNodeAttributesEntry 13 }
iscsiNodeDefaultTime2Wait OBJECT-TYPE iscsiNodeDefaultTime2Wait OBJECT-TYPE
SYNTAX INTEGER (0..3600) SYNTAX INTEGER (0..3600)
UNITS "seconds"
MAX-ACCESS read-write MAX-ACCESS read-write
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The DefaultTime2Wait preference of this node. "The DefaultTime2Wait preference of this node. This is the
This is the minimum time, in seconds, to wait before attempting minimum time, in seconds, to wait before attempting an
an explicit/implicit logout or active task reassignment after explicit/implicit logout or active iSCSI task reassignment
an unexpected connection termination or a connection reset." after an unexpected connection termination or a connection
reset."
DEFVAL { 2 } DEFVAL { 2 }
::= { iscsiNodeAttributesEntry 14 } ::= { iscsiNodeAttributesEntry 14 }
iscsiNodeDefaultTime2Retain OBJECT-TYPE iscsiNodeDefaultTime2Retain OBJECT-TYPE
SYNTAX INTEGER (0..3600) SYNTAX INTEGER (0..3600)
UNITS "seconds"
MAX-ACCESS read-write MAX-ACCESS read-write
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The DefaultTime2Retain preference of this node. "The DefaultTime2Retain preference of this node. This is
This is the maximum time, in seconds after an initial wait the maximum time, in seconds after an initial wait
(Time2Wait), before which an active task reassignment is still (Time2Wait), before which an active iSCSI task reassignment
possible after an unexpected connection termination or a is still possible after an unexpected connection termination
connection reset." or a connection reset."
DEFVAL { 20 } DEFVAL { 20 }
::= { iscsiNodeAttributesEntry 15 } ::= { iscsiNodeAttributesEntry 15 }
iscsiNodeErrorRecoveryLevel OBJECT-TYPE iscsiNodeErrorRecoveryLevel OBJECT-TYPE
SYNTAX INTEGER (0..255) SYNTAX INTEGER (0..255)
MAX-ACCESS read-write MAX-ACCESS read-write
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The ErrorRecoveryLevel preference of this node. "The ErrorRecoveryLevel preference of this node.
Currently, only 0-2 are valid. Currently, only 0-2 are valid.
skipping to change at page 31, line 43 skipping to change at page 32, line 29
iscsiTarget OBJECT IDENTIFIER ::= { iscsiObjects 7 } iscsiTarget OBJECT IDENTIFIER ::= { iscsiObjects 7 }
-- Target Attributes Table -- Target Attributes Table
iscsiTargetAttributesTable OBJECT-TYPE iscsiTargetAttributesTable OBJECT-TYPE
SYNTAX SEQUENCE OF IscsiTargetAttributesEntry SYNTAX SEQUENCE OF IscsiTargetAttributesEntry
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"An entry (row) containing management information applicable "A list of iSCSI nodes that can take on a target role,
to a particular node that can take on a target role." belonging to each iSCSI instance present on the local
system."
::= { iscsiTarget 1 } ::= { iscsiTarget 1 }
iscsiTargetAttributesEntry OBJECT-TYPE iscsiTargetAttributesEntry OBJECT-TYPE
SYNTAX IscsiTargetAttributesEntry SYNTAX IscsiTargetAttributesEntry
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"An entry (row) containing management information applicable "An entry (row) containing management information applicable
to a particular target." to a particular node that can take on a target role."
INDEX { iscsiInstIndex, iscsiNodeIndex } INDEX { iscsiInstIndex, iscsiNodeIndex }
::= { iscsiTargetAttributesTable 1 } ::= { iscsiTargetAttributesTable 1 }
IscsiTargetAttributesEntry ::= SEQUENCE { IscsiTargetAttributesEntry ::= SEQUENCE {
iscsiTgtLoginFailures Counter32, iscsiTgtLoginFailures Counter32,
iscsiTgtLastFailureTime TimeStamp, iscsiTgtLastFailureTime TimeStamp,
iscsiTgtLastFailureType AutonomousType, iscsiTgtLastFailureType AutonomousType,
iscsiTgtLastIntrFailureName SnmpAdminString, iscsiTgtLastIntrFailureName IscsiName,
iscsiTgtLastIntrFailureAddrType InetAddressType, iscsiTgtLastIntrFailureAddrType InetAddressType,
iscsiTgtLastIntrFailureAddr InetAddress iscsiTgtLastIntrFailureAddr InetAddress
} }
iscsiTgtLoginFailures OBJECT-TYPE iscsiTgtLoginFailures OBJECT-TYPE
SYNTAX Counter32 SYNTAX Counter32
UNITS "failed login attempts" UNITS "failed login attempts"
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
skipping to change at page 32, line 35 skipping to change at page 33, line 22
local target has failed." local target has failed."
::= { iscsiTargetAttributesEntry 1 } ::= { iscsiTargetAttributesEntry 1 }
iscsiTgtLastFailureTime OBJECT-TYPE iscsiTgtLastFailureTime OBJECT-TYPE
SYNTAX TimeStamp SYNTAX TimeStamp
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The timestamp of the most recent failure of a login attempt "The timestamp of the most recent failure of a login attempt
to this target. A value of zero indicates that no such to this target. A value of zero indicates that no such
failures have occurred." failures have occurred since the last system boot."
::= { iscsiTargetAttributesEntry 2 } ::= { iscsiTargetAttributesEntry 2 }
iscsiTgtLastFailureType OBJECT-TYPE iscsiTgtLastFailureType OBJECT-TYPE
SYNTAX AutonomousType SYNTAX AutonomousType
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The type of the most recent failure of a login attempt "The type of the most recent failure of a login attempt
to this target, represented as the OID of the counter to this target, represented as the OID of the counter
object in iscsiTargetLoginStatsTable for which the object in iscsiTargetLoginStatsTable for which the
relevant instance was incremented. A value of 0.0 relevant instance was incremented. A value of 0.0
indicates a type which is not represented by any of indicates a type which is not represented by any of
the counters in iscsiTargetLoginStatsTable." the counters in iscsiTargetLoginStatsTable."
::= { iscsiTargetAttributesEntry 3 } ::= { iscsiTargetAttributesEntry 3 }
iscsiTgtLastIntrFailureName OBJECT-TYPE iscsiTgtLastIntrFailureName OBJECT-TYPE
SYNTAX SnmpAdminString SYNTAX IscsiName
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"An octet string giving the name of the initiator "An octet string giving the name of the initiator
that failed the last login attempt." that failed the last login attempt."
::= { iscsiTargetAttributesEntry 4 } ::= { iscsiTargetAttributesEntry 4 }
iscsiTgtLastIntrFailureAddrType OBJECT-TYPE iscsiTgtLastIntrFailureAddrType OBJECT-TYPE
SYNTAX InetAddressType SYNTAX InetAddressType
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The type of Internet Network Address in "The type of Internet Network Address contained in the
iscsiTgtLastIntrFailureAddr." corresponding instance of the iscsiTgtLastIntrFailureAddr."
