Cisco SN 5428-2 User Manual

CHA PTER

Before Configuring SN 5428-2 Storage Router Software

The Cisco SN 5428-2 Storage Router installation and configuration tasks consist of the following:

• Install the SN 5428-2 Storage Router according to the Cisco SN 5428-2 Storage Router Hardware

Installation Guide.

• Select how the SN 5428-2 will be deployed: SCSI routing, transparent SCSI routing, or FCIP.

• Configure the SN 5428-2 Storage Router software according to the Cisco SN 5428-2 Storage Router

Software Configuration Guide (this manual).

• Install and configure iSCSI drivers in IP hosts connected to the storage router. The iSCSI driver is

not required for FCIP deployment, or in IP hosts that have a TCP/IP Offload Engine (TOE) with embedded iSCSI protocol installed.

This chapter is the starting point for SN 5428-2 Storage Router software configuration. It provides some very basic, abbreviated information as background to help you understand the SN 5428-2 Storage Router features and the software configuration process. It contains the following topics:

• SN 5428-2 Storage Router Overview, page 1-2

• SCSI Routing Overview, page 1-4

OL-4691-01

• Transparent SCSI Routing Overview, page 1-10

• FCIP Overview, page 1-15

• Mixed Mode Overview, page 1-18

• VLAN Access Overview, page 1-20

• Zoning Overview, page 1-21

• Fibre Channel Interface Overview, page 1-23

• Gigabit Ethernet Interface Overview, page 1-23

• Authentication Overview, page 1-24

• SN 5428-2 Cluster Management Overview, page 1-25

• Interface Naming, page 1-25

• Where to Go Next, page 1-26

Cisco SN 5428-2 Storage Router Software Configuration Guide

1-1

SN 5428-2 Storage Router Overview

The Cisco SN 5428-2 Storage Router provides universal access to storage over IP networks. The storage router software controls the operation of the Cisco SN 5428-2 Storage Router. You can configure the software to provide the following types of access to storage over IP networks:

• SCSI routing only

• Transparent SCSI routing only

• FCIP only

• SCSI routing and FCIP

• Transparent SCSI routing and FCIP

SCSI routing provides IP hosts with access to Fibre Channel (FC) storage devices, using iSCSI protocol. The iSCSI protocol is an IETF-defined protocol for IP storage (ips).

Note For more information about the iSCSI protocol, refer to the IETF standards for IP storage at

http://www.ietf.org.

Chapter 1 Before Configuring SN 5428-2 Storage Router Software

With SCSI routing, storage device access is managed primarily in the SN 5428-2. (See Figure 1-1.)

Figure 1-1 SCSI Routing

IP hosts

Cisco SN 5428-2

Storage access is managed

in the SN 5428-2.

FC storage devices

85720

Transparent SCSI routing provides IP hosts with transparent access to intelligent storage arrays using iSCSI protocol; that is, each IP host is presented as an FC host to an intelligent storage array. With transparent SCSI routing, availability of storage devices is managed primarily in the intelligent storage array. (See Figure 1-2.)

Figure 1-2 Transparent SCSI Routing

IP hosts

Cisco SN 5428-2

Intelligent storage

array

1-2

The SN 5428-2

presents each IP host

as an FC host to the

storage array.

Cisco SN 5428-2 Storage Router Software Configuration Guide

Storage access is

managed in the

storage array.

85721

OL-4691-01

Chapter 1 Before Configuring SN 5428-2 Storage Router Software

Fibre Channel over IP (FCIP) enables SN 5428-2 Storage Routers to provide connectivity by tunneling through an IP network between storage area networks (SANs). (See Figure 1-3.)

