# # Sample iSNS Server configuration file # # The source name. This is an iSCSI qualified name, # and identifies the client uniquely. # # If left empty, the source name is derived from # the client's hostname. # #SourceName = iqn.2006-01.com.example.host1 # Where to store the database. # If you leave this empty, isnsd will keep its # database in memory. # Setting this to an absolute path name will # make isnsd keep its database in a directory # hierarchy below that directory. Database = /var/lib/isns # The iSNS server can purge registered entities # after a certain period of inactivity. This is # called the registration period. # Clients who register objects are supposed to # refresh their registration within this period. # # The default value is 0, which disables this # feature. RegistrationPeriod = 10m # iSNS scopes visibility of other nodes using so-called # Discovery Domains. A storage node A will only "see" # storage node B, if both are members of the same # discovery domain. # # So if a storage node is registered which is not part of # any discovery domain, it will not see any other nodes. # # By setting DefaultDiscoveryDomain=1, you can tell isnsd to # create a virtual "default discovery domain", which # holds all nodes that are not part of any administratively # configured discovery domain. DefaultDiscoveryDomain = 1 # Authentication enable/disable. # When set to 1, the client will sign # all messages, and expect all server messages # to be signed. # # Authentication requires a valid private DSA # key in AuthKeyFile, and the server's DSA public # key in ServerKeyFile. # # The default is to use authentication if the # requires keys are installed, and use unauthenticated # iSNS otherwise. #Security = 1 # Location of the client's private key. # The file must contain a PEM encoded DSA key. # The default is /etc/isns/auth_key #AuthKeyFile = /etc/isns/auth_key # Location of the servers's public key. # The file must contain a PEM encoded DSA key. # The default is /etc/isns/server_key.pub #ServerKeyFile = /etc/isns/server_key.pub # This describes where the iSNS server stores # authentication keys and policy information. # Two options are currently supported: a # simple key store (flat directory with public # keys in PEM encoded files), and the iSNS # database itself #ClientKeyStore = /etc/isns/keystores ClientKeyStore = DB: # When transmitting State Change Notification, # we expect the client to ack them. If the # ACK doesn't arrive in due time, we retransmit # for a limited number of attempts, cycling # through the available portals. SCNTimeout = 60 SCNRetries = 3 # Configuration of ESI. # Defaults are # ESIMaxInterval = 1h # ESIMinInterval = 60s # ESIRetries = 3 # Setting ESIRetries to 0 disables ESI support, and makes # the server reject any portal registrations that specify # an ESI portal. ESIMinInterval = 1m ESIMaxInterval = 2m ESIRetries = 3 # In order to prevent replay attacks, the # authentication blocks carried by iSNS # include a time stamp. The following two # parameters control how we verify the # time stamp Auth.ReplayWindow = 2m Auth.TimeStampJitter = 1s # Maximum number of incoming connections # accepted. # Network.MaxSockets = 1024 # Time to wait for a TCP connection to be # established. # (Client only) # Network.ConnectTimeout = 60 # When a connection attempt failed, we wait # before we try connecting again. # (Client only) # Network.ReonnectTimeout = 10 # Total amount of time to wait before timing # out a call to the iSNS server. # (Client only) # Network.CallTimeout = 60