From: Luben Tuikov <ltuikov@yahoo.com>
To: James Bottomley <James.Bottomley@SteelEye.com>,
David Miller <davem@davemloft.net>
Cc: ltuikov@yahoo.com, jeff@garzik.org, lydianconcepts@gmail.com,
mdr@sgi.com, James.Smart@emulex.com, linux-scsi@vger.kernel.org
Subject: Re: generating a Linux WWN?
Date: Mon, 8 Oct 2007 11:18:56 -0700 (PDT) [thread overview]
Message-ID: <423911.99564.qm@web31805.mail.mud.yahoo.com> (raw)
In-Reply-To: <1191622146.3475.51.camel@localhost.localdomain>
--- James Bottomley <James.Bottomley@SteelEye.com> wrote:
>
> For the record, what the current in-kernel aic94xx driver does for this
> case is allow a parameter override to specify the WWN in the case where
> the card burned in one has gone missing or is corrupt. I think this is
> the correctly balanced approach to the problem.
>
> For the record, I pretty much agree completely with Luben's position on
> this: I want to allow the user a method to correct any problem (i.e.
> supply a WWN override). However, I also want them to think about the
> issue before they do this. What I really don't want is the driver
> silently correcting what it thinks to be a defective WWN and generating
> its own replacement because that's a recipe for disaster on a SAN (SANs
> are a lot less robust than networks to duplicate MAC addresses: because
> of the way expander routing is done, you can possibly collapse the
> entire SAN with duplicate WWNs).
>
> So, the procedure for a SAS card should be:
>
> 1. Obtain the WWN from a device specific storage method (like
> flash)
> 2. Replace this with a passed in command line parameter if one
> exists
> 3. refuse to attach if there's still no valid WWN and give an
> explicit method saying what the problem is (and possibly how to
> fix it)
That is absolutely correct.
If a node in a SAN doesn't come up, the SAN admin will inspect
the kernel log and find out that the driver failed to attach
due to a missing WWN. This is a grave condition.
In enterprise, if one component is compromised, then the whole
system should fail and be brought to admin's attention.
The admin may decide to replace this card with a working one,
or ask the Storage Manager to generate a temporary WWN (which could
be the next machine over), or if the admin themselves maintain
the SAN, they can generate a temporary WWN.
But it is imperative that the admin immediately knows
of the fact that a node in the SAN has experienced a problem
and cannot read its WWN.
Alternatively, if the SAN is zoned, then the _rogue_ node
who autogenerated its WWN will be rejected access to the SAN.
A node which autogenerates WWNs is considered a security
risk and a rogue node.
Luben
next prev parent reply other threads:[~2007-10-08 18:18 UTC|newest]
Thread overview: 58+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-09-27 10:04 generating a Linux WWN? Jeff Garzik
2007-09-27 13:55 ` Michael Reed
2007-09-27 14:04 ` James Smart
2007-09-27 14:16 ` Patrick_Boyd
2007-09-27 14:46 ` Matthew Wilcox
2007-09-27 15:07 ` Michael Reed
2007-09-27 15:12 ` Michael Reed
2007-09-27 23:40 ` Jeff Garzik
2007-09-27 22:48 ` Jeff Garzik
2007-10-01 10:56 ` Andi Kleen
2007-09-27 14:19 ` Jeff Garzik
2007-09-27 14:29 ` Michael Reed
2007-09-27 15:30 ` Douglas Gilbert
2007-09-27 22:32 ` Jeff Garzik
2007-09-27 23:12 ` Jeff Garzik
2007-10-02 23:47 ` Luben Tuikov
2007-10-03 0:35 ` Jeff Garzik
2007-10-03 3:45 ` Luben Tuikov
2007-10-03 4:15 ` Jeff Garzik
2007-10-03 5:12 ` Luben Tuikov
2007-10-03 5:25 ` Jeff Garzik
2007-10-03 5:31 ` Luben Tuikov
2007-10-03 5:45 ` Jeff Garzik
2007-10-03 14:59 ` Douglas Gilbert
2007-10-03 16:16 ` Jeff Garzik
2007-10-03 18:02 ` Matthew Jacob
2007-10-03 18:09 ` Jeff Garzik
2007-10-03 19:44 ` Luben Tuikov
2007-10-03 20:25 ` Jeff Garzik
2007-10-03 22:08 ` Luben Tuikov
2007-10-03 22:17 ` David Miller
2007-10-04 0:11 ` Luben Tuikov
2007-10-04 3:23 ` Matthew Jacob
2007-10-04 3:27 ` Jeff Garzik
2007-10-04 3:33 ` Matthew Wilcox
2007-10-05 22:09 ` James Bottomley
2007-10-05 22:11 ` David Miller
2007-10-05 22:14 ` James Bottomley
2007-10-05 22:17 ` David Miller
2007-10-05 22:41 ` Jeff Garzik
2007-10-05 22:49 ` David Miller
2007-10-05 22:52 ` Jeff Garzik
2007-10-06 14:11 ` James Bottomley
2007-10-06 14:36 ` Jeff Garzik
2007-10-06 15:04 ` James Bottomley
2007-10-06 15:23 ` Jeff Garzik
2007-10-06 15:33 ` James Bottomley
2007-10-06 15:42 ` Jeff Garzik
2007-10-08 18:42 ` Luben Tuikov
2007-10-07 2:48 ` David Miller
2007-10-08 15:41 ` Michael Reed
2007-10-08 18:34 ` Luben Tuikov
2007-10-07 2:46 ` David Miller
2007-10-08 18:18 ` Luben Tuikov [this message]
2007-10-03 5:38 ` Luben Tuikov
2007-10-03 5:47 ` Jeff Garzik
2007-10-03 15:33 ` Michael Reed
2007-10-03 16:02 ` Jeff Garzik
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=423911.99564.qm@web31805.mail.mud.yahoo.com \
--to=ltuikov@yahoo.com \
--cc=James.Bottomley@SteelEye.com \
--cc=James.Smart@emulex.com \
--cc=davem@davemloft.net \
--cc=jeff@garzik.org \
--cc=linux-scsi@vger.kernel.org \
--cc=lydianconcepts@gmail.com \
--cc=mdr@sgi.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox