Manualshelf

Brocade iSCSI Gateway Service Administrator's Guide - Supporting Fabric OS v5.3.0 (53-1000440-01, June 2007)

ManualsBrandsHP ManualsComputer AccessoriesHP Multi Protocol Extension Blade Advanced Upgrade E-LTU
31323334353637383940
iSCSI Gateway Service Administrator’s Guide 25
Publication Number: 53-1000440-01
Configuring discovery domains
3
Configuring discovery domains
This section explains how to configure access control between iSCSI initiators and iSCSI VTs
manually using discovery domains and discovery domain sets configured on the fabric.
If iSNS (internet storage name service) is enabled, then configure access control on the iSNS
server; discovery domains and discovery domain sets configured in Fabric OS are not supported if
the iSNS service is enabled on the fabric.
NOTE
If you do not configure either discovery domains or iSNS for access control, then any iSCSI initiator
on the IP network can access all iSCSI VTs (and therefore all FC targets) in the fabric.
A discovery domain (DD) controls iSCSI initiator access to iSCSI VTs. A DD is a group of
iSCSI initiators and iSCSI VTs identified by IQNs. The iSCSI initiators can access only the iSCSI VTs
that are in the DD to which they are assigned. When there are no discovery domains, all iSCSI
initiators can access all iSCSI VTs.
NOTE
All iSCSI components in a DD must be identified using IQNs, see “Identifying iSCSI components” on
page 4.
SHOWING ISCSI INITIATOR IQNS
Fabric OS temporarily stores the IQNs and IP addresses of iSCSI initiators that have logged in the
gateway. The iscsiCfg
--show initiator command displays all stored iSCSI initiator information.
NOTE
If an iSCSI initiator has more than one IP address, only one of the IP addresses is displayed.
To display iSCSI initiator IQNs
1. Connect and log in to the switch.
2. Enter the iscsiCfg
--show initiator command as follows:
switch:admin> iscsicfg --show initiator
Number of records found: 1
Name IP Address
iqn.1991-05.com.microsoft:host001.brocade.com 30.0.30.11
CREATING DISCOVERY DOMAINS
A discovery domain allows you to define the iSCSI initiator-to-iSCSI VT access.
To create a DD
1. Connect and log in to the switch.
2. Enter the iscsiCfg
--create dd command with the -d option as follows:
switch:admin> iscsicfg --create dd -d dd-host001 —m \
“iqn.1991-05.com.microsoft:host001.brocade.com,iqn.2006-10.com.example:disk001”
The operation completed successfully.