1.\" Copyright (c) 2012 The FreeBSD Foundation 2.\" Copyright (c) 2015 Alexander Motin <mav@FreeBSD.org> 3.\" All rights reserved. 4.\" 5.\" This software was developed by Edward Tomasz Napierala under sponsorship 6.\" from the FreeBSD Foundation. 7.\" 8.\" Redistribution and use in source and binary forms, with or without 9.\" modification, are permitted provided that the following conditions 10.\" are met: 11.\" 1. Redistributions of source code must retain the above copyright 12.\" notice, this list of conditions and the following disclaimer. 13.\" 2. Redistributions in binary form must reproduce the above copyright 14.\" notice, this list of conditions and the following disclaimer in the 15.\" documentation and/or other materials provided with the distribution. 16.\" 17.\" THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND 18.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE 21.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27.\" SUCH DAMAGE. 28.\" 29.Dd August 6, 2025 30.Dt CTL.CONF 5 31.Os 32.Sh NAME 33.Nm ctl.conf 34.Nd CAM Target Layer / iSCSI target / NVMeoF controller daemon configuration file 35.Sh DESCRIPTION 36The 37.Nm 38configuration file is used by the 39.Xr ctld 8 40daemon. 41Lines starting with 42.Ql # 43are interpreted as comments. 44The general syntax of the 45.Nm 46file is: 47.Bd -literal -offset indent 48.No pidfile Ar path 49 50.No auth-group Ar name No { 51.Dl chap Ar user Ar secret 52.Dl ... 53} 54 55.No portal-group Ar name No { 56.Dl listen Ar address 57.\".Dl listen-iser Ar address 58.Dl discovery-auth-group Ar name 59.Dl ... 60} 61 62.No transport-group Ar name No { 63.Dl listen Ar transport Ar address 64.Dl ... 65} 66 67.No target Ar name { 68.Dl auth-group Ar name 69.Dl portal-group Ar name 70.Dl lun Ar number No { 71.Dl path Ar path 72.Dl } 73.Dl ... 74} 75 76.No controller Ar name { 77.Dl auth-group Ar name 78.Dl transport-group Ar name 79.Dl namespace Ar number No { 80.Dl path Ar path 81.Dl } 82.Dl ... 83} 84.Ed 85.Ss Global Context 86.Bl -tag -width indent 87.It Ic auth-group Ar name 88Create an 89.Sy auth-group 90configuration context, 91defining a new auth-group, 92which can then be assigned to any number of targets. 93.It Ic debug Ar level 94The debug verbosity level. 95The default is 0. 96.It Ic maxproc Ar number 97The limit for concurrently running child processes handling 98incoming connections. 99The default is 30. 100A setting of 0 disables the limit. 101.It Ic pidfile Ar path 102The path to the pidfile. 103The default is 104.Pa /var/run/ctld.pid . 105.It Ic portal-group Ar name 106Create a 107.Sy portal-group 108configuration context, 109defining a new portal-group, 110which can then be assigned to any number of targets. 111.It Ic transport-group Ar name 112Create a 113.Sy transport-group 114configuration context, 115defining a new transport-group, 116which can then be assigned to any number of NVMeoF controllers. 117.It Ic lun Ar name 118Create a 119.Sy lun 120configuration context, defining a LUN to be exported by any number of targets 121or controllers. 122.It Ic target Ar name 123Create a 124.Sy target 125configuration context, which can optionally contain one or more 126.Sy lun 127contexts. 128.It Ic controller Ar name 129Create a 130.Sy controller 131configuration context, which can optionally contain one or more 132.Sy namespace 133contexts. 134.It Ic timeout Ar seconds 135The timeout for login sessions, after which the connection 136will be forcibly terminated. 137The default is 60. 138A setting of 0 disables the timeout. 139.It Ic isns-server Ar address 140An IPv4 or IPv6 address and optionally port of iSNS server to register on. 141.It Ic isns-period Ar seconds 142iSNS registration period. 143Registered Network Entity not updated during this period will be unregistered. 144The default is 900. 145.It Ic isns-timeout Ar seconds 146Timeout for iSNS requests. 147The default is 5. 148.El 149.Ss auth-group Context 150.Bl -tag -width indent 151.It Ic auth-type Ar type 152Sets the authentication type. 153Type can be either 154.Qq Ar none , 155.Qq Ar deny , 156.Qq Ar chap , 157or 158.Qq Ar chap-mutual . 