Filter
Top Products
The HBAnyware Utility User Manual Page 88
Version 8.2 LPFC and LPFCDFC Parameter
DH-CHAP Authentication and Configuration
The Emulex driver for Linux version 8.2.0.x supports the FC-SP/Authentication DH-CHAP (Diffie-
Hellmann Challenge Handshake Authentication Protocol). To activate FC-SP/Authentication between
the HBA host port and Fabric F_port using DH-CHAP, you modify the DH-CHAP associated driver
properties in the driver configuration file.
The Emulex driver for Linux version 8.2.0.x supports MD5 and SHA-1 hash functions and supports the
following DH groups: Null, 1024, 1280, 1536, and 2048.
Enabling Authentication
Enabling authentication is a two step process. To enable authentication:
• The fcauthd daemon must be running.
• The lpfc_enable_auth module parameter must be set to enabled.
The lpfc_enable_auth Module Parameter
Use the lpfc_enable_auth module parameter enable or disable authentication support. This module
parameter can be set when loading the driver to enable or disable authentication on all Emulex HBAs in
the system, or it may be set dynamically after the driver is loaded to enable or disable authentication for
each port (physical and virtual). The default setting for the lpfc-enable-auth module parameter is
disabled. SeeTable 10 starting on page 91 for the parameter values.
The fcauthd Daemon
The Emulex LPFC driver requires the fcauthd daemon to perform authentication tasks for it. To enable
authentication you must have this daemon running. If you want to load the driver with authentication
enabled, the fcauthd daemon should be running prior to driver load. The driver can start with
authentication enabled if the daemon is not running, but all ports will be placed into an error state. When
the daemon is started the driver should discover the daemon and reset the HBA to enable the driver to
perform authentication. To test if this daemon is running, start the daemon, or stop the daemon, you
must use the /etc/init.d/fcauthd script. This script accepts the standard daemon parameters: start, stop,
reload, status, restart, and condrestart.
The script syntax is /etc/init.d/fcauthd <parameter>.
Table 8: LPFCDFC Driver for Linux, Static Parameters
Variable Default Min Max Comments
lpfc_scsi_req_tmo 30 0 255 Time out value (in seconds) for SCSI request
sent through lpfcdfc module. (Not available
using HBAnyware GUI. Command line only.)
Note: This version of the driver supports for N-Port to F-Port authentication only and does
not support N-Port to N-Port authentication.
Note: The 8.2.0.X driver connects directly to the fcauthd daemon. To unload the driver you
must first stop the fcauthd daemon. This will close the netlink connection and allow
the LPFC driver to unload.