Storage Area Networks

Module-3
IP SAN,FCIP and NAS

Jagadish N
Assistant Professor

Department of ISE Acharya Institute of Technology

Department of ISE Acharya Institute of Technology

2
 SAN Deployment Models
3
1. Fibre Channel (FC) SAN
2. IP SAN
• FibreChannel SAN: Fibre Channel protocol for the transport of data,
commands, and status information between servers and storage devices.
• IP SAN: uses IP-based protocols for communication

Department of ISE Acharya Institute of Technology

3
 Fibre Channel (FC) SAN
4
• Fibre-channel is a high-speed network technology that runs on
i. high-speed optical-fiber cable
ii. serial copper cable.
• Optical-fiber cable is preferred for front-end SAN connectivity.
• Serial copper cable is preferred for back-end disk connectivity.
Advantages:
1. Developed to increase speeds of data-transmission b/w servers &
storage devices.
2. Credit-based flow control mechanism delivers data as fast as the
destination buffer is able to receive it, without dropping frames.
3. Very little transmission overhead.
4. Highly scalable: A single FC network can accommodate approximately 15
million devices.Department of ISE Acharya Institute of Technology

4
 Components of SAN
5
A SAN consists of 5 basic components:
i. Node-ports
ii. Cabling
iii. Interconnecting-devices (FC-switches or hubs)
iv. Storage-arrays
v. Management-software

Department of ISE Acharya Institute of Technology

5
 Node-Ports
6
• Refers to devices such as host, storage and tape libraries.
• Node is a source or destination of information.
• Node has ports to provide a physical-interface for communicating with other
nodes.
• Ports are integral components of an HBA and the storage front-end controllers.
• Port operates in full-duplex mode:
i. transmit (Tx) link
ii. receive (Rx) link.

Department of ISE Acharya Institute of Technology

6
 Cabling
7
• Optical-cable and copper-wire is used.
• Optical-fiber is used for long distances.
• Copper is used for shorter distances.
• Copper provides a better SNR for distances up to 30 meters.
• Optical-cable carry data in the form of light.
• Two types of optical-cables:
i. Multi-mode
ii. Single-mode.

Department of ISE Acharya Institute of Technology

7
 Multi-Mode Fiber (MMF)
8 carries multiple beams of light projected at different angles simultaneously
• Cable
onto the core of the cable.
• Based on the bandwidth, classified as:
i. OM1 (62.5μm)
ii. OM2 (50μm)
iii. laser optimized OM3 (50μm)
Advantage:
• Used within data centers for shorter distances.
Disadvantages:
1. Modal-Dispersion:
 Multiple light beams traveling inside the cable tend to disperse and collide.
This collision weakens the signal strength.
2. Attenuation
 An MMF cable is typically used for short distances. This is because of signal
degradation (attenuation)
Department of ISE
due Acharya
to modal-dispersion.
Institute of Technology

8
 Single-Mode Fiber (SMF)
9
• The cable carries a single ray of light projected at the center of the core .
• The cables are available in diameters of 7–11 microns. The most common size is 9
microns.
Advantages:
1. The small core and the single light wave limits modal-dispersion.
2. Provides minimum signal attenuation over maximum distance (up to 10 km).
3. Used for longer distances. The distance depends on
i. power of the laser at the transmitter
ii. sensitivity of the receiver.

Department of ISE Acharya Institute of Technology

9
 Connector
10
• A connector is attached at the end of a cable
• enable swift connection and disconnection of the cable to and from a port.
• Three commonly used connectors:
1. Standard Connector (SC)
 used for data-transmission speeds up to 1 Gbps.
2. Lucent Connector (LC)
 used for data-transmission speeds up to 4 Gbps.
3. Straight Tip (ST)
 An ST is used with Fibre patch panels

Department of ISE Acharya Institute of Technology

10
 Interconnect-Devices
11
• hubs, switches, and directors
Hub:
• Hub is used as interconnect-device in FC-AL implementations.
• It is used to connect nodes in a star-topology.
• All the nodes must share the bandwidth because data travels through all the
connection-points.
Switch:
• Switch is more intelligent than hub.
• It is used to directly route data from one physical-port to another
Advantage:
i. Low cost
ii. High performance
iii. Each node has a dedicated path. This results in bandwidth aggregation.
Department of ISE Acharya Institute of Technology