159In most cases it is not necessary to set the type using this clause; 160it is usually used to disable authentication for a given 161.Sy auth-group . 162.It Ic chap Ar user Ar secret 163A set of CHAP authentication credentials. 164Note that for any 165.Sy auth-group , 166the configuration may only contain either 167.Sy chap 168or 169.Sy chap-mutual 170entries; it is an error to mix them. 171.It Ic chap-mutual Ar user Ar secret Ar mutualuser Ar mutualsecret 172A set of mutual CHAP authentication credentials. 173Note that for any 174.Sy auth-group , 175the configuration may only contain either 176.Sy chap 177or 178.Sy chap-mutual 179entries; it is an error to mix them. 180.It Ic host-address Ar address Ns Op / Ns Ar prefixlen 181An NVMeoF host address: an IPv4 or IPv6 address, optionally 182followed by a literal slash and a prefix length. 183Only NVMeoF hosts with an address matching one of the defined 184addresses will be allowed to connect. 185If not defined, there will be no restrictions based on host 186address. 187.It Ic host-nqn Ar name 188An NVMeoF host name. 189Only NVMeoF hosts with a name matching one of the defined 190names will be allowed to connect. 191If not defined, there will be no restrictions based on NVMe host 192name. 193.It Ic initiator-name Ar initiator-name 194An iSCSI initiator name. 195Only initiators with a name matching one of the defined 196names will be allowed to connect. 197If not defined, there will be no restrictions based on initiator 198name. 199.It Ic initiator-portal Ar address Ns Op / Ns Ar prefixlen 200An iSCSI initiator portal: an IPv4 or IPv6 address, optionally 201followed by a literal slash and a prefix length. 202Only initiators with an address matching one of the defined 203addresses will be allowed to connect. 204If not defined, there will be no restrictions based on initiator 205address. 206.El 207.Ss portal-group Context 208.Bl -tag -width indent 209.It Ic discovery-auth-group Ar name 210Assign a previously defined authentication group to the portal group, 211to be used for target discovery. 212By default, portal groups are assigned predefined 213.Sy auth-group 214.Qq Ar default , 215which denies discovery. 216Another predefined 217.Sy auth-group , 218.Qq Ar no-authentication , 219may be used 220to permit discovery without authentication. 221.It Ic discovery-filter Ar filter 222Determines which targets are returned during discovery. 223Filter can be either 224.Qq Ar none , 225.Qq Ar portal , 226.Qq Ar portal-name , 227or 228.Qq Ar portal-name-auth . 229When set to 230.Qq Ar none , 231discovery will return all targets assigned to that portal group. 232When set to 233.Qq Ar portal , 234discovery will not return targets that cannot be accessed by the 235initiator because of their 236.Sy initiator-portal . 237When set to 238.Qq Ar portal-name , 239the check will include both 240.Sy initiator-portal 241and 242.Sy initiator-name . 243When set to 244.Qq Ar portal-name-auth , 245the check will include 246.Sy initiator-portal , 247.Sy initiator-name , 248and authentication credentials. 249The target is returned if it does not require CHAP authentication, 250or if the CHAP user and secret used during discovery match those 251used by the target. 252Note that when using 253.Qq Ar portal-name-auth , 254targets that require CHAP authentication will only be returned if 255.Sy discovery-auth-group 256requires CHAP. 257The default is 258.Qq Ar none . 259.It Ic listen Ar address 260An IPv4 or IPv6 address and port to listen on for incoming connections. 261.\".It Ic listen-iser Ar address 262.\"An IPv4 or IPv6 address and port to listen on for incoming connections 263.\"using iSER (iSCSI over RDMA) protocol. 264.It Ic offload Ar driver 265Define iSCSI hardware offload driver to use for this 266.Sy portal-group . 267The default is 268.Qq Ar none . 269.It Ic option Ar name Ar value 270The CTL-specific port options passed to the kernel. 