Site Navigation

Date:      Tue, 20 Apr 2021 14:49:11 -0600
From:      john <john@johnrshannon.com>
To:        freebsd-questions@freebsd.org
Subject:   Re: iSCSI and 13.0
Message-ID:  <4019a502-35fb-daff-9da1-53bfdcb020d4@johnrshannon.com>
In-Reply-To: <e9661187-bae4-9358-b3f8-e822da874ad5@johnrshannon.com>
References:  <e9661187-bae4-9358-b3f8-e822da874ad5@johnrshannon.com>

---

next in thread | previous in thread | raw e-mail | index | archive | help

---

[-- Attachment #1 --]
It seems to work fine when my initiator is running Linux with CHAP
authentication and with FreeBSD initiator using no authentication. After
connecting, using the iSCSI drive and disconnecting, /usr/sbin/ctld
remains running.

If I connect from a FreeBSD initiator using CHAP authentication ctld
terminates.

If I run "ctld -d" and initiate a connection from a FreeBSD initiator
with CHAP authentication I see:
[root@nas ~]# ctld -d
ctld: obtaining previously configured CTL luns from the kernel
ctld: CTL port 0 "camsim" wasn't managed by ctld;
ctld: CTL port 1 "ioctl" wasn't managed by ctld;
ctld: CTL port 2 "tpc" wasn't managed by ctld;
ctld: obtaining configuration from /etc/ctl.conf
ctld: auth-group "default" not defined; going with defaults
ctld: portal-group "default" not defined; going with defaults
ctld: opening pidfile /var/run/ctld.pid
ctld: adding lun "iqn.2000-05.com.johnrshannon:target0,lun,0"
ctld: adding lun "iqn.2000-05.com.johnrshannon:target1,lun,0"
ctld: adding lun "iqn.2000-05.com.johnrshannon:target2,lun,0"
ctld: adding lun "iqn.2000-05.com.johnrshannon:target3,lun,0"
ctld: adding lun "iqn.2000-05.com.johnrshannon:target4,lun,0"
ctld: adding lun "iqn.2000-05.com.johnrshannon:target5,lun,0"
ctld: adding lun "iqn.2000-05.com.johnrshannon:target6,lun,0"
ctld: adding lun "iqn.2000-05.com.johnrshannon:target7,lun,0"
ctld: adding port "group0-iqn.2000-05.com.johnrshannon:target0"
ctld: adding port "group0-iqn.2000-05.com.johnrshannon:target1"
ctld: adding port "group0-iqn.2000-05.com.johnrshannon:target2"
ctld: adding port "group0-iqn.2000-05.com.johnrshannon:target3"
ctld: adding port "group0-iqn.2000-05.com.johnrshannon:target4"
ctld: adding port "group0-iqn.2000-05.com.johnrshannon:target5"
ctld: adding port "group0-iqn.2000-05.com.johnrshannon:target6"
ctld: adding port "group0-iqn.2000-05.com.johnrshannon:target7"
ctld: not listening on portal-group "default", not assigned to any target
ctld: listening on 0.0.0.0, portal-group "group0"
ctld: incoming connection; not forking due to -d flag
ctld: accepted connection from 192.168.1.23; portal group "group0"
ctld: 192.168.1.23: setting session timeout to 60 seconds
ctld: 192.168.1.23: Capsicum capability mode enabled
ctld: 192.168.1.23: beginning Login Phase; waiting for Login PDU
ctld: 192.168.1.23: key received: "AuthMethod=None,CHAP"
ctld: 192.168.1.23: key received:
"InitiatorName=iqn.1994-09.org.freebsd:polya.johnrshannon.com"
ctld: 192.168.1.23: key received: "SessionType=Normal"
ctld: 192.168.1.23: key received:
"TargetName=iqn.2000-05.com.johnrshannon:target4"
ctld: 192.168.1.23 (iqn.1994-09.org.freebsd:polya.johnrshannon.com):