Figure 1-3 FCIP

SN 5428-2 Storage Router Overview

FC hosts and

storage devices

SAN

SN 5428-2 SN 5428-2

The SN 5428-2s connect

SANs by tunneling though

the IP network

FC hosts and

storage devices

SAN

91658

In addition to providing services for accessing storage over IP networks, the SN 5428-2 Storage Router software provides the following services:

• VLAN Access Control—provides IP access control to storage based on a VLAN identifier (VID)

number (in addition to access control through access lists)

• Authentication—provides iSCSI, Enable and Login authentication using AAA authentication

methods

• High Availability (HA)—provides the ability to group storage routers in a cluster for intelligent

failover and other cluster-related functions (for SCSI routing only)

• E_Port with FC Fabric Zoning—provides the ability to connect FC ports to FC switches and

participate in fabric zoning, manage zoning, and support zone mergers

• SNMP/MIB support—provides network management of the SN 5428-2 through SNMP using

selected MIBs

• Gigabit Ethernet Interface features—provides the ability to assign a management IP address per

Gigabit Ethernet interface, multiple IP addresses per SCSI routing instance, and an optional secondary Gigabit Ethernet interface per IP address used for SCSI routing or SN 5428-2 management. When the SN 5428-2 is deployed for FCIP, provides primary and optional secondary Gigabit Ethernet interfaces to the FCIP peer.

OL-4691-01

• FCIP data compression—enables the SN 5428-2 to dynamically compress FCIP data traffic for

better channel bandwidth utilization

• Buffer credit extension—enables the SN 5428-2 to donate buffer credits from a donor port to

selected FC ports

• Secure Sockets Layer (SSL) support—provides HTTPS connection for secure access through the

web-based GUI

• Secure Shell (SSH) protocol version 2 support—provides high encryption and authentication for

interactive management sessions, and is a common replacement for Telnet

• Routing Information Protocol (RIP) listening support—allows the SN 5428-2 to learn dynamic

routing using RIP (version 1 or version 2) listening

• Service Location Protocol (SLP) support—provides the ability to advertise targets of specified SCSI

routing instances to initiators or servers that use SLP

• Internet Storage Name Service (iSNS) support—provides the ability to register iSCSI targets with

an iSNS server, allowing iSCSI initiators to dynamically discover available storage targets

Cisco SN 5428-2 Storage Router Software Configuration Guide

1-3

SCSI Routing Overview

• LUN Trespass feature—provides a LUN failover feature for selected storage arrays that operate on

the active/passive port model. When enabled, the trespass feature provides a redundant path from the storage router to the storage array by allowing the storage router to detect a path failure to a storage array port and perform the necessary operations to fail LUNs over to the other port on the storage array without using any multi-path software.

• TCP Window Tuning—provides the ability to maximize bandwidth across the network by

automatically setting the local TCP receive window size to the remote TCP receive window size without user intervention

• A command-line interface (CLI) and a web-based GUI—provides user interfaces for configuration

and maintenance of an SN 5428-2

SCSI Routing Overview

SCSI routing provides IP hosts with access to FC storage devices as if the storage devices were directly attached to the hosts, with access to devices being managed primarily in the SN 5428-2 Storage Router. An iSCSI target is an arbitrary name for a group of physical storage devices. The iSCSI targets are created and mapped to physical storage devices attached to the SN 5428-2. The storage router presents the iSCSI targets to IP hosts as if the physical storage devices were directly attached to the hosts. (See

Figure 1-4.) With SCSI routing, storage devices are not aware of each IP host; the storage devices are

aware of the SN 5428-2 and respond to it as if it were one FC host.

Chapter 1 Before Configuring SN 5428-2 Storage Router Software

Figure 1-4 SCSI Routing Overview

IP hosts

Cisco SN 5428-2

An IP host accesses a storage

device as if it were directly

attached to the storage device.

FC storage

85722

To configure an SN 5428-2 Storage Router for SCSI routing, you should have a basic understanding of the following concepts:

• Routing SCSI Requests and Responses, page 1-5

• Basic Network Structure, page 1-6

• SCSI Routing Mapping and Access Control, page 1-6

• Available Instances of SCSI Routing, page 1-9

Note Along with FC storage, FC host connections and FC switch connections are allowed; however, most of

the illustrations in this manual show only storage connections for the purpose of describing the SN 5428-2 Storage Router features.