271.It Ic redirect Ar address 272IPv4 or IPv6 address to redirect initiators to. 273When configured, all initiators attempting to connect to portal 274belonging to this 275.Sy portal-group 276will get redirected using "Target moved temporarily" login response. 277Redirection happens before authentication and any 278.Sy initiator-name 279or 280.Sy initiator-portal 281checks are skipped. 282.It Ic tag Ar value 283Unique 16-bit tag value of this 284.Sy portal-group . 285If not specified, the value is generated automatically. 286.It Ic foreign 287Specifies that this 288.Sy portal-group 289is listened by some other host. 290This host will announce it on discovery stage, but won't listen. 291.It Ic dscp Ar value 292The DiffServ Codepoint used for sending data. The DSCP can be 293set to numeric, or hexadecimal values directly, as well as the 294well-defined 295.Qq Ar CSx 296and 297.Qq Ar AFxx 298codepoints. 299.It Ic pcp Ar value 300The 802.1Q Priority CodePoint used for sending packets. 301The PCP can be set to a value in the range between 302.Qq Ar 0 303to 304.Qq Ar 7 . 305When omitted, the default for the outgoing interface is used. 306.El 307.Ss transport-group Context 308.Bl -tag -width indent 309.It Ic discovery-auth-group Ar name 310See the description for this option for 311.Sy portal-group 312contexts. 313.It Ic discovery-filter Ar filter 314Filter can be either 315.Qq Ar none , 316.Qq Ar address , 317or 318.Qq Ar address-name . 319When set to 320.Qq Ar none , 321discovery will return all controllers assigned to that transport group. 322When set to 323.Qq Ar address , 324discovery will not return controllers that cannot be accessed by the 325host because of their 326.Sy host-address . 327When set to 328.Qq Ar address-name , 329the check will include both 330.Sy host-address 331and 332.Sy host-nqn . 333The default is 334.Qq Ar none . 335.It Ic listen Ar transport Ar address 336An IPv4 or IPv6 address and port to listen on for incoming connections 337using the specified NVMeoF transport. 338Supported transports are 339.Qq Ar tcp 340.Pq for NVMe/TCP I/O controllers 341and 342.Qq Ar discovery-tcp 343.Pq for NVMe/TCP discovery controllers . 344.It Ic option Ar name Ar value 345One of the following options: 346.Bl -column "max_admin_qsize" "Default" "Transports" 347.It Sy Name Ta Sy Default Ta Sy Transports Ta Sy Description 348.It MAXH2CDATA Ta 256KiB Ta TCP Ta 349Size in bytes of the maximum data payload size for data PDUs accepted from 350remote hosts. 351The value must be at least 4KiB and must be a multiple of 4. 352.It SQFC Ta false Ta any Ta 353Always enable SQ flow control. 354.It HDGST Ta false Ta TCP Ta 355Enable PDU header digests if requested by a remote host. 356.It DDGST Ta false Ta TCP Ta 357Enable PDU data digests if requested by a remote host. 358.It max_admin_qsize Ta 4096 Ta any Ta 359The maximum number of entries a remote host can request for an admin queue pair. 360.It max_io_qsize Ta 65536 Ta any Ta 361The maximum number of entries a remote host can request for an I/O queue pair. 362.El 363.It Ic tag Ar value 364Unique 16-bit port ID for this 365.Sy transport-group . 366If not specified, the value is generated automatically. 367.It Ic dscp Ar value 368See the description for this option for 369.Sy portal-group 370contexts. 371.It Ic pcp Ar value 372See the description for this option for 373.Sy portal-group 374contexts. 375.El 376.Ss target Context 377.Bl -tag -width indent 378.It Ic alias Ar text 379Assign a human-readable description to the target. 380There is no default. 381.It Ic auth-group Ar name 382Assign a previously defined authentication group to the target. 383By default, targets that do not specify their own auth settings, 384using clauses such as 385.Sy chap 386or 387.Sy initiator-name , 388are assigned 389predefined 390.Sy auth-group 391.Qq Ar default , 392which denies all access. 393Another predefined 394.Sy auth-group , 395.Qq Ar no-authentication , 396may be used to permit access 397without authentication. 398Note that this clause can be overridden using the second argument 399to a 400.Sy portal-group 401clause. 