11
 Interconnect-Devices
12
• Switches are available with a fixed port count or modular design.
• In a modular switch, port count is increased by installing additional port cards to
open slots.
Director:
• Director is high-end switch with higher port count and better fault tolerance
capabilities.
• It is larger than switch.
• It is deployed for data center implementations.
• In modular director, port count is increased by installing additional line cards to
the director’s chassis
• High-end directors and switches contain redundant components to provide high
availability.
• Both directors and switches have management-ports for connectivity to
management-servers.
Department of ISE Acharya Institute of Technology

12
Interconnect-Devices
13

Department of ISE Acharya Institute of Technology

13
 Storage-Arrays
14
• The purpose of a SAN is to provide host-access to storage-resources.
• Modern storage-arrays are used for storage-consolidation and
centralization.
• Storage-array provides
i. high availability and redundancy
ii. improved performance
iii. business continuity
iv. multiple host connectivity

Department of ISE Acharya Institute of Technology

14
 Management-Software
15
• Manages the interfaces between
1. Hosts
2. Interconnect-devices
3. Storage-arrays
• It provides a view of the SAN environment.
• It enables management of various resources from one central console.
• It provides key functions such as
i. mapping of storage-devices, switches, and servers
ii. monitoring and generating alerts for discovered devices
iii. logical partitioning of the SAN called zoning.

Department of ISE Acharya Institute of Technology

15
 iSCSI MODULE-3 IP SAN AND FCoE
16
• iSCSI is an IP-based protocol that establishes and manages connections
between storage, hosts, and bridging devices over IP.
• iSCSI carries block-level data over IP-based networks, including Ethernet
networks and the Internet.
• iSCSI is built on the SCSI protocol by encapsulating SCSI commands and
data in order to allow these encapsulated commands and data blocks to
be transported using TCP/IP packets.

Department of ISE Acharya Institute of Technology

16
iSCSI
17

Department of ISE Acharya Institute of Technology

17
 Components of iSCSI
18
• Host (initiators), targets, and an IP-based network are the principal
iSCSI components.
• The simplest iSCSI implementation does not require any FC components.
• If an iSCSI-capable storage array is deployed, a host itself can act as an
iSCSI initiator, and directly communicate with the storage over an IP
network.
• in complex implementations that use an existing FC array for iSCSI
connectivity, iSCSI gateways or routers are used to connect the existing FC
SAN.
• devices perform protocol translation from IP packets to FC packets and
vice-versa, thereby bridging connectivity between the IP and FC
environments.
Department of ISE Acharya Institute of Technology

18
 iSCSI Protocol Stack
19
• ISCSI

Department of ISE Acharya Institute of Technology

19
 iSCSI Host Connectivity
20
• iSCSI host connectivity requires a hardware component, such as a NIC
with a software component (iSCSI initiator) or an iSCSI HBA.
• to use the iSCSI protocol, a software initiator or a translator must be
installed to route the SCSI commands to the TCP/IP stack.
• Connectivity options: A standard NIC, a TCP/IP offload engine (TOE) NIC
card, and iSCSI HBA

Department of ISE Acharya Institute of Technology

20
 iSCSI Host Connectivity
21
Standard NIC:
• simplest and least expensive connectivity option
• easy to implement because most servers come with at least one
• It requires only a software initiator for iSCSI functionality.
• NIC provides no external processing power
• host CPU has to perform all the TCP/IP and iSCSI processing.

Department of ISE Acharya Institute of Technology

21
 iSCSI Host Connectivity
22
TCP/IP offload engine (TOE) NIC card:
• in heavy I/O load situations, the host CPU may become a bottleneck in
standard NIC.
• TOE NIC help to solve this
• offloads the TCP management functions from the host and leaves iSCSI
functionality to the host processor.
• host passes the iSCSI information to the TOE card and the TOE card sends
the information to the destination using TCP/IP
• iSCSI functionality is still handled by a software initiator, requiring host
CPU cycles.

