From nobody Mon Mar 14 19:36:50 2022
X-Original-To: freebsd-fs@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 67A5B1A18807
	for <freebsd-fs@mlmmj.nyi.freebsd.org>; Mon, 14 Mar 2022 19:37:01 +0000 (UTC)
	(envelope-from mikej@paymentallianceintl.com)
Received: from us-smtp-delivery-197.mimecast.com (us-smtp-delivery-197.mimecast.com [170.10.133.197])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(Client CN "*.mimecast.com", Issuer "DigiCert TLS RSA SHA256 2020 CA1" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4KHRcr5PY0z3FP0
	for <freebsd-fs@freebsd.org>; Mon, 14 Mar 2022 19:37:00 +0000 (UTC)
	(envelope-from mikej@paymentallianceintl.com)
Received: from MAIL-HUB.pai.local (175.158.26.216.gopai.com
 [216.26.158.175]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id
 us-mta-64-0SvAzxddM0WCkzEBAv9Lbw-1; Mon, 14 Mar 2022 15:36:51 -0400
X-MC-Unique: 0SvAzxddM0WCkzEBAv9Lbw-1
Received: from MAIL-HUB.pai.local (10.10.0.250) by MAIL-HUB.pai.local
 (10.10.0.250) with Microsoft SMTP Server (TLS) id 15.0.1497.28; Mon, 14 Mar
 2022 15:36:50 -0400
Received: from MAIL-HUB.pai.local ([fe80::a02e:93c2:c16a:6af8]) by
 MAIL-HUB.pai.local ([fe80::a02e:93c2:c16a:6af8%15]) with mapi id
 15.00.1497.028; Mon, 14 Mar 2022 15:36:50 -0400
From: Michael Jung <mikej@paymentallianceintl.com>
To: mike tancsa <mike@sentex.net>, freebsd-fs <freebsd-fs@freebsd.org>
Subject: RE: ctl.conf / iscsi docs and best practices
Thread-Topic: ctl.conf / iscsi docs and best practices
Thread-Index: AQHYN9UFjKE2dPgbAkG80ppi0/Mx+Ky/O0bQgABHBAD//73z8A==
Date: Mon, 14 Mar 2022 19:36:50 +0000
Message-ID: <a98f7ed4ccdb473f9bd349860789d88b@MAIL-HUB.pai.local>
References: <108defea-700e-d1e0-e210-d32a8af5e8f0@sentex.net>
 <76fdc117f673476189d3fd7a2424c76e@MAIL-HUB.pai.local>
 <126d56d2-1b1e-6717-4b9c-5dd7bae9985e@sentex.net>
In-Reply-To: <126d56d2-1b1e-6717-4b9c-5dd7bae9985e@sentex.net>
Accept-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.250.0.59]
x-c2processedorg: 474f336e-f930-49ec-9717-e3226b5b6e6e
List-Id: Filesystems <freebsd-fs.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-fs
List-Help: <mailto:freebsd-fs+help@freebsd.org>
List-Post: <mailto:freebsd-fs@freebsd.org>
List-Subscribe: <mailto:freebsd-fs+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-fs+unsubscribe@freebsd.org>
Sender: owner-freebsd-fs@freebsd.org
MIME-Version: 1.0
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: paymentallianceintl.com
Content-Type: multipart/alternative;
	boundary="MCBoundary=_12203141536530841"
