From 4bfd864f10b68b71482b35c818559068ef8d5797 Mon Sep 17 00:00:00 2001 From: Thomas Voss Date: Wed, 27 Nov 2024 20:54:24 +0100 Subject: doc: Add RFC documents --- doc/rfc/rfc4544.txt | 4651 +++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 4651 insertions(+) create mode 100644 doc/rfc/rfc4544.txt (limited to 'doc/rfc/rfc4544.txt') diff --git a/doc/rfc/rfc4544.txt b/doc/rfc/rfc4544.txt new file mode 100644 index 0000000..916c839 --- /dev/null +++ b/doc/rfc/rfc4544.txt @@ -0,0 +1,4651 @@ + + + + + + +Network Working Group M. Bakke +Request for Comments: 4544 Cisco Systems +Category: Standards Track M. Krueger + Hewlett-Packard + T. McSweeney + IBM + J. Muchow + Qlogic Corp. + May 2006 + + + Definitions of Managed Objects + for Internet Small Computer System Interface (iSCSI) + +Status of This Memo + + This document specifies an Internet standards track protocol for the + Internet community, and requests discussion and suggestions for + improvements. Please refer to the current edition of the "Internet + Official Protocol Standards" (STD 1) for the standardization state + and status of this protocol. Distribution of this memo is unlimited. + +Copyright Notice + + Copyright (C) The Internet Society (2006). + +Abstract + + This memo defines a portion of the Management Information Base (MIB) + for use with network management protocols in TCP/IP-based internets. + In particular, it defines objects for managing a client using the + Internet Small Computer System Interface (iSCSI) protocol (SCSI over + TCP). + + + + + + + + + + + + + + + + + + +Bakke, et al. Standards Track [Page 1] + +RFC 4544 iSCSI MIB May 2006 + + +Table of Contents + + 1. Introduction ....................................................3 + 2. Specification of Requirements ...................................3 + 3. The Internet-Standard Management Framework ......................3 + 4. Relationship to Other MIB Modules ...............................3 + 5. Relationship to SNMP Contexts ...................................4 + 6. Discussion ......................................................4 + 6.1. iSCSI MIB Object Model .....................................5 + 6.2. iSCSI MIB Table Structure ..................................6 + 6.3. iscsiInstance ..............................................7 + 6.4. iscsiPortal ................................................7 + 6.5. iscsiTargetPortal ..........................................9 + 6.6. iscsiInitiatorPortal .......................................9 + 6.7. iscsiNode .................................................10 + 6.8. iscsiTarget ...............................................10 + 6.9. iscsiTgtAuthorization .....................................11 + 6.10. iscsiInitiator ...........................................11 + 6.11. iscsiIntrAuthorization ...................................11 + 6.12. iscsiSession .............................................11 + 6.13. iscsiConnection ..........................................12 + 6.14. IP Addresses and TCP Port Numbers ........................12 + 6.15. Descriptors: Using OIDs in Place of Enumerated Types .....13 + 6.16. Notifications ............................................13 + 7. MIB Definitions ................................................14 + 8. Security Considerations ........................................79 + 9. IANA Considerations ............................................80 + 10. Normative References ..........................................80 + 11. Informative References ........................................81 + 12. Acknowledgements ..............................................81 + + + + + + + + + + + + + + + + + + + + + +Bakke, et al. Standards Track [Page 2] + +RFC 4544 iSCSI MIB May 2006 + + +1. Introduction + + This document defines a MIB module for iSCSI [RFC3720], used to + manage devices that implement the iSCSI protocol. + +2. Specification of Requirements + + The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", + "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this + document are to be interpreted as described in RFC 2119 [RFC2119]. + +3. The Internet-Standard Management Framework + + For a detailed overview of the documents that describe the current + Internet-Standard Management Framework, please refer to section 7 of + RFC 3410 [RFC3410]. + + Managed objects are accessed via a virtual information store, termed + the Management Information Base or MIB. MIB objects are generally + accessed through the Simple Network Management Protocol (SNMP). + Objects in the MIB are defined using the mechanisms defined in the + Structure of Management Information (SMI). This memo specifies a MIB + module that is compliant to the SMIv2, which is described in STD 58, + RFC 2578 [RFC2578], STD 58, RFC 2579 [RFC2579] and STD 58, RFC 2580 + [RFC2580]. + +4. Relationship to Other MIB Modules + + The iSCSI MIB module is normally layered between the SCSI MIB module + [RFC4455] and the TCP MIB module [RFC4022], and makes use of the IP + Storage (IPS) Identity Authentication MIB module [RFC4545]. Here is + how these modules are related: + + SCSI MIB Within systems where a SCSI layer is present, each + iscsiNode, whether it has an initiator role, target role, + or both, is related to one SCSI device within the SCSI MIB + module. In this case, the iscsiNodeTransportType attribute + points to the SCSI transport object within the SCSI MIB + module, which in turn contains an attribute that points + back to the iscsiNode. In this way, a management station + can navigate between the two MIB modules. In systems where + a SCSI layer is not present, such as within an iSCSI proxy + device, the iscsiNodeTransportType attribute points to the + appropriate corresponding object within the appropriate + MIB, or is left blank. + + + + + + +Bakke, et al. Standards Track [Page 3] + +RFC 4544 iSCSI MIB May 2006 + + + TCP MIB Each iSCSI connection is related to one transport-level + connection. Currently, iSCSI uses only TCP; the iSCSI + connection is related to a TCP connection using its normal + (protocol, source address, source port, destination + address, destination port) 5-tuple. + + AUTH MIB Each iSCSI node that serves a target role can have a list + of authorized initiators. Each of the entries in this list + points to an identity within the IPS Identity + Authentication MIB module that will be allowed to access + the target. iSCSI nodes that serve in an initiator role + can also have a list of authorized targets. Each of the + entries in this list points to an identity within the Auth + MIB module to which the initiator should attempt to + establish sessions. The Auth MIB module includes + information used to identify initiators and targets by + their iSCSI name, IP address, and/or credentials. + + This MIB module imports objects from RFCs 2578 [RFC2578], 2579 + [RFC2579], 2580 [RFC2580], and 3411 [RFC3411]. It also imports + textual conventions from the INET-ADDRESS-MIB [RFC4001]. + +5. Relationship to SNMP Contexts + + Each non-scalar object in the iSCSI MIB module is indexed first by an + iSCSI Instance. Each instance is a collection of nodes, portals, + sessions, etc., that can define a physical or virtual partitioning of + an iSCSI-capable device. The use of an instance works well with + partitionable or hierarchical storage devices and fits in logically + with other management schemes. Instances do not replace SNMP + contexts, however they do provide a very simple way to assign a + virtual or physical partition of a device to one or more SNMP + contexts, without having to do so for each individual node, portal, + and session row. + +6. Discussion + + This MIB module structure supplies configuration, fault, and + statistics information for iSCSI devices [RFC3720]. It is structured + around the well-known iSCSI objects, such as targets, initiators, + sessions, connections, and the like. + + This MIB module may also be used to configure access to iSCSI + targets, by creating iSCSI Portals and authorization list entries. + + + + + + + +Bakke, et al. Standards Track [Page 4] + +RFC 4544 iSCSI MIB May 2006 + + + It is worthwhile to note that this is an iSCSI MIB module and as such + reflects only iSCSI objects. This module does not contain + information about the SCSI-layer attributes of a device. If a SCSI + layer is present, the SCSI MIB module, currently under development, + may be used to manage SCSI information for a device. + + The iSCSI MIB module consists of several "objects", each of which is + represented by one or more tables. This section contains a brief + description of the "object" hierarchy and a description of each + object, followed by a discussion of the actual table structure within + the objects. + +6.1. iSCSI MIB Object Model + + The top-level object in this structure is the iSCSI instance, which + "contains" all of the other objects. + + iscsiInstance + -- A distinct iSCSI entity within the managed system. + iscsiPortal + -- An IP address used by this instance + iscsiTargetPortal + -- Contains portal information relevant when the portal + -- is used to listen for connections to its targets. + iscsiInitiatorPortal + -- Contains portal information relevant when the portal + -- is used to initiate connections to other targets. + iscsiNode + -- An iSCSI node can act as an initiator, a target, or both. + -- Contains generic (non-role-specific) information. + iscsiTarget + -- Target-specific iSCSI node information. + iscsiTgtAuth + -- A list of initiator identities that are allowed + -- access to this target. + iscsiInitiator + -- Initiator-specific iSCSI node information. + iscsiIntrAuth + -- A list of target identities to which this initiator + -- is configured to establish sessions. + iscsiSession + -- An active iSCSI session between an initiator and target. + -- The session's direction may be Inbound (outside + -- initiator to our target) or Outbound (our initiator to + -- an outside target). + iscsiConnection + -- An active TCP connection within an iSCSI session. + + + + +Bakke, et al. Standards Track [Page 5] + +RFC 4544 iSCSI MIB May 2006 + + + An iSCSI node can be an initiator, a target, or both. The iSCSI + node's portals may be used to initiate connections (initiator) or + listen for connections (target), depending on whether the iSCSI node + is acting as an initiator or target. The iSCSI MIB module assumes + that any target may be accessed via any portal that can take on a + target role, although other access controls not reflected in the + module might limit this. + +6.2. iSCSI MIB Table Structure + + Each iSCSI object exports one or more tables: an attributes table, + and zero or more statistics tables, which augment the attributes + table. Since iSCSI is an evolving standard, it is much cleaner to + provide statistics and attributes as separate tables, allowing + attributes and statistics to be added independently. In a few cases, + there are multiple categories of statistics that will likely grow; in + this case, an object will contain multiple statistics tables. + + iscsiObjects + iscsiDescriptors + iscsiInstance + iscsiInstanceAttributesTable + iscsiInstanceSsnErrorStatsTable + -- Counts abnormal session terminations + iscsiPortal + iscsiPortalAttributesTable + iscsiTargetPortal + iscsiTgtPortalAttributesTable + iscsiInitiatorPortal + iscsiIntrPortalAttributesTable + iscsiNode + iscsiNodeAttributesTable + iscsiTarget + iscsiTargetAttributesTable + iscsiTargetLoginStatsTable + -- Counts successful and unsuccessful logins + iscsiTargetLogoutStatsTable + -- Counts normal and abnormal logouts + iscsiTgtAuthorization + iscsiTgtAuthAttributesTable + iscsiInitiator + iscsiInitiatorAttributesTable + iscsiInitiatorLoginStatsTable + -- Counts successful and unsuccessful logins + iscsiInitiatorLogoutStatsTable + -- Counts normal and abnormal logouts + iscsiIntrAuthorization + iscsiIntrAuthAttributesTable + + + +Bakke, et al. Standards Track [Page 6] + +RFC 4544 iSCSI MIB May 2006 + + + iscsiSession + iscsiSessionAttributesTable + iscsiSessionStatsTable + -- Performance-related counts (requests, responses, bytes) + iscsiSessionCxnErrorStatsTable + -- Counts digest errors, connection errors, etc. + iscsiConnection + iscsiConnectionAttributesTable + + Note that this module does not attempt to count everything that could + be counted; it is designed to include only those counters that would + be useful for identifying performance, security, and fault problems + from a management station. + +6.3. iscsiInstance + + The iscsiInstanceAttributesTable is the primary table of the iSCSI + MIB module. Every table entry in this module is "owned" by exactly + one iSCSI instance; all other table entries in the module include + this table's index as their primary index. + + Most implementations will include just one iSCSI instance row in this + table. However, this table exists to allow for multiple virtual + instances. For example, many IP routing products now allow multiple + virtual routers. The iSCSI MIB module has the same premise; a large + system could be "partitioned" into multiple, distinct virtual + systems. + + This also allows a single SNMP agent to proxy for multiple + subsystems, perhaps a set of stackable devices, each of which has one + or even more instances. + + The instance attributes include the iSCSI vendor and version, as well + as information on the last target or initiator at the other end of a + session that caused a session failure. + + The iscsiInstanceSsnErrorStatsTable augments the attributes table and + provides statistics on session failures due to digest, connection, or + iSCSI format errors. + +6.4. iscsiPortal + + The iscsiPortalAttributesTable lists iSCSI portals that can be used + to listen for connections to targets, to initiate connections to + other targets, or to do both. + + + + + + +Bakke, et al. Standards Track [Page 7] + +RFC 4544 iSCSI MIB May 2006 + + + Each row in the table includes an IP address (either v4 or v6), and a + transport protocol (currently only TCP is defined). Each portal may + have additional attributes, depending on whether it is an initiator + portal, a target portal, or both. Initiator portals also have portal + tags; these are placed in corresponding rows in the + iscsiIntrPortalAttributesTable. Target portals have both portal tags + and ports (e.g., TCP listen ports if the transport protocol is TCP); + these are placed in rows in the iscsiTgtPortalAttributesTable. + + Portal rows, along with their initiator and target portal + counterparts, may be created and destroyed through this MIB module by + a management station. Rows in the initiator and target portal tables + are created and destroyed automatically by the agent, whenever a row + is created or destroyed in the iscsiPortalAttributesTable, or if the + value of iscsiPortalRoles changes. Attributes in these tables may + then be modified by the management station if the agent + implementation allows. + + When created by a management station, the iscsiPortalRoles attribute + is used to control row creation in the initiator and target portal + tables. Creating a row with the targetTypePortal bit set in + iscsiPortalRoles will cause the implementation to start listening for + iSCSI connections on the portal. Creating a row with the + initiatorTypePortal bit set in iscsiPortalRoles will not necessarily + cause connections to be established; it is left to the implementation + whether and when to make use of the portal. Both bits may be set if + the portal is to be used by both initiator and target nodes. + + When deleting a row in the iscsiPortalAttibutesTable, all connections + associated with that row are terminated. The implementation may + either terminate the connection immediately or request a clean + shutdown as specified in [RFC3720]. An outbound connection (when an + iscsiInitiatorPortal is deleted) matches the portal if its + iscsiCxnLocalAddr matches the iscsiPortalAddr. An inbound connection + (when an iscsiTargetPortal is deleted) matches the portal if its + iscsiCxnLocalAddr matches the iscsiPortalAddr, and its + iscsiCxnLocalPort matches the iscsiTargetPortalPort. + + Individual objects within a row in this table may not be modified + while the row is active. For instance, changing the IP address of a + portal requires that the rows associated with the old IP address be + deleted, and new rows be created (in either order). + + + + + + + + + +Bakke, et al. Standards Track [Page 8] + +RFC 4544 iSCSI MIB May 2006 + + +6.5. iscsiTargetPortal + + The iscsiTgtPortalAttributesTable contains target-specific attributes + for iSCSI portals. Rows in this table use the same indices as their + corresponding rows in the iscsiPortalAttributesTable, with the + addition of iscsiNodeIndex. + + Rows in this table are created when the targetTypePortal bit is set + in the iscsiPortalRoles