path: root/utils/open-isns/etc/isnsd.conf

#
# Sample iSNS Server configuration file
#

# The source name. This is an iSCSI qualified name,
# and identifies the client uniquely.
#
# If left empty, the source name is derived from
# the client's hostname.
#
#SourceName	= iqn.2006-01.com.example.host1

# Where to store the database.
# If you leave this empty, isnsd will keep its
# database in memory.
# Setting this to an absolute path name will
# make isnsd keep its database in a directory
# hierarchy below that directory.
Database	= /var/lib/isns

# The iSNS server can purge registered entities
# after a certain period of inactivity. This is
# called the registration period.
# Clients who register objects are supposed to
# refresh their registration within this period.
#
# The default value is 0, which disables this
# feature.
RegistrationPeriod	= 10m

# iSNS scopes visibility of other nodes using so-called
# Discovery Domains. A storage node A will only "see"
# storage node B, if both are members of the same
# discovery domain.
#
# So if a storage node is registered which is not part of
# any discovery domain, it will not see any other nodes.
#
# By setting DefaultDiscoveryDomain=1, you can tell isnsd to
# create a virtual "default discovery domain", which 
# holds all nodes that are not part of any administratively
# configured discovery domain.
DefaultDiscoveryDomain	= 1

# Make the iSNS server register itself with SLP.
# Clients will be able to discover the server by
# querying for service type "iscsi:sms", and a query
# of "(protocols=isns)"
SLPRegister		= 1

# Authentication enable/disable.
# When set to 1, the client will sign
# all messages, and expect all server messages
# to be signed.
#
# Authentication requires a valid private DSA
# key in AuthKeyFile, and the server's DSA public
# key in ServerKeyFile.
#
# The default is to use authentication if the
# requires keys are installed, and use unauthenticated
# iSNS otherwise.
#Security	= 1

# Location of the client's private key.
# The file must contain a PEM encoded DSA key.
# The default is /etc/isns/auth_key
#AuthKeyFile	= /etc/isns/auth_key

# Location of the servers's public key.
# The file must contain a PEM encoded DSA key.
# The default is /etc/isns/server_key.pub
#ServerKeyFile	= /etc/isns/server_key.pub

# This describes where the iSNS server stores
# authentication keys and policy information.
# Two options are currently supported: a
# simple key store (flat directory with public
# keys in PEM encoded files), and the iSNS
# database itself
#ClientKeyStore	= /etc/isns/keystores
ClientKeyStore	= DB:

# When transmitting State Change Notification,
# we expect the client to ack them. If the
# ACK doesn't arrive in due time, we retransmit
# for a limited number of attempts, cycling
# through the available portals.
SCNTimeout	= 60
SCNRetries	= 3

# Configuration of ESI.
# Defaults are
#  ESIMaxInterval = 1h
#  ESIMinInterval = 60s
#  ESIRetries     = 3
# Setting ESIRetries to 0 disables ESI support, and makes
# the server reject any portal registrations that specify
# an ESI portal.
ESIMinInterval	= 1m
ESIMaxInterval	= 2m
ESIRetries	= 3

# In order to prevent replay attacks, the
# authentication blocks carried by iSNS
# include a time stamp. The following two
# parameters control how we verify the
# time stamp
Auth.ReplayWindow = 2m
Auth.TimeStampJitter = 1s

# Maximum number of incoming connections
# accepted.
# Network.MaxSockets = 1024

# Time to wait for a TCP connection to be
# established.
# (Client only)
# Network.ConnectTimeout = 60

# When a connection attempt failed, we wait
# before we try connecting again.
# (Client only)
# Network.ReonnectTimeout = 10

# Total amount of time to wait before timing
# out a call to the iSNS server.
# (Client only)
# Network.CallTimeout = 60