X-Rspamd-Queue-Id: 4KHRcr5PY0z3FP0
X-Spamd-Bar: ---
Authentication-Results: mx1.freebsd.org;
	dkim=none;
	dmarc=pass (policy=none) header.from=paymentallianceintl.com;
	spf=pass (mx1.freebsd.org: domain of mikej@paymentallianceintl.com designates 170.10.133.197 as permitted sender) smtp.mailfrom=mikej@paymentallianceintl.com
X-Spamd-Result: default: False [-3.77 / 15.00];
	 ARC_NA(0.00)[];
	 NEURAL_HAM_MEDIUM(-0.98)[-0.978];
	 HAS_XOIP(0.00)[];
	 FROM_HAS_DN(0.00)[];
	 R_SPF_ALLOW(-0.20)[+ip4:170.10.133.0/24];
	 NEURAL_HAM_LONG(-1.00)[-1.000];
	 MIME_GOOD(-0.10)[multipart/alternative,text/plain];
	 RCVD_COUNT_THREE(0.00)[4];
	 TO_MATCH_ENVRCPT_SOME(0.00)[];
	 TO_DN_ALL(0.00)[];
	 RWL_MAILSPIKE_EXCELLENT(0.00)[170.10.133.197:from];
	 MIME_BASE64_TEXT(0.10)[];
	 RCPT_COUNT_TWO(0.00)[2];
	 NEURAL_HAM_SHORT(-1.00)[-0.996];
	 DMARC_POLICY_ALLOW(-0.50)[paymentallianceintl.com,none];
	 MLMMJ_DEST(0.00)[freebsd-fs];
	 FROM_EQ_ENVFROM(0.00)[];
	 R_DKIM_NA(0.00)[];
	 MIME_TRACE(0.00)[0:+,1:+,2:~];
	 ASN(0.00)[asn:30031, ipnet:170.10.132.0/23, country:US];
	 RCVD_TLS_LAST(0.00)[];
	 RCVD_IN_DNSWL_LOW(-0.10)[170.10.133.197:from]
X-ThisMailContainsUnwantedMimeParts: N

--MCBoundary=_12203141536530841
Content-Language: en-US
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: base64

DQpJTkxJTkUNCi0tLS0tT3JpZ2luYWwgTWVzc2FnZS0tLS0tDQpGcm9tOiBtaWtlIHRhbmNzYSBb
bWFpbHRvOm1pa2VAc2VudGV4Lm5ldF0NClNlbnQ6IE1vbmRheSwgTWFyY2ggMTQsIDIwMjIgMzox
MyBQTQ0KVG86IE1pY2hhZWwgSnVuZyA8bWlrZWpAcGF5bWVudGFsbGlhbmNlaW50bC5jb20+OyBm
cmVlYnNkLWZzIDxmcmVlYnNkLWZzQGZyZWVic2Qub3JnPg0KU3ViamVjdDogUmU6IGN0bC5jb25m
IC8gaXNjc2kgZG9jcyBhbmQgYmVzdCBwcmFjdGljZXMNCg0KT24gMy8xNC8yMDIyIDM6MDAgUE0s
IE1pY2hhZWwgSnVuZyB3cm90ZToNCj4gSSBqdXN0IHN0YXJ0ZWQgd29ya2luZyB3aXRoIHRoZSB0
YXJnZXQgYWdhaW4gYWJvdXQgYSB3ZWVrIGFnbywgaGVyZSBpcw0KPiBteSBzZXR1cC4NCj4NCj4g
Rm9yIHR3byByZW1vdGUgaW5pdGlhdG9ycyB0byBjb25uZWN0IHRvIHRoZSBzYW1lIHRhcmdldCB5
b3UgbmVlZA0KPiBvcHRpb24gImhhIHNoYXJlZCIgIm9uIg0KPg0KPiBNYXliZSB0aGlzIGhlbHBz
IHlvdSBhIGxpdHRsZS4NCj4NCkl0IGRvZXMsIHRoYW5rIHlvdSEhICBDb3VwbGUgb2YgcXVlc3Rp
b25zIGJlbG93Lg0KDQoNCj4gYXV0aC1ncm91cCAiYWcwIiB7DQo+IGluaXRpYXRvci1uYW1lICJp
cW4uMTk5OC0wMS5jb20udm13YXJlOmh2MS0zOTcyZWFmMyINCj4gaW5pdGlhdG9yLW5hbWUgImlx
bi4xOTk4LTAxLmNvbS52bXdhcmU6ZXN4aTIubWlrZWoubG9jYWw6OTgwNjEzMzQ1OjY0Ig0KPiBp
bml0aWF0b3ItbmFtZSAiaXFuLjE5OTgtMDEuY29tLnZtd2FyZTplc3hpMy5taWtlai5sb2NhbC46
MTgwNTY5MDAxMTo2NCINCj4gaW5pdGlhdG9yLXBvcnRhbCAiMTkyLjE2OC42LjgiDQo+IGluaXRp
