*New 12.1 series Release:
2020-04-17: XigmaNAS 12.1.0.4.7542 - released

*New 11.3 series Release:
2020-04-16: XigmaNAS 11.3.0.4.7538 - released!


We really need "Your" help on XigmaNAS https://translations.launchpad.net/xigmanas translations. Please help today!

Producing and hosting XigmaNAS costs money. Please consider donating for our project so that we can continue to offer you the best.
We need your support! eg: PAYPAL

Trying iSCSI for the first time with a ZFS vol

iSCSI over TCP/IP.
Forum rules
Set-Up GuideFAQsForum Rules
Post Reply
danzi
Starter
Starter
Posts: 66
Joined: 11 Nov 2012 23:24
Location: Budapest
Status: Offline

Trying iSCSI for the first time with a ZFS vol

#1

Post by danzi »

Hi guys,

Trying to share a disk with iSCSI for the first time. Trying iSCSI CTL, as this seems to be the new de-facto way to use iSCSI :?:

It is a Virtual Machine on an ESXi host with 4 disks. XigmaNAS 12.1.0.4 - Ingva (revision 7287).

2 are used for root on ZFS install, 2 other for the export test with iSCSI.

I have:
  • created a zfs mirror
  • created a pool
  • created a volume within the pool

Code: Select all

NAME                         USED  AVAIL  REFER  MOUNTPOINT
pool_01                     1.03G   733M    88K  /mnt/pool_01
pool_01/vol_01              1.03G  1.75G   456K  -
Also, checked dev option in the zfs volume so that it is visible under /dev :?:

Code: Select all

xigmanas: ~# cd /dev/zvol/pool_01/
xigmanas: pool_01# ls
vol_01
xigmanas: pool_01# 

I found, the ctld.conf is getting created under /var/etc, here it is:

Code: Select all

xigmanas: pool_01# cat /var/etc/ctl.conf 
# global settings
# auth-group configuration
auth-group ag0 {
auth-type chap
chap "oneuser" "onepassword"
}
# portal-group configuration
portal-group pg0 {
discovery-auth-group ag0
listen "192.168.0.51"
}
# lun configuration
lun lun_01 {
backend block
blocksize 8192
size "1G"
path "/dev/zvol/pool_01/vol_01"
}
# target configuration
target iqn.2020-06.local.xigmanas:target0 {
auth-group ag0
portal-group pg0
lun 0 "lun_01"
}
xigmanas: pool_01# 
However, with CHAP being in there, sometimes it accepts, sometimes it returns an error in XigmaNAS web interface, when trying to configure CHAP. Tried it without, bur coult not connect to it.

When trying ctld -f /var/etc/ctld.conf, I also get an error, that CHAP syntax is not good... :?:

The only difference I can see in there are the quotes, which the FreeBSD article does not have (https://www.freebsd.org/doc/handbook/network-iscsi.html)

Code: Select all

xigmanas: pool_01# ctld -f /var/etc/ctl.conf
ctld: error in configuration file at line 4 near 'chap': syntax error
ctld: configuration error; exiting
xigmanas: pool_01# 
What am I missing?

Thanks in advance
You do not have the required permissions to view the files attached to this post.
----------------------------------------------
Dell T130 - 32Gb ECC - ESXi 6.7
VM Full Instal - 11.2.0.4 - Omnius (revision 6005)
HP/LSI 9121-4i SAS2008 Pass Through mode
2 x 2Tb ZFS mirror
1 x 3Tb UFS
----------------------------------------------

User avatar
ms49434
Developer
Developer
Posts: 915
Joined: 03 Sep 2015 18:49
Location: Neuenkirchen-Vörden, Germany - GMT+1
Contact:
Status: Offline

Re: Trying iSCSI for the first time with a ZFS vol

#2

Post by ms49434 »

For satellite recording and timeshift, I've configured iSCSI between the satellite box and the NAS.
The configuration for the recording service is as follows:

Code: Select all

# global settings
# auth-group configuration
# ag0
auth-group ag0 {
	auth-type none
	initiator-name "iqn.1991-05.com.microsoft:thor.my.local"
	initiator-portal "192.168.207.211"
}
# portal-group configuration
# pg0
portal-group pg0 {
	discovery-auth-group ag0
	discovery-filter portal-name
	listen "192.168.207.35"
}
# lun configuration
# recorder01
lun recorder01 {
	backend block
	blocksize 4096
	device-type disk
	serial "RECORDER01"
	option vendor "FreeBSD"
	option product "iSCSI Disk"
	option revision "0123"
	option insecure_tpc on
	option reordering unrestricted
	option rpm 1
	option formfactor 3
	path "/dev/zvol/recorder/recorder01"
}
# target configuration
target iqn.2014-12.recorder01 {
	alias "recorder01"
	auth-group ag0
	portal-group pg0
	lun 0 "recorder01"
}
I found that the above lun configuration was perfectly accepted by Windows. A block size other than 4k was always problematic.
The zvol configuration, a volblocksize of 4k and volmode dev was configured:

Code: Select all

recorder/recorder01  type                  volume                 -
recorder/recorder01  creation              Sun Nov 25 22:38 2018  -
recorder/recorder01  used                  816G                   -
recorder/recorder01  available             563G                   -
recorder/recorder01  referenced            268G                   -
recorder/recorder01  reservation           none                   default
recorder/recorder01  volsize               768G                   local
recorder/recorder01  volblocksize          4K                     -
recorder/recorder01  checksum              on                     local
recorder/recorder01  compression           off                    local
recorder/recorder01  readonly              off                    default
recorder/recorder01  createtxg             20                     -
recorder/recorder01  copies                1                      default
recorder/recorder01  primarycache          all                    local
recorder/recorder01  secondarycache        all                    local
recorder/recorder01  logbias               throughput             local
recorder/recorder01  sync                  standard               local
recorder/recorder01  volmode               dev                    local
recorder/recorder01  redundant_metadata    all                    default
My suggestion is to initially configure ctl without chap until you get a stable connection, then add chap/mutual chap.
Start with simple username and password, then get more complex. Quote and double quote characters in username/password should be avoided.
1) XigmaNAS 12.1.0.4 amd64-embedded on a Dell T20 running in a VM on ESXi 6.7U3, 22GB out of 32GB ECC RAM, LSI 9300-8i IT mode in passthrough mode. Pool 1: 2x HGST 10TB, mirrored, L2ARC: Samsung 850 Pro; Pool 2: 1x Samsung 860 EVO 1TB, SLOG: Samsung SM883, services: Samba AD, CIFS/SMB, ftp, ctld, rsync, syncthing, zfs snapshots.
2) XigmaNAS 12.1.0.4 amd64-embedded on a Dell T20 running in a VM on ESXi 6.7U3, 8GB out of 32GB ECC RAM, IBM M1215 crossflashed, IT mode, passthrough mode, 2x HGST 10TB , services: rsync.

danzi
Starter
Starter
Posts: 66
Joined: 11 Nov 2012 23:24
Location: Budapest
Status: Offline

Re: Trying iSCSI for the first time with a ZFS vol

#3

Post by danzi »

Thank you.

Do I need to change the zfs volume's blocksize too? I could connect to it via windows - no auth and chap too at some point. But formatting never finished and then I couldn't even stop formatting. It said RPC server was unavailable.

UPDATE:
Wow, literally the only thing I changed is the 8k to 4k block in the LUN config, and Windows 10 was able to format the drive in a split second.

My Mac client though (via KernSafe iSCSI Initiator X app) is unable to format it.
----------------------------------------------
Dell T130 - 32Gb ECC - ESXi 6.7
VM Full Instal - 11.2.0.4 - Omnius (revision 6005)
HP/LSI 9121-4i SAS2008 Pass Through mode
2 x 2Tb ZFS mirror
1 x 3Tb UFS
----------------------------------------------

lks987
NewUser
NewUser
Posts: 2
Joined: 23 May 2020 09:21
Status: Offline

Re: Trying iSCSI for the first time with a ZFS vol

#4

Post by lks987 »

Any news about syntax error on chap / mutual-chap? Have the same error, no matter is quotes or not (i delete it thgrough CLI)

User avatar
ms49434
Developer
Developer
Posts: 915
Joined: 03 Sep 2015 18:49
Location: Neuenkirchen-Vörden, Germany - GMT+1
Contact:
Status: Offline

Re: Trying iSCSI for the first time with a ZFS vol

#5

Post by ms49434 »

lks987 wrote:
23 May 2020 11:23
Any news about syntax error on chap / mutual-chap? Have the same error, no matter is quotes or not (i delete it thgrough CLI)
The issue is not with chap or chap-mutual.
The configuration parser in ctld has an issue to identify "auth-type chap" properly because chap can be a parameter value but can also be a parameter name. If chap is used as a parameter value, it must be quoted. A fix will be committed soon.
As a workaround, set Auth Type to Undefined and add auth-type "chap" to the additional parameters in the auth-group configuration:
services_ctl_auth_group_edit.png
You do not have the required permissions to view the files attached to this post.
1) XigmaNAS 12.1.0.4 amd64-embedded on a Dell T20 running in a VM on ESXi 6.7U3, 22GB out of 32GB ECC RAM, LSI 9300-8i IT mode in passthrough mode. Pool 1: 2x HGST 10TB, mirrored, L2ARC: Samsung 850 Pro; Pool 2: 1x Samsung 860 EVO 1TB, SLOG: Samsung SM883, services: Samba AD, CIFS/SMB, ftp, ctld, rsync, syncthing, zfs snapshots.
2) XigmaNAS 12.1.0.4 amd64-embedded on a Dell T20 running in a VM on ESXi 6.7U3, 8GB out of 32GB ECC RAM, IBM M1215 crossflashed, IT mode, passthrough mode, 2x HGST 10TB , services: rsync.

lks987
NewUser
NewUser
Posts: 2
Joined: 23 May 2020 09:21
Status: Offline

Re: Trying iSCSI for the first time with a ZFS vol

#6

Post by lks987 »

ms49434 wrote:
23 May 2020 18:48
lks987 wrote:
23 May 2020 11:23
Any news about syntax error on chap / mutual-chap? Have the same error, no matter is quotes or not (i delete it thgrough CLI)
The issue is not with chap or chap-mutual.
The configuration parser in ctld has an issue to identify "auth-type chap" properly because chap can be a parameter value but can also be a parameter name. If chap is used as a parameter value, it must be quoted. A fix will be committed soon.
As a workaround, set Auth Type to Undefined and add auth-type "chap" to the additional parameters in the auth-group configuration:
services_ctl_auth_group_edit.png
thanks for answer! i'm already find a way myself. Just comment string "auth-type chap" or "auth-type mutual-chap" in ctl.conf and do ctld -f /var/etc/ctl.conf. Step-by-step:
1. Restart ctl service through web, getting error 1.
2. Go to shell, edit ctl.conf by commenting string "auth-type chap" or "auth-type mutual-chap"
3. do ctld -f /var/etc/ctl.conf

P.S.: As in shown in examples on https://www.freebsd.org/doc/handbook/network-iscsi.html, ctl.conf never contain string "auth-type chap / mutual-chap", if it is used. Only if "auth-group no-authentication".

Post Reply

Return to “iSCSI (Internet Small Computer Systems Interface)”