Internet Small Computer System Interface (iSCSI) Protocol (Consolidated)
RFC 7143
| Document | Type |
RFC
- Proposed Standard
(April 2014)
IPR
Updates RFC 3721
|
|
|---|---|---|---|
| Authors | Mallikarjun Chadalapaka , Julian Satran , Kalman Meth , David L. Black | ||
| Last updated | 2018-12-20 | ||
| RFC stream | Internet Engineering Task Force (IETF) | ||
| Formats | |||
| Additional resources | Mailing list discussion | ||
| IESG | Responsible AD | Martin Stiemerling | |
| Send notices to | (None) |
RFC 7143
planned. Alternatively, an implementer may choose to interlock iSCSI
timeouts and recovery with SCSI timeouts so that SCSI recovery will
become active only where iSCSI is not planned to, or failed to,
recover.
The implementer may also want to consider the interaction between
various iSCSI exception events -- such as a digest failure -- and
subsequent timeouts. When iSCSI error recovery is active, a digest
failure is likely to result in discovering a missing command or data
PDU. In these cases, an implementer may want to lower the timeout
values to enable faster initiation for recovery procedures.
10.4. Command Retry and Cleaning Old Command Instances
To avoid having old, retried command instances appear in a valid
command window after a command sequence number wraparound, the
protocol requires (see Section 4.2.2.1) that on every connection on
which a retry has been issued a non-immediate command be issued and
acknowledged within an interval of 2**31 - 1 commands from the CmdSN
of the retried command. This requirement can be fulfilled by an
implementation in several ways.
The simplest technique to use is to send a (non-retry) non-immediate
SCSI command (or a NOP if no SCSI command is available for a while)
after every command retry on the connection on which the retry was
attempted. Because errors are deemed rare events, this technique is
probably the most effective, as it does not involve additional checks
at the initiator when issuing commands.
10.5. Sync and Steering Layer, and Performance
While a Sync and Steering layer is optional, an initiator/target that
does not have it working against a target/initiator that demands sync
and steering may experience performance degradation caused by packet
reordering and loss. Providing a sync and steering mechanism is
recommended for all high-speed implementations.
10.6. Considerations for State-Dependent Devices and Long-Lasting SCSI
Operations
Sequential access devices operate on the principle that the position
of the device is based on the last command processed. As such,
command processing order, and knowledge of whether or not the
previous command was processed, are of the utmost importance to
maintain data integrity. For example, inadvertent retries of SCSI
commands when it is not known if the previous SCSI command was
processed is a potential data integrity risk.
Chadalapaka, et al. Standards Track [Page 147]
RFC 7143 iSCSI (Consolidated) April 2014
For a sequential access device, consider the scenario in which a SCSI
SPACE command to backspace one filemark is issued and then reissued
due to no status received for the command. If the first SPACE
command was actually processed, the reissued SPACE command, if
processed, will cause the position to change. Thus, a subsequent
write operation will write data to the wrong position, and any
previous data at that position will be overwritten.
For a medium changer device, consider the scenario in which an
EXCHANGE MEDIUM command (the SOURCE ADDRESS and DESTINATION ADDRESS
are the same, thus performing a swap) is issued and then reissued due
to no status received for the command. If the first EXCHANGE MEDIUM
command was actually processed, the reissued EXCHANGE MEDIUM command,
if processed, will perform the swap again. The net effect is that no
swap was performed, thus putting data integrity at risk.
All commands that change the state of the device (e.g., SPACE
commands for sequential access devices and EXCHANGE MEDIUM commands
for medium changer devices) MUST be issued as non-immediate commands
for deterministic and ordered delivery to iSCSI targets.
For many of those state-changing commands, the execution model also
assumes that the command is executed exactly once. Devices
implementing READ POSITION and LOCATE provide a means for SCSI-level
command recovery, and new tape-class devices should support those
commands. In their absence, a retry at the SCSI level is difficult,
and error recovery at the iSCSI level is advisable.
Devices operating on long-latency delivery subsystems and performing
long-lasting SCSI operations may need mechanisms that enable
connection replacement while commands are running (e.g., during an
extended copy operation).
10.6.1. Determining the Proper ErrorRecoveryLevel
The implementation and use of a specific ErrorRecoveryLevel should be
determined based on the deployment scenarios of a given iSCSI
implementation. Generally, the following factors must be considered
before deciding on the proper level of recovery:
a) Application resilience to I/O failures.
b) Required level of availability in the face of transport
connection failures.
Chadalapaka, et al. Standards Track [Page 148]
RFC 7143 iSCSI (Consolidated) April 2014
c) Probability of transport-layer "checksum escape" (message error
undetected by TCP checksum -- see [RFC3385] for related
discussion). This in turn decides the iSCSI digest failure
frequency and thus the criticality of iSCSI-level error
recovery. The details of estimating this probability are
outside the scope of this document.
A consideration of the above factors for SCSI tape devices as an
example suggests that implementations SHOULD use ErrorRecoveryLevel=1
when transport connection failure is not a concern and SCSI-level
recovery is unavailable, and ErrorRecoveryLevel=2 when there is a
high likelihood of connection failure during a backup/retrieval.
For extended copy operations, implementations SHOULD use
ErrorRecoveryLevel=2 whenever there is a relatively high likelihood
of connection failure.
10.7. Multi-Task Abort Implementation Considerations
Multi-task abort operations are typically issued in emergencies, such
as clearing a device lock-up, HA failover/failback, etc. In these
circumstances, it is desirable to rapidly go through the error-
handling process as opposed to the target waiting on multiple third-
party initiators that may not even be functional anymore --
especially if this emergency is triggered because of one such
initiator failure. Therefore, both iSCSI target and initiator
implementations SHOULD support FastAbort multi-task abort semantics
(Section 4.2.3.4).
Note that in both standard semantics (Section 4.2.3.3) and FastAbort
semantics (Section 4.2.3.4) there may be outstanding data transfers
even after the TMF completion is reported on the issuing session. In
the case of iSCSI/iSER [RFC7145], these would be tagged data
transfers for STags not owned by any active tasks. Whether or not
real buffers support these data transfers is implementation
dependent. However, the data transfers logically MUST be silently
discarded by the target iSCSI layer in all cases. A target MAY, on
an implementation-defined internal timeout, also choose to drop the
connections on which it did not receive the expected Data-Out
sequences (Section 4.2.3.3) or NOP-Out acknowledgments
(Section 4.2.3.4) so as to reclaim the associated buffer, STag, and
TTT resources as appropriate.
Chadalapaka, et al. Standards Track [Page 149]
RFC 7143 iSCSI (Consolidated) April 2014
11. iSCSI PDU Formats
All multi-byte integers that are specified in formats defined in this
document are to be represented in network byte order (i.e.,
big-endian). Any field that appears in this document assumes that
the most significant byte is the lowest numbered byte and the most
significant bit (within byte or field) is the lowest numbered bit
unless specified otherwise.
Any compliant sender MUST set all bits not defined and all reserved
fields to 0, unless specified otherwise. Any compliant receiver MUST
ignore any bit not defined and all reserved fields unless specified
otherwise. Receipt of reserved code values in defined fields MUST be
reported as a protocol error.
Reserved fields are marked by the word "reserved", some abbreviation
of "reserved", or by "." for individual bits when no other form of
marking is technically feasible.
11.1. iSCSI PDU Length and Padding
iSCSI PDUs are padded to the closest integer number of 4-byte words.
The padding bytes SHOULD be sent as 0.
11.2. PDU Template, Header, and Opcodes
All iSCSI PDUs have one or more header segments and, optionally, a
data segment. After the entire header segment group, a header digest
MAY follow. The data segment MAY also be followed by a data digest.
The Basic Header Segment (BHS) is the first segment in all of the
iSCSI PDUs. The BHS is a fixed-length 48-byte header segment. It
MAY be followed by Additional Header Segments (AHS), a Header-Digest,
a Data Segment, and/or a Data-Digest.
Chadalapaka, et al. Standards Track [Page 150]
RFC 7143 iSCSI (Consolidated) April 2014
The overall structure of an iSCSI PDU is as follows:
Byte/ 0 | 1 | 2 | 3 |
/ | | | |
|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|
+---------------+---------------+---------------+---------------+
0/ Basic Header Segment (BHS) /
+/ /
+---------------+---------------+---------------+---------------+
48/ Additional Header Segment 1 (AHS) (optional) /
+/ /
+---------------+---------------+---------------+---------------+
/ Additional Header Segment 2 (AHS) (optional) /
+/ /
+---------------+---------------+---------------+---------------+
+---------------+---------------+---------------+---------------+
/ Additional Header Segment n (AHS) (optional) /
+/ /
+---------------+---------------+---------------+---------------+
k/ Header-Digest (optional) /
+/ /
+---------------+---------------+---------------+---------------+
l/ Data Segment (optional) /
+/ /
+---------------+---------------+---------------+---------------+
m/ Data-Digest (optional) /
+/ /
+---------------+---------------+---------------+---------------+
All PDU segments and digests are padded to the closest integer number
of 4-byte words. For example, all PDU segments and digests start at
a 4-byte word boundary, and the padding ranges from 0 to 3 bytes.
The padding bytes SHOULD be sent as 0.
iSCSI Response PDUs do not have AH Segments.
Chadalapaka, et al. Standards Track [Page 151]
RFC 7143 iSCSI (Consolidated) April 2014
11.2.1. Basic Header Segment (BHS)
The BHS is 48 bytes long. The Opcode and DataSegmentLength fields
appear in all iSCSI PDUs. In addition, when used, the Initiator Task
Tag and Logical Unit Number always appear in the same location in the
header.
The format of the BHS is:
Byte/ 0 | 1 | 2 | 3 |
/ | | | |
|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|
+---------------+---------------+---------------+---------------+
0|.|I| Opcode |F| Opcode-specific fields |
+---------------+---------------+---------------+---------------+
4|TotalAHSLength | DataSegmentLength |
+---------------+---------------+---------------+---------------+
8| LUN or Opcode-specific fields |
+ +
12| |
+---------------+---------------+---------------+---------------+
16| Initiator Task Tag |
+---------------+---------------+---------------+---------------+
20/ Opcode-specific fields /
+/ /
+---------------+---------------+---------------+---------------+
48
11.2.1.1. I (Immediate) Bit
For Request PDUs, the I bit set to 1 is an immediate delivery marker.
11.2.1.2. Opcode
The Opcode indicates the type of iSCSI PDU the header encapsulates.
The Opcodes are divided into two categories: initiator Opcodes and
target Opcodes. Initiator Opcodes are in PDUs sent by the initiator
(Request PDUs). Target Opcodes are in PDUs sent by the target
(Response PDUs).
Initiators MUST NOT use target Opcodes, and targets MUST NOT use
initiator Opcodes.
Chadalapaka, et al. Standards Track [Page 152]
RFC 7143 iSCSI (Consolidated) April 2014
Initiator Opcodes defined in this specification are:
0x00 NOP-Out
0x01 SCSI Command (encapsulates a SCSI Command Descriptor
Block)
0x02 SCSI Task Management Function Request
0x03 Login Request
0x04 Text Request
0x05 SCSI Data-Out (for write operations)
0x06 Logout Request
0x10 SNACK Request
0x1c-0x1e Vendor-specific codes
Target Opcodes are:
0x20 NOP-In
0x21 SCSI Response - contains SCSI status and possibly sense
information or other response information
0x22 SCSI Task Management Function Response
0x23 Login Response
0x24 Text Response
0x25 SCSI Data-In (for read operations)
0x26 Logout Response
0x31 Ready To Transfer (R2T) - sent by target when it is ready
to receive data
0x32 Asynchronous Message - sent by target to indicate certain
special conditions
0x3c-0x3e Vendor-specific codes
0x3f Reject
Chadalapaka, et al. Standards Track [Page 153]
RFC 7143 iSCSI (Consolidated) April 2014
All other Opcodes are unassigned.
11.2.1.3. F (Final) Bit
When set to 1 it indicates the final (or only) PDU of a sequence.
11.2.1.4. Opcode-Specific Fields
These fields have different meanings for different Opcode types.
11.2.1.5. TotalAHSLength
This is the total length of all AHS header segments in units of
4-byte words, including padding, if any.
The TotalAHSLength is only used in PDUs that have an AHS and MUST be
0 in all other PDUs.
11.2.1.6. DataSegmentLength
This is the data segment payload length in bytes (excluding padding).
The DataSegmentLength MUST be 0 whenever the PDU has no data segment.
11.2.1.7. LUN
Some Opcodes operate on a specific LU. The Logical Unit Number (LUN)
field identifies which LU. If the Opcode does not relate to a LU,
this field is either ignored or may be used in an Opcode-specific
way. The LUN field is 64 bits and should be formatted in accordance
with [SAM2]. For example, LUN[0] from [SAM2] is BHS byte 8 and so on
up to LUN[7] from [SAM2], which is BHS byte 15.
11.2.1.8. Initiator Task Tag
The initiator assigns a task tag to each iSCSI task it issues. While
a task exists, this tag MUST uniquely identify the task session-wide.
SCSI may also use the Initiator Task Tag as part of the SCSI task
identifier when the timespan during which an iSCSI Initiator Task Tag
must be unique extends over the timespan during which a SCSI task tag
must be unique. However, the iSCSI Initiator Task Tag must exist and
be unique even for untagged SCSI commands.
An ITT value of 0xffffffff is reserved and MUST NOT be assigned for a
task by the initiator. The only instance in which it may be seen on
the wire is in a target-initiated NOP-In PDU (Section 11.19) and in
the initiator response to that PDU, if necessary.
Chadalapaka, et al. Standards Track [Page 154]
RFC 7143 iSCSI (Consolidated) April 2014
11.2.2. Additional Header Segment (AHS)
The general format of an AHS is:
Byte/ 0 | 1 | 2 | 3 |
/ | | | |
|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|
+---------------+---------------+---------------+---------------+
0| AHSLength | AHSType | AHS-Specific |
+---------------+---------------+---------------+---------------+
4/ AHS-Specific /
+/ /
+---------------+---------------+---------------+---------------+
x
11.2.2.1. AHSType
The AHSType field is coded as follows:
bit 0-1 - Reserved
bit 2-7 - AHS code
0 - Reserved
1 - Extended CDB
2 - Bidirectional Read Expected Data Transfer Length
3 - 63 Reserved
11.2.2.2. AHSLength
This field contains the effective length in bytes of the AHS,
excluding AHSType and AHSLength and padding, if any. The AHS is
padded to the smallest integer number of 4-byte words (i.e., from 0
up to 3 padding bytes).
Chadalapaka, et al. Standards Track [Page 155]
RFC 7143 iSCSI (Consolidated) April 2014
11.2.2.3. Extended CDB AHS
The format of the Extended CDB AHS is:
Byte/ 0 | 1 | 2 | 3 |
/ | | | |
|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|
+---------------+---------------+---------------+---------------+
0| AHSLength (CDBLength - 15) | 0x01 | Reserved |
+---------------+---------------+---------------+---------------+
4/ ExtendedCDB...+padding /
+/ /
+---------------+---------------+---------------+---------------+
x
This type of AHS MUST NOT be used if the CDBLength is less than 17.
The length includes the reserved byte 3.
11.2.2.4. Bidirectional Read Expected Data Transfer Length AHS
The format of the Bidirectional Read Expected Data Transfer Length
AHS is:
Byte/ 0 | 1 | 2 | 3 |
/ | | | |
|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|
+---------------+---------------+---------------+---------------+
0| AHSLength (0x0005) | 0x02 | Reserved |
+---------------+---------------+---------------+---------------+
4| Bidirectional Read Expected Data Transfer Length |
+---------------+---------------+---------------+---------------+
8
11.2.3. Header Digest and Data Digest
Optional header and data digests protect the integrity of the header
and data, respectively. The digests, if present, are located,
respectively, after the header and PDU-specific data and cover,
respectively, the header and the PDU data, each including the padding
bytes, if any.
The existence and type of digests are negotiated during the Login
Phase.
Chadalapaka, et al. Standards Track [Page 156]
RFC 7143 iSCSI (Consolidated) April 2014
The separation of the header and data digests is useful in iSCSI
routing applications, in which only the header changes when a message
is forwarded. In this case, only the header digest should be
recalculated.
Digests are not included in data or header length fields.
A zero-length Data Segment also implies a zero-length Data-Digest.
11.2.4. Data Segment
The (optional) Data Segment contains PDU-associated data. Its
payload effective length is provided in the BHS field --
DataSegmentLength. The Data Segment is also padded to an integer
number of 4-byte words.
Chadalapaka, et al. Standards Track [Page 157]
RFC 7143 iSCSI (Consolidated) April 2014
11.3. SCSI Command
The format of the SCSI Command PDU is:
Byte/ 0 | 1 | 2 | 3 |
/ | | | |
|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|
+---------------+---------------+---------------+---------------+
0|.|I| 0x01 |F|R|W|. .|ATTR | Reserved |
+---------------+---------------+---------------+---------------+
4|TotalAHSLength | DataSegmentLength |
+---------------+---------------+---------------+---------------+
8| Logical Unit Number (LUN) |
+ +
12| |
+---------------+---------------+---------------+---------------+
16| Initiator Task Tag |
+---------------+---------------+---------------+---------------+
20| Expected Data Transfer Length |
+---------------+---------------+---------------+---------------+
24| CmdSN |
+---------------+---------------+---------------+---------------+
28| ExpStatSN |
+---------------+---------------+---------------+---------------+
32/ SCSI Command Descriptor Block (CDB) /
+/ /
+---------------+---------------+---------------+---------------+
48/ AHS (optional) /
+---------------+---------------+---------------+---------------+
x/ Header-Digest (optional) /
+---------------+---------------+---------------+---------------+
y/ (DataSegment, Command Data) (optional) /
+/ /
+---------------+---------------+---------------+---------------+
z/ Data-Digest (optional) /
+---------------+---------------+---------------+---------------+
Chadalapaka, et al. Standards Track [Page 158]
RFC 7143 iSCSI (Consolidated) April 2014
11.3.1. Flags and Task Attributes (Byte 1)
The flags for a SCSI Command PDU are:
bit 0 (F) is set to 1 when no unsolicited SCSI Data-Out PDUs
follow this PDU. When F = 1 for a write and if Expected
Data Transfer Length is larger than the
DataSegmentLength, the target may solicit additional data
through R2T.
bit 1 (R) is set to 1 when the command is expected to input
data.
bit 2 (W) is set to 1 when the command is expected to output
data.
bit 3-4 Reserved.
bit 5-7 contains Task Attributes.
Task Attributes (ATTR) have one of the following integer values (see
[SAM2] for details):
0 - Untagged
1 - Simple
2 - Ordered
3 - Head of queue
4 - ACA
5-7 - Reserved
At least one of the W and F bits MUST be set to 1.
Either or both of R and W MAY be 1 when the Expected Data Transfer
Length and/or the Bidirectional Read Expected Data Transfer Length
are 0, but they MUST NOT both be 0 when the Expected Data Transfer
Length and/or Bidirectional Read Expected Data Transfer Length are
not 0 (i.e., when some data transfer is expected, the transfer
direction is indicated by the R and/or W bit).
11.3.2. CmdSN - Command Sequence Number
The CmdSN enables ordered delivery across multiple connections in a
single session.
Chadalapaka, et al. Standards Track [Page 159]
RFC 7143 iSCSI (Consolidated) April 2014
11.3.3. ExpStatSN
Command responses up to ExpStatSN - 1 (modulo 2**32) have been
received (acknowledges status) on the connection.
11.3.4. Expected Data Transfer Length
For unidirectional operations, the Expected Data Transfer Length
field contains the number of bytes of data involved in this SCSI
operation. For a unidirectional write operation (W flag set to 1 and
R flag set to 0), the initiator uses this field to specify the number
of bytes of data it expects to transfer for this operation. For a
unidirectional read operation (W flag set to 0 and R flag set to 1),
the initiator uses this field to specify the number of bytes of data
it expects the target to transfer to the initiator. It corresponds
to the SAM-2 byte count.
For bidirectional operations (both R and W flags are set to 1), this
field contains the number of data bytes involved in the write
transfer. For bidirectional operations, an additional header segment
MUST be present in the header sequence that indicates the
Bidirectional Read Expected Data Transfer Length. The Expected Data
Transfer Length field and the Bidirectional Read Expected Data
Transfer Length field correspond to the SAM-2 byte count.
If the Expected Data Transfer Length for a write and the length of
the immediate data part that follows the command (if any) are the
same, then no more data PDUs are expected to follow. In this case,
the F bit MUST be set to 1.
If the Expected Data Transfer Length is higher than the
FirstBurstLength (the negotiated maximum amount of unsolicited data
the target will accept), the initiator MUST send the maximum amount
of unsolicited data OR ONLY the immediate data, if any.
Upon completion of a data transfer, the target informs the initiator
(through residual counts) of how many bytes were actually processed
(sent and/or received) by the target.
11.3.5. CDB - SCSI Command Descriptor Block
There are 16 bytes in the CDB field to accommodate the commonly used
CDBs. Whenever the CDB is larger than 16 bytes, an Extended CDB AHS
MUST be used to contain the CDB spillover.
Chadalapaka, et al. Standards Track [Page 160]
RFC 7143 iSCSI (Consolidated) April 2014
11.3.6. Data Segment - Command Data
Some SCSI commands require additional parameter data to accompany the
SCSI command. This data may be placed beyond the boundary of the
iSCSI header in a data segment. Alternatively, user data (e.g., from
a write operation) can be placed in the data segment (both cases are
referred to as immediate data). These data are governed by the rules
for solicited vs. unsolicited data outlined in Section 4.2.5.2.
11.4. SCSI Response
The format of the SCSI Response PDU is:
Byte/ 0 | 1 | 2 | 3 |
/ | | | |
|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|
+---------------+---------------+---------------+---------------+
0|.|.| 0x21 |1|. .|o|u|O|U|.| Response | Status |
+---------------+---------------+---------------+---------------+
4|TotalAHSLength | DataSegmentLength |
+---------------+---------------+---------------+---------------+
8| Reserved |
+ +
12| |
+---------------+---------------+---------------+---------------+
16| Initiator Task Tag |
+---------------+---------------+---------------+---------------+
20| SNACK Tag or Reserved |
+---------------+---------------+---------------+---------------+
24| StatSN |
+---------------+---------------+---------------+---------------+
28| ExpCmdSN |
+---------------+---------------+---------------+---------------+
32| MaxCmdSN |
+---------------+---------------+---------------+---------------+
36| ExpDataSN or Reserved |
+---------------+---------------+---------------+---------------+
40| Bidirectional Read Residual Count or Reserved |
+---------------+---------------+---------------+---------------+
44| Residual Count or Reserved |
+---------------+---------------+---------------+---------------+
48| Header-Digest (optional) |
+---------------+---------------+---------------+---------------+
/ Data Segment (optional) /
+/ /
+---------------+---------------+---------------+---------------+
| Data-Digest (optional) |
+---------------+---------------+---------------+---------------+
Chadalapaka, et al. Standards Track [Page 161]
RFC 7143 iSCSI (Consolidated) April 2014
11.4.1. Flags (Byte 1)
bit 1-2 Reserved.
bit 3 - (o) set for Bidirectional Read Residual Overflow. In this
case, the Bidirectional Read Residual Count indicates the
number of bytes that were not transferred to the
initiator because the initiator's Bidirectional Read
Expected Data Transfer Length was not sufficient.
bit 4 - (u) set for Bidirectional Read Residual Underflow. In this
case, the Bidirectional Read Residual Count indicates the
number of bytes that were not transferred to the
initiator out of the number of bytes expected to be
transferred.
bit 5 - (O) set for Residual Overflow. In this case, the Residual
Count indicates the number of bytes that were not
transferred because the initiator's Expected Data
Transfer Length was not sufficient. For a bidirectional
operation, the Residual Count contains the residual for
the write operation.
bit 6 - (U) set for Residual Underflow. In this case, the Residual
Count indicates the number of bytes that were not
transferred out of the number of bytes that were expected
to be transferred. For a bidirectional operation, the
Residual Count contains the residual for the write
operation.
bit 7 - (0) Reserved.
Bits O and U and bits o and u are mutually exclusive (i.e., having
both o and u or O and U set to 1 is a protocol error).
For a response other than "Command Completed at Target", bits 3-6
MUST be 0.
Chadalapaka, et al. Standards Track [Page 162]
RFC 7143 iSCSI (Consolidated) April 2014
11.4.2. Status
The Status field is used to report the SCSI status of the command (as
specified in [SAM2]) and is only valid if the response code is
Command Completed at Target.
Some of the status codes defined in [SAM2] are:
0x00 GOOD
0x02 CHECK CONDITION
0x08 BUSY
0x18 RESERVATION CONFLICT
0x28 TASK SET FULL
0x30 ACA ACTIVE
0x40 TASK ABORTED
See [SAM2] for the complete list and definitions.
If a SCSI device error is detected while data from the initiator is
still expected (the command PDU did not contain all the data and the
target has not received a data PDU with the Final bit set), the
target MUST wait until it receives a data PDU with the F bit set in
the last expected sequence before sending the Response PDU.
11.4.3. Response
This field contains the iSCSI service response.
iSCSI service response codes defined in this specification are:
0x00 - Command Completed at Target
0x01 - Target Failure
0x80-0xff - Vendor specific
All other response codes are reserved.
The Response field is used to report a service response. The mapping
of the response code into a SCSI service response code value, if
needed, is outside the scope of this document. However, in symbolic
terms, response value 0x00 maps to the SCSI service response (see
Chadalapaka, et al. Standards Track [Page 163]
RFC 7143 iSCSI (Consolidated) April 2014
[SAM2] and [SPC3]) of TASK COMPLETE or LINKED COMMAND COMPLETE. All
other Response values map to the SCSI service response of SERVICE
DELIVERY OR TARGET FAILURE.
If a SCSI Response PDU does not arrive before the session is
terminated, the SCSI service response is SERVICE DELIVERY OR TARGET
FAILURE.
A non-zero response field indicates a failure to execute the command,
in which case the Status and Flag fields are undefined and MUST be
ignored on reception.
11.4.4. SNACK Tag
This field contains a copy of the SNACK Tag of the last SNACK Tag
accepted by the target on the same connection and for the command for
which the response is issued. Otherwise, it is reserved and should
be set to 0.
After issuing a R-Data SNACK, the initiator must discard any SCSI
status unless contained in a SCSI Response PDU carrying the same
SNACK Tag as the last issued R-Data SNACK for the SCSI command on the
current connection.
For a detailed discussion on R-Data SNACK, see Section 11.16.3.
11.4.5. Residual Count
11.4.5.1. Field Semantics
The Residual Count field MUST be valid in the case where either the U
bit or the O bit is set. If neither bit is set, the Residual Count
field MUST be ignored on reception and SHOULD be set to 0 when
sending. Targets may set the residual count, and initiators may use
it when the response code is Command Completed at Target (even if the
status returned is not GOOD). If the O bit is set, the Residual
Count indicates the number of bytes that were not transferred because
the initiator's Expected Data Transfer Length was not sufficient. If
the U bit is set, the Residual Count indicates the number of bytes
that were not transferred out of the number of bytes expected to be
transferred.
11.4.5.2. Residuals Concepts Overview
"SCSI-Presented Data Transfer Length (SPDTL)" is the term this
document uses (see Section 2.2 for definition) to represent the
aggregate data length that the target SCSI layer attempts to transfer
using the local iSCSI layer for a task. "Expected Data Transfer
Chadalapaka, et al. Standards Track [Page 164]
RFC 7143 iSCSI (Consolidated) April 2014
Length (EDTL)" is the iSCSI term that represents the length of data
that the iSCSI layer expects to transfer for a task. EDTL is
specified in the SCSI Command PDU.
When SPDTL = EDTL for a task, the target iSCSI layer completes the
task with no residuals. Whenever SPDTL differs from EDTL for a task,
that task is said to have a residual.
If SPDTL > EDTL for a task, iSCSI Overflow MUST be signaled in the
SCSI Response PDU as specified in Section 11.4.5.1. The Residual
Count MUST be set to the numerical value of (SPDTL - EDTL).
If SPDTL < EDTL for a task, iSCSI Underflow MUST be signaled in the
SCSI Response PDU as specified in Section 11.4.5.1. The Residual
Count MUST be set to the numerical value of (EDTL - SPDTL).
Note that the Overflow and Underflow scenarios are independent of
Data-In and Data-Out. Either scenario is logically possible in
either direction of data transfer.
11.4.5.3. SCSI REPORT LUNS Command and Residual Overflow
This section discusses the residual overflow issues, citing the
example of the SCSI REPORT LUNS command. Note, however, that there
are several SCSI commands (e.g., INQUIRY) with ALLOCATION LENGTH
fields following the same underlying rules. The semantics in the
rest of the section apply to all such SCSI commands.
The specification of the SCSI REPORT LUNS command requires that the
SCSI target limit the amount of data transferred to a maximum size
(ALLOCATION LENGTH) provided by the initiator in the REPORT LUNS CDB.
If the Expected Data Transfer Length (EDTL) in the iSCSI header of
the SCSI Command PDU for a REPORT LUNS command is set to at least as
large as that ALLOCATION LENGTH, the SCSI-layer truncation prevents
an iSCSI Residual Overflow from occurring. A SCSI initiator can
detect that such truncation has occurred via other information at the
SCSI layer. The rest of the section elaborates on this required
behavior.