YXRvci1wb3J0YWwgIjE5Mi4xNjguNi4xNCINCj4gaW5pdGlhdG9yLXBvcnRhbCAiMTkyLjE2OC42
LjUiDQo+IGF1dGgtdHlwZSAibm9uZSINCj4gfQ0KPg0KDQpGb3IgdGhlIGFib3ZlIGF1dGggZ3Jv
dXAsIGZvciB0aGUgcG9ydGFsIElQcyBJIGd1ZXNzIHRoaXMgbWVhbnMgdGhvc2UgdXNlcnMgYXJl
IG9ubHkgYWxsb3dlZCB0byBjb25uZWN0IGZyb20gdGhvc2UgSVAgYWRkcmVzc2VzIGJ1dCB5b3Ug
Y2FudCByZXN0cmljdCBhIHVzZXIgdG8gYSBzcGVjaWZpYyBJUCA/DQoNCj4+PkFzIGZhciBhcyB3
aGF0IEkgaGF2ZSBkb25lIGluIHRoZSBwYXN0IHdpdGggb3RoZXIgdGFyZ2V0cywgd2hhdCBJIHRo
aW5rIEZyZWVCU0QncyB0YXJnZXQgaXMNCj4+PmVhc2lseSBjYXBhYmxlIG9mIHdvdWxkIGJlIHRv
IHVzZSBDSEFQIGF1dGhlbnRpY2F0aW9uIHRvIHJlc3RyaWN0IGluaXRpYXRvcnMuICBUaGlzIGlz
IG15DQo+Pj5ob21lIGxhYiBzbyBJIGRpZG4ndCBib3RoZXIgd2l0aCBpdCwgc3BpbiB1cCB0cnVl
bmFzIGFuZCBzZXR1cCB1cCBjaGFwIGFuZCBsb29rIGF0ID4+Pi9ldGMvY3RsLmNvbmYNCj4+PmFu
ZCB0aGF0IHdpbGwgZ2V0IHlvdSBzdGFydGVkLiAgWW91IGNhbiB0aGVuIGxpbWl0IGJ5IElQL0NI
QVAgc2VjcmV0LCBJUCBvbmx5LCBDSEFQIHNlY3JldCBvbmx5Li4uDQoNCj4NCj4gb3B0aW9uICJu
YWEiICIweDY1ODljZmMwMDAwMDA3OWU4YTBkMjIzZTkzNTQ0MGFiIg0KPg0KdGhlIG5hYSBpcyBq
dXN0IGEgdW5pcSBpZGVudGlmaWVyID8gV2hvIC8gd2hhdCBtYWtlcyB1c2Ugb2YgdGhhdCA/IEEg
cXVpY2sgZ29vZ2xlIHNheXMgaXRzIGp1c3QgdXNlZCB0byBpZGVudGlmeSB0aGUgc2VyaWFsICMu
IFdoeSAvIHdoZW4gd291bGQgSSB3YW50IHRvIGRvIHRoYXQgPw0KDQo+Pj5VbmlxdWUgSWRlbnRp
ZmllciAtIFRvIHRoZSBiZXN0IG9mIG15IGtub3dsZWRnZSB0aGF04oCZcyBhbGwgaXQgaXMgLSBJ
J20gbm90IGFuIGV4cGVydCBoZXJlLg0KDQpJbiB0aGUgdHdvIHRhcmdldHMgYmVsb3csIHdoeSB1
c2UgbHVuICIwIiBhbmQgd2h5IGx1biAiMSIgaW4gdGhlIHNlY29uZCB0YXJnZXQgPyBGcm9tIHRo
ZSBjb25maWcgSSBnZW5lcmF0ZWQgZnJvbSBUcnVlTkFTLCBpdCBrZXB0IHRoZSBsdW4gYXMgIjAi
IGZvciBlYWNoIHRhcmdldC4gSnVzdCBjb252ZW50aW9uID8NCg0KPj4+IEkgdXNlIHR3byBkaWZm
ZXJlbnQgTFVOUyBiZWNhdXNlIExVTiAwIGlzIHNoYXJlZCBiZXR3ZWVuIG15IHRocmVlIGVzeGkg
aG9zdHMsIGFuZCB0aGV5DQo+Pj4ga25vdyBob3cgdG8gcGxheSBuaWNlbHkgb24gYSBzaGFyZWQg
TFVOLg0KPj4+IFVuaXRyZW5kcywgd2hpY2ggaXMgYSBiYWNrdXAgc29sdXRpb24gd291bGQgd2lw
ZSBvdXQgZXZlcnl0aGluZyBvbiBMVU4gMCBpZiBJIGxldCBpdA0KPj4+IGhhdmUgYWNjZXNzIHRv
IGl0LiAgU28sIEkgaGF2ZSB0d28gWkZTIHBvb2xzIHNldHMgYXMgdm9sbW9kZT1kZXYsIHRoZW4g
SSBzaGFyZSB0aGVtIGFzIHR3byBkaWZmZXJlbnQgTFVOUy4NCj4+PiAtLW1pa2VqDQoNClRoYW5r
cyBhZ2FpbiENCg0KICAgICAtLS1NaWtlDQoNCg0KPg0KPg0KPiB0YXJnZXQgImlxbi4yMDA1LTEw
Lm9yZy5taWtlai5jdGw6ZXN4aS1zdG9yZTEiIHsgYXV0aC1ncm91cCAiYWcwIg0KPiBwb3J0YWwt
Z3JvdXAgInBnMCINCj4gYWxpYXMgImVzeGktc3RvcmUxIg0KPiBsdW4gIjAiICJlc3hpLXN0b3Jl
MSINCj4gfQ0KPg0KPiB0YXJnZXQgImlxbi4xOTk0LTA1LmNvbS51bml0cmVuZHM6NjBlMmYxZDE1
ZTU3IiB7IGF1dGgtZ3JvdXAgImFnMSINCj4gcG9ydGFsLWdyb3VwICJwZzAiDQo+IGFsaWFzICJ1
bml0cmVuczExIg0KPiBsdW4gIjEiICJ1bml0cmVuZHMxIg0KPiB9DQo+DQoNCg0KDQoNCkNPTkZJ
