home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
OS/2 Shareware BBS: 10 Tools
/
10-Tools.zip
/
iscsiprj.zip
/
draft-ietf-ips-iscsi-mib-04.txt
< prev
next >
Wrap
Text File
|
2002-06-02
|
114KB
|
3,587 lines
Internet Draft Mark Bakke
<draft-ietf-ips-iscsi-mib-04.txt> Jim Muchow
Expires August 2002 Cisco Systems
Marjorie Krueger
Hewlett-Packard
Tom McSweeney
IBM
February 2002
Definitions of Managed Objects for iSCSI
1. Status of this Memo
This document is an Internet-Draft and is in full conformance with
all provisions of Section 10 of RFC2026.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet-
Drafts.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet- Drafts as reference
material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html.
1.1. Copyright Notice
Copyright (C) The Internet Society (2001). All Rights Reserved.
2. Abstract
This memo defines a portion of the Management Information Base (MIB)
for use with network management protocols in TCP/IP based internets.
Bakke, Muchow Expires August 2002 [Page 1]
Internet Draft iSCSI MIB February 2002
In particular it defines objects for managing a client using the
iSCSI (SCSI over TCP) protocol. It is meant to match the latest
version of iSCSI defined in [ISCSI].
3. Acknowledgments
In addition to the authors, several people contributed to the
development of this MIB. Thanks especially to those who took the
time to participate in our weekly conference calls to build our
requirements, object models, table structures, and attributes: John
Hufferd, Tom McSweeney (IBM), Kevin Gibbons (Nishan Systems), Chad
Gregory (Intel), Jack Harwood (EMC), Hari Mudaliar (Adaptec), Ie Wei
Njoo (Agilent), Lawrence Lamers (SAN Valley), Satish Mali (Stonefly
Networks), and William Terrell (Troika).
Special thanks to Tom McSweeney, Ie Wei Njoo, and Kevin Gibbons, who
wrote the descriptions for many of the tables and attributes in this
MIB, and to Keith McCloghrie for serving as advisor to the team.
4. The SNMP Management Framework
The SNMP Management Framework presently consists of five major
components:
o An overall architecture, described in RFC 2571 [RFC2571].
o Mechanisms for describing and naming objects and events for the
purpose of management. The first version of this Structure of
Management Information (SMI) is called SMIv1 and described in
STD 16, RFC 1155 [RFC1155], STD 16, RFC 1212 [RFC1212] and RFC
1215 [RFC1215]. The second version, called SMIv2, is described
in STD 58, RFC 2578 [RFC2578], STD 58, RFC 2579 [RFC2579] and
STD 58, RFC 2580 [RFC2580].
o Message protocols for transferring management information. The
first version of the SNMP message protocol is called SNMPv1 and
described in STD 15, RFC 1157 [RFC1157]. A second version of
the SNMP message protocol, which is not an Internet standards
track protocol, is called SNMPv2c and described in RFC 1901
[RFC1901] and RFC 1906 [RFC1906]. The third version of the
message protocol is called SNMPv3 and described in RFC 1906
[RFC1906], RFC 2572 [RFC2572] and RFC 2574 [RFC2574].
o Protocol operations for accessing management information. The
first set of protocol operations and associated PDU formats is
described in STD 15, RFC 1157 [RFC1157]. A second set of
Bakke, Muchow Expires August 2002 [Page 2]
Internet Draft iSCSI MIB February 2002
protocol operations and associated PDU formats is described in
RFC 1905 [RFC1905].
o A set of fundamental applications described in RFC 2573
[RFC2573] and the view-based access control mechanism described
in RFC 2575 [RFC2575].
A more detailed introduction to the current SNMP Management Framework
can be found in RFC 2570 [RFC2570].
Managed objects are accessed via a virtual information store, termed
the Management Information Base or MIB. Objects in the MIB are
defined using the mechanisms defined in the SMI.
This memo specifies a MIB module that is compliant to the SMIv2. A
MIB conforming to the SMIv1 can be produced through the appropriate
translations. The resulting translated MIB must be semantically
equivalent, except where objects or events are omitted because no
translation is possible (use of Counter64). Some machine readable
information in SMIv2 will be converted into textual descriptions in
SMIv1 during the translation process. However, this loss of machine
readable information is not considered to change the semantics of the
MIB.
5. Relationship to Other MIBs
The iSCSI MIB is layered between the SCSI MIB [SCSI-MIB] (work in
progress) and the TCP MIB [RFC2012], and makes use of the IPS
Identity Authentication MIB [AUTH-MIB] (work in progress). Here is
how the MIBs are related:
SCSI MIB Each iscsiNode, whether it has an initiator role, target
role, or both, is related to one SCSI device within the
SCSI MIB. The iscsiNodeTransportType attribute points to
the SCSI transport object within the SCSI MIB, which in
turn contains an attribute that points back to the
iscsiNode. In this way, a management station can navigate
between the two MIBs.
TCP MIB Each iSCSI connection is related to one transport-level
connection. Currently, iSCSI uses only TCP; the iSCSI
connection is related to a TCP connection using its normal
(protocol, source address, source port, destination
address, destination port) 5-tuple.
AUTH MIB Each iSCSI node that serves a target role can have a list
of authorized initiators. Each of the entries in this list
Bakke, Muchow Expires August 2002 [Page 3]
Internet Draft iSCSI MIB February 2002
points to an identity within the IPS Identity
Authentication MIB that will be allowed to access the
target. iSCSI nodes that serve in an initiator role can
also have a list of authorized targets. Each of the
entries in this list points to an identity within the Auth
MIB to which the initiator should attempt to establish
sessions. The Auth MIB includes information used to
identify initiators and targets by their iSCSI name, IP
address, and/or credentials.
6. Discussion
This MIB structure is intended to satisfy fault, performance, and
security management for an iSCSI implementation. It is structured
around the well-known iSCSI objects, such as targets, initiators,
sessions, connections, and the like.
This MIB may also be used to configure access to iSCSI targets, by
creating iSCSI Portals and authorization list entries.
It is worthwhile to note that this is an iSCSI MIB and as such
reflects only iSCSI objects (real or virtual). This means that this
MIB will not directly deal with real SCSI objects or the SCSI
protocol in general. This are represented within the SCSI MIB (work
in progress)
The iSCSI MIB consists of several "objects", each of which is
represented by one or more tables. This section contains a brief
description of the "object" hierarchy and a description of each
object, followed by a discussion of the actual SNMP table structure
within the objects.
6.1. iSCSI MIB Object Model
The top-level object in this structure is the iSCSI instance, which
"contains" all of the other objects.
iscsiInstance
-- A distinct iSCSI entity within the managed system.
-- Most implementations will have just one of these.
iscsiPortal
-- An IP address used by this instance
iscsiTargetPortal
-- Contains portal information relevant when the portal
-- is used to listen for connections to its targets.
iscsiInitiatorPortal
-- Contains portal information relevant when the portal
Bakke, Muchow Expires August 2002 [Page 4]
Internet Draft iSCSI MIB February 2002
-- is used to initiate connections to other targets.
iscsiNode
-- An iSCSI node can act as an initiator, a target, or both.
-- Contains generic (non-role-specific) information.
iscsiTarget
-- Target-specific iSCSI node information.
iscsiTgtAuth
-- A list of initiator identities that are allowed
-- access to this target.
iscsiInitiator
-- Initiator-specific iSCSI node information.
iscsiIntrAuth
-- A list of target identities to which this initiator
-- is configured to establish sessions.
iscsiSession
-- An active iSCSI session between an initiator and target.
-- The session's direction may be Inbound (outside
-- initiator to our target) or Outbound (our initiator to
-- an outside target).
iscsiConnection
-- An active TCP connection within an iSCSI session
An iSCSI Node can take on an initiator role, a target role, or both.
Multiple iSCSI Portals may be present; these can also take on either
or both of the roles. The MIB assumes that any target may be
accessed via any portal that can take on a target role, although
other access controls not reflected in the MIB might limit this.
Logical Units and LUNs are SCSI-level entities, which are covered in
[SCSI-MIB].
6.2. iSCSI MIB Table Structure
Each iSCSI "object" is comprised of one or more tables: an attributes
table, and zero or more statistics tables which augment the
attributes table. Since iSCSI is an evolving standard, it is much
cleaner to separate statistics and attributes into separate tables,
instead of putting them all into the same table. This allows
attributes and statistics to be added independently, without mixing
them and making them appear messy. In a few cases, there are
multiple categories of statistics that will likely grow; in this
case, an object will contain multiple statistics tables.
iscsiObjects
iscsiDescriptors
iscsiInstance
iscsiInstanceAttributesTable
iscsiInstanceSsnErrorStatsTable
Bakke, Muchow Expires August 2002 [Page 5]
Internet Draft iSCSI MIB February 2002
-- Counts abnormal session terminations
iscsiPortal
iscsiPortalAttributesTable
iscsiTargetPortal
iscsiTgtPortalAttributesTable
iscsiInitiatorPortal
iscsiIntrPortalAttributesTable
iscsiNode
iscsiNodeAttributesTable
iscsiTarget
iscsiTargetAttributesTable
iscsiTargetLoginStatsTable
-- Counts successful and unsuccessful logins
iscsiTargetLogoutStatsTable
-- Counts normal and abnormal logouts
iscsiTgtAuthorization
iscsiTgtAuthAttributesTable
iscsiInitiator
iscsiInitiatorAttributesTable
iscsiInitiatorLoginStatsTable
-- Counts successful and unsuccessful logins
iscsiInitiatorLogoutStatsTable
-- Counts normal and abnormal logouts
iscsiIntrAuthorization
iscsiIntrAuthAttributesTable
iscsiSession
iscsiSessionAttributesTable
iscsiSessionStatsTable
-- Performance-related counts (requests, responses, bytes)
iscsiSessionCxnErrorStatsTable
-- Counts digest errors, connection errors, etc.
iscsiConnection
iscsiConnectionAttributesTable
Note that this MIB does not attempt to count everything that could be
counted; it is designed to include only those counters that would be
useful for identifying performance, security, and fault problems from
a management station.
6.3. iscsiInstance
The iscsiInstanceAttributesTable is the primary table of the iSCSI
MIB. Every table entry in this MIB is "owned" by exactly one iSCSI
instance; all other table entries in the MIB include this table's
index as their primary index.
Most implementations will include just one iSCSI instance row in this
table. However, this table exists to allow for multiple virtual
Bakke, Muchow Expires August 2002 [Page 6]
Internet Draft iSCSI MIB February 2002
instances. For example, many IP routing products now allow multiple
virtual routers. The iSCSI MIB has the same premise; a large system
could be "partitioned" into multiple, distinct virtual systems.
This also allows a single SNMP agent to represent multiple
subsystems, perhaps a set of stackable devices, each of which have
one or even more instances. In an iSCSI host, it allows multiple
vendors' implementations to co-exist under a single SNMP agent; each
could have its own instance.
The instance attributes include the iSCSI vendor and version, as well
as information on the last target or initiator at the other end of a
session that caused a session failure.
The iscsiInstanceSsnErrorStatsTable augments the attributes table,
and provides statistics on session failures due to digest,
connection, or iSCSI format errors.
6.4. iscsiPortal
The iscsiPortalAttributesTable lists iSCSI portals that can either be
used to listen for connections to targets, or initiate connections to
other targets, or both.
Each entry in the table includes an IP address (either v4 or v6), and
a transport protocol (currently only TCP is defined). Each entry
that fulfills an initiator portal role has a corresponding entry in
the iscsiInitiatorPortal table; each entry that has a target portal
role has an entry in the iscsiTargetPortal table. Each portal that
serves both roles has a corresponding entry in each table.
Portal entries, along with their initiator and target portal
counterparts, may be created and destroyed through this MIB by a
management station.
WORK - Need to finalize how portal entries and their corresponding
initiator and target portal entries are created, and document it
here.
WORK When creating a portal entry....
WORK When deleting a portal entry....connections are dropped.