The SCSI REPORT LUNS command requests a target SCSI layer to return a
LU inventory (LUN list) to the initiator SCSI layer (see Clause 6.21
of [SPC3]). The size of this LUN list may not be known to the
initiator SCSI layer when it issues the REPORT LUNS command; to avoid
transferring more LUN list data than the initiator is prepared for,
the REPORT LUNS CDB contains an ALLOCATION LENGTH field to specify
the maximum amount of data to be transferred to the initiator for
this command. If the initiator SCSI layer has underestimated the
Chadalapaka, et al. Standards Track [Page 165]
RFC 7143 iSCSI (Consolidated) April 2014
number of LUs at the target, it is possible that the complete LU
inventory does not fit in the specified ALLOCATION LENGTH. In this
situation, Clause 4.3.4.6 of [SPC3] requires that the target SCSI
layer "shall terminate transfers to the Data-In Buffer" when the
number of bytes specified by the ALLOCATION LENGTH field have been
transferred.
Therefore, in response to a REPORT LUNS command, the SCSI layer at
the target presents at most ALLOCATION LENGTH bytes of data (LU
inventory) to iSCSI for transfer to the initiator. For a REPORT LUNS
command, if the iSCSI EDTL is at least as large as the ALLOCATION
LENGTH, the SCSI truncation ensures that the EDTL will accommodate
all of the data to be transferred. If all of the LU inventory data
presented to the iSCSI layer -- i.e., the data remaining after any
SCSI truncation -- is transferred to the initiator by the iSCSI
layer, an iSCSI Residual Overflow has not occurred and the iSCSI (O)
bit MUST NOT be set in the SCSI Response or final SCSI Data-Out PDU.
Note that this behavior is implied in Section 11.4.5.1, along with
the specification of the REPORT LUNS command in [SPC3]. However, if
the iSCSI EDTL is larger than the ALLOCATION LENGTH in this scenario,
note that the iSCSI Underflow MUST be signaled in the SCSI Response
PDU. An iSCSI Underflow MUST also be signaled when the iSCSI EDTL is
equal to the ALLOCATION LENGTH but the LU inventory data presented to
the iSCSI layer is smaller than the ALLOCATION LENGTH.
The LUN LIST LENGTH field in the LU inventory (the first field in the
inventory) is not affected by truncation of the inventory to fit in
ALLOCATION LENGTH; this enables a SCSI initiator to determine that
the received inventory is incomplete by noticing that the LUN LIST
LENGTH in the inventory is larger than the ALLOCATION LENGTH that was
sent in the REPORT LUNS CDB. A common initiator behavior in this
situation is to reissue the REPORT LUNS command with a larger
ALLOCATION LENGTH.
11.4.6. Bidirectional Read Residual Count
The Bidirectional Read Residual Count field MUST be valid in the case
where either the u bit or the o bit is set. If neither bit is set,
the Bidirectional Read Residual Count field is reserved. Targets may
set the Bidirectional Read Residual Count, and initiators may use it
when the response code is Command Completed at Target. If the o bit
is set, the Bidirectional Read Residual Count indicates the number of
bytes that were not transferred to the initiator because the
initiator's Bidirectional Read Expected Data Transfer Length was not
sufficient. If the u bit is set, the Bidirectional Read Residual
Count indicates the number of bytes that were not transferred to the
initiator out of the number of bytes expected to be transferred.
Chadalapaka, et al. Standards Track [Page 166]
RFC 7143 iSCSI (Consolidated) April 2014
11.4.7. Data Segment - Sense and Response Data Segment
iSCSI targets MUST support and enable Autosense. If Status is CHECK
CONDITION (0x02), then the data segment MUST contain sense data for
the failed command.
For some iSCSI responses, the response data segment MAY contain some
response-related information (e.g., for a target failure, it may
contain a vendor-specific detailed description of the failure).
If the DataSegmentLength is not 0, the format of the data segment is
as follows:
Byte/ 0 | 1 | 2 | 3 |
/ | | | |
|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|
+---------------+---------------+---------------+---------------+
0|SenseLength | Sense Data |
+---------------+---------------+---------------+---------------+
x/ Sense Data /
+---------------+---------------+---------------+---------------+
y/ Response Data /
/ /
+---------------+---------------+---------------+---------------+
11.4.7.1. SenseLength
This field indicates the length of Sense Data.
Chadalapaka, et al. Standards Track [Page 167]
RFC 7143 iSCSI (Consolidated) April 2014
11.4.7.2. Sense Data
The Sense Data contains detailed information about a CHECK CONDITION.
[SPC3] specifies the format and content of the Sense Data.
Certain iSCSI conditions result in the command being terminated at
the target (response code of Command Completed at Target) with a SCSI
CHECK CONDITION Status as outlined in the next table:
+--------------------------+-----------+---------------------------+
| iSCSI Condition |Sense | Additional Sense Code and |
| |Key | Qualifier |
+--------------------------+-----------+---------------------------+
| Unexpected unsolicited |Aborted | ASC = 0x0c ASCQ = 0x0c |
| data |Command-0B | Write Error |
+--------------------------+-----------+---------------------------+
| Incorrect amount of data |Aborted | ASC = 0x0c ASCQ = 0x0d |
| |Command-0B | Write Error |
+--------------------------+-----------+---------------------------+
| Protocol Service CRC |Aborted | ASC = 0x47 ASCQ = 0x05 |
| error |Command-0B | CRC Error Detected |
+--------------------------+-----------+---------------------------+
| SNACK rejected |Aborted | ASC = 0x11 ASCQ = 0x13 |
| |Command-0B | Read Error |
+--------------------------+-----------+---------------------------+
The target reports the "Incorrect amount of data" condition if,
during data output, the total data length to output is greater than
FirstBurstLength and the initiator sent unsolicited non-immediate
data but the total amount of unsolicited data is different than
FirstBurstLength. The target reports the same error when the amount
of data sent as a reply to an R2T does not match the amount
requested.
11.4.8. ExpDataSN
This field indicates the number of Data-In (read) PDUs the target has
sent for the command.
This field MUST be 0 if the response code is not Command Completed at
Target or the target sent no Data-In PDUs for the command.
11.4.9. StatSN - Status Sequence Number
The StatSN is a sequence number that the target iSCSI layer generates
per connection and that in turn enables the initiator to acknowledge
status reception. The StatSN is incremented by 1 for every
response/status sent on a connection, except for responses sent as a
Chadalapaka, et al. Standards Track [Page 168]
RFC 7143 iSCSI (Consolidated) April 2014
result of a retry or SNACK. In the case of responses sent due to a
retransmission request, the StatSN MUST be the same as the first time
the PDU was sent, unless the connection has since been restarted.
11.4.10. ExpCmdSN - Next Expected CmdSN from This Initiator
The ExpCmdSN is a sequence number that the target iSCSI returns to
the initiator to acknowledge command reception. It is used to update
a local variable with the same name. An ExpCmdSN equal to
MaxCmdSN + 1 indicates that the target cannot accept new commands.
11.4.11. MaxCmdSN - Maximum CmdSN from This Initiator
The MaxCmdSN is a sequence number that the target iSCSI returns to
the initiator to indicate the maximum CmdSN the initiator can send.
It is used to update a local variable with the same name. If the
MaxCmdSN is equal to ExpCmdSN - 1, this indicates to the initiator
that the target cannot receive any additional commands. When the
MaxCmdSN changes at the target while the target has no pending PDUs
to convey this information to the initiator, it MUST generate a
NOP-In to carry the new MaxCmdSN.
Chadalapaka, et al. Standards Track [Page 169]
RFC 7143 iSCSI (Consolidated) April 2014
11.5. Task Management Function Request
Byte/ 0 | 1 | 2 | 3 |
/ | | | |
|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|
+---------------+---------------+---------------+---------------+
0|.|I| 0x02 |1| Function | Reserved |
+---------------+---------------+---------------+---------------+
4|TotalAHSLength | DataSegmentLength |
+---------------+---------------+---------------+---------------+
8| Logical Unit Number (LUN) or Reserved |
+ +
12| |
+---------------+---------------+---------------+---------------+
16| Initiator Task Tag |
+---------------+---------------+---------------+---------------+
20| Referenced Task Tag or 0xffffffff |
+---------------+---------------+---------------+---------------+
24| CmdSN |
+---------------+---------------+---------------+---------------+
28| ExpStatSN |
+---------------+---------------+---------------+---------------+
32| RefCmdSN or Reserved |
+---------------+---------------+---------------+---------------+
36| ExpDataSN or Reserved |
+---------------+---------------+---------------+---------------+
40/ Reserved /
+/ /
+---------------+---------------+---------------+---------------+
48| Header-Digest (optional) |
+---------------+---------------+---------------+---------------+
11.5.1. Function
The task management functions provide an initiator with a way to
explicitly control the execution of one or more tasks (SCSI and iSCSI
tasks). The task management function codes are listed below. For a
more detailed description of SCSI task management, see [SAM2].
1 ABORT TASK - aborts the task identified by the Referenced Task
Tag field.
2 ABORT TASK SET - aborts all tasks issued via this session on
the LU.
3 CLEAR ACA - clears the Auto Contingent Allegiance condition.
Chadalapaka, et al. Standards Track [Page 170]
RFC 7143 iSCSI (Consolidated) April 2014
4 CLEAR TASK SET - aborts all tasks in the appropriate task set
as defined by the TST field in the Control mode page
(see [SPC3]).
5 LOGICAL UNIT RESET
6 TARGET WARM RESET
7 TARGET COLD RESET
8 TASK REASSIGN - reassigns connection allegiance for the task
identified by the Initiator Task Tag field to this connection,
thus resuming the iSCSI exchanges for the task.
Values 9-12 are assigned in [RFC7144]. All other possible values for
the Function field are unassigned.
For all these functions, the Task Management Function Response MUST
be returned as detailed in Section 11.6. All these functions apply
to the referenced tasks, regardless of whether they are proper SCSI
tasks or tagged iSCSI operations. Task management requests must act
on all the commands from the same session having a CmdSN lower than
the task management CmdSN. LOGICAL UNIT RESET, TARGET WARM RESET,
and TARGET COLD RESET may affect commands from other sessions or
commands from the same session, regardless of their CmdSN value.
If the task management request is marked for immediate delivery, it
must be considered immediately for execution, but the operations
involved (all or part of them) may be postponed to allow the target
to receive all relevant tasks. According to [SAM2], for all the
tasks covered by the task management response (i.e., with a CmdSN
lower than the task management command CmdSN), except for the task
management response to a TASK REASSIGN, additional responses MUST NOT
be delivered to the SCSI layer after the task management response.
The iSCSI initiator MAY deliver to the SCSI layer all responses
received before the task management response (i.e., it is a matter of
implementation if the SCSI responses that are received before the
task management response but after the task management request was
issued are delivered to the SCSI layer by the iSCSI layer in the
initiator). The iSCSI target MUST ensure that no responses for the
tasks covered by a task management function are delivered to the
iSCSI initiator after the task management response, except for a task
covered by a TASK REASSIGN.
For ABORT TASK SET and CLEAR TASK SET, the issuing initiator MUST
continue to respond to all valid Target Transfer Tags (received via
R2T, Text Response, NOP-In, or SCSI Data-In PDUs) related to the
affected task set, even after issuing the task management request.
Chadalapaka, et al. Standards Track [Page 171]
RFC 7143 iSCSI (Consolidated) April 2014
The issuing initiator SHOULD, however, terminate (i.e., by setting
the F bit to 1) these response sequences as quickly as possible. The
target for its part MUST wait for responses on all affected Target
Transfer Tags before acting on either of these two task management
requests. If all or part of the response sequence is not received
(due to digest errors) for a valid TTT, the target MAY treat it as a
case of a within-command error recovery class (see Section 7.1.4.1)
if it is supporting ErrorRecoveryLevel >= 1 or, alternatively, may
drop the connection to complete the requested task set function.
If an ABORT TASK is issued for a task created by an immediate
command, then the RefCmdSN MUST be that of the task management
request itself (i.e., the CmdSN and RefCmdSN are equal); otherwise,
the RefCmdSN MUST be set to the CmdSN of the task to be aborted
(lower than the CmdSN).
If the connection is still active (i.e., it is not undergoing an
implicit or explicit logout), an ABORT TASK MUST be issued on the
same connection to which the task to be aborted is allegiant at the
time the task management request is issued. If the connection is
implicitly or explicitly logged out (i.e., no other request will be
issued on the failing connection and no other response will be
received on the failing connection), then an ABORT TASK function
request may be issued on another connection. This task management
request will then establish a new allegiance for the command to be
aborted as well as abort it (i.e., the task to be aborted will not
have to be retried or reassigned, and its status, if sent but not
acknowledged, will be resent followed by the task management
response).
At the target, an ABORT TASK function MUST NOT be executed on a task
management request; such a request MUST result in a task management
response of "Function rejected".
For the LOGICAL UNIT RESET function, the target MUST behave as
dictated by the Logical Unit Reset function in [SAM2].
The implementation of the TARGET WARM RESET function and the TARGET
COLD RESET function is OPTIONAL and, when implemented, should act as
described below. The TARGET WARM RESET is also subject to SCSI
access controls on the requesting initiator as defined in [SPC3].
When authorization fails at the target, the appropriate response as
described in Section 11.6.1 MUST be returned by the target. The
TARGET COLD RESET function is not subject to SCSI access controls,
but its execution privileges may be managed by iSCSI mechanisms such
as login authentication.
Chadalapaka, et al. Standards Track [Page 172]
RFC 7143 iSCSI (Consolidated) April 2014
When executing the TARGET WARM RESET and TARGET COLD RESET functions,
the target cancels all pending operations on all LUs known by the
issuing initiator. Both functions are equivalent to the TARGET RESET
function specified by [SAM2]. They can affect many other initiators
logged in with the servicing SCSI target port.
Additionally, the target MUST treat the TARGET COLD RESET function as
a power-on event, thus terminating all of its TCP connections to all
initiators (all sessions are terminated). For this reason, the
service response (defined by [SAM2]) for this SCSI task management
function may not be reliably delivered to the issuing initiator port.
For the TASK REASSIGN function, the target should reassign the
connection allegiance to this new connection (and thus resume iSCSI
exchanges for the task). TASK REASSIGN MUST ONLY be received by the
target after the connection on which the command was previously
executing has been successfully logged out. The task management
response MUST be issued before the reassignment becomes effective.
For additional usage semantics, see Section 7.2.
At the target, a TASK REASSIGN function request MUST NOT be executed
to reassign the connection allegiance of a Task Management Function
Request, an active text negotiation task, or a Logout task; such a
request MUST result in a task management response of "Function
rejected".
TASK REASSIGN MUST be issued as an immediate command.
11.5.2. TotalAHSLength and DataSegmentLength
For this PDU, TotalAHSLength and DataSegmentLength MUST be 0.
11.5.3. LUN
This field is required for functions that address a specific LU
(ABORT TASK, CLEAR TASK SET, ABORT TASK SET, CLEAR ACA, LOGICAL UNIT
RESET) and is reserved in all others.
11.5.4. Referenced Task Tag
This is the Initiator Task Tag of the task to be aborted for the
ABORT TASK function or reassigned for the TASK REASSIGN function.
For all the other functions, this field MUST be set to the reserved
value 0xffffffff.
Chadalapaka, et al. Standards Track [Page 173]
RFC 7143 iSCSI (Consolidated) April 2014
11.5.5. RefCmdSN
If an ABORT TASK is issued for a task created by an immediate
command, then the RefCmdSN MUST be that of the task management
request itself (i.e., the CmdSN and RefCmdSN are equal).
For an ABORT TASK of a task created by a non-immediate command, the
RefCmdSN MUST be set to the CmdSN of the task identified by the
Referenced Task Tag field. Targets must use this field as described
in Section 11.6.1 when the task identified by the Referenced Task Tag
field is not with the target.
Otherwise, this field is reserved.
11.5.6. ExpDataSN
For recovery purposes, the iSCSI target and initiator maintain a data
acknowledgment reference number -- the first input DataSN number
unacknowledged by the initiator. When issuing a new command, this
number is set to 0. If the function is TASK REASSIGN, which
establishes a new connection allegiance for a previously issued read
or bidirectional command, the ExpDataSN will contain an updated data
acknowledgment reference number or the value 0; the latter indicates
that the data acknowledgment reference number is unchanged. The
initiator MUST discard any data PDUs from the previous execution that
it did not acknowledge, and the target MUST transmit all Data-In PDUs
(if any) starting with the data acknowledgment reference number. The
number of retransmitted PDUs may or may not be the same as the
original transmission, depending on if there was a change in
MaxRecvDataSegmentLength in the reassignment. The target MAY also
send no more Data-In PDUs if all data has been acknowledged.
The value of ExpDataSN MUST be 0 or higher than the DataSN of the
last acknowledged Data-In PDU, but not larger than DataSN + 1 of the
last Data-IN PDU sent by the target. Any other value MUST be ignored
by the target.
For other functions, this field is reserved.
Chadalapaka, et al. Standards Track [Page 174]
RFC 7143 iSCSI (Consolidated) April 2014
11.6. Task Management Function Response
Byte/ 0 | 1 | 2 | 3 |
/ | | | |
|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|
+---------------+---------------+---------------+---------------+
0|.|.| 0x22 |1| Reserved | Response | Reserved |
+---------------+---------------+---------------+---------------+
4|TotalAHSLength | DataSegmentLength |
+---------------------------------------------------------------+
8/ Reserved /
/ /
+---------------+---------------+---------------+---------------+
16| Initiator Task Tag |
+---------------+---------------+---------------+---------------+
20| Reserved |
+---------------+---------------+---------------+---------------+
24| StatSN |
+---------------+---------------+---------------+---------------+
28| ExpCmdSN |
+---------------+---------------+---------------+---------------+
32| MaxCmdSN |
+---------------+---------------+---------------+---------------+
36/ Reserved /
+/ /
+---------------+---------------+---------------+---------------+
48| Header-Digest (optional) |
+---------------+---------------+---------------+---------------+
For the functions ABORT TASK, ABORT TASK SET, CLEAR ACA, CLEAR TASK
SET, LOGICAL UNIT RESET, TARGET COLD RESET, TARGET WARM RESET, and
TASK REASSIGN, the target performs the requested task management
function and sends a task management response back to the initiator.
For TASK REASSIGN, the new connection allegiance MUST ONLY become
effective at the target after the target issues the task management
response.
Chadalapaka, et al. Standards Track [Page 175]
RFC 7143 iSCSI (Consolidated) April 2014
11.6.1. Response
The target provides a response, which may take on the following
values:
0 - Function complete
1 - Task does not exist
2 - LUN does not exist
3 - Task still allegiant
4 - Task allegiance reassignment not supported
5 - Task management function not supported
6 - Function authorization failed
255 - Function rejected
In addition to the above values, the value 7 is defined by [RFC7144].
For a discussion on the usage of response codes 3 and 4, see
Section 7.2.2.
For the TARGET COLD RESET and TARGET WARM RESET functions, the target
cancels all pending operations across all LUs known to the issuing
initiator. For the TARGET COLD RESET function, the target MUST then
close all of its TCP connections to all initiators (terminates all
sessions).
The mapping of the response code into a SCSI service response code
value, if needed, is outside the scope of this document. However, in
symbolic terms, Response values 0 and 1 map to the SCSI service
response of FUNCTION COMPLETE. Response value 2 maps to the SCSI
service response of INCORRECT LOGICAL UNIT NUMBER. All other
Response values map to the SCSI service response of FUNCTION
REJECTED. If a Task Management Function Response PDU does not arrive
before the session is terminated, the SCSI service response is
SERVICE DELIVERY OR TARGET FAILURE.
The response to ABORT TASK SET and CLEAR TASK SET MUST only be issued
by the target after all of the commands affected have been received
by the target, the corresponding task management functions have been
executed by the SCSI target, and the delivery of all responses
delivered until the task management function completion has been
confirmed (acknowledged through the ExpStatSN) by the initiator on
all connections of this session. For the exact timeline of events,
refer to Sections 4.2.3.3 and 4.2.3.4.
Chadalapaka, et al. Standards Track [Page 176]
RFC 7143 iSCSI (Consolidated) April 2014
For the ABORT TASK function,
a) if the Referenced Task Tag identifies a valid task leading to a
successful termination, then targets must return the "Function
complete" response.
b) if the Referenced Task Tag does not identify an existing task
but the CmdSN indicated by the RefCmdSN field in the Task
Management Function Request is within the valid CmdSN window
and less than the CmdSN of the Task Management Function Request
itself, then targets must consider the CmdSN as received and
return the "Function complete" response.
c) if the Referenced Task Tag does not identify an existing task
and the CmdSN indicated by the RefCmdSN field in the Task
Management Function Request is outside the valid CmdSN window,
then targets must return the "Task does not exist" response.
For response semantics on function types that can potentially impact
multiple active tasks on the target, see Section 4.2.3.
11.6.2. TotalAHSLength and DataSegmentLength
For this PDU, TotalAHSLength and DataSegmentLength MUST be 0.
Chadalapaka, et al. Standards Track [Page 177]
RFC 7143 iSCSI (Consolidated) April 2014
11.7. SCSI Data-Out and SCSI Data-In
The SCSI Data-Out PDU for write operations has the following format:
Byte/ 0 | 1 | 2 | 3 |
/ | | | |
|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|
+---------------+---------------+---------------+---------------+
0|.|.| 0x05 |F| Reserved |
+---------------+---------------+---------------+---------------+
4|TotalAHSLength | DataSegmentLength |
+---------------+---------------+---------------+---------------+
8| LUN or Reserved |
+ +
12| |
+---------------+---------------+---------------+---------------+
16| Initiator Task Tag |
+---------------+---------------+---------------+---------------+
20| Target Transfer Tag or 0xffffffff |
+---------------+---------------+---------------+---------------+
24| Reserved |
+---------------+---------------+---------------+---------------+
28| ExpStatSN |
+---------------+---------------+---------------+---------------+
32| Reserved |
+---------------+---------------+---------------+---------------+
36| DataSN |
+---------------+---------------+---------------+---------------+
40| Buffer Offset |
+---------------+---------------+---------------+---------------+
44| Reserved |
+---------------+---------------+---------------+---------------+
48| Header-Digest (optional) |
+---------------+---------------+---------------+---------------+
/ DataSegment /
+/ /
+---------------+---------------+---------------+---------------+
| Data-Digest (optional) |
+---------------+---------------+---------------+---------------+
Chadalapaka, et al. Standards Track [Page 178]
RFC 7143 iSCSI (Consolidated) April 2014
The SCSI Data-In PDU for read operations has the following format:
Byte/ 0 | 1 | 2 | 3 |
/ | | | |
|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|
+---------------+---------------+---------------+---------------+
0|.|.| 0x25 |F|A|0 0 0|O|U|S| Reserved |Status or Rsvd |
+---------------+---------------+---------------+---------------+
4|TotalAHSLength | DataSegmentLength |
+---------------+---------------+---------------+---------------+
8| LUN or Reserved |
+ +
12| |
+---------------+---------------+---------------+---------------+
16| Initiator Task Tag |
+---------------+---------------+---------------+---------------+
20| Target Transfer Tag or 0xffffffff |
+---------------+---------------+---------------+---------------+
24| StatSN or Reserved |
+---------------+---------------+---------------+---------------+
28| ExpCmdSN |
+---------------+---------------+---------------+---------------+
32| MaxCmdSN |
+---------------+---------------+---------------+---------------+
36| DataSN |
+---------------+---------------+---------------+---------------+
40| Buffer Offset |
+---------------+---------------+---------------+---------------+
44| Residual Count |
+---------------+---------------+---------------+---------------+
48| Header-Digest (optional) |
+---------------+---------------+---------------+---------------+
/ DataSegment /
+/ /
+---------------+---------------+---------------+---------------+
| Data-Digest (optional) |
+---------------+---------------+---------------+---------------+
Status can accompany the last Data-In PDU if the command did not end
with an exception (i.e., the status is "good status" -- GOOD,
CONDITION MET, or INTERMEDIATE-CONDITION MET). The presence of
status (and of a residual count) is signaled via the S flag bit.
Although targets MAY choose to send even non-exception status in
separate responses, initiators MUST support non-exception status in
Data-In PDUs.
Chadalapaka, et al. Standards Track [Page 179]
RFC 7143 iSCSI (Consolidated) April 2014
11.7.1. F (Final) Bit
For outgoing data, this bit is 1 for the last PDU of unsolicited data
or the last PDU of a sequence that answers an R2T.
For incoming data, this bit is 1 for the last input (read) data PDU
of a sequence. Input can be split into several sequences, each
having its own F bit. Splitting the data stream into sequences does
not affect DataSN counting on Data-In PDUs. It MAY be used as a
"change direction" indication for bidirectional operations that need
such a change.
DataSegmentLength MUST NOT exceed MaxRecvDataSegmentLength for the
direction it is sent, and the total of all the DataSegmentLength of
all PDUs in a sequence MUST NOT exceed MaxBurstLength (or
FirstBurstLength for unsolicited data). However, the number of
individual PDUs in a sequence (or in total) may be higher than the
ratio of MaxBurstLength (or FirstBurstLength) to
MaxRecvDataSegmentLength (as PDUs may be limited in length by the
capabilities of the sender). Using a DataSegmentLength of 0 may
increase beyond what is reasonable for the number of PDUs and should
therefore be avoided.
For bidirectional operations, the F bit is 1 for both the end of the
input sequences and the end of the output sequences.
11.7.2. A (Acknowledge) Bit
For sessions with ErrorRecoveryLevel=1 or higher, the target sets
this bit to 1 to indicate that it requests a positive acknowledgment
from the initiator for the data received. The target should use the
A bit moderately; it MAY only set the A bit to 1 once every
MaxBurstLength bytes, or on the last Data-In PDU that concludes the
entire requested read data transfer for the task from the target's
perspective, and it MUST NOT do so more frequently. The target MUST
NOT set to 1 the A bit for sessions with ErrorRecoveryLevel=0. The
initiator MUST ignore the A bit set to 1 for sessions with
ErrorRecoveryLevel=0.
On receiving a Data-In PDU with the A bit set to 1 on a session with
ErrorRecoveryLevel greater than 0, if there are no holes in the read
data until that Data-In PDU, the initiator MUST issue a SNACK of type
DataACK, except when it is able to acknowledge the status for the
task immediately via the ExpStatSN on other outbound PDUs if the
status for the task is also received. In the latter case
(acknowledgment through the ExpStatSN), sending a SNACK of type
DataACK in response to the A bit is OPTIONAL, but if it is done, it
must not be sent after the status acknowledgment through the
Chadalapaka, et al. Standards Track [Page 180]
RFC 7143 iSCSI (Consolidated) April 2014
ExpStatSN. If the initiator has detected holes in the read data
prior to that Data-In PDU, it MUST postpone issuing the SNACK of type
DataACK until the holes are filled. An initiator also MUST NOT
acknowledge the status for the task before those holes are filled. A
status acknowledgment for a task that generated the Data-In PDUs is
considered by the target as an implicit acknowledgment of the Data-In
PDUs if such an acknowledgment was requested by the target.
11.7.3. Flags (Byte 1)
The last SCSI data packet sent from a target to an initiator for a
SCSI command that completed successfully (with a status of GOOD,
CONDITION MET, INTERMEDIATE, or INTERMEDIATE-CONDITION MET) may also
optionally contain the Status for the data transfer. In this case,
Sense Data cannot be sent together with the Command Status. If the
command is completed with an error, then the response and sense data
MUST be sent in a SCSI Response PDU (i.e., MUST NOT be sent in a SCSI
data packet). For bidirectional commands, the status MUST be sent in
a SCSI Response PDU.
bit 2-4 - Reserved.
bit 5-6 - used the same as in a SCSI Response. These
bits are only valid when S is set to 1. For
details, see Section 11.4.1.
bit 7 S (status) - set to indicate that the Command Status field
contains status. If this bit is set to 1, the
F bit MUST also be set to 1.
The fields StatSN, Status, and Residual Count only have meaningful
content if the S bit is set to 1. The values for these fields are
defined in Section 11.4.
11.7.4. Target Transfer Tag and LUN
On outgoing data, the Target Transfer Tag is provided to the target
if the transfer is honoring an R2T. In this case, the Target
Transfer Tag field is a replica of the Target Transfer Tag provided
with the R2T.
On incoming data, the Target Transfer Tag and LUN MUST be provided by
the target if the A bit is set to 1; otherwise, they are reserved.
The Target Transfer Tag and LUN are copied by the initiator into the
SNACK of type DataACK that it issues as a result of receiving a SCSI
Data-In PDU with the A bit set to 1.
Chadalapaka, et al. Standards Track [Page 181]
RFC 7143 iSCSI (Consolidated) April 2014
The Target Transfer Tag values are not specified by this protocol,
except that the value 0xffffffff is reserved and means that the
Target Transfer Tag is not supplied. If the Target Transfer Tag is
provided, then the LUN field MUST hold a valid value and be
consistent with whatever was specified with the command; otherwise,
the LUN field is reserved.
11.7.5. DataSN
For input (read) or bidirectional Data-In PDUs, the DataSN is the
input PDU number within the data transfer for the command identified
by the Initiator Task Tag.
R2T and Data-In PDUs, in the context of bidirectional commands, share
the numbering sequence (see Section 4.2.2.4).
For output (write) data PDUs, the DataSN is the Data-Out PDU number
within the current output sequence. Either the current output
sequence is identified by the Initiator Task Tag (for unsolicited
data) or it is a data sequence generated for one R2T (for data
solicited through R2T).
11.7.6. Buffer Offset
The Buffer Offset field contains the offset of this PDU payload data
within the complete data transfer. The sum of the buffer offset and
length should not exceed the expected transfer length for the
command.
The order of data PDUs within a sequence is determined by
DataPDUInOrder. When set to Yes, it means that PDUs have to be in
increasing buffer offset order and overlays are forbidden.
The ordering between sequences is determined by DataSequenceInOrder.
When set to Yes, it means that sequences have to be in increasing
buffer offset order and overlays are forbidden.