attribute of the corresponding + iscsiPortalAttributesEntry; they are destroyed when this bit is + cleared. + + This table contains the TCP (or other protocol) port on which the + socket is listening for incoming connections. It also includes a + portal group aggregation tag; iSCSI target portals within this + instance sharing the same tag can contain connections within the same + session. + + This table will be empty for iSCSI instances that contain only + initiators (such as iSCSI host driver implementations). + + Many implementations use the same target portal tag and protocol port + for all nodes accessed via a portal. These implementations will + create a single row in the iscsiTgtPortalAttributeTable, with an + iscsiNodeIndex of zero. + + Other implementations do not use the same tag and/or port for all + nodes; these implementations will create a row in this table for each + (portal, node) tuple, using iscsiNodeIndex to designate the node for + this portal tag and port. + +6.6. iscsiInitiatorPortal + + The iscsiIntrPortalAttributesTable contains initiator-specific + objects for iSCSI portals. Rows in this table use the same indices + as their corresponding entries in the iscsiPortalAttributesTable. A + row in this table is created when the initiatorTypePortal bit is set + in the iscsiPortalRoles attribute; it is destroyed when this bit is + cleared. + + Each row in this table contains a portal group aggregation tag, + indicating which portals an initiator may use together within a + multiple-connection session. + + This table will be empty for iSCSI instances that contain only + targets (such as most iSCSI devices). + + + + + +Bakke, et al. Standards Track [Page 9] + +RFC 4544 iSCSI MIB May 2006 + + + Many implementations use the same initiator tag for all nodes + accessing targets via a given portal. These implementations will + create a single row in iscsiIntrPortalAttributeTable, with an + iscsiNodeIndex of zero. + + Other implementations do not use the same tag and/or port for all + nodes; these implementations will create a row in this table for each + (portal, node) tuple, using iscsiNodeIndex to designate the node for + this portal tag and port. + +6.7. iscsiNode + + The iscsiNodeAttributesTable contains a list of iSCSI nodes, each of + which may have an initiator role, a target role, or both. + + This table contains the node's attributes that are common to both + roles, such as its iSCSI name and alias string. Attributes specific + to initiators or targets are available in the iscsiTarget and + iscsiInitiator objects. Each row in this table that can fulfill a + target role has a corresponding row in the iscsiTarget table; each + entry that fulfills an initiator role has a row in the iscsiInitiator + table. Nodes such as copy managers that can take on both roles have + a corresponding row in each table. + + This table also contains the login negotiations preferences for this + node. These objects indicate the values this node will offer or + prefer in the operational negotiation phase of the login process. + + For most implementations, each entry in the table also contains a + RowPointer to the transport table entry in the SCSI MIB module that + this iSCSI node represents. For implementations without a standard + SCSI layer above iSCSI, such as an iSCSI proxy or gateway, this + RowPointer can point to a row in an implementation-specific table + that this iSCSI node represents. + +6.8. iscsiTarget + + The iscsiTargetAttributesTable contains target-specific attributes + for iSCSI nodes. Each entry in this table uses the same index values + as its corresponding iscsiNode entry. + + This table contains attributes used to indicate the last failure that + was (or should have been) sent as a notification. + + This table is augmented by the iscsiTargetLoginStatsTable and the + iscsiTargetLogoutStatsTable, which count the numbers of normal and + abnormal logins and logouts to this target. + + + + +Bakke, et al. Standards Track [Page 10] + +RFC 4544 iSCSI MIB May 2006 + + +6.9. iscsiTgtAuthorization + + The iscsiTgtAuthAttributesTable contains an entry for each initiator + identifier that will be allowed to access the target under which it + appears. Each entry contains a RowPointer to a user identity in the + IPS Authorization MIB module, which contains the name, address, and + credential information necessary to authenticate the initiator. + +6.10. iscsiInitiator + + The iscsiInitiatorAttributesTable contains a list of initiator- + specific attributes for iSCSI nodes. Each entry in this table uses + the same index values as its corresponding iscsiNode entry. + + Most implementations will include a single entry in this table, + regardless of the number of physical interfaces the initiator may + use. + + This table is augmented by the iscsiInitiatorLoginStatsTable and the + iscsiInitiatorLogoutStatsTable, which count the numbers of normal and + abnormal logins and logouts from this initiator. + +6.11. iscsiIntrAuthorization + + The iscsiIntrAuthAttributesTable contains an entry for each target + identifier to which the initiator is configured to establish a + session. + + Each entry contains a RowPointer to a user identity in the IPS + Authorization MIB module, which contains the name, address, and + credential information necessary to identify (for discovery purposes) + and authenticate the target. + +6.12. iscsiSession + + The iscsiSessionAttributesTable contains a set of rows that list the + sessions known to be existing locally for each node in each iSCSI + instance. + + The session type for each session indicates whether the session is + used for normal SCSI commands or for discovery using the SendTargets + text command. Discovery sessions that do not belong to any + particular node have a node index attribute of zero. + + + + + + + + +Bakke, et al. Standards Track [Page 11] + +RFC 4544 iSCSI MIB May 2006 + + + The session direction for each session indicates whether it is an + Inbound session or an Outbound session. Inbound sessions are from + some other initiator to the target node under which the session + appears. Outbound sessions are from the initiator node under which + the session appears to a target outside this iSCSI instance. + + Many attributes may be negotiated when starting an iSCSI session. + Most of these attributes are included in the session object. + + Some attributes, such as the integrity and authentication schemes, + have some standard values that can be extended by vendors to include + their own schemes. These contain an object identifier, rather than + the expected enumerated type, to allow these values to be extended by + other MIB modules, such as an enterprise MIB module. + + The iscsiSessionStatsTable includes statistics related to + performance; it counts iSCSI data bytes and PDUs. + + For implementations that support error recovery without terminating a + session, the iscsiSessionCxnErrorStatsTable contains counters for the + numbers of digest and connection errors that have occurred within the + session. + +6.13. iscsiConnection + + The iscsiConnectionAttributesTable contains a list of active + connections within each session. It contains the IP addresses and + TCP (or other protocol) ports of both the local and remote sides of + the connection. These may be used to locate other connection-related + information and statistics in the TCP MIB module [RFC4022]. + + The attributes table also contains a connection state. This state is + not meant to directly map to the state tables included within the + iSCSI specification; they are meant to be simplified, higher-level + definitions of connection state that provide information more useful + to a user or network manager. + + No statistics are kept for connections. + +6.14. IP Addresses and TCP Port Numbers + + The IP addresses in this module are represented by two attributes, + one of type InetAddressType, and the other of type InetAddress. + These are taken from [RFC4001], which specifies how to support + addresses that may be either IPv4 or IPv6. + + + + + + +Bakke, et al. Standards Track [Page 12] + +RFC 4544 iSCSI MIB May 2006 + + + The TCP port numbers that appear in a few of the structures are + described as simply port numbers, with a protocol attribute + indicating whether they are TCP ports or something else. This will + allow the module to be compatible with iSCSI over transports other + than TCP in the future. + +6.15. Descriptors: Using OIDs in Place of Enumerated Types + + The iSCSI MIB module has a few attributes, namely, the digest method + attributes, where an enumerated type would work well, except that an + implementation may need to extend the attribute and add types of its + own. To make this work, this MIB module defines a set of object + identities within the iscsiDescriptors subtree. Each of these object + identities is basically an enumerated type. + + Attributes that make use of these object identities have a value that + is an Object Identifier (OID) instead of an enumerated type. These + OIDs can indicate either the object identities defined in this module + or object identities defined elsewhere, such as in an enterprise MIB + module. Those implementations that add their own digest methods + should also define a corresponding object identity for each of these + methods within their own enterprise MIB module, and return its OID + whenever one of these attributes is using that method. + +6.16. Notifications + + Three notifications are provided. One is sent by an initiator + detecting a critical login failure, another is sent by a target + detecting a critical login failure, and the third is sent upon a + session being terminated due to an abnormal connection or digest + failure. Critical failures are defined as those that may expose + security-related problems that may require immediate action, such as + failures due to authentication, authorization, or negotiation + problems. Attributes in the initiator, target, and instance objects + provide the information necessary to send in the notification, such + as the initiator or target name and IP address at the other end that + may have caused the failure. + + To avoid sending an excessive number of notifications due to multiple + errors counted, an SNMP agent implementing the iSCSI MIB module + SHOULD NOT send more than three iSCSI notifications in any 10-second + period. + + The 3-in-10 rule was chosen because one notification every three + seconds was deemed often enough, but should two or three different + notifications happen at the same time, it would not be desirable to + suppress them. Three notifications in 10 seconds is a happy medium, + + + + +Bakke, et al. Standards Track [Page 13] + +RFC 4544 iSCSI MIB May 2006 + + + where a short burst of notifications is allowed, without inundating + the network and/or notification host with a large number of + notifications. + +7. MIB Definitions + +ISCSI-MIB DEFINITIONS ::= BEGIN + + IMPORTS + MODULE-IDENTITY, OBJECT-TYPE, OBJECT-IDENTITY, NOTIFICATION-TYPE, + Unsigned32, Counter32, Counter64, Gauge32, + mib-2 + FROM SNMPv2-SMI + + TEXTUAL-CONVENTION, TruthValue, RowPointer, TimeStamp, RowStatus, + AutonomousType, StorageType + FROM SNMPv2-TC + + MODULE-COMPLIANCE, OBJECT-GROUP, NOTIFICATION-GROUP + FROM SNMPv2-CONF + + SnmpAdminString + FROM SNMP-FRAMEWORK-MIB -- RFC 3411 + + InetAddressType, InetAddress, InetPortNumber + FROM INET-ADDRESS-MIB -- RFC 4001 + ; + +iscsiMibModule MODULE-IDENTITY + LAST-UPDATED "200605220000Z" -- May 22, 2006 + ORGANIZATION "IETF IPS Working Group" + CONTACT-INFO + " + Mark Bakke + Cisco Systems, Inc + 7900 International Drive, Suite 400 + Bloomington, MN + USA 55425 + + E-mail: mbakke@cisco.com + + Marjorie Krueger + Hewlett-Packard + Networked Storage Architecture + Networked Storage Solutions Org. + 8000 Foothills Blvd. + Roseville, CA 95747 + + + + +Bakke, et al. Standards Track [Page 14] + +RFC 4544 iSCSI MIB May 2006 + + + E-mail: marjorie_krueger@hp.com + + Tom McSweeney + IBM Corporation + 600 Park Offices Drive + Research Triangle Park, NC + USA 27709 + + E-mail: tommcs@us.ibm.com + + James Muchow + Qlogic Corp. + 6321 Bury Dr. + Eden Prairie, MN + USA 55346 + + E-mail: james.muchow@qlogic.com" + + DESCRIPTION + "The iSCSI Protocol MIB module. + Copyright (C) The Internet Society (2006). This version of + this MIB module is part of RFC 4544; see the RFC itself for + full legal notices." + REVISION "200605220000Z" -- May 22, 2006 + DESCRIPTION + "Initial version of the iSCSI Protocol MIB module" + +::= { mib-2 142 } + +iscsiNotifications OBJECT IDENTIFIER ::= { iscsiMibModule 0 } +iscsiObjects OBJECT IDENTIFIER ::= { iscsiMibModule 1 } +iscsiConformance OBJECT IDENTIFIER ::= { iscsiMibModule 2 } +iscsiAdmin OBJECT IDENTIFIER ::= { iscsiMibModule 3 } + +-- Textual Conventions + +IscsiTransportProtocol ::= TEXTUAL-CONVENTION + DISPLAY-HINT "d" + STATUS current + DESCRIPTION + "This data type is used to define the transport + protocols that will carry iSCSI PDUs." + REFERENCE + "RFC791, RFC1700 + + The presently known, officially delegated numbers + can be found at: + http://www.iana.org/assignments/protocol-numbers" + + + +Bakke, et al. Standards Track [Page 15] + +RFC 4544 iSCSI MIB May 2006 + + + SYNTAX Unsigned32 (0..255) + +IscsiDigestMethod ::= TEXTUAL-CONVENTION + STATUS current + DESCRIPTION + "This data type represents the methods possible + for digest negotiation. + none - a placeholder for a secondary digest method + that means only the primary method can be + used. + other - a digest method other than those defined below. + noDigest - does not support digests (will operate without + a digest (Note: implementations must support + digests to be compliant with the RFC3720). + CRC32c - require a CRC32C digest." + REFERENCE + "RFC 3720, Section 12.1, HeaderDigest and DataDigest" + SYNTAX INTEGER { + none(1), + other(2), + noDigest(3), + crc32c(4) + } + +IscsiName ::= TEXTUAL-CONVENTION + DISPLAY-HINT "223t" + STATUS current + DESCRIPTION + "This data type is used for objects whose value is an + iSCSI name with the properties described in RFC 3720 + section 3.2.6.1, and encoded as specified in RFC 3720 + section 3.2.6.2. A zero-length string indicates the + absence of an iSCSI name." + REFERENCE + "RFC 3720, Section 3.2.6, iSCSI Names." + SYNTAX OCTET STRING (SIZE(0 | 16..223)) + +--********************************************************************** + +iscsiDescriptors OBJECT IDENTIFIER ::= { iscsiAdmin 1 } + +iscsiHeaderIntegrityTypes OBJECT IDENTIFIER ::= { iscsiDescriptors 1 } + +iscsiHdrIntegrityNone OBJECT-IDENTITY + STATUS current + DESCRIPTION + "The authoritative identifier when no integrity + scheme (for either the header or data) is being + + + +Bakke, et al. Standards Track [Page 16] + +RFC 4544 iSCSI MIB May 2006 + + + used." + REFERENCE + "RFC 3720, Section 12.1, HeaderDigest and DataDigest" +::= { iscsiHeaderIntegrityTypes 1 } + +iscsiHdrIntegrityCrc32c OBJECT-IDENTITY + STATUS current + DESCRIPTION + "The authoritative identifier when the integrity + scheme (for either the header or data) is CRC32c." + REFERENCE + "RFC 3720, Section 12.1, HeaderDigest and DataDigest" +::= { iscsiHeaderIntegrityTypes 2 } + +iscsiDataIntegrityTypes OBJECT IDENTIFIER ::= { iscsiDescriptors 2 } + +iscsiDataIntegrityNone OBJECT-IDENTITY + STATUS current + DESCRIPTION + "The authoritative identifier when no integrity + scheme (for either the header or data) is being + used." + REFERENCE + "RFC 3720, Section 12.1, HeaderDigest and DataDigest" +::= { iscsiDataIntegrityTypes 1 } + +iscsiDataIntegrityCrc32c OBJECT-IDENTITY + STATUS current + DESCRIPTION + "The authoritative identifier when the integrity + scheme (for either the header or data) is CRC32c." + REFERENCE + "RFC 3720, Section 12.1, HeaderDigest and DataDigest" +::= { iscsiDataIntegrityTypes 2 } + +--********************************************************************** + +iscsiInstance OBJECT IDENTIFIER ::= { iscsiObjects 1 } + +-- Instance Attributes Table + +iscsiInstanceAttributesTable OBJECT-TYPE + SYNTAX SEQUENCE OF IscsiInstanceAttributesEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "A list of iSCSI instances present on the system." +::= { iscsiInstance 1 } + + + +Bakke, et al. Standards Track [Page 17] + +RFC 4544 iSCSI MIB May 2006 + + +iscsiInstanceAttributesEntry OBJECT-TYPE + SYNTAX IscsiInstanceAttributesEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "An entry (row) containing management information applicable + to a particular iSCSI instance." + INDEX { iscsiInstIndex } +::= { iscsiInstanceAttributesTable 1 } + +IscsiInstanceAttributesEntry ::= SEQUENCE { + iscsiInstIndex Unsigned32, + iscsiInstDescr SnmpAdminString, + iscsiInstVersionMin Unsigned32, + iscsiInstVersionMax Unsigned32, + iscsiInstVendorID SnmpAdminString, + iscsiInstVendorVersion SnmpAdminString, + iscsiInstPortalNumber Unsigned32, + iscsiInstNodeNumber Unsigned32, + iscsiInstSessionNumber Unsigned32, + iscsiInstSsnFailures Counter32, + iscsiInstLastSsnFailureType AutonomousType, + iscsiInstLastSsnRmtNodeName IscsiName, + iscsiInstDiscontinuityTime TimeStamp +} + +iscsiInstIndex OBJECT-TYPE + SYNTAX Unsigned32 (1..4294967295) + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "An arbitrary integer used to uniquely identify a particular + iSCSI instance. This index value must not be modified or + reused by an agent unless a reboot has occurred. An agent + should attempt to keep this value persistent across reboots." +::= { iscsiInstanceAttributesEntry 1 } + +iscsiInstDescr OBJECT-TYPE + SYNTAX SnmpAdminString + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A UTF-8 string, determined by the implementation to + describe the iSCSI instance. When only a single instance + is present, this object may be set to the zero-length + string; with multiple iSCSI instances, it may be used in + an implementation-dependent manner to describe the purpose + of the respective instance." + + + +Bakke, et al. Standards Track [Page 18] + +RFC 4544 iSCSI MIB May 2006 + + +::= { iscsiInstanceAttributesEntry 2 } + +iscsiInstVersionMin OBJECT-TYPE + SYNTAX Unsigned32 (0..255) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The minimum version number of the iSCSI specification + such that this iSCSI instance supports this minimum + value, the maximum value indicated by the corresponding + instance in iscsiInstVersionMax, and all versions in + between." + REFERENCE + "RFC 3720, Section 10.12, Login Request" +::= { iscsiInstanceAttributesEntry 3 } + +iscsiInstVersionMax OBJECT-TYPE + SYNTAX Unsigned32 (0..255) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The maximum version number of the iSCSI specification + such that this iSCSI instance supports this maximum + value, the minimum value indicated by the corresponding + instance in iscsiInstVersionMin, and all versions in + between." + REFERENCE + "RFC 3720, Section 10.12, Login Request" +::= { iscsiInstanceAttributesEntry 4 } + +iscsiInstVendorID OBJECT-TYPE + SYNTAX SnmpAdminString + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A UTF-8 string describing the manufacturer of the + implementation of this instance." +::= { iscsiInstanceAttributesEntry 5 } + +iscsiInstVendorVersion OBJECT-TYPE + SYNTAX SnmpAdminString + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A UTF-8 string set by the manufacturer describing the + version of the implementation of this instance. The + format of this string is determined solely by the + manufacturer, and is for informational purposes only. + + + +Bakke, et al. Standards Track [Page 19] + +RFC 4544 iSCSI MIB May 2006 + + + It is unrelated to the iSCSI specification version numbers." +::= { iscsiInstanceAttributesEntry 6 } + +iscsiInstPortalNumber OBJECT-TYPE + SYNTAX Unsigned32 + UNITS "transport endpoints" + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The number of rows in the iscsiPortalAttributesTable + that are currently associated with this iSCSI instance." +::= { iscsiInstanceAttributesEntry 7 } + +iscsiInstNodeNumber OBJECT-TYPE + SYNTAX Unsigned32 + UNITS "iSCSI nodes" + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The number of rows in the iscsiNodeAttributesTable + that are currently associated with this iSCSI instance." +::= { iscsiInstanceAttributesEntry 8 } + +iscsiInstSessionNumber OBJECT-TYPE + SYNTAX Unsigned32 + UNITS "sessions" + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The number of rows in the iscsiSessionAttributesTable + that are currently associated with this iSCSI instance." +::= { iscsiInstanceAttributesEntry 9 } + +iscsiInstSsnFailures OBJECT-TYPE + SYNTAX Counter32 + UNITS "sessions" + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "This object counts the number of times a session belonging + to this instance has been failed. If this counter has + suffered a discontinuity, the time of the last discontinuity + is indicated in iscsiInstDiscontinuityTime." + REFERENCE + "RFC 3720, Section 12.1, HeaderDigest and DataDigest" +::= { iscsiInstanceAttributesEntry 10 } + +iscsiInstLastSsnFailureType OBJECT-TYPE + + + +Bakke, et al. Standards Track [Page 20] + +RFC 4544 iSCSI MIB May 2006 + + + SYNTAX AutonomousType + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The counter object in the iscsiInstSsnErrorStatsTable + that was incremented when the last session failure occurred. + + If the reason for failure is not found in the + iscsiInstSsnErrorStatsTable, the value { 0.0 } is + used instead." +::= { iscsiInstanceAttributesEntry 11 } + +iscsiInstLastSsnRmtNodeName OBJECT-TYPE + SYNTAX IscsiName + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The iSCSI name of the remote node from the failed + session." +::= { iscsiInstanceAttributesEntry 12 } + +iscsiInstDiscontinuityTime OBJECT-TYPE + SYNTAX TimeStamp + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The value of SysUpTime on the most recent occasion + at which any one or more of this instance's counters + suffered a discontinuity. + + If no such discontinuities have occurred since the last + re-initialization of the local management subsystem, + then this object contains a zero value." +::= { iscsiInstanceAttributesEntry 13 } + + +-- Instance Session Failure Stats Table + +iscsiInstanceSsnErrorStatsTable OBJECT-TYPE + SYNTAX SEQUENCE OF IscsiInstanceSsnErrorStatsEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Statistics regarding the occurrences of error types + that result in a session failure." +::= { iscsiInstance 2 } + +iscsiInstanceSsnErrorStatsEntry OBJECT-TYPE + + + +Bakke, et al. Standards Track [Page 21] + +RFC 4544 iSCSI MIB May 2006 + + + SYNTAX IscsiInstanceSsnErrorStatsEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "An entry (row) containing management information applicable + to a particular iSCSI instance." + AUGMENTS { iscsiInstanceAttributesEntry } +::= { iscsiInstanceSsnErrorStatsTable 1 } + +IscsiInstanceSsnErrorStatsEntry ::= SEQUENCE { + iscsiInstSsnDigestErrors Counter32, + iscsiInstSsnCxnTimeoutErrors Counter32, + iscsiInstSsnFormatErrors Counter32 +} + +iscsiInstSsnDigestErrors OBJECT-TYPE + SYNTAX Counter32 + UNITS "sessions" + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The count of sessions that were failed due to receipt of + a PDU containing header or data digest errors. If this + counter has suffered a discontinuity, the time of the last + discontinuity is indicated in iscsiInstDiscontinuityTime." + REFERENCE + "RFC 3720, Section 6.7, Digest Errors" +::= { iscsiInstanceSsnErrorStatsEntry 1 } + +iscsiInstSsnCxnTimeoutErrors OBJECT-TYPE + SYNTAX Counter32 + UNITS "sessions" + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The count of sessions that were failed due to a sequence + exceeding a time limit. If this counter has suffered a + discontinuity, the time of the last discontinuity + is indicated in iscsiInstDiscontinuityTime." + REFERENCE + "RFC 3720, Section 6.4, Connection Timeout Management" +::= { iscsiInstanceSsnErrorStatsEntry 2 } + +iscsiInstSsnFormatErrors OBJECT-TYPE + SYNTAX Counter32 + UNITS "sessions" + MAX-ACCESS read-only + STATUS current + + + +Bakke, et al. Standards Track [Page 22] + +RFC 4544 iSCSI MIB May 2006 + + + DESCRIPTION + "The count of sessions that were failed due to receipt of + a PDU that contained a format error. If this counter has + suffered a discontinuity, the time of the last discontinuity + is indicated in iscsiInstDiscontinuityTime." + REFERENCE + "RFC 3720, Section 6.6, Format Errors" +::= { iscsiInstanceSsnErrorStatsEntry 3 } + +--********************************************************************** + +iscsiPortal OBJECT IDENTIFIER ::= { iscsiObjects 2 } + +-- Portal Attributes Table + +iscsiPortalAttributesTable OBJECT-TYPE + SYNTAX SEQUENCE OF IscsiPortalAttributesEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "A list of transport endpoints (using TCP or another transport + protocol) used by this iSCSI instance. An iSCSI instance may + use a portal to listen for incoming connections to its targets, + to initiate connections to other targets, or both." +::= { iscsiPortal 1 } + +iscsiPortalAttributesEntry OBJECT-TYPE + SYNTAX IscsiPortalAttributesEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "An entry (row) containing management information applicable + to a particular portal instance." + INDEX { iscsiInstIndex, iscsiPortalIndex } +::= { iscsiPortalAttributesTable 1 } + +IscsiPortalAttributesEntry ::= SEQUENCE { + iscsiPortalIndex Unsigned32, + iscsiPortalRowStatus RowStatus, + iscsiPortalRoles BITS, + iscsiPortalAddrType InetAddressType, + iscsiPortalAddr InetAddress, + iscsiPortalProtocol IscsiTransportProtocol, + iscsiPortalMaxRecvDataSegLength Unsigned32, + iscsiPortalPrimaryHdrDigest IscsiDigestMethod, + iscsiPortalPrimaryDataDigest IscsiDigestMethod, + iscsiPortalSecondaryHdrDigest IscsiDigestMethod, + iscsiPortalSecondaryDataDigest IscsiDigestMethod, + + + +Bakke, et al. Standards Track [Page 23] + +RFC 4544 iSCSI MIB May 2006 + + + iscsiPortalRecvMarker TruthValue, + iscsiPortalStorageType StorageType +} + +iscsiPortalIndex OBJECT-TYPE + SYNTAX Unsigned32 (1..4294967295) + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "An arbitrary integer used to uniquely identify a particular + transport endpoint within this iSCSI instance. This index + value must not be modified or reused by an agent unless a + reboot has occurred. An agent should attempt to keep this + value persistent across reboots." +::= { iscsiPortalAttributesEntry 1 } + +iscsiPortalRowStatus OBJECT-TYPE + SYNTAX RowStatus + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "This field allows entries to be dynamically added and + removed from this table via SNMP. When adding a row to + this table, all non-Index/RowStatus objects must be set. + When the value of this object is 'active', the values of + the other objects in this table cannot be changed. + Rows may be discarded using RowStatus. + + Note that creating a row in this table will typically + cause the agent to create one or more rows in + iscsiTgtPortalAttributesTable and/or + iscsiIntrPortalAttributesTable." +::= { iscsiPortalAttributesEntry 2 } + +iscsiPortalRoles OBJECT-TYPE + SYNTAX BITS { + targetTypePortal(0), + initiatorTypePortal(1) + } + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "A portal can operate in one or both of two roles: + as a target portal and/or an initiator portal. If + the portal will operate in both roles, both bits + must be set. + + This object will define a corresponding row that + + + +Bakke, et al. Standards Track [Page 24] + +RFC 4544 iSCSI MIB May 2006 + + + will exist or must be created in the + iscsiTgtPortalAttributesTable, the + iscsiIntrPortalAttributesTable or both. If the + targetTypePortal bit is set, one or more corresponding + iscsiTgtPortalAttributesEntry rows will be found or + created. If the initiatorTypePortal bit is set, + one or more corresponding iscsiIntrPortalAttributesEntry + rows will be found or created. If both bits are set, one + or more corresponding rows will be found or created in + one of the above tables." +::= { iscsiPortalAttributesEntry 3 } + +iscsiPortalAddrType OBJECT-TYPE + SYNTAX InetAddressType + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The type of Internet Network Address contained in the + corresponding instance of the iscsiPortalAddr." + DEFVAL { ipv4 } +::= { iscsiPortalAttributesEntry 4 } + +iscsiPortalAddr OBJECT-TYPE + SYNTAX InetAddress + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The portal's Internet Network Address, of the type + specified by the object iscsiPortalAddrType. If + iscsiPortalAddrType has the value 'dns', this address + gets resolved to an IP address whenever a new iSCSI + connection is established using this portal." +::= { iscsiPortalAttributesEntry 5 } + +iscsiPortalProtocol OBJECT-TYPE + SYNTAX IscsiTransportProtocol + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The portal's transport protocol." + DEFVAL { 6 } -- TCP +::= { iscsiPortalAttributesEntry 6 } + +iscsiPortalMaxRecvDataSegLength OBJECT-TYPE + SYNTAX Unsigned32 (512..16777215) + UNITS "bytes" + MAX-ACCESS read-create + STATUS current + + + +Bakke, et al. Standards Track [Page 25] + +RFC 4544 iSCSI MIB May 2006 + + + DESCRIPTION + "The maximum PDU length this portal can receive. + This may be constrained by hardware characteristics + and individual implementations may choose not to + allow this object to be changed." + REFERENCE + "RFC 3720, Section 12.12, MaxRecvDataSegmentLength" + DEFVAL { 8192 } +::= { iscsiPortalAttributesEntry 7 } + +iscsiPortalPrimaryHdrDigest OBJECT-TYPE + SYNTAX IscsiDigestMethod + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The preferred header digest for this portal." + DEFVAL { crc32c } +::= { iscsiPortalAttributesEntry 8 } + +iscsiPortalPrimaryDataDigest OBJECT-TYPE + SYNTAX IscsiDigestMethod + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The preferred data digest method for this portal." + DEFVAL { crc32c } +::= { iscsiPortalAttributesEntry 9 } + +iscsiPortalSecondaryHdrDigest OBJECT-TYPE + SYNTAX IscsiDigestMethod + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "An alternate header digest preference for this portal." + DEFVAL { noDigest } +::= { iscsiPortalAttributesEntry 10 } + +iscsiPortalSecondaryDataDigest OBJECT-TYPE + SYNTAX IscsiDigestMethod + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "An alternate data digest preference for this portal." + DEFVAL { noDigest } +::= { iscsiPortalAttributesEntry 11 } + +iscsiPortalRecvMarker OBJECT-TYPE + SYNTAX TruthValue + + + +Bakke, et al. Standards Track [Page 26] + +RFC 4544 iSCSI MIB May 2006 + + + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "This object indicates whether or not this portal will + request markers in its incoming data stream." + REFERENCE + "RFC 3720, Appendix A." + DEFVAL { false } +::= { iscsiPortalAttributesEntry 12 } + +iscsiPortalStorageType OBJECT-TYPE + SYNTAX StorageType + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The storage type for this row. Rows in this table that were + created through an external process may have a storage type of + readOnly or permanent. + + Conceptual rows having the value 'permanent' need not + allow write access to any columnar objects in the row." + DEFVAL { nonVolatile } +::= { iscsiPortalAttributesEntry 13 } + +--********************************************************************** +iscsiTargetPortal OBJECT IDENTIFIER ::= { iscsiObjects 3 } + +-- Target Portal Attributes Table + +iscsiTgtPortalAttributesTable OBJECT-TYPE + SYNTAX SEQUENCE OF IscsiTgtPortalAttributesEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "A list of transport endpoints (using TCP or another transport + protocol) on which this iSCSI instance listens for incoming + connections to its targets." +::= { iscsiTargetPortal 1 } + +iscsiTgtPortalAttributesEntry OBJECT-TYPE + SYNTAX IscsiTgtPortalAttributesEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "An entry (row) containing management information applicable + to a particular portal instance that is used to listen for + incoming connections to local targets. One or more rows in + this table is populated by the agent for each + + + +Bakke, et al. Standards Track [Page 27] + +RFC 4544 iSCSI MIB May 2006 + + + iscsiPortalAttributesEntry row that has the bit + targetTypePortal set in its iscsiPortalRoles column." + INDEX { iscsiInstIndex, iscsiPortalIndex, + iscsiTgtPortalNodeIndexOrZero } +::= { iscsiTgtPortalAttributesTable 1 } + +IscsiTgtPortalAttributesEntry ::= SEQUENCE { + iscsiTgtPortalNodeIndexOrZero Unsigned32, + iscsiTgtPortalPort InetPortNumber, + iscsiTgtPortalTag Unsigned32 +} + +iscsiTgtPortalNodeIndexOrZero OBJECT-TYPE + SYNTAX Unsigned32 (0..4294967295) + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "An arbitrary integer used to uniquely identify a + particular node within an iSCSI instance present + on the local system. + + For implementations where each {portal, node} tuple + can have a different portal tag, this value will + map to the iscsiNodeIndex. + + For implementations where the portal tag is the + same for a given portal regardless of which node + is using the portal, the value 0 (zero) is used." +::= { iscsiTgtPortalAttributesEntry 1 } + +iscsiTgtPortalPort OBJECT-TYPE + SYNTAX InetPortNumber (1..65535) + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "The portal's transport protocol port number on which the + portal listens for incoming iSCSI connections when the + portal is used as a target portal. This object's storage + type is specified in iscsiPortalStorageType." +::= { iscsiTgtPortalAttributesEntry 2 } + +iscsiTgtPortalTag OBJECT-TYPE + SYNTAX Unsigned32 (1..65535) + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "The portal's aggregation tag when the portal is used as + a target portal. Multiple-connection sessions may + + + +Bakke, et al. Standards Track [Page 28] + +RFC 4544 iSCSI MIB May 2006 + + + be aggregated over portals sharing an identical + aggregation tag. This object's storage type is + specified in iscsiPortalStorageType." + REFERENCE + "RFC 3720, Section 3.4.1, iSCSI Architectural Model" +::= { iscsiTgtPortalAttributesEntry 3 } + +--********************************************************************** + +iscsiInitiatorPortal OBJECT IDENTIFIER ::= { iscsiObjects 4 } + +-- Initiator Portal Attributes Table + +iscsiIntrPortalAttributesTable OBJECT-TYPE + SYNTAX SEQUENCE OF IscsiIntrPortalAttributesEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "A list of Internet Network Addresses (using TCP or another + transport protocol) from which this iSCSI instance may + initiate connections to other targets." +::= { iscsiInitiatorPortal 1 } + +iscsiIntrPortalAttributesEntry OBJECT-TYPE + SYNTAX IscsiIntrPortalAttributesEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "An entry (row) containing management information applicable + to a particular portal instance that is used to initiate + connections to iSCSI targets. One or more rows in + this table is populated by the agent for each + iscsiPortalAttributesEntry row that has the bit + initiatorTypePortal set in its iscsiPortalRoles column." + INDEX { iscsiInstIndex, iscsiPortalIndex, + iscsiIntrPortalNodeIndexOrZero } +::= { iscsiIntrPortalAttributesTable 1 } + +IscsiIntrPortalAttributesEntry ::= SEQUENCE { + iscsiIntrPortalNodeIndexOrZero Unsigned32, + iscsiIntrPortalTag Unsigned32 +} + +iscsiIntrPortalNodeIndexOrZero OBJECT-TYPE + SYNTAX Unsigned32 (0..4294967295) + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + + + +Bakke, et al. Standards Track [Page 29] + +RFC 4544 iSCSI MIB May 2006 + + + "An arbitrary integer used to uniquely identify a + particular node within an iSCSI instance present + on the local system. + + For implementations where each {portal, node} tuple + can have a different portal tag, this value will + map to the iscsiNodeIndex. + + For implementations where the portal tag is the + same for a given portal regardless of which node + is using the portal, the value 0 (zero) is used." +::= { iscsiIntrPortalAttributesEntry 1 } + +iscsiIntrPortalTag OBJECT-TYPE + SYNTAX Unsigned32 (1..65535) + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "The portal's aggregation tag when the portal is used as + an initiator portal. Multiple-connection sessions may + be aggregated over portals sharing an identical + aggregation tag. This object's storage type is + specified in iscsiPortalStorageType." + REFERENCE + "RFC 3720, Section 3.4.1, iSCSI Architectural Model" +::= { iscsiIntrPortalAttributesEntry 2 } + +--********************************************************************** + +iscsiNode OBJECT IDENTIFIER ::= { iscsiObjects 5 } + +-- Node Attributes Table + +iscsiNodeAttributesTable OBJECT-TYPE + SYNTAX SEQUENCE OF IscsiNodeAttributesEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "A list of iSCSI nodes belonging to each iSCSI instance + present on the local system. An iSCSI node can act as + an initiator, a target, or both." +::= { iscsiNode 1 } + +iscsiNodeAttributesEntry OBJECT-TYPE + SYNTAX IscsiNodeAttributesEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + + + +Bakke, et al. Standards Track [Page 30] + +RFC 4544 iSCSI MIB May 2006 + + + "An entry (row) containing management information applicable + to a particular iSCSI node." + INDEX { iscsiInstIndex, iscsiNodeIndex } +::= { iscsiNodeAttributesTable 1 } + +IscsiNodeAttributesEntry ::= SEQUENCE { + iscsiNodeIndex Unsigned32, + iscsiNodeName IscsiName, + iscsiNodeAlias SnmpAdminString, + iscsiNodeRoles BITS, + iscsiNodeTransportType RowPointer, + iscsiNodeInitialR2T TruthValue, + iscsiNodeImmediateData TruthValue, + iscsiNodeMaxOutstandingR2T Unsigned32, + iscsiNodeFirstBurstLength Unsigned32, + iscsiNodeMaxBurstLength Unsigned32, + iscsiNodeMaxConnections Unsigned32, + iscsiNodeDataSequenceInOrder TruthValue, + iscsiNodeDataPDUInOrder TruthValue, + iscsiNodeDefaultTime2Wait Unsigned32, + iscsiNodeDefaultTime2Retain Unsigned32, + iscsiNodeErrorRecoveryLevel Unsigned32, + iscsiNodeDiscontinuityTime TimeStamp, + iscsiNodeStorageType StorageType +} + +iscsiNodeIndex OBJECT-TYPE + SYNTAX Unsigned32 (1..4294967295) + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "An arbitrary integer used to uniquely identify a particular + node within an iSCSI instance. This index value must not be + modified or reused by an agent unless a reboot has occurred. + An agent should attempt to keep this value persistent across + reboots." +::= { iscsiNodeAttributesEntry 1 } + +iscsiNodeName OBJECT-TYPE + SYNTAX IscsiName + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "This node's iSCSI name, which is independent of the location + of the node, and can be resolved into a set of addresses + through various discovery services." +::= { iscsiNodeAttributesEntry 2 } + + + + +Bakke, et al. Standards Track [Page 31] + +RFC 4544 iSCSI MIB May 2006 + + +iscsiNodeAlias OBJECT-TYPE + SYNTAX SnmpAdminString + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A character string that is a human-readable name or + description of the iSCSI node. If configured, this alias + may be communicated to the initiator or target node at + the remote end of the connection during a Login Request + or Response message. This string is not used as an + identifier, but can be displayed by the system's user + interface in a list of initiators and/or targets to + which it is connected. + + If no alias exists, the value is a zero-length string." + REFERENCE + "RFC 3720, Section 12.6, TargetAlias, 12.7, InitiatorAlias" +::= { iscsiNodeAttributesEntry 3 } + +iscsiNodeRoles OBJECT-TYPE + SYNTAX BITS { + targetTypeNode(0), + initiatorTypeNode(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A node can operate in one or both of two roles: + a target role and/or an initiator role. If the node + will operate in both roles, both bits must be set. + + This object will also define the corresponding rows that + will exist in the iscsiTargetAttributesTable, the + iscsiInitiatorAttributesTable or both. If the + targetTypeNode bit is set, there will be a corresponding + iscsiTargetAttributesEntry. If the initiatorTypeNode bit + is set, there will be a corresponding + iscsiInitiatorAttributesEntry. If both bits are set, + there will be a corresponding iscsiTgtPortalAttributesEntry + and iscsiPortalAttributesEntry." +::= { iscsiNodeAttributesEntry 4 } + +iscsiNodeTransportType OBJECT-TYPE + SYNTAX RowPointer + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A pointer to the corresponding row in the appropriate + + + +Bakke, et al. Standards Track [Page 32] + +RFC 4544 iSCSI MIB May 2006 + + + table for this SCSI transport, thereby allowing management + stations to locate the SCSI-level device that is represented + by this iscsiNode. For example, it will usually point to the + corresponding scsiTrnspt object in the SCSI MIB module. + + If no corresponding row exists, the value 0.0 must be + used to indicate this." + REFERENCE + "SCSI-MIB" +::= { iscsiNodeAttributesEntry 5 } + +iscsiNodeInitialR2T OBJECT-TYPE + SYNTAX TruthValue + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "This object indicates the InitialR2T preference for this + node: + true = YES, + false = will try to negotiate NO, will accept YES " + REFERENCE + "RFC 3720, Section 12.10, InitialR2T" +::= { iscsiNodeAttributesEntry 6 } + +iscsiNodeImmediateData OBJECT-TYPE + SYNTAX TruthValue + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "This object indicates ImmediateData preference for this + node: + true = YES (but will accept NO), + false = NO " + REFERENCE + "RFC 3720, Section 12.11, ImmediateData" + DEFVAL { true } +::= { iscsiNodeAttributesEntry 7 } + +iscsiNodeMaxOutstandingR2T OBJECT-TYPE + SYNTAX Unsigned32 (1..65535) + UNITS "R2Ts" + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "Maximum number of outstanding requests-to-transmit (R2Ts) + allowed per iSCSI task." + REFERENCE + "RFC 3720, Section 12.17, MaxOutstandingR2T" + + + +Bakke, et al. Standards Track [Page 33] + +RFC 4544 iSCSI MIB May 2006 + + + DEFVAL { 1 } +::= { iscsiNodeAttributesEntry 8 } + +iscsiNodeFirstBurstLength OBJECT-TYPE + SYNTAX Unsigned32 (512..16777215) + UNITS "bytes" + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "The maximum length (bytes) supported for unsolicited data + to/from this node." + REFERENCE + "RFC 3720, Section 12.14, FirstBurstLength" + DEFVAL { 65536 } +::= { iscsiNodeAttributesEntry 9 } + +iscsiNodeMaxBurstLength OBJECT-TYPE + SYNTAX Unsigned32 (512..16777215) + UNITS "bytes" + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "The maximum number of bytes that can be sent within + a single sequence of Data-In or Data-Out PDUs." + REFERENCE + "RFC 3720, Section 12.13, MaxBurstLength" + DEFVAL { 262144 } +::= { iscsiNodeAttributesEntry 10 } + +iscsiNodeMaxConnections OBJECT-TYPE + SYNTAX Unsigned32 (1..65535) + UNITS "connections" + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "The maximum number of connections allowed in each + session to and/or from this node." + REFERENCE + "RFC 3720, Section 12.2, MaxConnections" + DEFVAL { 1 } +::= { iscsiNodeAttributesEntry 11 } + +iscsiNodeDataSequenceInOrder OBJECT-TYPE + SYNTAX TruthValue + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "The DataSequenceInOrder preference of this node. + + + +Bakke, et al. Standards Track [Page 34] + +RFC 4544 iSCSI MIB May 2006 + + + False (=No) indicates that iSCSI data PDU sequences may + be transferred in any order. True (=Yes) indicates that + data PDU sequences must be transferred using + continuously increasing offsets, except during + error recovery." + REFERENCE + "RFC 3720, Section 12.19, DataSequenceInOrder" + DEFVAL { true } +::= { iscsiNodeAttributesEntry 12 } + +iscsiNodeDataPDUInOrder OBJECT-TYPE + SYNTAX TruthValue + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "The DataPDUInOrder preference of this node. + False (=No) indicates that iSCSI data PDUs within sequences + may be in any order. True (=Yes) indicates that data PDUs + within sequences must be at continuously increasing + addresses, with no gaps or overlay between PDUs." + REFERENCE + "RFC 3720, Section 12.18, DataPDUInOrder" + DEFVAL { true } +::= { iscsiNodeAttributesEntry 13 } + +iscsiNodeDefaultTime2Wait OBJECT-TYPE + SYNTAX Unsigned32 (0..3600) + UNITS "seconds" + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "The DefaultTime2Wait preference of this node. This is the + minimum time, in seconds, to wait before attempting an + explicit/implicit logout or active iSCSI task reassignment + after an unexpected connection termination or a connection + reset." + REFERENCE + "RFC 3720, Section 12.15, DefaultTime2Wait" + DEFVAL { 2 } +::= { iscsiNodeAttributesEntry 14 } + +iscsiNodeDefaultTime2Retain OBJECT-TYPE + SYNTAX Unsigned32 (0..3600) + UNITS "seconds" + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "The DefaultTime2Retain preference of this node. This is + + + +Bakke, et al. Standards Track [Page 35] + +RFC 4544 iSCSI MIB May 2006 + + + the maximum time, in seconds after an initial wait + (Time2Wait), before which an active iSCSI task reassignment + is still possible after an unexpected connection termination + or a connection reset." + REFERENCE + "RFC 3720, Section 12.16, DefaultTime2Retain" + DEFVAL { 20 } +::= { iscsiNodeAttributesEntry 15 } + +iscsiNodeErrorRecoveryLevel OBJECT-TYPE + SYNTAX Unsigned32 (0..255) + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "The ErrorRecoveryLevel preference of this node. + Currently, only 0-2 are valid. + + This object is designed to accommodate future error recovery + levels. + + Higher error recovery levels imply support in addition to + support for the lower error level functions. In other words, + error level 2 implies support for levels 0-1, since those + functions are subsets of error level 2." + REFERENCE + "RFC 3720, Section 12.20, ErrorRecoveryLevel" + DEFVAL { 0 } +::= { iscsiNodeAttributesEntry 16 } + +iscsiNodeDiscontinuityTime OBJECT-TYPE + SYNTAX TimeStamp + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The value of SysUpTime on the most recent occasion + at which any one or more of this node's counters + suffered a discontinuity. + + If no such discontinuities have occurred since the last + re-initialization of the local management subsystem, + then this object contains a zero value." +::= { iscsiNodeAttributesEntry 17 } + +iscsiNodeStorageType OBJECT-TYPE + SYNTAX StorageType + MAX-ACCESS read-write + STATUS current + DESCRIPTION + + + +Bakke, et al. Standards Track [Page 36] + +RFC 4544 iSCSI MIB May 2006 + + + "The storage type for all read-write objects within this + row. Rows in this table are always created via an + external process, and may have a storage type of readOnly + or permanent. Conceptual rows having the value 'permanent' + need not allow write access to any columnar objects in + the row. + + If this object has the value 'volatile', modifications + to read-write objects in this row are not persistent + across reboots. If this object has the value + 'nonVolatile', modifications to objects in this row + are persistent. + + An implementation may choose to allow this object + to be set to either 'nonVolatile' or 'volatile', + allowing the management application to choose this + behavior." + DEFVAL { volatile } +::= { iscsiNodeAttributesEntry 18 } + +--********************************************************************** + +iscsiTarget OBJECT IDENTIFIER ::= { iscsiObjects 6 } + +-- Target Attributes Table + +iscsiTargetAttributesTable OBJECT-TYPE + SYNTAX SEQUENCE OF IscsiTargetAttributesEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "A list of iSCSI nodes that can take on a target role, + belonging to each iSCSI instance present on the local + system." +::= { iscsiTarget 1 } + +iscsiTargetAttributesEntry OBJECT-TYPE + SYNTAX IscsiTargetAttributesEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "An entry (row) containing management information applicable + to a particular node that can take on a target role." + INDEX { iscsiInstIndex, iscsiNodeIndex } +::= { iscsiTargetAttributesTable 1 } + +IscsiTargetAttributesEntry ::= SEQUENCE { + iscsiTgtLoginFailures Counter32, + + + +Bakke, et al. Standards Track [Page 37] + +RFC 4544 iSCSI MIB May 2006 + + + iscsiTgtLastFailureTime TimeStamp, + iscsiTgtLastFailureType AutonomousType, + iscsiTgtLastIntrFailureName IscsiName, + iscsiTgtLastIntrFailureAddrType InetAddressType, + iscsiTgtLastIntrFailureAddr InetAddress +} + +iscsiTgtLoginFailures OBJECT-TYPE + SYNTAX Counter32 + UNITS "failed login attempts" + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "This object counts the number of times a login attempt to this + local target has failed. + If this counter has suffered a discontinuity, the time of the + last discontinuity is indicated in iscsiNodeDiscontinuityTime." + REFERENCE + "RFC 3720, Section 10.13.5, Status-Class and Status-Detail" +::= { iscsiTargetAttributesEntry 1 } + +iscsiTgtLastFailureTime OBJECT-TYPE + SYNTAX TimeStamp + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The timestamp of the most recent failure of a login attempt + to this target. A value of zero indicates that no such + failures have occurred since the last system boot." +::= { iscsiTargetAttributesEntry 2 } + +iscsiTgtLastFailureType OBJECT-TYPE + SYNTAX AutonomousType + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The type of the most recent failure of a login attempt + to this target, represented as the OID of the counter + object in iscsiTargetLoginStatsTable for which the + relevant instance was incremented. A value of 0.0 + indicates a type that is not represented by any of + the counters in iscsiTargetLoginStatsTable." +::= { iscsiTargetAttributesEntry 3 } + +iscsiTgtLastIntrFailureName OBJECT-TYPE + SYNTAX IscsiName + MAX-ACCESS read-only + STATUS current + + + +Bakke, et al. Standards Track [Page 38] + +RFC 4544 iSCSI MIB May 2006 + + + DESCRIPTION + "The iSCSI name of the initiator that failed the last + login attempt." +::= { iscsiTargetAttributesEntry 4 } + +iscsiTgtLastIntrFailureAddrType OBJECT-TYPE + SYNTAX InetAddressType + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The type of Internet Network Address contained in the + corresponding instance of the iscsiTgtLastIntrFailureAddr. + The value 'dns' is not allowed." +::= { iscsiTargetAttributesEntry 5 } + +iscsiTgtLastIntrFailureAddr OBJECT-TYPE + SYNTAX InetAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "An Internet Network Address, of the type specified by + the object