Individual attributes within a portal, initiatorPortal, or
targetPortal entry may not be modified. For instance, changing the IP
address of a portal requires that the portal entries associated with
the old IP address be deleted, and new entries be created (in either
Bakke, Muchow Expires August 2002 [Page 7]
Internet Draft iSCSI MIB February 2002
order).
6.5. iscsiTargetPortal
The iscsiTargetPortalAttributesTable lists local sockets on which the
iSCSI instance is listening for incoming connections to its targets.
Entries in this table use the same indices as their corresponding
entries in the iscsiPortalAttributesTable.
This table contains the TCP (or other protocol) port on which the
socket is listening for incoming connections. It also includes a
portal group aggregation tag; iSCSI target portals within this
instance sharing the same tag can contain connections within the same
session.
This table will usually be empty for iSCSI instances that contain
only initiators (such as iSCSI host driver implementations).
6.6. iscsiInitiatorPortal
The iscsiInitiatorPortalAttributesTable lists the IP addresses from
which the iSCSI instance may initiate connections to other targets.
Entries in this table use the same indices as their corresponding
entries in the iscsiPortalAttributesTable.
Each entry in this table contains a portal group aggregation tag,
indicating which portals an initiator may use together within a
multiple-connection session.
This table will usually be empty for iSCSI instances that contain
only targets (such as most iSCSI devices).
6.7. iscsiNode
The iscsiNodeAttributesTable contains a list of iSCSI nodes, each of
which may have an initiator role, a target role, or both.
This table contains the node's attributes which are common to both
roles, such as its iSCSI Name and alias string. Attributes specific
to initiators or targets are available in the iscsiTarget and
iscsiInitiator objects. Each entry in this table that can fulfill a
target role has a corresponding entry in the iscsiTarget table; each
entry that fulfills an initiator role has an entry in the
iscsiInitiator table. Nodes such as copy managers that can take on
both roles have a corresponding entry in each table.
WORK - We have some new configuration attributes, some of which
Bakke, Muchow Expires August 2002 [Page 8]
Internet Draft iSCSI MIB February 2002
belong in the node, and others of which go into the target. Need to
finish these up and document them.
Each entry in the table also contains a RowPointer to the transport
table entry in the SCSI MIB which this iSCSI node represents.
6.8. iscsiTarget
The iscsiTargetAttributesTable contains a list of iSCSI targets which
may be accessed through the iSCSI instance. Each entry in this table
uses the same index values as its corresponding iscsiNode entry.
This table contains attributes used to indicate the last failure that
was (or should have been) sent as a notification or trap.
This table is augmented by the iscsiTargetLoginStatsTable and the
iscsiTargetLogoutStatsTable, which count the numbers of normal and
abnormal logins and logouts to this target.
6.9. iscsiTgtAuthorization
The iscsiTgtAuthAttributesTable contains an entry for each initiator
identifier that will be allowed to access the target under which it
appears. Each entry contains a RowPointer to a user identity in the
IPS Identity Authentication MIB, which contains the name, address,
and credential information necessary to authenticate the initiator.
6.10. iscsiInitiator
The iscsiInitiatorAttributesTable contains a list of iSCSI initiators
which are used by this iSCSI instance to access targets. Each entry
in this table uses the same index values as its corresponding
iscsiNode entry.
Most implementations will include a single entry in this table,
regardless of the number of physical interfaces the initiator may
use.
This table is augmented by the iscsiInitiatorLoginStatsTable and the
iscsiInitiatorLogoutStatsTable, which count the numbers of normal and
abnormal logins and logouts to this target.
6.11. iscsiIntrAuthorization
The iscsiIntrAuthAttributesTable contains an entry for each target
identifier to which the initiator is configured to establish a
session.
Bakke, Muchow Expires August 2002 [Page 9]
Internet Draft iSCSI MIB February 2002
Each entry contains a RowPointer to a user identity in the IPS
Identity Authentication MIB, which contains the name, address, and
credential information necessary to identify (for discovery purposes)
and authenticate the target.
6.12. iscsiSession
The iscsiSessionAttributesTable contains a set of rows that list the
sessions known to be existing locally for each node in each iSCSI
instance.
The session type for each session indicates whether the session is
used for normal SCSI commands or for discovery using the SendTargets
text command.
The session direction for each session indicates whether it is an
Inbound Session or an Outbound Session. Inbound sessions are from
some other initiator to the target node under which the session
appears. Outbound sessions are from the initiator node under which
the session appears to a target outside this iSCSI instance.
Many attributes may be negotiated when starting an iSCSI session.
Most of these attributes are included in the session object.
Some attributes, such as the integrity and authentication schemes,
have some standard values which can be extended by vendors to include
their own schemes. These contain an object identifier, rather than
the expected enumerated type, to allow these values to be extended by
other MIBs, such as a enterprise MIBs.
The iscsiSessionStatsTable includes statistics related to
performance; counting iSCSI data bytes and PDUs.
For implementations that support error recovery without terminating a
session, the iscsiSessionCxnErrorStatsTable contains counters for the
numbers of digest and connection errors that have occurred within the
session.
6.13. iscsiConnection
The iscsiConnectionAttributesTable contains a list of active
connections within each session. It contains the IP addresses and
TCP (or other protocol) ports of both the local and remote side of
the connection. These may be used to locate other connection-related
information and statistics in the TCP MIB [RFC 2012].
The attributes table also contains a connection state. This state is
not meant to directly map to the state tables included within the
Bakke, Muchow Expires August 2002 [Page 10]
Internet Draft iSCSI MIB February 2002
iSCSI specification; they are meant to be simplified, higher-level
definitions of connection state that provide information more useful
to a user or network manager.
No statistics are kept for connections.
6.14. IP Addresses and TCP Port Numbers
The IP addresses in this MIB are represented by two attributes, one
of type InetAddressType, and the other of type InetAddress. These
are taken from [IPV6MIB], which is an update to [RFC2851] specifying
how to support addresses that may be either IPv4 or IPv6.
The TCP port numbers that appear in a few of the structures are
described as simply port numbers, with a protocol attribute
indicating whether they are TCP ports, or something else. This will
allow the MIB to be compatible with iSCSI over transports other than
TCP in the future.
6.15. Descriptors: Using OIDs in Place of Enumerated Types
The iSCSI MIB has a few attributes, such as the authentication and
digest method attributes, where an enumerated type would work well,
except that an implementation may need to extend the attribute and
add types of its own. To make this work, the MIB defines a set of
object identities within iscsiDescriptors. Each of these object
identities is basically an enumerated type.
Attributes that make use of these object identities have a value
which is an OID instead of an enumerated type. These OIDs can either
indicate the object identities defined in this MIB, or object
identities defined elsewhere, such as in an enterprise MIB. Those
implementations that add their own authentication and digest methods
should also define a corresponding object identity for each of these
methods within their own enterprise MIB, and return its OID whenever
one of these attributes is using that method.
6.16. Notifications
Three notifications are provided. One is sent by an initiator
detecting a critical login failure; another is sent by a target
detecting a critical login failure, and the third is sent upon a
session being terminated due to an abnormal connection or digest
failure. Critical failures are defined as those that may expose
security-related problems that may require immediate action, such as
failures due to authentication, authorization, or negotiation
problems. Attributes in the initiator, target, and instance objects
provide the information necessary to send in the notification, such
Bakke, Muchow Expires August 2002 [Page 11]
Internet Draft iSCSI MIB February 2002
as the initiator or target name and IP address at the other end that
may have caused the failure.
To avoid sending an excessive number of notifications due to multiple
errors counted, an SNMP agent implementing the iSCSI MIB should not
send more than three iSCSI notifications in any 10-second period.
The 3-in-10 rule was chosen because one notification every three
seconds was deemed often enough, but should two or three different
notifications happen at the same time, it would not be desirable to
suppress them. Three notifications in ten seconds is a happy medium,
where a short burst of notifications is allowed, without inundating
the network and/or trap host with a large number of notifications.
Bakke, Muchow Expires August 2002 [Page 12]
Internet Draft iSCSI MIB February 2002
7. MIB Definitions
ISCSI-MIB DEFINITIONS ::= BEGIN
-- 1) still 1 TBDs buried below (just do a editor search)
IMPORTS
MODULE-IDENTITY, OBJECT-TYPE, OBJECT-IDENTITY, NOTIFICATION-TYPE,
Unsigned32, Counter32, Counter64, Gauge32, BITS,
experimental
FROM SNMPv2-SMI
TEXTUAL-CONVENTION, TruthValue, RowPointer, TimeStamp, RowStatus,
AutonomousType
FROM SNMPv2-TC
MODULE-COMPLIANCE, OBJECT-GROUP, NOTIFICATION-GROUP
FROM SNMPv2-CONF
SnmpAdminString
FROM SNMP-FRAMEWORK-MIB -- RFC 2571
-- These are from draft-ietf-ops-rfc2851-update-00.txt
-- You will have to work out the details with your own
-- compiler being because they are so new.
InetAddressType, InetAddress
FROM INET-ADDRESS-MIB
;
iscsiModule MODULE-IDENTITY
LAST-UPDATED "200202040000Z"
ORGANIZATION "IETF IPS Working Group"
CONTACT-INFO
"
Mark Bakke
Postal: Cisco Systems, Inc
6450 Wedgwood Road, Suite 130
Maple Grove, MN
USA 55311
Tel: +1 763-398-1000
Fax: +1 763-398-1001
E-mail: mbakke@cisco.com
Marjorie Krueger
Postal: Hewlett-Packard
Bakke, Muchow Expires August 2002 [Page 13]
Internet Draft iSCSI MIB February 2002
Networked Storage Architecture
Networked Storage Solutions Org.
8000 Foothills Blvd.
Roseville, CA 95747
Tel: +1 916-785-2656
Tel: +1 916-785-0391
Email: marjorie_krueger@hp.com
Jim Muchow
Postal: Cisco Systems, Inc
6450 Wedgwood Road, Suite 130
Maple Grove, MN
USA 55311
Tel: +1 763-398-1000
Fax: +1 763-398-1001
E-mail: jmuchow@cisco.com"
DESCRIPTION
"The iSCSI Protocol MIB module."
REVISION "200202040000Z" -- February 4, 2002
DESCRIPTION
"Initial revision published as RFC xxxx."
-- ::= { mib-2 xx } -- to be assigned by IANA.
::= { experimental 9999 } -- in case you want to COMPILE
iscsiObjects OBJECT IDENTIFIER ::= { iscsiModule 1 }
iscsiNotifications OBJECT IDENTIFIER ::= { iscsiModule 2 }
iscsiConformance OBJECT IDENTIFIER ::= { iscsiModule 3 }
-- Textual Conventions
IscsiTransportProtocols ::= TEXTUAL-CONVENTION
DISPLAY-HINT "d"
STATUS current
DESCRIPTION
"This data type is used to define the transport
protocols that will carry iSCSI PDUs."
REFERENCE
"RFC791, RFC1700
The presently known, officially delegated numbers
can be found at:
Bakke, Muchow Expires August 2002 [Page 14]
Internet Draft iSCSI MIB February 2002
http://www.iana.org/assignments/protocol-numbers
"
SYNTAX INTEGER (0..255)
------------------------------------------------------------------------
iscsiDescriptors OBJECT IDENTIFIER ::= { iscsiObjects 1 }
iscsiHeaderIntegrityTypes OBJECT IDENTIFIER ::= { iscsiDescriptors 1 }
iscsiHdrIntegrityNone OBJECT-IDENTITY
STATUS current
DESCRIPTION
"The authoritative identifier when no integrity
scheme (for either the header or data) is being
used."
REFERENCE "iSCSI Protocol Specification."
::= { iscsiHeaderIntegrityTypes 1 }
iscsiHdrIntegrityCrc32c OBJECT-IDENTITY
STATUS current
DESCRIPTION
"The authoritative identifier when the integrity
scheme (for either the header or data) is CRC-32c."
REFERENCE "iSCSI Protocol Specification."
::= { iscsiHeaderIntegrityTypes 2 }
iscsiDataIntegrityTypes OBJECT IDENTIFIER ::= { iscsiDescriptors 2 }
iscsiDataIntegrityNone OBJECT-IDENTITY
STATUS current
DESCRIPTION
"The authoritative identifier when no integrity
scheme (for either the header or data) is being
used."