REVOVElBTElUWSBOT1RFOiBUaGlzIG1lc3NhZ2UgaXMgaW50ZW5kZWQgb25seSBmb3IgdGhlIHVz
ZQ0Kb2YgdGhlIGluZGl2aWR1YWwgb3IgZW50aXR5IHRvIHdob20gaXQgaXMgYWRkcmVzc2VkIGFu
ZCBtYXkNCmNvbnRhaW4gaW5mb3JtYXRpb24gdGhhdCBpcyBwcml2aWxlZ2VkLCBjb25maWRlbnRp
YWwsIGFuZA0KZXhlbXB0IGZyb20gZGlzY2xvc3VyZSB1bmRlciBhcHBsaWNhYmxlIGxhdy4gSWYg
dGhlIHJlYWRlcg0Kb2YgdGhpcyBtZXNzYWdlIGlzIG5vdCB0aGUgaW50ZW5kZWQgcmVjaXBpZW50
LCB5b3UgYXJlIGhlcmVieQ0Kbm90aWZpZWQgdGhhdCBhbnkgZGlzc2VtaW5hdGlvbiwgZGlzdHJp
YnV0aW9uIG9yIGNvcHlpbmcNCm9mIHRoaXMgY29tbXVuaWNhdGlvbiBpcyBzdHJpY3RseSBwcm9o
aWJpdGVkLiBJZiB5b3UgaGF2ZQ0KcmVjZWl2ZWQgdGhpcyB0cmFuc21pc3Npb24gaW4gZXJyb3Is
IHBsZWFzZSBub3RpZnkgdXMgYnkNCnRlbGVwaG9uZSBhdCAoNTAyKSAyMTItNDAwMCBvciBub3Rp
ZnkgdXMgYXQgUEFJLCBEZXB0LiA5OSwNCjIxMDEgSGlnaCBXaWNraGFtIFBsYWNlLCBTdWl0ZSAx
MDEsIExvdWlzdmlsbGUsIEtZIDQwMjQ1DQoNCkRpc2NsYWltZXINCg0KVGhlIGluZm9ybWF0aW9u
IGNvbnRhaW5lZCBpbiB0aGlzIGNvbW11bmljYXRpb24gZnJvbSB0aGUgc2VuZGVyIGlzIGNvbmZp
ZGVudGlhbC4gSXQgaXMgaW50ZW5kZWQgc29sZWx5IGZvciB1c2UgYnkgdGhlIHJlY2lwaWVudCBh
bmQgb3RoZXJzIGF1dGhvcml6ZWQgdG8gcmVjZWl2ZSBpdC4gSWYgeW91IGFyZSBub3QgdGhlIHJl
Y2lwaWVudCwgeW91IGFyZSBoZXJlYnkgbm90aWZpZWQgdGhhdCBhbnkgZGlzY2xvc3VyZSwgY29w
eWluZywgZGlzdHJpYnV0aW9uIG9yIHRha2luZyBhY3Rpb24gaW4gcmVsYXRpb24gb2YgdGhlIGNv
bnRlbnRzIG9mIHRoaXMgaW5mb3JtYXRpb24gaXMgc3RyaWN0bHkgcHJvaGliaXRlZCBhbmQgbWF5
IGJlIHVubGF3ZnVsLg0KDQpUaGlzIGVtYWlsIGhhcyBiZWVuIHNjYW5uZWQgZm9yIHZpcnVzZXMg
YW5kIG1hbHdhcmUsIGFuZCBtYXkgaGF2ZSBiZWVuIGF1dG9tYXRpY2FsbHkgYXJjaGl2ZWQgYnkg
TWltZWNhc3QsIGEgbGVhZGVyIGluIGVtYWlsIHNlY3VyaXR5IGFuZCBjeWJlciByZXNpbGllbmNl
LiBNaW1lY2FzdCBpbnRlZ3JhdGVzIGVtYWlsIGRlZmVuc2VzIHdpdGggYnJhbmQgcHJvdGVjdGlv
biwgc2VjdXJpdHkgYXdhcmVuZXNzIHRyYWluaW5nLCB3ZWIgc2VjdXJpdHksIGNvbXBsaWFuY2Ug
YW5kIG90aGVyIGVzc2VudGlhbCBjYXBhYmlsaXRpZXMuIE1pbWVjYXN0IGhlbHBzIHByb3RlY3Qg
bGFyZ2UgYW5kIHNtYWxsIG9yZ2FuaXphdGlvbnMgZnJvbSBtYWxpY2lvdXMgYWN0aXZpdHksIGh1
bWFuIGVycm9yIGFuZCB0ZWNobm9sb2d5IGZhaWx1cmU7IGFuZCB0byBsZWFkIHRoZSBtb3ZlbWVu
dCB0b3dhcmQgYnVpbGRpbmcgYSBtb3JlIHJlc2lsaWVudCB3b3JsZC4gVG8gZmluZCBvdXQgbW9y
ZSwgdmlzaXQgb3VyIHdlYnNpdGUuDQo=
--MCBoundary=_12203141536530841
Content-Transfer-Encoding: quoted-printable
Content-Type: text/html; charset=UTF-8

<html><head><style type=3D"text/css">.style1 {font-family: "Times New Roman=
";}</style></head><body><BR>
INLINE<BR>
-----Original Message-----<BR>
From: mike tancsa [mailto:mike@sentex.net]<BR>
Sent: Monday, March 14, 2022 3:13 PM<BR>
To: Michael Jung &lt;mikej@paymentallianceintl.com&gt;; freebsd-fs &lt;free=
bsd-fs@freebsd.org&gt;<BR>