initiator requests to connect to target
"iqn.2000-05.com.johnrshannon:target4"; auth-group "ag4"
ctld: 192.168.1.23 (iqn.1994-09.org.freebsd:polya.johnrshannon.com):
CHAP authentication required
ctld: 192.168.1.23 (iqn.1994-09.org.freebsd:polya.johnrshannon.com): key
to send: "AuthMethod=CHAP"
ctld: 192.168.1.23 (iqn.1994-09.org.freebsd:polya.johnrshannon.com): key
to send: "TargetPortalGroupTag=257"
ctld: 192.168.1.23 (iqn.1994-09.org.freebsd:polya.johnrshannon.com):
beginning CHAP authentication; waiting for CHAP_A
ctld: 192.168.1.23 (iqn.1994-09.org.freebsd:polya.johnrshannon.com): key
received: "CHAP_A=5"
ctld: 192.168.1.23 (iqn.1994-09.org.freebsd:polya.johnrshannon.com):
sending CHAP_C, binary challenge size is 1024 bytes
ctld: 192.168.1.23 (iqn.1994-09.org.freebsd:polya.johnrshannon.com): key
to send: "CHAP_A=5"
ctld: 192.168.1.23 (iqn.1994-09.org.freebsd:polya.johnrshannon.com): key
to send: "CHAP_I=93"
ctld: 192.168.1.23 (iqn.1994-09.org.freebsd:polya.johnrshannon.com): key
to send:
"CHAP_C=0x422d337dd60ad86d8e30e8b95f03eea63353465a352c944e3427c9315ef0ebcb518a8b39455d64ebb2cfc1b073765d7a7ef02399da388ddf84e7f9ea8e1464152a7f6ac507611d69725ea2d4ce568ae995cf7f3e0d8372a6d6b9cb71004d7c126fcba777f0643ab526055437ff0dccba49758353822519d73ffae0e664a8d52e87c691b1b4a09c6efa1cc3633ae4e4ae5f4c4eba08d72cb07e6709d899ff14976f9c9ec56c33608f98695f5b34e1bc2db6a301cf809bce1b4f70d4b126c082e4b78b01b0974d804d421bb96ede80b842761bf2732370c6d114437de954d299c1132f2395943d5cfee83a0c409e23928be77ca5693d5daf8954983d909642bb7d0aef7feccb7abfe4ffbfda5854f7544f225d3aa8b663268088be9f1a5546c19dc86a84713709fcbe9cd5ac105654c702a93377cb953c6a39a16ae8a8b380aaf805d895441a4521ad07decd4adc1fabbf008e8c17ca7c1985e215a4bfbd547f02dd96b145e5f3191055898e2afb06b1f6177e1a6d2069d5c0d0a90414b3f7d056b6f5c77c4b64d5a3bc5126b40f0dc307aa78ab54314bdb6ad2094925c0ebc587f05e379fe5096a38564dfb8f8479c31e1b2c19cdf0d5a4dcb7663c57f2051e647dba628e844c1f9988a7dbf9625642070b902bcee7374cc646a5e33ca99c05ff3b730b6a52ca5c42368d77f5d90fad9f6b109bae
ctld: 192.168.1.23 (iqn.1994-09.org.freebsd:polya.johnrshannon.com):
waiting for CHAP_N/CHAP_R
ctld: 192.168.1.23 (iqn.1994-09.org.freebsd:polya.johnrshannon.com): key
received: "CHAP_N=polya"
ctld: 192.168.1.23 (iqn.1994-09.org.freebsd:polya.johnrshannon.com): key
received: "CHAP_R=0xad14e0cedbcb56b11dfc9f4038f321ae"
ctld: 192.168.1.23 (iqn.1994-09.org.freebsd:polya.johnrshannon.com):
authentication succeeded for user "polya"; transitioning to operational
parameter negotiation
ctld: 192.168.1.23 (iqn.1994-09.org.freebsd:polya.johnrshannon.com): key
received: "CHAP_N=polya"
ctld: 192.168.1.23 (iqn.1994-09.org.freebsd:polya.johnrshannon.com): key
received: "CHAP_R=0xad14e0cedbcb56b11dfc9f4038f321ae"
ctld: 192.168.1.23 (iqn.1994-09.org.freebsd:polya.johnrshannon.com):
initiator did not request target authentication
ctld: 192.168.1.23 (iqn.1994-09.org.freebsd:polya.johnrshannon.com):
Kernel limits are MaxRecvDataSegment=262144, max_send_dsl=262144,
MaxBurstLength=1048576, FirstBurstLength=1048576
ctld: 192.168.1.23 (iqn.1994-09.org.freebsd:polya.johnrshannon.com):
beginning operational parameter negotiation; waiting for Login PDU
