JavaScript is required to for searching.
Skip Navigation Links
Exit Print View
Oracle Solaris SAN Configuration and Multipathing Guide     Oracle Solaris 10 1/13 Information Library
search filter icon
search icon

Document Information

Preface

1.  Solaris I/0 Multipathing Overview

2.  Configuring Solaris I/O Multipathing Features

3.  Configuring Fabric-Connected Devices

4.  Configuring Oracle Solaris iSCSI Initiators

Oracle Solaris iSCSI Technology (Overview)

Identifying Solaris iSCSI Software and Hardware Requirements

Oracle Solaris iSCSI Terminology

Recommended iSCSI Configuration Practices

Configuring Solaris iSCSI Initiators

Configuring Dynamic or Static Target Discovery

How to Configure an iSCSI Initiator and Target Discovery

How to Access iSCSI Disks

How to Access iSCSI Disks Upon Reboot

How to Remove Discovered iSCSI Targets

Configuring Authentication in Your iSCSI-Based Storage Network

How to Configure CHAP Authentication for Your iSCSI Initiator

How to Configure CHAP Authentication for Your iSCSI Target

Using a Third-Party RADIUS Server to Simplify CHAP Management in Your iSCSI Configuration

Oracle Solaris iSCSI and RADIUS Server Error Messages

Setting Up Solaris iSCSI Multipathed Devices

How to Enable Multiple iSCSI Sessions for a Target

Monitoring Your iSCSI Configuration

Modifying iSCSI Initiator and Target Parameters

How to Modify iSCSI Initiator and Target Parameters

Troubleshooting iSCSI Configuration Problems

No Connections to the iSCSI Target From the Local System

How to Troubleshoot iSCSI Connection Problems

iSCSI Device or Disk Is Not Available on the Local System

How to Troubleshoot iSCSI Device or Disk Unavailability

Use LUN Masking When Using the iSNS Discovery Method

General iSCSI Error Messages

5.  Configuring SAS Domains

6.  Configuring IPFC SAN Devices

7.  Booting the Oracle Solaris OS From Fibre Channel Devices on x86 Based Systems

8.  Persistent Binding for Tape Devices

A.  Manual Configuration for Fabric-Connected Devices

B.  Supported FC-HBA API

C.  Troubleshooting Multipathing-Related Problems

Index

Configuring Solaris iSCSI Initiators

This is a general list of tasks associated with configuring Solaris iSCSI initiators. Some of the tasks are optional depending on your network configuration needs. Some of the links below will take you to separate documents that describe network configuration and initiator configuration.

Configuring Dynamic or Static Target Discovery

Determine whether you want to configure one of the dynamic device discovery methods or use static iSCSI initiator targets to perform device discovery.


Note - Do not configure an iSCSI target to be discovered by both static and dynamic device discovery methods. The consequence of using redundant discovery methods might be slow performance when the initiator is communicating with the iSCSI target device.


How to Configure an iSCSI Initiator and Target Discovery

Part of the initiator configuration process is to identify the iSCSI target discovery method, which presents an initiator with a list of available targets. You can configure iSCSI targets for static, SendTargets, or iSNS dynamic discovery. Dynamic discovery using the SendTargets option is the optimum configuration for an iSCSI initiator that accesses a large number of targets, such over an iSCSI to Fibre Channel bridge. SendTargets dynamic discovery requires the IP address and port combination of the iSCSI target for the iSCSI initiator to perform the target discovery. The most common discovery method is SendTargets.

When configuring the target discovery method, you must provide the following information, depending on which method you choose:

For more information about configuring target discovery methods, see Configuring Dynamic or Static Target Discovery.