iscsiTgtLastIntrFailureAddrType, giving the + host address of the initiator that failed the last login + attempt." +::= { iscsiTargetAttributesEntry 6 } + +-- Target Login Stats Table + +iscsiTargetLoginStatsTable OBJECT-TYPE + SYNTAX SEQUENCE OF IscsiTargetLoginStatsEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "A table of counters that keep a record of the results + of initiators' login attempts to this target." +::= { iscsiTarget 2 } + +iscsiTargetLoginStatsEntry OBJECT-TYPE + SYNTAX IscsiTargetLoginStatsEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "An entry (row) containing counters for each result of + a login attempt to this target." + AUGMENTS { iscsiTargetAttributesEntry } +::= { iscsiTargetLoginStatsTable 1 } + +IscsiTargetLoginStatsEntry ::= SEQUENCE { + + + +Bakke, et al. Standards Track [Page 39] + +RFC 4544 iSCSI MIB May 2006 + + + iscsiTgtLoginAccepts Counter32, + iscsiTgtLoginOtherFails Counter32, + iscsiTgtLoginRedirects Counter32, + iscsiTgtLoginAuthorizeFails Counter32, + iscsiTgtLoginAuthenticateFails Counter32, + iscsiTgtLoginNegotiateFails Counter32 +} + +iscsiTgtLoginAccepts OBJECT-TYPE + SYNTAX Counter32 + UNITS "successful logins" + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The count of Login Response PDUs with status + 0x0000, Accept Login, transmitted by this + target. + If this counter has suffered a discontinuity, the time of the + last discontinuity is indicated in iscsiNodeDiscontinuityTime." + REFERENCE + "RFC 3720, Section 10.13.5, Status-Class and Status-Detail" +::= { iscsiTargetLoginStatsEntry 1 } + +iscsiTgtLoginOtherFails OBJECT-TYPE + SYNTAX Counter32 + UNITS "failed logins" + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The number of Login Response PDUs that were transmitted + by this target and that were not counted by any other + object in the row. + If this counter has suffered a discontinuity, the time of the + last discontinuity is indicated in iscsiNodeDiscontinuityTime." + REFERENCE + "RFC 3720, Section 10.13.5, Status-Class and Status-Detail" +::= { iscsiTargetLoginStatsEntry 2 } + +iscsiTgtLoginRedirects OBJECT-TYPE + SYNTAX Counter32 + UNITS "redirected logins" + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The count of Login Response PDUs with status class 0x01, + Redirection, transmitted by this target. + If this counter has suffered a discontinuity, the time of the + last discontinuity is indicated in iscsiNodeDiscontinuityTime." + + + +Bakke, et al. Standards Track [Page 40] + +RFC 4544 iSCSI MIB May 2006 + + + REFERENCE + "RFC 3720, Section 10.13.5, Status-Class and Status-Detail" +::= { iscsiTargetLoginStatsEntry 3 } + +iscsiTgtLoginAuthorizeFails OBJECT-TYPE + SYNTAX Counter32 + UNITS "failed logins" + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The count of Login Response PDUs with status 0x0202, + Forbidden Target, transmitted by this target. + + If this counter is incremented, an iscsiTgtLoginFailure + notification should be generated. + If this counter has suffered a discontinuity, the time of the + last discontinuity is indicated in iscsiNodeDiscontinuityTime." + REFERENCE + "RFC 3720, Section 10.13.5, Status-Class and Status-Detail" +::= { iscsiTargetLoginStatsEntry 4 } + +iscsiTgtLoginAuthenticateFails OBJECT-TYPE + SYNTAX Counter32 + UNITS "failed logins" + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The count of Login Response PDUs with status 0x0201, + Authentication Failed, transmitted by this target. + + If this counter is incremented, an iscsiTgtLoginFailure + notification should be generated. + + If this counter has suffered a discontinuity, the time of the + last discontinuity is indicated in iscsiNodeDiscontinuityTime." + REFERENCE + "RFC 3720, Section 10.13.5, Status-Class and Status-Detail" +::= { iscsiTargetLoginStatsEntry 5 } + +iscsiTgtLoginNegotiateFails OBJECT-TYPE + SYNTAX Counter32 + UNITS "failed logins" + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The number of times a target has effectively refused a + login because the parameter negotiation failed. + + + + +Bakke, et al. Standards Track [Page 41] + +RFC 4544 iSCSI MIB May 2006 + + + If this counter is incremented, an iscsiTgtLoginFailure + notification should be generated. + If this counter has suffered a discontinuity, the time of the + last discontinuity is indicated in iscsiNodeDiscontinuityTime." +::= { iscsiTargetLoginStatsEntry 6 } + +-- Target Logout Stats Table + +iscsiTargetLogoutStatsTable OBJECT-TYPE + SYNTAX SEQUENCE OF IscsiTargetLogoutStatsEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "When a target receives a Logout command, it responds + with a Logout Response that carries a status code. + This table contains counters for both normal and + abnormal logout requests received by this target." +::= { iscsiTarget 3 } + +iscsiTargetLogoutStatsEntry OBJECT-TYPE + SYNTAX IscsiTargetLogoutStatsEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "An entry (row) containing counters of Logout Response + PDUs that were received by this target." + AUGMENTS { iscsiTargetAttributesEntry } +::= { iscsiTargetLogoutStatsTable 1 } + +IscsiTargetLogoutStatsEntry ::= SEQUENCE { + iscsiTgtLogoutNormals Counter32, + iscsiTgtLogoutOthers Counter32 +} + +iscsiTgtLogoutNormals OBJECT-TYPE + SYNTAX Counter32 + UNITS "normal logouts" + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The count of Logout Command PDUs received by this target, + with reason code 0 (closes the session). + If this counter has suffered a discontinuity, the time of the + last discontinuity is indicated in iscsiNodeDiscontinuityTime." + REFERENCE + "RFC 3720, Section 10.14.1, Reason Code" +::= { iscsiTargetLogoutStatsEntry 1 } + + + + +Bakke, et al. Standards Track [Page 42] + +RFC 4544 iSCSI MIB May 2006 + + +iscsiTgtLogoutOthers OBJECT-TYPE + SYNTAX Counter32 + UNITS "abnormal logouts" + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The count of Logout Command PDUs received by this target, + with any reason code other than 0. + If this counter has suffered a discontinuity, the time of the + last discontinuity is indicated in iscsiNodeDiscontinuityTime." + REFERENCE + "RFC 3720, Section 10.14.1, Reason Code" +::= { iscsiTargetLogoutStatsEntry 2 } + +--********************************************************************** + +iscsiTgtAuthorization OBJECT IDENTIFIER ::= { iscsiObjects 7 } + +-- Target Authorization Attributes Table + +iscsiTgtAuthAttributesTable OBJECT-TYPE + SYNTAX SEQUENCE OF IscsiTgtAuthAttributesEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "A list of initiator identities that are authorized to + access each target node within each iSCSI instance + present on the local system." +::= { iscsiTgtAuthorization 1 } + +iscsiTgtAuthAttributesEntry OBJECT-TYPE + SYNTAX IscsiTgtAuthAttributesEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "An entry (row) containing management information + applicable to a particular target node's authorized + initiator identity." + INDEX { iscsiInstIndex, iscsiNodeIndex, iscsiTgtAuthIndex } +::= { iscsiTgtAuthAttributesTable 1 } + +IscsiTgtAuthAttributesEntry ::= SEQUENCE { + iscsiTgtAuthIndex Unsigned32, + iscsiTgtAuthRowStatus RowStatus, + iscsiTgtAuthIdentity RowPointer, + iscsiTgtAuthStorageType StorageType +} + + + + +Bakke, et al. Standards Track [Page 43] + +RFC 4544 iSCSI MIB May 2006 + + +iscsiTgtAuthIndex OBJECT-TYPE + SYNTAX Unsigned32 (1..4294967295) + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "An arbitrary integer used to uniquely identify a particular + target's authorized initiator identity within an iSCSI + instance present on the local system. This index value must + not be modified or reused by an agent unless a reboot has + occurred. An agent should attempt to keep this value + persistent across reboots." +::= { iscsiTgtAuthAttributesEntry 1 } + +iscsiTgtAuthRowStatus OBJECT-TYPE + SYNTAX RowStatus + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "This field allows entries to be dynamically added and + removed from this table via SNMP. When adding a row to + this table, all non-Index/RowStatus objects must be set. + When the value of this object is 'active', the values of + the other objects in this table cannot be changed. + Rows may be discarded using RowStatus." +::= { iscsiTgtAuthAttributesEntry 2 } + +iscsiTgtAuthIdentity OBJECT-TYPE + SYNTAX RowPointer + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "A pointer to the corresponding user entry in the IPS-AUTH + MIB module that will be allowed to access this iSCSI target." + REFERENCE + "IPS-AUTH MIB, RFC 4545" +::= { iscsiTgtAuthAttributesEntry 3 } + +iscsiTgtAuthStorageType OBJECT-TYPE + SYNTAX StorageType + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The storage type for this row. Rows in this table that were + created through an external process may have a storage type of + readOnly or permanent. + + Conceptual rows having the value 'permanent' need not + allow write access to any columnar objects in the row." + + + +Bakke, et al. Standards Track [Page 44] + +RFC 4544 iSCSI MIB May 2006 + + + DEFVAL { nonVolatile } +::= { iscsiTgtAuthAttributesEntry 4 } + +--********************************************************************** + +iscsiInitiator OBJECT IDENTIFIER ::= { iscsiObjects 8 } + +-- Initiator Attributes Table + +iscsiInitiatorAttributesTable OBJECT-TYPE + SYNTAX SEQUENCE OF IscsiInitiatorAttributesEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "A list of iSCSI nodes that can take on an initiator + role, belonging to each iSCSI instance present on + the local system." +::= { iscsiInitiator 1 } + +iscsiInitiatorAttributesEntry OBJECT-TYPE + SYNTAX IscsiInitiatorAttributesEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "An entry (row) containing management information + applicable to a particular iSCSI node that has + initiator capabilities." + INDEX { iscsiInstIndex, iscsiNodeIndex } +::= { iscsiInitiatorAttributesTable 1 } + +IscsiInitiatorAttributesEntry ::= SEQUENCE { + iscsiIntrLoginFailures Counter32, + iscsiIntrLastFailureTime TimeStamp, + iscsiIntrLastFailureType AutonomousType, + iscsiIntrLastTgtFailureName IscsiName, + iscsiIntrLastTgtFailureAddrType InetAddressType, + iscsiIntrLastTgtFailureAddr InetAddress +} + +iscsiIntrLoginFailures OBJECT-TYPE + SYNTAX Counter32 + UNITS "failed logins" + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "This object counts the number of times a login attempt from + this local initiator has failed. + If this counter has suffered a discontinuity, the time of the + + + +Bakke, et al. Standards Track [Page 45] + +RFC 4544 iSCSI MIB May 2006 + + + last discontinuity is indicated in iscsiNodeDiscontinuityTime." + REFERENCE + "RFC 3720, Section 10.13.5, Status-Class and Status-Detail" +::= { iscsiInitiatorAttributesEntry 1 } + +iscsiIntrLastFailureTime OBJECT-TYPE + SYNTAX TimeStamp + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The timestamp of the most recent failure of a login attempt + from this initiator. A value of zero indicates that no such + failures have occurred since the last system boot." +::= { iscsiInitiatorAttributesEntry 2 } + +iscsiIntrLastFailureType OBJECT-TYPE + SYNTAX AutonomousType + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The type of the most recent failure of a login attempt + from this initiator, represented as the OID of the counter + object in iscsiInitiatorLoginStatsTable for which the + relevant instance was incremented. A value of 0.0 + indicates a type that is not represented by any of + the counters in iscsiInitiatorLoginStatsTable." +::= { iscsiInitiatorAttributesEntry 3 } + +iscsiIntrLastTgtFailureName OBJECT-TYPE + SYNTAX IscsiName + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A UTF-8 string giving the name of the target that failed + the last login attempt." +::= { iscsiInitiatorAttributesEntry 4 } + +iscsiIntrLastTgtFailureAddrType OBJECT-TYPE + SYNTAX InetAddressType + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The type of Internet Network Address contained in the + corresponding instance of the iscsiIntrLastTgtFailureAddr. + The value 'dns' is not allowed." +::= { iscsiInitiatorAttributesEntry 5 } + +iscsiIntrLastTgtFailureAddr OBJECT-TYPE + + + +Bakke, et al. Standards Track [Page 46] + +RFC 4544 iSCSI MIB May 2006 + + + SYNTAX InetAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "An Internet Network Address, of the type specified by the + object iscsiIntrLastTgtFailureAddrType, giving the host + address of the target that failed the last login attempt." +::= { iscsiInitiatorAttributesEntry 6 } + +-- Initiator Login Stats Table + +iscsiInitiatorLoginStatsTable OBJECT-TYPE + SYNTAX SEQUENCE OF IscsiInitiatorLoginStatsEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "A table of counters which keep track of the results of + this initiator's login attempts." +::= { iscsiInitiator 2 } + +iscsiInitiatorLoginStatsEntry OBJECT-TYPE + SYNTAX IscsiInitiatorLoginStatsEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "An entry (row) containing counters of each result + of this initiator's login attempts." + AUGMENTS { iscsiInitiatorAttributesEntry } +::= { iscsiInitiatorLoginStatsTable 1 } + +IscsiInitiatorLoginStatsEntry ::= SEQUENCE { + iscsiIntrLoginAcceptRsps Counter32, + iscsiIntrLoginOtherFailRsps Counter32, + iscsiIntrLoginRedirectRsps Counter32, + iscsiIntrLoginAuthFailRsps Counter32, + iscsiIntrLoginAuthenticateFails Counter32, + iscsiIntrLoginNegotiateFails Counter32 +} + +iscsiIntrLoginAcceptRsps OBJECT-TYPE + SYNTAX Counter32 + UNITS "successful logins" + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The count of Login Response PDUs with status + 0x0000, Accept Login, received by this initiator. + If this counter has suffered a discontinuity, the time of the + + + +Bakke, et al. Standards Track [Page 47] + +RFC 4544 iSCSI MIB May 2006 + + + last discontinuity is indicated in iscsiNodeDiscontinuityTime." + REFERENCE + "RFC 3720, Section 10.13.5, Status-Class and Status-Detail" +::= { iscsiInitiatorLoginStatsEntry 1 } + +iscsiIntrLoginOtherFailRsps OBJECT-TYPE + SYNTAX Counter32 + UNITS "failed logins" + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The count of Login Response PDUs received by this + initiator with any status code not counted in the + objects below. + If this counter has suffered a discontinuity, the time of the + last discontinuity is indicated in iscsiNodeDiscontinuityTime." + REFERENCE + "RFC 3720, Section 10.13.5, Status-Class and Status-Detail" +::= { iscsiInitiatorLoginStatsEntry 2 } + +iscsiIntrLoginRedirectRsps OBJECT-TYPE + SYNTAX Counter32 + UNITS "failed logins" + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The count of Login Response PDUs with status class 0x01, + Redirection, received by this initiator. + If this counter has suffered a discontinuity, the time of the + last discontinuity is indicated in iscsiNodeDiscontinuityTime." + REFERENCE + "RFC 3720, Section 10.13.5, Status-Class and Status-Detail" +::= { iscsiInitiatorLoginStatsEntry 3 } + +iscsiIntrLoginAuthFailRsps OBJECT-TYPE + SYNTAX Counter32 + UNITS "failed logins" + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The count of Login Response PDUs with status class 0x201, + Authentication Failed, received by this initiator. + If this counter has suffered a discontinuity, the time of the + last discontinuity is indicated in iscsiNodeDiscontinuityTime." + REFERENCE + "RFC 3720, Section 10.13.5, Status-Class and Status-Detail" +::= { iscsiInitiatorLoginStatsEntry 4 } + + + + +Bakke, et al. Standards Track [Page 48] + +RFC 4544 iSCSI MIB May 2006 + + +iscsiIntrLoginAuthenticateFails OBJECT-TYPE + SYNTAX Counter32 + UNITS "failed logins" + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The number of times the initiator has aborted a + login because the target could not be authenticated. + + No response is generated. + + If this counter is incremented, an iscsiIntrLoginFailure + notification should be generated. + If this counter has suffered a discontinuity, the time of the + last discontinuity is indicated in iscsiNodeDiscontinuityTime." + REFERENCE + "RFC 3720, Section 10.13.5, Status-Class and Status-Detail" +::= { iscsiInitiatorLoginStatsEntry 5 } + +iscsiIntrLoginNegotiateFails OBJECT-TYPE + SYNTAX Counter32 + UNITS "failed logins" + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The number of times the initiator has aborted a + login because parameter negotiation with the target + failed. + + No response is generated. + + If this counter is incremented, an iscsiIntrLoginFailure + notification should be generated. + If this counter has suffered a discontinuity, the time of the + last discontinuity is indicated in iscsiNodeDiscontinuityTime." + REFERENCE + "RFC 3720, Section 6.10, Negotiation Failures" +::= { iscsiInitiatorLoginStatsEntry 6 } + +-- Initiator Logout