Cisco SN 5420 Storage Router Software Configuration Guide, Release 2.1
Chapter 1 - Before Configuring SN 5420 Storage Router Software
Downloads: This chapterpdf (PDF - 393.0KB) The complete bookPDF (PDF - 4.58MB) | Feedback

Before Configuring SN 5420 Storage Router Software

Table Of Contents

Before Configuring SN 5420 Storage Router Software

SN 5420 Storage Router Software Overview

SCSI Routing Overview

SCSI Routing: Using iSCSI Protocol to Route SCSI Requests and Responses

SCSI Routing Basic Network Structure

SCSI Routing Mapping and Access Control

Available Instances of SCSI Routing

Transparent SCSI Routing Overview

Transparent SCSI Routing: Using iSCSI Protocol to Route SCSI Requests and Responses

Transparent SCSI Routing Basic Network Structure

Transparent SCSI Routing Mapping and Access Control

Available Instances of Transparent SCSI Routing

iSCSI SAN Interconnect Overview

iSCSI SAN Interconnect: Using iSCSI Protocol to Route SCSI Requests and Responses

iSCSI SAN Interconnect Basic Network Structure

iSCSI SAN Interconnect Mapping and Access Control

Available Instances of iSCSI SAN Interconnect

VLAN Access Overview

iSCSI Authentication Overview

SN 5420 Cluster Management Overview

Interface Naming

Where to Go Next


Before Configuring SN 5420 Storage Router Software


The Cisco SN 5420 Storage Router installation and configuration tasks consist of the following:

Install the SN 5420 Storage Router according to the Cisco SN 5420 Storage Router Hardware Installation Guide.

Select how the SN 5420 will be deployed: SCSI routing, transparent SCSI routing, or iSCSI SAN interconnect.

Configure the SN 5420 Storage Router software according to the Cisco SN 5420 Storage Router Software Configuration Guide (this document).

Install and configure iSCSI drivers in IP hosts connected to the storage router (for SN 5420s deployed for SCSI routing and transparent SCSI routing only).

This chapter is the starting point for SN 5420 Storage Router software configuration. It provides some very basic, abbreviated information as background to help you understand the SN 5420 Storage Router features and the software configuration process. It contains the following topics:

SN 5420 Storage Router Software Overview

SCSI Routing Overview

Transparent SCSI Routing Overview

iSCSI SAN Interconnect Overview

VLAN Access Overview

iSCSI Authentication Overview

SN 5420 Cluster Management Overview

Interface Naming

Where to Go Next

SN 5420 Storage Router Software Overview

The Cisco SN 5420 Storage Router provides universal access to storage over IP networks. The storage router software controls the operation of the Cisco SN 5420 Storage Router. You can configure the software to provide one of three types of access to storage over IP networks:

SCSI routing

Transparent SCSI routing

iSCSI SAN interconnect

SCSI routing provides IP hosts with access to Fibre Channel (FC) storage devices, using iSCSI protocol.


Note The iSCSI protocol is an IETF-defined protocol for IP storage (ips). For more information about the iSCSI protocol, refer to the IETF standards for IP storage at http://www.ietf.org.


With SCSI routing, storage device access is managed primarily in the SN 5420. (See Figure 1-1.)

Figure 1-1 SCSI Routing

Transparent SCSI routing provides IP hosts with transparent access to intelligent storage arrays using iSCSI protocol; that is, each IP host is presented as an FC host to an intelligent storage array. With transparent SCSI routing, availability of storage devices is managed primarily in the intelligent storage array. (See Figure 1-2.)

Figure 1-2 Transparent SCSI Routing

iSCSI SAN interconnect provides FC hosts with IP access to remote FC storage devices, using iSCSI protocol. With iSCSI SAN interconnect, storage device access is managed primarily in a remote SN 5420 that is deployed for SCSI routing. Storage devices that are made available by a remote SN 5420 are presented to FC hosts as if the storage devices are locally attached FC storage devices. (See Figure 1-3.)

Figure 1-3 iSCSI SAN Interconnect Overview

In addition to providing services for accessing storage over IP networks, the SN 5420 Storage Router software provides the following services:

VLAN Access Control—provides IP access control to storage based on a VLAN identifier (VID) number (in addition to access control through access lists)

Authentication—provides iSCSI authentication using AAA authentication methods

High Availability (HA)—provides the ability to group storage routers in a cluster for failover and other cluster-related functions (for SCSI routing only)

SNMP/MIB support—provides network management of the SN 5420 through SNMP using selected MIBs; includes access through CiscoWorks

A command-line interface (CLI) and a web-based GUI—provides user interfaces for configuration and maintenance of an SN 5420


Note The web-based GUI is not available in SN 5420s deployed for transparent SCSI routing.


SCSI Routing Overview

SCSI routing provides IP hosts with access to FC storage devices as if the storage devices were directly attached to the hosts, with access to devices being managed primarily in the SN 5420 Storage Router. In an SN 5420 deployed for SCSI routing, iSCSI targets (logical targets) are created and mapped to physical storage devices attached to the SN 5420. The storage router presents the iSCSI targets to IP hosts (iSCSI initiators) as if the physical storage devices were directly attached to the hosts. (See Figure 1-4.) With SCSI routing, storage devices are not aware of each IP host; the storage devices are aware of the SN 5420 and respond to it as if it were one FC host.