Subject: Re: ctl.conf / iscsi docs and best practices<BR>
<BR>
On 3/14/2022 3:00 PM, Michael Jung wrote:<BR>
&gt; I just started working with the target again about a week ago, here is=
<BR>
&gt; my setup.<BR>
&gt;<BR>
&gt; For two remote initiators to connect to the same target you need<BR>
&gt; option &quot;ha shared&quot; &quot;on&quot;<BR>
&gt;<BR>
&gt; Maybe this helps you a little.<BR>
&gt;<BR>
It does, thank you!!  Couple of questions below.<BR>
<BR>
<BR>
&gt; auth-group &quot;ag0&quot; {<BR>
&gt; initiator-name &quot;iqn.1998-01.com.vmware:hv1-3972eaf3&quot;<BR>
&gt; initiator-name &quot;iqn.1998-01.com.vmware:esxi2.mikej.local:98061334=
5:64&quot;<BR>
&gt; initiator-name &quot;iqn.1998-01.com.vmware:esxi3.mikej.local.:1805690=
011:64&quot;<BR>
&gt; initiator-portal &quot;192.168.6.8&quot;<BR>
&gt; initiator-portal &quot;192.168.6.14&quot;<BR>
&gt; initiator-portal &quot;192.168.6.5&quot;<BR>
&gt; auth-type &quot;none&quot;<BR>
&gt; }<BR>
&gt;<BR>
<BR>
For the above auth group, for the portal IPs I guess this means those users=
 are only allowed to connect from those IP addresses but you cant restrict =
a user to a specific IP ?<BR>
<BR>
&gt;&gt;&gt;As far as what I have done in the past with other targets, what=
 I think FreeBSD's target is<BR>
&gt;&gt;&gt;easily capable of would be to use CHAP authentication to restri=
ct initiators.  This is my<BR>
&gt;&gt;&gt;home lab so I didn't bother with it, spin up truenas and setup =
up chap and look at &gt;&gt;&gt;/etc/ctl.conf<BR>
&gt;&gt;&gt;and that will get you started.  You can then limit by IP/CHAP s=
ecret, IP only, CHAP secret only...<BR>
<BR>
&gt;<BR>
&gt; option &quot;naa&quot; &quot;0x6589cfc00000079e8a0d223e935440ab&quot;<=
BR>
&gt;<BR>
the naa is just a uniq identifier ? Who / what makes use of that ? A quick =
google says its just used to identify the serial #. Why / when would I want=
 to do that ?<BR>
<BR>
&gt;&gt;&gt;Unique Identifier - To the best of my knowledge that=E2=80=99s =
all it is - I'm not an expert here.<BR>
<BR>
In the two targets below, why use lun &quot;0&quot; and why lun &quot;1&quo=
t; in the second target ? From the config I generated from TrueNAS, it kept=
 the lun as &quot;0&quot; for each target. Just convention ?<BR>
<BR>
&gt;&gt;&gt; I use two different LUNS because LUN 0 is shared between my th=
ree esxi hosts, and they<BR>
&gt;&gt;&gt; know how to play nicely on a shared LUN.<BR>
&gt;&gt;&gt; Unitrends, which is a backup solution would wipe out everythin=
g on LUN 0 if I let it<BR>