  1. Become superuser.
  2. Verify the target's name and IP address while logged in to the server that is providing the target.
    target# ifconfig -a
    lo0: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 index 1
            inet 127.0.0.1 netmask ff000000 
    ce0: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2
            inet 1.2.3.4 netmask ffffff00 broadcast 1.2.3.4
            ether 0:3:ba:64:cb:1f 
    target# iscsitadm list target -v sanbox
    Target: sanbox
        iSCSI Name: iqn.1986-03.com.sun:02:62d527ac-076d-ea1b-ff4f-cbfca3b12345.sanbox
        Connections: 0
        ACL list:
        TPGT list:
        LUN information:
            LUN: 0
                GUID: 600144f05059f7dd000003ba64ca1b00
                VID: SUN
                PID: SOLARIS
                Type: disk
                Size: 2.0G
                Status: unknown
  3. Configure the target to be statically discovered.
    initiator# iscsiadm add static-config iqn.1986-03.com.sun:02:62d527ac-076d-ea1b-ff4f-cbfca3b12345.sanbox,
    1.2.3.4
  4. Review the static configuration information.
    initiator# iscsiadm list static-config

    The iSCSI connection is not initiated until the discovery method is enabled. See the next step.

  5. Configure one of the following target discovery methods:
    • If you have configured a dynamically discovered (SendTargets) target, configure the SendTargets discovery method.

      initiator# iscsiadm add discovery-address 1.2.3.4
    • If you have configured a dynamically discovered (iSNS) target, configure the iSNS discovery method.

      initiator# iscsiadm add isns-server 1.2.3.4
  6. Enable one of the following the target discovery methods:
    • If you have configured a dynamically discovered (SendTargets) target, enable the SendTargets discovery method.

      initiator# iscsiadm modify discovery --sendtargets enable
    • If you have configured a dynamically discovered (iSNS) target, enable the iSNS discovery method.

      initiator# iscsiadm modify discovery --iSNS enable
    • If you have configured static targets, enable the static target discovery method.

      initiator# iscsiadm modify discovery --static enable
  7. Reconfigure the /dev namespace to recognize the iSCSI disk, if necessary.
    initiator# devfsadm -i iscsi

How to Access iSCSI Disks

If you want to access the iSCSI disks upon reboot, create the file system on the disk, and add an /etc/vfstab entry as you would with a UFS file system on a SCSI device. Then, create a new SMF service for mounting iSCSI disks that depends on the iSCSI initiator service. For more information, see How to Access iSCSI Disks Upon Reboot.

After the devices have been discovered by the Solaris iSCSI initiator, the login negotiation occurs automatically. The Solaris iSCSI driver determines the number of available LUNs and creates the device nodes. Then, the iSCSI devices can be treated as any other SCSI device.

You can view the iSCSI disks on the local system by using the format utility.

In the following format output, disks 2 and 3 are iSCSI LUNs that are not under MPxIO control. Disks 21 and 22 are iSCSI LUNs under MPxIO control.

initiator# format
AVAILABLE DISK SELECTIONS:
       0. c0t1d0 <SUN72G cyl 14087 alt 2 hd 24 sec 424>
          /pci@8,600000/SUNW,qlc@4/fp@0,0/ssd@w500000e010685cf1,0
       1. c0t2d0 <SUN72G cyl 14087 alt 2 hd 24 sec 424>
          /pci@8,600000/SUNW,qlc@4/fp@0,0/ssd@w500000e0106e3ba1,0
       2. c3t0d0 <ABCSTORAGE-100E-00-2.2 cyl 20813 alt 2 hd 16 sec 63>
          /iscsi/disk@0000iqn.2001-05.com.abcstorage%3A6-8a0900-477d70401-
           b0fff044352423a2-hostname-020000,0
       3. c3t1d0 <ABCSTORAGE-100E-00-2.2 cyl 20813 alt 2 hd 16 sec 63>
           /iscsi/disk@0000iqn.2001-05.com.abcstorage%3A6-8a0900-3fcd70401 
           -085ff04434f423a2-hostname-010000,0
.
.
.
      21. c4t60A98000686F694B2F59775733426B77d0 <ABCSTORAGE-LUN-0.2 cyl  
          4606 alt 2 hd 16 sec 256>
          /scsi_vhci/ssd@g60a98000686f694b2f59775733426b77
      22. c4t60A98000686F694B2F59775733434C41d0 <ABCSTORAGE-LUN-0.2 cyl  
          4606 alt 2 hd 16 sec 256>
          /scsi_vhci/ssd@g60a98000686f694b2f59775733434c41

How to Access iSCSI Disks Upon Reboot

Follow the steps below to access iSCSI disks after the system is rebooted.