REFERENCE "iSCSI Protocol Specification."
::= { iscsiDataIntegrityTypes 1 }
iscsiDataIntegrityCrc32c OBJECT-IDENTITY
STATUS current
DESCRIPTION
"The authoritative identifier when the integrity
scheme (for either the header or data) is CRC-32c."
REFERENCE "iSCSI Protocol Specification."
::= { iscsiDataIntegrityTypes 2 }
----------------------------------------------------------------------
Bakke, Muchow Expires August 2002 [Page 15]
Internet Draft iSCSI MIB February 2002
iscsiInstance OBJECT IDENTIFIER ::= { iscsiObjects 2 }
-- Instance Attributes Table
iscsiInstanceAttributesTable OBJECT-TYPE
SYNTAX SEQUENCE OF IscsiInstanceAttributesEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A list of iSCSI instances present on the system."
::= { iscsiInstance 1 }
iscsiInstanceAttributesEntry OBJECT-TYPE
SYNTAX IscsiInstanceAttributesEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry (row) containing management information applicable
to a particular iSCSI instance."
INDEX { iscsiInstIndex }
::= { iscsiInstanceAttributesTable 1 }
IscsiInstanceAttributesEntry ::= SEQUENCE {
iscsiInstIndex Unsigned32,
iscsiInstDescr SnmpAdminString,
iscsiInstVersionMin INTEGER,
iscsiInstVersionMax INTEGER,
iscsiInstVendorID SnmpAdminString,
iscsiInstVendorVersion SnmpAdminString,
iscsiInstPortalNumber Unsigned32,
iscsiInstNodeNumber Unsigned32,
iscsiInstSessionNumber Unsigned32,
iscsiInstSsnFailures Counter32,
iscsiInstLastSsnFailureType AutonomousType,
iscsiInstLastSsnRmtNodeName SnmpAdminString
}
iscsiInstIndex OBJECT-TYPE
SYNTAX Unsigned32 (1..4294967295)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An arbitrary integer used to uniquely identify a particular
ISCSI instance."
::= { iscsiInstanceAttributesEntry 1 }
iscsiInstDescr OBJECT-TYPE
SYNTAX SnmpAdminString
Bakke, Muchow Expires August 2002 [Page 16]
Internet Draft iSCSI MIB February 2002
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"An octet string, determined by the implementation to describe
the iSCSI instance. When only a single instance is present,
this object may be set to the zero-length string; with multiple
iSCSI instances, it may be used in an implementation-dependent
manner to describe the purpose of the respective instance."
::= { iscsiInstanceAttributesEntry 2 }
iscsiInstVersionMin OBJECT-TYPE
SYNTAX INTEGER (0..255)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Minimum version number of the iSCSI specification supported
by this instance."
::= { iscsiInstanceAttributesEntry 3 }
iscsiInstVersionMax OBJECT-TYPE
SYNTAX INTEGER (0..255)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Maximum version number of the iSCSI specification supported
by this instance."
::= { iscsiInstanceAttributesEntry 4 }
iscsiInstVendorID OBJECT-TYPE
SYNTAX SnmpAdminString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"An octet string describing the manufacturer of the
implementation of this instance."
::= { iscsiInstanceAttributesEntry 5 }
iscsiInstVendorVersion OBJECT-TYPE
SYNTAX SnmpAdminString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"An octet string set by the manufacturer describing the verison
of the implementation of this instance. The format of this string
is determined solely by the manufacturer, and is for informational
purposes only. It is unrelated to the iSCSI specification version
numbers."
::= { iscsiInstanceAttributesEntry 6 }
Bakke, Muchow Expires August 2002 [Page 17]
Internet Draft iSCSI MIB February 2002
iscsiInstPortalNumber OBJECT-TYPE
SYNTAX Unsigned32 (1..4294967295)
UNITS "transport endpoints"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of rows in the iscsiPortalAttributesTable
which are currently associated with this iSCSI instance."
::= { iscsiInstanceAttributesEntry 7 }
iscsiInstNodeNumber OBJECT-TYPE
SYNTAX Unsigned32 (1..4294967295)
UNITS "Internet Network Addresses"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of rows in the iscsiNodeAttributesTable
which are currently associated with this iSCSI instance."
::= { iscsiInstanceAttributesEntry 8 }
iscsiInstSessionNumber OBJECT-TYPE
SYNTAX Unsigned32 (1..4294967295)
UNITS "sessions"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of rows in the iscsiSessionAttributesTable
which are currently associated with this iSCSI instance."
::= { iscsiInstanceAttributesEntry 9 }
iscsiInstSsnFailures OBJECT-TYPE
SYNTAX Counter32
UNITS "sessions"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object counts the number of times a session belonging
to this instance has been failed."
::= { iscsiInstanceAttributesEntry 10 }
iscsiInstLastSsnFailureType OBJECT-TYPE
SYNTAX AutonomousType
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The counter object in the iscsiInstSsnErrorStatsTable
that was incremented when the last session failure occurred.
Bakke, Muchow Expires August 2002 [Page 18]
Internet Draft iSCSI MIB February 2002
If the reason for failure is not found in the
iscsiInstSsnErrorStatsTable, the value { 0.0 } is
used instead."
::= { iscsiInstanceAttributesEntry 11 }
iscsiInstLastSsnRmtNodeName OBJECT-TYPE
SYNTAX SnmpAdminString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"An octet string describing the name of the remote node
from the failed session."
::= { iscsiInstanceAttributesEntry 12 }
-- Instance Session Failure Stats Table
iscsiInstanceSsnErrorStatsTable OBJECT-TYPE
SYNTAX SEQUENCE OF IscsiInstanceSsnErrorStatsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A list of error types that will cause a session failure."
::= { iscsiInstance 2 }
iscsiInstanceSsnErrorStatsEntry OBJECT-TYPE
SYNTAX IscsiInstanceSsnErrorStatsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry (row) containing management information applicable
to a particular iSCSI instance."
AUGMENTS { iscsiInstanceAttributesEntry }
::= { iscsiInstanceSsnErrorStatsTable 1 }
IscsiInstanceSsnErrorStatsEntry ::= SEQUENCE {
iscsiInstSsnDigestErrors Counter32,
iscsiInstSsnCxnTimeoutErrors Counter32,
iscsiInstSsnFormatErrors Counter32
}
iscsiInstSsnDigestErrors OBJECT-TYPE
SYNTAX Counter32
UNITS "sessions"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The count of sessions which were failed due to receipt of a PDU
containing header or data digest errors."
Bakke, Muchow Expires August 2002 [Page 19]
Internet Draft iSCSI MIB February 2002
::= { iscsiInstanceSsnErrorStatsEntry 1 }
iscsiInstSsnCxnTimeoutErrors OBJECT-TYPE
SYNTAX Counter32
UNITS "sessions"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The count of sessions which were failed due to a sequence
exceeding a time limit."
::= { iscsiInstanceSsnErrorStatsEntry 2 }
iscsiInstSsnFormatErrors OBJECT-TYPE
SYNTAX Counter32
UNITS "sessions"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The count of sessions which were failed due to receipt of a PDU
which contained a format error."
::= { iscsiInstanceSsnErrorStatsEntry 3 }
----------------------------------------------------------------------
iscsiPortal OBJECT IDENTIFIER ::= { iscsiObjects 3 }
-- Portal Attributes Table
iscsiPortalAttributesTable OBJECT-TYPE
SYNTAX SEQUENCE OF IscsiPortalAttributesEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A list of transport endpoints (using TCP or another transport
protocol) used by this iSCSI instance. An iSCSI instance may
use a portal to listen for incoming connections to its targets,
to initiate connections to other targets, or both."
::= { iscsiPortal 1 }
iscsiPortalAttributesEntry OBJECT-TYPE
SYNTAX IscsiPortalAttributesEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry (row) containing management information applicable
to a particular portal instance."
INDEX { iscsiInstIndex, iscsiPortalIndex }
::= { iscsiPortalAttributesTable 1 }
Bakke, Muchow Expires August 2002 [Page 20]
Internet Draft iSCSI MIB February 2002
IscsiPortalAttributesEntry ::= SEQUENCE {
iscsiPortalIndex Unsigned32,
iscsiPortalRowStatus RowStatus,
iscsiPortalRoles BITS,
iscsiPortalAddrType InetAddressType,
iscsiPortalAddr InetAddress,
iscsiPortalProtocol IscsiTransportProtocols
}
iscsiPortalIndex OBJECT-TYPE
SYNTAX Unsigned32 (1..4294967295)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An arbitrary integer used to uniquely identify a particular
transport endpoint within this iSCSI instance."
::= { iscsiPortalAttributesEntry 1 }
iscsiPortalRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The status of the row."
::= { iscsiPortalAttributesEntry 2 }
iscsiPortalRoles OBJECT-TYPE
SYNTAX BITS {
targetTypePortal(0),
initiatorTypePortal(1)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"A portal can operate in one or both of two roles:
as a target portal and/or an initiator portal.
When a new iscsiPortalAttributesEntry is to be created,
the agent should use this object as a hint for the
creation of a new iscsiTgtPortalAttributesEntry and/or
iscsiIntrPortalAttributesEntry."
::= { iscsiPortalAttributesEntry 3 }
iscsiPortalAddrType OBJECT-TYPE
SYNTAX InetAddressType
MAX-ACCESS read-create
STATUS current
DESCRIPTION
Bakke, Muchow Expires August 2002 [Page 21]
Internet Draft iSCSI MIB February 2002
"The type of Internet Network Address in the iscsiPortalAddr."
::= { iscsiPortalAttributesEntry 4 }
iscsiPortalAddr OBJECT-TYPE
SYNTAX InetAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The portal's Internet Network Address."
::= { iscsiPortalAttributesEntry 5 }
iscsiPortalProtocol OBJECT-TYPE
SYNTAX IscsiTransportProtocols
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The portal's transport protocol."
DEFVAL { 6 } -- TCP
::= { iscsiPortalAttributesEntry 6 }
----------------------------------------------------------------------
iscsiTargetPortal OBJECT IDENTIFIER ::= { iscsiObjects 4 }
-- Target Portal Attributes Table
iscsiTgtPortalAttributesTable OBJECT-TYPE
SYNTAX SEQUENCE OF IscsiTgtPortalAttributesEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A list of transport endpoints (using TCP or another transport
protocol) on which this iSCSI instance listens for incoming
connections to its targets."
::= { iscsiTargetPortal 1 }
iscsiTgtPortalAttributesEntry OBJECT-TYPE
SYNTAX IscsiTgtPortalAttributesEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry (row) containing management information applicable
to a particular portal instance that is used to listen for
incoming connections to local targets. This row is populated
for each iscsiPortalAttributesEntry row that may be used as
a target portal."
INDEX { iscsiInstIndex, iscsiPortalIndex }
::= { iscsiTgtPortalAttributesTable 1 }
Bakke, Muchow Expires August 2002 [Page 22]
Internet Draft iSCSI MIB February 2002
IscsiTgtPortalAttributesEntry ::= SEQUENCE {
iscsiTgtPortalPort Unsigned32,
iscsiTgtPortalTag INTEGER
}
iscsiTgtPortalPort OBJECT-TYPE
SYNTAX Unsigned32 (1..65535)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The portal's transport protocol port number on which the
portal listens for incoming iSCSI connections when the
portal is used as a target portal."
::= { iscsiTgtPortalAttributesEntry 1 }
iscsiTgtPortalTag OBJECT-TYPE
SYNTAX INTEGER (1..65535)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The portal's aggregation tag when portal is used as
a target portal. Multiple-connection sessions may
be aggregated over portals sharing an identical
aggregation tag."
::= { iscsiTgtPortalAttributesEntry 2 }
----------------------------------------------------------------------
iscsiInitiatorPortal OBJECT IDENTIFIER ::= { iscsiObjects 5 }
-- Initiator Portal Attributes Table
iscsiIntrPortalAttributesTable OBJECT-TYPE
SYNTAX SEQUENCE OF IscsiIntrPortalAttributesEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A list of Internet Network Addresses (using TCP or another
transport protocol) from which this iSCSI instance may
initiate connections to other targets."