11.7.7. DataSegmentLength
This is the data payload length of a SCSI Data-In or SCSI Data-Out
PDU. The sending of 0-length data segments should be avoided, but
initiators and targets MUST be able to properly receive 0-length data
segments.
The data segments of Data-In and Data-Out PDUs SHOULD be filled to
the integer number of 4-byte words (real payload), unless the F bit
is set to 1.
Chadalapaka, et al. Standards Track [Page 182]
RFC 7143 iSCSI (Consolidated) April 2014
11.8. Ready To Transfer (R2T)
Byte/ 0 | 1 | 2 | 3 |
/ | | | |
|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|
+---------------+---------------+---------------+---------------+
0|.|.| 0x31 |1| Reserved |
+---------------+---------------+---------------+---------------+
4|TotalAHSLength | DataSegmentLength |
+---------------+---------------+---------------+---------------+
8| LUN |
+ +
12| |
+---------------+---------------+---------------+---------------+
16| Initiator Task Tag |
+---------------+---------------+---------------+---------------+
20| Target Transfer Tag |
+---------------+---------------+---------------+---------------+
24| StatSN |
+---------------+---------------+---------------+---------------+
28| ExpCmdSN |
+---------------+---------------+---------------+---------------+
32| MaxCmdSN |
+---------------+---------------+---------------+---------------+
36| R2TSN |
+---------------+---------------+---------------+---------------+
40| Buffer Offset |
+---------------+---------------+---------------+---------------+
44| Desired Data Transfer Length |
+---------------------------------------------------------------+
48| Header-Digest (optional) |
+---------------+---------------+---------------+---------------+
When an initiator has submitted a SCSI command with data that passes
from the initiator to the target (write), the target may specify
which blocks of data it is ready to receive. The target may request
that the data blocks be delivered in whichever order is convenient
for the target at that particular instant. This information is
passed from the target to the initiator in the Ready To Transfer
(R2T) PDU.
In order to allow write operations without an explicit initial R2T,
the initiator and target MUST have negotiated the key InitialR2T to
No during login.
An R2T MAY be answered with one or more SCSI Data-Out PDUs with a
matching Target Transfer Tag. If an R2T is answered with a single
Data-Out PDU, the buffer offset in the data PDU MUST be the same as
Chadalapaka, et al. Standards Track [Page 183]
RFC 7143 iSCSI (Consolidated) April 2014
the one specified by the R2T, and the data length of the data PDU
MUST be the same as the Desired Data Transfer Length specified in the
R2T. If the R2T is answered with a sequence of data PDUs, the buffer
offset and length MUST be within the range of those specified by the
R2T, and the last PDU MUST have the F bit set to 1. If the last PDU
(marked with the F bit) is received before the Desired Data Transfer
Length is transferred, a target MAY choose to reject that PDU with
the "Protocol Error" reason code. DataPDUInOrder governs the
Data-Out PDU ordering. If DataPDUInOrder is set to Yes, the buffer
offsets and lengths for consecutive PDUs MUST form a continuous
non-overlapping range, and the PDUs MUST be sent in increasing offset
order.
The target may send several R2T PDUs. It therefore can have a number
of pending data transfers. The number of outstanding R2T PDUs is
limited by the value of the negotiated key MaxOutstandingR2T. Within
a task, outstanding R2Ts MUST be fulfilled by the initiator in the
order in which they were received.
R2T PDUs MAY also be used to recover Data-Out PDUs. Such an R2T
(Recovery-R2T) is generated by a target upon detecting the loss of
one or more Data-Out PDUs due to:
- Digest error
- Sequence error
- Sequence reception timeout
A Recovery-R2T carries the next unused R2TSN but requests part of or
the entire data burst that an earlier R2T (with a lower R2TSN) had
already requested.
DataSequenceInOrder governs the buffer offset ordering in consecutive
R2Ts. If DataSequenceInOrder is Yes, then consecutive R2Ts MUST
refer to continuous non-overlapping ranges, except for Recovery-R2Ts.
11.8.1. TotalAHSLength and DataSegmentLength
For this PDU, TotalAHSLength and DataSegmentLength MUST be 0.
11.8.2. R2TSN
R2TSN is the R2T PDU input PDU number within the command identified
by the Initiator Task Tag.
For bidirectional commands, R2T and Data-In PDUs share the input PDU
numbering sequence (see Section 4.2.2.4).
Chadalapaka, et al. Standards Track [Page 184]
RFC 7143 iSCSI (Consolidated) April 2014
11.8.3. StatSN
The StatSN field will contain the next StatSN. The StatSN for this
connection is not advanced after this PDU is sent.
11.8.4. Desired Data Transfer Length and Buffer Offset
The target specifies how many bytes it wants the initiator to send
because of this R2T PDU. The target may request the data from the
initiator in several chunks, not necessarily in the original order of
the data. The target therefore also specifies a buffer offset that
indicates the point at which the data transfer should begin, relative
to the beginning of the total data transfer. The Desired Data
Transfer Length MUST NOT be 0 and MUST NOT exceed MaxBurstLength.
11.8.5. Target Transfer Tag
The target assigns its own tag to each R2T request that it sends to
the initiator. This tag can be used by the target to easily identify
the data it receives. The Target Transfer Tag and LUN are copied in
the outgoing data PDUs and are only used by the target. There is no
protocol rule about the Target Transfer Tag except that the value
0xffffffff is reserved and MUST NOT be sent by a target in an R2T.
Chadalapaka, et al. Standards Track [Page 185]
RFC 7143 iSCSI (Consolidated) April 2014
11.9. Asynchronous Message
An Asynchronous Message may be sent from the target to the initiator
without corresponding to a particular command. The target specifies
the reason for the event and sense data.
Byte/ 0 | 1 | 2 | 3 |
/ | | | |
|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|
+---------------+---------------+---------------+---------------+
0|.|.| 0x32 |1| Reserved |
+---------------+---------------+---------------+---------------+
4|TotalAHSLength | DataSegmentLength |
+---------------+---------------+---------------+---------------+
8| LUN or Reserved |
+ +
12| |
+---------------+---------------+---------------+---------------+
16| 0xffffffff |
+---------------+---------------+---------------+---------------+
20| Reserved |
+---------------+---------------+---------------+---------------+
24| StatSN |
+---------------+---------------+---------------+---------------+
28| ExpCmdSN |
+---------------+---------------+---------------+---------------+
32| MaxCmdSN |
+---------------+---------------+---------------+---------------+
36| AsyncEvent | AsyncVCode | Parameter1 or Reserved |
+---------------+---------------+---------------+---------------+
40| Parameter2 or Reserved | Parameter3 or Reserved |
+---------------+---------------+---------------+---------------+
44| Reserved |
+---------------+---------------+---------------+---------------+
48| Header-Digest (optional) |
+---------------+---------------+---------------+---------------+
/ DataSegment - Sense Data and iSCSI Event Data /
+/ /
+---------------+---------------+---------------+---------------+
| Data-Digest (optional) |
+---------------+---------------+---------------+---------------+
Some Asynchronous Messages are strictly related to iSCSI, while
others are related to SCSI [SAM2].
The StatSN counts this PDU as an acknowledgeable event (the StatSN is
advanced), which allows for initiator and target state
synchronization.
Chadalapaka, et al. Standards Track [Page 186]
RFC 7143 iSCSI (Consolidated) April 2014
11.9.1. AsyncEvent
The codes used for iSCSI Asynchronous Messages (events) are:
0 (SCSI Async Event) - a SCSI asynchronous event is reported in
the sense data. Sense Data that accompanies the report, in
the data segment, identifies the condition. The sending of a
SCSI event ("asynchronous event reporting" in SCSI
terminology) is dependent on the target support for SCSI
asynchronous event reporting (see [SAM2]) as indicated in the
standard INQUIRY data (see [SPC3]). Its use may be enabled by
parameters in the SCSI Control mode page (see [SPC3]).
1 (Logout Request) - the target requests Logout. This Async
Message MUST be sent on the same connection as the one
requesting to be logged out. The initiator MUST honor this
request by issuing a Logout as early as possible but no later
than Parameter3 seconds. The initiator MUST send a Logout
with a reason code of "close the connection" OR "close the
session" to close all the connections. Once this message is
received, the initiator SHOULD NOT issue new iSCSI commands on
the connection to be logged out. The target MAY reject any
new I/O requests that it receives after this message with the
reason code "Waiting for Logout". If the initiator does not
log out in Parameter3 seconds, the target should send an Async
PDU with iSCSI event code "Dropped the connection" if possible
or simply terminate the transport connection. Parameter1 and
Parameter2 are reserved.
2 (Connection Drop Notification) - the target indicates that it
will drop the connection.
The Parameter1 field indicates the CID of the connection that
is going to be dropped.
The Parameter2 field (Time2Wait) indicates, in seconds, the
minimum time to wait before attempting to reconnect or
reassign.
The Parameter3 field (Time2Retain) indicates the maximum time
allowed to reassign commands after the initial wait (in
Parameter2).
If the initiator does not attempt to reconnect and/or reassign
the outstanding commands within the time specified by
Parameter3, or if Parameter3 is 0, the target will terminate
Chadalapaka, et al. Standards Track [Page 187]
RFC 7143 iSCSI (Consolidated) April 2014
all outstanding commands on this connection. In this case, no
other responses should be expected from the target for the
outstanding commands on this connection.
A value of 0 for Parameter2 indicates that reconnect can be
attempted immediately.
3 (Session Drop Notification) - the target indicates that it
will drop all the connections of this session.
The Parameter1 field is reserved.
The Parameter2 field (Time2Wait) indicates, in seconds, the
minimum time to wait before attempting to reconnect.
The Parameter3 field (Time2Retain) indicates the maximum time
allowed to reassign commands after the initial wait (in
Parameter2).
If the initiator does not attempt to reconnect and/or reassign
the outstanding commands within the time specified by
Parameter3, or if Parameter3 is 0, the session is terminated.
In this case, the target will terminate all outstanding
commands in this session; no other responses should be
expected from the target for the outstanding commands in this
session. A value of 0 for Parameter2 indicates that reconnect
can be attempted immediately.
4 (Negotiation Request) - the target requests parameter
negotiation on this connection. The initiator MUST honor this
request by issuing a Text Request (that can be empty) on the
same connection as early as possible, but no later than
Parameter3 seconds, unless a Text Request is already pending
on the connection, or by issuing a Logout Request. If the
initiator does not issue a Text Request, the target may
reissue the Asynchronous Message requesting parameter
negotiation.
Chadalapaka, et al. Standards Track [Page 188]
RFC 7143 iSCSI (Consolidated) April 2014
5 (Task Termination) - all active tasks for a LU with a matching
LUN field in the Async Message PDU are being terminated. The
receiving initiator iSCSI layer MUST respond to this message
by taking the following steps, in order:
- Stop Data-Out transfers on that connection for all active
TTTs for the affected LUN quoted in the Async Message PDU.
- Acknowledge the StatSN of the Async Message PDU via a
NOP-Out PDU with ITT=0xffffffff (i.e., non-ping flavor),
while copying the LUN field from the Async Message to
NOP-Out.
This value of AsyncEvent, however, MUST NOT be used on an
iSCSI session unless the new TaskReporting text key defined in
Section 13.23 was negotiated to FastAbort on the session.
248-255 (Vendor-unique) - vendor-specific iSCSI event. The
AsyncVCode details the vendor code, and data MAY accompany the
report.
All other event codes are unassigned.
11.9.2. AsyncVCode
AsyncVCode is a vendor-specific detail code that is only valid if the
AsyncEvent field indicates a vendor-specific event. Otherwise, it is
reserved.
11.9.3. LUN
The LUN field MUST be valid if AsyncEvent is 0. Otherwise, this
field is reserved.
Chadalapaka, et al. Standards Track [Page 189]
RFC 7143 iSCSI (Consolidated) April 2014
11.9.4. Sense Data and iSCSI Event Data
For a SCSI event, this data accompanies the report in the data
segment and identifies the condition.
For an iSCSI event, additional vendor-unique data MAY accompany the
Async event. Initiators MAY ignore the data when not understood,
while processing the rest of the PDU.
If the DataSegmentLength is not 0, the format of the DataSegment is
as follows:
Byte/ 0 | 1 | 2 | 3 |
/ | | | |
|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|
+---------------+---------------+---------------+---------------+
0|SenseLength | Sense Data |
+---------------+---------------+---------------+---------------+
x/ Sense Data /
+---------------+---------------+---------------+---------------+
y/ iSCSI Event Data /
/ /
+---------------+---------------+---------------+---------------+
z|
11.9.4.1. SenseLength
This is the length of Sense Data. When the Sense Data field is empty
(e.g., the event is not a SCSI event), SenseLength is 0.
Chadalapaka, et al. Standards Track [Page 190]
RFC 7143 iSCSI (Consolidated) April 2014
11.10. Text Request
The Text Request is provided to allow for the exchange of information
and for future extensions. It permits the initiator to inform a
target of its capabilities or request some special operations.
Byte/ 0 | 1 | 2 | 3 |
/ | | | |
|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|
+---------------+---------------+---------------+---------------+
0|.|I| 0x04 |F|C| Reserved |
+---------------+---------------+---------------+---------------+
4|TotalAHSLength | DataSegmentLength |
+---------------+---------------+---------------+---------------+
8| LUN or Reserved |
+ +
12| |
+---------------+---------------+---------------+---------------+
16| Initiator Task Tag |
+---------------+---------------+---------------+---------------+
20| Target Transfer Tag or 0xffffffff |
+---------------+---------------+---------------+---------------+
24| CmdSN |
+---------------+---------------+---------------+---------------+
28| ExpStatSN |
+---------------+---------------+---------------+---------------+
32/ Reserved /
+/ /
+---------------+---------------+---------------+---------------+
48| Header-Digest (optional) |
+---------------+---------------+---------------+---------------+
/ DataSegment (Text) /
+/ /
+---------------+---------------+---------------+---------------+
| Data-Digest (optional) |
+---------------+---------------+---------------+---------------+
An initiator MUST NOT have more than one outstanding Text Request on
a connection at any given time.
On a connection failure, an initiator must either explicitly abort
any active allegiant text negotiation task or cause such a task to be
implicitly terminated by the target.
Chadalapaka, et al. Standards Track [Page 191]
RFC 7143 iSCSI (Consolidated) April 2014
11.10.1. F (Final) Bit
When set to 1, this bit indicates that this is the last or only Text
Request in a sequence of Text Requests; otherwise, it indicates that
more Text Requests will follow.
11.10.2. C (Continue) Bit
When set to 1, this bit indicates that the text (set of key=value
pairs) in this Text Request is not complete (it will be continued on
subsequent Text Requests); otherwise, it indicates that this Text
Request ends a set of key=value pairs. A Text Request with the C bit
set to 1 MUST have the F bit set to 0.
11.10.3. Initiator Task Tag
This is the initiator-assigned identifier for this Text Request. If
the command is sent as part of a sequence of Text Requests and
responses, the Initiator Task Tag MUST be the same for all the
requests within the sequence (similar to linked SCSI commands). The
I bit for all requests in a sequence also MUST be the same.
11.10.4. Target Transfer Tag
When the Target Transfer Tag is set to the reserved value 0xffffffff,
it tells the target that this is a new request, and the target resets
any internal state associated with the Initiator Task Tag (resets the
current negotiation state).
The target sets the Target Transfer Tag in a Text Response to a value
other than the reserved value 0xffffffff whenever it indicates that
it has more data to send or more operations to perform that are
associated with the specified Initiator Task Tag. It MUST do so
whenever it sets the F bit to 0 in the response. By copying the
Target Transfer Tag from the response to the next Text Request, the
initiator tells the target to continue the operation for the specific
Initiator Task Tag. The initiator MUST ignore the Target Transfer
Tag in the Text Response when the F bit is set to 1.
This mechanism allows the initiator and target to transfer a large
amount of textual data over a sequence of text-command/text-response
exchanges or to perform extended negotiation sequences.
If the Target Transfer Tag is not 0xffffffff, the LUN field MUST be
sent by the target in the Text Response.
Chadalapaka, et al. Standards Track [Page 192]
RFC 7143 iSCSI (Consolidated) April 2014
A target MAY reset its internal negotiation state if an exchange is
stalled by the initiator for a long time or if it is running out of
resources.
Long Text Responses are handled as shown in the following example:
I->T Text SendTargets=All (F = 1, TTT = 0xffffffff)
T->I Text <part 1> (F = 0, TTT = 0x12345678)
I->T Text <empty> (F = 1, TTT = 0x12345678)
T->I Text <part 2> (F = 0, TTT = 0x12345678)
I->T Text <empty> (F = 1, TTT = 0x12345678)
...
T->I Text <part n> (F = 1, TTT = 0xffffffff)
11.10.5. Text
The data lengths of a Text Request MUST NOT exceed the iSCSI target
MaxRecvDataSegmentLength (a parameter that is negotiated per
connection and per direction). The text format is specified in
Section 6.2.
Sections 12 and 13 list some basic Text key=value pairs, some of
which can be used in Login Requests/Responses and some in Text
Requests/Responses.
A key=value pair can span Text Request or Text Response boundaries.
A key=value pair can start in one PDU and continue on the next. In
other words, the end of a PDU does not necessarily signal the end of
a key=value pair.
The target responds by sending its response back to the initiator.
The response text format is similar to the request text format. The
Text Response MAY refer to key=value pairs presented in an earlier
Text Request, and the text in the request may refer to earlier
responses.
Section 6.2 details the rules for the Text Requests and Responses.
Text operations are usually meant for parameter setting/negotiations
but can also be used to perform some long-lasting operations.
Chadalapaka, et al. Standards Track [Page 193]
RFC 7143 iSCSI (Consolidated) April 2014
Text operations that take a long time should be placed in their own
Text Request.
11.11. Text Response
The Text Response PDU contains the target's responses to the
initiator's Text Request. The format of the Text field matches that
of the Text Request.
Byte/ 0 | 1 | 2 | 3 |
/ | | | |
|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|
+---------------+---------------+---------------+---------------+
0|.|.| 0x24 |F|C| Reserved |
+---------------+---------------+---------------+---------------+
4|TotalAHSLength | DataSegmentLength |
+---------------+---------------+---------------+---------------+
8| LUN or Reserved |
+ +
12| |
+---------------+---------------+---------------+---------------+
16| Initiator Task Tag |
+---------------+---------------+---------------+---------------+
20| Target Transfer Tag or 0xffffffff |
+---------------+---------------+---------------+---------------+
24| StatSN |
+---------------+---------------+---------------+---------------+
28| ExpCmdSN |
+---------------+---------------+---------------+---------------+
32| MaxCmdSN |
+---------------+---------------+---------------+---------------+
36/ Reserved /
+/ /
+---------------+---------------+---------------+---------------+
48| Header-Digest (optional) |
+---------------+---------------+---------------+---------------+
/ DataSegment (Text) /
+/ /
+---------------+---------------+---------------+---------------+
| Data-Digest (optional) |
+---------------+---------------+---------------+---------------+
11.11.1. F (Final) Bit
When set to 1, in response to a Text Request with the Final bit set
to 1, the F bit indicates that the target has finished the whole
operation. Otherwise, if set to 0 in response to a Text Request with
the Final Bit set to 1, it indicates that the target has more work to
Chadalapaka, et al. Standards Track [Page 194]
RFC 7143 iSCSI (Consolidated) April 2014
do (invites a follow-on Text Request). A Text Response with the
F bit set to 1 in response to a Text Request with the F bit set to 0
is a protocol error.
A Text Response with the F bit set to 1 MUST NOT contain key=value
pairs that may require additional answers from the initiator.
A Text Response with the F bit set to 1 MUST have a Target Transfer
Tag field set to the reserved value 0xffffffff.
A Text Response with the F bit set to 0 MUST have a Target Transfer
Tag field set to a value other than the reserved value 0xffffffff.
11.11.2. C (Continue) Bit
When set to 1, this bit indicates that the text (set of key=value
pairs) in this Text Response is not complete (it will be continued on
subsequent Text Responses); otherwise, it indicates that this Text
Response ends a set of key=value pairs. A Text Response with the
C bit set to 1 MUST have the F bit set to 0.
11.11.3. Initiator Task Tag
The Initiator Task Tag matches the tag used in the initial Text
Request.
11.11.4. Target Transfer Tag
When a target has more work to do (e.g., cannot transfer all the
remaining text data in a single Text Response or has to continue the
negotiation) and has enough resources to proceed, it MUST set the
Target Transfer Tag to a value other than the reserved value
0xffffffff. Otherwise, the Target Transfer Tag MUST be set to
0xffffffff.
When the Target Transfer Tag is not 0xffffffff, the LUN field may be
significant.
The initiator MUST copy the Target Transfer Tag and LUN in its next
request to indicate that it wants the rest of the data.
When the target receives a Text Request with the Target Transfer Tag
set to the reserved value 0xffffffff, it resets its internal
information (resets state) associated with the given Initiator Task
Tag (restarts the negotiation).
Chadalapaka, et al. Standards Track [Page 195]
RFC 7143 iSCSI (Consolidated) April 2014
When a target cannot finish the operation in a single Text Response
and does not have enough resources to continue, it rejects the Text
Request with the appropriate Reject code.
A target may reset its internal state associated with an Initiator
Task Tag (the current negotiation state) as expressed through the
Target Transfer Tag if the initiator fails to continue the exchange
for some time. The target may reject subsequent Text Requests with
the Target Transfer Tag set to the "stale" value.
11.11.5. StatSN
The target StatSN variable is advanced by each Text Response sent.
11.11.6. Text Response Data
The data lengths of a Text Response MUST NOT exceed the iSCSI
initiator MaxRecvDataSegmentLength (a parameter that is negotiated
per connection and per direction).
The text in the Text Response Data is governed by the same rules as
the text in the Text Request Data (see Section 11.11.2).
Although the initiator is the requesting party and controls the
request-response initiation and termination, the target can offer
key=value pairs of its own as part of a sequence and not only in
response to the initiator.
11.12. Login Request
After establishing a TCP connection between an initiator and a
target, the initiator MUST start a Login Phase to gain further access
to the target's resources.
The Login Phase (see Section 6.3) consists of a sequence of Login
Requests and Login Responses that carry the same Initiator Task Tag.
Login Requests are always considered as immediate.
Chadalapaka, et al. Standards Track [Page 196]
RFC 7143 iSCSI (Consolidated) April 2014
Byte/ 0 | 1 | 2 | 3 |
/ | | | |
|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|
+---------------+---------------+---------------+---------------+
0|.|1| 0x03 |T|C|.|.|CSG|NSG| Version-max | Version-min |
+---------------+---------------+---------------+---------------+
4|TotalAHSLength | DataSegmentLength |
+---------------+---------------+---------------+---------------+
8| ISID |
+ +---------------+---------------+
12| | TSIH |
+---------------+---------------+---------------+---------------+
16| Initiator Task Tag |
+---------------+---------------+---------------+---------------+
20| CID | Reserved |
+---------------+---------------+---------------+---------------+
24| CmdSN |
+---------------+---------------+---------------+---------------+
28| ExpStatSN or Reserved |
+---------------+---------------+---------------+---------------+
32| Reserved |
+---------------+---------------+---------------+---------------+
36| Reserved |
+---------------+---------------+---------------+---------------+
40/ Reserved /
+/ /
+---------------+---------------+---------------+---------------+
48/ DataSegment - Login Parameters in Text Request Format /
+/ /
+---------------+---------------+---------------+---------------+
11.12.1. T (Transit) Bit
When set to 1, this bit indicates that the initiator is ready to
transit to the next stage.
If the T bit is set to 1 and the NSG is set to FullFeaturePhase, then
this also indicates that the initiator is ready for the Login
Final-Response (see Section 6.3).
11.12.2. C (Continue) Bit
When set to 1, this bit indicates that the text (set of key=value
pairs) in this Login Request is not complete (it will be continued on
subsequent Login Requests); otherwise, it indicates that this Login
Request ends a set of key=value pairs. A Login Request with the
C bit set to 1 MUST have the T bit set to 0.
Chadalapaka, et al. Standards Track [Page 197]
RFC 7143 iSCSI (Consolidated) April 2014
11.12.3. CSG and NSG
Through these fields -- Current Stage (CSG) and Next Stage (NSG) --
the Login negotiation requests and responses are associated with a
specific stage in the session (SecurityNegotiation,
LoginOperationalNegotiation, FullFeaturePhase) and may indicate the
next stage to which they want to move (see Section 6.3). The Next
Stage value is only valid when the T bit is 1; otherwise, it is
reserved.
The stage codes are:
0 - SecurityNegotiation
1 - LoginOperationalNegotiation
3 - FullFeaturePhase
All other codes are reserved.
11.12.4. Version
The version number for this document is 0x00. Therefore, both
Version-min and Version-max MUST be set to 0x00.
11.12.4.1. Version-max
Version-max indicates the maximum version number supported.
All Login Requests within the Login Phase MUST carry the same
Version-max.
The target MUST use the value presented with the first Login Request.
11.12.4.2. Version-min
All Login Requests within the Login Phase MUST carry the same
Version-min. The target MUST use the value presented with the first
Login Request.
Chadalapaka, et al. Standards Track [Page 198]
RFC 7143 iSCSI (Consolidated) April 2014
11.12.5. ISID
This is an initiator-defined component of the session identifier and
is structured as follows (see Section 10.1.1 for details):
Byte/ 0 | 1 | 2 | 3 |
/ | | | |
|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|
+---------------+---------------+---------------+---------------+
8| T | A | B | C |
+---------------+---------------+---------------+---------------+
12| D |
+---------------+---------------+
The T field identifies the format and usage of A, B, C, and D as
indicated below:
T
00b OUI-Format
A and B: 22-bit OUI
(the I/G and U/L bits are omitted)
C and D: 24-bit Qualifier
01b EN: Format (IANA Enterprise Number)
A: Reserved
B and C: EN (IANA Enterprise Number)
D: Qualifier
10b "Random"
A: Reserved
B and C: Random
D: Qualifier
11b A, B, C, and D: Reserved
For the T field values 00b and 01b, a combination of A and B (for
00b) or B and C (for 01b) identifies the vendor or organization whose
component (software or hardware) generates this ISID. A vendor or
Chadalapaka, et al. Standards Track [Page 199]
RFC 7143 iSCSI (Consolidated) April 2014
organization with one or more OUIs, or one or more Enterprise
Numbers, MUST use at least one of these numbers and select the
appropriate value for the T field when its components generate ISIDs.
An OUI or EN MUST be set in the corresponding fields in network byte
order (byte big-endian).
If the T field is 10b, B and C are set to a random 24-bit unsigned
integer value in network byte order (byte big-endian). See [RFC3721]
for how this affects the principle of "conservative reuse".
The Qualifier field is a 16-bit or 24-bit unsigned integer value that
provides a range of possible values for the ISID within the selected
namespace. It may be set to any value within the constraints
specified in the iSCSI protocol (see Sections 4.4.3 and 10.1.1).
The T field value of 11b is reserved.
If the ISID is derived from something assigned to a hardware adapter
or interface by a vendor as a preset default value, it MUST be
configurable to a value assigned according to the SCSI port behavior
desired by the system in which it is installed (see Sections 10.1.1
and 10.1.2). The resultant ISID MUST also be persistent over power
cycles, reboot, card swap, etc.
11.12.6. TSIH
The TSIH must be set in the first Login Request. The reserved value
0 MUST be used on the first connection for a new session. Otherwise,
the TSIH sent by the target at the conclusion of the successful login
of the first connection for this session MUST be used. The TSIH
identifies to the target the associated existing session for this new
connection.
All Login Requests within a Login Phase MUST carry the same TSIH.
The target MUST check the value presented with the first Login
Request and act as specified in Section 6.3.1.
11.12.7. Connection ID (CID)
The CID provides a unique ID for this connection within the session.
All Login Requests within the Login Phase MUST carry the same CID.
The target MUST use the value presented with the first Login Request.
Chadalapaka, et al. Standards Track [Page 200]
RFC 7143 iSCSI (Consolidated) April 2014
A Login Request with a non-zero TSIH and a CID equal to that of an
existing connection implies a logout of the connection followed by a
login (see Section 6.3.4). For details regarding the implicit Logout
Request, see Section 11.14.
11.12.8. CmdSN
The CmdSN is either the initial command sequence number of a session
(for the first Login Request of a session -- the "leading" login) or
the command sequence number in the command stream if the login is for
a new connection in an existing session.
Examples:
- Login on a leading connection: If the leading login carries the
CmdSN 123, all other Login Requests in the same Login Phase carry
the CmdSN 123, and the first non-immediate command in the Full
Feature Phase also carries the CmdSN 123.
- Login on other than a leading connection: If the current CmdSN at
the time the first login on the connection is issued is 500, then
that PDU carries CmdSN=500. Subsequent Login Requests that are
needed to complete this Login Phase may carry a CmdSN higher than
500 if non-immediate requests that were issued on other connections
in the same session advance the CmdSN.
If the Login Request is a leading Login Request, the target MUST use
the value presented in the CmdSN as the target value for the
ExpCmdSN.
11.12.9. ExpStatSN
For the first Login Request on a connection, this is the ExpStatSN
for the old connection, and this field is only valid if the Login
Request restarts a connection (see Section 6.3.4).
For subsequent Login Requests, it is used to acknowledge the Login
Responses with their increasing StatSN values.
11.12.10. Login Parameters
The initiator MUST provide some basic parameters in order to enable
the target to determine if the initiator may use the target's
resources and the initial text parameters for the security exchange.
All the rules specified in Section 11.10.5 for Text Requests also
hold for Login Requests. Keys and their explanations are listed in
Section 12 (security negotiation keys) and in Section 13 (operational
Chadalapaka, et al. Standards Track [Page 201]
RFC 7143 iSCSI (Consolidated) April 2014
parameter negotiation keys). All keys listed in Section 13, except
for the X extension formats, MUST be supported by iSCSI initiators
and targets. Keys listed in Section 12 only need to be supported
when the function to which they refer is mandatory to implement.