ctld: 192.168.1.23 (iqn.1994-09.org.freebsd:polya.johnrshannon.com): key
received: "iSCSIProtocolLevel=2"
ctld: 192.168.1.23 (iqn.1994-09.org.freebsd:polya.johnrshannon.com): key
received: "HeaderDigest=None"
ctld: 192.168.1.23 (iqn.1994-09.org.freebsd:polya.johnrshannon.com): key
received: "DataDigest=None"
ctld: 192.168.1.23 (iqn.1994-09.org.freebsd:polya.johnrshannon.com): key
received: "ImmediateData=Yes"
ctld: 192.168.1.23 (iqn.1994-09.org.freebsd:polya.johnrshannon.com): key
received: "MaxBurstLength=1048576"
ctld: 192.168.1.23 (iqn.1994-09.org.freebsd:polya.johnrshannon.com): key
received: "FirstBurstLength=1048576"
ctld: 192.168.1.23 (iqn.1994-09.org.freebsd:polya.johnrshannon.com): key
received: "InitialR2T=Yes"
ctld: 192.168.1.23 (iqn.1994-09.org.freebsd:polya.johnrshannon.com): key
received: "MaxOutstandingR2T=1"
ctld: 192.168.1.23 (iqn.1994-09.org.freebsd:polya.johnrshannon.com): key
received: "MaxRecvDataSegmentLength=262144"
ctld: 192.168.1.23 (iqn.1994-09.org.freebsd:polya.johnrshannon.com): key
received: "DefaultTime2Wait=0"
ctld: 192.168.1.23 (iqn.1994-09.org.freebsd:polya.johnrshannon.com): key
received: "DefaultTime2Retain=0"
ctld: 192.168.1.23 (iqn.1994-09.org.freebsd:polya.johnrshannon.com): key
received: "ErrorRecoveryLevel=0"
ctld: 192.168.1.23 (iqn.1994-09.org.freebsd:polya.johnrshannon.com): key
to send: "iSCSIProtocolLevel=2"
ctld: 192.168.1.23 (iqn.1994-09.org.freebsd:polya.johnrshannon.com):
initiator prefers not to do header digest; we'll comply
ctld: 192.168.1.23 (iqn.1994-09.org.freebsd:polya.johnrshannon.com): key
to send: "HeaderDigest=None"
ctld: 192.168.1.23 (iqn.1994-09.org.freebsd:polya.johnrshannon.com):
initiator prefers not to do data digest; we'll comply
ctld: 192.168.1.23 (iqn.1994-09.org.freebsd:polya.johnrshannon.com): key
to send: "DataDigest=None"
ctld: 192.168.1.23 (iqn.1994-09.org.freebsd:polya.johnrshannon.com): key
to send: "ImmediateData=Yes"
ctld: 192.168.1.23 (iqn.1994-09.org.freebsd:polya.johnrshannon.com): key
to send: "MaxBurstLength=1048576"
ctld: 192.168.1.23 (iqn.1994-09.org.freebsd:polya.johnrshannon.com): key
to send: "FirstBurstLength=1048576"
ctld: 192.168.1.23 (iqn.1994-09.org.freebsd:polya.johnrshannon.com): key
to send: "InitialR2T=Yes"
ctld: 192.168.1.23 (iqn.1994-09.org.freebsd:polya.johnrshannon.com): key
to send: "MaxOutstandingR2T=1"
ctld: 192.168.1.23 (iqn.1994-09.org.freebsd:polya.johnrshannon.com): key
to send: "MaxRecvDataSegmentLength=262144"
ctld: 192.168.1.23 (iqn.1994-09.org.freebsd:polya.johnrshannon.com): key
to send: "DefaultTime2Wait=0"
ctld: 192.168.1.23 (iqn.1994-09.org.freebsd:polya.johnrshannon.com): key
to send: "DefaultTime2Retain=0"
ctld: 192.168.1.23 (iqn.1994-09.org.freebsd:polya.johnrshannon.com): key
to send: "ErrorRecoveryLevel=0"
ctld: 192.168.1.23 (iqn.1994-09.org.freebsd:polya.johnrshannon.com):
operational parameter negotiation done; transitioning to Full Feature Phase
ctld: 192.168.1.23 (iqn.1994-09.org.freebsd:polya.johnrshannon.com):
connection handed off to the kernel
ctld: 192.168.1.23 (iqn.1994-09.org.freebsd:polya.johnrshannon.com):
nothing more to do; exiting