  1. Become superuser.
  2. Add entries for the iSCSI LUN(s) to the /etc/vfstab file. Set the mount at boot option to iscsi.
    initiator# vi /etc/vfstab
    #device         device          mount           FS      fsck    mount   mount
    #to mount       to fsck         point           type    pass    at boot options
    #
    /dev/dsk/c3t600144F04B555F370000093D00495B00d0s0        -       /mnt    ufs     -       no      -

How to Remove Discovered iSCSI Targets

After removing a discovery address, iSNS server, or static configuration, or after disabling a discovery method, the associated targets are logged out. If these associated targets are still in use, for example, they have mounted file systems, the logout of these devices will fail, and they will remain on the active target list.

This optional procedure assumes that you are logged in to the local system where access to an iSCSI target device has already been configured.

  1. Become superuser.
  2. (Optional) Disable an iSCSI target discovery method using one of the following:
    • If you need to disable the SendTargets discovery method, use the following command:

      initiator# iscsiadm modify discovery --sendtargets disable
    • If you need to disable the iSNS discovery method, use the following command:

      initiator# iscsiadm modify discovery --iSNS disable
    • If you need to disable the static target discovery method, use the following command:

      initiator# iscsiadm modify discovery --static disable
  3. Remove an iSCSI device discovery entry using one of the following:
    • Remove an iSCSI SendTargets discovery entry.

      For example:

      initiator# iscsiadm remove discovery-address 10.0.0.1:3260
    • Remove an iSCSI iSNS discovery entry.

      For example:

      # iscsiadm remove isns-server 10.0.0.1:3205
    • Remove a static iSCSI discovery entry.

      For example:

      initiator# iscsiadm remove static-config iqn.1986-03.com.sun:02:62d527ac-076d-ea1b-ff4f-cbfca3b12345.sanpool,
      1.2.3.4:3260

    Note - If you attempt to disable or remove a discovery entry that has an associated logical unit in use, the disable or remove operation fails with the following message:

    logical unit in use

    If this errors occurs, stop all associated I/O on the logical unit, unmount the file systems, and so on. Then, repeat the disable or remove operation.


  4. Remove the iSCSI target device.

    Remove a target by specifying the logical unit number (LUN). If you did not specify a LUN when the target was created, a value of 0 was used. LUN 0 must be the last LUN removed if multiple LUNs are associated with a target.

    For example:

    initiator# iscsitadm delete target --lun 0 sandbox

Configuring Authentication in Your iSCSI-Based Storage Network

Setting up authentication for your iSCSI devices is optional.

In a secure environment, authentication is not required because only trusted initiators can access the targets.

In a less secure environment, the target cannot determine if a connection request is truly from a given host. In that case, the target can authenticate an initiator by using the Challenge-Handshake Authentication Protocol (CHAP).

CHAP authentication uses the notion of a challenge and response, which means that the target challenges the initiator to prove its identity. For the challenge/response method to work, the target must know the initiator's secret key, and the initiator must be set up to respond to a challenge. Refer to the array vendor's documentation for instructions on setting up the secret key on the array.

iSCSI supports unidirectional and bidirectional authentication as follows:

How to Configure CHAP Authentication for Your iSCSI Initiator

This procedure assumes that you are logged in to the local system where you want to securely access the configured iSCSI target device.

You can simplify CHAP secret key management by using a third-party RADIUS server, which acts as a centralized authentication service. When you use RADIUS, the RADIUS server stores the set of node names and matching CHAP secret keys. The system performing the authentication forwards the node name of the requester and the supplied secret of the requester to the RADIUS server. The RADIUS server confirms whether the secret key is the appropriate key to authenticate the given node name. Both iSCSI and iSER support the use of a RADIUS server.

For more information about using a third-party RADIUS server, see Using a Third-Party RADIUS Server to Simplify CHAP Management in Your iSCSI Configuration.

