From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga17.intel.com (mga17.intel.com [192.55.52.151]) by mx.groups.io with SMTP id smtpd.web11.14549.1598971312334328587 for ; Tue, 01 Sep 2020 07:41:52 -0700 Authentication-Results: mx.groups.io; dkim=missing; spf=none, err=permanent DNS error (domain: linux.intel.com, ip: 192.55.52.151, mailfrom: maciej.rabeda@linux.intel.com) IronPort-SDR: 6bfRn4ECw674XChOnVagkyLiE6ZcHa8aZTll8m4ca4Lg2Z0M8TrFVmk5BMTR4U9/tlS/5cw2+A E5oNu6P/uJGQ== X-IronPort-AV: E=McAfee;i="6000,8403,9730"; a="137221606" X-IronPort-AV: E=Sophos;i="5.76,379,1592895600"; d="scan'208,217";a="137221606" X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga005.fm.intel.com ([10.253.24.32]) by fmsmga107.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Sep 2020 07:41:51 -0700 IronPort-SDR: MMwCjNsMGge39CyPJ3u13Gz0D+y1Rx/aG/sljasnXA6wr8Pz/0THDVZ2OdGO8r4CcRgGlDVemM KHuevKGVXrOA== X-IronPort-AV: E=Sophos;i="5.76,379,1592895600"; d="scan'208,217";a="502262614" Received: from mrabeda-mobl.ger.corp.intel.com (HELO [10.213.25.179]) ([10.213.25.179]) by fmsmga005-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Sep 2020 07:41:50 -0700 Subject: Re: [edk2-devel] TCP Port for ISCSI Connection To: Sivaraman Nainar , "devel@edk2.groups.io" References: <16228C0E194D8DF1.2727@groups.io> <142a8a9f-fb6f-3bd1-2b8f-8e6888e09081@linux.intel.com> From: "Maciej Rabeda" Message-ID: Date: Tue, 1 Sep 2020 16:41:41 +0200 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:68.0) Gecko/20100101 Thunderbird/68.12.0 MIME-Version: 1.0 In-Reply-To: Content-Type: multipart/alternative; boundary="------------E1E900089EFC22650446063A" Content-Language: pl --------------E1E900089EFC22650446063A Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 8bit Siva, iSCSI targets can be configured to listen on any TCP port. Changing the UEFI iSCSI Client's TargetPort min/max will effectively prevent the user from communicating with the targets configured to listen on ports outside that range (in your example: below 1024). I do not see a reason behind removing that flexibility. If user sets iSCSI target and client ports to values shared by other services, it is that user's mistake. Thanks, Maciej On 01-Sep-20 16:31, Sivaraman Nainar wrote: > > Hello Maciej: > > The ports numbers from 0 to 1023 are having specific roles. > > Ex: 80 for HTTTP, 443 for HTTPS. > > In the case can we set Min as 1024 and Max as 65535. > > Thanks > > Siva > > *From:* devel@edk2.groups.io [mailto:devel@edk2.groups.io] *On Behalf > Of *Maciej Rabeda > *Sent:* Tuesday, September 1, 2020 7:32 PM > *To:* devel@edk2.groups.io; Sivaraman Nainar > *Subject:* Re: [edk2-devel] TCP Port for ISCSI Connection > > Hi Siva, > > What seems to be the problem at hand? What kind of range of values for > TargetPort do you propose? > TARGET_PORT_MIN/MAX_NUM refer to a range of values (0-65535) that be > set in TargetPort field in iSCSI HII. 3260 is a default TCP port for > iSCSI. > I see nothing wrong with that. > > Thanks, > Maciej > > On 31-Aug-20 11:05, Sivaraman Nainar wrote: > > Rabeda: > > Could you please provide your comment on this. > > -Siva > > *From:* Sivaraman Nainar > *Sent:* Tuesday, July 28, 2020 12:15 PM > *To:* jiaxin.wu@intel.com > *Cc:* devel@edk2.groups.io > *Subject:* RE: TCP Port for ISCSI Connection > > Jiaxin: > > Can you please comment on the below query. > > -Siva > > *From:* devel@edk2.groups.io > [mailto:devel@edk2.groups.io] *On Behalf Of *Sivaraman Nainar > *Sent:* Friday, July 17, 2020 5:39 PM > *To:* devel@edk2.groups.io > *Cc:* jiaxin.wu@intel.com > *Subject:* [edk2-devel] Reg: TCP Port for ISCSI Connection > > Hello all: > > In the ISCSI driver, Target TCP Port Input shows the default port > as 3260. Which can be set from 0 to 65535 > > As per below RFC it talks about the Default Port only. Still it > not clearly said if we can use the numbers 49152-65535 which is > reserved. > > https://tools.ietf.org/html/rfc3720 > > 13. IANA Considerations > > This section conforms to [RFC2434]. > > The well-known user TCP port number for iSCSI connections assigned by > IANA is 3260 and this is the default iSCSI port. Implementations > needing a system TCP port number may use port 860, the port assigned > by IANA as the iSCSI system port; however in order to use port 860, > it MUST be explicitly specified - implementations MUST NOT default to > use of port 860, as 3260 is the only allowed default. > > with my understanding, it wouid be good if we can change the below > Min and  MAX port number ranges with right ranges. > > #define TARGET_PORT_MIN_NUM       0 > > #define TARGET_PORT_MAX_NUM       65535 > > Thanks > > Siva > > This e-mail is intended for the use of the addressee only and may > contain privileged, confidential, or proprietary information that > is exempt from disclosure under law. If you have received this > message in error, please inform us promptly by reply e-mail, then > delete the e-mail and destroy any printed copy. Thank you. > > > --------------E1E900089EFC22650446063A Content-Type: text/html; charset=windows-1252 Content-Transfer-Encoding: 8bit Siva,