Stats Table + +iscsiInitiatorLogoutStatsTable OBJECT-TYPE + SYNTAX SEQUENCE OF IscsiInitiatorLogoutStatsEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "When an initiator attempts to send a Logout command, the target + responds with a Logout Response that carries a status code. + + + +Bakke, et al. Standards Track [Page 49] + +RFC 4544 iSCSI MIB May 2006 + + + This table contains a list of counters of Logout Response + PDUs of each status code that was received by each + initiator belonging to this iSCSI instance present on this + system." +::= { iscsiInitiator 3 } + +iscsiInitiatorLogoutStatsEntry OBJECT-TYPE + SYNTAX IscsiInitiatorLogoutStatsEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "An entry (row) containing counters of Logout Response + PDUs of each status code that was generated by this + initiator." + AUGMENTS { iscsiInitiatorAttributesEntry } +::= { iscsiInitiatorLogoutStatsTable 1 } + +IscsiInitiatorLogoutStatsEntry ::= SEQUENCE { + iscsiIntrLogoutNormals Counter32, + iscsiIntrLogoutOthers Counter32 +} + +iscsiIntrLogoutNormals OBJECT-TYPE + SYNTAX Counter32 + UNITS "normal logouts" + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The count of Logout Command PDUs generated by this initiator + with reason code 0 (closes the session). + If this counter has suffered a discontinuity, the time of the + last discontinuity is indicated in iscsiNodeDiscontinuityTime." + REFERENCE + "RFC 3720, Section 10.14.1, Reason Code" +::= { iscsiInitiatorLogoutStatsEntry 1 } + +iscsiIntrLogoutOthers OBJECT-TYPE + SYNTAX Counter32 + UNITS "abnormal logouts" + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The count of Logout Command PDUs generated by this initiator + with any status code other than 0. + If this counter has suffered a discontinuity, the time of the + last discontinuity is indicated in iscsiNodeDiscontinuityTime." + REFERENCE + "RFC 3720, Section 10.14.1, Reason Code" + + + +Bakke, et al. Standards Track [Page 50] + +RFC 4544 iSCSI MIB May 2006 + + +::= { iscsiInitiatorLogoutStatsEntry 2 } + +--********************************************************************** + +iscsiIntrAuthorization OBJECT IDENTIFIER ::= { iscsiObjects 9 } + +-- Initiator Authorization Attributes Table + +iscsiIntrAuthAttributesTable OBJECT-TYPE + SYNTAX SEQUENCE OF IscsiIntrAuthAttributesEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "A list of target identities that each initiator + on the local system may access." +::= { iscsiIntrAuthorization 1 } + +iscsiIntrAuthAttributesEntry OBJECT-TYPE + SYNTAX IscsiIntrAuthAttributesEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "An entry (row) containing management information applicable + to a particular initiator node's authorized target identity." + INDEX { iscsiInstIndex, iscsiNodeIndex, iscsiIntrAuthIndex } +::= { iscsiIntrAuthAttributesTable 1 } + +IscsiIntrAuthAttributesEntry ::= SEQUENCE { + iscsiIntrAuthIndex Unsigned32, + iscsiIntrAuthRowStatus RowStatus, + iscsiIntrAuthIdentity RowPointer, + iscsiIntrAuthStorageType StorageType +} + +iscsiIntrAuthIndex OBJECT-TYPE + SYNTAX Unsigned32 (1..4294967295) + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "An arbitrary integer used to uniquely identify a + particular initiator node's authorized target + identity within an iSCSI instance present on the + local system. This index value must not be modified + or reused by an agent unless a reboot has occurred. + An agent should attempt to keep this value persistent + across reboots." +::= { iscsiIntrAuthAttributesEntry 1 } + + + + +Bakke, et al. Standards Track [Page 51] + +RFC 4544 iSCSI MIB May 2006 + + +iscsiIntrAuthRowStatus OBJECT-TYPE + SYNTAX RowStatus + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "This field allows entries to be dynamically added and + removed from this table via SNMP. When adding a row to + this table, all non-Index/RowStatus objects must be set. + When the value of this object is 'active', the values of + the other objects in this table cannot be changed. + Rows may be discarded using RowStatus." +::= { iscsiIntrAuthAttributesEntry 2 } + +iscsiIntrAuthIdentity OBJECT-TYPE + SYNTAX RowPointer + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "A pointer to the corresponding user entry in the IPS-AUTH + MIB module to which this initiator node should attempt to + establish an iSCSI session." + REFERENCE + "IPS-AUTH MIB, RFC 4545" +::= { iscsiIntrAuthAttributesEntry 3 } + +iscsiIntrAuthStorageType OBJECT-TYPE + SYNTAX StorageType + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The storage type for this row. Rows in this table that were + created through an external process may have a storage type of + readOnly or permanent. + + Conceptual rows having the value 'permanent' need not + allow write access to any columnar objects in the row." + DEFVAL { nonVolatile } +::= { iscsiIntrAuthAttributesEntry 4 } + +--********************************************************************** + +iscsiSession OBJECT IDENTIFIER ::= { iscsiObjects 10 } + +-- Session Attributes Table + +iscsiSessionAttributesTable OBJECT-TYPE + SYNTAX SEQUENCE OF IscsiSessionAttributesEntry + MAX-ACCESS not-accessible + + + +Bakke, et al. Standards Track [Page 52] + +RFC 4544 iSCSI MIB May 2006 + + + STATUS current + DESCRIPTION + "A list of sessions belonging to each iSCSI instance + present on the system." +::= { iscsiSession 1 } + +iscsiSessionAttributesEntry OBJECT-TYPE + SYNTAX IscsiSessionAttributesEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "An entry (row) containing management information applicable + to a particular session. + + If this session is a discovery session that is not attached + to any particular node, the iscsiSsnNodeIndex will be zero. + Otherwise, the iscsiSsnNodeIndex will have the same value as + iscsiNodeIndex." + INDEX { iscsiInstIndex, iscsiSsnNodeIndex, iscsiSsnIndex } +::= { iscsiSessionAttributesTable 1 } + +IscsiSessionAttributesEntry ::= SEQUENCE { + iscsiSsnNodeIndex Unsigned32, + iscsiSsnIndex Unsigned32, + iscsiSsnDirection INTEGER, + iscsiSsnInitiatorName IscsiName, + iscsiSsnTargetName IscsiName, + iscsiSsnTSIH Unsigned32, + iscsiSsnISID OCTET STRING, + iscsiSsnInitiatorAlias SnmpAdminString, + iscsiSsnTargetAlias SnmpAdminString, + iscsiSsnInitialR2T TruthValue, + iscsiSsnImmediateData TruthValue, + iscsiSsnType INTEGER, + iscsiSsnMaxOutstandingR2T Unsigned32, + iscsiSsnFirstBurstLength Unsigned32, + iscsiSsnMaxBurstLength Unsigned32, + iscsiSsnConnectionNumber Gauge32, + iscsiSsnAuthIdentity RowPointer, + iscsiSsnDataSequenceInOrder TruthValue, + iscsiSsnDataPDUInOrder TruthValue, + iscsiSsnErrorRecoveryLevel Unsigned32, + iscsiSsnDiscontinuityTime TimeStamp +} + +iscsiSsnNodeIndex OBJECT-TYPE + SYNTAX Unsigned32 (0..4294967295) + MAX-ACCESS not-accessible + + + +Bakke, et al. Standards Track [Page 53] + +RFC 4544 iSCSI MIB May 2006 + + + STATUS current + DESCRIPTION + "An arbitrary integer used to uniquely identify a + particular node within an iSCSI instance present + on the local system. For normal, non-discovery + sessions, this value will map to the iscsiNodeIndex. + For discovery sessions that do not have a node + associated, the value 0 (zero) is used." +::= { iscsiSessionAttributesEntry 1 } + +iscsiSsnIndex OBJECT-TYPE + SYNTAX Unsigned32 (1..4294967295) + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "An arbitrary integer used to uniquely identify a + particular session within an iSCSI instance present + on the local system. An agent should attempt to + not reuse index values unless a reboot has occurred. + iSCSI sessions are destroyed during a reboot; rows + in this table are not persistent across reboots." +::= { iscsiSessionAttributesEntry 2 } + +iscsiSsnDirection OBJECT-TYPE + SYNTAX INTEGER { + inboundSession(1), + outboundSession(2) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Direction of iSCSI session: + inboundSession - session is established from an external + initiator to a target within this iSCSI + instance. + outboundSession - session is established from an initiator + within this iSCSI instance to an external + target." +::= { iscsiSessionAttributesEntry 3 } + +iscsiSsnInitiatorName OBJECT-TYPE + SYNTAX IscsiName + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "If iscsiSsnDirection is Inbound, this object is a + UTF-8 string that will contain the name of the remote + initiator. If this session is a discovery session that + + + +Bakke, et al. Standards Track [Page 54] + +RFC 4544 iSCSI MIB May 2006 + + + does not specify a particular initiator, this object + will contain a zero-length string. + + If iscsiSsnDirection is Outbound, this object will + contain a zero-length string." +::= { iscsiSessionAttributesEntry 4 } + +iscsiSsnTargetName OBJECT-TYPE + SYNTAX IscsiName + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "If iscsiSsnDirection is Outbound, this object is a + UTF-8 string that will contain the name of the remote + target. If this session is a discovery session that + does not specify a particular target, this object will + contain a zero-length string. + + If iscsiSsnDirection is Inbound, this object will + contain a zero-length string." +::= { iscsiSessionAttributesEntry 5 } + +iscsiSsnTSIH OBJECT-TYPE + SYNTAX Unsigned32 (1..65535) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The target-defined identification handle for this session." + REFERENCE + "RFC 3720, Section 10.12.6, TSIH" +::= { iscsiSessionAttributesEntry 6 } + +iscsiSsnISID OBJECT-TYPE + SYNTAX OCTET STRING (SIZE(6)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The initiator-defined portion of the iSCSI Session ID." + REFERENCE + "RFC 3720, Section 10.12.5, ISID" +::= { iscsiSessionAttributesEntry 7 } + +iscsiSsnInitiatorAlias OBJECT-TYPE + SYNTAX SnmpAdminString + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A UTF-8 string that gives the alias communicated by the + + + +Bakke, et al. Standards Track [Page 55] + +RFC 4544 iSCSI MIB May 2006 + + + initiator end of the session during the login phase. + + If no alias exists, the value is a zero-length string." + REFERENCE + "RFC 3720, Section 12.7, InitiatorAlias" +::= { iscsiSessionAttributesEntry 8 } + +iscsiSsnTargetAlias OBJECT-TYPE + SYNTAX SnmpAdminString + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A UTF-8 string that gives the alias communicated by the + target end of the session during the login phase. + + If no alias exists, the value is a zero-length string." + REFERENCE + "RFC 3720, Section 12.6, TargetAlias" +::= { iscsiSessionAttributesEntry 9 } + +iscsiSsnInitialR2T OBJECT-TYPE + SYNTAX TruthValue + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "If set to true, indicates that the initiator must wait + for an R2T before sending to the target. If set to false, + the initiator may send data immediately, within limits set + by iscsiSsnFirstBurstLength and the expected data transfer + length of the request." + REFERENCE + "RFC 3720, Section 12.10, InitialR2T" +::= { iscsiSessionAttributesEntry 10 } + +iscsiSsnImmediateData OBJECT-TYPE + SYNTAX TruthValue + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Indicates whether the initiator and target have agreed to + support immediate data on this session." + REFERENCE + "RFC 3720, Section 12.11, ImmediateData" +::= { iscsiSessionAttributesEntry 11 } + +iscsiSsnType OBJECT-TYPE + SYNTAX INTEGER { + normalSession(1), + + + +Bakke, et al. Standards Track [Page 56] + +RFC 4544 iSCSI MIB May 2006 + + + discoverySession(2) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Type of iSCSI session: + normalSession - session is a normal iSCSI session + discoverySession - session is being used only for discovery." + REFERENCE + "RFC 3720, Section 12.21, SessionType" +::= { iscsiSessionAttributesEntry 12 } + +iscsiSsnMaxOutstandingR2T OBJECT-TYPE + SYNTAX Unsigned32 (1..65535) + UNITS "R2Ts" + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The maximum number of outstanding requests-to-transmit + (R2Ts) per iSCSI task within this session." + REFERENCE + "RFC 3720, Section 12.17, MaxOutstandingR2T" +::= { iscsiSessionAttributesEntry 13 } + +iscsiSsnFirstBurstLength OBJECT-TYPE + SYNTAX Unsigned32 (512..16777215) + UNITS "bytes" + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The maximum length supported for unsolicited data sent + within this session." + REFERENCE + "RFC 3720, Section 12.14, FirstBurstLength" +::= { iscsiSessionAttributesEntry 14 } + +iscsiSsnMaxBurstLength OBJECT-TYPE + SYNTAX Unsigned32 (512..16777215) + UNITS "bytes" + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The maximum number of bytes that can be sent within + a single sequence of Data-In or Data-Out PDUs." + REFERENCE + "RFC 3720, Section 12.13, MaxBurstLength" +::= { iscsiSessionAttributesEntry 15 } + + + + +Bakke, et al. Standards Track [Page 57] + +RFC 4544 iSCSI MIB May 2006 + + +iscsiSsnConnectionNumber OBJECT-TYPE + SYNTAX Gauge32 (1..65535) + UNITS "connections" + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The number of transport protocol connections that currently + belong to this session." +::= { iscsiSessionAttributesEntry 16 } + +iscsiSsnAuthIdentity OBJECT-TYPE + SYNTAX RowPointer + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "This object contains a pointer to a row in the + IPS-AUTH MIB module that identifies the authentication + method being used on this session, as communicated + during the login phase." + REFERENCE + "IPS-AUTH MIB, RFC 4545" +::= { iscsiSessionAttributesEntry 17 } + + iscsiSsnDataSequenceInOrder OBJECT-TYPE + SYNTAX TruthValue + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "False indicates that iSCSI data PDU sequences may + be transferred in any order. True indicates that + data PDU sequences must be transferred using + continuously increasing offsets, except during + error recovery." + REFERENCE + "RFC 3720, Section 12.19, DataSequenceInOrder" +::= { iscsiSessionAttributesEntry 18 } + +iscsiSsnDataPDUInOrder OBJECT-TYPE + SYNTAX TruthValue + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "False indicates that iSCSI data PDUs within sequences + may be in any order. True indicates that data PDUs + within sequences must be at continuously increasing + addresses, with no gaps or overlay between PDUs. + + Default is true." + + + +Bakke, et al. Standards Track [Page 58] + +RFC 4544 iSCSI MIB May 2006 + + + REFERENCE + "RFC 3720, Section 12.18, DataPDUInOrder" +::= { iscsiSessionAttributesEntry 19 } + +iscsiSsnErrorRecoveryLevel OBJECT-TYPE + SYNTAX Unsigned32 (0..255) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The level of error recovery negotiated between + the initiator and the target. Higher numbers + represent more detailed recovery schemes." + REFERENCE + "RFC 3720, Section 12.20, ErrorRecoveryLevel" +::= { iscsiSessionAttributesEntry 20 } + +iscsiSsnDiscontinuityTime OBJECT-TYPE + SYNTAX TimeStamp + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The value of SysUpTime on the most recent occasion + at which any one or more of this session's counters + suffered a discontinuity. + When a session is established, and this object is + created, it is initialized to the current value + of SysUpTime." +::= { iscsiSessionAttributesEntry 21 } + +-- Session Stats Table + +iscsiSessionStatsTable OBJECT-TYPE + SYNTAX SEQUENCE OF IscsiSessionStatsEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "A list of general iSCSI traffic counters for each of the + sessions present on the system." +::= { iscsiSession 2 } + +iscsiSessionStatsEntry OBJECT-TYPE + SYNTAX IscsiSessionStatsEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "An entry (row) containing general iSCSI traffic counters + for a particular session." + AUGMENTS { iscsiSessionAttributesEntry } + + + +Bakke, et al. Standards Track [Page 59] + +RFC 4544 iSCSI MIB May 2006 + + +::= { iscsiSessionStatsTable 1 } + +IscsiSessionStatsEntry ::= SEQUENCE { + iscsiSsnCmdPDUs Counter32, + iscsiSsnRspPDUs Counter32, + iscsiSsnTxDataOctets Counter64, + iscsiSsnRxDataOctets Counter64, + iscsiSsnLCTxDataOctets Counter32, + iscsiSsnLCRxDataOctets Counter32 +} + +iscsiSsnCmdPDUs OBJECT-TYPE + SYNTAX Counter32 + UNITS "PDUs" + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The count of Command PDUs transferred on this session. + If this counter has suffered a discontinuity, the time of the + last discontinuity is indicated in iscsiSsnDiscontinuityTime." +::= { iscsiSessionStatsEntry 1 } + +iscsiSsnRspPDUs OBJECT-TYPE + SYNTAX Counter32 + UNITS "PDUs" + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The count of Response PDUs transferred on this session. + If this counter has suffered a discontinuity, the time of the + last discontinuity is indicated in iscsiSsnDiscontinuityTime." +::= { iscsiSessionStatsEntry 2 } + +iscsiSsnTxDataOctets OBJECT-TYPE + SYNTAX Counter64 + UNITS "octets" + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The count of data octets that were transmitted by + the local iSCSI node on this session. + If this counter has suffered a discontinuity, the time of the + last discontinuity is indicated in iscsiSsnDiscontinuityTime." +::= { iscsiSessionStatsEntry 3 } + +iscsiSsnRxDataOctets OBJECT-TYPE + SYNTAX Counter64 + UNITS "octets" + + + +Bakke, et al. Standards Track [Page 60] + +RFC 4544 iSCSI MIB May 2006 + + + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The count of data octets that were received by + the local iSCSI node on this session. + If this counter has suffered a discontinuity, the time of the + last discontinuity is indicated in iscsiSsnDiscontinuityTime." +::= { iscsiSessionStatsEntry 4 } + +iscsiSsnLCTxDataOctets OBJECT-TYPE + SYNTAX Counter32 + UNITS "octets" + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A Low Capacity shadow object of iscsiSsnTxDataOctets + for those systems that don't support Counter64. + If this counter has suffered a discontinuity, the time of the + last discontinuity is indicated in iscsiSsnDiscontinuityTime." +::= { iscsiSessionStatsEntry 5 } + +iscsiSsnLCRxDataOctets OBJECT-TYPE + SYNTAX Counter32 + UNITS "octets" + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A Low Capacity shadow object of iscsiSsnRxDataOctets + for those systems that don't support Counter64. + If this counter has suffered a discontinuity, the time of the + last discontinuity is indicated in iscsiSsnDiscontinuityTime." +::= { iscsiSessionStatsEntry 6 } + +-- Session Connection Error Stats Table + +iscsiSessionCxnErrorStatsTable OBJECT-TYPE + SYNTAX SEQUENCE OF IscsiSessionCxnErrorStatsEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "A list of error counters for each of the sessions + present on this system." +::= { iscsiSession 3 } + +iscsiSessionCxnErrorStatsEntry OBJECT-TYPE + SYNTAX IscsiSessionCxnErrorStatsEntry + MAX-ACCESS not-accessible + STATUS current + + + +Bakke, et al. Standards Track [Page 61] + +RFC 4544 iSCSI MIB May 2006 + + + DESCRIPTION + "An entry (row) containing error counters for + a particular session." + AUGMENTS { iscsiSessionAttributesEntry } +::= { iscsiSessionCxnErrorStatsTable 1 } + +IscsiSessionCxnErrorStatsEntry ::= SEQUENCE { + iscsiSsnCxnDigestErrors Counter32, + iscsiSsnCxnTimeoutErrors Counter32 +} + +iscsiSsnCxnDigestErrors OBJECT-TYPE + SYNTAX Counter32 + UNITS "PDUs" + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The count of PDUs that were received on the session and + contained header or data digest errors. + If this counter has suffered a discontinuity, the time of the + last discontinuity is indicated in iscsiSsnDiscontinuityTime." + REFERENCE + "RFC 3720, Section 6.7, Digest Errors" +::= { iscsiSessionCxnErrorStatsEntry 1 } + +iscsiSsnCxnTimeoutErrors OBJECT-TYPE + SYNTAX Counter32 + UNITS "connections" + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The count of connections within this session + that have been terminated due to timeout. + If this counter has suffered a discontinuity, the time of the + last discontinuity is indicated in iscsiSsnDiscontinuityTime." + REFERENCE + "RFC 3720, Section 6.4, Connection Timeout Management" +::= { iscsiSessionCxnErrorStatsEntry 2 } + +--********************************************************************** + +iscsiConnection OBJECT IDENTIFIER ::= { iscsiObjects 11 } + +-- Connection Attributes Table + +iscsiConnectionAttributesTable OBJECT-TYPE + SYNTAX SEQUENCE OF IscsiConnectionAttributesEntry + MAX-ACCESS not-accessible + + + +Bakke, et al. Standards Track [Page 62] + +RFC 4544 iSCSI MIB May 2006 + + + STATUS current + DESCRIPTION + "A list of connections belonging to each iSCSI instance + present on the system." +::= { iscsiConnection 1 } + +iscsiConnectionAttributesEntry OBJECT-TYPE + SYNTAX IscsiConnectionAttributesEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "An entry (row) containing management information applicable + to a particular connection." + INDEX { iscsiInstIndex, iscsiSsnNodeIndex, iscsiSsnIndex, + iscsiCxnIndex } +::= { iscsiConnectionAttributesTable 1 } + +IscsiConnectionAttributesEntry ::= SEQUENCE { + iscsiCxnIndex Unsigned32, + iscsiCxnCid Unsigned32, + iscsiCxnState INTEGER, + iscsiCxnAddrType InetAddressType, + iscsiCxnLocalAddr InetAddress, + iscsiCxnProtocol IscsiTransportProtocol, + iscsiCxnLocalPort InetPortNumber, + iscsiCxnRemoteAddr InetAddress, + iscsiCxnRemotePort InetPortNumber, + iscsiCxnMaxRecvDataSegLength Unsigned32, + iscsiCxnMaxXmitDataSegLength Unsigned32, + iscsiCxnHeaderIntegrity IscsiDigestMethod, + iscsiCxnDataIntegrity IscsiDigestMethod, + iscsiCxnRecvMarker TruthValue, + iscsiCxnSendMarker TruthValue, + iscsiCxnVersionActive Unsigned32 +} + +iscsiCxnIndex OBJECT-TYPE + SYNTAX Unsigned32 (1..4294967295) + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "An arbitrary integer used to uniquely identify a + particular connection of a particular session within + an iSCSI instance present on the local system. An + agent should attempt to not reuse index values unless + a reboot has occurred. iSCSI connections are destroyed + during a reboot; rows in this table are not persistent + across reboots." + + + +Bakke, et al. Standards Track [Page 63] + +RFC 4544 iSCSI MIB May 2006 + + +::= { iscsiConnectionAttributesEntry 1 } + +iscsiCxnCid OBJECT-TYPE + SYNTAX Unsigned32 (1..65535) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The iSCSI Connection ID for this connection." +::= { iscsiConnectionAttributesEntry 2 } + +iscsiCxnState OBJECT-TYPE + SYNTAX INTEGER { + login(1), + full(2), + logout(3) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The current state of this connection, from an iSCSI negotiation + point of view. Here are the states: + + login - The transport protocol connection has been established, + but a valid iSCSI login response with the final bit set + has not been sent or received. + full - A valid iSCSI login response with the final bit set + has been sent or received. + logout - A valid iSCSI logout command has been sent or + received, but the transport protocol connection has + not yet been closed." +::= { iscsiConnectionAttributesEntry 3 } + +iscsiCxnAddrType OBJECT-TYPE + SYNTAX InetAddressType + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The type of Internet Network Addresses contained in the + corresponding instances of iscsiCxnLocalAddr and + iscsiCxnRemoteAddr. + The value 'dns' is not allowed." +::= { iscsiConnectionAttributesEntry 4 } + +iscsiCxnLocalAddr OBJECT-TYPE + SYNTAX InetAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + + + +Bakke, et al. Standards Track [Page 64] + +RFC 4544 iSCSI MIB May 2006 + + + "The local Internet Network Address, of the type specified + by iscsiCxnAddrType, used by this connection." +::= { iscsiConnectionAttributesEntry 5 } + +iscsiCxnProtocol OBJECT-TYPE + SYNTAX IscsiTransportProtocol + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The transport protocol over which this connection is + running." +::= { iscsiConnectionAttributesEntry 6 } + +iscsiCxnLocalPort OBJECT-TYPE + SYNTAX InetPortNumber + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The local transport protocol port used by this connection. + This object cannot have the value zero, since it represents + an established connection." +::= { iscsiConnectionAttributesEntry 7 } + +iscsiCxnRemoteAddr OBJECT-TYPE + SYNTAX InetAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The remote Internet Network Address, of the type specified + by iscsiCxnAddrType, used by this connection." +::= { iscsiConnectionAttributesEntry 8 } + +iscsiCxnRemotePort OBJECT-TYPE + SYNTAX InetPortNumber + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The remote transport protocol port used by this connection. + This object cannot have the value zero, since it represents + an established connection." +::= { iscsiConnectionAttributesEntry 9 } + +iscsiCxnMaxRecvDataSegLength OBJECT-TYPE + SYNTAX Unsigned32 (512..16777215) + UNITS "bytes" + MAX-ACCESS read-only + STATUS current + DESCRIPTION + + + +Bakke, et al. Standards Track [Page 65] + +RFC 4544 iSCSI MIB May 2006 + + + "The maximum data payload size supported for command + or data PDUs able to be received on this connection." + REFERENCE + "RFC 3720, Section 12.12, MaxRecvDataSegmentLength" +::= { iscsiConnectionAttributesEntry 10 } + +iscsiCxnMaxXmitDataSegLength OBJECT-TYPE + SYNTAX Unsigned32 (512..16777215) + UNITS "bytes" + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The maximum data payload size supported for command + or data PDUs to be sent on this connection." + REFERENCE + "RFC 3720, Section 12.12, MaxRecvDataSegmentLength" +::= { iscsiConnectionAttributesEntry 11 } + +iscsiCxnHeaderIntegrity OBJECT-TYPE + SYNTAX IscsiDigestMethod + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "This object identifies the iSCSI header + digest scheme in use within this connection." +::= { iscsiConnectionAttributesEntry 12 } + +iscsiCxnDataIntegrity OBJECT-TYPE + SYNTAX IscsiDigestMethod + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "This object identifies the iSCSI data + digest scheme in use within this connection." +::= { iscsiConnectionAttributesEntry 13 } + +iscsiCxnRecvMarker OBJECT-TYPE + SYNTAX TruthValue + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "This object indicates whether or not this connection + is receiving markers in its incoming data stream." + REFERENCE + "RFC 3720, Appendix A." +::= { iscsiConnectionAttributesEntry 14 } + +iscsiCxnSendMarker OBJECT-TYPE + + + +Bakke, et al. Standards Track [Page 66] + +RFC 4544 iSCSI MIB May 2006 + + + SYNTAX TruthValue + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "This object indicates whether or not this connection + is inserting markers in its outgoing data stream." + REFERENCE + "RFC 3720, Appendix A." +::= { iscsiConnectionAttributesEntry 15 } + +iscsiCxnVersionActive OBJECT-TYPE + SYNTAX Unsigned32 (0..255) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Active version number of the iSCSI specification negotiated + on this connection." + REFERENCE + "RFC 3720, Section 10.12, Login Request" +::= { iscsiConnectionAttributesEntry 16 } + +--********************************************************************** +-- Notifications + +iscsiTgtLoginFailure NOTIFICATION-TYPE + OBJECTS { + iscsiTgtLoginFailures, + iscsiTgtLastFailureType, + iscsiTgtLastIntrFailureName, + iscsiTgtLastIntrFailureAddrType, + iscsiTgtLastIntrFailureAddr + } + STATUS current + DESCRIPTION + "Sent when a login is failed by a target. + + To avoid sending an excessive number of notifications due + to multiple errors counted, an SNMP agent implementing this + notification SHOULD NOT send more than 3 notifications of + this type in any 10-second time period." +::= { iscsiNotifications 1 } + +iscsiIntrLoginFailure NOTIFICATION-TYPE + OBJECTS { + iscsiIntrLoginFailures, + iscsiIntrLastFailureType, + iscsiIntrLastTgtFailureName, + iscsiIntrLastTgtFailureAddrType, + + + +Bakke, et al. Standards Track [Page 67] + +RFC 4544 iSCSI MIB May 2006 + + + iscsiIntrLastTgtFailureAddr + } + STATUS current + DESCRIPTION + "Sent when a login is failed by an initiator. + + To avoid sending an excessive number of notifications due + to multiple errors counted, an SNMP agent implementing this + notification SHOULD NOT send more than 3 notifications of + this type in any 10-second time period." +::= { iscsiNotifications 2 } + +iscsiInstSessionFailure NOTIFICATION-TYPE + OBJECTS { + iscsiInstSsnFailures, + iscsiInstLastSsnFailureType, + iscsiInstLastSsnRmtNodeName + } + STATUS current + DESCRIPTION + "Sent when an active session is failed by either the initiator + or the target. + + To avoid sending an excessive number of notifications due + to multiple errors counted, an SNMP agent implementing this + notification SHOULD NOT send more than 3 notifications of + this type in any 10-second time period." +::= { iscsiNotifications 3 } + +--********************************************************************** + +-- Conformance Statements + +iscsiCompliances OBJECT IDENTIFIER ::= { iscsiConformance 1 } +iscsiGroups OBJECT IDENTIFIER ::= { iscsiConformance 2 } + +iscsiInstanceAttributesGroup OBJECT-GROUP + OBJECTS { + iscsiInstDescr, + iscsiInstVersionMin, + iscsiInstVersionMax, + iscsiInstVendorID, + iscsiInstVendorVersion, + iscsiInstPortalNumber, + iscsiInstNodeNumber, + iscsiInstSessionNumber, + iscsiInstSsnFailures, + iscsiInstLastSsnFailureType, + + + +Bakke, et al. Standards Track [Page 68] + +RFC 4544 iSCSI MIB May 2006 + + + iscsiInstLastSsnRmtNodeName, + iscsiInstDiscontinuityTime + } + STATUS current + DESCRIPTION + "A collection of objects providing information about iSCSI + instances." +::= { iscsiGroups 1 } + +iscsiInstanceSsnErrorStatsGroup OBJECT-GROUP + OBJECTS { + iscsiInstSsnDigestErrors, + iscsiInstSsnCxnTimeoutErrors, + iscsiInstSsnFormatErrors + } + STATUS current + DESCRIPTION + "A collection of objects providing information about + errors that have caused a session failure for an + iSCSI instance." +::= { iscsiGroups 2 } + +iscsiPortalAttributesGroup OBJECT-GROUP + OBJECTS { + iscsiPortalRowStatus, + iscsiPortalStorageType, + iscsiPortalRoles, + iscsiPortalAddrType, + iscsiPortalAddr, + iscsiPortalProtocol, + iscsiPortalMaxRecvDataSegLength, + iscsiPortalPrimaryHdrDigest, + iscsiPortalPrimaryDataDigest, + iscsiPortalSecondaryHdrDigest, + iscsiPortalSecondaryDataDigest, + iscsiPortalRecvMarker + } + STATUS current + DESCRIPTION + "A collection of objects providing information about + the transport protocol endpoints of the local targets." +::= { iscsiGroups 3 } + +iscsiTgtPortalAttributesGroup OBJECT-GROUP + OBJECTS { + iscsiTgtPortalPort, + iscsiTgtPortalTag + } + + + +Bakke, et al. Standards Track [Page 69] + +RFC 4544 iSCSI MIB May 2006 + + + STATUS current + DESCRIPTION + "A collection of objects providing information about + the transport protocol endpoints of the local targets." +::= { iscsiGroups 4 } + +iscsiIntrPortalAttributesGroup OBJECT-GROUP + OBJECTS { + iscsiIntrPortalTag + } + STATUS current + DESCRIPTION + "An object providing information about + the portal tags used by the local initiators." +::= { iscsiGroups 5 } + +iscsiNodeAttributesGroup OBJECT-GROUP + OBJECTS { + iscsiNodeName, + iscsiNodeAlias, + iscsiNodeRoles, + iscsiNodeTransportType, + iscsiNodeInitialR2T, + iscsiNodeImmediateData, + iscsiNodeMaxOutstandingR2T, + iscsiNodeFirstBurstLength, + iscsiNodeMaxBurstLength, + iscsiNodeMaxConnections, + iscsiNodeDataSequenceInOrder, + iscsiNodeDataPDUInOrder, + iscsiNodeDefaultTime2Wait, + iscsiNodeDefaultTime2Retain, + iscsiNodeErrorRecoveryLevel, + iscsiNodeDiscontinuityTime, + iscsiNodeStorageType + } + STATUS current + DESCRIPTION + "A collection of objects providing information about all + local targets." +::= { iscsiGroups 6 } + +iscsiTargetAttributesGroup OBJECT-GROUP + OBJECTS { + iscsiTgtLoginFailures, + iscsiTgtLastFailureTime, + iscsiTgtLastFailureType, + iscsiTgtLastIntrFailureName, + + + +Bakke, et al. Standards Track [Page 70] + +RFC 4544 iSCSI MIB May 2006 + + + iscsiTgtLastIntrFailureAddrType, + iscsiTgtLastIntrFailureAddr + } + STATUS current + DESCRIPTION + "A collection of objects providing information about all + local targets." +::= { iscsiGroups 7 } + +iscsiTargetLoginStatsGroup OBJECT-GROUP + OBJECTS { + iscsiTgtLoginAccepts, + iscsiTgtLoginOtherFails, + iscsiTgtLoginRedirects, + iscsiTgtLoginAuthorizeFails, + iscsiTgtLoginAuthenticateFails, + iscsiTgtLoginNegotiateFails + } + STATUS current + DESCRIPTION + "A collection of objects providing information about all + login attempts by remote initiators to local targets." +::= { iscsiGroups 8 } + +iscsiTargetLogoutStatsGroup OBJECT-GROUP + OBJECTS { + iscsiTgtLogoutNormals, + iscsiTgtLogoutOthers + } + STATUS current + DESCRIPTION + "A collection of objects providing information about all + logout events between remote initiators and local targets." +::= { iscsiGroups 9 } + +iscsiTargetAuthGroup OBJECT-GROUP + OBJECTS { + iscsiTgtAuthRowStatus, + iscsiTgtAuthStorageType, + iscsiTgtAuthIdentity + } + STATUS current + DESCRIPTION + "A collection of objects providing information about all + remote initiators that are authorized to connect to local + targets." +::= { iscsiGroups 10 } + + + + +Bakke, et al. Standards Track [Page 71] + +RFC 4544 iSCSI MIB May 2006 + + +iscsiInitiatorAttributesGroup OBJECT-GROUP + OBJECTS { + iscsiIntrLoginFailures, + iscsiIntrLastFailureTime, + iscsiIntrLastFailureType, + iscsiIntrLastTgtFailureName, + iscsiIntrLastTgtFailureAddrType, + iscsiIntrLastTgtFailureAddr + } + STATUS current + DESCRIPTION + "A collection of objects providing information about + all local initiators." +::= { iscsiGroups 11 } + +iscsiInitiatorLoginStatsGroup OBJECT-GROUP + OBJECTS { + iscsiIntrLoginAcceptRsps, + iscsiIntrLoginOtherFailRsps, + iscsiIntrLoginRedirectRsps, + iscsiIntrLoginAuthFailRsps, + iscsiIntrLoginAuthenticateFails, + iscsiIntrLoginNegotiateFails + } + STATUS current + DESCRIPTION + "A collection of objects providing information about all + login attempts by local initiators to remote targets." +::= { iscsiGroups 12 } + +iscsiInitiatorLogoutStatsGroup OBJECT-GROUP + OBJECTS { + iscsiIntrLogoutNormals, + iscsiIntrLogoutOthers + } + STATUS current + DESCRIPTION + "A collection of objects providing information about all + logout events between local initiators and remote targets." +::= { iscsiGroups 13 } + +iscsiInitiatorAuthGroup OBJECT-GROUP + OBJECTS { + iscsiIntrAuthRowStatus, + iscsiIntrAuthStorageType, + iscsiIntrAuthIdentity + } + STATUS current + + + +Bakke, et al. Standards Track [Page 72] + +RFC 4544 iSCSI MIB May 2006 + + + DESCRIPTION + "A collection of objects providing information about all + remote targets that are initiators of the local system + that they are authorized to access." +::= { iscsiGroups 14 } + +iscsiSessionAttributesGroup OBJECT-GROUP + OBJECTS { + iscsiSsnDirection, + iscsiSsnInitiatorName, + iscsiSsnTargetName, + iscsiSsnTSIH, + iscsiSsnISID, + iscsiSsnInitiatorAlias, + iscsiSsnTargetAlias, + iscsiSsnInitialR2T, + iscsiSsnImmediateData, + iscsiSsnType, + iscsiSsnMaxOutstandingR2T, + iscsiSsnFirstBurstLength, + iscsiSsnMaxBurstLength, + iscsiSsnConnectionNumber, + iscsiSsnAuthIdentity, + iscsiSsnDataSequenceInOrder, + iscsiSsnDataPDUInOrder, + iscsiSsnErrorRecoveryLevel, + iscsiSsnDiscontinuityTime + } + STATUS current + DESCRIPTION + "A collection of objects providing information applicable to + all sessions." +::= { iscsiGroups 15 } + +iscsiSessionPDUStatsGroup OBJECT-GROUP + OBJECTS { + iscsiSsnCmdPDUs, + iscsiSsnRspPDUs + } + STATUS current + DESCRIPTION + "A collection of objects providing information about PDU + traffic for each session." +::= { iscsiGroups 16 } + +iscsiSessionOctetStatsGroup OBJECT-GROUP + OBJECTS { + iscsiSsnTxDataOctets, + + + +Bakke, et al. Standards Track [Page 73] + +RFC 4544 iSCSI MIB May 2006 + + + iscsiSsnRxDataOctets + } + STATUS current + DESCRIPTION + "A collection of objects providing information about octet + traffic for each session using a Counter64 data type." +::= { iscsiGroups 17 } + +iscsiSessionLCOctetStatsGroup OBJECT-GROUP + OBJECTS { + iscsiSsnLCTxDataOctets, + iscsiSsnLCRxDataOctets + } + STATUS current + DESCRIPTION + "A collection of objects providing information about octet + traffic for each session using a Counter32 data type." +::= { iscsiGroups 18 } + +iscsiSessionCxnErrorStatsGroup OBJECT-GROUP + OBJECTS { + iscsiSsnCxnDigestErrors, + iscsiSsnCxnTimeoutErrors + } + STATUS current + DESCRIPTION + "A collection of objects providing information about connection + errors for all sessions." +::= { iscsiGroups 19 } + +iscsiConnectionAttributesGroup OBJECT-GROUP + OBJECTS { + iscsiCxnCid, + iscsiCxnState, + iscsiCxnProtocol, + iscsiCxnAddrType, + iscsiCxnLocalAddr, + iscsiCxnLocalPort, + iscsiCxnRemoteAddr, + iscsiCxnRemotePort, + iscsiCxnMaxRecvDataSegLength, + iscsiCxnMaxXmitDataSegLength, + iscsiCxnHeaderIntegrity, + iscsiCxnDataIntegrity, + iscsiCxnRecvMarker, + iscsiCxnSendMarker, + iscsiCxnVersionActive + } + + + +Bakke, et al. Standards Track [Page 74] + +RFC 4544 iSCSI MIB May 2006 + + + STATUS current + DESCRIPTION + "A collection of objects providing information about all + connections used by all sessions." +::= { iscsiGroups 20 } + +iscsiTgtLgnNotificationsGroup NOTIFICATION-GROUP + NOTIFICATIONS { + iscsiTgtLoginFailure + } + STATUS current + DESCRIPTION + "A collection of notifications that indicate a login + failure from a remote initiator to a local target." +::= { iscsiGroups 21 } + +iscsiIntrLgnNotificationsGroup NOTIFICATION-GROUP + NOTIFICATIONS { + iscsiIntrLoginFailure + } + STATUS current + DESCRIPTION + "A collection of notifications that indicate a login + failure from a local initiator to a remote target." +::= { iscsiGroups 22 } + +iscsiSsnFlrNotificationsGroup NOTIFICATION-GROUP + NOTIFICATIONS { + iscsiInstSessionFailure + } + STATUS current + DESCRIPTION + "A collection of notifications that indicate session + failures occurring after login." +::= { iscsiGroups 23 } + +--********************************************************************** + +iscsiComplianceV1 MODULE-COMPLIANCE + STATUS current + DESCRIPTION + "Initial version of compliance statement based on + initial version of this MIB module. + + If an implementation can be both a target and an + initiator, all groups are mandatory." + MODULE -- this module + MANDATORY-GROUPS { + + + +Bakke, et al. Standards Track [Page 75] + +RFC 4544 iSCSI MIB May 2006 + + + iscsiInstanceAttributesGroup, + iscsiInstanceSsnErrorStatsGroup, + iscsiPortalAttributesGroup, + iscsiNodeAttributesGroup, + iscsiSessionAttributesGroup, + iscsiSessionPDUStatsGroup, + iscsiSessionCxnErrorStatsGroup, + iscsiConnectionAttributesGroup, + iscsiSsnFlrNotificationsGroup + } + + -- Conditionally mandatory groups depending on the ability + -- to support Counter64 data types and/or to provide counter + -- information to SNMPv1 applications. + + GROUP iscsiSessionOctetStatsGroup + DESCRIPTION + "This group is mandatory for all iSCSI implementations + that can support Counter64 data types." + + GROUP iscsiSessionLCOctetStatsGroup + DESCRIPTION + "This group is mandatory for all iSCSI implementations + that provide information to SNMPv1-only applications; + this includes agents that cannot support Counter64 + data types." + + -- Conditionally mandatory groups to be included with + -- the mandatory groups when the implementation has + -- iSCSI target facilities. + + GROUP iscsiTgtPortalAttributesGroup + DESCRIPTION + "This group is mandatory for all iSCSI implementations + that have iSCSI target facilities." + + OBJECT iscsiPortalMaxRecvDataSegLength + MIN-ACCESS read-only + DESCRIPTION + "Write access is not required." + + OBJECT iscsiNodeStorageType + MIN-ACCESS read-only + DESCRIPTION + "Write access is not required; an implementation may + choose to allow this object to be set to 'volatile' + or 'nonVolatile'." + + + + +Bakke, et al. Standards Track [Page 76] + +RFC 4544 iSCSI MIB May 2006 + + + GROUP iscsiTargetAttributesGroup + DESCRIPTION + "This group is mandatory for all iSCSI implementations + that have iSCSI target facilities." + + GROUP iscsiTargetLoginStatsGroup + DESCRIPTION + "This group is mandatory for all iSCSI implementations + that have iSCSI target facilities." + + GROUP iscsiTargetLogoutStatsGroup + DESCRIPTION + "This group is mandatory for all iSCSI implementations + that have iSCSI target facilities." + + GROUP iscsiTgtLgnNotificationsGroup + DESCRIPTION + "This group is mandatory for all iSCSI implementations + that have iSCSI target facilities." + + GROUP iscsiTargetAuthGroup + DESCRIPTION + "This group is mandatory for all iSCSI implementations + that have iSCSI target facilities." + + -- Conditionally mandatory groups to be included with + -- the mandatory groups when the implementation has + -- iSCSI initiator facilities. + + GROUP iscsiIntrPortalAttributesGroup + DESCRIPTION + "This group is mandatory for all iSCSI implementations + that have iSCSI initiator facilities." + + GROUP iscsiInitiatorAttributesGroup + DESCRIPTION + "This group is mandatory for all iSCSI implementations + that have iSCSI initiator facilities." + + GROUP iscsiInitiatorLoginStatsGroup + DESCRIPTION + "This group is mandatory for all iSCSI implementations + that have iSCSI initiator facilities." + + GROUP iscsiInitiatorLogoutStatsGroup + DESCRIPTION + "This group is mandatory for all iSCSI implementations + that have iSCSI initiator facilities." + + + +Bakke, et al. Standards Track [Page 77] + +RFC 4544 iSCSI MIB May 2006 + + + GROUP iscsiIntrLgnNotificationsGroup + DESCRIPTION + "This group is mandatory for all iSCSI implementations + that have iSCSI initiator facilities." + + GROUP iscsiInitiatorAuthGroup + DESCRIPTION + "This group is mandatory for all iSCSI implementations + that have iSCSI initiator facilities." + + OBJECT iscsiNodeErrorRecoveryLevel + SYNTAX Unsigned32 (0..2) + DESCRIPTION + "Only values 0-2 are defined at present." + +::= { iscsiCompliances 1 } + +END + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +Bakke, et al. Standards Track [Page 78] + +RFC 4544 iSCSI MIB May 2006 + + +8. Security Considerations + + There are a number of management objects defined in this MIB module + with a MAX-ACCESS clause of read-write and/or read-create. Such + objects may be considered sensitive or vulnerable in some network + environments. The support for SET operations in a non-secure + environment without proper protection can have a negative effect on + network operations. These are the tables and objects and their + sensitivity/vulnerability: + + iscsiPortalAttributesTable, iscsiTgtPortalAttributesTable, and + iscsiIntrPortalAttributesTable can be used to add or remove IP + addresses to be used by iSCSI. + + iscsiTgtAuthAttributesTable entries can be added or removed, to + allow or disallow access to a target by an initiator. + + Some of the readable objects in this MIB module (i.e., objects with a + MAX-ACCESS other than not-accessible) may be considered sensitive or + vulnerable in some network environments. It is thus important to + control even GET and/or NOTIFY access to these objects and possibly + to even encrypt the values of these objects when sending them over + the network via SNMP. These are the tables and objects and their + sensitivity/vulnerability: + + iscsiNodeAttributesTable, iscsiTargetAttributesTable, and + iscsiTgtAuthorization can be used to glean information needed to + make connections to the iSCSI targets this module represents. + However, it is the responsibility of the initiators and targets + involved to authenticate each other to ensure that an + inappropriately advertised or discovered initiator or target does + not compromise their security. These issues are discussed in + [RFC3720]. + + SNMP versions prior to SNMPv3 did not include adequate security. + Even if the network itself is secure (for example by using IPsec), + even then, there is no control as to who on the secure network is + allowed to access and GET/SET (read/change/create/delete) the objects + in this MIB module. + + It is RECOMMENDED that implementors consider the security features as + provided by the SNMPv3 framework (see [RFC3410], section 8), + including full support for the SNMPv3 cryptographic mechanisms (for + authentication and privacy). + + Further, deployment of SNMP versions prior to SNMPv3 is NOT + RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to + enable cryptographic security. It is then a customer/operator + + + +Bakke, et al. Standards Track [Page 79] + +RFC 4544 iSCSI MIB May 2006 + + + responsibility to ensure that the SNMP entity giving access to an + instance of this MIB module is properly configured to give access to + the objects only to those principals (users) that have legitimate + rights to indeed GET or SET (change/create/delete) them. + +9. IANA Considerations + + The IANA has assigned a MIB OID number under the mib-2 branch for the + ISCSI-MIB. + +10. Normative References + + [RFC3720] Satran, J., Meth, K., Sapuntzakis, C., Chadalapaka, M., + and E. Zeidner, "Internet Small Computer Systems + Interface (iSCSI)", RFC 3720, March 2004. + + [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate + Requirement Levels", BCP 14, RFC 2119, March 1997. + + [RFC2578] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., + Rose, M., and S. Waldbusser, "Structure of Management + Information Version 2 (SMIv2)", STD 58, RFC 2578, April + 1999. + + [RFC2579] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., + Rose, M., and S. Waldbusser, "Textual Conventions for + SMIv2", STD 58, RFC 2579, April 1999. + + [RFC2580] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., + Rose, M., and S. Waldbusser, "Conformance Statements for + SMIv2", STD 58, RFC 2580, April 1999. + + [RFC4001] Daniele, M., Haberman, B., Routhier, S., and J. + Schoenwaelder, "Textual Conventions for Internet Network + Addresses", RFC 4001, February 2005. + + [RFC3411] Harrington, D., Presuhn, R., and B. Wijnen, "An + Architecture for Describing Simple Network Management + Protocol (SNMP) Management Frameworks", STD 62, RFC 3411, + December 2002. + + [RFC4545] Bakke, M. and J. Muchow, "Definitions of Managed Objects + for IP Storage User Identity Authorization", RFC 4545, + May 2006. + + + + + + + +Bakke, et al. Standards Track [Page 80] + +RFC 4544 iSCSI MIB May 2006 + + +11. Informative References + + [RFC3410] Case, J., Mundy, R., Partain, D., and B. Stewart, + "Introduction and Applicability Statements for Internet- + Standard Management Framework", RFC 3410, December 2002. + + [RFC4022] Raghunarayan, R., "Management Information Base for the + Transmission Control Protocol (TCP)", RFC 4022, March + 2005. + + [RFC4455] Hallak-Stamler, M., Bakke, M., Lederman, Y., Krueger, M., + and K. McCloghrie, "Definition of Managed Objects for + Small Computer System Interface (SCSI) Entities", RFC + 4455, April 2006. + +12. Acknowledgements + + In addition to the authors, several people contributed to the + development of this MIB module. Thanks especially to those who took + the time to participate in our weekly conference calls to build our + requirements, object models, table structures, and attributes: John + Hufferd, Tom McSweeney (IBM), Kevin Gibbons (Nishan Systems), Chad + Gregory (Intel), Jack Harwood (EMC), Hari Mudaliar (Adaptec), Ie Wei + Njoo (Agilent), Lawrence Lamers (SAN Valley), Satish Mali (Stonefly + Networks), and William Terrell (Troika). + + Special thanks to Tom McSweeney, Ie Wei Njoo, and Kevin Gibbons, who + wrote the descriptions for many of the tables and attributes in this + MIB module, to Ayman Ghanem for finding and suggesting changes for + many problems in this module, and to Keith McCloghrie for serving as + advisor to the team. + + + + + + + + + + + + + + + + + + + + +Bakke, et al. Standards Track [Page 81] + +RFC 4544 iSCSI MIB May 2006 + + +Authors' Addresses + + Mark Bakke + Cisco Systems, Inc + 7900 International Drive, Suite 400 + Bloomington, MN + USA 55425 + + EMail: mbakke@cisco.com + + + Marjorie Krueger + Hewlett-Packard + Networked Storage Architecture + Networked Storage Solutions Org. + 8000 Foothills Blvd. + Roseville, CA + USA 95747 + + EMail: marjorie_krueger@hp.com + + + Tom McSweeney + IBM Corporation + 600 Park Offices Drive + Research Triangle Park, NC + USA 27709 + + EMail: tommcs@us.ibm.com + + + James Muchow + Qlogic Corp. + 6321 Bury Drive + Eden Prairie, MN + USA 55346 + + EMail: james.muchow@qlogic.com + + + + + + + + + + + + + +Bakke, et al. Standards Track [Page 82] + +RFC 4544 iSCSI MIB May 2006 + + +Full Copyright Statement + + Copyright (C) The Internet Society (2006). + + This document is subject to the rights, licenses and restrictions + contained in BCP 78, and except as set forth therein, the authors + retain all their rights. + + This document and the information contained herein are provided on an + "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS + OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET + ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, + INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE + INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED + WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. + +Intellectual Property + + The IETF takes no position regarding the validity or scope of any + Intellectual Property Rights or other rights that might be claimed to + pertain to the implementation or use of the technology described in + this document or the extent to which any license under such rights + might or might not be available; nor does it represent that it has + made any independent effort to identify any such rights. Information + on the procedures with respect to rights in RFC documents can be + found in BCP 78 and BCP 79. + + Copies of IPR disclosures made to the IETF Secretariat and any + assurances of licenses to be made available, or the result of an + attempt made to obtain a general license or permission for the use of + such proprietary rights by implementers or users of this + specification can be obtained from the IETF on-line IPR repository at + http://www.ietf.org/ipr. + + The IETF invites any interested party to bring to its attention any + copyrights, patents or patent applications, or other proprietary + rights that may cover technology that may be required to implement + this standard. Please address the information to the IETF at + ietf-ipr@ietf.org. + +Acknowledgement + + Funding for the RFC Editor function is provided by the IETF + Administrative Support Activity (IASA). + + + + + + + +Bakke, et al. Standards Track [Page 83] + -- cgit v1.2.3