  1. Become superuser.
  2. Determine whether you want to configure unidirectional or bidirectional CHAP.
    • Unidirectional authentication, the default method, enables the target to validate the initiator. Complete steps 3–5 only.

    • Bidirectional authentication adds a second level of security by enabling the initiator to authenticate the target. Complete steps 3–9.

  3. Unidirectional CHAP: Set the secret key on the initiator.

    The following command initiates a dialogue to define the CHAP secret key:

    initiator# iscsiadm modify initiator-node --CHAP-secret
    Enter CHAP secret: ************
    Re-enter secret: ************
  4. (Optional) Unidirectional CHAP: Set the CHAP user name on the initiator.

    By default, the initiator's CHAP user name is set to the initiator node name.

    Use the following command to use your own initiator CHAP user name:

    initiator# iscsiadm modify initiator-node --CHAP-name new-CHAP-name
  5. Unidirectional CHAP – Enable CHAP authentication on the initiator.
    initiator# iscsiadm modify initiator-node --authentication CHAP

    CHAP requires that the initiator node have both a user name and a password. The user name is typically used by the target to look up the secret key for the given user name.

  6. Select one of the following to enable or disable bidirectional CHAP.
    • Enable bidirectional CHAP for connections with the target.

      initiator# iscsiadm modify target-param -B enable target-iqn
    • Disable bidirectional CHAP.

      initiator# iscsiadm modify target-param -B disable target-iqn
  7. Bidirectional CHAP: Set the authentication method to CHAP for the target.
    initiator# iscsiadm modify target-param --authentication CHAP target-iqn
  8. Bidirectional CHAP: Set the target device secret key that identifies the target.

    The following command initiates a dialogue to define the CHAP secret key:

    initiator# iscsiadm modify target-param --CHAP-secret target-iqn
  9. Bidirectional CHAP: If the target uses an alternate CHAP user name, set the CHAP name that identifies the target.

    By default, the target's CHAP name is set to the target name.

    You can use the following command to change the target's CHAP name:

    initiator# iscsiadm modify target-param --CHAP-name target-CHAP-name

How to Configure CHAP Authentication for Your iSCSI Target

This procedure assumes that you are logged in to the local system that contains the iSCSI targets.

  1. Become superuser.
  2. Determine whether you want to configure unidirectional or bidirectional CHAP.
    • Unidirectional authentication is the default method. Complete steps 3–5 only.

    • For bidirectional authentication. Complete steps 3–7.

  3. Unidirectional/Bidirectional CHAP: Configure the target to require that initiators identify themselves using CHAP.
    target# itadm modify-target -a chap target-iqn
  4. Unidirectional/Bidirectional CHAP: Create an initiator context that describes the initiator.

    Create the initiator context with the initiator's full node name and with the initiator's CHAP secret key.

    target# itadm create-initiator -s initiator-iqn
    Enter CHAP secret: ************
    Re-enter secret: ************
  5. Unidirectional/Bidirectional CHAP: If the initiator uses an alternate CHAP name, then configure the initiator-context with the alternate name.
    target# itadm modify-initiator -u initiator-CHAP-name initiator-iqn
  6. Bidirectional CHAP: Set the target device secret key that identifies this target.
    target# itadm modify-target -s target-iqn
    Enter CHAP secret: ************
    Re-enter secret: ************
  7. (Optional) Bidirectional CHAP: If the target uses an alternate CHAP user name other than the target node name (iqn), modify the target.
    target# itadm modify-target -u target-CHAP-name target-iqn

Using a Third-Party RADIUS Server to Simplify CHAP Management in Your iSCSI Configuration

You can use a third-party RADIUS server that acts as a centralized authentication service to simplify CHAP key secret management. With this method, the recommended practice is to use the default CHAP name for each initiator node. In the common case when all initiators are using the default CHAP name, you do not have to create initiator contexts on the target.

How to Configure a RADIUS Server for Your iSCSI Target

You can use a third-party RADIUS server that acts as a centralized authentication service to simplify CHAP key secret management. With this method, the recommended practice is to use the default CHAP name for each initiator node. In the common case when all initiators are using the default CHAP name, you do not have to create initiator contexts on the target.