Department of ISE Acharya Institute of Technology

22
 iSCSI Host Connectivity
23
iSCSI HBA:
• capable of providing performance benefits, as it offloads the entire iSCSI
and TCP/IP protocol stack from the host processor.
• simplest way for implementing a boot from SAN environment via iSCSI.
• If there is no iSCSI HBA, modifications have to be made to the basic OS
• NIC needs to obtain an IP address before the operating system loads
• The functionality of an iSCSI HBA is very similar to the functionality of an
FC HBA

Department of ISE Acharya Institute of Technology

23
 Topologies for iSCSI Connectivity
24
• Categorized into two classes
1. Native topologies:
 do not have any FC components; they perform all communication over IP.
 The initiators may be either directly attached to targets or connected
using standard IP routers and switches
2. Bridged topologies:
 enable the co-existence of FC with IP by providing iSCSI-to-FC bridging
functionality.
 Ex: the initiators can exist in an IP environment while the storage
remains in an FC SAN

Department of ISE Acharya Institute of Technology

24
 Native iSCSI Connectivity
25
• FC components are not needed for iSCSI connectivity in the native
topology
• Once a client/ initiator is configured with the appropriate target
information, it connects to the array and requests a list of available LUNs.
• A single array port can service multiple hosts or initiators as long as the
array can handle the amount of storage traffic that the hosts generate.
• Many arrays provide more than one interface so that they can be
configured in a highly available design or have multiple targets configured
on the initiator.

Department of ISE Acharya Institute of Technology

25
 Native iSCSI Connectivity

Department of ISE Acharya Institute of Technology

1
Bridged iSCSI Connectivity
27

Department of ISE Acharya Institute of Technology

27
 Bridged iSCSI Connectivity
28
• A bridged iSCSI implementation includes FC components in its
configuration.
• The array does not have any native iSCSI capabilities—i.e., it does not have
any Ethernet ports.
• an external device-a bridge, router, gateway, or a multi-protocol router,
must be used to bridge the communication from the IP network to the FC
SAN.
• These devices can be a stand-alone unit, or in many cases are integrated
with an existing FC switch.
• bridge device has Ethernet ports connected to the IP network, and FC
ports connected to the storage.

Department of ISE Acharya Institute of Technology

28
 Bridged iSCSI Connectivity
29
• These ports are assigned IP addresses, similar to the ports on an iSCSI-
enabled array.
• The iSCSI initiator/host is configured with the bridge’s IP address as its
target destination.
• The bridge is also configured with an FC initiator or multiple initiators.
• These are called virtual initiators because there is no physical device, such
as an HBA, to generate the initiator record

Department of ISE Acharya Institute of Technology

29
Bridged iSCSI Connectivity
30

Department of ISE Acharya Institute of Technology

30
Combining FC and Native iSCSI Connectivity

Department of ISE Acharya Institute of Technology

1
 iSCSI Protocol Stack
32
• The architecture of iSCSI is based on the client/server model.
SCSI:
• SCSI is the command protocol that works at the application layer of the
OSI model.
• The initiators and targets use SCSI commands and responses to talk to
each other.
• descriptor blocks, data, and status messages are encapsulated into TCP/IP
and transmitted across the network between initiators and targets.

Department of ISE Acharya Institute of Technology

32
 iSCSI Protocol Stack
33
iSCSI:
• iSCSI is the session-layer protocol that initiates a reliable session between
a device that recognizes SCSI commands and TCP/IP.
• iSCSI session-layer interface is responsible for handling login,
authentication, target discovery, and session management.
• TCP is used with iSCSI at the transport layer to provide reliable service.
TCP:
• TCP is used to control message flow, windowing, error recovery, and
retransmission.
• It relies upon the network layer of the OSI model to provide global
addressing and connectivity.
• The layer-2 protocols at the data link layer enable node-to-node
communication for each hop through a separate physical network.
Department of ISE Acharya Institute of Technology

33
 iSCSI Discovery
34
• An initiator must discover the location of the target on a network, and the
names of the targets available to it before it can establish a session.
1. SendTargets discovery
2. internet Storage Name Service (iSNS).