::= { iscsiInitiatorPortal 1 }
iscsiIntrPortalAttributesEntry OBJECT-TYPE
SYNTAX IscsiIntrPortalAttributesEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry (row) containing managment information applicable
Bakke, Muchow Expires August 2002 [Page 23]
Internet Draft iSCSI MIB February 2002
to a particular portal instance that is used to initiate
connections to iSCSI targets. This row is populated for
each iscsiPortalAttributesEntry row that may be used as an
initiator portal."
INDEX { iscsiInstIndex, iscsiPortalIndex }
::= { iscsiIntrPortalAttributesTable 1 }
IscsiIntrPortalAttributesEntry ::= SEQUENCE {
iscsiIntrPortalTag INTEGER
}
iscsiIntrPortalTag OBJECT-TYPE
SYNTAX INTEGER (1..65535)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The portal's aggregation tag when the portal is used as
an initiator portal. Multiple-connection sessions may
be aggregated over portals sharing an identical
aggregation tag."
::= { iscsiIntrPortalAttributesEntry 1 }
----------------------------------------------------------------------
iscsiNode OBJECT IDENTIFIER ::= { iscsiObjects 6 }
-- Node Attributes Table
iscsiNodeAttributesTable OBJECT-TYPE
SYNTAX SEQUENCE OF IscsiNodeAttributesEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A list of iSCSI nodes belonging to each iSCSI instance
present on the local system. An iSCSI node can act as
an initiator, a target, or both."
::= { iscsiNode 1 }
iscsiNodeAttributesEntry OBJECT-TYPE
SYNTAX IscsiNodeAttributesEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry (row) containing managment information applicable
to a particular iSCSI node."
INDEX { iscsiInstIndex, iscsiNodeIndex }
::= { iscsiNodeAttributesTable 1 }
Bakke, Muchow Expires August 2002 [Page 24]
Internet Draft iSCSI MIB February 2002
IscsiNodeAttributesEntry ::= SEQUENCE {
iscsiNodeIndex Unsigned32,
iscsiNodeName SnmpAdminString,
iscsiNodeAlias SnmpAdminString,
iscsiNodeRoles BITS,
iscsiNodeTransportType RowPointer
}
iscsiNodeIndex OBJECT-TYPE
SYNTAX Unsigned32 (1..4294967295)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An arbitrary integer used to uniquely identify a particular
node within an iSCSI instance present on the local system."
::= { iscsiNodeAttributesEntry 1 }
iscsiNodeName OBJECT-TYPE
SYNTAX SnmpAdminString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"A character string that is a globally unique identifier for
this iSCSI node. The node name is independent of the location
of the node, and can be resolved into a set of addresses
through various discovery services."
::= { iscsiNodeAttributesEntry 2 }
iscsiNodeAlias OBJECT-TYPE
SYNTAX SnmpAdminString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"A character string that is a human-readable name or
description of the iSCSI node. If configured, this alias
may be communicated to the initiator or target node at
the remote end of the connection during a Login Request
or Response message. This string is not used as an
identifier, but can be displayed by the system's user
interface in a list of initiators and/or targets to
which it is connected.
If no alias is configured, this object is a zero-length
string."
::= { iscsiNodeAttributesEntry 3 }
iscsiNodeRoles OBJECT-TYPE
SYNTAX BITS {
Bakke, Muchow Expires August 2002 [Page 25]
Internet Draft iSCSI MIB February 2002
targetTypeNode(0),
initiatorTypeNode(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"A node can operate as in one or both of two roles:
a target role and/or an initiator role."
::= { iscsiNodeAttributesEntry 4 }
iscsiNodeTransportType OBJECT-TYPE
SYNTAX RowPointer
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"A pointer to the corresponding scsiTrnspt object in
the SCSI MIB (which in turn points to this iSCSI node)
allowing management stations to locate the SCSI-level
Device that is represented by this iscsiNode."
REFERENCE
"SCSI-MIB"
::= { iscsiNodeAttributesEntry 5 }
----------------------------------------------------------------------
iscsiTarget OBJECT IDENTIFIER ::= { iscsiObjects 7 }
-- Target Attributes Table
iscsiTargetAttributesTable OBJECT-TYPE
SYNTAX SEQUENCE OF IscsiTargetAttributesEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry (row) containing managment information applicable
to a particular node that can take on a target role."
::= { iscsiTarget 1 }
iscsiTargetAttributesEntry OBJECT-TYPE
SYNTAX IscsiTargetAttributesEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry (row) containing management information applicable
to a particular target."
INDEX { iscsiInstIndex, iscsiNodeIndex }
::= { iscsiTargetAttributesTable 1 }
Bakke, Muchow Expires August 2002 [Page 26]
Internet Draft iSCSI MIB February 2002
IscsiTargetAttributesEntry ::= SEQUENCE {
iscsiTgtLoginFailures Counter32,
iscsiTgtLastFailureTime TimeStamp,
iscsiTgtLastFailureType AutonomousType,
iscsiTgtLastIntrFailureName SnmpAdminString,
iscsiTgtLastIntrFailureAddrType InetAddressType,
iscsiTgtLastIntrFailureAddr InetAddress
}
iscsiTgtLoginFailures OBJECT-TYPE
SYNTAX Counter32
UNITS "failed login attempts"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object counts the number of times a login attempt to this
local target has failed."
::= { iscsiTargetAttributesEntry 1 }
iscsiTgtLastFailureTime OBJECT-TYPE
SYNTAX TimeStamp
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The timestamp of the most recent failure of a login attempt
to this target. A value of zero indicates that no such
failures have occurred."
::= { iscsiTargetAttributesEntry 2 }
iscsiTgtLastFailureType OBJECT-TYPE
SYNTAX AutonomousType
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The type of the most recent failure of a login attempt
to this target, represented as the OID of the counter
object in iscsiTargetLoginStatsTable for which the
relevant instance was incremented. A value of 0.0
indicates a type which is not represented by any of
the counters in iscsiTargetLoginStatsTable."
::= { iscsiTargetAttributesEntry 3 }
iscsiTgtLastIntrFailureName OBJECT-TYPE
SYNTAX SnmpAdminString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"An octet string giving the name of the initiator
Bakke, Muchow Expires August 2002 [Page 27]
Internet Draft iSCSI MIB February 2002
that failed the last login attempt."
::= { iscsiTargetAttributesEntry 4 }
iscsiTgtLastIntrFailureAddrType OBJECT-TYPE
SYNTAX InetAddressType
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The type of Internet Network Address in
iscsiTgtLastIntrFailureAddr."
::= { iscsiTargetAttributesEntry 5 }
iscsiTgtLastIntrFailureAddr OBJECT-TYPE
SYNTAX InetAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"An Internet Network Address giving the host address
of the initiator that failed the last login attempt."
::= { iscsiTargetAttributesEntry 6 }
-- Target Login Stats Table
iscsiTargetLoginStatsTable OBJECT-TYPE
SYNTAX SEQUENCE OF IscsiTargetLoginStatsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table of counters which keep a record of the results
of initiators' login attempts to this target."
::= { iscsiTarget 2 }
iscsiTargetLoginStatsEntry OBJECT-TYPE
SYNTAX IscsiTargetLoginStatsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry (row) containing counters for each result of
a login attempt to this target."
AUGMENTS { iscsiTargetAttributesEntry }
::= { iscsiTargetLoginStatsTable 1 }
IscsiTargetLoginStatsEntry ::= SEQUENCE {
iscsiTgtLoginAccepts Counter32,
iscsiTgtLoginOtherFails Counter32,
iscsiTgtLoginRedirects Counter32,
iscsiTgtLoginAuthorizeFails Counter32,
iscsiTgtLoginAuthenticateFails Counter32,
Bakke, Muchow Expires August 2002 [Page 28]
Internet Draft iSCSI MIB February 2002
iscsiTgtLoginNegotiateFails Counter32
}
iscsiTgtLoginAccepts OBJECT-TYPE
SYNTAX Counter32
UNITS "successful logins"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The count of Login Response PDUs with status
0x0000, Accept Login, transmitted by this
target."
::= { iscsiTargetLoginStatsEntry 1 }
iscsiTgtLoginOtherFails OBJECT-TYPE
SYNTAX Counter32
UNITS "failed logins"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of Login Response PDUs which were transmitted
by this target, and which were not counted by any other
object in the row."
::= { iscsiTargetLoginStatsEntry 2 }
iscsiTgtLoginRedirects OBJECT-TYPE
SYNTAX Counter32
UNITS "failed logins"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The count of Login Response PDUs with status class 0x01,
Redirection, transmitted by this target."
::= { iscsiTargetLoginStatsEntry 3 }
iscsiTgtLoginAuthorizeFails OBJECT-TYPE
SYNTAX Counter32
UNITS "failed logins"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The count of Login Response PDUs with status 0x0202,
Forbidden Target, transmitted by this target.
If this counter is incremented, an iscsiTgtLoginFailure
notification should be generated."
::= { iscsiTargetLoginStatsEntry 4 }
Bakke, Muchow Expires August 2002 [Page 29]
Internet Draft iSCSI MIB February 2002
iscsiTgtLoginAuthenticateFails OBJECT-TYPE
SYNTAX Counter32
UNITS "failed logins"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The count of Login Response PDUs with status 0x0201,
Authentication Failed, transmitted by this target
If this counter is incremented, an iscsiTgtLoginFailure
notification should be generated."
::= { iscsiTargetLoginStatsEntry 5 }
iscsiTgtLoginNegotiateFails OBJECT-TYPE
SYNTAX Counter32
UNITS "failed logins"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of times a target has effectively refused a
login because the parameter negotiation failed.
[Ed. While this situation can occur, the exact mechanism
is as yet undefined in the iSCSI Protocol Spec.]
If this counter is incremented, an iscsiTgtLoginFailure
notification should be generated."
::= { iscsiTargetLoginStatsEntry 6 }
-- Target Logout Stats Table
iscsiTargetLogoutStatsTable OBJECT-TYPE
SYNTAX SEQUENCE OF IscsiTargetLogoutStatsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"When a target receives a Logout command, it responds
with a Logout Response that carries a status code.
This table contains counters for both normal and
abnormal logout requests received by this target."
::= { iscsiTarget 3 }
iscsiTargetLogoutStatsEntry OBJECT-TYPE
SYNTAX IscsiTargetLogoutStatsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry (row) containing counters of Logout Response
PDUs that were received by this target."
Bakke, Muchow Expires August 2002 [Page 30]
Internet Draft iSCSI MIB February 2002
AUGMENTS { iscsiTargetAttributesEntry }
::= { iscsiTargetLogoutStatsTable 1 }
IscsiTargetLogoutStatsEntry ::= SEQUENCE {
iscsiTgtLogoutNormals Counter32,
iscsiTgtLogoutOthers Counter32
}
iscsiTgtLogoutNormals OBJECT-TYPE
SYNTAX Counter32
UNITS "normal logouts"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The count of Logout Command PDUs received by this target,
with reason code 0 (closes the session)."
::= { iscsiTargetLogoutStatsEntry 1 }
iscsiTgtLogoutOthers OBJECT-TYPE
SYNTAX Counter32
UNITS "abnormal logouts"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The count of Logout Command PDUs received by this target,
with any status code other than 0."
::= { iscsiTargetLogoutStatsEntry 2 }
----------------------------------------------------------------------
iscsiTgtAuthorization OBJECT IDENTIFIER ::= { iscsiObjects 8 }
-- Target Authorization Attributes Table
iscsiTgtAuthAttributesTable OBJECT-TYPE
SYNTAX SEQUENCE OF IscsiTgtAuthAttributesEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A list of initiator identities that are authorized to
access each target node within each iSCSI instance
present on the local system."