This procedure assumes that you are logged in to the local system where you want to securely access the configured iSCSI target device.

  1. Become superuser.
  2. Configure the initiator node with the IP address and the port of the RADIUS server.

    The default port is 1812. This configuration is completed once for all iSCSI targets on the target system.

    initiator# itadm modify-defaults -r RADIUS-server-IP-address
    Enter RADIUS secret: ************
    Re-enter secret: ************
  3. Configure the shared secret key that is used for communication between the target system and the RADIUS server.
    initiator# itadm modify-defaults -d
    Enter RADIUS secret: ************
    Re-enter secret: ************
  4. Configure the target system to require RADIUS authentication.

    This configuration can be performed for an individual target or as a default for all targets.

    initiator# itadm modify-target -a radius target-iqn
  5. Configure the RADIUS server with the following components:
    • The identity of the target node (for example, its IP address)

    • The shared secret key that the target node uses to communicate with the RADIUS server

    • The initiator's CHAP name (for example, it's iqn name) and the secret key for each initiator that needs to be authenticated

How to Configure a RADIUS Server for Your iSCSI Initiator

You can use a third-party RADIUS server that acts as a centralized authentication service to simplify CHAP secret key management. This setup is only useful when the initiator is requesting bidirectional CHAP authentication. You must still specify the initiator's CHAP secret key, but you are not required to specify the CHAP secret key for each target on an initiator when using bidirectional authentication with a RADIUS server. RADIUS can be independently configured on either the initiator or the target. The initiator and the target do not have to use RADIUS.

  1. Become superuser.
  2. Configure the initiator node with the IP address and the port of the RADIUS server.

    The default port is 1812.

    # iscsiadm modify initiator-node --radius-server ip-address:1812
  3. Configure the initiator node with the shared secret key of the RADIUS server.

    The RADIUS server must be configured with a shared secret for iSCSI to interact with the server.

    # iscsiadm modify initiator-node --radius-shared-secret
    Enter secret:
    Re-enter secret
  4. Enable the use of the RADIUS server.
    # iscsiadm modify initiator-node --radius-access enable
  5. Set up the other aspects of CHAP bidirectional authentication.
    # iscsiadm modify initiator-node --authentication CHAP
    # iscsiadm modify target-param --bi-directional-authentication enable target-iqn
    # iscsiadm modify target-param --authentication CHAP target-iqn
  6. Configure the RADIUS server with the following components:
    • The identity of this node (for example, its IP address)

    • The shared secret key that this node uses to communicate with the RADIUS server

    • The target's CHAP name (for example, its iqn name) and the secret key for each target that needs to be authenticated

Oracle Solaris iSCSI and RADIUS Server Error Messages

This section describes the error messages that are related to an Oracle Solaris iSCSI and RADIUS server configuration. Potential solutions for recovery are also provided.

empty RADIUS shared secret

Cause: The RADIUS server is enabled on the initiator, but the RADIUS shared secret key is not set.

Solution: Configure the initiator with the RADIUS shared secret key. For more information, see How to Configure a RADIUS Server for Your iSCSI Target.

WARNING: RADIUS packet authentication failed

Cause: The initiator failed to authenticate the RADIUS data packet. This error can occur if the shared secret key that is configured on the initiator node is different from the shared secret key on the RADIUS server.

Solution: Reconfigure the initiator with the correct RADIUS shared secret. For more information, see How to Configure a RADIUS Server for Your iSCSI Target.

Setting Up Solaris iSCSI Multipathed Devices

Consider the following guidelines for using Solaris iSCSI multipathed (MPxIO) devices:

How to Enable Multiple iSCSI Sessions for a Target

This procedure can be used to create multiple iSCSI sessions that connect to a single target. This scenario is useful with iSCSI target devices that support login redirection or have multiple target portals in the same target portal group. Use iSCSI multiple sessions per target with Solaris SCSI Multipathing (MPxIO). You can also achieve higher bandwidth if you utilize multiple NICs on the host side to connect to multiple portals on the same target.