DEFVAL { ipv4 }
::= { iscsiTargetAttributesEntry 5 } ::= { iscsiTargetAttributesEntry 5 }
iscsiTgtLastIntrFailureAddr OBJECT-TYPE iscsiTgtLastIntrFailureAddr OBJECT-TYPE
SYNTAX InetAddress SYNTAX InetAddress
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"An Internet Network Address giving the host address "An Internet Network Address giving the host address
of the initiator that failed the last login attempt." of the initiator that failed the last login attempt."
::= { iscsiTargetAttributesEntry 6 } ::= { iscsiTargetAttributesEntry 6 }
skipping to change at page 36, line 35 skipping to change at page 37, line 20
with reason code 0 (closes the session)." with reason code 0 (closes the session)."
::= { iscsiTargetLogoutStatsEntry 1 } ::= { iscsiTargetLogoutStatsEntry 1 }
iscsiTgtLogoutOthers OBJECT-TYPE iscsiTgtLogoutOthers OBJECT-TYPE
SYNTAX Counter32 SYNTAX Counter32
UNITS "abnormal logouts" UNITS "abnormal logouts"
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The count of Logout Command PDUs received by this target, "The count of Logout Command PDUs received by this target,
with any status code other than 0." with any reason code other than 0."
::= { iscsiTargetLogoutStatsEntry 2 } ::= { iscsiTargetLogoutStatsEntry 2 }
---------------------------------------------------------------------- ----------------------------------------------------------------------
iscsiTgtAuthorization OBJECT IDENTIFIER ::= { iscsiObjects 8 } iscsiTgtAuthorization OBJECT IDENTIFIER ::= { iscsiObjects 8 }
-- Target Authorization Attributes Table -- Target Authorization Attributes Table
iscsiTgtAuthAttributesTable OBJECT-TYPE iscsiTgtAuthAttributesTable OBJECT-TYPE
SYNTAX SEQUENCE OF IscsiTgtAuthAttributesEntry SYNTAX SEQUENCE OF IscsiTgtAuthAttributesEntry
skipping to change at page 38, line 36 skipping to change at page 39, line 20
"An entry (row) containing management information "An entry (row) containing management information
applicable to a particular iSCSI node that has applicable to a particular iSCSI node that has
initiator capabilities." initiator capabilities."
INDEX { iscsiInstIndex, iscsiNodeIndex } INDEX { iscsiInstIndex, iscsiNodeIndex }
::= { iscsiInitiatorAttributesTable 1 } ::= { iscsiInitiatorAttributesTable 1 }
IscsiInitiatorAttributesEntry ::= SEQUENCE { IscsiInitiatorAttributesEntry ::= SEQUENCE {
iscsiIntrLoginFailures Counter32, iscsiIntrLoginFailures Counter32,
iscsiIntrLastFailureTime TimeStamp, iscsiIntrLastFailureTime TimeStamp,
iscsiIntrLastFailureType AutonomousType, iscsiIntrLastFailureType AutonomousType,
iscsiIntrLastTgtFailureName SnmpAdminString, iscsiIntrLastTgtFailureName IscsiName,
iscsiIntrLastTgtFailureAddrType InetAddressType, iscsiIntrLastTgtFailureAddrType InetAddressType,
iscsiIntrLastTgtFailureAddr InetAddress iscsiIntrLastTgtFailureAddr InetAddress
} }
iscsiIntrLoginFailures OBJECT-TYPE iscsiIntrLoginFailures OBJECT-TYPE
SYNTAX Counter32 SYNTAX Counter32
UNITS "failed logins" UNITS "failed logins"
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
skipping to change at page 39, line 9 skipping to change at page 39, line 42
this local initiator has failed." this local initiator has failed."
::= { iscsiInitiatorAttributesEntry 1 } ::= { iscsiInitiatorAttributesEntry 1 }
iscsiIntrLastFailureTime OBJECT-TYPE iscsiIntrLastFailureTime OBJECT-TYPE
SYNTAX TimeStamp SYNTAX TimeStamp
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The timestamp of the most recent failure of a login attempt "The timestamp of the most recent failure of a login attempt
from this initiator. A value of zero indicates that no such from this initiator. A value of zero indicates that no such
failures have occurred." failures have occurred since the last system boot."
::= { iscsiInitiatorAttributesEntry 2 } ::= { iscsiInitiatorAttributesEntry 2 }
iscsiIntrLastFailureType OBJECT-TYPE iscsiIntrLastFailureType OBJECT-TYPE
SYNTAX AutonomousType SYNTAX AutonomousType
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The type of the most recent failure of a login attempt "The type of the most recent failure of a login attempt
from this initiator, represented as the OID of the counter from this initiator, represented as the OID of the counter
object in iscsiInitiatorLoginStatsTable for which the object in iscsiInitiatorLoginStatsTable for which the
relevant instance was incremented. A value of 0.0 relevant instance was incremented. A value of 0.0
indicates a type which is not represented by any of indicates a type which is not represented by any of
the counters in iscsiInitiatorLoginStatsTable." the counters in iscsiInitiatorLoginStatsTable."
::= { iscsiInitiatorAttributesEntry 3 } ::= { iscsiInitiatorAttributesEntry 3 }
iscsiIntrLastTgtFailureName OBJECT-TYPE iscsiIntrLastTgtFailureName OBJECT-TYPE
SYNTAX SnmpAdminString SYNTAX IscsiName
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"An octet string giving the name of the target that failed "An octet string giving the name of the target that failed
the last login attempt." the last login attempt."
::= { iscsiInitiatorAttributesEntry 4 } ::= { iscsiInitiatorAttributesEntry 4 }
iscsiIntrLastTgtFailureAddrType OBJECT-TYPE iscsiIntrLastTgtFailureAddrType OBJECT-TYPE
SYNTAX InetAddressType SYNTAX InetAddressType
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The type of Internet Network Address in "The type of Internet Network Address contained in the
iscsiIntrLastTgtFailureAddr." corresponding instance of the iscsiIntrLastTgtFailureAddr."
DEFVAL { ipv4 }
::= { iscsiInitiatorAttributesEntry 5 } ::= { iscsiInitiatorAttributesEntry 5 }
iscsiIntrLastTgtFailureAddr OBJECT-TYPE iscsiIntrLastTgtFailureAddr OBJECT-TYPE
SYNTAX InetAddress SYNTAX InetAddress
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"An Internet Network Address giving the host address of the "An Internet Network Address giving the host address of the
target that failed the last login attempt." target that failed the last login attempt."
::= { iscsiInitiatorAttributesEntry 6 } ::= { iscsiInitiatorAttributesEntry 6 }
skipping to change at page 44, line 51 skipping to change at page 45, line 35
iscsiSessionAttributesEntry OBJECT-TYPE iscsiSessionAttributesEntry OBJECT-TYPE
SYNTAX IscsiSessionAttributesEntry SYNTAX IscsiSessionAttributesEntry
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"An entry (row) containing management information applicable "An entry (row) containing management information applicable
to a particular session. to a particular session.
If this session is a discovery session which is not attached If this session is a discovery session which is not attached
to any particular node, the iscsiNodeIndex will be zero." to any particular node, the iscsiSsnNodeIndex will be zero.
INDEX { iscsiInstIndex, iscsiNodeIndex, iscsiSsnIndex } Otherwise, the iscsiSsnNodeIndex will have the same value as
iscsiNodeIndex."