1-4

Cisco SN 5428-2 Storage Router Software Configuration Guide

OL-4691-01

Chapter 1 Before Configuring SN 5428-2 Storage Router Software

Routing SCSI Requests and Responses

SCSI routing consists of routing SCSI requests and responses between hosts in an IP network and FC storage. (See Figure 1-5.)

Figure 1-5 Routing SCSI Requests and Responses for SCSI Routing

SCSI Routing Overview

IP hosts

Cisco SN 5428-2

SCSI requests and responses

FC storage

85723

Each host that requires IP access to storage via an SN 5428-2 Storage Router needs to have a compatible iSCSI driver installed. Using the iSCSI protocol, the iSCSI driver allows an IP host to transport SCSI requests and responses over an IP network. From the perspective of a host operating system, the iSCSI drive appears to be a locally attached SCSI or Fibre Channel drive to the host.

SCSI routing consists of the following main actions (See Figure 1-6):

• Transporting SCSI requests and responses over an IP network between the hosts and the SN 5428-2

Storage Router

• Routing SCSI requests and responses between hosts on an IP network and FC storage

• Transporting SCSI requests and responses between the SN 5428-2 Storage Router and FC storage

Figure 1-6 SCSI Routing Actions

OL-4691-01

IP hosts

Transporting SCSI requests and responses over an IP network

Cisco SN 5428-2

Routing SCSI requests

and responses

Transporting SCSI

requests and responses

between an SN 5428-2

FC storage

and storage

Cisco SN 5428-2 Storage Router Software Configuration Guide

85724

1-5

SCSI Routing Overview

Basic Network Structure

Figure 1-7 shows the basic structure of a SCSI routing network. IP hosts with iSCSI drivers access the

storage routers through an IP network connected to the Gigabit Ethernet interface of each storage router. The storage routers access storage devices connected to the Fibre Channel interfaces of each storage router. A management station manages the storage routers through an IP network connected to the management interface of each storage router. For high availability (HA) operation, the storage routers communicate with each other over two networks: the HA network connected to the HA interface of each storage router and the management network connected to the management interface of each storage router.

Figure 1-7 SCSI Routing Basic Network Structure

Chapter 1 Before Configuring SN 5428-2 Storage Router Software

Cisco SN 5428-2

Contains SN 5428-2

software

IP host

Contains iSCSI driver

Management

Cisco SN 5428-2

SCSI Routing Mapping and Access Control

SCSI routing occurs in the SN 5428-2 Storage Router through the mapping of physical storage devices to iSCSI targets. An iSCSI target is an arbitrary name for a group of physical storage devices. You can map an iSCSI target to multiple physical devices. An iSCSI target always contains at least one Logical Unit Number (LUN). Each LUN on an iSCSI target is mapped to a single LUN on a physical storage target.

You can choose either of two types of storage mapping: target-and-LUN mapping or target-only mapping. Target-and-LUN mapping maps an iSCSI target and LUN combination to a physical storage target and LUN combination. Target-only mapping maps an iSCSI target to a physical storage target and its LUNs.

With target-and-LUN mapping, an iSCSI target name and iSCSI LUN number are specified and mapped to the physical storage address of one LUN; either a WWPN + LUN (World Wide Port Name + LUN) combination, a LUN ID (unique LUN identifier), or a LUN serial number.

