# istgt setup not working



## romihs (Jan 9, 2013)

Hello, 

I am attempting to share a zfs volume via iscsi, but I can not get the volume shared.

When I restart *istgt*, everything seams fine:

```
# /usr/local/etc/rc.d/istgt restart
Stopping istgt.
Waiting for PIDS: 953.
Starting istgt.
istgt version 0.5 (20121028)
normal mode
using kqueue
using host atomic
LU1 HDD UNIT
LU1: LUN0 file=/dev/zvol/tank/iscsi/vmvols/win7, size=171798691840
LU1: LUN0 335544320 blocks, 512 bytes/block
LU1: LUN0 160.0GB storage for iqn.2013-01.net.fbsdsrv.iscsitgt:win7
LU1: LUN0 serial 10000001
LU1: LUN0 read cache enabled, write cache enabled
LU1: LUN0 command queuing enabled, depth 32
```

However, when I want to confirm that the target has been properly setup, I don't see any targets:

```
# istgtcontrol list
ERROR no target
ABORT LIST command
```

And naturally, when I try and connect to the target from my linux system, it also does not find any targets:

```
# iscsiadm  -m discovery -t st -p 192.168.1.110
iscsiadm: No portals found
```

My configuration files are:

```
# cat /usr/local/etc/istgt/istgt.conf
[Global]
  Comment "Global section"
  NodeBase "iqn.2013-01.net.fbsdsrv.iscsitgt"
  DiscoveryAuthMethod CHAP
  DiscoveryAuthGroup AuthGroup9999

  #The following values were not editied
  PidFile /var/run/istgt.pid
  AuthFile /usr/local/etc/istgt/auth.conf
  MediaDirectory /var/istgt
  LogFacility "local7"

  Timeout 30
  NopInInterval 20
 
  MaxSessions 16
  MaxConnections 4
  MaxR2T 32
  MaxOutstandingR2T 16
  DefaultTime2Wait 2
  DefaultTime2Retain 60
  FirstBurstLength 262144
  MaxBurstLength 1048576
  MaxRecvDataSegmentLength 262144
  InitialR2T Yes
  ImmediateData Yes
  DataPDUInOrder Yes
  DataSequenceInOrder Yes
  ErrorRecoveryLevel 0

#Unit controller
[UnitControl]
  Comment "Internal Logical Unit Controller"
  AuthMethod CHAP Mutual
  AuthGroup AuthGroup10000
  Portal UC1 127.0.0.1:3261
  Netmask 127.0.0.1
 
#Portal of the Win7 Disk
[PortalGroup1]
  Comment "SINGLE PORT TEST"
  Portal DA1 192.168.1.110:3260

# Initiators for the Win7 Disk
[InitiatorGroup1]
  Comment "Initiator Group1"
  InitiatorName "iqn.2013-01.net.fbsdsrv.iscsitgt:win7"
  Netmask 192.168.1.0/24
 
# Win7 Disk
[LogicalUnit1]
  Comment "Win7 Disk"
  TargetName win7
  TargetAlias "Win7 System Disk"
 
  Mapping PortalGroup1 InitiatorGroup1
  AuthMethod CHAP
  AuthGroup AuthGroup1
  UseDigest Auto
  UnitType Disk
  LUN0 Storage /dev/zvol/tank/iscsi/vmvols/win7 160GB
```


```
# cat /usr/local/etc/istgt/auth.conf
[AuthGroup1]
  Comment "Group for the Test Disk"
  Auth "iqn.2013-01.net.fbsdsrv.iscsitgt:win7"  "win7123"
 
[AuthGroup9999]
  Comment "Group for discovery"
  Auth "iqn.2013-01.net.fbsdsrv.iscsitgt:discoverer"  "discover123"
 
[AuthGroup10000]
  Comment "Group for unit controller"
  Auth "ctluser" "test" "mutualuser" "mutualsecret"
```


```
# cat /usr/local/etc/istgt/istgtcontrol.conf
[Global]
  Comment "Sample Configuration"
  Timeout 60
 
  AuthMethod CHAP Mutual
  Auth "ctluser" "test" "mutualuser" "mutualsecret"
 
  Host localhost
  Port 3261
 
  TargetName "qn.2013-01.net.fbsdsrv.iscsitgt:win7disk"
  Lun 0
 
  Flags "ro"
  Size "auto"
```

I have not been able to find much online about the *istgtcontrol list* error I am getting.
Can anyone point me in the right direction?