SendTargets discovery:
• the initiator is manually configured with the target’s network portal,
which it uses to establish a discovery session with the iSCSI service on the
target.
• The initiator issues the SendTargets command, and the target responds
with the names and addresses of the targets available to the host.

Department of ISE Acharya Institute of Technology

34
 iSCSI Discovery
35
iSNS(internet Storage Name Service):
• enables the automatic discovery of iSCSI devices on an IP network.
• The initiators and targets can be configured to automatically register
themselves with the iSNS server.
• Whenever an initiator wants to know the targets that it can access, it can
query the iSNS server for a list of available targets.

Department of ISE Acharya Institute of Technology

35
iSCSI Discovery
36

Department of ISE Acharya Institute of Technology

36
 iSCSI Names
37
• A unique worldwide iSCSI identifiers used to name the initiators and
targets within an iSCSI network to facilitate communication.
• Can be combination of department, application, manufacturer name,
serial number, asset number, or any tag that can be used to recognize and
manage a storage resource.
• There are two types of iSCSI names:
1. iSCSI Qualified Name (IQN):
2. Extended Unique Identifier (EUI):

Department of ISE Acharya Institute of Technology

37
 iSCSI Qualified Name (IQN):
38
• An organization must own a registered domain name in order to generate
iSCSI Qualified Names.
• It just needs to be reserved to prevent other organizations from using the
same domain name to generate iSCSI names.
• A date is included in the name to avoid potential conflicts caused by
transfer of domain names
• Ex: iqn.2008-02.com.example:optional_string
• The optional_string provides a serial number, an asset number, or any of
the storage device identifiers.

Department of ISE Acharya Institute of Technology

38
 Extended Unique Identifier (EUI)
39
• An EUI is a globally unique identifier based on the IEEE EUI-64 naming
standard
• An EUI comprises the eui prefix followed by a 16-character hexadecimal
name
• Ex: eui.0300732A32598D26.
• The 16-character part of the name includes 24 bits for the company name
assigned by IEEE and 40 bits for a unique ID, such as a serial number.
• iSCSI name is simply eui followed by the hexadecimal WWN.

Department of ISE Acharya Institute of Technology

39
 iSCSI Names
T
• Names

Department of ISE Acharya Institute of Technology

40
 iSCSI Names
T
• The allowed special characters are dots, dashes, and blank spaces.
• The iSCSI Qualified Name enables storage administrators to assign
meaningful names to storage devices, and therefore manage those devices
more easily.
• Network Address Authority (NAA) is an additional iSCSI node name type
to enable worldwide naming format as defined by the Inter National
Committee for Information Technology Standards (INCITS) T11 - Fibre
Channel (FC) protocols and used by Serial Attached SCSI (SAS).
• SCSI storage devices containing both iSCSI ports and SAS ports to use the
same NAA-based SCSI device name.

Department of ISE Acharya Institute of Technology

41
 iSCSI Session
T
• An iSCSI session is established between an initiator and a target.
• A session ID (SSID), which includes an initiator ID (ISID) and a target ID
(TSID), identifies a session.
• The session can be intended for one of the following:
1. Discovery of available targets to the initiator and the location of a specific
target on a network
2. Normal operation of iSCSI (transferring data between initiators and
targets)
• TCP connections may be added and removed within a session.
• Each iSCSI connection within the session has a unique connection ID
(CID).

Department of ISE Acharya Institute of Technology

42
 iSCSI PDU
T
• iSCSI initiators and targets communicate using iSCSI Protocol Data Units
(PDUs).
• All iSCSI PDUs contain one or more header segments followed by zero or
more data segments.
• The PDU is then encapsulated into an IP packet to facilitate the transport.

Department of ISE Acharya Institute of Technology

43
 iSCSI PDU
T
• The IP header provides packet-routing information that is used to move
the packet across a network.
• The TCP header contains the information needed to guarantee the
packet’s delivery to the target.
• The iSCSI header describes how to extract SCSI commands and data for
the target.
• iSCSI adds an optional CRC, known as the digest, beyond the TCP
checksum and Ethernet CRC to ensure datagram integrity.
• The header and the data digests are used in the PDU to validate integrity,
data placement, and correct operation.