FC storage

Management

station

85725

1-6

Cisco SN 5428-2 Storage Router Software Configuration Guide

OL-4691-01

Chapter 1 Before Configuring SN 5428-2 Storage Router Software

If the LUN is available, it is made available as an iSCSI LUN and numbered with the iSCSI LUN number specified. For example, if an iSCSI target and iSCSI LUN specified as Database, LUN 9 were mapped to the physical storage address, WWPN 3100112233445566, LUN 12, then LUN 12 would be available as one iSCSI LUN. An iSCSI driver would see the iSCSI target named Database, with one iSCSI LUN identified as LUN 9. The iSCSI LUN would appear as one storage device to a host. (See Table 1-1.)

Table 1-1 Target-and-LUN Mapping Example

SCSI Routing Overview

Apparent to Host as Local Disk

Local Disk (D:) Database LUN 9 WWPN

iSCSI Target Name

iSCSI LUN Available

Physical Storage Address

Physical LUN Available

LUN 12

3100112233445566

Apparent as one locally attached storage device.

Database appears as one controller with one LUN available.

iSCSI LUN is numbered as specified and can be different than the

Specifies the storage address of a storage controller.

The LUN number is specified as the only LUN to be mapped.

physical LUN number.

With target-only mapping, an iSCSI target name is specified and mapped to the physical storage address of a storage controller only; a WWPN. Any LUNs that are available in the storage controller are made available as iSCSI LUNs and are numbered the same as the LUNs in the storage controller. For example, if an iSCSI target specified as Webserver2000 were mapped to the physical storage address WWPN 3100112233445577, and LUNs 0 through 2 were available in that controller, those LUNs would become available as three iSCSI LUNs. An iSCSI driver would see the iSCSI target named Webserver2000 as a controller with three iSCSI LUNs identified as LUN 0, LUN 1, and LUN 2. Each iSCSI LUN would appear as a separate storage device to a host. (See Tabl e 1-2 .)

Table 1-2 Target-only Mapping Example

OL-4691-01

Apparent to Host as Local Disk

iSCSI Target Name

iSCSI LUNs Available

Physical Storage Address

Local Disk (D:) Webserver2000 LUN 0 WWPN

3100112233445577

Local Disk (E:) Webserver2000 LUN 1 WWPN

3100112233445577

Local Disk (F:) Webserver2000 LUN 2 WWPN

3100112233445577

Apparent as three locally attached storage devices.

Webs er ve r2 00 0 appears as one controller with LUNs 0, 1, and

iSCSI LUNs are numbered the same as physical LUNs.

Specifies the storage address of a storage controller.

2 available.

Cisco SN 5428-2 Storage Router Software Configuration Guide

Physical LUNs Available

LUN 0

LUN 1

LUN 2

LUNs 0, 1, and 2 are available for mapping.

1-7

SCSI Routing Overview

Chapter 1 Before Configuring SN 5428-2 Storage Router Software

Access for SCSI routing is controlled in the IP hosts and the storage router. In an IP host, the iSCSI driver is configured with the Gigabit Ethernet IP address of the SCSI routing instance in the storage router with which the host is to transport SCSI requests and responses. In a storage router, access is controlled through an access list and a VLAN identifier (VID) number of the hosts. Additionally, access can be further controlled in the SN 5428-2 through authentication. See the “Authentication Overview” section

on page 1-24 for more information about authentication.

An access list enables access to storage devices attached to the SN 5428-2 according to any combination of host IP address(es), CHAP user name(s), or iSCSI name(s). An access list contains these combinations of hosts allowed to access the storage devices. Host VID enables access to storage devices according to the VID of each host. See the “VLAN Access Overview” section on page 1-20 for more information about VLAN access.

For each iSCSI target, you can associate one access list allowing read/write access, and one access list allowing read-only access. See Chapter 6, “Configuring SCSI Routing,” for more information about read/write and read-only access.

You can use a combination of access lists and VIDs to configure access in the SN 5428-2; that is, you can specify that certain hosts according to IP address in a VLAN can access storage devices attached to the SN 5428-2.

Once the access is configured in the hosts and the SN 5428-2, and once the storage mapping is configured in the SN 5428-2, the SN 5428-2 routes SCSI requests and responses between hosts and the mapped storage devices.