11.13. Login Response
The Login Response indicates the progress and/or end of the Login
Phase.
Byte/ 0 | 1 | 2 | 3 |
/ | | | |
|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|
+---------------+---------------+---------------+---------------+
0|.|.| 0x23 |T|C|.|.|CSG|NSG| Version-max |Version-active |
+---------------+---------------+---------------+---------------+
4|TotalAHSLength | DataSegmentLength |
+---------------+---------------+---------------+---------------+
8| ISID |
+ +---------------+---------------+
12| | TSIH |
+---------------+---------------+---------------+---------------+
16| Initiator Task Tag |
+---------------+---------------+---------------+---------------+
20| Reserved |
+---------------+---------------+---------------+---------------+
24| StatSN |
+---------------+---------------+---------------+---------------+
28| ExpCmdSN |
+---------------+---------------+---------------+---------------+
32| MaxCmdSN |
+---------------+---------------+---------------+---------------+
36| Status-Class | Status-Detail | Reserved |
+---------------+---------------+---------------+---------------+
40/ Reserved /
+/ /
+---------------+---------------+---------------+---------------+
48/ DataSegment - Login Parameters in Text Request Format /
+/ /
+---------------+---------------+---------------+---------------+
11.13.1. Version-max
This is the highest version number supported by the target.
All Login Responses within the Login Phase MUST carry the same
Version-max.
Chadalapaka, et al. Standards Track [Page 202]
RFC 7143 iSCSI (Consolidated) April 2014
The initiator MUST use the value presented as a response to the first
Login Request.
11.13.2. Version-active
Version-active indicates the highest version supported by the target
and initiator. If the target does not support a version within the
range specified by the initiator, the target rejects the login and
this field indicates the lowest version supported by the target.
All Login Responses within the Login Phase MUST carry the same
Version-active.
The initiator MUST use the value presented as a response to the first
Login Request.
11.13.3. TSIH
The TSIH is the target-assigned session-identifying handle. Its
internal format and content are not defined by this protocol, except
for the value 0, which is reserved. With the exception of the Login
Final-Response in a new session, this field should be set to the TSIH
provided by the initiator in the Login Request. For a new session,
the target MUST generate a non-zero TSIH and ONLY return it in the
Login Final-Response (see Section 6.3).
11.13.4. StatSN
For the first Login Response (the response to the first Login
Request), this is the starting status sequence number for the
connection. The next response of any kind -- including the next
Login Response, if any, in the same Login Phase -- will carry this
number + 1. This field is only valid if the Status-Class is 0.
11.13.5. Status-Class and Status-Detail
The Status returned in a Login Response indicates the execution
status of the Login Phase. The status includes:
Status-Class
Status-Detail
A Status-Class of 0 indicates success.
A non-zero Status-Class indicates an exception. In this case,
Status-Class is sufficient for a simple initiator to use when
handling exceptions, without having to look at the Status-Detail.
Chadalapaka, et al. Standards Track [Page 203]
RFC 7143 iSCSI (Consolidated) April 2014
The Status-Detail allows finer-grained exception handling for more
sophisticated initiators and for better information for logging.
The Status-Classes are as follows:
0 Success - indicates that the iSCSI target successfully
received, understood, and accepted the request. The numbering
fields (StatSN, ExpCmdSN, MaxCmdSN) are only valid if Status-
Class is 0.
1 Redirection - indicates that the initiator must take further
action to complete the request. This is usually due to the
target moving to a different address. All of the redirection
Status-Class responses MUST return one or more text key
parameters of the type "TargetAddress", which indicates the
target's new address. A redirection response MAY be issued by
a target prior to or after completing a security negotiation if
a security negotiation is required. A redirection SHOULD be
accepted by an initiator, even without having the target
complete a security negotiation if any security negotiation is
required, and MUST be accepted by the initiator after the
completion of the security negotiation if any security
negotiation is required.
2 Initiator Error (not a format error) - indicates that the
initiator most likely caused the error. This MAY be due to a
request for a resource for which the initiator does not have
permission. The request should not be tried again.
3 Target Error - indicates that the target sees no errors in the
initiator's Login Request but is currently incapable of
fulfilling the request. The initiator may retry the same Login
Request later.
Chadalapaka, et al. Standards Track [Page 204]
RFC 7143 iSCSI (Consolidated) April 2014
The table below shows all of the currently allocated status codes.
The codes are in hexadecimal; the first byte is the Status-Class, and
the second byte is the status detail.
-----------------------------------------------------------------
Status | Code | Description
|(hex) |
-----------------------------------------------------------------
Success | 0000 | Login is proceeding OK (*1).
-----------------------------------------------------------------
Target moved | 0101 | The requested iSCSI Target Name (ITN)
temporarily | | has temporarily moved
| | to the address provided.
-----------------------------------------------------------------
Target moved | 0102 | The requested ITN has permanently moved
permanently | | to the address provided.
-----------------------------------------------------------------
Initiator | 0200 | Miscellaneous iSCSI initiator
error | | errors.
-----------------------------------------------------------------
Authentication| 0201 | The initiator could not be
failure | | successfully authenticated or target
| | authentication is not supported.
-----------------------------------------------------------------
Authorization | 0202 | The initiator is not allowed access
failure | | to the given target.
-----------------------------------------------------------------
Not found | 0203 | The requested ITN does not
| | exist at this address.
-----------------------------------------------------------------
Target removed| 0204 | The requested ITN has been removed, and
| | no forwarding address is provided.
-----------------------------------------------------------------
Unsupported | 0205 | The requested iSCSI version range is
version | | not supported by the target.
-----------------------------------------------------------------
Too many | 0206 | Too many connections on this SSID.
connections | |
-----------------------------------------------------------------
Missing | 0207 | Missing parameters (e.g., iSCSI
parameter | | Initiator Name and/or Target Name).
-----------------------------------------------------------------
Can't include | 0208 | Target does not support session
in session | | spanning to this connection (address).
-----------------------------------------------------------------
Session type | 0209 | Target does not support this type of
not supported | | session or not from this initiator.
-----------------------------------------------------------------
Chadalapaka, et al. Standards Track [Page 205]
RFC 7143 iSCSI (Consolidated) April 2014
Session does | 020a | Attempt to add a connection
not exist | | to a non-existent session.
-----------------------------------------------------------------
Invalid during| 020b | Invalid request type during login.
login | |
-----------------------------------------------------------------
Target error | 0300 | Target hardware or software error.
-----------------------------------------------------------------
Service | 0301 | The iSCSI service or target is not
unavailable | | currently operational.
-----------------------------------------------------------------
Out of | 0302 | The target has insufficient session,
resources | | connection, or other resources.
-----------------------------------------------------------------
(*1) If the response T bit is set to 1 in both the request and the
matching response, and the NSG is set to FullFeaturePhase in
both the request and the matching response, the Login Phase is
finished, and the initiator may proceed to issue SCSI commands.
If the Status-Class is not 0, the initiator and target MUST close the
TCP connection.
If the target wishes to reject the Login Request for more than one
reason, it should return the primary reason for the rejection.
11.13.6. T (Transit) Bit
The T bit is set to 1 as an indicator of the end of the stage. If
the T bit is set to 1 and the NSG is set to FullFeaturePhase, then
this is also the Login Final-Response (see Section 6.3). A T bit of
0 indicates a "partial" response, which means "more negotiation
needed".
A Login Response with the T bit set to 1 MUST NOT contain key=value
pairs that may require additional answers from the initiator within
the same stage.
If the Status-Class is 0, the T bit MUST NOT be set to 1 if the T bit
in the request was set to 0.
11.13.7. C (Continue) Bit
When set to 1, this bit indicates that the text (set of key=value
pairs) in this Login Response is not complete (it will be continued
on subsequent Login Responses); otherwise, it indicates that this
Login Response ends a set of key=value pairs. A Login Response with
the C bit set to 1 MUST have the T bit set to 0.
Chadalapaka, et al. Standards Track [Page 206]
RFC 7143 iSCSI (Consolidated) April 2014
11.13.8. Login Parameters
The target MUST provide some basic parameters in order to enable the
initiator to determine if it is connected to the correct port and the
initial text parameters for the security exchange.
All the rules specified in Section 11.11.6 for Text Responses also
hold for Login Responses. Keys and their explanations are listed in
Section 12 (security negotiation keys) and in Section 13 (operational
parameter negotiation keys). All keys listed in Section 13, except
for the X extension formats, MUST be supported by iSCSI initiators
and targets. Keys listed in Section 12 only need to be supported
when the function to which they refer is mandatory to implement.
11.14. Logout Request
The Logout Request is used to perform a controlled closing of a
connection.
An initiator MAY use a Logout Request to remove a connection from a
session or to close an entire session.
After sending the Logout Request PDU, an initiator MUST NOT send any
new iSCSI requests on the closing connection. If the Logout Request
is intended to close the session, new iSCSI requests MUST NOT be sent
on any of the connections participating in the session.
When receiving a Logout Request with the reason code "close the
connection" or "close the session", the target MUST terminate all
pending commands, whether acknowledged via the ExpCmdSN or not, on
that connection or session, respectively.
When receiving a Logout Request with the reason code "remove the
connection for recovery", the target MUST discard all requests not
yet acknowledged via the ExpCmdSN that were issued on the specified
connection and suspend all data/status/R2T transfers on behalf of
pending commands on the specified connection.
The target then issues the Logout Response and half-closes the TCP
connection (sends FIN). After receiving the Logout Response and
attempting to receive the FIN (if still possible), the initiator MUST
completely close the logging-out connection. For the terminated
commands, no additional responses should be expected.
A Logout for a CID may be performed on a different transport
connection when the TCP connection for the CID has already been
terminated. In such a case, only a logical "closing" of the iSCSI
connection for the CID is implied with a Logout.
Chadalapaka, et al. Standards Track [Page 207]
RFC 7143 iSCSI (Consolidated) April 2014
All commands that were not terminated or not completed (with status)
and acknowledged when the connection is closed completely can be
reassigned to a new connection if the target supports connection
recovery.
If an initiator intends to start recovery for a failing connection,
it MUST use the Logout Request to "clean up" the target end of a
failing connection and enable recovery to start, or use the Login
Request with a non-zero TSIH and the same CID on a new connection for
the same effect. In sessions with a single connection, the
connection can be closed and then a new connection reopened. A
connection reinstatement login can be used for recovery (see
Section 6.3.4).
A successful completion of a Logout Request with the reason code
"close the connection" or "remove the connection for recovery"
results at the target in the discarding of unacknowledged commands
received on the connection being logged out. These are commands that
have arrived on the connection being logged out but that have not
been delivered to SCSI because one or more commands with a smaller
CmdSN have not been received by iSCSI. See Section 4.2.2.1. The
resulting holes in the command sequence numbers will have to be
handled by appropriate recovery (see Section 7), unless the session
is also closed.
The entire logout discussion in this section is also applicable for
an implicit Logout realized by way of a connection reinstatement or
session reinstatement. When a Login Request performs an implicit
Logout, the implicit Logout is performed as if having the reason
codes specified below:
Reason Code Type of Implicit Logout
-------------------------------------------------------------
0 session reinstatement
1 connection reinstatement when the operational
ErrorRecoveryLevel < 2
2 connection reinstatement when the operational
ErrorRecoveryLevel = 2
Chadalapaka, et al. Standards Track [Page 208]
RFC 7143 iSCSI (Consolidated) April 2014
Byte/ 0 | 1 | 2 | 3 |
/ | | | |
|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|
+---------------+---------------+---------------+---------------+
0|.|I| 0x06 |1| Reason Code | Reserved |
+---------------+---------------+---------------+---------------+
4|TotalAHSLength | DataSegmentLength |
+---------------------------------------------------------------+
8/ Reserved /
+/ /
+---------------+---------------+---------------+---------------+
16| Initiator Task Tag |
+---------------+---------------+---------------+---------------+
20| CID or Reserved | Reserved |
+---------------+---------------+---------------+---------------+
24| CmdSN |
+---------------+---------------+---------------+---------------+
28| ExpStatSN |
+---------------+---------------+---------------+---------------+
32/ Reserved /
+/ /
+---------------+---------------+---------------+---------------+
48| Header-Digest (optional) |
+---------------+---------------+---------------+---------------+
11.14.1. Reason Code
The Reason Code field indicates the reason for Logout as follows:
0 - close the session. All commands associated with the
session (if any) are terminated.
1 - close the connection. All commands associated with the
connection (if any) are terminated.
2 - remove the connection for recovery. The connection is
closed, and all commands associated with it, if any, are
to be prepared for a new allegiance.
All other values are reserved.
11.14.2. TotalAHSLength and DataSegmentLength
For this PDU, TotalAHSLength and DataSegmentLength MUST be 0.
Chadalapaka, et al. Standards Track [Page 209]
RFC 7143 iSCSI (Consolidated) April 2014
11.14.3. CID
This is the connection ID of the connection to be closed (including
closing the TCP stream). This field is only valid if the reason code
is not "close the session".
11.14.4. ExpStatSN
This is the last ExpStatSN value for the connection to be closed.
11.14.5. Implicit Termination of Tasks
A target implicitly terminates the active tasks due to the iSCSI
protocol in the following cases:
a) When a connection is implicitly or explicitly logged out with
the reason code "close the connection" and there are active
tasks allegiant to that connection.
b) When a connection fails and eventually the connection state
times out (state transition M1 in Section 8.2.2) and there are
active tasks allegiant to that connection.
c) When a successful recovery Logout is performed while there are
active tasks allegiant to that connection and those tasks
eventually time out after the Time2Wait and Time2Retain periods
without allegiance reassignment.
d) When a connection is implicitly or explicitly logged out with
the reason code "close the session" and there are active tasks
in that session.
If the tasks terminated in any of the above cases are SCSI tasks,
they must be internally terminated as if with CHECK CONDITION status.
This status is only meaningful for appropriately handling the
internal SCSI state and SCSI side effects with respect to ordering,
because this status is never communicated back as a terminating
status to the initiator. However, additional actions may have to be
taken at the SCSI level, depending on the SCSI context as defined by
the SCSI standards (e.g., queued commands and ACA; UA for the next
command on the I_T nexus in cases a), b), and c) above). After the
tasks are terminated, the target MUST report a Unit Attention
condition on the next command processed on any connection for each
affected I_T_L nexus with the status of CHECK CONDITION, the ASC/ASCQ
value of 47h/7Fh ("SOME COMMANDS CLEARED BY ISCSI PROTOCOL EVENT"),
etc.; see [SPC3].
Chadalapaka, et al. Standards Track [Page 210]
RFC 7143 iSCSI (Consolidated) April 2014
11.15. Logout Response
The Logout Response is used by the target to indicate if the cleanup
operation for the connection(s) has completed.
After Logout, the TCP connection referred by the CID MUST be closed
at both ends (or all connections must be closed if the logout reason
was session close).
Byte/ 0 | 1 | 2 | 3 |
/ | | | |
|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|
+---------------+---------------+---------------+---------------+
0|.|.| 0x26 |1| Reserved | Response | Reserved |
+---------------+---------------+---------------+---------------+
4|TotalAHSLength | DataSegmentLength |
+---------------------------------------------------------------+
8/ Reserved /
+/ /
+---------------+---------------+---------------+---------------+
16| Initiator Task Tag |
+---------------+---------------+---------------+---------------+
20| Reserved |
+---------------+---------------+---------------+---------------+
24| StatSN |
+---------------+---------------+---------------+---------------+
28| ExpCmdSN |
+---------------+---------------+---------------+---------------+
32| MaxCmdSN |
+---------------+---------------+---------------+---------------+
36| Reserved |
+---------------------------------------------------------------+
40| Time2Wait | Time2Retain |
+---------------+---------------+---------------+---------------+
44| Reserved |
+---------------+---------------+---------------+---------------+
48| Header-Digest (optional) |
+---------------+---------------+---------------+---------------+
Chadalapaka, et al. Standards Track [Page 211]
RFC 7143 iSCSI (Consolidated) April 2014
11.15.1. Response
Response field settings are as follows:
0 - connection or session closed successfully.
1 - CID not found.
2 - connection recovery is not supported (i.e., the Logout reason
code was "remove the connection for recovery" and the target
does not support it as indicated by the operational
ErrorRecoveryLevel).
3 - cleanup failed for various reasons.
11.15.2. TotalAHSLength and DataSegmentLength
For this PDU, TotalAHSLength and DataSegmentLength MUST be 0.
11.15.3. Time2Wait
If the Logout response code is 0 and the operational
ErrorRecoveryLevel is 2, this is the minimum amount of time, in
seconds, to wait before attempting task reassignment. If the Logout
response code is 0 and the operational ErrorRecoveryLevel is less
than 2, this field is to be ignored.
This field is invalid if the Logout response code is 1.
If the Logout response code is 2 or 3, this field specifies the
minimum time to wait before attempting a new implicit or explicit
logout.
If Time2Wait is 0, the reassignment or a new Logout may be attempted
immediately.
11.15.4. Time2Retain
If the Logout response code is 0 and the operational
ErrorRecoveryLevel is 2, this is the maximum amount of time, in
seconds, after the initial wait (Time2Wait) that the target waits for
the allegiance reassignment for any active task, after which the task
state is discarded. If the Logout response code is 0 and the
operational ErrorRecoveryLevel is less than 2, this field is to be
ignored.
This field is invalid if the Logout response code is 1.
Chadalapaka, et al. Standards Track [Page 212]
RFC 7143 iSCSI (Consolidated) April 2014
If the Logout response code is 2 or 3, this field specifies the
maximum amount of time, in seconds, after the initial wait
(Time2Wait) that the target waits for a new implicit or explicit
logout.
If it is the last connection of a session, the whole session state is
discarded after Time2Retain.
If Time2Retain is 0, the target has already discarded the connection
(and possibly the session) state along with the task states. No
reassignment or Logout is required in this case.
11.16. SNACK Request
Byte/ 0 | 1 | 2 | 3 |
/ | | | |
|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|
+---------------+---------------+---------------+---------------+
0|.|.| 0x10 |1|.|.|.| Type | Reserved |
+---------------+---------------+---------------+---------------+
4|TotalAHSLength | DataSegmentLength |
+---------------+---------------+---------------+---------------+
8| LUN or Reserved |
+ +
12| |
+---------------+---------------+---------------+---------------+
16| Initiator Task Tag or 0xffffffff |
+---------------+---------------+---------------+---------------+
20| Target Transfer Tag or SNACK Tag or 0xffffffff |
+---------------+---------------+---------------+---------------+
24| Reserved |
+---------------+---------------+---------------+---------------+
28| ExpStatSN |
+---------------+---------------+---------------+---------------+
32/ Reserved /
+/ /
+---------------+---------------+---------------+---------------+
40| BegRun |
+---------------------------------------------------------------+
44| RunLength |
+---------------------------------------------------------------+
48| Header-Digest (optional) |
+---------------+---------------+---------------+---------------+
If the implementation supports ErrorRecoveryLevel greater than zero,
it MUST support all SNACK types.
Chadalapaka, et al. Standards Track [Page 213]
RFC 7143 iSCSI (Consolidated) April 2014
The SNACK is used by the initiator to request the retransmission of
numbered responses, data, or R2T PDUs from the target. The SNACK
Request indicates the numbered responses or data "runs" whose
retransmission is requested, where the run starts with the first
StatSN, DataSN, or R2TSN whose retransmission is requested and
indicates the number of Status, Data, or R2T PDUs requested,
including the first. 0 has special meaning when used as a starting
number and length:
- When used in RunLength, it means all PDUs starting with the
initial.
- When used in both BegRun and RunLength, it means all
unacknowledged PDUs.
The numbered response(s) or R2T(s) requested by a SNACK MUST be
delivered as exact replicas of the ones that the target transmitted
originally, except for the fields ExpCmdSN, MaxCmdSN, and ExpDataSN,
which MUST carry the current values. R2T(s)requested by SNACK MUST
also carry the current value of the StatSN.
The numbered Data-In PDUs requested by a Data SNACK MUST be delivered
as exact replicas of the ones that the target transmitted originally,
except for the fields ExpCmdSN and MaxCmdSN, which MUST carry the
current values; and except for resegmentation (see Section 11.16.3).
Any SNACK that requests a numbered response, data, or R2T that was
not sent by the target or was already acknowledged by the initiator
MUST be rejected with a reason code of "Protocol Error".
11.16.1. Type
This field encodes the SNACK function as follows:
0 - Data/R2T SNACK: requesting retransmission of one or more
Data-In or R2T PDUs.
1 - Status SNACK: requesting retransmission of one or more
numbered responses.
2 - DataACK: positively acknowledges Data-In PDUs.
3 - R-Data SNACK: requesting retransmission of Data-In PDUs with
possible resegmentation and status tagging.
All other values are reserved.
Chadalapaka, et al. Standards Track [Page 214]
RFC 7143 iSCSI (Consolidated) April 2014
Data/R2T SNACK, Status SNACK, or R-Data SNACK for a command MUST
precede status acknowledgment for the given command.
11.16.2. Data Acknowledgment
If an initiator operates at ErrorRecoveryLevel 1 or higher, it MUST
issue a SNACK of type DataACK after receiving a Data-In PDU with the
A bit set to 1. However, if the initiator has detected holes in the
input sequence, it MUST postpone issuing the SNACK of type DataACK
until the holes are filled. An initiator MAY ignore the A bit if it
deems that the bit is being set aggressively by the target (i.e.,
before the MaxBurstLength limit is reached).
The DataACK is used to free resources at the target and not to
request or imply data retransmission.
An initiator MUST NOT request retransmission for any data it had
already acknowledged.
11.16.3. Resegmentation
If the initiator MaxRecvDataSegmentLength changed between the
original transmission and the time the initiator requests
retransmission, the initiator MUST issue a R-Data SNACK (see
Section 11.16.1). With R-Data SNACK, the initiator indicates that it
discards all the unacknowledged data and expects the target to resend
it. It also expects resegmentation. In this case, the retransmitted
Data-In PDUs MAY be different from the ones originally sent in order
to reflect changes in MaxRecvDataSegmentLength. Their DataSN starts
with the BegRun of the last DataACK received by the target if any was
received; otherwise, it starts with 0 and is increased by 1 for each
resent Data-In PDU.
A target that has received a R-Data SNACK MUST return a SCSI Response
that contains a copy of the SNACK Tag field from the R-Data SNACK in
the SCSI Response SNACK Tag field as its last or only Response. For
example, if it has already sent a response containing another value
in the SNACK Tag field or had the status included in the last Data-In
PDU, it must send a new SCSI Response PDU. If a target sends more
than one SCSI Response PDU due to this rule, all SCSI Response PDUs
must carry the same StatSN (see Section 11.4.4). If an initiator
attempts to recover a lost SCSI Response (with a Status-SNACK; see
Section 11.16.1) when more than one response has been sent, the
target will send the SCSI Response with the latest content known to
the target, including the last SNACK Tag for the command.
Chadalapaka, et al. Standards Track [Page 215]
RFC 7143 iSCSI (Consolidated) April 2014
For considerations in allegiance reassignment of a task to a
connection with a different MaxRecvDataSegmentLength, refer to
Section 7.2.2.
11.16.4. Initiator Task Tag
For a Status SNACK and DataACK, the Initiator Task Tag MUST be set to
the reserved value 0xffffffff. In all other cases, the Initiator
Task Tag field MUST be set to the Initiator Task Tag of the
referenced command.
11.16.5. Target Transfer Tag or SNACK Tag
For a R-Data SNACK, this field MUST contain a value that is different
from 0 or 0xffffffff and is unique for the task (identified by the
Initiator Task Tag). This value MUST be copied by the iSCSI target
in the last or only SCSI Response PDU it issues for the command.
For DataACK, the Target Transfer Tag MUST contain a copy of the
Target Transfer Tag and LUN provided with the SCSI Data-In PDU with
the A bit set to 1.
In all other cases, the Target Transfer Tag field MUST be set to the
reserved value 0xffffffff.
11.16.6. BegRun
This field indicates the DataSN, R2TSN, or StatSN of the first PDU
whose retransmission is requested (Data/R2T and Status SNACK), or the
next expected DataSN (DataACK SNACK).
A BegRun of 0, when used in conjunction with a RunLength of 0, means
"resend all unacknowledged Data-In, R2T or Response PDUs".
BegRun MUST be 0 for a R-Data SNACK.
11.16.7. RunLength
This field indicates the number of PDUs whose retransmission is
requested.
A RunLength of 0 signals that all Data-In, R2T, or Response PDUs
carrying the numbers equal to or greater than BegRun have to be
resent.
The RunLength MUST also be 0 for a DataACK SNACK in addition to a
R-Data SNACK.
Chadalapaka, et al. Standards Track [Page 216]
RFC 7143 iSCSI (Consolidated) April 2014
11.17. Reject
Byte/ 0 | 1 | 2 | 3 |
/ | | | |
|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|
+---------------+---------------+---------------+---------------+
0|.|.| 0x3f |1| Reserved | Reason | Reserved |
+---------------+---------------+---------------+---------------+
4|TotalAHSLength | DataSegmentLength |
+---------------+---------------+---------------+---------------+
8/ Reserved /
+/ /
+---------------+---------------+---------------+---------------+
16| 0xffffffff |
+---------------+---------------+---------------+---------------+
20| Reserved |
+---------------+---------------+---------------+---------------+
24| StatSN |
+---------------+---------------+---------------+---------------+
28| ExpCmdSN |
+---------------+---------------+---------------+---------------+
32| MaxCmdSN |
+---------------+---------------+---------------+---------------+
36| DataSN/R2TSN or Reserved |
+---------------+---------------+---------------+---------------+
40| Reserved |
+---------------+---------------+---------------+---------------+
44| Reserved |
+---------------+---------------+---------------+---------------+
48| Header-Digest (optional) |
+---------------+---------------+---------------+---------------+
xx/ Complete Header of Bad PDU /
+/ /
+---------------+---------------+---------------+---------------+
yy/Vendor-specific data (if any) /
/ /
+---------------+---------------+---------------+---------------+
zz| Data-Digest (optional) |
+---------------+---------------+---------------+---------------+
Reject is used to indicate an iSCSI error condition (protocol,
unsupported option, etc.).
Chadalapaka, et al. Standards Track [Page 217]
RFC 7143 iSCSI (Consolidated) April 2014
11.17.1. Reason
The reject Reason is coded as follows:
+------+----------------------------------------+----------------+
| Code | Explanation |Can the original|
| (hex)| |PDU be resent? |
+------+----------------------------------------+----------------+
| 0x01 | Reserved | no |
| | | |
| 0x02 | Data (payload) digest error | yes (Note 1) |
| | | |
| 0x03 | SNACK Reject | yes |
| | | |
| 0x04 | Protocol Error (e.g., SNACK Request for| no |
| | a status that was already acknowledged)| |
| | | |
| 0x05 | Command not supported | no |
| | | |
| 0x06 | Immediate command reject - too many | yes |
| | immediate commands | |
| | | |
| 0x07 | Task in progress | no |
| | | |
| 0x08 | Invalid data ack | no |
| | | |
| 0x09 | Invalid PDU field | no (Note 2) |
| | | |
| 0x0a | Long op reject - Can't generate Target | yes |
| | Transfer Tag - out of resources | |
| | | |
| 0x0b | Deprecated; MUST NOT be used | N/A (Note 3) |
| | | |
| 0x0c | Waiting for Logout | no |
+------+----------------------------------------+----------------+
Note 1: For iSCSI, Data-Out PDU retransmission is only done if the
target requests retransmission with a recovery R2T. However,
if this is the data digest error on immediate data, the
initiator may choose to retransmit the whole PDU, including
the immediate data.
Note 2: A target should use this reason code for all invalid values
of PDU fields that are meant to describe a task, a response,
or a data transfer. Some examples are invalid TTT/ITT,
buffer offset, LUN qualifying a TTT, and an invalid sequence
number in a SNACK.
Chadalapaka, et al. Standards Track [Page 218]
RFC 7143 iSCSI (Consolidated) April 2014
Note 3: Reason code 0x0b ("Negotiation Reset") as defined in
Section 10.17.1 of [RFC3720] is deprecated and MUST NOT be
used by implementations. An implementation receiving reason
code 0x0b MUST treat it as a negotiation failure that
terminates the Login Phase and the TCP connection, as
specified in Section 7.12.
All other values for Reason are unassigned.
In all the cases in which a pre-instantiated SCSI task is terminated
because of the reject, the target MUST issue a proper SCSI command
response with CHECK CONDITION as described in Section 11.4.3. In
these cases in which a status for the SCSI task was already sent
before the reject, no additional status is required. If the error is
detected while data from the initiator is still expected (i.e., the
command PDU did not contain all the data and the target has not
received a Data-Out PDU with the Final bit set to 1 for the
unsolicited data, if any, and all outstanding R2Ts, if any), the
target MUST wait until it receives the last expected Data-Out PDUs
with the F bit set to 1 before sending the Response PDU.
For additional usage semantics of the Reject PDU, see Section 7.3.
11.17.2. DataSN/R2TSN
This field is only valid if the rejected PDU is a Data/R2T SNACK and
the Reject reason code is "Protocol Error" (see Section 11.16). The
DataSN/R2TSN is the next Data/R2T sequence number that the target
would send for the task, if any.
11.17.3. StatSN, ExpCmdSN, and MaxCmdSN
These fields carry their usual values and are not related to the
rejected command. The StatSN is advanced after a Reject.
11.17.4. Complete Header of Bad PDU
The target returns the header (not including the digest) of the PDU
in error as the data of the response.