The MS/T feature creates two or more sessions on the target by varying the initiator's session ID (ISID). Enabling this feature creates two SCSI layer paths on the network so that multiple targets are exposed through the iSCSI layer to the Solaris I/O layer. The MPxIO driver handles the reservations across these paths.

For more information about how iSCSI interacts with MPxIO paths, see Setting Up Solaris iSCSI Multipathed Devices.

Review the following items before configuring multiple sessions for an iSCSI target:

  1. Become superuser.
  2. List the current parameters for the iSCSI initiator and target.
    1. List the current parameters for the iSCSI initiator. For example:
      initiator# iscsiadm list initiator-node
      Initiator node name: iqn.1986-03.com.sun:01:0003ba4d233b.425c293c
      Initiator node alias: zzr1200
              .
              .
              .
              Configured Sessions: 1
    2. List the current parameters of the iSCSI target device. For example:
      initiator# iscsiadm list target-param -v iqn.1992-08.com.abcstorage:sn.84186266
      Target: iqn.1992-08.com.abcstorage:sn.84186266
              Alias: -
              .
              .
              .
              Configured Sessions: 1

      The configured sessions value is the number of configured iSCSI sessions that will be created for each target name in a target portal group.

  3. Select one of the following to modify the number of configured sessions either at the initiator node to apply to all targets or at a target level to apply to a specific target.

    The number of sessions for a target must be between 1 and 4.

    • Apply the parameter to the iSCSI initiator node.

      For example:

      initiator# iscsiadm modify initiator-node -c 2
    • Apply the parameter to the iSCSI target.

      For example:

      initiator# iscsiadm modify target-param -c 2  iqn.1992-08.com.abcstorage:sn.84186266
    • Bind configured sessions to one or more local IP addresses.

      Configured sessions can also be bound to a specific local IP address. Using this method, one or more local IP addresses are supplied in a comma-separated list. Each IP address represents an iSCSI session. This method can also be done at the initiator-node or target-param level. For example:

      initiator# iscsiadm modify initiator-node -c 10.0.0.1,10.0.0.2

      Note - If the specified IP address is not routable, the address is ignored and the default Solaris route and IP address is used for this session.


  4. Verify that the parameter was modified.
    1. Display the updated information for the initiator node. For example:
      initiator# iscsiadm list initiator-node
      Initiator node name: iqn.1986-03.com.sun:01:0003ba4d233b.425c293c
      Initiator node alias: zzr1200
              .
              .
              .
              Configured Sessions: 2
    2. Display the updated information for the target node. For example:
      initiator# iscsiadm list target-param -v iqn.1992-08.com.abcstorage:sn.84186266
      Target: iqn.1992-08.com.abcstorage:sn.84186266
              Alias: -
              .
              .
              .
              Configured Sessions: 2
  5. List the multiple paths by using the mpathadm list lu command to confirm that the OS device name matches the iscsiadm list output, and that the path count is 2 or more.

Monitoring Your iSCSI Configuration

You can display information about the iSCSI initiator and target devices by using the iscsiadm list command.

  1. Become superuser.
  2. Display information about the iSCSI initiator.

    For example:

    # iscsiadm list initiator-node
    Initiator node name: iqn.1986-03.com.sun:01:0003ba4d233b.425c293c
    Initiator node alias: zzr1200
            Login Parameters (Default/Configured):
                    Header Digest: NONE/-
                    Data Digest: NONE/-
            Authentication Type: NONE
            RADIUS Server: NONE
            RADIUS access: unknown
            Configured Sessions: 1
  3. Display information about which discovery methods are in use.

    For example:

    # iscsiadm list discovery
    Discovery:
        Static: enabled
        Send Targets: enabled
        iSNS: enabled

Example 4-1 Displaying iSCSI Target Information

The following example shows how to display the parameter settings for a specific iSCSI target.