iSCSI targets can be configured to listen on any TCP port.
Changing the UEFI iSCSI Client's TargetPort min/max will effectively prevent the user from communicating with the targets configured to listen on ports outside that range (in your example: below 1024).
I do not see a reason behind removing that flexibility. If user sets iSCSI target and client ports to values shared by other services, it is that user's mistake.

Thanks,
Maciej

On 01-Sep-20 16:31, Sivaraman Nainar wrote:

Hello Maciej:

 

The ports numbers from 0 to 1023 are having specific roles.

 

Ex: 80 for HTTTP, 443 for HTTPS.

 

In the case can we set Min as 1024 and Max as 65535.

 

Thanks

Siva

From: devel@edk2.groups.io [mailto:devel@edk2.groups.io] On Behalf Of Maciej Rabeda
Sent: Tuesday, September 1, 2020 7:32 PM
To: devel@edk2.groups.io; Sivaraman Nainar
Subject: Re: [edk2-devel] TCP Port for ISCSI Connection

 

Hi Siva,

What seems to be the problem at hand? What kind of range of values for TargetPort do you propose?
TARGET_PORT_MIN/MAX_NUM refer to a range of values (0-65535) that be set in TargetPort field in iSCSI HII. 3260 is a default TCP port for iSCSI.
I see nothing wrong with that.

Thanks,
Maciej

On 31-Aug-20 11:05, Sivaraman Nainar wrote:

Rabeda:

 

Could you please provide your comment on this.

 

-Siva

From: Sivaraman Nainar
Sent: Tuesday, July 28, 2020 12:15 PM
To: jiaxin.wu@intel.com
Cc: devel@edk2.groups.io
Subject: RE: TCP Port for ISCSI Connection

 

Jiaxin:

 

Can you please comment on the below query.

 

-Siva

From: devel@edk2.groups.io [mailto:devel@edk2.groups.io] On Behalf Of Sivaraman Nainar
Sent: Friday, July 17, 2020 5:39 PM
To: devel@edk2.groups.io
Cc: jiaxin.wu@intel.com
Subject: [edk2-devel] Reg: TCP Port for ISCSI Connection

 

Hello all:

 

In the ISCSI driver, Target TCP Port Input shows the default port as 3260. Which can be set from 0 to 65535

 

As per below RFC it talks about the Default Port only. Still it not clearly said if we can use the numbers 49152-65535 which is reserved.

https://tools.ietf.org/html/rfc3720

13. IANA Considerations

This section conforms to [RFC2434].

The well-known user TCP port number for iSCSI connections assigned by
IANA is 3260 and this is the default iSCSI port. Implementations
needing a system TCP port number may use port 860, the port assigned
by IANA as the iSCSI system port; however in order to use port 860,
it MUST be explicitly specified - implementations MUST NOT default to
use of port 860, as 3260 is the only allowed default.

with my understanding, it wouid be good if we can change the below Min and  MAX port number ranges with right ranges.

 

#define TARGET_PORT_MIN_NUM       0

#define TARGET_PORT_MAX_NUM       65535

 

Thanks

Siva

This e-mail is intended for the use of the addressee only and may contain privileged, confidential, or proprietary information that is exempt from disclosure under law. If you have received this message in error, please inform us promptly by reply e-mail, then delete the e-mail and destroy any printed copy. Thank you.

 


--------------E1E900089EFC22650446063A--