How to use FreeBSD as a ISCI Target and Initiator (with CHAP)


June 2011.

How to use FreeBSD as a ISCSI Target and Initiator



FreeBSD 8 as a Target


System used:

uname -a
FreeBSD lan-test-pbx.example.fr 8.0-RELEASE FreeBSD 8.0-RELEASE #0: Sat Nov 21 15:48:17 UTC 2009 root@almeida.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC i386

The server's IP address is 192.168.3.156 and the network is 192.168.3.0/24.

Install the iscsi target port:

cd /usr/ports/net/istgt/
make install clean

Copy and edit the sample configuration files

cd /usr/local/etc/istgt
cp auth.conf.sample auth.conf
cp istgt.conf.sample istgt.conf
cp istgtcontrol.conf.sample istgtcontrol.conf

istgt.conf:

[Global]
Comment "Global section"
NodeBase "iqn.2011-06.net.example.tests"
DiscoveryAuthMethod CHAP
DiscoveryAuthGroup AuthGroup9999

#The following values were not editied
PidFile /var/run/istgt.pid
AuthFile /usr/local/etc/istgt/auth.conf
MediaDirectory /var/istgt
LogFacility "local7"

Timeout 30
NopInInterval 20

MaxSessions 16
MaxConnections 4
MaxR2T 32
MaxOutstandingR2T 16
DefaultTime2Wait 2
DefaultTime2Retain 60
FirstBurstLength 262144
MaxBurstLength 1048576
MaxRecvDataSegmentLength 262144
InitialR2T Yes
ImmediateData Yes
DataPDUInOrder Yes
DataSequenceInOrder Yes
ErrorRecoveryLevel 0

#Unit controller
[UnitControl]
Comment "Internal Logical Unit Controller"
AuthMethod CHAP Mutual
AuthGroup AuthGroup10000
Portal UC1 127.0.0.1:3261
Netmask 127.0.0.1

#Portal of the Test Disk
[PortalGroup1]
Comment "SINGLE PORT TEST"
Portal DA1 192.168.3.156:3260

#Initiators for the Test Disk
[InitiatorGroup1]
Comment "Initiator Group1"
InitiatorName "iqn.2011-06.net.example.tests:virtual175"
Netmask 192.168.3.0/24

#Test Disk
[LogicalUnit1]
Comment "Test Disk"
TargetName testdisk
TargetAlias "ISCSI Test Disk"

Mapping PortalGroup1 InitiatorGroup1
AuthMethod CHAP
AuthGroup AuthGroup1
UseDigest Auto
UnitType Disk
LUN0 Storage /usr/local/iscsi/testdisk 100MB



auth.conf:

[AuthGroup1]
Comment "Group for the Test Disk"
Auth "iqn.2011-06.net.example.tests:virtual175" "between12and16"

[AuthGroup9999]
Comment "Group for discovery"
Auth "iqn.2011-06.net.example.tests:discoverer" "discovermenow"

[AuthGroup10000]
Comment "Group for unit controller"
Auth "ctluser" "test" "mutualuser" "mutualsecret"

istgtcontrol.conf:

[Global]
Comment "Sample Configuration"
Timeout 60

AuthMethod CHAP Mutual
Auth "ctluser" "test" "mutualuser" "mutualsecret"

Host localhost
Port 3261

TargetName "iqn.2011-06.net.example.tests:testdisk"
Lun 0

Flags "ro"
Size "auto"

Create the disk:

dd if=/dev/zero of=/usr/local/iscsi/testdisk bs=`expr 1024 \* 1024` count=100

Restart the server:

$/usr/local/etc/rc.d/istgt restart
Starting istgt.
istgt version 0.4 (20110223)
traditional mode
LU1 HDD UNIT
LU1: LUN0 file=/usr/local/iscsi/testdisk, size=104857600
LU1: LUN0 204800 blocks, 512 bytes/block
LU1: LUN0 100MB storage for iqn.2011-06.net.example.tests:testdisk
LU1: LUN0 command queuing disabled

Test the connection:

$istgtcontrol list
lun0 storage "/usr/local/iscsi/testdisk" 104857600
DONE LIST command


Windows XP as an initiator


Download and install the Microsoft iSCSI Software Initiator Version 2.08.