INDEX { iscsiInstIndex, iscsiSsnNodeIndex, iscsiSsnIndex }
::= { iscsiSessionAttributesTable 1 } ::= { iscsiSessionAttributesTable 1 }
IscsiSessionAttributesEntry ::= SEQUENCE { IscsiSessionAttributesEntry ::= SEQUENCE {
iscsiSsnNodeIndex Unsigned32,
iscsiSsnIndex Unsigned32, iscsiSsnIndex Unsigned32,
iscsiSsnDirection INTEGER, iscsiSsnDirection INTEGER,
iscsiSsnInitiatorName SnmpAdminString, iscsiSsnInitiatorName IscsiName,
iscsiSsnTargetName SnmpAdminString, iscsiSsnTargetName IscsiName,
iscsiSsnTSIH INTEGER, iscsiSsnTSIH INTEGER,
iscsiSsnISID OCTET STRING, iscsiSsnISID OCTET STRING,
iscsiSsnInitiatorAlias SnmpAdminString, iscsiSsnInitiatorAlias SnmpAdminString,
iscsiSsnTargetAlias SnmpAdminString, iscsiSsnTargetAlias SnmpAdminString,
iscsiSsnInitialR2T TruthValue, iscsiSsnInitialR2T TruthValue,
iscsiSsnImmediateData TruthValue, iscsiSsnImmediateData TruthValue,
iscsiSsnType INTEGER, iscsiSsnType INTEGER,
iscsiSsnMaxOutstandingR2T INTEGER, iscsiSsnMaxOutstandingR2T INTEGER,
iscsiSsnFirstBurstLength INTEGER, iscsiSsnFirstBurstLength INTEGER,
iscsiSsnMaxBurstLength INTEGER, iscsiSsnMaxBurstLength INTEGER,
iscsiSsnConnectionNumber Gauge32, iscsiSsnConnectionNumber Gauge32,
iscsiSsnAuthIdentity RowPointer, iscsiSsnAuthIdentity RowPointer,
iscsiSsnDataSequenceInOrder TruthValue, iscsiSsnDataSequenceInOrder TruthValue,
iscsiSsnDataPDUInOrder TruthValue, iscsiSsnDataPDUInOrder TruthValue,
iscsiSsnErrorRecoveryLevel INTEGER iscsiSsnErrorRecoveryLevel INTEGER
} }
iscsiSsnNodeIndex OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An arbitrary integer used to uniquely identify a
particular node within an iSCSI instance present
on the local system. For normal, non-discovery
sessions, this value will map to the iscsiNodeIndex.
For discovery sessions which do not have a node
associated, the value 0 (zero) is used."
::= { iscsiSessionAttributesEntry 1 }
iscsiSsnIndex OBJECT-TYPE iscsiSsnIndex OBJECT-TYPE
SYNTAX Unsigned32 (1..4294967295) SYNTAX Unsigned32 (1..4294967295)
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"An arbitrary integer used to uniquely identify a "An arbitrary integer used to uniquely identify a
particular session within an iSCSI instance present particular session within an iSCSI instance present
on the local system." on the local system."
::= { iscsiSessionAttributesEntry 1 } ::= { iscsiSessionAttributesEntry 2 }
iscsiSsnDirection OBJECT-TYPE iscsiSsnDirection OBJECT-TYPE
SYNTAX INTEGER { SYNTAX INTEGER {
inboundSession(1), inboundSession(1),
outboundSession(2) outboundSession(2)
} }
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"Direction of iSCSI session: "Direction of iSCSI session:
InboundSession - session is established from an external InboundSession - session is established from an external
initiator to a target within this iSCSI initiator to a target within this iSCSI
instance. instance.
OutboundSession - session is established from an initiator OutboundSession - session is established from an initiator
within this iSCSI instance to an external within this iSCSI instance to an external
target." target."
::= { iscsiSessionAttributesEntry 2 } ::= { iscsiSessionAttributesEntry 3 }
iscsiSsnInitiatorName OBJECT-TYPE iscsiSsnInitiatorName OBJECT-TYPE
SYNTAX SnmpAdminString SYNTAX IscsiName
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"If iscsiSsnDirection is Inbound, this object is an "If iscsiSsnDirection is Inbound, this object is an
octet string that will contain the name of the remote octet string that will contain the name of the remote
initiator. If this session is a discovery session that initiator. If this session is a discovery session that
does not specify a particular initiator, this object does not specify a particular initiator, this object
will contain a zero-length string. will contain a zero-length string.
If iscsiSsnDirection is Outbound, this object will If iscsiSsnDirection is Outbound, this object will
contain a zero-length string." contain a zero-length string."
::= { iscsiSessionAttributesEntry 3 } ::= { iscsiSessionAttributesEntry 4 }
iscsiSsnTargetName OBJECT-TYPE iscsiSsnTargetName OBJECT-TYPE
SYNTAX SnmpAdminString SYNTAX IscsiName
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"If iscsiSsnDirection is Outbound, this object is an "If iscsiSsnDirection is Outbound, this object is an
octet string that will contain the name of the remote octet string that will contain the name of the remote
target. If this session is a discovery session that target. If this session is a discovery session that
does not specify a particular target, this object will does not specify a particular target, this object will
contain a zero-length string. contain a zero-length string.
If iscsiSsnDirection is Inbound, this object will If iscsiSsnDirection is Inbound, this object will
contain a zero-length string." contain a zero-length string."
::= { iscsiSessionAttributesEntry 4 } ::= { iscsiSessionAttributesEntry 5 }
iscsiSsnTSIH OBJECT-TYPE iscsiSsnTSIH OBJECT-TYPE
SYNTAX INTEGER (1..65535) SYNTAX INTEGER (1..65535)
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The target-defined identification handle for this session." "The target-defined identification handle for this session."
::= { iscsiSessionAttributesEntry 5 } ::= { iscsiSessionAttributesEntry 6 }
iscsiSsnISID OBJECT-TYPE iscsiSsnISID OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(6)) SYNTAX OCTET STRING (SIZE(6))
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The initiator-defined portion of the iSCSI Session ID." "The initiator-defined portion of the iSCSI Session ID."
::= { iscsiSessionAttributesEntry 6 } ::= { iscsiSessionAttributesEntry 7 }
iscsiSsnInitiatorAlias OBJECT-TYPE iscsiSsnInitiatorAlias OBJECT-TYPE
SYNTAX SnmpAdminString SYNTAX SnmpAdminString
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"An octet string that gives the alias communicated by the "An octet string that gives the alias communicated by the
initiator end of the session during the login phase. initiator end of the session during the login phase.
If no alias exists, the value is a zero-length string." If no alias exists, the value is a zero-length string."
::= { iscsiSessionAttributesEntry 7 } ::= { iscsiSessionAttributesEntry 8 }
iscsiSsnTargetAlias OBJECT-TYPE iscsiSsnTargetAlias OBJECT-TYPE
SYNTAX SnmpAdminString SYNTAX SnmpAdminString
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"An octet string that gives the alias communicated by the "An octet string that gives the alias communicated by the
target end of the session during the login phase. target end of the session during the login phase.
If no alias exists, the value is a zero-length string." If no alias exists, the value is a zero-length string."