::= { iscsiTgtAuthorization 1 }
iscsiTgtAuthAttributesEntry OBJECT-TYPE
SYNTAX IscsiTgtAuthAttributesEntry
MAX-ACCESS not-accessible
STATUS current
Bakke, Muchow Expires August 2002 [Page 31]
Internet Draft iSCSI MIB February 2002
DESCRIPTION
"An entry (row) containing management information
applicable to a particular target node's authorized
initiator identity."
INDEX { iscsiInstIndex, iscsiNodeIndex, iscsiTgtAuthIndex }
::= { iscsiTgtAuthAttributesTable 1 }
IscsiTgtAuthAttributesEntry ::= SEQUENCE {
iscsiTgtAuthIndex Unsigned32,
iscsiTgtAuthRowStatus RowStatus,
iscsiTgtAuthUser RowPointer
}
iscsiTgtAuthIndex OBJECT-TYPE
SYNTAX Unsigned32 (1..4294967295)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An arbitrary integer used to uniquely identify a particular
target's authorized initiator identity within an iSCSI
instance present on the local system."
::= { iscsiTgtAuthAttributesEntry 1 }
iscsiTgtAuthRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The status of the row."
::= { iscsiTgtAuthAttributesEntry 2 }
iscsiTgtAuthUser OBJECT-TYPE
SYNTAX RowPointer
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"A pointer to the corresponding IPS-AUTH MIB user entry
that will be allowed to access this iSCSI target."
::= { iscsiTgtAuthAttributesEntry 3 }
----------------------------------------------------------------------
iscsiInitiator OBJECT IDENTIFIER ::= { iscsiObjects 9 }
-- Initiator Attributes Table
iscsiInitiatorAttributesTable OBJECT-TYPE
SYNTAX SEQUENCE OF IscsiInitiatorAttributesEntry
Bakke, Muchow Expires August 2002 [Page 32]
Internet Draft iSCSI MIB February 2002
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A list of iSCSI nodes that can take on an initiator
role, belonging to each iSCSI instance present on
the local system."
::= { iscsiInitiator 1 }
iscsiInitiatorAttributesEntry OBJECT-TYPE
SYNTAX IscsiInitiatorAttributesEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry (row) containing managment information
applicable to a particular iSCSI node that has
initiator capabilities."
INDEX { iscsiInstIndex, iscsiNodeIndex }
::= { iscsiInitiatorAttributesTable 1 }
IscsiInitiatorAttributesEntry ::= SEQUENCE {
iscsiIntrLoginFailures Counter32,
iscsiIntrLastFailureTime TimeStamp,
iscsiIntrLastFailureType AutonomousType,
iscsiIntrLastTgtFailureName SnmpAdminString,
iscsiIntrLastTgtFailureAddrType InetAddressType,
iscsiIntrLastTgtFailureAddr InetAddress
}
iscsiIntrLoginFailures OBJECT-TYPE
SYNTAX Counter32
UNITS "failed logins"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object counts the number of times a login attempt from this
local initiator has failed."
::= { iscsiInitiatorAttributesEntry 1 }
iscsiIntrLastFailureTime OBJECT-TYPE
SYNTAX TimeStamp
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The timestamp of the most recent failure of a login attempt
from this initiator. A value of zero indicates that no such
failures have occurred."
::= { iscsiInitiatorAttributesEntry 2 }
Bakke, Muchow Expires August 2002 [Page 33]
Internet Draft iSCSI MIB February 2002
iscsiIntrLastFailureType OBJECT-TYPE
SYNTAX AutonomousType
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The type of the most recent failure of a login attempt
from this initiator, represented as the OID of the counter
object in iscsiInitiatorLoginStatsTable for which the
relevant instance was incremented. A value of 0.0
indicates a type which is not represented by any of
the counters in iscsiInitiatorLoginStatsTable."
::= { iscsiInitiatorAttributesEntry 3 }
iscsiIntrLastTgtFailureName OBJECT-TYPE
SYNTAX SnmpAdminString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"An octet string giving the name of the target that failed
the last login attempt."
::= { iscsiInitiatorAttributesEntry 4 }
iscsiIntrLastTgtFailureAddrType OBJECT-TYPE
SYNTAX InetAddressType
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The type of Internet Network Address in iscsiIntrLastTgtFailureAddr."
::= { iscsiInitiatorAttributesEntry 5 }
iscsiIntrLastTgtFailureAddr OBJECT-TYPE
SYNTAX InetAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"An Internet Network Address giving the host address of the target
that failed the last login attempt."
::= { iscsiInitiatorAttributesEntry 6 }
-- Initiator Login Stats Table
iscsiInitiatorLoginStatsTable OBJECT-TYPE
SYNTAX SEQUENCE OF IscsiInitiatorLoginStatsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table of counters which keep track of the results of
this initiator's login attempts."
Bakke, Muchow Expires August 2002 [Page 34]
Internet Draft iSCSI MIB February 2002
::= { iscsiInitiator 2 }
iscsiInitiatorLoginStatsEntry OBJECT-TYPE
SYNTAX IscsiInitiatorLoginStatsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry (row) containing counters of each result
of this initiator's login attempts."
AUGMENTS { iscsiInitiatorAttributesEntry }
::= { iscsiInitiatorLoginStatsTable 1 }
IscsiInitiatorLoginStatsEntry ::= SEQUENCE {
iscsiIntrLoginAcceptRsps Counter32,
iscsiIntrLoginOtherFailRsps Counter32,
iscsiIntrLoginRedirectRsps Counter32,
iscsiIntrLoginAuthFailRsps Counter32,
iscsiIntrLoginAuthenticateFails Counter32,
iscsiIntrLoginNegotiateFails Counter32
}
iscsiIntrLoginAcceptRsps OBJECT-TYPE
SYNTAX Counter32
UNITS "successful logins"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The count of Login Response PDUs with status
0x0000, Accept Login, received by this initiator."
::= { iscsiInitiatorLoginStatsEntry 1 }
iscsiIntrLoginOtherFailRsps OBJECT-TYPE
SYNTAX Counter32
UNITS "failed logins"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The count of Login Response PDUs received by this
initiator with any status code not counted in the
objects below."
::= { iscsiInitiatorLoginStatsEntry 2 }
iscsiIntrLoginRedirectRsps OBJECT-TYPE
SYNTAX Counter32
UNITS "failed logins"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
Bakke, Muchow Expires August 2002 [Page 35]
Internet Draft iSCSI MIB February 2002
"The count of Login Response PDUs with status class 0x01,
Redirection, received by this initiator."
::= { iscsiInitiatorLoginStatsEntry 3 }
iscsiIntrLoginAuthFailRsps OBJECT-TYPE
SYNTAX Counter32
UNITS "failed logins"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The count of Login Response PDUs with status class 0x201,
Authentication Failed, received by this initiator."
::= { iscsiInitiatorLoginStatsEntry 4 }
iscsiIntrLoginAuthenticateFails OBJECT-TYPE
SYNTAX Counter32
UNITS "failed logins"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of times the initiator has aborted a
login because the target could not be authenticated.
No response is generated.
If this counter is incremented, an iscsiIntrLoginFailure
notification should be generated."
::= { iscsiInitiatorLoginStatsEntry 5 }
iscsiIntrLoginNegotiateFails OBJECT-TYPE
SYNTAX Counter32
UNITS "failed logins"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of times the initiator has aborted a
login because parameter negotiation with the target
failed.
No response is generated.
If this counter is incremented, an iscsiIntrLoginFailure
notification should be generated."
::= { iscsiInitiatorLoginStatsEntry 6 }
-- Initiator Logout Stats Table
iscsiInitiatorLogoutStatsTable OBJECT-TYPE
Bakke, Muchow Expires August 2002 [Page 36]
Internet Draft iSCSI MIB February 2002
SYNTAX SEQUENCE OF IscsiInitiatorLogoutStatsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"When an initiator attempts send a Logout command, the target
responds with a Logout Response that carries a status code.
This table contains a list of counters of Logout Response
PDUs of each status code, that were received by each
initiator belonging to this iSCSI instance present on this
system."
::= { iscsiInitiator 3 }
iscsiInitiatorLogoutStatsEntry OBJECT-TYPE
SYNTAX IscsiInitiatorLogoutStatsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry (row) containing counters of Logout Response
PDUs of each status code, that were generated by this
initiator."
AUGMENTS { iscsiInitiatorAttributesEntry }
::= { iscsiInitiatorLogoutStatsTable 1 }
IscsiInitiatorLogoutStatsEntry ::= SEQUENCE {
iscsiIntrLogoutNormals Counter32,
iscsiIntrLogoutOthers Counter32
}
iscsiIntrLogoutNormals OBJECT-TYPE
SYNTAX Counter32
UNITS "normal logouts"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The count of Logout Command PDUs generated by this initiator
with reason code 0 (closes the session)."
::= { iscsiInitiatorLogoutStatsEntry 1 }
iscsiIntrLogoutOthers OBJECT-TYPE
SYNTAX Counter32
UNITS "abnormal logouts"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The count of Logout Command PDUs generated by this initiator
with any status code other than 0."
::= { iscsiInitiatorLogoutStatsEntry 2 }
Bakke, Muchow Expires August 2002 [Page 37]
Internet Draft iSCSI MIB February 2002
----------------------------------------------------------------------
iscsiIntrAuthorization OBJECT IDENTIFIER ::= { iscsiObjects 10 }
-- Initiator Authorization Attributes Table
iscsiIntrAuthAttributesTable OBJECT-TYPE
SYNTAX SEQUENCE OF IscsiIntrAuthAttributesEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A list of target identities which each initiator
on the local system may access."
::= { iscsiIntrAuthorization 1 }
iscsiIntrAuthAttributesEntry OBJECT-TYPE
SYNTAX IscsiIntrAuthAttributesEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry (row) containing managment information applicable
to a particular initiator node's authorized target identity."
INDEX { iscsiInstIndex, iscsiNodeIndex, iscsiIntrAuthIndex }
::= { iscsiIntrAuthAttributesTable 1 }
IscsiIntrAuthAttributesEntry ::= SEQUENCE {
iscsiIntrAuthIndex Unsigned32,
iscsiIntrAuthRowStatus RowStatus,
iscsiIntrAuthUser RowPointer
}
iscsiIntrAuthIndex OBJECT-TYPE
SYNTAX Unsigned32 (1..4294967295)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An arbitrary integer used to uniquely identify a
particular initiator node's authorized target
identity within an iSCSI instance present on the
local system."
::= { iscsiIntrAuthAttributesEntry 1 }
iscsiIntrAuthRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The status of the row."
Bakke, Muchow Expires August 2002 [Page 38]
Internet Draft iSCSI MIB February 2002
::= { iscsiIntrAuthAttributesEntry 2 }
iscsiIntrAuthUser OBJECT-TYPE
SYNTAX RowPointer
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"A pointer to the corresponding IPS-AUTH MIB user entry
to which this initiator node should attempt to establish
an iSCSI session."
REFERENCE
"IPS-AUTH MIB"
::= { iscsiIntrAuthAttributesEntry 3 }
----------------------------------------------------------------------
iscsiSession OBJECT IDENTIFIER ::= { iscsiObjects 11 }
-- Session Attributes Table
iscsiSessionAttributesTable OBJECT-TYPE
SYNTAX SEQUENCE OF IscsiSessionAttributesEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A list of sessions belonging to each iSCSI instance
present on the system."
::= { iscsiSession 1 }
iscsiSessionAttributesEntry OBJECT-TYPE
SYNTAX IscsiSessionAttributesEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry (row) containing management information applicable
to a particular session."
