Tuesday 24 February 2015

Diagnosing iSCSI connection between Server 2012 inittiaor and a Server 2012 target server

For this lab we will assume that there are two Server 2012 boxes, configured on an isolated network of Server 1 will be and server 2 will be

We will firstly install Wireshark for this process and then start capturing packets on the appropriate interface.

We start by launching the "iSCSI inittiator" on the client and going to:
Discovery > Discover Portal > Enter the IP address of the ISCSI target > Advanced > Select the local adapter > Select the initiator IP > OK and accept.

Now go to the targets tab and click refresh.

We can then stop our packet capture and then type the following in the Wireshark filter: "iscsi":

You should (if performed correctly) see a series of iSCSI packets (you might see different sessions as well) - choose one - right hand click on "Login Command" and select "Follow TCP Stream" - close down the "Follow TCP Stream" dialog box and your filter should be set to something like "tcp.stream eq X".

You should now see the TCP negotiation and the first iSCSI command called "Login Command" - I will now go briefly through the process flow of the iSCSI discovery in accordance with the stream below:

Login Command (0x03): This is the initial step of the discovery - as the title suggests the iSCSI initiator is attempting to access the iSCSI target - in my case no authentication is being applied so we can connect anonomously.

Login Responce (0x23): Returns whether or not the initiator is authenticated.

Text Command (0x04): The initiator then uses the "Text Command" to send the query "SendTargets=All" - which simply asks for all available targets for the initiator (this is also where the authorization takes place on the target server.)

Text Response (0x24): The target server then returns all available target servers.

Logout Command (0x06): The client requests to logout from the target server.

Logout Reponse (0x26): The target server confirms the logout process to the initiator.


Post a Comment