::= { iscsiSessionAttributesEntry 8 } ::= { iscsiSessionAttributesEntry 9 }
iscsiSsnInitialR2T OBJECT-TYPE iscsiSsnInitialR2T OBJECT-TYPE
SYNTAX TruthValue SYNTAX TruthValue
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"If set to true, indicates that the initiator must wait "If set to true, indicates that the initiator must wait
for an R2T before sending to the target. If set to false, for an R2T before sending to the target. If set to false,
the initiator may send data immediately, within limits set the initiator may send data immediately, within limits set
by iscsiSsnFirstBurstLength and the expected data transfer by iscsiSsnFirstBurstLength and the expected data transfer
length of the request. length of the request."
::= { iscsiSessionAttributesEntry 10 }
Default is true."
::= { iscsiSessionAttributesEntry 9 }
iscsiSsnImmediateData OBJECT-TYPE iscsiSsnImmediateData OBJECT-TYPE
SYNTAX TruthValue SYNTAX TruthValue
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"Indicates whether the initiator and target have agreed to "Indicates whether the initiator and target have agreed to
support immediate data on this session." support immediate data on this session."
::= { iscsiSessionAttributesEntry 10 } ::= { iscsiSessionAttributesEntry 11 }
iscsiSsnType OBJECT-TYPE iscsiSsnType OBJECT-TYPE
SYNTAX INTEGER { SYNTAX INTEGER {
normalSession(1), normalSession(1),
discoverySession(2) discoverySession(2)
} }
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"Type of iSCSI session: "Type of iSCSI session:
normalSession - session is a normal iSCSI session normalSession - session is a normal iSCSI session
discoverySession - session is being used only for discovery." discoverySession - session is being used only for discovery."
DEFVAL { normalSession } ::= { iscsiSessionAttributesEntry 12 }
::= { iscsiSessionAttributesEntry 11 }
iscsiSsnMaxOutstandingR2T OBJECT-TYPE iscsiSsnMaxOutstandingR2T OBJECT-TYPE
SYNTAX INTEGER (1..65535) SYNTAX INTEGER (1..65535)
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The maximum number of outstanding request-to-transmit "The maximum number of outstanding request-to-transmit
(R2T)s per task within this session." (R2T)s per iSCSI task within this session."
::= { iscsiSessionAttributesEntry 12 } ::= { iscsiSessionAttributesEntry 13 }
iscsiSsnFirstBurstLength OBJECT-TYPE iscsiSsnFirstBurstLength OBJECT-TYPE
SYNTAX INTEGER (512..16777215) SYNTAX INTEGER (512..16777215)
UNITS "bytes" UNITS "bytes"
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The maximum length supported for unsolicited data sent "The maximum length supported for unsolicited data sent
within this session." within this session."
DEFVAL { 65536 } ::= { iscsiSessionAttributesEntry 14 }
::= { iscsiSessionAttributesEntry 13 }
iscsiSsnMaxBurstLength OBJECT-TYPE iscsiSsnMaxBurstLength OBJECT-TYPE
SYNTAX INTEGER (512..16777215) SYNTAX INTEGER (512..16777215)
UNITS "bytes" UNITS "bytes"
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The maximum number of bytes which can be sent within "The maximum number of bytes which can be sent within
a single sequence of Data-In or Data-Out PDUs." a single sequence of Data-In or Data-Out PDUs."
DEFVAL { 262144 } ::= { iscsiSessionAttributesEntry 15 }
::= { iscsiSessionAttributesEntry 14 }
iscsiSsnConnectionNumber OBJECT-TYPE iscsiSsnConnectionNumber OBJECT-TYPE
SYNTAX Gauge32 (1..65535) SYNTAX Gauge32 (1..65535)
UNITS "connections" UNITS "connections"
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The number of transport protocol connections that currently "The number of transport protocol connections that currently
belong to this session." belong to this session."
::= { iscsiSessionAttributesEntry 15 } ::= { iscsiSessionAttributesEntry 16 }
iscsiSsnAuthIdentity OBJECT-TYPE iscsiSsnAuthIdentity OBJECT-TYPE
SYNTAX RowPointer SYNTAX RowPointer
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"This object contains a row in the IPS-AUTH MIB "This object contains a pointer to a row in the
which identifies the authentication method IPS-AUTH MIB which identifies the authentication
being used on this session, as communicated method being used on this session, as communicated
during the login phase." during the login phase."
REFERENCE REFERENCE
"IPS-AUTH MIB" "IPS-AUTH MIB"
::= { iscsiSessionAttributesEntry 16 } ::= { iscsiSessionAttributesEntry 17 }
iscsiSsnDataSequenceInOrder OBJECT-TYPE iscsiSsnDataSequenceInOrder OBJECT-TYPE
SYNTAX TruthValue SYNTAX TruthValue
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"False indicates that iSCSI data PDU sequences may "False indicates that iSCSI data PDU sequences may
be transferred in any order. True indicates that be transferred in any order. True indicates that
data PDU sequences must be transferred using data PDU sequences must be transferred using
continuously increasing offsets, except during continuously increasing offsets, except during
error recovery." error recovery."
::= { iscsiSessionAttributesEntry 17 } ::= { iscsiSessionAttributesEntry 18 }
iscsiSsnDataPDUInOrder OBJECT-TYPE iscsiSsnDataPDUInOrder OBJECT-TYPE
SYNTAX TruthValue SYNTAX TruthValue
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"False indicates that iSCSI data PDUs within sequences "False indicates that iSCSI data PDUs within sequences
may be in any order. True indicates that data PDUs may be in any order. True indicates that data PDUs
within sequences must be at continuously increasing within sequences must be at continuously increasing
addresses, with no gaps or overlay between PDUs. addresses, with no gaps or overlay between PDUs.
Default is true." Default is true."
::= { iscsiSessionAttributesEntry 18 } ::= { iscsiSessionAttributesEntry 19 }
iscsiSsnErrorRecoveryLevel OBJECT-TYPE iscsiSsnErrorRecoveryLevel OBJECT-TYPE
SYNTAX INTEGER (0..255) SYNTAX INTEGER (0..255)
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The level of error recovery negotiated between "The level of error recovery negotiated between
the initiator and the target. Higher numbers the initiator and the target. Higher numbers
represent more detailed recovery schemes." represent more detailed recovery schemes."
::= { iscsiSessionAttributesEntry 19 } ::= { iscsiSessionAttributesEntry 20 }
-- Session Stats Table -- Session Stats Table
iscsiSessionStatsTable OBJECT-TYPE iscsiSessionStatsTable OBJECT-TYPE
SYNTAX SEQUENCE OF IscsiSessionStatsEntry SYNTAX SEQUENCE OF IscsiSessionStatsEntry
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"A list of general iSCSI traffic counters for each of the "A list of general iSCSI traffic counters for each of the
sessions present on the system." sessions present on the system."
skipping to change at page 52, line 41 skipping to change at page 53, line 34
UNITS "PDUs" UNITS "PDUs"
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The count of PDUs which were received on the session and "The count of PDUs which were received on the session and
contained header or data digest errors." contained header or data digest errors."