# iscsiadm list target-param iqn.1992-08.com.abcstorage:sn.33592219
        Target: iqn.1992-08.com.abcstorage:sn.33592219

The iscsiadm list target-param -v command displays the following information:

The iscsiadm list target-param -v command displays the default parameter value before the / designator and the configured parameter value after the / designator. If you have not configured any parameters, the configured parameter value displays as a hyphen (-). For more information, see the following examples.

# iscsiadm list target-param -v eui.50060e8004275511 Target: eui.50060e8004275511
        Alias: -
        Bi-directional Authentication: disabled
        Authentication Type: NONE
        Login Parameters (Default/Configured):
                Data Sequence In Order: yes/-
                Data PDU In Order: yes/-
                Default Time To Retain: 20/-
                Default Time To Wait: 2/-
                Error Recovery Level: 0/-
                First Burst Length: 65536/-
                Immediate Data: yes/-
                Initial Ready To Transfer (R2T): yes/-
                Max Burst Length: 262144/-
                Max Outstanding R2T: 1/-
                Max Receive Data Segment Length: 65536/-
                Max Connections: 1/-
                Header Digest: NONE/-
                Data Digest: NONE/-
        Configured Sessions: 1

The following example output displays the parameters that were negotiated between the target and the initiator.

# iscsiadm list target -v eui.50060e8004275511
Target: eui.50060e8004275511
        TPGT: 1
        ISID: 4000002a0000
        Connections: 1
                CID: 0
                  IP address (Local): 172.90.101.71:32813
                  IP address (Peer): 172.90.101.40:3260
                  Discovery Method: Static
                  Login Parameters (Negotiated):
                        Data Sequence In Order: yes
                        Data PDU In Order: yes
                        Default Time To Retain: 0
                        Default Time To Wait: 3
                        Error Recovery Level: 0
                        First Burst Length: 65536
                        Immediate Data: yes
                        Initial Ready To Transfer (R2T): yes
                        Max Burst Length: 262144
                        Max Outstanding R2T: 1
                        Max Receive Data Segment Length: 65536
                        Max Connections: 1
                        Header Digest: NONE
                        Data Digest: NONE

Modifying iSCSI Initiator and Target Parameters

You can modify parameters on both the iSCSI initiator and the iSCSI target device. However, the only parameters that can be modified on the iSCSI initiator are the following:

The iSCSI driver provides default values for the iSCSI initiator and iSCSI target device parameters. If you modify the parameters of the iSCSI initiator, the modified parameters are inherited by the iSCSI target device, unless the iSCSI target device already has different values.


Caution

Caution - Ensure that the target software supports the parameter to be modified. Otherwise, you might be unable to log in to the iSCSI target device. See your array documentation for a list of supported parameters.


Modifying iSCSI parameters should be done when I/O between the initiator and the target is complete. The iSCSI driver reconnects the session after the changes are made by using the iscsiadm modify command.

How to Modify iSCSI Initiator and Target Parameters

The first part of this procedure illustrates how modified parameters of the iSCSI initiator are inherited by the iSCSI target device. The second part of this procedure shows how to actually modify parameters on the iSCSI target device.

This optional procedure assumes that you are logged in to the local system where access to an iSCSI target device has already been configured.

  1. Become superuser.
  2. List the current parameters of the iSCSI initiator and target device.
    1. List the current parameters of the iSCSI initiator. For example:
      initiator# iscsiadm list initiator-node
      Initiator node name: iqn.1986-03.com.sun:01:0003ba4d233b.425c293c
      Initiator node alias: zzr1200
              Login Parameters (Default/Configured):
                      Header Digest: NONE/-
                      Data Digest: NONE/-
              Authentication Type: NONE
              RADIUS Server: NONE
              RADIUS access: unknown
              Configured Sessions: 1
    2. List the current parameters of the iSCSI target device. For example:
      initiator# iscsiadm list target-param -v iqn.1992-08.com.abcstorage:sn.84186266
      Target: iqn.1992-08.com.abcstorage:sn.84186266
              Alias: -
              Bi-directional Authentication: disabled
              Authentication Type: NONE
              Login Parameters (Default/Configured):
                      Data Sequence In Order: yes/-
                      Data PDU In Order: yes/-
                      Default Time To Retain: 20/-
                      Default Time To Wait: 2/-
                      Error Recovery Level: 0/-
                      First Burst Length: 65536/-
                      Immediate Data: yes/-
                      Initial Ready To Transfer (R2T): yes/-
                      Max Burst Length: 262144/-
                      Max Outstanding R2T: 1/-
                      Max Receive Data Segment Length: 65536/-
                      Max Connections: 1/-
                      Header Digest: NONE/-
                      Data Digest: NONE/-
               Configured Sessions: 1