On 4/20/21 1:59 PM, john via freebsd-questions wrote:
> Has anything changed in either the target or initiator in 13.0 that
> requires a configuration change? Specifically, with respect to chap
> authentication?
> 
> I'm asking because a setup with a FreeBSD target and multiple FreeBSD
> initiators stopped working consistently after upgrading to 13.0.
> 

-- 
John R. Shannon
john@johnrshannon.com


[-- Attachment #2 --]
0�	*�H��

��0�

10
	`�H
e
0�	*�H��


���0��0�Ӡ
@
p�	��1WA��#0
	*�H��


0:10	UUS10U
	IdenTrust10UTrustID CA A130
200317181309Z
230317181309Z0��1.0,U%Verified Email: john@johnrshannon.com1$0"	*�H��

	
john@johnrshannon.com1/0-
	�&���,d

A01410D00000170E9B30998000105F30�
"0
	*�H��



�
0�

�

�۫�������>�/��ڂ��b�
�F��K��/3�d��
ѐimX�%(��[[k����3�����mi><���#H<KT��U�ݓ�p��>��-�ۙy�p&ȏ,��W���gu�@�����(�7,����M�ŵ�;z4�c�}���UV��L
-��<����m�@�^P2��>�l�ҡe�PL��]�/���"ǔ����:@	�%�va�*�\�;J~���URM�����I�[�g���s�
�q

���0��0U

��0��+


x0v00+
0
�$http://commercial.ocsp.identrust.com0B+
0�6http://validation.identrust.com/certs/trustidcaa13.p7c0U#0�-��Y~*�.�����^�0	U00�
+U �
"0�
0�
`�H
��/
0�
	0J+

>https://secure.identrust.com/certificates/policy/ts/index.html0��+
0����This TrustID Certificate has been issued in accordance with IdenTrust's TrustID Certificate Policy found at https://secure.identrust.com/certificates/policy/ts/index.html0EU>0<0:�8�6�4http://validation.identrust.com/crl/trustidcaa13.crl0 U0�john@johnrshannon.com0U������ww�=��������0U%0+
+
0
	*�H��


�

��
���
aUu=��;
�#�O\���r�
�{AT�h�h�|�ZtR��\�7�C"BUi�(_�U�?����*R��wy��:!���o��O��VG��M�^�õ�b
;>�O����9�Oɡ�F��O�Iy�2�,��������Xt�kB(�:%�kGOP�9ޠ��ti������=|N�R�L�B�5�'F;Y�{N��键��K�*P(���%����9��״7t�ٷ/s���	�bb�����0��0��
@
p;:����<����0
	*�H��


0J10	UUS10U
	IdenTrust1'0%UIdenTrust Commercial Root CA 10
200212210749Z
300212210749Z0:10	UUS10U
	IdenTrust10UTrustID CA A130�
"0
	*�H��



�
0�

�

��;MR?}<ϐu�
ĬI6�
�
>fޢţOВ��7~HnK¬AZ9΀��v\ �#^7���+>�+���e�
QtJ�����B~��z��G�ג�3q����t(QR�"��y�Zy�i���΅JUH9�97�㍮\e��V8'�[��ۋ3��\��Y�oH}��ҚG_���bYǗۏ��ͅ$u��&�@
c����ݺ����p�_<��}C��<����`���D^p~A���;�O:	Ɲ���6W

���0��0U

�0

�
0U

�
�0��+


}0{00+
0
�$http://commercial.ocsp.identrust.com0G+
0�;http://validation.identrust.com/roots/commercialrootca1.p7c0U#0��D�����{�B�&TȎ6v0�
$U �
0�
0�
U 0�
	0J+

>https://secure.identrust.com/certificates/policy/ts/index.html0��+
0����This TrustID Certificate has been issued in accordance with IdenTrust's TrustID Certificate Policy found at https://secure.identrust.com/certificates/policy/ts/index.html0JUC0A0?�=�;�9http://validation.identrust.com/crl/commercialrootca1.crl0U-��Y~*�.�����^�0U%0+
+
0
	*�H��


�
������xkM�{{L�O�,ż1vnEXT�_��}�&X
<P�{q� �KFk�>�mҨݥ�3�5����\�K=�7��l��q^��˷p'��-L<�I�o�}�U޸lx(uVm��=��V�o=�0�����2
'��
����O�מ��&�2픀c�������j�g������G�m���<B�gz^���pm�M-��w���[�B�k��=*%����oIj����|�', E+k8J��ဍ�\n�F[8(�p�P}���,�r��k'��(H��f'�
�	�w�5���u�~�}�� 9��y����?~�</�
P��$;(�.s�}�P[
"� \j���;J�[�Q������$�ӱ��m��z�����
�/�+Z�̝�O��<�<�t)z
��.R�rNM��̸
��p/�a�,������x�*�47
�]��K��ɲ�
��4p1g��lr,�t�6YrLNq��R�����KPG��.�fB���
K���d32
��[m�w�01�0�

0N0:10	UUS10U
	IdenTrust10UTrustID CA A13@
p�	��1WA��#0
	`�H
e
��
�0	*�H��

	1	*�H��


0	*�H��

	1
210420204911Z0/	*�H��

	1" P@ãB���Df��ϗ��Z�󔻮k�0]	+

�71P0N0:10	UUS10U
	IdenTrust10UTrustID CA A13@
p�	��1WA��#0_*�H��

	1P�N0:10	UUS10U
	IdenTrust10UTrustID CA A13@
p�	��1WA��#0l	*�H��

	1_0]0	`�H
e
*0	`�H
e
0
*�H��
0*�H��
�0
*�H��

@0+0
*�H��

(0
	*�H��



�
�t���.a�l/����?ͨ�#4���Sr��u���!,��0���9k+7!�xi��֭�VK�=+O��4�e~j.f]�ٔ�3���ZOAhڨ��#N��鍢�TGMܨ�|/Mo��#$�K!\%wX�̡�\���b����K8�!}=�	S�E���Tft��l
Ә
�1<o�i��M1T�XA�#���㶖�f.?x��d���O�)u͠�7K�jtv���[����
]��L�k�t��q�Ջu@��b

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4019a502-35fb-daff-9da1-53bfdcb020d4>

Legal Notices | © 1995-2025 The FreeBSD Project. All rights reserved.

Contact