Chadalapaka, et al. Standards Track [Page 219]
RFC 7143 iSCSI (Consolidated) April 2014
11.18. NOP-Out
Byte/ 0 | 1 | 2 | 3 |
/ | | | |
|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|
+---------------+---------------+---------------+---------------+
0|.|I| 0x00 |1| Reserved |
+---------------+---------------+---------------+---------------+
4|TotalAHSLength | DataSegmentLength |
+---------------+---------------+---------------+---------------+
8| LUN or Reserved |
+ +
12| |
+---------------+---------------+---------------+---------------+
16| Initiator Task Tag or 0xffffffff |
+---------------+---------------+---------------+---------------+
20| Target Transfer Tag or 0xffffffff |
+---------------+---------------+---------------+---------------+
24| CmdSN |
+---------------+---------------+---------------+---------------+
28| ExpStatSN |
+---------------+---------------+---------------+---------------+
32/ Reserved /
+/ /
+---------------+---------------+---------------+---------------+
48| Header-Digest (optional) |
+---------------+---------------+---------------+---------------+
/ DataSegment - Ping Data (optional) /
+/ /
+---------------+---------------+---------------+---------------+
| Data-Digest (optional) |
+---------------+---------------+---------------+---------------+
NOP-Out may be used by an initiator as a "ping request" to verify
that a connection/session is still active and all its components are
operational. The NOP-In response is the "ping echo".
A NOP-Out is also sent by an initiator in response to a NOP-In.
A NOP-Out may also be used to confirm a changed ExpStatSN if another
PDU will not be available for a long time.
Upon receipt of a NOP-In with the Target Transfer Tag set to a valid
value (not the reserved value 0xffffffff), the initiator MUST respond
with a NOP-Out. In this case, the NOP-Out Target Transfer Tag MUST
contain a copy of the NOP-In Target Transfer Tag. The initiator
Chadalapaka, et al. Standards Track [Page 220]
RFC 7143 iSCSI (Consolidated) April 2014
SHOULD NOT send a NOP-Out in response to any other received NOP-In,
in order to avoid lengthy sequences of NOP-In and NOP-Out PDUs sent
in response to each other.
11.18.1. Initiator Task Tag
The NOP-Out MUST have the Initiator Task Tag set to a valid value
only if a response in the form of a NOP-In is requested (i.e., the
NOP-Out is used as a ping request). Otherwise, the Initiator Task
Tag MUST be set to 0xffffffff.
When a target receives the NOP-Out with a valid Initiator Task Tag,
it MUST respond with a NOP-In Response (see Section 4.6.3.6).
If the Initiator Task Tag contains 0xffffffff, the I bit MUST be set
to 1, and the CmdSN is not advanced after this PDU is sent.
11.18.2. Target Transfer Tag
The Target Transfer Tag is a target-assigned identifier for the
operation.
The NOP-Out MUST only have the Target Transfer Tag set if it is
issued in response to a NOP-In with a valid Target Transfer Tag. In
this case, it copies the Target Transfer Tag from the NOP-In PDU.
Otherwise, the Target Transfer Tag MUST be set to 0xffffffff.
When the Target Transfer Tag is set to a value other than 0xffffffff,
the LUN field MUST also be copied from the NOP-In.
11.18.3. Ping Data
Ping data is reflected in the NOP-In Response. The length of the
reflected data is limited to MaxRecvDataSegmentLength. The length of
ping data is indicated by the DataSegmentLength. 0 is a valid value
for the DataSegmentLength and indicates the absence of ping data.
Chadalapaka, et al. Standards Track [Page 221]
RFC 7143 iSCSI (Consolidated) April 2014
11.19. NOP-In
Byte/ 0 | 1 | 2 | 3 |
/ | | | |
|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|0 1 2 3 4 5 6 7|
+---------------+---------------+---------------+---------------+
0|.|.| 0x20 |1| Reserved |
+---------------+---------------+---------------+---------------+
4|TotalAHSLength | DataSegmentLength |
+---------------+---------------+---------------+---------------+
8| LUN or Reserved |
+ +
12| |
+---------------+---------------+---------------+---------------+
16| Initiator Task Tag or 0xffffffff |
+---------------+---------------+---------------+---------------+
20| Target Transfer Tag or 0xffffffff |
+---------------+---------------+---------------+---------------+
24| StatSN |
+---------------+---------------+---------------+---------------+
28| ExpCmdSN |
+---------------+---------------+---------------+---------------+
32| MaxCmdSN |
+---------------+---------------+---------------+---------------+
36/ Reserved /
+/ /
+---------------+---------------+---------------+---------------+
48| Header-Digest (optional) |
+---------------+---------------+---------------+---------------+
/ DataSegment - Return Ping Data /
+/ /
+---------------+---------------+---------------+---------------+
| Data-Digest (optional) |
+---------------+---------------+---------------+---------------+
NOP-In is sent by a target as either a response to a NOP-Out, a
"ping" to an initiator, or a means to carry a changed ExpCmdSN and/or
MaxCmdSN if another PDU will not be available for a long time (as
determined by the target).
When a target receives the NOP-Out with a valid Initiator Task Tag
(not the reserved value 0xffffffff), it MUST respond with a NOP-In
with the same Initiator Task Tag that was provided in the NOP-Out
request. It MUST also duplicate up to the first
MaxRecvDataSegmentLength bytes of the initiator-provided Ping Data.
For such a response, the Target Transfer Tag MUST be 0xffffffff. The
Chadalapaka, et al. Standards Track [Page 222]
RFC 7143 iSCSI (Consolidated) April 2014
target SHOULD NOT send a NOP-In in response to any other received
NOP-Out in order to avoid lengthy sequences of NOP-In and NOP-Out
PDUs sent in response to each other.
Otherwise, when a target sends a NOP-In that is not a response to a
NOP-Out received from the initiator, the Initiator Task Tag MUST be
set to 0xffffffff, and the data segment MUST NOT contain any data
(DataSegmentLength MUST be 0).
11.19.1. Target Transfer Tag
If the target is responding to a NOP-Out, this field is set to the
reserved value 0xffffffff.
If the target is sending a NOP-In as a ping (intending to receive a
corresponding NOP-Out), this field is set to a valid value (not the
reserved value 0xffffffff).
If the target is initiating a NOP-In without wanting to receive a
corresponding NOP-Out, this field MUST hold the reserved value
0xffffffff.
11.19.2. StatSN
The StatSN field will always contain the next StatSN. However, when
the Initiator Task Tag is set to 0xffffffff, the StatSN for the
connection is not advanced after this PDU is sent.
11.19.3. LUN
A LUN MUST be set to a correct value when the Target Transfer Tag is
valid (not the reserved value 0xffffffff).
12. iSCSI Security Text Keys and Authentication Methods
Only the following keys are used during the SecurityNegotiation stage
of the Login Phase:
SessionType
InitiatorName
TargetName
TargetAddress
InitiatorAlias
Chadalapaka, et al. Standards Track [Page 223]
RFC 7143 iSCSI (Consolidated) April 2014
TargetAlias
TargetPortalGroupTag
AuthMethod and the keys used by the authentication methods
specified in Section 12.1, along with all of their associated
keys, as well as Vendor-Specific Authentication Methods.
Other keys MUST NOT be used.
SessionType, InitiatorName, TargetName, InitiatorAlias, TargetAlias,
and TargetPortalGroupTag are described in Section 13 as they can be
used in the OperationalNegotiation stage as well.
All security keys have connection-wide applicability.
12.1. AuthMethod
Use: During Login - Security Negotiation
Senders: Initiator and target
Scope: connection
AuthMethod = <list-of-values>
The main item of security negotiation is the authentication method
(AuthMethod).
The authentication methods that can be used (appear in the list-of-
values) are either vendor-unique methods or those listed in the
following table:
+--------------------------------------------------------------+
| Name | Description |
+--------------------------------------------------------------+
| KRB5 | Kerberos V5 - defined in [RFC4120] |
+--------------------------------------------------------------+
| SRP | Secure Remote Password - |
| | defined in [RFC2945] |
+--------------------------------------------------------------+
| CHAP | Challenge Handshake Authentication Protocol - |
| | defined in [RFC1994] |
+--------------------------------------------------------------+
| None | No authentication |
+--------------------------------------------------------------+
The AuthMethod selection is followed by an "authentication exchange"
specific to the authentication method selected.
Chadalapaka, et al. Standards Track [Page 224]
RFC 7143 iSCSI (Consolidated) April 2014
The authentication method proposal may be made by either the
initiator or the target. However, the initiator MUST make the first
step specific to the selected authentication method as soon as it is
selected. It follows that if the target makes the authentication
method proposal, the initiator sends the first key(s) of the exchange
together with its authentication method selection.
The authentication exchange authenticates the initiator to the target
and, optionally, the target to the initiator. Authentication is
OPTIONAL to use but MUST be supported by the target and initiator.
The initiator and target MUST implement CHAP. All other
authentication methods are OPTIONAL.
Private or public extension algorithms MAY also be negotiated for
authentication methods. Whenever a private or public extension
algorithm is part of the default offer (the offer made in the absence
of explicit administrative action), the implementer MUST ensure that
CHAP is listed as an alternative in the default offer and "None" is
not part of the default offer.
Extension authentication methods MUST be named using one of the
following two formats:
1) Z-reversed.vendor.dns_name.do_something=
2) New public key with no name prefix constraints
Authentication methods named using the Z- format are used as private
extensions. New public keys must be registered with IANA using the
IETF Review process ([RFC5226]). New public extensions for
authentication methods MUST NOT use the Z# name prefix.
For all of the public or private extension authentication methods,
the method-specific keys MUST conform to the format specified in
Section 6.1 for standard-label.
To identify the vendor for private extension authentication methods,
we suggest using the reversed DNS-name as a prefix to the proper
digest names.
The part of digest-name following Z- MUST conform to the format for
standard-label specified in Section 6.1.
Support for public or private extension authentication methods is
OPTIONAL.
Chadalapaka, et al. Standards Track [Page 225]
RFC 7143 iSCSI (Consolidated) April 2014
The following subsections define the specific exchanges for each of
the standardized authentication methods. As mentioned earlier, the
first step is always done by the initiator.
12.1.1. Kerberos
For KRB5 (Kerberos V5) [RFC4120] [RFC1964], the initiator MUST use:
KRB_AP_REQ=<KRB_AP_REQ>
where KRB_AP_REQ is the client message as defined in [RFC4120].
The default principal name assumed by an iSCSI initiator or target
(prior to any administrative configuration action) MUST be the iSCSI
Initiator Name or iSCSI Target Name, respectively, prefixed by the
string "iscsi/".
If the initiator authentication fails, the target MUST respond with a
Login reject with "Authentication Failure" status. Otherwise, if the
initiator has selected the mutual authentication option (by setting
MUTUAL-REQUIRED in the ap-options field of the KRB_AP_REQ), the
target MUST reply with:
KRB_AP_REP=<KRB_AP_REP>
where KRB_AP_REP is the server's response message as defined in
[RFC4120].
If mutual authentication was selected and target authentication
fails, the initiator MUST close the connection.
KRB_AP_REQ and KRB_AP_REP are binary-values, and their binary length
(not the length of the character string that represents them in
encoded form) MUST NOT exceed 65536 bytes. Hex or Base64 encoding
may be used for KRB_AP_REQ and KRB_AP_REP; see Section 6.1.
12.1.2. Secure Remote Password (SRP)
For SRP [RFC2945], the initiator MUST use:
SRP_U=<U> TargetAuth=Yes /* or TargetAuth=No */
The target MUST answer with a Login reject with the "Authorization
Failure" status or reply with:
SRP_GROUP=<G1,G2...> SRP_s=<s>
where G1,G2... are proposed groups, in order of preference.
Chadalapaka, et al. Standards Track [Page 226]
RFC 7143 iSCSI (Consolidated) April 2014
The initiator MUST either close the connection or continue with:
SRP_A=<A> SRP_GROUP=<G>
where G is one of G1,G2... that were proposed by the target.
The target MUST answer with a Login reject with the "Authentication
Failure" status or reply with:
SRP_B=<B>
The initiator MUST close the connection or continue with:
SRP_M=<M>
If the initiator authentication fails, the target MUST answer with a
Login reject with "Authentication Failure" status. Otherwise, if the
initiator sent TargetAuth=Yes in the first message (requiring target
authentication), the target MUST reply with:
SRP_HM=<H(A | M | K)>
If the target authentication fails, the initiator MUST close the
connection:
where U, s, A, B, M, and H(A | M | K) are defined in [RFC2945] (using
the SHA1 hash function, such as SRP-SHA1)
and
G,Gn ("Gn" stands for G1,G2...) are identifiers of SRP groups
specified in [RFC3723].
G, Gn, and U are text strings; s,A,B,M, and H(A | M | K) are
binary-values. The length of s,A,B,M and H(A | M | K) in binary form
(not the length of the character string that represents them in
encoded form) MUST NOT exceed 1024 bytes. Hex or Base64 encoding may
be used for s,A,B,M and H(A | M | K); see Section 6.1.
See Appendix B for the related login example.
For the SRP_GROUP, all the groups specified in [RFC3723] up to
1536 bits (i.e., SRP-768, SRP-1024, SRP-1280, SRP-1536) must be
supported by initiators and targets. To guarantee interoperability,
targets MUST always offer "SRP-1536" as one of the proposed groups.
Chadalapaka, et al. Standards Track [Page 227]
RFC 7143 iSCSI (Consolidated) April 2014
12.1.3. Challenge Handshake Authentication Protocol (CHAP)
For CHAP [RFC1994], the initiator MUST use:
CHAP_A=<A1,A2...>
where A1,A2... are proposed algorithms, in order of preference.
The target MUST answer with a Login reject with the "Authentication
Failure" status or reply with:
CHAP_A=<A> CHAP_I=<I> CHAP_C=<C>
where A is one of A1,A2... that were proposed by the initiator.
The initiator MUST continue with:
CHAP_N=<N> CHAP_R=<R>
or, if it requires target authentication, with:
CHAP_N=<N> CHAP_R=<R> CHAP_I=<I> CHAP_C=<C>
If the initiator authentication fails, the target MUST answer with a
Login reject with "Authentication Failure" status. Otherwise, if the
initiator required target authentication, the target MUST either
answer with a Login reject with "Authentication Failure" or reply
with:
CHAP_N=<N> CHAP_R=<R>
If the target authentication fails, the initiator MUST close the
connection:
where N, (A,A1,A2), I, C, and R are (correspondingly) the Name,
Algorithm, Identifier, Challenge, and Response as defined in
[RFC1994].
N is a text string; A,A1,A2, and I are numbers; C and R are
binary-values. Their binary length (not the length of the character
string that represents them in encoded form) MUST NOT exceed
1024 bytes. Hex or Base64 encoding may be used for C and R; see
Section 6.1.
See Appendix B for the related login example.
Chadalapaka, et al. Standards Track [Page 228]
RFC 7143 iSCSI (Consolidated) April 2014
For the Algorithm, as stated in [RFC1994], one value is required to
be implemented:
5 (CHAP with MD5)
To guarantee interoperability, initiators MUST always offer it as one
of the proposed algorithms.
13. Login/Text Operational Text Keys
Some session-specific parameters MUST only be carried on the leading
connection and cannot be changed after the leading connection login
(e.g., MaxConnections -- the maximum number of connections). This
holds for a single connection session with regard to connection
restart. The keys that fall into this category have the "use: LO"
(Leading Only).
Keys that can only be used during login have the "use: IO"
(Initialize Only), while those that can be used in both the Login
Phase and Full Feature Phase have the "use: ALL".
Keys that can only be used during the Full Feature Phase use FFPO
(Full Feature Phase Only).
Keys marked as Any-Stage may also appear in the SecurityNegotiation
stage, while all other keys described in this section are
operational keys.
Keys that do not require an answer are marked as Declarative.
Key scope is indicated as session-wide (SW) or connection-only (CO).
"Result function", wherever mentioned, states the function that can
be applied to check the validity of the responder selection.
"Minimum" means that the selected value cannot exceed the offered
value. "Maximum" means that the selected value cannot be lower than
the offered value. "AND" means that the selected value must be a
possible result of a Boolean "and" function with an arbitrary Boolean
value (e.g., if the offered value is No the selected value must be
No). "OR" means that the selected value must be a possible result of
a Boolean "or" function with an arbitrary Boolean value (e.g., if the
offered value is Yes the selected value must be Yes).
Chadalapaka, et al. Standards Track [Page 229]
RFC 7143 iSCSI (Consolidated) April 2014
13.1. HeaderDigest and DataDigest
Use: IO
Senders: Initiator and target
Scope: CO
HeaderDigest = <list-of-values>
DataDigest = <list-of-values>
Default is None for both HeaderDigest and DataDigest.
Digests enable the checking of end-to-end, non-cryptographic data
integrity beyond the integrity checks provided by the link layers and
the covering of the whole communication path, including all elements
that may change the network-level PDUs, such as routers, switches,
and proxies.
The following table lists cyclic integrity checksums that can be
negotiated for the digests and MUST be implemented by every iSCSI
initiator and target. These digest options only have error detection
significance.
+---------------------------------------------+
| Name | Description | Generator |
+---------------------------------------------+
| CRC32C | 32-bit CRC |0x11edc6f41|
+---------------------------------------------+
| None | no digest |
+---------------------------------------------+
The generator polynomial G(x) for this digest is given in hexadecimal
notation (e.g., "0x3b" stands for 0011 1011, and the polynomial is
x**5 + x**4 + x**3 + x + 1).
When the initiator and target agree on a digest, this digest MUST be
used for every PDU in the Full Feature Phase.
Padding bytes, when present in a segment covered by a CRC, SHOULD be
set to 0 and are included in the CRC.
The CRC MUST be calculated by a method that produces the same results
as the following process:
- The PDU bits are considered as the coefficients of a polynomial
M(x) of degree n - 1; bit 7 of the lowest numbered byte is
considered the most significant bit (x**n - 1), followed by bit 6
of the lowest numbered byte through bit 0 of the highest numbered
byte (x**0).
Chadalapaka, et al. Standards Track [Page 230]
RFC 7143 iSCSI (Consolidated) April 2014
- The most significant 32 bits are complemented.
- The polynomial is multiplied by x**32, then divided by G(x). The
generator polynomial produces a remainder R(x) of degree <= 31.
- The coefficients of R(x) are formed into a 32-bit sequence.
- The bit sequence is complemented, and the result is the CRC.
- The CRC bits are mapped into the digest word. The x**31
coefficient is mapped to bit 7 of the lowest numbered byte of the
digest, and the mapping continues with successive coefficients and
bits so that the x**24 coefficient is mapped to bit 0 of the lowest
numbered byte. The mapping continues further with the x**23
coefficient mapped to bit 7 of the next byte in the digest until
the x**0 coefficient is mapped to bit 0 of the highest numbered
byte of the digest.
- Computing the CRC over any segment (data or header) extended to
include the CRC built using the generator 0x11edc6f41 will always
get the value 0x1c2d19ed as its final remainder (R(x)). This value
is given here in its polynomial form (i.e., not mapped as the
digest word).
For a discussion about selection criteria for the CRC, see [RFC3385].
For a detailed analysis of the iSCSI polynomial, see [Castagnoli93].
Private or public extension algorithms MAY also be negotiated for
digests. Whenever a private or public digest extension algorithm is
part of the default offer (the offer made in the absence of explicit
administrative action), the implementer MUST ensure that CRC32C is
listed as an alternative in the default offer and "None" is not part
of the default offer.
Extension digest algorithms MUST be named using one of the following
two formats:
1) Y-reversed.vendor.dns_name.do_something=
2) New public key with no name prefix constraints
Digests named using the Y- format are used for private purposes
(unregistered). New public keys must be registered with IANA using
the IETF Review process ([RFC5226]). New public extensions for
digests MUST NOT use the Y# name prefix.
For private extension digests, to identify the vendor we suggest
using the reversed DNS-name as a prefix to the proper digest names.
Chadalapaka, et al. Standards Track [Page 231]
RFC 7143 iSCSI (Consolidated) April 2014
The part of digest-name following Y- MUST conform to the format for
standard-label specified in Section 6.1.
Support for public or private extension digests is OPTIONAL.
13.2. MaxConnections
Use: LO
Senders: Initiator and target
Scope: SW
Irrelevant when: SessionType=Discovery
MaxConnections=<numerical-value-from-1-to-65535>
Default is 1.
Result function is Minimum.
The initiator and target negotiate the maximum number of connections
requested/acceptable.
13.3. SendTargets
Use: FFPO
Senders: Initiator
Scope: SW
For a complete description, see Appendix C.
13.4. TargetName
Use: IO by initiator, FFPO by target -- only as response to a
SendTargets, Declarative, Any-Stage
Senders: Initiator and target
Scope: SW
TargetName=<iSCSI-name-value>
Examples:
TargetName=iqn.1993-11.com.disk-vendor:diskarrays.sn.45678
TargetName=eui.020000023B040506
TargetName=naa.62004567BA64678D0123456789ABCDEF
Chadalapaka, et al. Standards Track [Page 232]
RFC 7143 iSCSI (Consolidated) April 2014
The initiator of the TCP connection MUST provide this key to the
remote endpoint in the first Login Request if the initiator is not
establishing a Discovery session. The iSCSI Target Name specifies
the worldwide unique name of the target.
The TargetName key may also be returned by the SendTargets Text
Request (which is its only use when issued by a target).
The TargetName MUST NOT be redeclared within the Login Phase.
13.5. InitiatorName
Use: IO, Declarative, Any-Stage
Senders: Initiator
Scope: SW
InitiatorName=<iSCSI-name-value>
Examples:
InitiatorName=iqn.1992-04.com.os-vendor.plan9:cdrom.12345
InitiatorName=iqn.2001-02.com.ssp.users:customer235.host90
InitiatorName=naa.52004567BA64678D
The initiator of the TCP connection MUST provide this key to the
remote endpoint at the first login of the Login Phase for every
connection. The InitiatorName key enables the initiator to identify
itself to the remote endpoint.
The InitiatorName MUST NOT be redeclared within the Login Phase.
13.6. TargetAlias
Use: ALL, Declarative, Any-Stage
Senders: Target
Scope: SW
TargetAlias=<iSCSI-local-name-value>
Examples:
TargetAlias=Bob-s Disk
TargetAlias=Database Server 1 Log Disk
TargetAlias=Web Server 3 Disk 20
Chadalapaka, et al. Standards Track [Page 233]
RFC 7143 iSCSI (Consolidated) April 2014
If a target has been configured with a human-readable name or
description, this name SHOULD be communicated to the initiator during
a Login Response PDU if SessionType=Normal (see Section 13.21). This
string is not used as an identifier, nor is it meant to be used for
authentication or authorization decisions. It can be displayed by
the initiator's user interface in a list of targets to which it is
connected.
13.7. InitiatorAlias
Use: ALL, Declarative, Any-Stage
Senders: Initiator
Scope: SW
InitiatorAlias=<iSCSI-local-name-value>
Examples:
InitiatorAlias=Web Server 4
InitiatorAlias=spyalley.nsa.gov
InitiatorAlias=Exchange Server
If an initiator has been configured with a human-readable name or
description, it SHOULD be communicated to the target during a Login
Request PDU. If not, the host name can be used instead. This string
is not used as an identifier, nor is it meant to be used for
authentication or authorization decisions. It can be displayed by
the target's user interface in a list of initiators to which it is
connected.
13.8. TargetAddress
Use: ALL, Declarative, Any-Stage
Senders: Target
Scope: SW
TargetAddress=domainname[:port][,portal-group-tag]
The domainname can be specified as either a DNS host name, a dotted-
decimal IPv4 address, or a bracketed IPv6 address as specified in
[RFC3986].
If the TCP port is not specified, it is assumed to be the IANA-
assigned default port for iSCSI (see Section 14).
Chadalapaka, et al. Standards Track [Page 234]
RFC 7143 iSCSI (Consolidated) April 2014
If the TargetAddress is returned as the result of a redirect status
in a Login Response, the comma and portal-group-tag MUST be omitted.
If the TargetAddress is returned within a SendTargets response, the
portal-group-tag MUST be included.
Examples:
TargetAddress=10.0.0.1:5003,1
TargetAddress=[1080:0:0:0:8:800:200C:417A],65
TargetAddress=[1080::8:800:200C:417A]:5003,1
TargetAddress=computingcenter.example.com,23
The use of the portal-group-tag is described in Appendix C. The
formats for the port and portal-group-tag are the same as the one
specified in TargetPortalGroupTag.
13.9. TargetPortalGroupTag
Use: IO by target, Declarative, Any-Stage
Senders: Target
Scope: SW
TargetPortalGroupTag=<16-bit-binary-value>
Example:
TargetPortalGroupTag=1
The TargetPortalGroupTag key is a 16-bit binary-value that uniquely
identifies a portal group within an iSCSI target node. This key
carries the value of the tag of the portal group that is servicing
the Login Request. The iSCSI target returns this key to the
initiator in the Login Response PDU to the first Login Request PDU
that has the C bit set to 0 when TargetName is given by the
initiator.
[SAM2] notes in its informative text that the TPGT value should be
non-zero; note that this is incorrect. A zero value is allowed as a
legal value for the TPGT. This discrepancy currently stands
corrected in [SAM4].
For the complete usage expectations of this key, see Section 6.3.
Chadalapaka, et al. Standards Track [Page 235]
RFC 7143 iSCSI (Consolidated) April 2014
13.10. InitialR2T
Use: LO
Senders: Initiator and target
Scope: SW
Irrelevant when: SessionType=Discovery
InitialR2T=<boolean-value>
Examples:
I->InitialR2T=No
T->InitialR2T=No
Default is Yes.
Result function is OR.
The InitialR2T key is used to turn off the default use of R2T for
unidirectional operations and the output part of bidirectional
commands, thus allowing an initiator to start sending data to a
target as if it has received an initial R2T with Buffer
Offset=Immediate Data Length and Desired Data Transfer
Length=(min(FirstBurstLength, Expected Data Transfer Length) -
Received Immediate Data Length).
The default action is that R2T is required, unless both the initiator
and the target send this key-pair attribute specifying InitialR2T=No.
Only the first outgoing data burst (immediate data and/or separate
PDUs) can be sent unsolicited (i.e., not requiring an explicit R2T).
13.11. ImmediateData
Use: LO
Senders: Initiator and target
Scope: SW
Irrelevant when: SessionType=Discovery
ImmediateData=<boolean-value>
Default is Yes.
Result function is AND.
The initiator and target negotiate support for immediate data. To
turn immediate data off, the initiator or target must state its
desire to do so. ImmediateData can be turned on if both the
initiator and target have ImmediateData=Yes.
Chadalapaka, et al. Standards Track [Page 236]
RFC 7143 iSCSI (Consolidated) April 2014
If ImmediateData is set to Yes and InitialR2T is set to Yes
(default), then only immediate data are accepted in the first burst.
If ImmediateData is set to No and InitialR2T is set to Yes, then the
initiator MUST NOT send unsolicited data and the target MUST reject
unsolicited data with the corresponding response code.
If ImmediateData is set to No and InitialR2T is set to No, then the
initiator MUST NOT send unsolicited immediate data but MAY send one
unsolicited burst of Data-OUT PDUs.
If ImmediateData is set to Yes and InitialR2T is set to No, then the
initiator MAY send unsolicited immediate data and/or one unsolicited
burst of Data-OUT PDUs.
The following table is a summary of unsolicited data options:
+----------+-------------+------------------+-------------+
|InitialR2T|ImmediateData| Unsolicited |ImmediateData|
| | | Data-Out PDUs | |
+----------+-------------+------------------+-------------+
| No | No | Yes | No |
+----------+-------------+------------------+-------------+
| No | Yes | Yes | Yes |
+----------+-------------+------------------+-------------+
| Yes | No | No | No |
+----------+-------------+------------------+-------------+
| Yes | Yes | No | Yes |
+----------+-------------+------------------+-------------+
13.12. MaxRecvDataSegmentLength
Use: ALL, Declarative
Senders: Initiator and target
Scope: CO
MaxRecvDataSegmentLength=<numerical-value-512-to-(2**24 - 1)>
Default is 8192 bytes.
The initiator or target declares the maximum data segment length in
bytes it can receive in an iSCSI PDU.
The transmitter (initiator or target) is required to send PDUs with a
data segment that does not exceed MaxRecvDataSegmentLength of the
receiver.
Chadalapaka, et al. Standards Track [Page 237]
RFC 7143 iSCSI (Consolidated) April 2014
A target receiver is additionally limited by MaxBurstLength for
solicited data and FirstBurstLength for unsolicited data. An
initiator MUST NOT send solicited PDUs exceeding MaxBurstLength nor
unsolicited PDUs exceeding FirstBurstLength (or FirstBurstLength-
Immediate Data Length if immediate data were sent).
13.13. MaxBurstLength
Use: LO
Senders: Initiator and target
Scope: SW
Irrelevant when: SessionType=Discovery
MaxBurstLength=<numerical-value-512-to-(2**24 - 1)>
Default is 262144 (256 KB).
Result function is Minimum.
The initiator and target negotiate the maximum SCSI data payload in
bytes in a Data-In or a solicited Data-Out iSCSI sequence. A
sequence consists of one or more consecutive Data-In or Data-Out PDUs
that end with a Data-In or Data-Out PDU with the F bit set to 1.
13.14. FirstBurstLength
Use: LO
Senders: Initiator and target
Scope: SW
Irrelevant when: SessionType=Discovery
Irrelevant when: ( InitialR2T=Yes and ImmediateData=No )
FirstBurstLength=<numerical-value-512-to-(2**24 - 1)>
Default is 65536 (64 KB).
Result function is Minimum.
The initiator and target negotiate the maximum amount in bytes of
unsolicited data an iSCSI initiator may send to the target during the
execution of a single SCSI command. This covers the immediate data
(if any) and the sequence of unsolicited Data-Out PDUs (if any) that
follow the command.
FirstBurstLength MUST NOT exceed MaxBurstLength.
Chadalapaka, et al. Standards Track [Page 238]
RFC 7143 iSCSI (Consolidated) April 2014
13.15. DefaultTime2Wait
Use: LO
Senders: Initiator and target
Scope: SW
DefaultTime2Wait=<numerical-value-0-to-3600>
Default is 2.
Result function is Maximum.
The initiator and target negotiate the minimum time, in seconds, to
wait before attempting an explicit/implicit logout or an active task
reassignment after an unexpected connection termination or a
connection reset.
A value of 0 indicates that logout or active task reassignment can be
attempted immediately.
13.16. DefaultTime2Retain
Use: LO
Senders: Initiator and target
Scope: SW
DefaultTime2Retain=<numerical-value-0-to-3600>
Default is 20.
Result function is Minimum.
The initiator and target negotiate the maximum time, in seconds,
after an initial wait (Time2Wait), before which an active task
reassignment is still possible after an unexpected connection
termination or a connection reset.
This value is also the session state timeout if the connection in
question is the last LOGGED_IN connection in the session.
A value of 0 indicates that connection/task state is immediately
discarded by the target.
13.17. MaxOutstandingR2T
Use: LO
Senders: Initiator and target
Scope: SW
MaxOutstandingR2T=<numerical-value-from-1-to-65535>
Chadalapaka, et al. Standards Track [Page 239]
RFC 7143 iSCSI (Consolidated) April 2014
Irrelevant when: SessionType=Discovery
Default is 1.
Result function is Minimum.
The initiator and target negotiate the maximum number of outstanding
R2Ts per task, excluding any implied initial R2T that might be part
of that task. An R2T is considered outstanding until the last data
PDU (with the F bit set to 1) is transferred or a sequence reception
timeout (Section 7.1.4.1) is encountered for that data sequence.
13.18. DataPDUInOrder
Use: LO
Senders: Initiator and target
Scope: SW
Irrelevant when: SessionType=Discovery
DataPDUInOrder=<boolean-value>
Default is Yes.
Result function is OR.
"No" is used by iSCSI to indicate that the data PDUs within sequences
can be in any order. "Yes" is used to indicate that data PDUs within
sequences have to be at continuously increasing addresses and
overlays are forbidden.
13.19. DataSequenceInOrder
Use: LO
Senders: Initiator and target
Scope: SW
Irrelevant when: SessionType=Discovery
DataSequenceInOrder=<boolean-value>
Default is Yes.
Result function is OR.
A data sequence is a sequence of Data-In or Data-Out PDUs that end
with a Data-In or Data-Out PDU with the F bit set to 1. A Data-Out
sequence is sent either unsolicited or in response to an R2T.
Sequences cover an offset-range.
If DataSequenceInOrder is set to No, data PDU sequences may be
transferred in any order.
Chadalapaka, et al. Standards Track [Page 240]
RFC 7143 iSCSI (Consolidated) April 2014
If DataSequenceInOrder is set to Yes, data sequences MUST be
transferred using continuously non-decreasing sequence offsets (R2T
buffer offset for writes, or the smallest SCSI Data-In buffer offset
within a read data sequence).
If DataSequenceInOrder is set to Yes, a target may retry at most the
last R2T, and an initiator may at most request retransmission for the
last read data sequence. For this reason, if ErrorRecoveryLevel is
not 0 and DataSequenceInOrder is set to Yes, then MaxOutstandingR2T
MUST be set to 1.
13.20. ErrorRecoveryLevel
Use: LO
Senders: Initiator and target
Scope: SW
ErrorRecoveryLevel=<numerical-value-0-to-2>
Default is 0.
Result function is Minimum.
The initiator and target negotiate the recovery level supported.
Recovery levels represent a combination of recovery capabilities.
Each recovery level includes all the capabilities of the lower
recovery levels and adds some new ones to them.
In the description of recovery mechanisms, certain recovery classes
are specified. Section 7.1.5 describes the mapping between the
classes and the levels.
13.21. SessionType
Use: LO, Declarative, Any-Stage
Senders: Initiator
Scope: SW
SessionType=<Discovery|Normal>
Default is Normal.
The initiator indicates the type of session it wants to create. The
target can either accept it or reject it.
Chadalapaka, et al. Standards Track [Page 241]
RFC 7143 iSCSI (Consolidated) April 2014
A Discovery session indicates to the target that the only purpose of
this session is discovery. The only requests a target accepts in
this type of session are a Text Request with a SendTargets key and a
Logout Request with reason "close the session".
The Discovery session implies MaxConnections = 1 and overrides both
the default and an explicit setting. As Section 7.4.1 states,
ErrorRecoveryLevel MUST be 0 (zero) for Discovery sessions.
Depending on the type of session, a target may decide on resources to
allocate, the security to enforce, etc., for the session. If the
SessionType key is thus going to be offered as "Discovery", it SHOULD
be offered in the initial Login Request by the initiator.
13.22. The Private Extension Key Format
Use: ALL
Senders: Initiator and target
Scope: specific key dependent
X-reversed.vendor.dns_name.do_something=
Keys with this format are used for private extension purposes. These
keys always start with X- if unregistered with IANA (private). New
public keys (if registered with IANA via an IETF Review [RFC5226]) no
longer have an X# name prefix requirement; implementers may propose
any intuitive unique name.
For unregistered keys, to identify the vendor we suggest using the
reversed DNS-name as a prefix to the key-proper.
The part of key-name following X- MUST conform to the format for
key-name specified in Section 6.1.
Vendor-specific keys MUST ONLY be used in Normal sessions.
Support for public or private extension keys is OPTIONAL.
13.23. TaskReporting
Use: LO
Senders: Initiator and target
Scope: SW
Irrelevant when: SessionType=Discovery
TaskReporting=<list-of-values>
Default is RFC3720.
Chadalapaka, et al. Standards Track [Page 242]
RFC 7143 iSCSI (Consolidated) April 2014
This key is used to negotiate the task completion reporting semantics
from the SCSI target. The following table describes the semantics
that an iSCSI target MUST support for respective negotiated key
values. Whenever this key is negotiated, at least the RFC3720 and
ResponseFence values MUST be offered as options by the negotiation
originator.
+--------------+------------------------------------------+
| Name | Description |
+--------------+------------------------------------------+
| RFC3720 | RFC 3720-compliant semantics. Response |
| | fencing is not guaranteed, and fast |
| | completion of multi-task aborting is not |
| | supported. |
+--------------+------------------------------------------+
| ResponseFence| Response Fence (Section 4.2.2.3.3) |
| | semantics MUST be supported in reporting |
| | task completions. |
+--------------+------------------------------------------+
| FastAbort | Updated fast multi-task abort semantics |
| | defined in Section 4.2.3.4 MUST be |
| | supported. Support for the Response |
| | Fence is implied -- i.e., semantics as |
| | described in Section 4.2.2.3.3 MUST be |
| | supported as well. |
+--------------+------------------------------------------+
When TaskReporting is not negotiated to FastAbort, the standard
multi-task abort semantics in Section 4.2.3.3 MUST be used.
13.24. iSCSIProtocolLevel Negotiation
The iSCSIProtocolLevel associated with this document is "1". As a
responder or an originator in a negotiation of this key, an iSCSI
implementation compliant to this document alone, without any future
protocol extensions, MUST use this value as defined by [RFC7144].
13.25. Obsoleted Keys
This document obsoletes the following keys defined in [RFC3720]:
IFMarker, OFMarker, OFMarkInt, and IFMarkInt. However, iSCSI
implementations compliant to this document may still receive these
obsoleted keys -- i.e., in a responder role -- in a text negotiation.
When an IFMarker or OFMarker key is received, a compliant iSCSI
implementation SHOULD respond with the constant "Reject" value. The
implementation MAY alternatively respond with a "No" value.
Chadalapaka, et al. Standards Track [Page 243]
RFC 7143 iSCSI (Consolidated) April 2014
However, the implementation MUST NOT respond with a "NotUnderstood"
value for either of these keys.
When an IFMarkInt or OFMarkInt key is received, a compliant iSCSI
implementation MUST respond with the constant "Reject" value. The
implementation MUST NOT respond with a "NotUnderstood" value for
either of these keys.
13.26. X#NodeArchitecture
13.26.1. Definition
Use: LO, Declarative
Senders: Initiator and target
Scope: SW
X#NodeArchitecture=<list-of-values>
Default is None.
Examples:
X#NodeArchitecture=ExampleOS/v1234,ExampleInc_SW_Initiator/1.05a
X#NodeArchitecture=ExampleInc_HW_Initiator/4010,Firmware/2.0.0.5
X#NodeArchitecture=ExampleInc_SW_Initiator/2.1,CPU_Arch/i686
This document does not define the structure or content of the list of
values.
The initiator or target declares the details of its iSCSI node
architecture to the remote endpoint. These details may include, but
are not limited to, iSCSI vendor software, firmware, or hardware
versions; the OS version; or hardware architecture. This key may be
declared on a Discovery session or a Normal session.
The length of the key value (total length of the list-of-values) MUST
NOT be greater than 255 bytes.
X#NodeArchitecture MUST NOT be redeclared during the Login Phase.
13.26.2. Implementation Requirements
Functional behavior of the iSCSI node (this includes the iSCSI
protocol logic -- the SCSI, iSCSI, and TCP/IP protocols) MUST NOT
depend on the presence, absence, or content of the X#NodeArchitecture
key. The key MUST NOT be used by iSCSI nodes for interoperability or
Chadalapaka, et al. Standards Track [Page 244]
RFC 7143 iSCSI (Consolidated) April 2014
for exclusion of other nodes. To ensure proper use, key values
SHOULD be set by the node itself, and there SHOULD NOT be provisions
for the key values to contain user-defined text.
Nodes implementing this key MUST choose one of the following
implementation options:
- only transmit the key,
- only log the key values received from other nodes, or
- both transmit and log the key values.
Each node choosing to implement transmission of the key values MUST
be prepared to handle the response of iSCSI nodes that do not
understand the key.
Nodes that implement transmission and/or logging of the key values
may also implement administrative mechanisms that disable and/or
change the logging and key transmission details (see Section 9.4).
Thus, a valid behavior for this key may be that a node is completely
silent (the node does not transmit any key value and simply discards
any key values it receives without issuing a NotUnderstood response).
14. Rationale for Revised IANA Considerations
This document makes rather significant changes in this area, and this
section outlines the reasons behind the changes. As previously
specified in [RFC3720], iSCSI had used text string prefixes, such as
X- and X#, to distinguish extended login/text keys, digest
algorithms, and authentication methods from their standardized
counterparts. Based on experience with other protocols, [RFC6648],
however, strongly recommends against this practice, in large part
because extensions that use such prefixes may become standard over
time, at which point it can be infeasible to change their text string
names due to widespread usage under the existing text string name.
iSCSI's experience with public extensions supports the
recommendations in [RFC6648], as the only extension item ever
registered with IANA, the X#NodeArchitecture key, was specified as a
standard key in a Standards Track RFC [RFC4850] and hence did not
require the X# prefix. In addition, that key is the only public
iSCSI extension that has been registered with IANA since RFC 3720 was
originally published, so there has been effectively no use of the X#,
Y#, and Z# public extension formats.
Chadalapaka, et al. Standards Track [Page 245]
RFC 7143 iSCSI (Consolidated) April 2014
Therefore, this document makes the following changes to the IANA
registration procedures for iSCSI:
1) The separate registries for X#, Y#, and Z# public extensions
are removed. The single entry in the registry for X#
login/text keys (X#NodeArchitecture) is transferred to the main
"iSCSI Login/Text Keys" registry. IANA has never created the
latter two registries because there have been no registration
requests for them. These public extension formats (X#, Y#, Z#)
MUST NOT be used, with the exception of the existing
X#NodeArchitecture key.
2) The registration procedures for the main "iSCSI Login/Text
Keys", "iSCSI digests", and "iSCSI authentication methods" IANA
registries are changed to IETF Review [RFC5226] for possible
future extensions to iSCSI. This change includes a deliberate
decision to remove the possibility of specifying an IANA-
registered iSCSI extension in an RFC published via an RFC
Editor Independent Submission, as the level of review in that
process is insufficient for iSCSI extensions.
3) The restriction against registering items using the private
extension formats (X-, Y-, Z-) in the main IANA registries is
removed. Extensions using these formats MAY be registered
under the IETF Review registration procedures, but each format
is restricted to the type of extension for which it is
specified in this RFC and MUST NOT be used for other types.
For example, the X- extension format for extension login/text
keys MUST NOT be used for digest algorithms or authentication
methods.
15. IANA Considerations
The well-known TCP port number for iSCSI connections assigned by IANA
is 3260, and this is the default iSCSI port. Implementations needing
a system TCP port number may use port 860, the port assigned by IANA
as the iSCSI system port; however, in order to use port 860, it MUST
be explicitly specified -- implementations MUST NOT default to the
use of port 860, as 3260 is the only allowed default.
IANA has replaced the references for ports 860 and 3260, both TCP and
UDP, with references to this document. Please see
http://www.iana.org/assignments/service-names-port-numbers.
IANA has updated all references to RFC 3720, RFC 4850, and RFC 5048
to instead reference this RFC in all of the iSCSI registries that are
part of the "Internet Small Computer System Interface (iSCSI)
Parameters" set of registries. This change reflects the fact that
Chadalapaka, et al. Standards Track [Page 246]
RFC 7143 iSCSI (Consolidated) April 2014
those three RFCs are obsoleted by this RFC. References to other RFCs
that are not being obsoleted (e.g., RFC 3723, RFC 5046) should not be
changed.
IANA has performed the following actions on the "iSCSI Login/Text
Keys" registry:
- Changed the registration procedure to IETF Review from Standard
Required.
- Changed the RFC 5048 reference for the registry to reference
this RFC.
- Added the X#NodeArchitecture key from the "iSCSI extended key"
registry, and changed its reference to this RFC.
- Changed all references to RFC 3720 and RFC 5048 to instead
reference this RFC.
IANA has changed the registration procedures for the "iSCSI
authentication methods" and "iSCSI digests" registries to IETF Review
from RFC Required.
IANA has removed the "iSCSI extended key" registry, as its one entry
has been added to the "iSCSI Login/Text Keys" registry.
IANA has marked as obsolete the values 4 and 5 for SPKM1 and SPKM2,
respectively, in the "iSCSI authentication methods" subregistry of
the "Internet Small Computer System Interface (iSCSI) Parameters" set
of registries.
IANA has added this document to the "iSCSI Protocol Level" registry
with value 1, as mentioned in Section 13.24.
All the other IANA considerations stated in [RFC3720] and [RFC5048]
remain unchanged. The assignments contained in the following
subregistries are not repeated in this document:
- iSCSI authentication methods (from Section 13 of [RFC3720])
- iSCSI digests (from Section 13 of [RFC3720])
This document obsoletes the SPKM1 and SPKM2 key values for the
AuthMethod text key. Consequently, the SPKM_ text key prefix MUST be
treated as obsolete and not be reused.
Chadalapaka, et al. Standards Track [Page 247]
RFC 7143 iSCSI (Consolidated) April 2014
16. References
16.1. Normative References
[EUI] "Guidelines for 64-bit Global Identifier (EUI-64(TM))",
<http://standards.ieee.org/regauth/oui/tutorials/
EUI64.html>.
[FC-FS3] INCITS Technical Committee T11, "Fibre Channel - Framing
and Signaling - 3 (FC-FS-3)", ANSI INCITS 470-2011, 2011.
[OUI] "IEEE OUI and "company_id" Assignments",
<http://standards.ieee.org/regauth/oui>.
[RFC1122] Braden, R., Ed., "Requirements for Internet Hosts -
Communication Layers", STD 3, RFC 1122, October 1989.
[RFC1964] Linn, J., "The Kerberos Version 5 GSS-API Mechanism",
RFC 1964, June 1996.
[RFC1982] Elz, R. and R. Bush, "Serial Number Arithmetic", RFC 1982,
August 1996.
[RFC1994] Simpson, W., "PPP Challenge Handshake Authentication
Protocol (CHAP)", RFC 1994, August 1996.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC2404] Madson, C. and R. Glenn, "The Use of HMAC-SHA-1-96 within
ESP and AH", RFC 2404, November 1998.
[RFC2406] Kent, S. and R. Atkinson, "IP Encapsulating Security
Payload (ESP)", RFC 2406, November 1998.
[RFC2451] Pereira, R. and R. Adams, "The ESP CBC-Mode Cipher
Algorithms", RFC 2451, November 1998.
[RFC2945] Wu, T., "The SRP Authentication and Key Exchange System",
RFC 2945, September 2000.
[RFC3454] Hoffman, P. and M. Blanchet, "Preparation of
Internationalized Strings ("stringprep")", RFC 3454,
December 2002.
[RFC3566] Frankel, S. and H. Herbert, "The AES-XCBC-MAC-96 Algorithm
and Its Use With IPsec", RFC 3566, September 2003.
Chadalapaka, et al. Standards Track [Page 248]
RFC 7143 iSCSI (Consolidated) April 2014
[RFC3629] Yergeau, F., "UTF-8, a transformation format of
ISO 10646", STD 63, RFC 3629, November 2003.
[RFC3686] Housley, R., "Using Advanced Encryption Standard (AES)
Counter Mode With IPsec Encapsulating Security Payload
(ESP)", RFC 3686, January 2004.
[RFC3722] Bakke, M., "String Profile for Internet Small Computer
Systems Interface (iSCSI) Names", RFC 3722, April 2004.
[RFC3723] Aboba, B., Tseng, J., Walker, J., Rangan, V., and F.
Travostino, "Securing Block Storage Protocols over IP",
RFC 3723, April 2004.
[RFC3986] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform
Resource Identifier (URI): Generic Syntax", STD 66,
RFC 3986, January 2005.
[RFC4106] Viega, J. and D. McGrew, "The Use of Galois/Counter Mode
(GCM) in IPsec Encapsulating Security Payload (ESP)",
RFC 4106, June 2005.
[RFC4120] Neuman, C., Yu, T., Hartman, S., and K. Raeburn, "The
Kerberos Network Authentication Service (V5)", RFC 4120,
July 2005.
[RFC4171] Tseng, J., Gibbons, K., Travostino, F., Du Laney, C., and
J. Souza, "Internet Storage Name Service (iSNS)",
RFC 4171, September 2005.
[RFC4291] Hinden, R. and S. Deering, "IP Version 6 Addressing
Architecture", RFC 4291, February 2006.
[RFC4301] Kent, S. and K. Seo, "Security Architecture for the
Internet Protocol", RFC 4301, December 2005.
[RFC4303] Kent, S., "IP Encapsulating Security Payload (ESP)",
RFC 4303, December 2005.
[RFC4304] Kent, S., "Extended Sequence Number (ESN) Addendum to
IPsec Domain of Interpretation (DOI) for Internet Security
Association and Key Management Protocol (ISAKMP)",
RFC 4304, December 2005.
[RFC4543] McGrew, D. and J. Viega, "The Use of Galois Message
Authentication Code (GMAC) in IPsec ESP and AH", RFC 4543,
May 2006.
Chadalapaka, et al. Standards Track [Page 249]
RFC 7143 iSCSI (Consolidated) April 2014
[RFC4648] Josefsson, S., "The Base16, Base32, and Base64 Data
Encodings", RFC 4648, October 2006.
[RFC5226] Narten, T. and H. Alvestrand, "Guidelines for Writing an
IANA Considerations Section in RFCs", BCP 26, RFC 5226,
May 2008.
[RFC5996] Kaufman, C., Hoffman, P., Nir, Y., and P. Eronen,
"Internet Key Exchange Protocol Version 2 (IKEv2)",
RFC 5996, September 2010.
[RFC6960] Santesson, S., Myers, M., Ankney, R., Malpani, A.,
Galperin, S., and C. Adams, "X.509 Internet Public Key
Infrastructure Online Certificate Status Protocol - OCSP",
RFC 6960, June 2013.
[RFC7144] Knight, F. and M. Chadalapaka, "Internet Small Computer
System Interface (iSCSI) SCSI Features Update", RFC 7144,
April 2014.
[RFC7145] Ko, M. and A. Nezhinsky, "Internet Small Computer System
Interface (iSCSI) Extensions for the Remote Direct Memory
Access (RDMA) Specification", RFC 7145, April 2014.
[RFC7146] Black, D. and P. Koning, "Securing Block Storage Protocols
over IP: RFC 3723 Requirements Update for IPsec v3",
RFC 7146, April 2014.
[SAM2] INCITS Technical Committee T10, "SCSI Architecture Model -
2 (SAM-2)", ANSI INCITS 366-2003, ISO/IEC 14776-412, 2003.
[SAM4] INCITS Technical Committee T10, "SCSI Architecture Model -
4 (SAM-4)", ANSI INCITS 447-2008, ISO/IEC 14776-414, 2008.
[SPC2] INCITS Technical Committee T10, "SCSI Primary Commands -
2", ANSI INCITS 351-2001, ISO/IEC 14776-452, 2001.
[SPC3] INCITS Technical Committee T10, "SCSI Primary Commands -
3", ANSI INCITS 408-2005, ISO/IEC 14776-453, 2005.
[UML] ISO, "Unified Modeling Language (UML) Version 1.4.2",
ISO/IEC 19501:2005.
[UNICODE] The Unicode Consortium, "Unicode Standard Annex #15:
Unicode Normalization Forms", 2013,
<http://www.unicode.org/unicode/reports/tr15>.
Chadalapaka, et al. Standards Track [Page 250]
RFC 7143 iSCSI (Consolidated) April 2014
16.2. Informative References
[Castagnoli93]
Castagnoli, G., Brauer, S., and M. Herrmann, "Optimization
of Cyclic Redundancy-Check Codes with 24 and 32 Parity
Bits", IEEE Transact. on Communications, Vol. 41, No. 6,
June 1993.
[FC-SP-2] INCITS Technical Committee T11, "Fibre Channel Security
Protocols 2", ANSI INCITS 496-2012, 2012.
[IB] InfiniBand, "InfiniBand(TM) Architecture Specification",
Vol. 1, Rel. 1.2.1, InfiniBand Trade Association,
<http://www.infinibandta.org>.
[RFC1737] Sollins, K. and L. Masinter, "Functional Requirements for
Uniform Resource Names", RFC 1737, December 1994.
[RFC2401] Kent, S. and R. Atkinson, "Security Architecture for the
Internet Protocol", RFC 2401, November 1998.
[RFC2407] Piper, D., "The Internet IP Security Domain of
Interpretation for ISAKMP", RFC 2407, November 1998.
[RFC2409] Harkins, D. and D. Carrel, "The Internet Key Exchange
(IKE)", RFC 2409, November 1998.
[RFC2608] Guttman, E., Perkins, C., Veizades, J., and M. Day,
"Service Location Protocol, Version 2", RFC 2608,
June 1999.
[RFC2743] Linn, J., "Generic Security Service Application Program
Interface Version 2, Update ", RFC 2743, January 2000.
[RFC2865] Rigney, C., Willens, S., Rubens, A., and W. Simpson,
"Remote Authentication Dial In User Service (RADIUS)",
RFC 2865, June 2000.
[RFC3385] Sheinwald, D., Satran, J., Thaler, P., and V. Cavanna,
"Internet Protocol Small Computer System Interface (iSCSI)
Cyclic Redundancy Check (CRC)/Checksum Considerations",
RFC 3385, September 2002.
[RFC3602] Frankel, S., Glenn, R., and S. Kelly, "The AES-CBC Cipher
Algorithm and Its Use with IPsec", RFC 3602,
September 2003.
Chadalapaka, et al. Standards Track [Page 251]
RFC 7143 iSCSI (Consolidated) April 2014
[RFC3720] Satran, J., Meth, K., Sapuntzakis, C., Chadalapaka, M.,
and E. Zeidner, "Internet Small Computer Systems Interface
(iSCSI)", RFC 3720, April 2004.
[RFC3721] Bakke, M., Hafner, J., Hufferd, J., Voruganti, K., and M.
Krueger, "Internet Small Computer Systems Interface
(iSCSI) Naming and Discovery", RFC 3721, April 2004.
[RFC3783] Chadalapaka, M. and R. Elliott, "Small Computer Systems
Interface (SCSI) Command Ordering Considerations with
iSCSI", RFC 3783, May 2004.
[RFC4121] Zhu, L., Jaganathan, K., and S. Hartman, "The Kerberos
Version 5 Generic Security Service Application Program
Interface (GSS-API) Mechanism: Version 2", RFC 4121,
July 2005.
[RFC4297] Romanow, A., Mogul, J., Talpey, T., and S. Bailey, "Remote
Direct Memory Access (RDMA) over IP Problem Statement",
RFC 4297, December 2005.
[RFC4806] Myers, M. and H. Tschofenig, "Online Certificate Status
Protocol (OCSP) Extensions to IKEv2", RFC 4806,
February 2007.
[RFC4850] Wysochanski, D., "Declarative Public Extension Key for
Internet Small Computer Systems Interface (iSCSI) Node
Architecture", RFC 4850, April 2007.
[RFC5046] Ko, M., Chadalapaka, M., Hufferd, J., Elzur, U., Shah, H.,
and P. Thaler, "Internet Small Computer System Interface
(iSCSI) Extensions for Remote Direct Memory Access
(RDMA)", RFC 5046, October 2007.
[RFC5048] Chadalapaka, M., Ed., "Internet Small Computer System
Interface (iSCSI) Corrections and Clarifications",
RFC 5048, October 2007.
[RFC5433] Clancy, T. and H. Tschofenig, "Extensible Authentication
Protocol - Generalized Pre-Shared Key (EAP-GPSK) Method",
RFC 5433, February 2009.
[RFC6648] Saint-Andre, P., Crocker, D., and M. Nottingham,
"Deprecating the "X-" Prefix and Similar Constructs in
Application Protocols", BCP 178, RFC 6648, June 2012.
[SAS] INCITS Technical Committee T10, "Serial Attached SCSI -
2.1 (SAS-2.1)", ANSI INCITS 457-2010, 2010.
Chadalapaka, et al. Standards Track [Page 252]
RFC 7143 iSCSI (Consolidated) April 2014
[SBC2] INCITS Technical Committee T10, "SCSI Block Commands - 2
(SBC-2)", ANSI INCITS 405-2005, ISO/IEC 14776-322, 2005.
[SPC4] INCITS Technical Committee T10, "SCSI Primary Commands -
4", ANSI INCITS 513-201x.
[SPL] INCITS Technical Committee T10, "SAS Protocol Layer - 2
(SPL-2)", ANSI INCITS 505-2013, ISO/IEC 14776-262, 2013.