::= { iscsiSessionCxnErrorStatsEntry 1 } ::= { iscsiSessionCxnErrorStatsEntry 1 }
iscsiSsnCxnTimeoutErrors OBJECT-TYPE iscsiSsnCxnTimeoutErrors OBJECT-TYPE
SYNTAX Counter32 SYNTAX Counter32
UNITS "sequences" UNITS "connections"
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The count of connections within this session "The count of connections within this session
which have been terminated due to timeout." which have been terminated due to timeout."
::= { iscsiSessionCxnErrorStatsEntry 2 } ::= { iscsiSessionCxnErrorStatsEntry 2 }
---------------------------------------------------------------------- ----------------------------------------------------------------------
iscsiConnection OBJECT IDENTIFIER ::= { iscsiObjects 12 } iscsiConnection OBJECT IDENTIFIER ::= { iscsiObjects 12 }
skipping to change at page 53, line 23 skipping to change at page 54, line 16
present on the system." present on the system."
::= { iscsiConnection 1 } ::= { iscsiConnection 1 }
iscsiConnectionAttributesEntry OBJECT-TYPE iscsiConnectionAttributesEntry OBJECT-TYPE
SYNTAX IscsiConnectionAttributesEntry SYNTAX IscsiConnectionAttributesEntry
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"An entry (row) containing management information applicable "An entry (row) containing management information applicable
to a particular connection." to a particular connection."
INDEX { iscsiInstIndex, iscsiNodeIndex, iscsiSsnIndex, INDEX { iscsiInstIndex, iscsiSsnNodeIndex, iscsiSsnIndex,
iscsiCxnIndex } iscsiCxnIndex }
::= { iscsiConnectionAttributesTable 1 } ::= { iscsiConnectionAttributesTable 1 }
IscsiConnectionAttributesEntry ::= SEQUENCE { IscsiConnectionAttributesEntry ::= SEQUENCE {
iscsiCxnIndex Unsigned32, iscsiCxnIndex Unsigned32,
iscsiCxnCid INTEGER, iscsiCxnCid INTEGER,
iscsiCxnState INTEGER, iscsiCxnState INTEGER,
iscsiCxnLocalAddrType InetAddressType, iscsiCxnLocalAddrType InetAddressType,
iscsiCxnLocalAddr InetAddress, iscsiCxnLocalAddr InetAddress,
iscsiCxnProtocol IscsiTransportProtocols, iscsiCxnProtocol IscsiTransportProtocols,
skipping to change at page 54, line 43 skipping to change at page 55, line 37
logout - A valid iSCSI logout command has been sent or logout - A valid iSCSI logout command has been sent or
received, but the transport protocol connection has received, but the transport protocol connection has
not yet been closed." not yet been closed."
::= { iscsiConnectionAttributesEntry 3 } ::= { iscsiConnectionAttributesEntry 3 }
iscsiCxnLocalAddrType OBJECT-TYPE iscsiCxnLocalAddrType OBJECT-TYPE
SYNTAX InetAddressType SYNTAX InetAddressType
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The type of Internet Network Address in iscsiCxnLocalAddr." "The type of Internet Network Address contained in the
DEFVAL { ipv4 } corresponding instance of the iscsiCxnLocalAddr."
::= { iscsiConnectionAttributesEntry 4 } ::= { iscsiConnectionAttributesEntry 4 }
iscsiCxnLocalAddr OBJECT-TYPE iscsiCxnLocalAddr OBJECT-TYPE
SYNTAX InetAddress SYNTAX InetAddress
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The local Internet Network Address used by this connection." "The local Internet Network Address used by this connection."
::= { iscsiConnectionAttributesEntry 5 } ::= { iscsiConnectionAttributesEntry 5 }
iscsiCxnProtocol OBJECT-TYPE iscsiCxnProtocol OBJECT-TYPE
SYNTAX IscsiTransportProtocols SYNTAX IscsiTransportProtocols
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The transport protocol over which this connection is "The transport protocol over which this connection is
running." running."
DEFVAL { 6 } -- TCP
::= { iscsiConnectionAttributesEntry 6 } ::= { iscsiConnectionAttributesEntry 6 }
iscsiCxnLocalPort OBJECT-TYPE iscsiCxnLocalPort OBJECT-TYPE
SYNTAX Unsigned32 SYNTAX Unsigned32
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The local transport protocol port used by this connection." "The local transport protocol port used by this connection."
::= { iscsiConnectionAttributesEntry 7 } ::= { iscsiConnectionAttributesEntry 7 }
iscsiCxnRemoteAddrType OBJECT-TYPE iscsiCxnRemoteAddrType OBJECT-TYPE
SYNTAX InetAddressType SYNTAX InetAddressType
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The type of Internet Network Address in iscsiCxnRemoteAddr." "The type of Internet Network Address in contained in the
DEFVAL { ipv4 } corresponding instance of the iscsiCxnRemoteAddr."
::= { iscsiConnectionAttributesEntry 8 } ::= { iscsiConnectionAttributesEntry 8 }
iscsiCxnRemoteAddr OBJECT-TYPE iscsiCxnRemoteAddr OBJECT-TYPE
SYNTAX InetAddress SYNTAX InetAddress
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The remote Internet Network Address used by this connection." "The remote Internet Network Address used by this connection."
::= { iscsiConnectionAttributesEntry 9 } ::= { iscsiConnectionAttributesEntry 9 }
skipping to change at page 56, line 10 skipping to change at page 56, line 51
::= { iscsiConnectionAttributesEntry 10 } ::= { iscsiConnectionAttributesEntry 10 }
iscsiCxnMaxRecvDataSegLength OBJECT-TYPE iscsiCxnMaxRecvDataSegLength OBJECT-TYPE
SYNTAX INTEGER (512..16777215) SYNTAX INTEGER (512..16777215)
UNITS "bytes" UNITS "bytes"
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The maximum data payload size supported for command "The maximum data payload size supported for command
or data PDUs able to be received on this connection." or data PDUs able to be received on this connection."
DEFVAL { 8192 }
::= { iscsiConnectionAttributesEntry 11 } ::= { iscsiConnectionAttributesEntry 11 }
iscsiCxnMaxXmitDataSegLength OBJECT-TYPE iscsiCxnMaxXmitDataSegLength OBJECT-TYPE
SYNTAX INTEGER (512..16777215) SYNTAX INTEGER (512..16777215)
UNITS "bytes" UNITS "bytes"
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The maximum data payload size supported for command "The maximum data payload size supported for command
or data PDUs to be sent on this connection." or data PDUs to be sent on this connection."
DEFVAL { 8192 }
::= { iscsiConnectionAttributesEntry 12 } ::= { iscsiConnectionAttributesEntry 12 }
iscsiCxnHeaderIntegrity OBJECT-TYPE iscsiCxnHeaderIntegrity OBJECT-TYPE
SYNTAX IscsiDigestMethod SYNTAX IscsiDigestMethod
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"This object identifies the iSCSI header "This object identifies the iSCSI header
digest scheme in use within this connection." digest scheme in use within this connection."
::= { iscsiConnectionAttributesEntry 13 } ::= { iscsiConnectionAttributesEntry 13 }
skipping to change at page 56, line 49 skipping to change at page 57, line 40
digest scheme in use within this connection." digest scheme in use within this connection."
::= { iscsiConnectionAttributesEntry 14 } ::= { iscsiConnectionAttributesEntry 14 }
iscsiCxnRecvMarker OBJECT-TYPE iscsiCxnRecvMarker OBJECT-TYPE
SYNTAX TruthValue SYNTAX TruthValue
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"This object indicates whether or not this connection "This object indicates whether or not this connection
is receiving markers in in its incoming data stream." is receiving markers in in its incoming data stream."
DEFVAL { false }
::= { iscsiConnectionAttributesEntry 15 } ::= { iscsiConnectionAttributesEntry 15 }
iscsiCxnSendMarker OBJECT-TYPE iscsiCxnSendMarker OBJECT-TYPE
SYNTAX TruthValue SYNTAX TruthValue
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"This object indicates whether or not this connection "This object indicates whether or not this connection
is inserting markers in in its outgoing data stream." is inserting markers in in its outgoing data stream."
DEFVAL { false }
::= { iscsiConnectionAttributesEntry 16 } ::= { iscsiConnectionAttributesEntry 16 }
iscsiCxnVersionActive OBJECT-TYPE iscsiCxnVersionActive OBJECT-TYPE
SYNTAX INTEGER (0..255) SYNTAX INTEGER (0..255)
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"Active version number of the iSCSI specification negotiated "Active version number of the iSCSI specification negotiated
on this connection." on this connection."
::= { iscsiConnectionAttributesEntry 17 } ::= { iscsiConnectionAttributesEntry 17 }
skipping to change at page 57, line 41 skipping to change at page 58, line 28
iscsiTgtLoginFailures, iscsiTgtLoginFailures,
iscsiTgtLastFailureType, iscsiTgtLastFailureType,
iscsiTgtLastIntrFailureName, iscsiTgtLastIntrFailureName,
iscsiTgtLastIntrFailureAddrType, iscsiTgtLastIntrFailureAddrType,
iscsiTgtLastIntrFailureAddr iscsiTgtLastIntrFailureAddr
} }
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"Sent when a login is failed by a target. "Sent when a login is failed by a target.
The implementation of this trap should not send more than The implementation of this notification should not send
3 notifications of this type in any 10 second time span." more than 3 notifications of this type in any 10 second
time span."
::= { iscsiNotificationsPrefix 1 } ::= { iscsiNotificationsPrefix 1 }
iscsiIntrLoginFailure NOTIFICATION-TYPE iscsiIntrLoginFailure NOTIFICATION-TYPE
OBJECTS { OBJECTS {
iscsiIntrLoginFailures, iscsiIntrLoginFailures,
iscsiIntrLastFailureType, iscsiIntrLastFailureType,
iscsiIntrLastTgtFailureName, iscsiIntrLastTgtFailureName,
iscsiIntrLastTgtFailureAddrType, iscsiIntrLastTgtFailureAddrType,
iscsiIntrLastTgtFailureAddr iscsiIntrLastTgtFailureAddr
} }
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"Sent when a login is failed by a initiator. "Sent when a login is failed by a initiator.
The implementation of this trap should not send more than The implementation of this notification should not send
3 notifications of this type in any 10 second time span." more than 3 notifications of this type in any 10 second
time span."
::= { iscsiNotificationsPrefix 2 } ::= { iscsiNotificationsPrefix 2 }
iscsiInstSessionFailure NOTIFICATION-TYPE iscsiInstSessionFailure NOTIFICATION-TYPE
OBJECTS { OBJECTS {
iscsiInstSsnFailures, iscsiInstSsnFailures,
iscsiInstLastSsnFailureType, iscsiInstLastSsnFailureType,
iscsiInstLastSsnRmtNodeName iscsiInstLastSsnRmtNodeName
} }
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"Sent when an active session is failed by either the initiator "Sent when an active session is failed by either the initiator
or the target. or the target.
The implementation of this trap should not send more than The implementation of this notification should not send
3 notifications of this type in any 10 second time span." more than 3 notifications of this type in any 10 second
time span."
::= { iscsiNotificationsPrefix 3 } ::= { iscsiNotificationsPrefix 3 }
------------------------------------------------------------------------ ------------------------------------------------------------------------
-- Conformance Statements -- Conformance Statements
iscsiGroups OBJECT IDENTIFIER ::= { iscsiConformance 1 } iscsiGroups OBJECT IDENTIFIER ::= { iscsiConformance 1 }
iscsiInstanceAttributesGroup OBJECT-GROUP iscsiInstanceAttributesGroup OBJECT-GROUP
OBJECTS { OBJECTS {
skipping to change at page 61, line 34 skipping to change at page 62, line 26
logout events between remote initiators to local targets." logout events between remote initiators to local targets."
::= { iscsiGroups 9 } ::= { iscsiGroups 9 }
iscsiTargetAuthGroup OBJECT-GROUP iscsiTargetAuthGroup OBJECT-GROUP
OBJECTS { OBJECTS {
iscsiTgtAuthRowStatus, iscsiTgtAuthRowStatus,
iscsiTgtAuthIdentity iscsiTgtAuthIdentity
} }
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"." "A collection of objects providing information about all
remote initiators that are authorized to connect to local
targets."
::= { iscsiGroups 10 } ::= { iscsiGroups 10 }
iscsiInitiatorAttributesGroup OBJECT-GROUP iscsiInitiatorAttributesGroup OBJECT-GROUP
OBJECTS { OBJECTS {
iscsiIntrLoginFailures, iscsiIntrLoginFailures,
iscsiIntrLastFailureTime, iscsiIntrLastFailureTime,
iscsiIntrLastFailureType, iscsiIntrLastFailureType,
iscsiIntrLastTgtFailureName, iscsiIntrLastTgtFailureName,
iscsiIntrLastTgtFailureAddrType, iscsiIntrLastTgtFailureAddrType,
iscsiIntrLastTgtFailureAddr iscsiIntrLastTgtFailureAddr
skipping to change at page 62, line 38 skipping to change at page 63, line 31
logout events between local initiators to remote targets." logout events between local initiators to remote targets."
::= { iscsiGroups 13 } ::= { iscsiGroups 13 }
iscsiInitiatorAuthGroup OBJECT-GROUP iscsiInitiatorAuthGroup OBJECT-GROUP
OBJECTS { OBJECTS {
iscsiIntrAuthRowStatus, iscsiIntrAuthRowStatus,
iscsiIntrAuthIdentity iscsiIntrAuthIdentity
} }
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"." "A collection of objects providing information about all
remote targets that are initiators of the local system are
authorized to access."
::= { iscsiGroups 14 } ::= { iscsiGroups 14 }
iscsiSessionAttributesGroup OBJECT-GROUP iscsiSessionAttributesGroup OBJECT-GROUP
OBJECTS { OBJECTS {
iscsiSsnDirection, iscsiSsnDirection,
iscsiSsnInitiatorName, iscsiSsnInitiatorName,
iscsiSsnTargetName, iscsiSsnTargetName,
iscsiSsnTSIH, iscsiSsnTSIH,
iscsiSsnISID, iscsiSsnISID,
iscsiSsnInitiatorAlias, iscsiSsnInitiatorAlias,
skipping to change at page 66, line 23 skipping to change at page 67, line 19
-- Conditionally mandatory groups to be included with -- Conditionally mandatory groups to be included with
-- the mandatory groups when the implementation has -- the mandatory groups when the implementation has
-- iSCSI target facilities. -- iSCSI target facilities.