402.It Ic auth-type Ar type 403Sets the authentication type. 404Type can be either 405.Qq Ar none , 406.Qq Ar deny , 407.Qq Ar chap , 408or 409.Qq Ar chap-mutual . 410In most cases it is not necessary to set the type using this clause; 411it is usually used to disable authentication for a given 412.Sy target . 413This clause is mutually exclusive with 414.Sy auth-group ; 415one cannot use 416both in a single target. 417.It Ic chap Ar user Ar secret 418A set of CHAP authentication credentials. 419Note that targets must only use one of 420.Sy auth-group , chap , No or Sy chap-mutual ; 421it is a configuration error to mix multiple types in one target. 422.It Ic chap-mutual Ar user Ar secret Ar mutualuser Ar mutualsecret 423A set of mutual CHAP authentication credentials. 424Note that targets must only use one of 425.Sy auth-group , chap , No or Sy chap-mutual ; 426it is a configuration error to mix multiple types in one target. 427.It Ic initiator-name Ar initiator-name 428An iSCSI initiator name. 429Only initiators with a name matching one of the defined 430names will be allowed to connect. 431If not defined, there will be no restrictions based on initiator 432name. 433This clause is mutually exclusive with 434.Sy auth-group ; 435one cannot use 436both in a single target. 437.It Ic initiator-portal Ar address Ns Op / Ns Ar prefixlen 438An iSCSI initiator portal: an IPv4 or IPv6 address, optionally 439followed by a literal slash and a prefix length. 440Only initiators with an address matching one of the defined 441addresses will be allowed to connect. 442If not defined, there will be no restrictions based on initiator 443address. 444This clause is mutually exclusive with 445.Sy auth-group ; 446one cannot use 447both in a single target. 448.Pp 449The 450.Sy auth-type , 451.Sy chap , 452.Sy chap-mutual , 453.Sy initiator-name , 454and 455.Sy initiator-portal 456clauses in the target context provide an alternative to assigning an 457.Sy auth-group 458defined separately, useful in the common case of authentication settings 459specific to a single target. 460.It Ic portal-group Ar name Op Ar ag-name 461Assign a previously defined portal group to the target. 462The default portal group is 463.Qq Ar default , 464which makes the target available 465on TCP port 3260 on all configured IPv4 and IPv6 addresses. 466Optional second argument specifies 467.Sy auth-group 468for connections to this specific portal group. 469If second argument is not specified, target 470.Sy auth-group 471is used. 472.It Ic port Ar name 473.It Ic port Ar name/pp 474.It Ic port Ar name/pp/vp 475Assign specified CTL port (such as "isp0" or "isp2/1") to the target. 476This is used to export the target through a specific physical - eg Fibre 477Channel - port, in addition to portal-groups configured for the target. 478Use 479.Cm "ctladm portlist" 480command to retrieve the list of available ports. 481On startup 482.Xr ctld 8 483configures LUN mapping and enables all assigned ports. 484Each port can be assigned to only one target. 485.It Ic redirect Ar address 486IPv4 or IPv6 address to redirect initiators to. 487When configured, all initiators attempting to connect to this target 488will get redirected using "Target moved temporarily" login response. 489Redirection happens after successful authentication. 490.It Ic lun Ar number Ar name 491Export previously defined 492.Sy lun 493by the parent target. 494.It Ic lun Ar number 495Create a 496.Sy lun 497configuration context, defining a LUN exported by the parent target. 498.Pp 499This is an alternative to defining the LUN separately, useful in the common 500case of a LUN being exported by a single target. 501.El 502.Ss controller Context 503.Bl -tag -width indent 504.It Ic auth-group Ar name 505Assign a previously defined authentication group to the controller. 506By default, controllers that do not specify their own auth settings, 507using clauses such as 508.Sy host-address 509or 510.Sy host-nqn , 511are assigned to the 512predefined 513.Sy auth-group 514.Qq Ar default , 515which denies all access. 