INDEX { iscsiInstIndex, iscsiNodeIndex, iscsiSsnIndex }
::= { iscsiSessionAttributesTable 1 }
IscsiSessionAttributesEntry ::= SEQUENCE {
iscsiSsnIndex Unsigned32,
iscsiSsnDirection INTEGER,
iscsiSsnInitiatorName SnmpAdminString,
iscsiSsnTargetName SnmpAdminString,
iscsiSsnTsid INTEGER,
iscsiSsnIsid OCTET STRING,
iscsiSsnInitiatorAlias SnmpAdminString,
iscsiSsnTargetAlias SnmpAdminString,
Bakke, Muchow Expires August 2002 [Page 39]
Internet Draft iSCSI MIB February 2002
iscsiSsnInitialR2t TruthValue,
iscsiSsnBidiInitialR2t TruthValue,
iscsiSsnImmediateData TruthValue,
iscsiSsnType INTEGER,
iscsiSsnMaxOutstandingR2t INTEGER,
iscsiSsnFirstBurstSize INTEGER,
iscsiSsnMaxBurstSize INTEGER,
iscsiSsnConnectionNumber Gauge32,
iscsiSsnMaxConnections Gauge32,
iscsiSsnAuthMethod AutonomousType,
iscsiSsnDataSequenceInOrder TruthValue,
iscsiSsnDataPduInOrder TruthValue,
iscsiSsnLogoutLoginMaxTime INTEGER,
iscsiSsnErrorRecoveryLevel INTEGER
}
iscsiSsnIndex OBJECT-TYPE
SYNTAX Unsigned32 (1..4294967295)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An arbitrary integer used to uniquely identify a
particular session within an iSCSI instance present
on the local system."
::= { iscsiSessionAttributesEntry 1 }
iscsiSsnDirection OBJECT-TYPE
SYNTAX INTEGER {
inboundSession(1),
outboundSession(2)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Direction of iSCSI session:
InboundSession - session is established from an external
initiator to a target within this iSCSI
instance.
OutboundSession - session is established from an initiator
within this iSCSI instance to an external
target."
::= { iscsiSessionAttributesEntry 2 }
iscsiSsnInitiatorName OBJECT-TYPE
SYNTAX SnmpAdminString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
Bakke, Muchow Expires August 2002 [Page 40]
Internet Draft iSCSI MIB February 2002
"If iscsiSsnDirection is Inbound, this object is an
octet string that will contain the name of the remote
initiator.
If iscsiSsnDirection is Outbound, this object will
contain a zero-length string."
::= { iscsiSessionAttributesEntry 3 }
iscsiSsnTargetName OBJECT-TYPE
SYNTAX SnmpAdminString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"If iscsiSsnDirection is Outbound, this object is an
octet string that will contain the name of the remote
target.
If iscsiSsnDirection is Inbound, this object will
contain a zero-length string."
::= { iscsiSessionAttributesEntry 4 }
iscsiSsnTsid OBJECT-TYPE
SYNTAX INTEGER (1..65535)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The target-defined portion of the iSCSI Session ID."
::= { iscsiSessionAttributesEntry 5 }
iscsiSsnIsid OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(6))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The initiator-defined portion of the iSCSI Session ID."
::= { iscsiSessionAttributesEntry 6 }
iscsiSsnInitiatorAlias OBJECT-TYPE
SYNTAX SnmpAdminString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"An octet string that gives the alias communicated by the
initiator end of the session during the login phase.
If no alias exists, the value is a zero-length string."
::= { iscsiSessionAttributesEntry 7 }
Bakke, Muchow Expires August 2002 [Page 41]
Internet Draft iSCSI MIB February 2002
iscsiSsnTargetAlias OBJECT-TYPE
SYNTAX SnmpAdminString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"An octet string that gives the alias communicated by the
target end of the session during the login phase.
If no alias exists, the value is a zero-length string."
::= { iscsiSessionAttributesEntry 8 }
iscsiSsnInitialR2t OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"If set to true, indicates that the initiator must wait
for an R2T before sending to the target. If set to false,
the initiator may send data immediately, within limits set
by iscsiSsnFirstBurstSize and the expected data transfer
length of the request.
Default is true."
::= { iscsiSessionAttributesEntry 9 }
iscsiSsnBidiInitialR2t OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"If set to true, indicates that the initiator must wait
for an R2T before sending data to the target within a
bi-directional (both read and write) request. If false,
the initiator may send unsolicited write data as part
of the request."
::= { iscsiSessionAttributesEntry 10 }
iscsiSsnImmediateData OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Indicates whether the initiator and target have agreed to support
immediate commands on this session."
::= { iscsiSessionAttributesEntry 11 }
iscsiSsnType OBJECT-TYPE
SYNTAX INTEGER {
Bakke, Muchow Expires August 2002 [Page 42]
Internet Draft iSCSI MIB February 2002
normalSession(1),
discoverySession(2)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Type of iSCSI session:
normalSession - session is a normal iSCSI session
discoverySession - session is being used only for discovery."
::= { iscsiSessionAttributesEntry 12 }
iscsiSsnMaxOutstandingR2t OBJECT-TYPE
SYNTAX INTEGER (1..65535)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The maximum number of outstanding request-to-transmit
(R2T)s per task within this session."
::= { iscsiSessionAttributesEntry 13 }
iscsiSsnFirstBurstSize OBJECT-TYPE
SYNTAX INTEGER (0..8388480)
UNITS "bytes"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The maximum length supported for unsolicited data sent
within this session.
Note that the size of reported in bytes even though
the negotiation is in 512k blocks."
::= { iscsiSessionAttributesEntry 14 }
iscsiSsnMaxBurstSize OBJECT-TYPE
SYNTAX INTEGER (0..33553920)
UNITS "bytes"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The maximum number of bytes which can be sent within
a single sequence of Data-In or Data-Out PDUs."
::= { iscsiSessionAttributesEntry 15 }
iscsiSsnConnectionNumber OBJECT-TYPE
SYNTAX Gauge32 (1..65535)
UNITS "connections"
MAX-ACCESS read-only
STATUS current
Bakke, Muchow Expires August 2002 [Page 43]
Internet Draft iSCSI MIB February 2002
DESCRIPTION
"The number of transport protocol connections that currently
belong to this session."
::= { iscsiSessionAttributesEntry 16 }
iscsiSsnMaxConnections OBJECT-TYPE
SYNTAX Gauge32 (1..65535)
UNITS "connections"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The maximum number of connections that will be allowed
within this session."
::= { iscsiSessionAttributesEntry 17 }
iscsiSsnAuthMethod OBJECT-TYPE
SYNTAX AutonomousType
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object contains an OBJECT IDENTIFIER
which identifies the authentication method
being used on this session, as communicated
during the login phase.
Some standardized values for this object are defined
within the ipsAuthMethodTypes subtree in the
IPS-AUTH MIB."
REFERENCE
"IPS-AUTH MIB"
::= { iscsiSessionAttributesEntry 18 }
iscsiSsnDataSequenceInOrder OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"False indicates that iSCSI data PDU sequences may
be transferred in any order. True indicates that
data PDU sequences must be tranferred using
continuously increasing offsets, except during
error recovery."
::= { iscsiSessionAttributesEntry 19 }
iscsiSsnDataPduInOrder OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-only
STATUS current
Bakke, Muchow Expires August 2002 [Page 44]
Internet Draft iSCSI MIB February 2002
DESCRIPTION
"False indicates that iSCSI data PDUs within sequences
may be in any order. True indicates that data PDUs
within sequences must be at continuously increasing
addresses, with no gaps or overlay between PDUs.
Default is true."
::= { iscsiSessionAttributesEntry 20 }
iscsiSsnLogoutLoginMaxTime OBJECT-TYPE
SYNTAX INTEGER (2..2600)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The time, in seconds, for which the target will
keep connection and session state for possible
recovery after a connection termination or reset."
::= { iscsiSessionAttributesEntry 21 }
iscsiSsnErrorRecoveryLevel OBJECT-TYPE
SYNTAX INTEGER (0..255)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The level of error recovery negotiated between
the initiator and the target. Higher numbers
represent more detailed recovery schemes."
::= { iscsiSessionAttributesEntry 22 }
-- Session Stats Table
iscsiSessionStatsTable OBJECT-TYPE
SYNTAX SEQUENCE OF IscsiSessionStatsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A list of general iSCSI traffic counters for each of the
sessions present on the system."
::= { iscsiSession 2 }
iscsiSessionStatsEntry OBJECT-TYPE
SYNTAX IscsiSessionStatsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry (row) containing general iSCSI traffic counters
for a particular session."
AUGMENTS { iscsiSessionAttributesEntry }
Bakke, Muchow Expires August 2002 [Page 45]
Internet Draft iSCSI MIB February 2002
::= { iscsiSessionStatsTable 1 }
IscsiSessionStatsEntry ::= SEQUENCE {
iscsiSsnCmdPdus Counter32,
iscsiSsnRspPdus Counter32,
iscsiSsnTxDataOctets Counter64,
iscsiSsnRxDataOctets Counter64
}
iscsiSsnCmdPdus OBJECT-TYPE
SYNTAX Counter32
UNITS "PDUs"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The count of Command PDUs transferred on this session."
::= { iscsiSessionStatsEntry 1 }
iscsiSsnRspPdus OBJECT-TYPE
SYNTAX Counter32
UNITS "PDUs"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The count of Response PDUs transferred on this session."
::= { iscsiSessionStatsEntry 2 }
iscsiSsnTxDataOctets OBJECT-TYPE
SYNTAX Counter64
UNITS "octets"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The count of data octets that were transmitted by
the local iSCSI node on this session."
::= { iscsiSessionStatsEntry 3 }
iscsiSsnRxDataOctets OBJECT-TYPE
SYNTAX Counter64
UNITS "octets"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The count of data octets that were received by
the local iSCSI node on this session."
::= { iscsiSessionStatsEntry 4 }
-- Session Connection Error Stats Table
Bakke, Muchow Expires August 2002 [Page 46]
Internet Draft iSCSI MIB February 2002
iscsiSessionCxnErrorStatsTable OBJECT-TYPE
SYNTAX SEQUENCE OF IscsiSessionCxnErrorStatsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A list of error counters for each of the sessions
present on this system."
::= { iscsiSession 3 }
iscsiSessionCxnErrorStatsEntry OBJECT-TYPE
SYNTAX IscsiSessionCxnErrorStatsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry (row) containing error counters for
a particular session."
AUGMENTS { iscsiSessionAttributesEntry }
::= { iscsiSessionCxnErrorStatsTable 1 }
IscsiSessionCxnErrorStatsEntry ::= SEQUENCE {
iscsiSsnDigestErrors Counter32,
iscsiSsnCxnTimeoutErrors Counter32
}
iscsiSsnDigestErrors OBJECT-TYPE
SYNTAX Counter32
UNITS "PDUs"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The count of PDUs which were received on the session and
contained header or data digest errors."
::= { iscsiSessionCxnErrorStatsEntry 1 }
iscsiSsnCxnTimeoutErrors OBJECT-TYPE
SYNTAX Counter32
UNITS "sequences"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
-- TBD No resolution yet that I can remember
"This is the count of sequences which exceeded their
time limit."
::= { iscsiSessionCxnErrorStatsEntry 2 }
----------------------------------------------------------------------
iscsiConnection OBJECT IDENTIFIER ::= { iscsiObjects 12 }
Bakke, Muchow Expires August 2002 [Page 47]
Internet Draft iSCSI MIB February 2002
-- Connection Attributes Table
iscsiConnectionAttributesTable OBJECT-TYPE
SYNTAX SEQUENCE OF IscsiConnectionAttributesEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A list of connections belonging to each iSCSI instance
present on the system."
::= { iscsiConnection 1 }
iscsiConnectionAttributesEntry OBJECT-TYPE
SYNTAX IscsiConnectionAttributesEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry (row) containing management information applicable
to a particular connection."
INDEX { iscsiInstIndex, iscsiNodeIndex, iscsiSsnIndex, iscsiCxnIndex }
::= { iscsiConnectionAttributesTable 1 }
IscsiConnectionAttributesEntry ::= SEQUENCE {
iscsiCxnIndex Unsigned32,
iscsiCxnCid INTEGER,
iscsiCxnState INTEGER,
iscsiCxnLocalAddrType InetAddressType,
iscsiCxnLocalAddr InetAddress,
iscsiCxnProtocol IscsiTransportProtocols,
iscsiCxnLocalPort Unsigned32,
iscsiCxnRemoteAddrType InetAddressType,
iscsiCxnRemoteAddr InetAddress,
iscsiCxnRemotePort Unsigned32,
iscsiCxnDataPduLength INTEGER,
iscsiCxnHeaderIntegrity AutonomousType,
iscsiCxnDataIntegrity AutonomousType
}
iscsiCxnIndex OBJECT-TYPE
SYNTAX Unsigned32 (1..4294967295)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An arbitrary integer used to uniquely identify a
particular connection of a particular session within
an iSCSI instance present on the local system."