Chadalapaka, et al. Standards Track [Page 253]
RFC 7143 iSCSI (Consolidated) April 2014
Appendix A. Examples
A.1. Read Operation Example
+------------------+-----------------------+---------------------+
|Initiator Function| PDU Type | Target Function |
+------------------+-----------------------+---------------------+
| Command request |SCSI Command (read)>>> | |
| (read) | | |
+------------------+-----------------------+---------------------+
| | |Prepare Data Transfer|
+------------------+-----------------------+---------------------+
| Receive Data | <<< SCSI Data-In | Send Data |
+------------------+-----------------------+---------------------+
| Receive Data | <<< SCSI Data-In | Send Data |
+------------------+-----------------------+---------------------+
| Receive Data | <<< SCSI Data-In | Send Data |
+------------------+-----------------------+---------------------+
| | <<< SCSI Response |Send Status and Sense|
+------------------+-----------------------+---------------------+
| Command Complete | | |
+------------------+-----------------------+---------------------+
Chadalapaka, et al. Standards Track [Page 254]
RFC 7143 iSCSI (Consolidated) April 2014
A.2. Write Operation Example
+------------------+-----------------------+---------------------+
|Initiator Function| PDU Type | Target Function |
+------------------+-----------------------+---------------------+
| Command request |SCSI Command (write)>>>| Receive command |
| (write) | | and queue it |
+------------------+-----------------------+---------------------+
| | | Process old commands|
+------------------+-----------------------+---------------------+
| | | Ready to process |
| | <<< R2T | write command |
+------------------+-----------------------+---------------------+
| Send Data | SCSI Data-Out >>> | Receive Data |
+------------------+-----------------------+---------------------+
| | <<< R2T | Ready for data |
+------------------+-----------------------+---------------------+
| | <<< R2T | Ready for data |
+------------------+-----------------------+---------------------+
| Send Data | SCSI Data-Out >>> | Receive Data |
+------------------+-----------------------+---------------------+
| Send Data | SCSI Data-Out >>> | Receive Data |
+------------------+-----------------------+---------------------+
| | <<< SCSI Response |Send Status and Sense|
+------------------+-----------------------+---------------------+
| Command Complete | | |
+------------------+-----------------------+---------------------+
Chadalapaka, et al. Standards Track [Page 255]
RFC 7143 iSCSI (Consolidated) April 2014
A.3. R2TSN/DataSN Use Examples
A.3.1. Output (Write) Data DataSN/R2TSN Example
+-------------------+------------------------+---------------------+
|Initiator Function | PDU Type and Content | Target Function |
+-------------------+------------------------+---------------------+
| Command request |SCSI Command (write)>>> | Receive command |
| (write) | | and queue it |
+-------------------+------------------------+---------------------+
| | | Process old commands|
+-------------------+------------------------+---------------------+
| | <<< R2T | Ready for data |
| | R2TSN = 0 | |
+-------------------+------------------------+---------------------+
| | <<< R2T | Ready for more data |
| | R2TSN = 1 | |
+-------------------+------------------------+---------------------+
| Send Data | SCSI Data-Out >>> | Receive Data |
| for R2TSN 0 | DataSN = 0, F = 0 | |
+-------------------+------------------------+---------------------+
| Send Data | SCSI Data-Out >>> | Receive Data |
| for R2TSN 0 | DataSN = 1, F = 1 | |
+-------------------+------------------------+---------------------+
| Send Data | SCSI Data >>> | Receive Data |
| for R2TSN 1 | DataSN = 0, F = 1 | |
+-------------------+------------------------+---------------------+
| | <<< SCSI Response |Send Status and Sense|
| | ExpDataSN = 0 | |
+-------------------+------------------------+---------------------+
| Command Complete | | |
+-------------------+------------------------+---------------------+
Chadalapaka, et al. Standards Track [Page 256]
RFC 7143 iSCSI (Consolidated) April 2014
A.3.2. Input (Read) Data DataSN Example
+------------------+-----------------------+----------------------+
|Initiator Function| PDU Type | Target Function |
+------------------+-----------------------+----------------------+
| Command request |SCSI Command (read)>>> | |
| (read) | | |
+------------------+-----------------------+----------------------+
| | |Prepare Data Transfer |
+------------------+-----------------------+----------------------+
| Receive Data | <<< SCSI Data-In | Send Data |
| | DataSN = 0, F = 0 | |
+------------------+-----------------------+----------------------+
| Receive Data | <<< SCSI Data-In | Send Data |
| | DataSN = 1, F = 0 | |
+------------------+-----------------------+----------------------+
| Receive Data | <<< SCSI Data-In | Send Data |
| | DataSN = 2, F = 1 | |
+------------------+-----------------------+----------------------+
| | <<< SCSI Response |Send Status and Sense |
| | ExpDataSN = 3 | |
+------------------+-----------------------+----------------------+
| Command Complete | | |
+------------------+-----------------------+----------------------+
Chadalapaka, et al. Standards Track [Page 257]
RFC 7143 iSCSI (Consolidated) April 2014
A.3.3. Bidirectional DataSN Example
+------------------+-----------------------+---------------------+
|Initiator Function| PDU Type | Target Function |
+------------------+-----------------------+---------------------+
| Command request |SCSI Command >>> | |
| (Read-Write) | Read-Write | |
+------------------+-----------------------+---------------------+
| | | Process old commands|
+------------------+-----------------------+---------------------+
| | <<< R2T | Ready to process |
| | R2TSN = 0 | write command |
+------------------+-----------------------+---------------------+
| * Receive Data | <<< SCSI Data-In | Send Data |
| | DataSN = 0, F = 0 | |
+------------------+-----------------------+---------------------+
| * Receive Data | <<< SCSI Data-In | Send Data |
| | DataSN = 1, F = 1 | |
+------------------+-----------------------+---------------------+
| * Send Data | SCSI Data-Out >>> | Receive Data |
| for R2TSN 0 | DataSN = 0, F = 1 | |
+------------------+-----------------------+---------------------+
| | <<< SCSI Response |Send Status and Sense|
| | ExpDataSN = 2 | |
+------------------+-----------------------+---------------------+
| Command Complete | | |
+------------------+-----------------------+---------------------+
* Send Data and Receive Data may be transferred simultaneously as in
an atomic Read-Old-Write-New or sequentially as in an atomic
Read-Update-Write (in the latter case, the R2T may follow the
received data).
Chadalapaka, et al. Standards Track [Page 258]
RFC 7143 iSCSI (Consolidated) April 2014
A.3.4. Unsolicited and Immediate Output (Write) Data with DataSN
Example
+------------------+------------------------+----------------------+
|Initiator Function| PDU Type and Content | Target Function |
+------------------+------------------------+----------------------+
| Command request |SCSI Command (write)>>> | Receive command |
| (write) |F = 0 | and data |
|+ immediate data | | and queue it |
+------------------+------------------------+----------------------+
| Send Unsolicited | SCSI Write Data >>> | Receive more Data |
| Data | DataSN = 0, F = 1 | |
+------------------+------------------------+----------------------+
| | | Process old commands |
+------------------+------------------------+----------------------+
| | <<< R2T | Ready for more data |
| | R2TSN = 0 | |
+------------------+------------------------+----------------------+
| Send Data | SCSI Write Data >>> | Receive Data |
| for R2TSN 0 | DataSN = 0, F = 1 | |
+------------------+------------------------+----------------------+
| | <<< SCSI Response |Send Status and Sense |
| | | |
+------------------+------------------------+----------------------+
| Command Complete | | |
+------------------+------------------------+----------------------+
A.4. CRC Examples
Note: All values are hexadecimal.
32 bytes of zeroes:
Byte: 0 1 2 3
0: 00 00 00 00
...
28: 00 00 00 00
CRC: aa 36 91 8a
Chadalapaka, et al. Standards Track [Page 259]
RFC 7143 iSCSI (Consolidated) April 2014
32 bytes of ones:
Byte: 0 1 2 3
0: ff ff ff ff
...
28: ff ff ff ff
CRC: 43 ab a8 62
32 bytes of incrementing 00..1f:
Byte: 0 1 2 3
0: 00 01 02 03
...
28: 1c 1d 1e 1f
CRC: 4e 79 dd 46
32 bytes of decrementing 1f..00:
Byte: 0 1 2 3
0: 1f 1e 1d 1c
...
28: 03 02 01 00
CRC: 5c db 3f 11
An iSCSI - SCSI Read (10) Command PDU:
Byte: 0 1 2 3
0: 01 c0 00 00
4: 00 00 00 00
8: 00 00 00 00
12: 00 00 00 00
16: 14 00 00 00
20: 00 00 04 00
24: 00 00 00 14
28: 00 00 00 18
32: 28 00 00 00
36: 00 00 00 00
40: 02 00 00 00
44: 00 00 00 00
CRC: 56 3a 96 d9
Chadalapaka, et al. Standards Track [Page 260]
RFC 7143 iSCSI (Consolidated) April 2014
Appendix B. Login Phase Examples
In the first example, the initiator and target authenticate each
other via Kerberos:
I-> Login (CSG,NSG=0,1 T=1)
InitiatorName=iqn.1999-07.com.os:hostid.77
TargetName=iqn.1999-07.com.example:diskarray.sn.88
AuthMethod=KRB5,SRP,None
T-> Login (CSG,NSG=0,0 T=0)
AuthMethod=KRB5
I-> Login (CSG,NSG=0,1 T=1)
KRB_AP_REQ=<krb_ap_req>
(krb_ap_req contains the Kerberos V5 ticket and authenticator with
MUTUAL-REQUIRED set in the ap-options field)
If the authentication is successful, the target proceeds with:
T-> Login (CSG,NSG=0,1 T=1)
KRB_AP_REP=<krb_ap_rep>
(krb_ap_rep is the Kerberos V5 mutual authentication reply)
If the authentication is successful, the initiator may proceed
with:
I-> Login (CSG,NSG=1,0 T=0) FirstBurstLength=8192
T-> Login (CSG,NSG=1,0 T=0) FirstBurstLength=4096
MaxBurstLength=8192
I-> Login (CSG,NSG=1,0 T=0) MaxBurstLength=8192
... more iSCSI Operational Parameters
T-> Login (CSG,NSG=1,0 T=0)
... more iSCSI Operational Parameters
And at the end:
I-> Login (CSG,NSG=1,3 T=1)
optional iSCSI parameters
T-> Login (CSG,NSG=1,3 T=1) "login accept"
Chadalapaka, et al. Standards Track [Page 261]
RFC 7143 iSCSI (Consolidated) April 2014
If the initiator's authentication by the target is not successful,
the target responds with:
T-> Login "login reject"
instead of the Login KRB_AP_REP message, and it terminates the
connection.
If the target's authentication by the initiator is not successful,
the initiator terminates the connection (without responding to the
Login KRB_AP_REP message).
In the next example, only the initiator is authenticated by the
target via Kerberos:
I-> Login (CSG,NSG=0,1 T=1)
InitiatorName=iqn.1999-07.com.os:hostid.77
TargetName=iqn.1999-07.com.example:diskarray.sn.88
AuthMethod=SRP,KRB5,None
T-> Login-PR (CSG,NSG=0,0 T=0)
AuthMethod=KRB5
I-> Login (CSG,NSG=0,1 T=1)
KRB_AP_REQ=krb_ap_req
(MUTUAL-REQUIRED not set in the ap-options field of krb_ap_req)
If the authentication is successful, the target proceeds with:
T-> Login (CSG,NSG=0,1 T=1)
I-> Login (CSG,NSG=1,0 T=0)
... iSCSI parameters
T-> Login (CSG,NSG=1,0 T=0)
... iSCSI parameters
. . .
T-> Login (CSG,NSG=1,3 T=1)"login accept"
Chadalapaka, et al. Standards Track [Page 262]
RFC 7143 iSCSI (Consolidated) April 2014
In the next example, the initiator and target authenticate each other
via SRP:
I-> Login (CSG,NSG=0,1 T=1)
InitiatorName=iqn.1999-07.com.os:hostid.77
TargetName=iqn.1999-07.com.example:diskarray.sn.88
AuthMethod=KRB5,SRP,None
T-> Login-PR (CSG,NSG=0,0 T=0)
AuthMethod=SRP
I-> Login (CSG,NSG=0,0 T=0)
SRP_U=<user>
TargetAuth=Yes
T-> Login (CSG,NSG=0,0 T=0)
SRP_N=<N>
SRP_g=<g>
SRP_s=<s>
I-> Login (CSG,NSG=0,0 T=0)
SRP_A=<A>
T-> Login (CSG,NSG=0,0 T=0)
SRP_B=<B>
I-> Login (CSG,NSG=0,1 T=1)
SRP_M=<M>
If the initiator authentication is successful, the target proceeds
with:
T-> Login (CSG,NSG=0,1 T=1)
SRP_HM=<H(A | M | K)>
where N, g, s, A, B, M, and H(A | M | K) are defined in [RFC2945].
If the target authentication is not successful, the initiator
terminates the connection; otherwise, it proceeds.
I-> Login (CSG,NSG=1,0 T=0)
... iSCSI parameters
T-> Login (CSG,NSG=1,0 T=0)
... iSCSI parameters
Chadalapaka, et al. Standards Track [Page 263]
RFC 7143 iSCSI (Consolidated) April 2014
And at the end:
I-> Login (CSG,NSG=1,3 T=1)
optional iSCSI parameters
T-> Login (CSG,NSG=1,3 T=1) "login accept"
If the initiator authentication is not successful, the target
responds with:
T-> Login "login reject"
instead of the T-> Login SRP_HM=<H(A | M | K)> message, and it
terminates the connection.
In the next example, only the initiator is authenticated by the
target via SRP:
I-> Login (CSG,NSG=0,1 T=1)
InitiatorName=iqn.1999-07.com.os:hostid.77
TargetName=iqn.1999-07.com.example:diskarray.sn.88
AuthMethod=KRB5,SRP,None
T-> Login-PR (CSG,NSG=0,0 T=0)
AuthMethod=SRP
I-> Login (CSG,NSG=0,0 T=0)
SRP_U=<user>
TargetAuth=No
T-> Login (CSG,NSG=0,0 T=0)
SRP_N=<N>
SRP_g=<g>
SRP_s=<s>
I-> Login (CSG,NSG=0,0 T=0)
SRP_A=<A>
T-> Login (CSG,NSG=0,0 T=0)
SRP_B=<B>
I-> Login (CSG,NSG=0,1 T=1)
SRP_M=<M>
Chadalapaka, et al. Standards Track [Page 264]
RFC 7143 iSCSI (Consolidated) April 2014
If the initiator authentication is successful, the target proceeds
with:
T-> Login (CSG,NSG=0,1 T=1)
I-> Login (CSG,NSG=1,0 T=0)
... iSCSI parameters
T-> Login (CSG,NSG=1,0 T=0)
... iSCSI parameters
And at the end:
I-> Login (CSG,NSG=1,3 T=1)
optional iSCSI parameters
T-> Login (CSG,NSG=1,3 T=1) "login accept"
In the next example, the initiator and target authenticate each other
via CHAP:
I-> Login (CSG,NSG=0,0 T=0)
InitiatorName=iqn.1999-07.com.os:hostid.77
TargetName=iqn.1999-07.com.example:diskarray.sn.88
AuthMethod=KRB5,CHAP,None
T-> Login-PR (CSG,NSG=0,0 T=0)
AuthMethod=CHAP
I-> Login (CSG,NSG=0,0 T=0)
CHAP_A=<A1,A2>
T-> Login (CSG,NSG=0,0 T=0)
CHAP_A=<A1>
CHAP_I=<I>
CHAP_C=<C>
I-> Login (CSG,NSG=0,1 T=1)
CHAP_N=<N>
CHAP_R=<R>
CHAP_I=<I>
CHAP_C=<C>
Chadalapaka, et al. Standards Track [Page 265]
RFC 7143 iSCSI (Consolidated) April 2014
If the initiator authentication is successful, the target proceeds
with:
T-> Login (CSG,NSG=0,1 T=1)
CHAP_N=<N>
CHAP_R=<R>
If the target authentication is not successful, the initiator aborts
the connection; otherwise, it proceeds.
I-> Login (CSG,NSG=1,0 T=0)
... iSCSI parameters
T-> Login (CSG,NSG=1,0 T=0)
... iSCSI parameters
And at the end:
I-> Login (CSG,NSG=1,3 T=1)
optional iSCSI parameters
T-> Login (CSG,NSG=1,3 T=1) "login accept"
If the initiator authentication is not successful, the target
responds with:
T-> Login "login reject"
instead of the Login CHAP_R=<response> "proceed and change stage"
message, and it terminates the connection.
In the next example, only the initiator is authenticated by the
target via CHAP:
I-> Login (CSG,NSG=0,1 T=0)
InitiatorName=iqn.1999-07.com.os:hostid.77
TargetName=iqn.1999-07.com.example:diskarray.sn.88
AuthMethod=KRB5,CHAP,None
T-> Login-PR (CSG,NSG=0,0 T=0)
AuthMethod=CHAP
I-> Login (CSG,NSG=0,0 T=0)
CHAP_A=<A1,A2>
Chadalapaka, et al. Standards Track [Page 266]
RFC 7143 iSCSI (Consolidated) April 2014
T-> Login (CSG,NSG=0,0 T=0)
CHAP_A=<A1>
CHAP_I=<I>
CHAP_C=<C>
I-> Login (CSG,NSG=0,1 T=1)
CHAP_N=<N>
CHAP_R=<R>
If the initiator authentication is successful, the target proceeds
with:
T-> Login (CSG,NSG=0,1 T=1)
I-> Login (CSG,NSG=1,0 T=0)
... iSCSI parameters
T-> Login (CSG,NSG=1,0 T=0)
... iSCSI parameters
And at the end:
I-> Login (CSG,NSG=1,3 T=1)
optional iSCSI parameters
T-> Login (CSG,NSG=1,3 T=1) "login accept"
In the next example, the initiator does not offer any security
parameters. It therefore may offer iSCSI parameters on the Login PDU
with the T bit set to 1, and the target may respond with a final
Login Response PDU immediately:
I-> Login (CSG,NSG=1,3 T=1)
InitiatorName=iqn.1999-07.com.os:hostid.77
TargetName=iqn.1999-07.com.example:diskarray.sn.88
... iSCSI parameters
T-> Login (CSG,NSG=1,3 T=1) "login accept"
... ISCSI parameters
In the next example, the initiator does offer security parameters on
the Login PDU, but the target does not choose any (i.e., chooses the
"None" values):
I-> Login (CSG,NSG=0,1 T=1)
InitiatorName=iqn.1999-07.com.os:hostid.77
TargetName=iqn.1999-07.com.example:diskarray.sn.88
AuthMethod=KRB5,SRP,None
Chadalapaka, et al. Standards Track [Page 267]
RFC 7143 iSCSI (Consolidated) April 2014
T-> Login-PR (CSG,NSG=0,1 T=1)
AuthMethod=None
I-> Login (CSG,NSG=1,0 T=0)
... iSCSI parameters
T-> Login (CSG,NSG=1,0 T=0)
... iSCSI parameters
And at the end:
I-> Login (CSG,NSG=1,3 T=1)
optional iSCSI parameters
T-> Login (CSG,NSG=1,3 T=1) "login accept"
Appendix C. SendTargets Operation
The text in this appendix is a normative part of this document.
To reduce the amount of configuration required on an initiator, iSCSI
provides the SendTargets Text Request. The initiator uses the
SendTargets request to get a list of targets to which it may have
access, as well as the list of addresses (IP address and TCP port) on
which these targets may be accessed.
To make use of SendTargets, an initiator must first establish one of
two types of sessions. If the initiator establishes the session
using the key "SessionType=Discovery", the session is a Discovery
session, and a target name does not need to be specified. Otherwise,
the session is a Normal operational session. The SendTargets command
MUST only be sent during the Full Feature Phase of a Normal or
Discovery session.
A system that contains targets MUST support Discovery sessions on
each of its iSCSI IP address-port pairs and MUST support the
SendTargets command on the Discovery session. In a Discovery
session, a target MUST return all path information (IP address-port
pairs and Target Portal Group Tags) for the targets on the target
Network Entity that the requesting initiator is authorized to access.
A target MUST support the SendTargets command on operational
sessions; these will only return path information about the target to
which the session is connected and do not need to return information
about other target names that may be defined in the responding
system.
An initiator MAY make use of the SendTargets command as it sees fit.
Chadalapaka, et al. Standards Track [Page 268]
RFC 7143 iSCSI (Consolidated) April 2014
A SendTargets command consists of a single Text Request PDU. This
PDU contains exactly one text key and value. The text key MUST be
SendTargets. The expected response depends upon the value, as well
as whether the session is a Discovery session or an operational
session.
The value must be one of:
All
The initiator is requesting that information on all relevant
targets known to the implementation be returned. This value
MUST be supported on a Discovery session and MUST NOT be
supported on an operational session.
<iSCSI-target-name>
If an iSCSI Target Name is specified, the session should
respond with addresses for only the named target, if possible.
This value MUST be supported on Discovery sessions. A
Discovery session MUST be capable of returning addresses for
those targets that would have been returned had value=All been
designated.
<nothing>
The session should only respond with addresses for the target
to which the session is logged in. This MUST be supported on
operational sessions and MUST NOT return targets other than the
one to which the session is logged in.
The response to this command is a Text Response that contains a list
of zero or more targets and, optionally, their addresses. Each
target is returned as a target record. A target record begins with
the TargetName text key, followed by a list of TargetAddress text
keys, and bounded by the end of the Text Response or the next
TargetName key, which begins a new record. No text keys other than
TargetName and TargetAddress are permitted within a SendTargets
response.
For the format of the TargetName, see Section 13.4.
A Discovery session MAY respond to a SendTargets request with its
complete list of targets, or with a list of targets that is based on
the name of the initiator logged in to the session.
A SendTargets response MUST NOT contain target names if there are no
targets for the requesting initiator to access.
Chadalapaka, et al. Standards Track [Page 269]
RFC 7143 iSCSI (Consolidated) April 2014
Each target record returned includes zero or more TargetAddress
fields.
Each target record starts with one text key of the form:
TargetName=<target-name-goes-here>
followed by zero or more address keys of the form:
TargetAddress=<hostname-or-ipaddress>[:<tcp-port>],
<portal-group-tag>
The hostname-or-ipaddress contains a domain name, IPv4 address, or
IPv6 address ([RFC4291]), as specified for the TargetAddress key.
A hostname-or-ipaddress duplicated in TargetAddress responses for a
given node (the port is absent or equal) would probably indicate that
multiple address families are in use at once (IPv6 and IPv4).
Each TargetAddress belongs to a portal group, identified by its
numeric Target Portal Group Tag (see Section 13.9). The iSCSI Target
Name, together with this tag, constitutes the SCSI port identifier;
the tag only needs to be unique within a given target's name list of
addresses.
Multiple-connection sessions can span iSCSI addresses that belong to
the same portal group.
Multiple-connection sessions cannot span iSCSI addresses that belong
to different portal groups.
If a SendTargets response reports an iSCSI address for a target, it
SHOULD also report all other addresses in its portal group in the
same response.
A SendTargets Text Response can be longer than a single Text Response
PDU and makes use of the long Text Responses as specified.
After obtaining a list of targets from the Discovery session, an
iSCSI initiator may initiate new sessions to log in to the discovered
targets for full operation. The initiator MAY keep the Discovery
session open and MAY send subsequent SendTargets commands to discover
new targets.
Chadalapaka, et al. Standards Track [Page 270]
RFC 7143 iSCSI (Consolidated) April 2014
Examples:
This example is the SendTargets response from a single target that
has no other interface ports.
The initiator sends a Text Request that contains:
SendTargets=All
The target sends a Text Response that contains:
TargetName=iqn.1993-11.com.example:diskarray.sn.8675309
All the target had to return in this simple case was the target name.
It is assumed by the initiator that the IP address and TCP port for
this target are the same as those used on the current connection to
the default iSCSI target.
The next example has two internal iSCSI targets, each accessible via
two different ports with different IP addresses. The following is
the Text Response:
TargetName=iqn.1993-11.com.example:diskarray.sn.8675309
TargetAddress=10.1.0.45:3000,1
TargetAddress=10.1.1.45:3000,2
TargetName=iqn.1993-11.com.example:diskarray.sn.1234567
TargetAddress=10.1.0.45:3000,1
TargetAddress=10.1.1.45:3000,2
Both targets share both addresses; the multiple addresses are likely
used to provide multi-path support. The initiator may connect to
either target name on either address. Each of the addresses has its
own Target Portal Group Tag; they do not support spanning multiple-
connection sessions with each other. Keep in mind that the Target
Portal Group Tags for the two named targets are independent of one
another; portal group "1" on the first target is not necessarily the
same as portal group "1" on the second target.
In the above example, a DNS host name or an IPv6 address could have
been returned instead of an IPv4 address.
Chadalapaka, et al. Standards Track [Page 271]
RFC 7143 iSCSI (Consolidated) April 2014
The next Text Response shows a target that supports spanning sessions
across multiple addresses and further illustrates the use of the
Target Portal Group Tags:
TargetName=iqn.1993-11.com.example:diskarray.sn.8675309
TargetAddress=10.1.0.45:3000,1
TargetAddress=10.1.1.46:3000,1
TargetAddress=10.1.0.47:3000,2
TargetAddress=10.1.1.48:3000,2
TargetAddress=10.1.1.49:3000,3
In this example, any of the target addresses can be used to reach the
same target. A single-connection session can be established to any
of these TCP addresses. A multiple-connection session could span
addresses .45 and .46 or .47 and .48 but cannot span any other
combination. A TargetAddress with its own tag (.49) cannot be
combined with any other address within the same session.
This SendTargets response does not indicate whether .49 supports
multiple connections per session; it is communicated via the
MaxConnections text key upon login to the target.
Appendix D. Algorithmic Presentation of Error Recovery Classes
This appendix illustrates the error recovery classes using a
pseudo-programming language. The procedure names are chosen to be
obvious to most implementers. Each of the recovery classes described
has initiator procedures as well as target procedures. These
algorithms focus on outlining the mechanics of error recovery classes
and do not exhaustively describe all other aspects/cases. Examples
of this approach are as follows:
- Handling for only certain Opcode types is shown.
- Only certain reason codes (e.g., Recovery in Logout command) are
outlined.
- Resultant cases, such as recovery of Synchronization on a header
digest error, are considered out of scope in these algorithms.
In this particular example, a header digest error may lead to
connection recovery if some type of Sync and Steering layer is
not implemented.
Chadalapaka, et al. Standards Track [Page 272]
RFC 7143 iSCSI (Consolidated) April 2014
These algorithms strive to convey the iSCSI error recovery concepts
in the simplest terms and are not designed to be optimal.
D.1. General Data Structure and Procedure Description
This section defines the procedures and data structures that are
commonly used by all the error recovery algorithms. The structures
may not be the exhaustive representations of what is required for a
typical implementation.
Data structure definitions:
struct TransferContext {
int TargetTransferTag;
int ExpectedDataSN;
};
struct TCB { /* task control block */
Boolean SoFarInOrder;
int ExpectedDataSN; /* used for both R2Ts and Data */
int MissingDataSNList[MaxMissingDPDU];
Boolean FbitReceived;
Boolean StatusXferd;
Boolean CurrentlyAllegiant;
int ActiveR2Ts;
int Response;
char *Reason;
struct TransferContext
TransferContextList[MaxOutstandingR2T];
int InitiatorTaskTag;
int CmdSN;
int SNACK_Tag;
};
struct Connection {
struct Session SessionReference;
Boolean SoFarInOrder;
int CID;
int State;
int CurrentTimeout;
int ExpectedStatSN;
int MissingStatSNList[MaxMissingSPDU];
Boolean PerformConnectionCleanup;
};
Chadalapaka, et al. Standards Track [Page 273]
RFC 7143 iSCSI (Consolidated) April 2014
struct Session {
int NumConnections;
int CmdSN;
int Maxconnections;
int ErrorRecoveryLevel;
struct iSCSIEndpoint OtherEndInfo;
struct Connection ConnectionList[MaxSupportedConns];
};
Procedure descriptions:
Receive-an-In-PDU(transport connection, inbound PDU);
check-basic-validity(inbound PDU);
Start-Timer(timeout handler, argument, timeout value);
Build-And-Send-Reject(transport connection, bad PDU, reason code);
D.2. Within-command Error Recovery Algorithms
D.2.1. Procedure Descriptions
Recover-Data-if-Possible(last required DataSN, task control block);
Build-And-Send-DSnack(task control block);
Build-And-Send-RDSnack(task control block);
Build-And-Send-Abort(task control block);
SCSI-Task-Completion(task control block);
Build-And-Send-A-Data-Burst(transport connection, data-descriptor,
task control block);
Build-And-Send-R2T(transport connection, data-descriptor,
task control block);
Build-And-Send-Status(transport connection, task control block);
Transfer-Context-Timeout-Handler(transfer context);
Notes:
- One procedure used in this section: the Handle-Status-SNACK-request
is defined in Appendix D.3.
- The response-processing pseudocode shown in the target algorithms
applies to all solicited PDUs that carry the StatSN -- SCSI
Response, Text Response, etc.
Chadalapaka, et al. Standards Track [Page 274]
RFC 7143 iSCSI (Consolidated) April 2014
D.2.2. Initiator Algorithms
Recover-Data-if-Possible(LastRequiredDataSN, TCB)
{
if (operational ErrorRecoveryLevel > 0) {
if (# of missing PDUs is trackable) {
Note the missing DataSNs in TCB.
if (the task spanned a change in
MaxRecvDataSegmentLength) {
if (TCB.StatusXferd is TRUE)
drop the status PDU;
Build-And-Send-RDSnack(TCB);
} else {
Build-And-Send-DSnack(TCB);
}
} else {
TCB.Reason = "Protocol Service CRC error";
}
} else {
TCB.Reason = "Protocol Service CRC error";
}
if (TCB.Reason == "Protocol Service CRC error") {
Clear the missing PDU list in the TCB.
if (TCB.StatusXferd is not TRUE)
Build-And-Send-Abort(TCB);
}
}
Receive-an-In-PDU(Connection, CurrentPDU)
{
check-basic-validity(CurrentPDU);
if (Header-Digest-Bad) discard, return;
Retrieve TCB for CurrentPDU.InitiatorTaskTag.
if ((CurrentPDU.type == Data)
or (CurrentPDU.type = R2T)) {
if (Data-Digest-Bad for Data) {
send-data-SNACK = TRUE;
LastRequiredDataSN = CurrentPDU.DataSN;
} else {
if (TCB.SoFarInOrder = TRUE) {
if (current DataSN is expected) {
Increment TCB.ExpectedDataSN.
} else {
TCB.SoFarInOrder = FALSE;
send-data-SNACK = TRUE;
}
Chadalapaka, et al. Standards Track [Page 275]
RFC 7143 iSCSI (Consolidated) April 2014
} else {
if (current DataSN was considered missing) {
remove current DataSN from missing PDU list.
} else if (current DataSN is higher than expected) {
send-data-SNACK = TRUE;
} else {
discard, return;
}
Adjust TCB.ExpectedDataSN if appropriate.
}
LastRequiredDataSN = CurrentPDU.DataSN - 1;
}
if (send-data-SNACK is TRUE and
task is not already considered failed) {
Recover-Data-if-Possible(LastRequiredDataSN, TCB);
}
if (missing data PDU list is empty) {
TCB.SoFarInOrder = TRUE;
}
if (CurrentPDU.type == R2T) {
Increment ActiveR2Ts for this task.
Create a data-descriptor for the data burst.
Build-And-Send-A-Data-Burst(Connection, data-descriptor, TCB);
}
} else if (CurrentPDU.type == Response) {
if (Data-Digest-Bad) {
send-status-SNACK = TRUE;
} else {
TCB.StatusXferd = TRUE;
Store the status information in TCB.
if (ExpDataSN does not match) {
TCB.SoFarInOrder = FALSE;
Recover-Data-if-Possible(current DataSN, TCB);
}
if (missing data PDU list is empty) {
TCB.SoFarInOrder = TRUE;
}
}
} else { /* REST UNRELATED TO WITHIN-COMMAND-RECOVERY, NOT SHOWN */
}
if ((TCB.SoFarInOrder == TRUE) and
(TCB.StatusXferd == TRUE)) {
SCSI-Task-Completion(TCB);
}
}
Chadalapaka, et al. Standards Track [Page 276]
RFC 7143 iSCSI (Consolidated) April 2014
D.2.3. Target Algorithms
Receive-an-In-PDU(Connection, CurrentPDU)
{
check-basic-validity(CurrentPDU);
if (Header-Digest-Bad) discard, return;
Retrieve TCB for CurrentPDU.InitiatorTaskTag.
if (CurrentPDU.type == Data) {
Retrieve TContext from CurrentPDU.TargetTransferTag;
if (Data-Digest-Bad) {
Build-And-Send-Reject(Connection, CurrentPDU,
Payload-Digest-Error);
Note the missing data PDUs in MissingDataRange[].
send-recovery-R2T = TRUE;
} else {
if (current DataSN is not expected) {
Note the missing data PDUs in MissingDataRange[].
send-recovery-R2T = TRUE;
}
if (CurrentPDU.Fbit == TRUE) {
if (current PDU is solicited) {
Decrement TCB.ActiveR2Ts.