516Another predefined 517.Sy auth-group , 518.Qq Ar no-authentication , 519may be used to permit access 520without authentication. 521Note that this clause can be overridden using the second argument 522to a 523.Sy transport-group 524clause. 525.It Ic auth-type Ar type 526Sets the authentication type. 527Type can be either 528.Qq Ar none 529or 530.Qq Ar deny . 531In most cases it is not necessary to set the type using this clause; 532it is usually used to disable authentication for a given 533.Sy controller . 534This clause is mutually exclusive with 535.Sy auth-group ; 536one cannot use 537both in a single controller. 538.It Ic host-address Ar address Ns Op / Ns Ar prefixlen 539An NVMeoF host address: an IPv4 or IPv6 address, optionally 540followed by a literal slash and a prefix length. 541Only NVMeoF hosts with an address matching one of the defined 542addresses will be allowed to connect. 543If not defined, there will be no restrictions based on host 544address. 545This clause is mutually exclusive with 546.Sy auth-group ; 547one cannot use 548both in a single controller. 549.It Ic host-nqn Ar name 550An NVMeoF host name. 551Only NVMeoF hosts with a name matching one of the defined 552names will be allowed to connect. 553If not defined, there will be no restrictions based on NVMe host 554name. 555This clause is mutually exclusive with 556.Sy auth-group ; 557one cannot use 558both in a single target. 559.Pp 560The 561.Sy auth-type , 562.Sy host-address , 563and 564.Sy host-nqn 565clauses in the controller context provide an alternative to assigning an 566.Sy auth-group 567defined separately, useful in the common case of authentication settings 568specific to a single controller. 569.It Ic transport-group Ar name Op Ar ag-name 570Assign a previously defined transport group to the controller. 571The default transport group is 572.Qq Ar default , 573which makes the controller available 574on TCP port 4420 on all configured IPv4 and IPv6 addresses. 575The optional second argument specifies the 576.Sy auth-group 577for connections to this specific transport group group. 578If the second argument is not specified, the controller 579.Sy auth-group 580is used. 581.It Ic namespace Ar number Ar name 582Export previously defined 583.Sy lun 584as an NVMe namespace from the parent controller. 585.It Ic namespace Ar number 586Create a 587.Sy namespace 588configuration context, defining an NVMe namespace exported by the parent target. 589.Pp 590This is an alternative to defining the namespace separately, 591useful in the common case of a namespace being exported by a single controller. 592.Sy namespace 593configuration contexts accept the the same properties as 594.Sy lun 595contexts. 596.El 597.Ss lun Context 598.Bl -tag -width indent 599.It Ic backend Ar block No | Ar ramdisk 600The CTL backend to use for a given LUN. 601Valid choices are 602.Qq Ar block 603and 604.Qq Ar ramdisk ; 605block is used for LUNs backed 606by files or disk device nodes; ramdisk is a bitsink device, used mostly for 607testing. 608The default backend is block. 609.It Ic blocksize Ar size 610The blocksize visible to the initiator. 611The default blocksize is 512 for disks, and 2048 for CD/DVDs. 612.It Ic ctl-lun Ar lun_id 613Global numeric identifier to use for a given LUN inside CTL. 614By default CTL allocates those IDs dynamically, but explicit specification 615may be needed for consistency in HA configurations. 616.It Ic device-id Ar string 617The SCSI Device Identification string presented to iSCSI initiators. 618.It Ic device-type Ar type 619Specify the SCSI device type to use when creating the LUN. 620Currently CTL supports Direct Access (type 0), Processor (type 3) 621and CD/DVD (type 5) LUNs. 622.It Ic option Ar name Ar value 623The CTL-specific options passed to the kernel. 624All CTL-specific options are documented in the 625.Sx OPTIONS 626section of 627.Xr ctladm 8 . 628.It Ic path Ar path 629The path to the file, device node, or 630.Xr zfs 8 631volume used to back the LUN. 632For optimal performance, create ZFS volumes with the 633.Qq Ar volmode=dev 634property set. 635.It Ic serial Ar string 636The SCSI serial number presented to iSCSI initiators. 637.It Ic size Ar size 638The LUN size, in bytes or by number with a suffix of 639.Sy K , M , G , T 640(for kilobytes, megabytes, gigabytes, or terabytes). 641When the configuration is in UCL format, use the suffix format 642.Sy kKmMgG Ns | Ns Sy bB , 643(i.e., 4GB, 4gb, and 4Gb are all equivalent). 644.El 645.Sh FILES 646.Bl -tag -width ".Pa /etc/ctl.conf" -compact 647.It Pa /etc/ctl.conf 648The default location of the 649.Xr ctld 8 650configuration file. 651.El 652.Sh EXAMPLES 653.Bd -literal 654auth-group ag0 { 655 chap-mutual "user" "secret" "mutualuser" "mutualsecret" 656 chap-mutual "user2" "secret2" "mutualuser" "mutualsecret" 657 initiator-portal 192.168.1.1/16 658} 659 660auth-group ag1 { 661 auth-type none 662 initiator-name "iqn.2012-06.com.example:initiatorhost1" 663 initiator-name "iqn.2012-06.com.example:initiatorhost2" 664 initiator-portal 192.168.1.1/24 665 initiator-portal [2001:db8::de:ef] 666} 667 668portal-group pg0 { 669 discovery-auth-group no-authentication 670 listen 0.0.0.0:3260 671 listen [::]:3260 672 listen [fe80::be:ef]:3261 673} 674 675target iqn.2012-06.com.example:target0 { 676 alias "Example target" 677 auth-group no-authentication 678 lun 0 { 679 path /dev/zvol/tank/example_0 680 blocksize 4096 681 size 4G 682 } 683} 684 685lun example_1 { 686 path /dev/zvol/tank/example_1 687 option naa 0x50015178f369f093 688} 689 690target iqn.2012-06.com.example:target1 { 691 auth-group ag0 692 portal-group pg0 693 lun 0 example_1 694 lun 1 { 695 path /dev/zvol/tank/example_2 696 option vendor "FreeBSD" 697 } 698} 699 700target naa.50015178f369f092 { 701 port isp0 702 port isp1 703 lun 0 example_1 704} 705 706controller nqn.2012-06.com.example:controller1 { 707 auth-group no-authentication; 708 namespace 1 example_1 709 namespace 2 { 710 backend ramdisk 711 size 1G 712 option capacity 1G 713 } 714} 715.Ed 716.Pp 717An equivalent configuration in UCL format, for use with 718.Fl u : 719.Bd -literal 720auth-group { 721 ag0 { 722 chap-mutual = [ 723 { 724 user = "user" 725 secret = "secretsecret" 726 mutual-user = "mutualuser" 727 mutual-secret = "mutualsecret" 728 }, 729 { 730 user = "user2" 731 secret = "secret2secret2" 732 mutual-user = "mutualuser" 733 mutual-secret = "mutualsecret" 734 } 735 ] 736 } 737 738 ag1 { 739 auth-type = none 740 initiator-name = [ 741 "iqn.2012-06.com.example:initiatorhost1", 742 "iqn.2012-06.com.example:initiatorhost2" 743 ] 744 initiator-portal = [192.168.1.1/24, "[2001:db8::de:ef]"] 745 } 746} 747 748portal-group { 749 pg0 { 750 discovery-auth-group = no-authentication 751 listen = [ 752 0.0.0.0:3260, 753 "[::]:3260", 754 "[fe80::be:ef]:3261" 755 ] 756 } 757} 758 759lun { 760 example_1 { 761 path = /dev/zvol/tank/example_1 762 options { 763 naa = "0x50015178f369f093" 764 } 765 } 766} 767 768target { 769 "iqn.2012-06.com.example:target0" { 770 alias = "Example target" 771 auth-group = no-authentication 772 lun = { 773 0 { 774 path = /dev/zvol/tank/example_0 775 blocksize = 4096 776 size = 4GB 777 } 778 } 779 } 780 781 "iqn.2012-06.com.example:target1" { 782 auth-group = ag0 783 portal-group = pg0 784 lun { 785 0 = example_1 786 1 { 787 path = /dev/zvol/tank/example_2 788 options { 789 vendor = "FreeBSD" 790 } 791 } 792 } 793 } 794 795 naa.50015178f369f092 { 796 port = isp0 797 lun { 798 0 = example_1 799 } 800 } 801} 802 803controller { 804 "nqn.2012-06.com.example:controller1" { 805 auth-group = no-authentication 806 namespace = { 807 1 = example_1, 808 2 { 809 backend = ramdisk 810 size = 1G 811 options { 812 capacity = 1G 813 } 814 } 815 } 816 } 817} 818.Ed 819.Sh SEE ALSO 820.Xr ctl 4 , 821.Xr ctladm 8 , 822.Xr ctld 8 , 823.Xr zfs 8 824.Sh AUTHORS 825The 826.Nm 827configuration file functionality for 828.Xr ctld 8 829was developed by 830.An Edward Tomasz Napierala Aq Mt trasz@FreeBSD.org 831under sponsorship from the FreeBSD Foundation. 832