::= { iscsiConnectionAttributesEntry 1 }
iscsiCxnCid OBJECT-TYPE
Bakke, Muchow Expires August 2002 [Page 48]
Internet Draft iSCSI MIB February 2002
SYNTAX INTEGER (1..65535)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The iSCSI Connection ID for this connection."
::= { iscsiConnectionAttributesEntry 2 }
iscsiCxnState OBJECT-TYPE
SYNTAX INTEGER {
login(1),
full(2),
logout(3)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The current state of this connection, from an iSCSI negotiation
point of view. Here are the states:
login - The transport protocol connection has been established,
but a valid iSCSI login response with the final bit set
has not been sent or received.
full - A valid iSCSI login response with the final bit set
has been sent or received.
logout - A valid iSCSI logout command has been sent or
received, but the transport protocol connection has
not yet been closed."
::= { iscsiConnectionAttributesEntry 3 }
iscsiCxnLocalAddrType OBJECT-TYPE
SYNTAX InetAddressType
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The type of Internet Network Address in iscsiCxnLocalAddr."
::= { iscsiConnectionAttributesEntry 4 }
iscsiCxnLocalAddr OBJECT-TYPE
SYNTAX InetAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The local Internet Network Address used by this connection."
::= { iscsiConnectionAttributesEntry 5 }
iscsiCxnProtocol OBJECT-TYPE
SYNTAX IscsiTransportProtocols
MAX-ACCESS read-only
Bakke, Muchow Expires August 2002 [Page 49]
Internet Draft iSCSI MIB February 2002
STATUS current
DESCRIPTION
"The transport protocol over which this connection is
running."
DEFVAL { 6 } -- TCP
::= { iscsiConnectionAttributesEntry 6 }
iscsiCxnLocalPort OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The local transport protocol port used by this connection."
::= { iscsiConnectionAttributesEntry 7 }
iscsiCxnRemoteAddrType OBJECT-TYPE
SYNTAX InetAddressType
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The type of Internet Network Address in iscsiCxnRemoteAddr."
::= { iscsiConnectionAttributesEntry 8 }
iscsiCxnRemoteAddr OBJECT-TYPE
SYNTAX InetAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The remote Internet Network Address used by this connection."
::= { iscsiConnectionAttributesEntry 9 }
iscsiCxnRemotePort OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The remote transport protocol port used by this connection."
::= { iscsiConnectionAttributesEntry 10 }
iscsiCxnDataPduLength OBJECT-TYPE
SYNTAX INTEGER (0..33553920)
UNITS "bytes"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The maximum data payload size supported for command
or data PDUs within this session.
Bakke, Muchow Expires August 2002 [Page 50]
Internet Draft iSCSI MIB February 2002
Note that the size of reported in bytes even though
the negotiation is in 512k blocks."
::= { iscsiConnectionAttributesEntry 11 }
iscsiCxnHeaderIntegrity OBJECT-TYPE
SYNTAX AutonomousType
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object contains an OBJECT IDENTIFIER
which identifies the iSCSI header digest scheme
in use within this session.
Some standardized values for this object are defined
within the iscsiHeaderIntegrityTypes subtree."
::= { iscsiConnectionAttributesEntry 12 }
iscsiCxnDataIntegrity OBJECT-TYPE
SYNTAX AutonomousType
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object contains an OBJECT IDENTIFIER
which identifies the iSCSI data digest scheme
in use within this session.
Some standardized values for this object are defined
within the iscsiDataIntegrityTypes subtree."
::= { iscsiConnectionAttributesEntry 13 }
------------------------------------------------------------------------
-- Notifications
iscsiNotificationsPrefix OBJECT IDENTIFIER ::= { iscsiNotifications 0 }
iscsiTgtLoginFailure NOTIFICATION-TYPE
OBJECTS {
iscsiTgtLoginFailures,
iscsiTgtLastFailureType,
iscsiTgtLastIntrFailureName,
iscsiTgtLastIntrFailureAddrType,
iscsiTgtLastIntrFailureAddr
}
STATUS current
DESCRIPTION
"Sent when a login is failed by a target.
Bakke, Muchow Expires August 2002 [Page 51]
Internet Draft iSCSI MIB February 2002
The implementation of this trap should not send more than
3 notifications of this type in any 10 second time span."
::= { iscsiNotificationsPrefix 1 }
iscsiIntrLoginFailure NOTIFICATION-TYPE
OBJECTS {
iscsiIntrLoginFailures,
iscsiIntrLastFailureType,
iscsiIntrLastTgtFailureName,
iscsiIntrLastTgtFailureAddrType,
iscsiIntrLastTgtFailureAddr
}
STATUS current
DESCRIPTION
"Sent when a login is failed by a initiator.
The implementation of this trap should not send more than
3 notifications of this type in any 10 second time span."
::= { iscsiNotificationsPrefix 2 }
iscsiInstSessionFailure NOTIFICATION-TYPE
OBJECTS {
iscsiInstSsnFailures,
iscsiInstLastSsnFailureType,
iscsiInstLastSsnRmtNodeName
}
STATUS current
DESCRIPTION
"Sent when an active session is failed by either the initiator
or the target.
The implementation of this trap should not send more than
3 notifications of this type in any 10 second time span."
::= { iscsiNotificationsPrefix 3 }
------------------------------------------------------------------------
-- Conformance Statements
iscsiGroups OBJECT IDENTIFIER ::= { iscsiConformance 1 }
iscsiInstanceAttributesGroup OBJECT-GROUP
OBJECTS {
iscsiInstDescr,
iscsiInstVersionMin,
iscsiInstVersionMax,
iscsiInstVendorID,
iscsiInstVendorVersion,
Bakke, Muchow Expires August 2002 [Page 52]
Internet Draft iSCSI MIB February 2002
iscsiInstPortalNumber,
iscsiInstNodeNumber,
iscsiInstSessionNumber,
iscsiInstSsnFailures,
iscsiInstLastSsnFailureType,
iscsiInstLastSsnRmtNodeName
}
STATUS current
DESCRIPTION
"A collection of objects providing information about iSCSI
instances."
::= { iscsiGroups 1 }
iscsiInstanceSsnErrorStatsGroup OBJECT-GROUP
OBJECTS {
iscsiInstSsnDigestErrors,
iscsiInstSsnCxnTimeoutErrors,
iscsiInstSsnFormatErrors
}
STATUS current
DESCRIPTION
"A collection of objects providing information about
errors that have caused a session failure for an
iSCSI instance."
::= { iscsiGroups 2 }
iscsiPortalAttributesGroup OBJECT-GROUP
OBJECTS {
iscsiPortalRowStatus,
iscsiPortalRoles,
iscsiPortalAddrType,
iscsiPortalAddr,
iscsiPortalProtocol
}
STATUS current
DESCRIPTION
"A collection of objects providing information about
the transport protocol endpoints of the local targets."
::= { iscsiGroups 3 }
iscsiTgtPortalAttributesGroup OBJECT-GROUP
OBJECTS {
iscsiTgtPortalPort,
iscsiTgtPortalTag
}
STATUS current
DESCRIPTION
"A collection of objects providing information about
Bakke, Muchow Expires August 2002 [Page 53]
Internet Draft iSCSI MIB February 2002
the transport protocol endpoints of the local targets."
::= { iscsiGroups 4 }
iscsiIntrPortalAttributesGroup OBJECT-GROUP
OBJECTS {
iscsiIntrPortalTag
}
STATUS current
DESCRIPTION
"A collection of objects providing information about
the Internet Network Addresses of the local initiators."
::= { iscsiGroups 5 }
iscsiNodeAttributesGroup OBJECT-GROUP
OBJECTS {
iscsiNodeName,
iscsiNodeAlias,
iscsiNodeRoles,
iscsiNodeTransportType
}
STATUS current
DESCRIPTION
"A collection of objects providing information about all
local targets."
::= { iscsiGroups 6 }
iscsiTargetAttributesGroup OBJECT-GROUP
OBJECTS {
iscsiTgtLoginFailures,
iscsiTgtLastFailureTime,
iscsiTgtLastFailureType,
iscsiTgtLastIntrFailureName,
iscsiTgtLastIntrFailureAddrType,
iscsiTgtLastIntrFailureAddr
}
STATUS current
DESCRIPTION
"A collection of objects providing information about all
local targets."
::= { iscsiGroups 7 }
iscsiTargetLoginStatsGroup OBJECT-GROUP
OBJECTS {
iscsiTgtLoginAccepts,
iscsiTgtLoginOtherFails,
iscsiTgtLoginRedirects,
iscsiTgtLoginAuthorizeFails,
iscsiTgtLoginAuthenticateFails,
Bakke, Muchow Expires August 2002 [Page 54]
Internet Draft iSCSI MIB February 2002
iscsiTgtLoginNegotiateFails
}
STATUS current
DESCRIPTION
"A collection of objects providing information about all
login attempts by remote initiators to local targets."
::= { iscsiGroups 8 }
iscsiTargetLogoutStatsGroup OBJECT-GROUP
OBJECTS {
iscsiTgtLogoutNormals,
iscsiTgtLogoutOthers
}
STATUS current
DESCRIPTION
"A collection of objects providing information about all
logout events between remote initiators to local targets."
::= { iscsiGroups 9 }
iscsiTargetAuthGroup OBJECT-GROUP
OBJECTS {
iscsiTgtAuthRowStatus,
iscsiTgtAuthUser
}
STATUS current
DESCRIPTION
"."
::= { iscsiGroups 10 }
iscsiInitiatorAttributesGroup OBJECT-GROUP
OBJECTS {
iscsiIntrLoginFailures,
iscsiIntrLastFailureTime,
iscsiIntrLastFailureType,
iscsiIntrLastTgtFailureName,
iscsiIntrLastTgtFailureAddrType,
iscsiIntrLastTgtFailureAddr
}
STATUS current
DESCRIPTION
"A collection of objects providing information about
all local initiators."
::= { iscsiGroups 11 }
iscsiInitiatorLoginStatsGroup OBJECT-GROUP
OBJECTS {
iscsiIntrLoginAcceptRsps,
iscsiIntrLoginOtherFailRsps,
Bakke, Muchow Expires August 2002 [Page 55]
Internet Draft iSCSI MIB February 2002
iscsiIntrLoginRedirectRsps,
iscsiIntrLoginAuthFailRsps,
iscsiIntrLoginAuthenticateFails,
iscsiIntrLoginNegotiateFails
}
STATUS current
DESCRIPTION
"A collection of objects providing information about all
login attempts by local initiators to remote targets."
::= { iscsiGroups 12 }
iscsiInitiatorLogoutStatsGroup OBJECT-GROUP
OBJECTS {
iscsiIntrLogoutNormals,
iscsiIntrLogoutOthers
}
STATUS current
DESCRIPTION
"A collection of objects providing information about all
logout events between local initiators to remote targets."
::= { iscsiGroups 13 }
iscsiInitiatorAuthGroup OBJECT-GROUP
OBJECTS {
iscsiIntrAuthRowStatus,
iscsiIntrAuthUser
}
STATUS current
DESCRIPTION
"."
::= { iscsiGroups 14 }
iscsiSessionAttributesGroup OBJECT-GROUP
OBJECTS {
iscsiSsnDirection,
iscsiSsnInitiatorName,
iscsiSsnTargetName,
iscsiSsnTsid,
iscsiSsnIsid,
iscsiSsnInitiatorAlias,
iscsiSsnTargetAlias,
iscsiSsnInitialR2t,
iscsiSsnBidiInitialR2t,
iscsiSsnImmediateData,
iscsiSsnType,
iscsiSsnMaxOutstandingR2t,
iscsiSsnFirstBurstSize,
iscsiSsnMaxBurstSize,
Bakke, Muchow Expires August 2002 [Page 56]
Internet Draft iSCSI MIB February 2002
iscsiSsnConnectionNumber,
iscsiSsnMaxConnections,
iscsiSsnAuthMethod,
iscsiSsnDataSequenceInOrder,
iscsiSsnDataPduInOrder,
iscsiSsnLogoutLoginMaxTime,
iscsiSsnErrorRecoveryLevel
}
STATUS current
DESCRIPTION
"A collection of objects providing information applicable to
all sessions."