&gt;&gt;&gt; have access to it.  So, I have two ZFS pools sets as volmode=
=3Ddev, then I share them as two different LUNS.<BR>
&gt;&gt;&gt; --mikej<BR>
<BR>
Thanks again!<BR>
<BR>
     ---Mike<BR>
<BR>
<BR>
&gt;<BR>
&gt;<BR>
&gt; target &quot;iqn.2005-10.org.mikej.ctl:esxi-store1&quot; { auth-group =
&quot;ag0&quot;<BR>
&gt; portal-group &quot;pg0&quot;<BR>
&gt; alias &quot;esxi-store1&quot;<BR>
&gt; lun &quot;0&quot; &quot;esxi-store1&quot;<BR>
&gt; }<BR>
&gt;<BR>
&gt; target &quot;iqn.1994-05.com.unitrends:60e2f1d15e57&quot; { auth-group=
 &quot;ag1&quot;<BR>
&gt; portal-group &quot;pg0&quot;<BR>
&gt; alias &quot;unitrens11&quot;<BR>
&gt; lun &quot;1&quot; &quot;unitrends1&quot;<BR>
&gt; }<BR>
&gt;<BR>
<BR>
<BR>
<BR>
<BR>
CONFIDENTIALITY NOTE: This message is intended only for the use<BR>
of the individual or entity to whom it is addressed and may<BR>
contain information that is privileged, confidential, and<BR>
exempt from disclosure under applicable law. If the reader<BR>
of this message is not the intended recipient, you are hereby<BR>
notified that any dissemination, distribution or copying<BR>
of this communication is strictly prohibited. If you have<BR>
received this transmission in error, please notify us by<BR>
telephone at (502) 212-4000 or notify us at PAI, Dept. 99,<BR>
2101 High Wickham Place, Suite 101, Louisville, KY 40245<BR>

<br><br><p style=3D"font-family: Verdana; font-size:10pt; color:#666666;"><=
b>Disclaimer</b></p><p style=3D"font-family: Verdana; font-size:8pt; color:=
#666666;">The information contained in this communication from the sender i=
s confidential. It is intended solely for use by the recipient and others a=
uthorized to receive it. If you are not the recipient, you are hereby notif=
ied that any disclosure, copying, distribution or taking action in relation=
 of the contents of this information is strictly prohibited and may be unla=
wful.<br><br>This email has been scanned for viruses and malware, and may h=
ave been automatically archived by Mimecast, a leader in email security and=
 cyber resilience. Mimecast integrates email defenses with brand protection=
, security awareness training, web security, compliance and other essential=
 capabilities. Mimecast helps protect large and small organizations from ma=
licious activity, human error and technology failure; and to lead the movem=
ent toward building a more resilient world. To find out more, visit our web=
site.</p></body></html>

--MCBoundary=_12203141536530841--