GROUP iscsiTgtPortalAttributesGroup GROUP iscsiTgtPortalAttributesGroup
DESCRIPTION DESCRIPTION
"This group is mandatory for all iSCSI implementations "This group is mandatory for all iSCSI implementations
that have iSCSI target facilities." that have iSCSI target facilities."
OBJECT iscsiPortalMaxRecvDataSegLength
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
GROUP iscsiTargetAttributesGroup GROUP iscsiTargetAttributesGroup
DESCRIPTION DESCRIPTION
"This group is mandatory for all iSCSI implementations "This group is mandatory for all iSCSI implementations
that have iSCSI target facilities." that have iSCSI target facilities."
GROUP iscsiTargetLoginStatsGroup GROUP iscsiTargetLoginStatsGroup
DESCRIPTION DESCRIPTION
"This group is mandatory for all iSCSI implementations "This group is mandatory for all iSCSI implementations
that have iSCSI target facilities." that have iSCSI target facilities."
skipping to change at page 67, line 39 skipping to change at page 69, line 5
GROUP iscsiInitiatorAuthGroup GROUP iscsiInitiatorAuthGroup
DESCRIPTION DESCRIPTION
"This group is mandatory for all iSCSI implementations "This group is mandatory for all iSCSI implementations
that have iSCSI initiator facilities." that have iSCSI initiator facilities."
::= { iscsiCompliances 1 } ::= { iscsiCompliances 1 }
END END
5. Security Considerations 6. Security Considerations
There are a number of management objects defined in this MIB that There are a number of management objects defined in this MIB module
have a MAX-ACCESS clause of read-write and/or read-create. Such with a MAX-ACCESS clause of read-write and/or read-create. Such
objects may be considered sensitive or vulnerable in some network objects may be considered sensitive or vulnerable in some network
environments. The support for SET operations in a non-secure environments. The support for SET operations in a non-secure
environment without proper protection can have a negative effect on environment without proper protection can have a negative effect on
network operations. network operations. These are the tables and objects and their
sensitivity/vulnerability:
Information gleaned from this MIB could be used to make connections iscsiPortalAttributesTable, iscsiTgtPortalAttributesTable, and
to the iSCSI targets it represents. However, it is the iscsiIntrPortalAttributes table can be used to add or remove IP
responsibility of the initiators and targets involved to authenticate addresses to be used by iSCSI.
each other to ensure that an inappropriately advertised or discovered
initiator or target does not compromise their security. These issues
are discussed in [ISCSI].
SNMPv1 by itself is not a secure environment. Even if the network iscsiTgtAuthAttributesTable entries can be added or removed, to
itself is secure (for example by using IPsec), even then, there is no allow or disallow access to a target by an initiator.
control as to who on the secure network is allowed to access and
GET/SET (read/change/create/delete) the objects in this MIB.
It is recommended that the implementors consider the security Some of the readable objects in this MIB module (i.e., objects with a
features as provided by the SNMPv3 framework. Specifically, the use MAX-ACCESS other than not-accessible) may be considered sensitive or
of the User-based Security Model RFC 2574 [RFC2574] and the View- vulnerable in some network environments. It is thus important to
based Access Control Model RFC 2575 [RFC2575] is recommended. control even GET and/or NOTIFY access to these objects and possibly
to even encrypt the values of these objects when sending them over
the network via SNMP. These are the tables and objects and their
sensitivity/vulnerability:
It is then a customer/user responsibility to ensure that the SNMP iscsiNodeAttributesTable, iscsiTargetAttributesTable, and
entity giving access to an instance of this MIB, is properly iscsiTgtAuthorization can be used to glean information needed to
configured to give access to the objects only to those principals make connections to the iSCSI targets this MIB represents.
(users) that have legitimate rights to indeed GET or SET However, it is the responsibility of the initiators and targets
(change/create/delete) them. involved to authenticate each other to ensure that an
inappropriately advertised or discovered initiator or target does
not compromise their security. These issues are discussed in
[ISCSI].
6. Normative References SNMP versions prior to SNMPv3 did not include adequate security.
Even if the network itself is secure (for example by using IPsec),
even then, there is no control as to who on the secure network is
allowed to access and GET/SET (read/change/create/delete) the objects
in this MIB module.
[ISCSI] J. Satran, et. al., "iSCSI", draft-ietf-ips-iSCSI-18, It is RECOMMENDED that implementors consider the security features as
October 2002. provided by the SNMPv3 framework (see [RFC3410], section 8),
including full support for the SNMPv3 cryptographic mechanisms (for
authentication and privacy).
[RFC2571] D. Harrington, R. Presuhn, and B. Wijnen, "An Architecture Further, deployment of SNMP versions prior to SNMPv3 is NOT
for Describing SNMP Management Frameworks", RFC 2571, April RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to
1999. enable cryptographic security. It is then a customer/operator
responsibility to ensure that the SNMP entity giving access to an
instance of this MIB module is properly configured to give access to
the objects only to those principals (users) that have legitimate
rights to indeed GET or SET (change/create/delete) them.
[RFC1155] M. Rose and K. McCloghrie, "Structure and Identification of 7. Normative References
Management Information for TCP/IP-based Internets", STD 16,
RFC 1155, May 1990.
[RFC1212] M. Rose and K. McCloghrie, "Concise MIB Definitions", STD [ISCSI] J. Satran, et. al., "iSCSI", Work in Progress, draft-ietf-
16, RFC 1212, March 1991. ips-iSCSI-20, January 2003.
[RFC2578] K. McCloghrie, D. Perkins, J. Schoenwaelder, J. Case, M. [RFC2578] K. McCloghrie, D. Perkins, J. Schoenwaelder, J. Case, M.
Rose, and S. Waldbusser, "Structure of Management Rose, and S. Waldbusser, "Structure of Management
Information Version 2 (SMIv2)", STD 58, RFC 2578, April Information Version 2 (SMIv2)", STD 58, RFC 2578, April
1999. 1999.
[RFC1215] M. Rose, "A Convention for Defining Traps for use with the
SNMP", RFC 1215, March 1991.
[RFC2579] K. McCloghrie, D. Perkins, J. Schoenwaelder, J. Case, M. [RFC2579] K. McCloghrie, D. Perkins, J. Schoenwaelder, J. Case, M.
Rose, and S. Waldbusser, "Textual Conventions for SMIv2", Rose, and S. Waldbusser, "Textual Conventions for SMIv2",
STD 58, RFC 2579, April 1999. STD 58, RFC 2579, April 1999.
[RFC2580] K. McCloghrie, D. Perkins, J. Schoenwaelder, J. Case, M. [RFC2580] K. McCloghrie, D. Perkins, J. Schoenwaelder, J. Case, M.
Rose, and S. Waldbusser, "Conformance Statements for SMIv2", Rose, and S. Waldbusser, "Conformance Statements for SMIv2",
STD 58, RFC 2580, April 1999. STD 58, RFC 2580, April 1999.
[RFC1157] J. Case, M. Fedor, M. Schoffstall, and J. Davin, "Simple
Network Management Protocol", STD 15, RFC 1157, May 1990.
