Zoning For Fibre Channel SANs.
Storage networking behind the server is being forged with proven technology from Wide Area Networks (WANs) and Local Area Networks (LANs) in front of the server. Although the focus of LAN and WAN topologies differ, some features have universal appeal to customers and have been incorporated by both. SNMP management, for example, is a prerequisite for enterprise-level local and wide area products, including routers, ATM switches, Ethernet hubs, and Ethernet switches.
One very useful feature that has emerged with switching technology in the WAN and LAN is the ability to create Virtual Private Networks (VPNs) and Virtual Local Area Networks (VLANs). Virtual Private Networks and Virtual LANs allow network resources like routers and switches to be shared by a number of workgroups or departments, while insuring that each department's traffic is isolated from the others. Since the logical grouping of users in a VLAN is accomplished by the switch hardware, creating subsets of users does not require the transport overhead associated with IP routing or the cost and complexity of firewalls.
Vixel's 7000 series switches leverage VLAN technology for Storage Area Networks via a technique called Zoning. Zoning in Fibre Channel environments enables the creation of virtual private storage networks.
How Zoning Works
Zoning is typically implemented on a per-port basis, although more complex versions allow Zoning on MAC or network address. In a port-based Zoning scheme, individual ports are assigned to one or more groups. Ports that are members of a group or zone can communicate with each other, but are isolated from ports in other zones. Since a switch may support many devices on a single port (via Arbitrated Loop), it is possible to build large populations of devices within a single zone. In addition, switches can be cascaded together to extend a zone to multiple switched segments.
Benefits Of Zoning In Storage Networks
Among the many benefits for storage administrators, Zoning enables:
* Accommodation of heterogeneous platforms on a single switch resource.
* Sharing common resources by different functional groups or departments.
* Security barriers between applications, operating systems, or work groups.
* Reducing total cost of ownership.
Zoning facilitates implementation of heterogeneous networks. By defining specific ports as a zone, the devices participating in the zone are unaware of devices on other switch ports. This isolation insures, for example, that an NT server could not inadvertently access a disk array belonging to a Sun Solaris server. This maximizes switch resources for disparate application platforms and insures data integrity on each system.
In some configurations, it may be useful to create additional zones, specifically to share a common resource. In mixed platform environments, Zoning allows NT and Unix systems to have exclusive access to their respective storage arrays and share a tape backup subsystem on the same switch. Since both environments have highspeed access to a common resource, the storage manager can avoid duplicating both switch and tape backup hardware.
Defining a group of devices into a common zone provides an inherent security for different workgroups or applications. It may be desirable, for example, to zone a development workgroup or sensitive application from other users on the fabric. Application testing or proprietary data could, thus, be secured from disruption or access. Enforcing exclusive access within a zone prevents inadvertent data corruption and fulfills security policies that otherwise would require a more expensive solution.
Reducing Total Cost Of Ownership
In addition to heterogeneous configurations and departmental segmentation, Zoning is a useful technique for amortizing the cost of a switch between several workgroups. An engineering department may require switch bandwidth for moving large image files, while human resources may want to transport employee records with embedded photos and scanned documents. Although neither department needs to access common data, both could use a single switch resource to fulfill their application requirements. Zoning reduces the total cost of ownership by allowing multiple departments, workgroups, or intranets to share the fabric investment while each enjoys the benefit of a high performance storage network.
As the first vendor to offer zoning as a standard feature in a switch product, Vixel has attempted to simplify zone creation and administration. The 7000 series Fibre Channel switches, for example, provide hardware-based zoning on a port by port basis. Any port may be associated with other switch ports to create a zone and any port may participate in multiple zones. Zone configuration is accomplished with SNMP management via SAN InSite graphical interface. By providing an intuitive graphical configuration screen, SAN InSite eliminates the tedium of Telnet or console commands and provides the user with a snapshot of all zones. In the configuration screen for Zoning, explicit permissions are defined for each port. Once a zone is defined, ports within the zone are isolated from other switch ports.
Port level Zoning does not require software changes or middleware to be run on the end nodes because the switch itself is managing zone definitions. The end nodes attach as usual and are unaware that the switch is assigning them to a particular zone. This removes a substantial burden in terms of time and cost from administration.
Hardware-based Zoning is also more secure than other implementations. Since the switch's routing engine controls the separation of zones, a user cannot circumvent a zone by attempting to attach to a resource directly via software or manual configuration.
This hardware-based implementation requires no external server, software licensing administration, or additional cost. By incorporating Zoning functionality in every switch, storage managers have greater flexibility in allocating fabric resources and they can maximize their investment in storage network infrastructure.
Zoning is an efficient means to implement heterogeneous platforms, maximize common resources, implement security policies, and amortize storage network investment. Most implementations of Zoning don't require additional cost or administration overhead and provide greater flexibility for implementing intricate fabric configurations. Leveraging the proven technology of local and wide area networking, creating virtual private storage networks will give storage managers additional tools for resolving today's pressing storage issues.
Tom Clark is the director of technical marketing at Vixel Corporation (Bothell, WA). Clark is the author of "Designing Storage Area Networks" (September 1999, Addison Wesley Longman).
|Printer friendly Cite/link Email Feedback|
|Title Annotation:||Technology Information|
|Publication:||Computer Technology Review|
|Date:||Mar 1, 2000|
|Previous Article:||Maximizing Data Throughput.|
|Next Article:||Ask THE SCSI EXPERT.|