Start the initiator in your start menu. Configure it to have the right node name:
Image

Add a new portal to activate the discovery:
Image

Log in to the target:
Image

The disk is now present and can be formatted (here in FAT32).
Image

Once mounted, files and folders can be created:
Image

Once you're done, log off the target to disconnect it:
Image

FreeBSD 8 as an initiator


System used:

uname -a
FreeBSD fbsd.localdomain 8.2-RELEASE FreeBSD 8.2-RELEASE #0: Fri Jun 10 10:17:58 CEST 2011 root@fbsd.localdomain:/usr/obj/usr/src/sys/ISCSIKERNEL i386

Discovery


Without CHAP:

$iscontrol -d -t 192.168.3.156 firstBurstLength=65535 maxBurstLength=262144 InitiatorName=iqn.2011-06.net.example.tests:virtual175
0x0201: Authentication failure

With CHAP:

$iscontrol -d -t 192.168.3.156 firstBurstLength=65535 maxBurstLength=262144 InitiatorName=iqn.2011-06.net.example.tests:virtual175 authMethod=CHAP chapIName=iqn.2011-06.net.example.tests:discoverer chapSecret=discovermenow TargetName=iqn.2011-06.net.example.tests:testdisk TargetAddress=192.168.3.156:3260,1

Connection


Configure the connection in /etc/isci.conf:

port = 3260

testdisk {
targetaddress = 192.168.3.156:3260,1
targetname = iqn.2011-06.net.example.tests:testdisk
initiatorname = iqn.2011-06.net.example.tests:virtual175
authmethod = CHAP
chapIName = iqn.2011-06.net.example.tests:virtual175
chapsecret = between12and16
firstBurstLength = 65535
maxBurstLength = 262144
}

Connect:

$iscontrol -c /etc/iscsi.conf -n testdisk
iscontrol[4562]: running
iscontrol[4562]: (pass0:iscsi0:0:0:0): tagged openings now 0

Check:

$ls -l /dev/iscsi*
crw------- 1 root wheel 0, 29 Jun 21 10:02 /dev/iscsi
crw------- 1 root wheel 0, 29 Jun 21 10:02 /dev/iscsi
crw------- 1 root wheel 0, 95 Jun 22 14:04 /dev/iscsi0

$ls -l /dev/da*
crw-r----- 1 root operator 0, 98 Jun 22 14:04 /dev/da0
crw-r----- 1 root operator 0, 99 Jun 22 14:04 /dev/da0s1

The disk contains a single partition formatted as FAT32 by Windows.

$mount -t msdosfs /dev/da0s1 /mnt/iscsi
$ls -l /mnt/iscsi/
total 5
drwxr-xr-x 1 root wheel 1024 Jun 8 16:26 System Volume Information
-rwxr-xr-x 1 root wheel 3 Jun 8 16:26 fichier1.txt
-rwxr-xr-x 1 root wheel 6 Jun 8 16:26 fichier2.txt
drwxr-xr-x 1 root wheel 1024 Jun 8 16:26 poulet
-rwxr-xr-x 1 root wheel 8 Jun 22 11:23 truite.txt

The files and folders are present.

When you're done:

$umount /mnt/iscsi/

$ps aux | grep iscontrol
root 4562 0.0 0.5 3460 1312 ?? Is 2:04PM 0:00.01 iscontrol -c /etc/iscsi.conf -n testdisk
$kill -s HUP 4562
iscontrol[4562]: trapped signal 1
trapped signal 1
iscontrol: supervise going down
iscontrol[4562]: sess flags=20000407
iscontrol[4562]: terminated

Sources: