No relevant resource is found in the selected language.
MENU
Support Documentation
OceanStor V5 Series V500R007 Kunpeng Basic Storage Service Configuration Guide for Block

This document is applicable to the following V500R007 Kunpeng models: OceanStor 2600 V5, OceanStor 5300 V5, 5300F V5, 5500 V5, 5500F V5, 5600 V5, 5600F V5, 5800 V5, 5800F V5, 6800 V5, 6800F V5, 18500 V5, 18800 V5, 18500F V5, and 18800F V5. It describes the basic storage services and explains how to configure and manage them.

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Planning Networks

Planning Networks

To ensure host connectivity and storage system access security, properly plan the network and secure authentication.

Planning the Network

Hosts and storage systems can be connected in various modes. For details about connection modes, see "Planning Connectivity" in the Huawei SAN Storage Host Connectivity Guide for XXX. XXX represents a specific operating system, for example, Windows.

(Optional) Planning iSCSI CHAP

Plan iSCSI Challenge-Handshake Authentication Protocol (CHAP) to control access to a storage system.

CHAP is a method of verifying the identity of the peer using a 3-way handshake. This verification is based on a ciphertext or cipher key.

  1. During the establishment of a link, the authenticator sends a random challenge message to the peer.
  2. The peer encrypts the random challenge message using the password and algorithm and responds with the ciphertext.
  3. The authenticator checks the response against its own ciphertext obtained by encrypting the random challenge message using the peer's password and algorithm that have been saved. If the two ciphertexts match, the authentication is acknowledged. Otherwise, the connection is terminated.

After CHAP authentication is enabled on a storage system, you must enter the CHAP user name and password when accessing the storage system from an application server.

When planning CHAP, note the following:

  • User name for CHAP authentication
    • The name must contain 4 to 223 characters.
    • The name can contain letters, digits, and special characters. Special characters include:

      !"#$&%'()*+,-./:;<=>?@[\]^_`{|}~

    • The first character must be a letter or digit.
  • Password for CHAP authentication
    • The password must contain 12 to 16 characters.
    • The password must contain three of the following four types of characters:
      • Uppercase letters
      • Lowercase letters
      • Digits
      • Special characters (including space)

        !"#$&%'()*+,-./:;<=>?@[\]^_`{|}~

    • The password must not be the same as the CHAP user name or the reverse of the user name.
  • Mapping between CHAP user accounts and initiators

    CHAP user accounts must be created and assigned to corresponding initiators.

Download
Updated: 2020-12-02

Document ID: EDOC1100123477

Views: 20812

Downloads: 48

Average rating:
This Document Applies to these Products

Related Version

Related Documents

Share
Previous Next
Enterprise APP

Copyright © 2021 Huawei Technologies Co., Ltd. All rights reserved.

You are going to visit :