}
if ((current PDU is unsolicited and
data received is less than I/O length and
data received is less than FirstBurstLength)
or (current PDU is solicited and the length of
this burst is less than expected)) {
send-recovery-R2T = TRUE;
Note the missing data in MissingDataRange[].
}
}
}
Increment TContext.ExpectedDataSN.
if (send-recovery-R2T is TRUE and
task is not already considered failed) {
if (operational ErrorRecoveryLevel > 0) {
Increment TCB.ActiveR2Ts.
Create a data-descriptor for the data burst
from MissingDataRange.
Build-And-Send-R2T(Connection, data-descriptor, TCB);
} else {
if (current PDU is the last unsolicited)
TCB.Reason = "Not enough unsolicited data";
else
TCB.Reason = "Protocol Service CRC error";
}
}
Chadalapaka, et al. Standards Track [Page 277]
RFC 7143 iSCSI (Consolidated) April 2014
if (TCB.ActiveR2Ts == 0) {
Build-And-Send-Status(Connection, TCB);
}
} else if (CurrentPDU.type == SNACK) {
snack-failure = FALSE;
if (operational ErrorRecoveryLevel > 0) {
if (CurrentPDU.type == Data/R2T) {
if (the request is satisfiable) {
if (request for Data) {
Create a data-descriptor for the data burst
from BegRun and RunLength.
Build-And-Send-A-Data-Burst(Connection,
data-descriptor, TCB);
} else { /* R2T */
Create a data-descriptor for the data burst
from BegRun and RunLength.
Build-And-Send-R2T(Connection, data-descriptor,
TCB);
}
} else {
snack-failure = TRUE;
}
} else if (CurrentPDU.type == status) {
Handle-Status-SNACK-request(Connection, CurrentPDU);
} else if (CurrentPDU.type == DataACK) {
Consider all data up to CurrentPDU.BegRun as
acknowledged.
Free up the retransmission resources for that data.
} else if (CurrentPDU.type == R-Data SNACK) {
Create a data descriptor for a data burst
covering all unacknowledged data.
Build-And-Send-A-Data-Burst(Connection,
data-descriptor, TCB);
TCB.SNACK_Tag = CurrentPDU.SNACK_Tag;
if (there's no more data to send) {
Build-And-Send-Status(Connection, TCB);
}
}
} else { /* operational ErrorRecoveryLevel = 0 */
snack-failure = TRUE;
}
if (snack-failure == TRUE) {
Build-And-Send-Reject(Connection, CurrentPDU,
SNACK-Reject);
if (TCB.StatusXferd != TRUE) {
TCB.Reason = "SNACK rejected";
Build-And-Send-Status(Connection, TCB);
}
Chadalapaka, et al. Standards Track [Page 278]
RFC 7143 iSCSI (Consolidated) April 2014
}
} else { /* REST UNRELATED TO WITHIN-COMMAND-RECOVERY, NOT SHOWN */
}
}
Transfer-Context-Timeout-Handler(TContext)
{
Retrieve TCB and Connection from TContext.
Decrement TCB.ActiveR2Ts.
if (operational ErrorRecoveryLevel > 0 and
task is not already considered failed) {
Note the missing data PDUs in MissingDataRange[].
Create a data-descriptor for the data burst
from MissingDataRange[].
Build-And-Send-R2T(Connection, data-descriptor, TCB);
} else {
TCB.Reason = "Protocol Service CRC error";
if (TCB.ActiveR2Ts = 0) {
Build-And-Send-Status(Connection, TCB);
}
}
}
D.3. Within-connection Recovery Algorithms
D.3.1. Procedure Descriptions
Procedure descriptions:
Recover-Status-if-Possible(transport connection,
currently received PDU);
Evaluate-a-StatSN(transport connection, currently received PDU);
Retransmit-Command-if-Possible(transport connection, CmdSN);
Build-And-Send-SSnack(transport connection);
Build-And-Send-Command(transport connection,
task control block);
Command-Acknowledge-Timeout-Handler(task control block);
Status-Expect-Timeout-Handler(transport connection);
Build-And-Send-NOP-Out(transport connection);
Handle-Status-SNACK-request(transport connection,
Status SNACK PDU);
Retransmit-Status-Burst(Status SNACK, task control block);
Is-Acknowledged(beginning StatSN, run length);
Chadalapaka, et al. Standards Track [Page 279]
RFC 7143 iSCSI (Consolidated) April 2014
Implementation-specific parameters that are tunable:
InitiatorProactiveSNACKEnabled
Notes:
- The initiator algorithms only deal with unsolicited NOP-In PDUs for
generating Status SNACKs. A solicited NOP-In PDU has an assigned
StatSN that, when out of order, could trigger the out-of-order
StatSN handling in within-command algorithms, again leading to
Recover-Status-if-Possible.
- The pseudocode shown may result in the retransmission of
unacknowledged commands in more cases than necessary. This will
not, however, affect the correctness of the operation because the
target is required to discard the duplicate CmdSNs.
- The procedure Build-And-Send-Async is defined in the connection
recovery algorithms.
- The procedure Status-Expect-Timeout-Handler describes how
initiators may proactively attempt to retrieve the Status if they
so choose. This procedure is assumed to be triggered much before
the standard ULP timeout.
D.3.2. Initiator Algorithms
Recover-Status-if-Possible(Connection, CurrentPDU)
{
if ((Connection.state == LOGGED_IN) and
connection is not already considered failed) {
if (operational ErrorRecoveryLevel > 0) {
if (# of missing PDUs is trackable) {
Note the missing StatSNs in Connection
that were not already requested with SNACK;
Build-And-Send-SSnack(Connection);
} else {
Connection.PerformConnectionCleanup = TRUE;
}
} else {
Connection.PerformConnectionCleanup = TRUE;
}
if (Connection.PerformConnectionCleanup == TRUE) {
Start-Timer(Connection-Cleanup-Handler, Connection, 0);
}
}
}
Chadalapaka, et al. Standards Track [Page 280]
RFC 7143 iSCSI (Consolidated) April 2014
Retransmit-Command-if-Possible(Connection, CmdSN)
{
if (operational ErrorRecoveryLevel > 0) {
Retrieve the InitiatorTaskTag, and thus TCB for the CmdSN.
Build-And-Send-Command(Connection, TCB);
}
}
Evaluate-a-StatSN(Connection, CurrentPDU)
{
send-status-SNACK = FALSE;
if (Connection.SoFarInOrder == TRUE) {
if (current StatSN is the expected) {
Increment Connection.ExpectedStatSN.
} else {
Connection.SoFarInOrder = FALSE;
send-status-SNACK = TRUE;
}
} else {
if (current StatSN was considered missing) {
remove current StatSN from the missing list.
} else {
if (current StatSN is higher than expected){
send-status-SNACK = TRUE;
} else {
send-status-SNACK = FALSE;
discard the PDU;
}
}
Adjust Connection.ExpectedStatSN if appropriate.
if (missing StatSN list is empty) {
Connection.SoFarInOrder = TRUE;
}
}
return send-status-SNACK;
}
Receive-an-In-PDU(Connection, CurrentPDU)
{
check-basic-validity(CurrentPDU);
if (Header-Digest-Bad) discard, return;
Retrieve TCB for CurrentPDU.InitiatorTaskTag.
if (CurrentPDU.type == NOP-In) {
if (the PDU is unsolicited) {
if (current StatSN is not expected) {
Recover-Status-if-Possible(Connection,
CurrentPDU);
}
Chadalapaka, et al. Standards Track [Page 281]
RFC 7143 iSCSI (Consolidated) April 2014
if (current ExpCmdSN is not Session.CmdSN) {
Retransmit-Command-if-Possible(Connection,
CurrentPDU.ExpCmdSN);
}
}
} else if (CurrentPDU.type == Reject) {
if (it is a data digest error on immediate data) {
Retransmit-Command-if-Possible(Connection,
CurrentPDU.BadPDUHeader.CmdSN);
}
} else if (CurrentPDU.type == Response) {
send-status-SNACK = Evaluate-a-StatSN(Connection,
CurrentPDU);
if (send-status-SNACK == TRUE)
Recover-Status-if-Possible(Connection, CurrentPDU);
} else { /* REST UNRELATED TO WITHIN-CONNECTION-RECOVERY,
* NOT SHOWN */
}
}
Command-Acknowledge-Timeout-Handler(TCB)
{
Retrieve the Connection for TCB.
Retransmit-Command-if-Possible(Connection, TCB.CmdSN);
}
Status-Expect-Timeout-Handler(Connection)
{
if (operational ErrorRecoveryLevel > 0) {
Build-And-Send-NOP-Out(Connection);
} else if (InitiatorProactiveSNACKEnabled){
if ((Connection.state == LOGGED_IN) and
connection is not already considered failed) {
Build-And-Send-SSnack(Connection);
}
}
}
Chadalapaka, et al. Standards Track [Page 282]
RFC 7143 iSCSI (Consolidated) April 2014
D.3.3. Target Algorithms
Handle-Status-SNACK-request(Connection, CurrentPDU)
{
if (operational ErrorRecoveryLevel > 0) {
if (request for an acknowledged run) {
Build-And-Send-Reject(Connection, CurrentPDU,
Protocol-Error);
} else if (request for an untransmitted run) {
discard, return;
} else {
Retransmit-Status-Burst(CurrentPDU, TCB);
}
} else {
Build-And-Send-Async(Connection, DroppedConnection,
DefaultTime2Wait, DefaultTime2Retain);
}
}
D.4. Connection Recovery Algorithms
D.4.1. Procedure Descriptions
Build-And-Send-Async(transport connection, reason code,
minimum time, maximum time);
Pick-A-Logged-In-Connection(session);
Build-And-Send-Logout(transport connection,
logout connection identifier, reason code);
PerformImplicitLogout(transport connection,
logout connection identifier, target information);
PerformLogin(transport connection, target information);
CreateNewTransportConnection(target information);
Build-And-Send-Command(transport connection, task control block);
Connection-Cleanup-Handler(transport connection);
Connection-Resource-Timeout-Handler(transport connection);
Quiesce-And-Prepare-for-New-Allegiance(session, task control block);
Build-And-Send-Logout-Response(transport connection,
CID of connection in recovery, reason code);
Build-And-Send-TaskMgmt-Response(transport connection,
task mgmt command PDU, response code);
Establish-New-Allegiance(task control block, transport connection);
Schedule-Command-To-Continue(task control block);
Chadalapaka, et al. Standards Track [Page 283]
RFC 7143 iSCSI (Consolidated) April 2014
Note:
- Transport exception conditions such as unexpected connection
termination, connection reset, and hung connection while the
connection is in the Full Feature Phase are all assumed to be
asynchronously signaled to the iSCSI layer using the
Transport_Exception_Handler procedure.
D.4.2. Initiator Algorithms
Receive-an-In-PDU(Connection, CurrentPDU)
{
check-basic-validity(CurrentPDU);
if (Header-Digest-Bad) discard, return;
Retrieve TCB from CurrentPDU.InitiatorTaskTag.
if (CurrentPDU.type == Async) {
if (CurrentPDU.AsyncEvent == ConnectionDropped) {
Retrieve the AffectedConnection for
CurrentPDU.Parameter1.
AffectedConnection.CurrentTimeout =
CurrentPDU.Parameter3;
AffectedConnection.State = CLEANUP_WAIT;
Start-Timer(Connection-Cleanup-Handler,
AffectedConnection, CurrentPDU.Parameter2);
} else if (CurrentPDU.AsyncEvent == LogoutRequest)) {
AffectedConnection = Connection;
AffectedConnection.State = LOGOUT_REQUESTED;
AffectedConnection.PerformConnectionCleanup = TRUE;
AffectedConnection.CurrentTimeout =
CurrentPDU.Parameter3;
Start-Timer(Connection-Cleanup-Handler,
AffectedConnection, 0);
} else if (CurrentPDU.AsyncEvent == SessionDropped)) {
for (each Connection) {
Connection.State = CLEANUP_WAIT;
Connection.CurrentTimeout = CurrentPDU.Parameter3;
Start-Timer(Connection-Cleanup-Handler,
Connection, CurrentPDU.Parameter2);
}
Session.state = FAILED;
}
} else if (CurrentPDU.type == LogoutResponse) {
Retrieve the CleanupConnection for CurrentPDU.CID.
if (CurrentPDU.Response = failure) {
CleanupConnection.State = CLEANUP_WAIT;
Chadalapaka, et al. Standards Track [Page 284]
RFC 7143 iSCSI (Consolidated) April 2014
} else {
CleanupConnection.State = FREE;
}
} else if (CurrentPDU.type == LoginResponse) {
if (this is a response to an implicit Logout) {
Retrieve the CleanupConnection.
if (successful) {
CleanupConnection.State = FREE;
Connection.State = LOGGED_IN;
} else {
CleanupConnection.State = CLEANUP_WAIT;
DestroyTransportConnection(Connection);
}
}
} else { /* REST UNRELATED TO CONNECTION-RECOVERY,
* NOT SHOWN */
}
if (CleanupConnection.State == FREE) {
for (each command that was active on CleanupConnection) {
/* Establish new connection allegiance */
NewConnection = Pick-A-Logged-In-Connection(Session);
Build-And-Send-Command(NewConnection, TCB);
}
}
}
Connection-Cleanup-Handler(Connection)
{
Retrieve Session from Connection.
if (Connection can still exchange iSCSI PDUs) {
NewConnection = Connection;
} else {
Start-Timer(Connection-Resource-Timeout-Handler,
Connection, Connection.CurrentTimeout);
if (there are other logged-in connections) {
NewConnection = Pick-A-Logged-In-Connection(Session);
} else {
NewConnection =
CreateTransportConnection(Session.OtherEndInfo);
Initiate an implicit Logout on NewConnection for
Connection.CID.
return;
}
}
Build-And-Send-Logout(NewConnection, Connection.CID,
RecoveryRemove);
}
Chadalapaka, et al. Standards Track [Page 285]
RFC 7143 iSCSI (Consolidated) April 2014
Transport_Exception_Handler(Connection)
{
Connection.PerformConnectionCleanup = TRUE;
if (the event is an unexpected transport disconnect) {
Connection.State = CLEANUP_WAIT;
Connection.CurrentTimeout = DefaultTime2Retain;
Start-Timer(Connection-Cleanup-Handler, Connection,
DefaultTime2Wait);
} else {
Connection.State = FREE;
}
}
D.4.3. Target Algorithms
Receive-an-In-PDU(Connection, CurrentPDU)
{
check-basic-validity(CurrentPDU);
if (Header-Digest-Bad) discard, return;
else if (Data-Digest-Bad) {
Build-And-Send-Reject(Connection, CurrentPDU,
Payload-Digest-Error);
discard, return;
}
Retrieve TCB and Session.
if (CurrentPDU.type == Logout) {
if (CurrentPDU.ReasonCode = RecoveryRemove) {
Retrieve the CleanupConnection from CurrentPDU.CID).
for (each command active on CleanupConnection) {
Quiesce-And-Prepare-for-New-Allegiance(Session,
TCB);
TCB.CurrentlyAllegiant = FALSE;
}
Cleanup-Connection-State(CleanupConnection);
if ((quiescing successful) and (cleanup successful))
{
Build-And-Send-Logout-Response(Connection,
CleanupConnection.CID, Success);
} else {
Build-And-Send-Logout-Response(Connection,
CleanupConnection.CID, Failure);
}
}
Chadalapaka, et al. Standards Track [Page 286]
RFC 7143 iSCSI (Consolidated) April 2014
} else if ((CurrentPDU.type == Login) and
operational ErrorRecoveryLevel == 2) {
Retrieve the CleanupConnection from CurrentPDU.CID).
for (each command active on CleanupConnection) {
Quiesce-And-Prepare-for-New-Allegiance(Session,
TCB);
TCB.CurrentlyAllegiant = FALSE;
}
Cleanup-Connection-State(CleanupConnection);
if ((quiescing successful) and (cleanup successful))
{
Continue with the rest of the login processing;
} else {
Build-And-Send-Login-Response(Connection,
CleanupConnection.CID, Target Error);
}
}
} else if (CurrentPDU.type == TaskManagement) {
if (CurrentPDU.function == "TaskReassign") {
if (Session.ErrorRecoveryLevel < 2) {
Build-And-Send-TaskMgmt-Response(Connection,
CurrentPDU,
"Task allegiance reassignment not
supported");
} else if (task is not found) {
Build-And-Send-TaskMgmt-Response(Connection,
CurrentPDU, "Task not in task set");
} else if (task is currently allegiant) {
Build-And-Send-TaskMgmt-Response(Connection,
CurrentPDU, "Task still allegiant");
} else {
Establish-New-Allegiance(TCB, Connection);
TCB.CurrentlyAllegiant = TRUE;
Schedule-Command-To-Continue(TCB);
}
}
} else { /* REST UNRELATED TO CONNECTION-RECOVERY,
* NOT SHOWN */
}
}
Chadalapaka, et al. Standards Track [Page 287]
RFC 7143 iSCSI (Consolidated) April 2014
Transport_Exception_Handler(Connection)
{
Connection.PerformConnectionCleanup = TRUE;
if (the event is an unexpected transport disconnect) {
Connection.State = CLEANUP_WAIT;
Start-Timer(Connection-Resource-Timeout-Handler,
Connection, (DefaultTime2Wait+DefaultTime2Retain));
if (this Session has Full Feature Phase connections
left) {
DifferentConnection =
Pick-A-Logged-In-Connection(Session);
Build-And-Send-Async(DifferentConnection,
DroppedConnection, DefaultTime2Wait,
DefaultTime2Retain);
}
} else {
Connection.State = FREE;
}
}
Appendix E. Clearing Effects of Various Events on Targets
E.1. Clearing Effects on iSCSI Objects
The following tables describe the target behavior on receiving the
events specified in the rows of the table. The second table is an
extension of the first table and defines clearing actions for more
objects on the same events. The legend is:
Y = Yes (cleared/discarded/reset on the event specified in the row).
Unless otherwise noted, the clearing action is only applicable
for the issuing initiator port.
N = No (not affected on the event specified in the row, i.e., stays
at previous value).
NA = Not Applicable or Not Defined.
Chadalapaka, et al. Standards Track [Page 288]
RFC 7143 iSCSI (Consolidated) April 2014
+------+------+------+------+------+
|IT (1)|IC (2)|CT (5)|ST (6)|PP (7)|
+----------------------+------+------+------+------+------+
|connection failure (8)|Y |Y |N |N |Y |
+----------------------+------+------+------+------+------+
|connection state |NA |NA |Y |N |NA |
|timeout (9) | | | | | |
+----------------------+------+------+------+------+------+
|session timeout/ |Y |Y |Y |Y |Y (14)|
|closure/reinstatement | | | | | |
|(10) | | | | | |
+----------------------+------+------+------+------+------+
|session continuation |NA |NA |N (11)|N |NA |
|(12) | | | | | |
+----------------------+------+------+------+------+------+
|successful connection |Y |Y |Y |N |Y (13)|
|close logout | | | | | |
+----------------------+------+------+------+------+------+
|session failure (18) |Y |Y |N |N |Y |
+----------------------+------+------+------+------+------+
|successful recovery |Y |Y |N |N |Y (13)|
|Logout | | | | | |
+----------------------+------+------+------+------+------+
|failed Logout |Y |Y |N |N |Y |
+----------------------+------+------+------+------+------+
|connection Login |NA |NA |NA |Y (15)|NA |
|(leading) | | | | | |
+----------------------+------+------+------+------+------+
|connection Login |NA |NA |N (11)|N |Y |
|(non-leading) | | | | | |
+----------------------+------+------+------+------+------+
|TARGET COLD RESET (16)|Y (20)|Y |Y |Y |Y |
+----------------------+------+------+------+------+------+
|TARGET WARM RESET (16)|Y (20)|Y |Y |Y |Y |
+----------------------+------+------+------+------+------+
|LU reset (19) |Y (20)|Y |Y |Y |Y |
+----------------------+------+------+------+------+------+
|power cycle (16) |Y |Y |Y |Y |Y |
+----------------------+------+------+------+------+------+
(1) Incomplete TTTs (IT) are Target Transfer Tags on which the
target is still expecting PDUs to be received. Examples
include TTTs received via R2T, NOP-In, etc.
(2) Immediate Commands (IC) are immediate commands, but waiting
for execution on a target (for example, ABORT TASK SET).
Chadalapaka, et al. Standards Track [Page 289]
RFC 7143 iSCSI (Consolidated) April 2014
(5) Connection Tasks (CT) are tasks that are active on the iSCSI
connection in question.
(6) Session Tasks (ST) are tasks that are active on the entire
iSCSI session. A union of "connection tasks" on all
participating connections.
(7) Partial PDUs (PP) (if any) are PDUs that are partially sent
and waiting for transport window credit to complete the
transmission.
(8) Connection failure is a connection exception condition - one
of the transport connections shut down, transport connections
reset, or transport connections timed out, which abruptly
terminated the iSCSI Full Feature Phase connection. A
connection failure always takes the connection state machine
to the CLEANUP_WAIT state.
(9) Connection state timeout happens if a connection spends more
time than agreed upon during login negotiation in the
CLEANUP_WAIT state, and this takes the connection to the FREE
state (M1 transition in connection cleanup state diagram; see
Section 8.2).
(10) Session timeout, closure, and reinstatement are defined in
Section 6.3.5.
(11) This clearing effect is "Y" only if it is a connection
reinstatement and the operational ErrorRecoveryLevel is less
than 2.
(12) Session continuation is defined in Section 6.3.6.
(13) This clearing effect is only valid if the connection is being
logged out on a different connection and when the connection
being logged out on the target may have some partial PDUs
pending to be sent. In all other cases, the effect is "NA".
(14) This clearing effect is only valid for a "close the session"
logout in a multi-connection session. In all other cases, the
effect is "NA".
(15) Only applicable if this leading connection login is a session
reinstatement. If this is not the case, it is "NA".
(16) This operation affects all logged-in initiators.
(18) Session failure is defined in Section 6.3.6.
Chadalapaka, et al. Standards Track [Page 290]
RFC 7143 iSCSI (Consolidated) April 2014
(19) This operation affects all logged-in initiators, and the
clearing effects are only applicable to the LU being reset.
(20) With standard multi-task abort semantics (Section 4.2.3.3), a
TARGET WARM RESET or a TARGET COLD RESET or a LU reset would
clear the active TTTs upon completion. However, the FastAbort
multi-task abort semantics defined by Section 4.2.3.4 do not
guarantee that the active TTTs are cleared by the end of the
reset operations. In fact, the FastAbort semantics are
designed to allow clearing the TTTs in a "lazy" fashion after
the TMF Response is delivered. Thus, when
TaskReporting=FastAbort (Section 13.23) is operational on a
session, the clearing effects of reset operations on
"Incomplete TTTs" is "N".
Chadalapaka, et al. Standards Track [Page 291]
RFC 7143 iSCSI (Consolidated) April 2014
+------+-------+------+------+-------+
|DC (1)|DD (2) |SS (3)|CS (4)|DS (5) |
+---------------------+------+-------+------+------+-------+
|connection failure |N |Y |N |N |N |
+---------------------+------+-------+------+------+-------+
|connection state |Y |NA |Y |N |NA |
|timeout | | | | | |
+---------------------+------+-------+------+------+-------+
|session timeout/ |Y |Y |Y (7) |Y |NA |
|closure/reinstatement| | | | | |
+---------------------+------+-------+------+------+-------+
|session continuation |N (11)|NA (12)|NA |N |NA (13)|
+---------------------+------+-------+------+------+-------+
|successful connection|Y |Y |Y |N |NA |
|close Logout | | | | | |
+---------------------+------+-------+------+------+-------+
|session failure |N |Y |N |N |N |
+---------------------+------+-------+------+------+-------+
|successful recovery |Y |Y |Y |N |N |
|Logout | | | | | |
+---------------------+------+-------+------+------+-------+
|failed Logout |N |Y (9) |N |N |N |
+---------------------+------+-------+------+------+-------+
|connection Login |NA |NA |N (8) |N (8) |NA |
|(leading | | | | | |
+---------------------+------+-------+------+------+-------+
|connection Login |N (11)|NA (12)|N (8) |N |NA (13)|
|(non-leading) | | | | | |
+---------------------+------+-------+------+------+-------+
|TARGET COLD RESET |Y |Y |Y |Y (10)|NA |
+---------------------+------+-------+------+------+-------+
|TARGET WARM RESET |Y |Y |N |N |NA |
+---------------------+------+-------+------+------+-------+
|LU reset |N |Y |N |N |N |
+---------------------+------+-------+------+------+-------+
|power cycle |Y |Y |Y |Y (10)|NA |
+---------------------+------+-------+------+------+-------+
(1) Discontiguous Commands (DC) are commands allegiant to the
connection in question and waiting to be reordered in the
iSCSI layer. All "Y"s in this column assume that the task
causing the event (if indeed the event is the result of a
task) is issued as an immediate command, because the
discontiguities can be ahead of the task.
(2) Discontiguous Data (DD) are data PDUs received for the task in
question and waiting to be reordered due to prior
discontiguities in the DataSN.
Chadalapaka, et al. Standards Track [Page 292]
RFC 7143 iSCSI (Consolidated) April 2014
(3) "SS" refers to the StatSN.
(4) "CS" refers to the CmdSN.
(5) "DS" refers to the DataSN.
(7) This action clears the StatSN on all the connections.
(8) This sequence number is instantiated on this event.
(9) A logout failure drives the connection state machine to the
CLEANUP_WAIT state, similar to the connection failure event.
Hence, it has a similar effect on this and several other
protocol aspects.
(10) This is cleared by virtue of the fact that all sessions with
all initiators are terminated.
(11) This clearing effect is "Y" if it is a connection
reinstatement.
(12) This clearing effect is "Y" only if it is a connection
reinstatement and the operational ErrorRecoveryLevel is 2.
(13) This clearing effect is "N" only if it is a connection
reinstatement and the operational ErrorRecoveryLevel is 2.
E.2. Clearing Effects on SCSI Objects
The only iSCSI protocol action that can effect clearing actions on
SCSI objects is the "I_T nexus loss" notification (Section 6.3.5.1
("Loss of Nexus Notification")). [SPC3] describes the clearing
effects of this notification on a variety of SCSI attributes. In
addition, SCSI standards documents (such as [SAM2] and [SBC2]) define
additional clearing actions that may take place for several SCSI
objects on SCSI events such as LU resets and power-on resets.
Since iSCSI defines a TARGET COLD RESET as a "protocol-equivalent" to
a target power-cycle, the iSCSI TARGET COLD RESET must also be
considered as the power-on reset event in interpreting the actions
defined in the SCSI standards.
When the iSCSI session is reconstructed (between the same SCSI ports
with the same nexus identifier) reestablishing the same I_T nexus,
all SCSI objects that are defined to not clear on the "I_T nexus
loss" notification event, such as persistent reservations, are
automatically associated to this new session.
Chadalapaka, et al. Standards Track [Page 293]
RFC 7143 iSCSI (Consolidated) April 2014
Acknowledgments
Several individuals on the original IPS Working Group made
significant contributions to the original RFCs 3720, 3980, 4850,
and 5048.
Specifically, the authors of the original RFCs -- which herein are
consolidated into a single document -- were the following:
RFC 3720: Julian Satran, Kalman Meth, Costa Sapuntzakis,
Mallikarjun Chadalapaka, Efri Zeidner
RFC 3980: Marjorie Krueger, Mallikarjun Chadalapaka, Rob Elliott
RFC 4850: David Wysochanski
RFC 5048: Mallikarjun Chadalapaka
Many thanks to Fred Knight for contributing to the UML notations and
drawings in this document.
We would in addition like to acknowledge the following individuals
who contributed to this revised document: David Harrington, Paul
Koning, Mark Edwards, Rob Elliott, and Martin Stiemerling.
Thanks to Yi Zeng and Nico Williams for suggesting and/or reviewing
Kerberos-related security considerations text.
The authors gratefully acknowledge the valuable feedback during the
Last Call review process from a number of individuals; their feedback
significantly improved this document. The individuals were Stephen
Farrell, Brian Haberman, Barry Leiba, Pete Resnick, Sean Turner,
Alexey Melnikov, Kathleen Moriarty, Fred Knight, Mike Christie, Qiang
Wang, Shiv Rajpal, and Andy Banta.
Finally, this document also benefited from significant review
contributions from the Storm Working Group at large.
Comments may be sent to Mallikarjun Chadalapaka.
Chadalapaka, et al. Standards Track [Page 294]
RFC 7143 iSCSI (Consolidated) April 2014
Authors' Addresses
Mallikarjun Chadalapaka
Microsoft
One Microsoft Way
Redmond, WA 98052
USA
EMail: cbm@chadalapaka.com
Julian Satran
Infinidat Ltd.
EMail: julians@infinidat.com, julian@satran.net
Kalman Meth
IBM Haifa Research Lab
Haifa University Campus - Mount Carmel
Haifa 31905, Israel
Phone +972.4.829.6341
EMail: meth@il.ibm.com
David L. Black
EMC Corporation
176 South St.
Hopkinton, MA 01748
USA
Phone +1 (508) 293-7953
EMail: david.black@emc.com
Chadalapaka, et al. Standards Track [Page 295]