Regards

Sandi


----------



## abhay4589 (Jan 9, 2013)

Here is my working configuration:
http://pastebin.com/jy0LEx8q
http://pastebin.com/K1vhK530

```
InitiatorName "iqn.2013-01.net.fbsdsrv.iscsitgt:win7"
```
Change that to

```
InitiatorName "ALL"
```
because you will have username and password.

```
LUN0 Storage /dev/zvol/tank/iscsi/vmvols/win7 160GB
```
to

```
LUN0 Storage /dev/zvol/tank/iscsi/vmvols/win7 Auto
```
If you want to have look at mounted volume please see this link:
http://flic.kr/p/dKhFbL

Here is my *istgtcontrol* shot:
http://flic.kr/p/dKcbE6

I needed to reboot server also.


----------



## romihs (Jan 14, 2013)

Thanks for the reply.

I have tried what you suggest, but it does not help, I still do not see any targets when running the *istgtcontrol list* command.

I have FreeBSD running in a XEN domain, but seeing as it is running nicely and I can access the SAS2008 card that is passed through to it, I am assuming that there are no issues with the OS which would be causing this. But I may be wrong...

I should check the version of *istgt* that I have installed.


----------



## abhay4589 (Jan 14, 2013)

Disable all authentication and try again, In your case istgtcontrol is not showing up anything so Problem might be with Configuration file.
I did have another look at your config file, This is error that I could spot:

```
TargetName "qn.2013-01.net.fbsdsrv.iscsitgt:win7disk"
```
Correct it to:

```
TargetName "iqn.2013-01.net.fbsdsrv.iscsitgt:win7disk"
```
This is just for UnitController.

As far as from Linux box's point of view, Do you have any firewall enabled in between then Open appropriate port:3260

istgt is initiating target so you have reached 99% of config.
If still not working follow up with another post will reply quick.


----------



## romihs (Jan 15, 2013)

I will disable the authentication tonight.
Just, how does one disable the authentication, do I just comment out the _Auth_ lines in _auth.conf_?

Yeah, I spotted that typo and have already fixed that.

I do not have a router between the freeBSD and Linux boxes. They are both on the same subnet.

Let me test this tonight and I will let you know what happens.
Thanks for the help.


----------



## abhay4589 (Jan 15, 2013)

No you will have to specify 
	
	



```
AuthMethod None
```
 in your istgt.conf  file.
Is firewall enabled on FreeBSD box which would block port:3160? If so then open up that port.

However If you are not able to get it done, Consider using freenas or nas4free Both provide webui to configure iscsi initiators.


----------



## romihs (Jan 15, 2013)

Still no luck...

When I set the AuthMethod to None and try to list the targets, I get:

```
# istgtcontrol list
ERROR auth not required
AUTH failed
```

This is a bit confusing.


I have checked that I do not have any firewalls enabled and that port 3260 is open:

```
# netstat -an
Active Internet connections (including servers)
Proto Recv-Q Send-Q Local Address          Foreign Address        (state)
tcp4       0      0 192.168.1.110.3260     *.*                    LISTEN
```

I am using version 20121028 of istgt.


----------



## abhay4589 (Jan 15, 2013)

We are not able to get to bottom of issue.

Why don't you consider using  freenas or nas4free.

I have it running pretty reliably, small setup though.
Problem lies somewhere else because your config is almost same as mine and I have it working.


----------



## romihs (Jan 16, 2013)

Wow! I got it working!

I am not sure where I made the mistake, but I used the supplied sample config files, and just changed the IP addresses and path to the zfs volume I want to share, restarted istgt and searched for the target from the linux box, and there it was.

I am including the config files again if you (or anyone else) can see where I made the error.


```
# cat istgt.conf
[Global]
  Comment "Global section"
  # node name (not include optional part)
  NodeBase "iqn.2013-01.freebsd.domu.istgt"

  # files
  PidFile /var/run/istgt.pid
  AuthFile /usr/local/etc/istgt/auth.conf

  # directories
  # for removable media (virtual DVD/virtual Tape)
  MediaDirectory /var/istgt

  # syslog facility
  LogFacility "local7"

  # socket I/O timeout sec. (polling is infinity)
  Timeout 30
  # NOPIN sending interval sec.
  NopInInterval 20

  # authentication information for discovery session
  DiscoveryAuthMethod Auto
  #DiscoveryAuthGroup AuthGroup9999

  # reserved maximum connections and sessions
  # NOTE: iSCSI boot is 2 or more sessions required
  MaxSessions 16
  MaxConnections 4

  # maximum number of sending R2T in each connection
  # actual number is limited to QueueDepth and MaxCmdSN and ExpCmdSN
  # 0=disabled, 1-256=improves large writing
  MaxR2T 32

  # iSCSI initial parameters negotiate with initiators
  # NOTE: incorrect values might crash
  MaxOutstandingR2T 16
  DefaultTime2Wait 2
  DefaultTime2Retain 60
  FirstBurstLength 262144
  MaxBurstLength 1048576
  MaxRecvDataSegmentLength 262144

  # NOTE: not supported
  InitialR2T Yes
  ImmediateData Yes
  DataPDUInOrder Yes
  DataSequenceInOrder Yes
  ErrorRecoveryLevel 0

[UnitControl]
  Comment "Internal Logical Unit Controller"
  #AuthMethod Auto
  AuthMethod CHAP Mutual
  AuthGroup AuthGroup10000
  # this portal is only used as controller (by istgtcontrol)
  # if it's not necessary, no portal is valid
  #Portal UC1 [::1]:3261
  Portal UC1 127.0.0.1:3261
  # accept IP netmask
  #Netmask [::1]
  Netmask 127.0.0.1

# You should set IPs in /etc/rc.conf for physical I/F
[PortalGroup1]
  Comment "SINGLE PORT TEST"
  # Portal Label(not used) IP(IPv6 or IPv4):Port
  #Portal DA1 [2001:03e0:06cf:0003:021b:21ff:fe04:f405]:3260
  Portal DA1 192.168.1.110:3260

[InitiatorGroup1]
  Comment "Initiator Group1"
  # name with ! deny login/discovery
  #InitiatorName "!iqn.1991-05.com.microsoft:moon"
  # spetified name allow login/discovery
  #InitiatorName "iqn.1991-05.com.microsoft:saturn"
  # special word "ALL" match all of initiators
  InitiatorName "ALL"
  Netmask 192.168.1.0/24

# TargetName, Mapping, UnitType, LUN0 are minimum required
[LogicalUnit1]
  Comment "Win7 Hard Disk"
  # full specified iqn (same as below)
  #TargetName iqn.2007-09.jp.ne.peach.istgt:disk1
  # short specified non iqn (will add NodeBase)
  TargetName win7
  TargetAlias "Win7 System Disk"
  # use initiators in tag1 via portals in tag1
  Mapping PortalGroup1 InitiatorGroup1
  # accept both CHAP and None
  AuthMethod Auto
  AuthGroup AuthGroup1
  #UseDigest Header Data
  UseDigest Auto
  UnitType Disk
  # SCSI INQUIRY - Vendor(8) Product(16) Revision(4) Serial(16)
  #UnitInquiry "FreeBSD" "iSCSI Disk" "0123" "10000001"
