Manualshelf

User`s guide

ManualsBrandsChelsio Communications ManualsAdapterChelsio T5
121122123124125126127128129130
Chapter VII. iSCSI PDU Offload Target
Chelsio T5/T4 Unified Wire For Linux Page 124
Auth_CHAP_Policy=Mutual, the Chelsio iSCSI target will accept a relevant initiator if it does
a) no CHAP or
b) CHAP Mutual
With AuthMethod=None, regardless the setting of the key Auth_CHAP_Policy, the Chelsio iSCSI
target will only accept a relevant initiator if it does no CHAP.
With AuthMethod=CHAP, CHAP is enforced on the target:
i. Auth_CHAP_Policy=Oneway, the iSCSI target will accept a relevant initiator only if it does
a) CHAP Oneway or
b) CHAP Mutual
ii. Auth_CHAP_Policy=Mutual, the iSCSI node will accept a relevant initiator only if it does
a) CHAP Mutual
4.6. Target Access Control List (ACL) Configuration
The Chelsio iSCSI target supports iSCSI initiator authorization via an Access Control List (ACL).
ACL configuration is supported on a per-target basis. The creation of an ACL for a target
establishes:
Which iSCSI initiators are allowed to access it
The type of the access: read-writeor read-only
Possible SCSI layer associations of LUNs with the initiator
More than one initiator can be allowed to access a target and each initiator‟s access rights can
be independently configured.
The format for ACL rule is as follows:
ACL=[iname=<initiator name>][;<sip=<source ip addresses>]
[;dip=<destination ip addresses>][;lun=<lun_list>:<permissions>]
target:
TargetName=iqn.2006-02.com.chelsio.diskarray.san1
TargetDevice=/dev/sda
PortalGroup=1@102.50.50.25:3260
PortalGroup=2@102.60.60.25:3260
# initiator “iqn.2006-02.com.chelsio.san1” is allowed
# full read-write access to this target