::= { iscsiGroups 15 }
iscsiSessionStatsGroup OBJECT-GROUP
OBJECTS {
iscsiSsnCmdPdus,
iscsiSsnRspPdus,
iscsiSsnTxDataOctets,
iscsiSsnRxDataOctets
}
STATUS current
DESCRIPTION
"A collection of objects providing information about message
and data traffic for all sessions."
::= { iscsiGroups 16 }
iscsiSessionCxnErrorStatsGroup OBJECT-GROUP
OBJECTS {
iscsiSsnDigestErrors,
iscsiSsnCxnTimeoutErrors
}
STATUS current
DESCRIPTION
"A collection of objects providing information about connection
errors for all sessions."
::= { iscsiGroups 17 }
iscsiConnectionAttributesGroup OBJECT-GROUP
OBJECTS {
iscsiCxnCid,
iscsiCxnState,
iscsiCxnProtocol,
iscsiCxnLocalAddrType,
iscsiCxnLocalAddr,
iscsiCxnLocalPort,
iscsiCxnRemoteAddrType,
iscsiCxnRemoteAddr,
Bakke, Muchow Expires August 2002 [Page 57]
Internet Draft iSCSI MIB February 2002
iscsiCxnRemotePort,
iscsiCxnDataPduLength,
iscsiCxnHeaderIntegrity,
iscsiCxnDataIntegrity
}
STATUS current
DESCRIPTION
"A collection of objects providing information about all
connections used by all sessions."
::= { iscsiGroups 18 }
iscsiTgtLgnNotificationsGroup NOTIFICATION-GROUP
NOTIFICATIONS {
iscsiTgtLoginFailure
}
STATUS current
DESCRIPTION
"A collection of notifications which indicate a login
failure from a remote initiator to a local target."
::= { iscsiGroups 19 }
iscsiIntrLgnNotificationsGroup NOTIFICATION-GROUP
NOTIFICATIONS {
iscsiIntrLoginFailure
}
STATUS current
DESCRIPTION
"A collection of notifications which indicate a login
failure from a local initiator to a remote target."
::= { iscsiGroups 20 }
iscsiSsnFlrNotificationsGroup NOTIFICATION-GROUP
NOTIFICATIONS {
iscsiInstSessionFailure
}
STATUS current
DESCRIPTION
"A collection of notifications which indicate session
failures occurring after login."
::= { iscsiGroups 21 }
------------------------------------------------------------------------
iscsiCompliances OBJECT IDENTIFIER ::= { iscsiConformance 2 }
iscsiComplianceV1 MODULE-COMPLIANCE
STATUS current
DESCRIPTION
Bakke, Muchow Expires August 2002 [Page 58]
Internet Draft iSCSI MIB February 2002
"Initial version of compliance statement based on
initial version of MIB.
If an implementation can be both a target and an
initiator, all groups are mandatory."
MODULE -- this module
MANDATORY-GROUPS {
iscsiInstanceAttributesGroup,
iscsiPortalAttributesGroup,
iscsiNodeAttributesGroup,
iscsiSessionAttributesGroup,
iscsiSessionStatsGroup,
iscsiSessionCxnErrorStatsGroup,
iscsiConnectionAttributesGroup,
iscsiSsnFlrNotificationsGroup
}
-- Conditionally mandatory groups to be included with
-- the mandatory groups when the implementation has
-- iSCSI target facilities.
GROUP iscsiTgtPortalAttributesGroup
DESCRIPTION
"This group is mandatory for all iSCSI implementations
that have iSCSI target facilities."
GROUP iscsiTargetAttributesGroup
DESCRIPTION
"This group is mandatory for all iSCSI implementations
that have iSCSI target facilities."
GROUP iscsiTargetLoginStatsGroup
DESCRIPTION
"This group is mandatory for all iSCSI implementations
that have iSCSI target facilities."
GROUP iscsiTargetLogoutStatsGroup
DESCRIPTION
"This group is mandatory for all iSCSI implementations
that have iSCSI target facilities."
GROUP iscsiTgtLgnNotificationsGroup
DESCRIPTION
"This group is mandatory for all iSCSI implementations
that have iSCSI target facilities."
GROUP iscsiTargetAuthGroup
DESCRIPTION
Bakke, Muchow Expires August 2002 [Page 59]
Internet Draft iSCSI MIB February 2002
"This group is mandatory for all iSCSI implementations
that have iSCSI target facilities."
-- Conditionally mandatory groups to be included with
-- the mandatory groups when the implementation has
-- iSCSI initiator facilities.
GROUP iscsiIntrPortalAttributesGroup
DESCRIPTION
"This group is mandatory for all iSCSI implementations
that have iSCSI initiator facilities."
GROUP iscsiInitiatorAttributesGroup
DESCRIPTION
"This group is mandatory for all iSCSI implementations
that have iSCSI initiator facilities."
GROUP iscsiInitiatorLoginStatsGroup
DESCRIPTION
"This group is mandatory for all iSCSI implementations
that have iSCSI initiator facilities."
GROUP iscsiInitiatorLogoutStatsGroup
DESCRIPTION
"This group is mandatory for all iSCSI implementations
that have iSCSI initiator facilities."
GROUP iscsiIntrLgnNotificationsGroup
DESCRIPTION
"This group is mandatory for all iSCSI implementations
that have iSCSI initiator facilities."
GROUP iscsiInitiatorAuthGroup
DESCRIPTION
"This group is mandatory for all iSCSI implementations
that have iSCSI initiator facilities."
::= { iscsiCompliances 1 }
END
8. Security Considerations
There are a number of management objects defined in this MIB that
have a MAX-ACCESS clause of read-write and/or read-create. Such
objects may be considered sensitive or vulnerable in some network
Bakke, Muchow Expires August 2002 [Page 60]
Internet Draft iSCSI MIB February 2002
environments. The support for SET operations in a non-secure
environment without proper protection can have a negative effect on
network operations.
Information gleaned from this MIB could be used to make connections
to the iSCSI targets it represents. However, it is the responsbility
of the initiators and targets involved to authenticate each other to
ensure that an inappropriately advertised or discovered initiator or
target does not compromise their security. These issues are
discussed in [ISCSI].
SNMPv1 by itself is not a secure environment. Even if the network
itself is secure (for example by using IPSec), even then, there is no
control as to who on the secure network is allowed to access and
GET/SET (read/change/create/delete) the objects in this MIB.
It is recommended that the implementers consider the security
features as provided by the SNMPv3 framework. Specifically, the use
of the User-based Security Model RFC 2574 [RFC2574] and the View-
based Access Control Model RFC 2575 [RFC2575] is recommended.
It is then a customer/user responsibility to ensure that the SNMP
entity giving access to an instance of this MIB, is properly
configured to give access to the objects only to those principals
(users) that have legitimate rights to indeed GET or SET
(change/create/delete) them.
9. References
[ISCSI] Satran, J., et. al., "iSCSI", draft-ietf-ips-iSCSI-10,
January 2002.
[RFC2571] Harrington, D., Presuhn, R., and B. Wijnen, "An Architecture
for Describing SNMP Management Frameworks", RFC 2571, April
1999.
[RFC1155] Rose, M., and K. McCloghrie, "Structure and Identification
of Management Information for TCP/IP-based Internets", STD
16, RFC 1155, May 1990.
[RFC1212] Rose, M., and K. McCloghrie, "Concise MIB Definitions", STD
16, RFC 1212, March 1991.
[RFC1215] M. Rose, "A Convention for Defining Traps for use with the
SNMP", RFC 1215, March 1991.
[RFC2578] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J.,
Rose, M., and S. Waldbusser, "Structure of Management
Bakke, Muchow Expires August 2002 [Page 61]
Internet Draft iSCSI MIB February 2002
Information Version 2 (SMIv2)", STD 58, RFC 2578, April
1999.
[RFC2579] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J.,
Rose, M., and S. Waldbusser, "Textual Conventions for
SMIv2", STD 58, RFC 2579, April 1999.
[RFC2580] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J.,
Rose, M., and S. Waldbusser, "Conformance Statements for
SMIv2", STD 58, RFC 2580, April 1999.
[RFC1157] Case, J., Fedor, M., Schoffstall, M., and J. Davin, "Simple
Network Management Protocol", STD 15, RFC 1157, May 1990.
[RFC1901] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser,
"Introduction to Community-based SNMPv2", RFC 1901, January
1996.
[RFC1906] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser,
"Transport Mappings for Version 2 of the Simple Network
Management Protocol (SNMPv2)", RFC 1906, January 1996.
[RFC2572] Case, J., Harrington D., Presuhn R., and B. Wijnen, "Message
Processing and Dispatching for the Simple Network Management
Protocol (SNMP)", RFC 2572, April 1999.
[RFC2574] Blumenthal, U., and B. Wijnen, "User-based Security Model
(USM) for version 3 of the Simple Network Management
Protocol (SNMPv3)", RFC 2574, April 1999.
[RFC1905] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser,
"Protocol Operations for Version 2 of the Simple Network
Management Protocol (SNMPv2)", RFC 1905, January 1996.
[RFC2573] Levi, D., Meyer, P., and B. Stewart, "SNMPv3 Applications",
RFC 2573, April 1999.
[RFC2575] Wijnen, B., Presuhn, R., and K. McCloghrie, "View-based
Access Control Model (VACM) for the Simple Network
Management Protocol (SNMP)", RFC 2575, April 1999.
[RFC2570] Case, J., Mundy, R., Partain, D., and B. Stewart,
"Introduction to Version 3 of the Internet-standard Network
Management Framework", RFC 2570, April 1999.
[RFC2012] McCloghrie, K., "SNMPv2 Management Information Base for the
Transmission Control Protocol using SMIv2", RFC 2012,
November 1996.
Bakke, Muchow Expires August 2002 [Page 62]
Internet Draft iSCSI MIB February 2002
[RFC2851] Daniele, M., et. al., "Textual Conventions for Internet
Network Addresses", RFC 2851, June 2000.
[IPV6MIB] Daniele, M., et. al., "Textual Conventions for Internet
Network Addresses", draft-ietf-ops-rfc2851-update-06.txt,
December 2001.
[SCSI-MIB] Hallak-Stamler, M., et. al., "Definitions of Managed Objects
for SCSI Entities", draft-ietf-ips-scsi-mib-02.txt, February
2002.
[AUTH-MIB] Bakke, M., et. al., "Definitions of Managed Objects for User
Identity Authentication", draft-ietf-ips-auth-mib-00.txt,
February 2002.
10. Authors' Addresses
Mark Bakke
Postal: Cisco Systems, Inc
6450 Wedgwood Road, Suite 130
Maple Grove, MN
USA 55311
Tel: +1 763-398-1000
Fax: +1 763-398-1001
E-mail: mbakke@cisco.com
Marjorie Krueger
Postal: Hewlett-Packard
Networked Storage Architecture
Networked Storage Solutions Org.
8000 Foothills Blvd.
Roseville, CA
USA 95747
Tel: +1 916-785-2656
Tel: +1 916-785-0391
Email: marjorie_krueger@hp.com
Bakke, Muchow Expires August 2002 [Page 63]
Internet Draft iSCSI MIB February 2002
Tom McSweeney
Postal: IBM Corporation
600 Park Offices Drive
Research Triangle Park, NC
USA 27709
Tel: +1-919-254-5634
Fax: +1-919-254-0391
E-mail: rf42tpme@us.ibm.com
Jim Muchow
Postal: Cisco Systems, Inc
6450 Wedgwood Road, Suite 130
Maple Grove, MN
USA 55311
Tel: +1 763-398-1000
Fax: +1 763-398-1001
E-mail: jmuchow@cisco.com"
Bakke, Muchow Expires August 2002 [Page 64]