Figure 1-8 represents the concept of storage mapping and access control for SCSI routing. In the figure,

the SN 5428-2 Storage Router provides three IP hosts with IP access to disk drives across four disk controllers. The SN 5428-2 contains two SCSI routing instances: one configured with IP address

10.1.2.3 for the Gigabit Ethernet interface and the other with IP address 10.1.2.4. The iSCSI drivers in each IP host are configured to access those SCSI routing instances by their IP addresses through the Gigabit Ethernet interface. An access list in the storage router or VID (or both) specifies that hosts A, B, and C are allowed to access the mapped storage devices. From the perspective of a host, each disk drive mapped to it appears as a locally attached disk drive. Table 1-3 shows the correlation between an access list and/or VID, the Gigabit Ethernet IP addresses of the SCSI routing instances, and the storage device mapping.

Note The purpose of Figure 1-8 and Table 1-3 is only to illustrate the concept of storage mapping and access

control. The IP addresses will vary according to each site. Similarly, the type of storage addressing (for example, LUN ID, WWPN + LUN or LUN serial number) will vary according to the types of storage and the types of storage addressing preferred at each site. In addition, the figure and the table exclude any additional SN 5428-2 Storage Routers that could be configured for high availability.

1-8

Cisco SN 5428-2 Storage Router Software Configuration Guide

OL-4691-01

Chapter 1 Before Configuring SN 5428-2 Storage Router Software

Figure 1-8 SCSI Routing Storage Mapping and Access Control Concept

SCSI Routing Overview

IP host A

IP host B

Controller 1

IP host C

Storage

accessible by

IP host A

Table 1-3 SCSI Routing Storage Mapping and Access Control Concept

Cisco SN 5428-2

with IP addresses

10.1.2.3 and 10.1.2.4

123

Controller 2

123

Storage

accessible by

IP host C

Controller 4

123

Controller 3

Storage

accessible by

IP host B

85726

Hosts Allowed Access via SN 5428-2 Access List and/or VID

Storage Devices Apparent to Host as Locally Attached Devices

Via GbE IP Addresses of SCSI Routing Instances

Mapped To Controller

Host A Local Disk (D:) 10.1.2.3 1 1

Local Disk (E:) 10.1.2.3 1 2

Local Disk (F:) 10.1.2.3 1 3

Local Disk (G:) 10.1.2.3 2 1

Local Disk (H:) 10.1.2.3 2 2

Local Disk (I:) 10.1.2.3 2 3

Host B Local Disk (D:) 10.1.2.3 3 1

Local Disk (E:) 10.1.2.3 3 2

Host C Local Disk (D:) 10.1.2.4 4 1

Local Disk (E:) 10.1.2.4 4 2

Local Disk (F:) 10.1.2.4 4 3

Local Disk (G:) 10.1.2.4 3 3

Mapped To Drive

Available Instances of SCSI Routing

You can configure an SN 5428-2 Storage Router with up to 12 instances of SCSI routing services. Each instance needs to be configured with the following:

• One or more unique IP addresses assigned to either one or both Gigabit Ethernet interfaces

• Mapping between iSCSI target names and physical storage addresses

• Access control

When an SN 5428-2 is part of a cluster, an instance of SCSI routing can run on only one storage router in a cluster at any given time. See the “SN 5428-2 Cluster Management Overview” section on page 1-25 for more information about storage router clusters.

OL-4691-01

Cisco SN 5428-2 Storage Router Software Configuration Guide

1-9

+ 19 hidden pages

Cisco SN 5428-2 User Manual

Specifications and Main Features

Frequently Asked Questions

User Manual

SN 5428-2 Storage Router Overview

SCSI Routing Overview

Routing SCSI Requests and Responses

Basic Network Structure

SCSI Routing Mapping and Access Control

Available Instances of SCSI Routing