      Note that both header digest and data digest parameters are currently set to NONE for both the iSCSI initiator and the iSCSI target device.

      To review the default parameters of the iSCSI target device, see the iscsiadm list target-param output in Example 4-1.

  3. Modify the parameter of the iSCSI initiator.

    For example, set the header digest to CRC32.

    initiator# iscsiadm modify initiator-node -h CRC32

    If you change the initiator node name, the targets that were discovered by iSNS might be logged out and removed from the initiator's target list, if the new name does not belong to the same discovery domain as that of the targets. However, if the targets are in use, they are not removed. For example, if a file is open or a file system is mounted on these targets, the targets will not removed.

    You might also see new targets after the name change if these targets and the new initiator node name belong to the same discovery domain.

  4. Verify that the parameter was modified.
    1. Display the updated parameter information for the iSCSI initiator. For example:
      initiator# iscsiadm list initiator-node
      Initiator node name: iqn.1986-03.com.sun:01:0003ba4d233b.425c293c
      Initiator node alias: zzr1200
              Login Parameters (Default/Configured):
                      Header Digest: NONE/CRC32
                      Data Digest: NONE/-
              Authentication Type: NONE
              RADIUS Server: NONE
              RADIUS access: unknown
              Configured Sessions: 1

      Note that the header digest is now set to CRC32.

    2. Display the updated parameter information for the iSCSI target device. For example:
      initiator# iscsiadm list target-param -v iqn.1992-08.com.abcstorage:sn.84186266
      Target: iqn.1992-08.com.abcstorage:sn.84186266
              Alias: -
              Bi-directional Authentication: disabled
              Authentication Type: NONE
              Login Parameters (Default/Configured):
                      Data Sequence In Order: yes/-
                      Data PDU In Order: yes/-
                      Default Time To Retain: 20/-
                      Default Time To Wait: 2/-
                      Error Recovery Level: 0/-
                      First Burst Length: 65536/-
                      Immediate Data: yes/-
                      Initial Ready To Transfer (R2T): yes/-
                      Max Burst Length: 262144/-
                      Max Outstanding R2T: 1/-
                      Max Receive Data Segment Length: 65536/-
                      Max Connections: 1/-
                      Header Digest: CRC32/-
                      Data Digest: NONE/-
              Configured Sessions: 1

      Note that the header digest is now set to CRC32.

  5. Verify that the iSCSI initiator has reconnected to the iSCSI target. For example:
    initiator# iscsiadm list target -v iqn.1992-08.com.abcstorage:sn.84186266
    Target: iqn.1992-08.com.abcstorage:sn.84186266
            TPGT: 2
            ISID: 4000002a0000
            Connections: 1
                    CID: 0
                      IP address (Local): nnn.nn.nn.nnn:64369
                      IP address (Peer): nnn.nn.nn.nnn:3260
                      Discovery Method: SendTargets
                      Login Parameters (Negotiated):
                            .
                            .
                            .
                            Header Digest: CRC32
                            Data Digest: NONE 
  6. (Optional) Unset an iSCSI initiator parameter or an iSCSI target device parameter.

    You can unset a parameter by setting it back to its default setting by using the iscsiadm modify command. Or, you can use the iscsiadm remove command to reset all target properties to the default settings.

    The iscsiadm modify target-param command changes only the parameters that are specified on the command line.

    The following example shows how to reset the header digest to NONE:

    initiator# iscsiadm modify target-param -h none iqn.1992-08.com.abcstorage:sn...

    For information about the iscsiadm remove target-param command, see iscsiadm(1M).