  # Queuing 0=disabled, 1-255=enabled with specified depth.
  #QueueDepth 32

  # LogicalVolume for this unit on LUN0
  # for file extent
  #LUN0 Storage /tank/iscsi/vmvols/win7 Auto
  # for raw device extent
  LUN0 Storage /dev/zvol/tank/iscsi/vmvols/win7 Auto
  # for ZFS volume extent
  #LUN0 Storage /dev/zvol/tank/istgt-vol1 Auto

  # override the serial of LUN0 specified with UnitInquiry
  #LUN0 Option Serial "10000001"

  # for 3.5inch, 7200rpm HDD
  # RPM 0=not reported, 1=non-rotating(SSD), n>1024 rpm
  #LUN0 Option RPM 7200
  # FormFactor 0=not reported, 1=5.25, 2=3.5, 3=2.5, 4=1.8, 5=less 1.8 inch
  #LUN0 Option FormFactor 2

  # for 2.5inch, SSD
  #LUN0 Option RPM 1
  #LUN0 Option FormFactor 3

  # for future use (enabled by default)
  #LUN0 Option ReadCache Disable

  # control WCE(mode page 8) and O_FSYNC/O_SYNC on the backing store (enabled by default)
  #LUN0 Option WriteCache Disable
```



```
# cat auth.conf
# authentication information
#
# do not forget to change permission of this file
# and remove sample users :-)
#
# currntly, this file is read at each authentication
#
[AuthGroup1]
  Comment "Auth Group1"
  # User Secret MutualUser MutualSecret (Mutual is optional)
  # chap secret length is from 12 to 16 (for MS initiator)
#  Auth "iqn.1991-05.com.microsoft:saturn"  "1234567890abcdef" \
#       "iqn.2007-09.jp.ne.peach:disk1"     "mutualtestxx"
#  Auth "iqn.1991-05.com.microsoft:athena"  "abcdefghijklmnop"

# tag 9999 is defined as AuthGroup for Dicsovery in sample istgt.conf
[AuthGroup9999]
#  Auth "iqn.1991-05.com.microsoft:saturn"  "testchaptest" \
#       "iqn.2007-09.jp.ne.peach:disk1"     "mutualtestxx"

# tag 10000 is defined as AuthGroup for UnitControl in sample istgt.conf
[AuthGroup10000]
  Comment "Unit Controller's users"
  Auth "testuser" "secret" "mutual user" "mutual secret"
```



```
# cat istgtcontrol.conf
# istgtcontrol configuration file
#
[Global]
  Comment "sample configuration"
  # default values can be overrided by command line switch.

  # socket I/O timeout sec.
  Timeout 60

  # authentication information
  #AuthMethod Auto
  AuthMethod CHAP Mutual
  Auth "testuser" "secret" "mutual user" "mutual secret"
  #AuthMethod CHAP
  #Auth "testuser" "secret"

  # default controller's host name or IP and port
  Host localhost
  #Host 192.168.2.36
  Port 3261

  # default target name and LUN
  #TargetName "iqn.xxxx"
  TargetName "iqn.2007-09.jp.ne.peach:dvd1"
  Lun 0

  # removable file's flag, initial size if creating
  # ro: read only, rw: read and write
  # auto: use existing size or minimum size
  Flags "ro"
  Size "auto"
```


And when run the search on the linux box I get>

```
# iscsiadm  -m discovery -t st -p 192.168.1.110
192.168.1.110:3260,1 iqn.2013-01.freebsd.domu.istgt:win7
```

No I just need to get it mounted in the Linux box and I am good to go.


----------



## abhay4589 (Jan 17, 2013)

Glad you got it working but I think few other things you need to keep in mind, Read these threads if that helps:
http://forums.freebsd.org/showthread.php?p=182320
http://forums.freebsd.org/showthread.php?t=31716

Especially Sync option in ZFS for data loss and Record size for NTFS partition.


----------