Department of ISE Acharya Institute of Technology

44
 Ordering and Numbering
T
• iSCSI communication between initiators and targets is based on the
request –response command sequences.
• command sequence may generate multiple PDUs.
• command sequence number (CmdSN) within an iSCSI session is used to
number all initiator-to-target command PDUs belonging to the session.
• Command sequencing begins with the first login command and the
CmdSN is incremented by one for each subsequent command.
• The iSCSI target layer is responsible for delivering the commands to the
SCSI layer in the order of their CmdSN.

Department of ISE Acharya Institute of Technology

45
 Ordering and Numbering
T
• Status sequence number (StatSN) is used to sequentially number status
responses
• Unique numbers are established at the level of the TCP connection.
• A target sends the request-to-transfer (R2T) PDUs to the initiator when it
is ready to accept data.
• Data sequence number (DataSN) is used to ensure in-order delivery of
data within the same command.
• Each of these sequence numbers is stored locally as an unsigned 32-bit
integer counter defined by iSCSI.
• These numbers are communicated between the initiator and target in the
appropriate iSCSI PDU fields during command, status, and data exchanges.

Department of ISE Acharya Institute of Technology

46
Ordering and Numbering
T

Department of ISE Acharya Institute of Technology

47
 FCIP(Fibre Channel over IP)
T
• Organizations are now looking for new ways to transport data throughout
the enterprise, locally over the SAN as well as over longer distances
• Interconnect geographically dispersed SANs through reliable, high-speed
links
• This approach involves transporting FC block data over the existing IP
infrastructure used throughout the enterprise.
• FCIP is blend of : FC block-data storage and widely deployed IP
infrastructure.
• FCIP is a tunneling protocol that enables distributed FC SAN islands to be
transparently interconnected over existing IP-based local, metropolitan,
and wide-area networks.
Department of ISE Acharya Institute of Technology

48
 FCIP(Fibre Channel over IP)
T
• FCIP uses TCP/IP as its underlying protocol.
• FC frames are encapsulated to the IP payload
• FCIP does not manipulate FC frames
• SAN islands are connected using FCIP, each interconnection is called an
FCIP link.
• FCIP link between two SAN islands results in a fully merged FC fabric.

Department of ISE Acharya Institute of Technology

49
FCIP Topology
T

Department of ISE Acharya Institute of Technology

50
 FCIP Performance and Security
T
• Performance, reliability, and security should always be taken into
consideration when implementing storage solutions.
Performance:
• Multiple paths to multiple FCIP gateways from different switches in the
layer 2 fabric eliminates single points of failure and provides increased
bandwidth.
• In a scenario of extended distance, the IP network may be a bottleneck if
sufficient bandwidth is not available.
• FCIP creates a unified fabric, disruption in the underlying IP network can
cause instabilities in the SAN environment.

Department of ISE Acharya Institute of Technology

51
 FCIP Performance and Security
T
• The vendors of FC switches have implemented features to provide
additional stability, such as the capability to segregate FCIP traffic into a
separate virtual fabric.
Security:
• data is transmitted over public IP channels.
• Various security options are available to protect the data based on the
router’s support.
• IPSec is one such security measure that can be implemented in the FCIP
environment.

Department of ISE Acharya Institute of Technology

52
 Network-Attached Storage(NAS)
T
• NAS is an IP-based file-sharing device attached to a local area network.
• NAS provides the advantages of server consolidation by eliminating the
need for multiple file servers.
• storage consolidation through file-level data access and sharing.
• NAS is a preferred storage solution that enables clients to share files
quickly and directly with minimum storage management overhead.
• NAS uses network and file-sharing protocols to perform filing and storage
functions.
• protocols include TCP/IP for data transfer and CIFS and NFS for remote
file service.
• NAS enables both UNIX and Microsoft Windows users to share the same
data seamlessly.
Department of ISE Acharya Institute of Technology

53
 Network-Attached Storage(NAS)
T
• NAS device is a dedicated, high-performance, high-speed, single-purpose
file serving and storage system.
• NAS serves a mix of clients and servers over an IP network.
• NAS device uses its own operating system and integrated hardware,
software components to meet specific file service needs.
• operating system is optimized for file I/O