[RFC3291] M. Daniele, et. al., "Textual Conventions for Internet [RFC3291] M. Daniele, et. al., "Textual Conventions for Internet
Network Addresses", RFC 3291, May 2002. Network Addresses", RFC 3291, May 2002.
[SCSI-MIB] M. Hallak-Stamler, et. al., "Definitions of Managed Objects
for SCSI Entities", draft-ietf-ips-scsi-mib-03.txt, June
2002.
[AUTH-MIB] M. Bakke, J. Muchow, "Definitions of Managed Objects for [AUTH-MIB] M. Bakke, J. Muchow, "Definitions of Managed Objects for
User Identity Authentication", draft-ietf-ips-auth- User Identity Authentication", Work in Progress, draft-ietf-
mib-02.txt, September 2002. ips-auth-mib-04.txt, March 2003.
7. Informative References
[RFC1901] J. Case, K. McCloghrie, M. Rose, and S. Waldbusser,
"Introduction to Community-based SNMPv2", RFC 1901, January
1996.
[RFC1906] J. Case, K. McCloghrie, M. Rose, and S. Waldbusser,
"Transport Mappings for Version 2 of the Simple Network
Management Protocol (SNMPv2)", RFC 1906, January 1996.
[RFC2572] J. Case, D. Harrington, R. Presuhn, and B. Wijnen, "Message
Processing and Dispatching for the Simple Network Management
Protocol (SNMP)", RFC 2572, April 1999.
[RFC2574] U. Blumenthal, and B. Wijnen, "User-based Security Model
(USM) for version 3 of the Simple Network Management
Protocol (SNMPv3)", RFC 2574, April 1999.
[RFC1905] J. Case, K. McCloghrie, M. Rose, and S. Waldbusser,
"Protocol Operations for Version 2 of the Simple Network
Management Protocol (SNMPv2)", RFC 1905, January 1996.
[RFC2573] D. Levi, P. Meyer, and B. Stewart, "SNMPv3 Applications",
RFC 2573, April 1999.
[RFC2575] B. Wijnen, R. Presuhn, and K. McCloghrie, "View-based Access 8. Informative References
Control Model (VACM) for the Simple Network Management
Protocol (SNMP)", RFC 2575, April 1999.
[RFC2570] J. Case, R. Mundy, D. Partain, and B. Stewart, "Introduction [RFC3410] J. Case, R. Mundy, D. Partain, and B. Stewart, "Introduction
to Version 3 of the Internet-standard Network Management and Applicability Statements for Internet-Standard
Framework", RFC 2570, April 1999. Management Framework", RFC 3410, December 2002.
[RFC2012] K. McCloghrie, "SNMPv2 Management Information Base for the [RFC2012] K. McCloghrie, "SNMPv2 Management Information Base for the
Transmission Control Protocol using SMIv2", RFC 2012, Transmission Control Protocol using SMIv2", RFC 2012,
November 1996. November 1996.
8. Authors' Addresses [SCSI-MIB] M. Hallak-Stamler, et. al., "Definitions of Managed Objects
for SCSI Entities", Work in Progress, draft-ietf-ips-scsi-
mib-03.txt, June 2002.
9. Authors' Addresses
Mark Bakke Mark Bakke
Postal: Cisco Systems, Inc Postal: Cisco Systems, Inc
6450 Wedgwood Road, Suite 130 6450 Wedgwood Road, Suite 130
Maple Grove, MN Maple Grove, MN
USA 55311 USA 55311
Tel: +1 763-398-1000 Tel: +1 763-398-1000
Fax: +1 763-398-1001 Fax: +1 763-398-1001
E-mail: mbakke@cisco.com E-mail: mbakke@cisco.com
skipping to change at page 71, line 4 skipping to change at page 71, line 38
Tom McSweeney Tom McSweeney
Postal: IBM Corporation Postal: IBM Corporation
600 Park Offices Drive 600 Park Offices Drive
Research Triangle Park, NC Research Triangle Park, NC
USA 27709 USA 27709
Tel: +1-919-254-5634 Tel: +1-919-254-5634
Fax: +1-919-254-0391 Fax: +1-919-254-0391
E-mail: rf42tpme@us.ibm.com E-mail: rf42tpme@us.ibm.com
Jim Muchow Jim Muchow
Postal: Cisco Systems, Inc Postal: Cisco Systems, Inc
6450 Wedgwood Road, Suite 130 6450 Wedgwood Road, Suite 130
Maple Grove, MN Maple Grove, MN
USA 55311 USA 55311
Tel: +1 763-398-1000 Tel: +1 763-398-1000
Fax: +1 763-398-1001 Fax: +1 763-398-1001
E-mail: jmuchow@cisco.com" E-mail: jamesdmuchow@yahoo.com"
9. Full Copyright Notice 10. IPR Notice
Copyright (C) The Internet Society (2001). All Rights Reserved. The IETF takes no position regarding the validity or scope of any
intellectual property or other rights that might be claimed to
pertain to the implementation or use of the technology described in
this document or the extent to which any license under such rights
might or might not be available; neither does it represent that it
has made any effort to identify any such rights. Information on the
IETF's procedures with respect to rights in standards-track and
standards-related documentation can be found in BCP-11. Copies of
claims of rights made
available for publication and any assurances of licenses to be made
available, or the result of an attempt made to obtain a general
license or permission for the use of such proprietary rights by
implementors or users of this specification can be obtained from the
IETF Secretariat.
The IETF invites any interested party to bring to its attention any
copyrights, patents or patent applications, or other proprietary
rights which may cover technology that may be required to practice
this standard. Please address the information to the IETF Executive
Director.
11. Full Copyright Notice
Copyright (C) The Internet Society (2003). All Rights Reserved.
This document and translations of it may be copied and furnished to This document and translations of it may be copied and furnished to
others, and derivative works that comment on or otherwise explain it others, and derivative works that comment on or otherwise explain it
or assist in its implementation may be prepared, copied, published or assist in its implementation may be prepared, copied, published
and distributed, in whole or in part, without restriction of any and distributed, in whole or in part, without restriction of any
kind, provided that the above copyright notice and this paragraph are kind, provided that the above copyright notice and this paragraph are
included on all such copies and derivative works. However, this included on all such copies and derivative works. However, this
document itself may not be modified in any way, such as by removing document itself may not be modified in any way, such as by removing
the copyright notice or references to the Internet Society or other the copyright notice or references to the Internet Society or other
Internet organizations, except as needed for the purpose of Internet organizations, except as needed for the purpose of
developing Internet standards in which case the procedures for developing Internet standards in which case the procedures for
copyrights defined in the Internet Standards process must be copyrights defined in the Internet Standards process must be
followed, or as required to translate it into languages other than followed, or as required to translate it into languages other than
English. English.
The limited permissions granted above are perpetual and will not be The limited permissions granted above are perpetual and will not be
revoked by the Internet Society or its successors or assigns. revoked by the Internet Society or its successors or assigns.
This document and the information contained herein is provided on an
"AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE."
 End of changes. 

This html diff was produced by rfcdiff 1.23, available from http://www.levkowetz.com/ietf/tools/rfcdiff/