Department of ISE Acharya Institute of Technology

54
 Network-Attached Storage(NAS)
T
• General purpose Server over NAS device

Department of ISE Acharya Institute of Technology

55
 Benefits of NAS
T
• Supports comprehensive access to information
• Improved efficiency
• Improved flexibility
• Centralized storage
• Simplified management
• Scalability
• High availability
• Security

Department of ISE Acharya Institute of Technology

56
 Components of NAS
T
• NAS head (CPU and Memory)
• One or more network interface cards (NICs), which provide connectivity
to the network and FDDI(Fiber Distributed Data Interface).
• An optimized operating system for managing NAS functionality
• NFS and CIFS protocols for file sharing
• Industry-standard storage protocols to connect and manage physical disk
resources, such as ATA, SCSI, or FC

Department of ISE Acharya Institute of Technology

57
Components of NAS
T

Department of ISE Acharya Institute of Technology

58
 NAS I/O Operation
T
• NAS provides file-level data access to its clients. File I/O is a high-level
request that specifies the file to be accessed.
• The NAS operating system keeps track of the location of files on the disk
volume and converts client file I/O into block-level I/O to retrieve data.
1. The requestor packages an I/O request into TCP/IP and forwards it through the
network stack. The NAS device receives this request from the network.
2. The NAS device converts the I/O request into an appropriate physical storage
request which is a block-level I/O, and then performs the operation on the
physical storage.
3. When the NAS device receives data from the storage, it processes and repackages
the data into an appropriate file protocol response.
4. The NAS device packages this response into TCP/IP again and forwards it to the
client through the network.
Department of ISE Acharya Institute of Technology

59
NAS I/O Operation
T

Department of ISE Acharya Institute of Technology

60
 NAS File Sharing Protocols
T
• NAS devices support multiple file-service protocols to handle file I/O
requests
1. Network File System (NFS)
2. Common Internet File System (CIFS)
• NAS devices enable users to share file data across different operating
environments
• It provides a means for users to migrate transparently from one operating
system to another

Department of ISE Acharya Institute of Technology

61
 Network File System (NFS)
T
• NFS is a client-server protocol for file sharing that is commonly used on
UNIX systems.
• NFS was originally based on the connectionless (UDP).
• It uses Remote Procedure Call (RPC) as a method of inter-process
communication between two computers.
 Searching files and directories
 Opening, reading, writing to, and closing a file
 Changing file attributes
 Modifying file links and directories
• NFS creates a connection between the client and the remote system to
transfer data.
• NFSv3 and earlier is a stateless protocol
Department of ISE Acharya Institute of Technology

62
 Network File System (NFS)
T
• Each call provides a full set of arguments - a file handle, a particular
position to read or write, and the versions of NFS - to access files on the
server .
• NFS version 2 (NFSv2): Uses UDP to provide a stateless network
connection between a client and a server. Features, such as locking, are
handled outside the protocol.
• NFS version 3 (NFSv3): Uses UDP or TCP, and is based on the stateless
protocol design. 64-bit file size, asynchronous writes, and additional file
attributes to reduce refetching.
• NFS version 4 (NFSv4): Uses TCP and is based on a stateful protocol. It
offers enhanced security. session model, parallel NFS (pNFS), and data
retention.
Department of ISE Acharya Institute of Technology

63
 Common Internet File System (CIFS)
T
• CIFS is a client-server application stateful protocol
• It enables clients to access files and services on remote computers over
TCP/IP.
• It is a variation of Server Message Block (SMB) protocol.
• It provides following features to ensure data integrity:
1. It uses file and record locking to prevent users from overwriting
2. It supports fault tolerance and can automatically restore connections and
reopen files that were open prior to an interruption.
3. User disruption is minimized if the application has the embedded
intelligence to restore the connection.
• Users refer to remote file systems with an easy-to-use file-naming
• Eg: \\server\share or \\servername.domain.suffix\share
Department of ISE Acharya Institute of Technology

64
 Department of ISE Acharya Institute of Technology

1
T

Department of ISE Acharya Institute of Technology

66
 Department of ISE Acharya Institute of Technology