Figure 1-4 SCSI Routing Overview

To configure an SN 5420 Storage Router that is deployed for SCSI routing, you should have a basic understanding of the following concepts:

SCSI Routing: Using iSCSI Protocol to Route SCSI Requests and Responses

SCSI Routing Basic Network Structure

SCSI Routing Mapping and Access Control

Available Instances of SCSI Routing

SCSI Routing: Using iSCSI Protocol to Route SCSI Requests and Responses

SCSI routing consists of routing SCSI requests and responses between hosts in an IP network and storage devices in an FC network. (See Figure 1-5.)

Figure 1-5 Routing SCSI Requests and Responses for SCSI Routing

Each host that requires IP access to storage via an SN 5420 Storage Router needs to have a compatible iSCSI driver installed. Using the iSCSI protocol, the iSCSI driver allows an IP host to transport SCSI requests and responses over an IP network. From the perspective of a host operating system, the iSCSI driver appears to be a SCSI or Fibre Channel driver for a peripheral channel in the host.

SCSI routing consists of the following main actions (Figure 1-6):

Transporting SCSI requests and responses over an IP network between the hosts and the SN 5420 Storage Router

Routing SCSI requests and responses between hosts on an IP network and storage devices on an FC network

Transporting SCSI requests and responses over an FC network between the SN 5420 Storage Router and physical storage devices

Figure 1-6 SCSI Routing Actions

SCSI Routing Basic Network Structure

Figure 1-7 shows the basic structure of a SCSI routing network. IP hosts with iSCSI drivers access the storage routers through an IP network connected to the Gigabit Ethernet interface of each storage router. The storage routers access storage devices through a storage network connected to the Fibre Channel interface of each storage router. A management station manages the storage routers through an IP network connected to the management interface of each storage router. For high availability (HA) operation, the storage routers communicate with each other over two networks: the HA network connected to the HA interface of each storage router and the management network connected to the management interface of each storage router.

Figure 1-7 SCSI Routing Basic Network Structure

SCSI Routing Mapping and Access Control

SCSI routing occurs in the SN 5420 Storage Router through the mapping of physical storage devices to iSCSI targets. An iSCSI target (also called logical target) is an arbitrary name for a group of physical storage devices. You can map an iSCSI target to multiple physical devices. An iSCSI target always contains at least one Logical Unit Number (LUN). Each LUN on an iSCSI target is mapped to a single LUN on a physical storage target.

You can choose either of two types of storage mapping: target-and-LUN mapping or target-only mapping. Target-and-LUN mapping maps an iSCSI target and LUN combination to a physical storage target and LUN combination. Target-only mapping maps an iSCSI target to a physical storage target and its LUNs.

With target-and-LUN mapping, an iSCSI target name and iSCSI LUN number are specified and mapped to the physical storage address of one LUN; either a Loop ID + LUN (Fibre Channel Loop ID + LUN) combination, a WWPN + LUN (World Wide Port Name + LUN) combination, a LUNWWN (LUN World Wide Name), or a LUN serial number. If the LUN is available, it is made available as an iSCSI LUN and numbered with the iSCSI LUN number specified. For example, if an iSCSI target and iSCSI LUN specified as Database, LUN 9 were mapped to the physical storage address, Loop ID 070, LUN 12, then LUN 12 would be available as one iSCSI LUN. An iSCSI driver would see the iSCSI target named Database, with one iSCSI LUN identified as LUN 9. The iSCSI LUN would appear as one storage device to a host. (See Table 1-1.)

Table 1-1 Target-and-LUN Mapping Example

Apparent to Host as Local Disk
iSCSI Target Name
iSCSI LUN Available
Physical Storage Address
Physical LUN Available

Local Disk (D:)

Database

LUN 9

Loop ID 070

LUN 12

Apparent as one locally attached storage device.

Database appears as one controller with one LUN available.

iSCSI LUN is numbered as specified and can be different than the physical LUN number.

Specifies the storage address of a storage controller.

The LUN number is specified as the only LUN to be mapped.


With target-only mapping, an iSCSI target name is specified and mapped to the physical storage address of a storage controller only; either a Loop ID or WWPN. Any LUNs that are available in the storage controller are made available as iSCSI LUNs and are numbered the same as the LUNs in the storage controller. For example, if an iSCSI target specified as Webserver2000 were mapped to the physical storage address Loop ID 050, and LUNs 0 through 2 were available in that controller, those LUNs would become available as three iSCSI LUNs. An iSCSI driver would see the iSCSI target named Webserver2000 as a controller with three iSCSI LUNs identified as LUN 0, LUN 1, and LUN 2. Each iSCSI LUN would appear as a separate storage device to a host. (See Table 1-2.)

Table 1-2 Target-only Mapping Example

Apparent to Host as Local Disk
iSCSI Target Name
iSCSI LUNs Available
Physical Storage Address
Physical LUNs Available

Local Disk (D:)

Webserver2000

LUN 0

Loop ID 050

LUN 0

Local Disk (E:)

Webserver2000

LUN 1

Loop ID 050

LUN 1

Local Disk (F:)

Webserver2000

LUN 2

Loop ID 050

LUN 2

Apparent as three locally attached storage devices.

Webserver2000 appears as one controller with LUNs 0, 1, and 2 available.

iSCSI LUNs are numbered the same as physical LUNs.

Specifies the storage address of a storage controller.

LUNs 0, 1, and 2 are available for mapping.


Access for SCSI routing is controlled in the IP hosts and the storage router. In an IP host, the Gigabit Ethernet IP address of the SCSI routing instance in the storage router with which the host is to transport SCSI requests and responses is configured in the iSCSI driver. In a storage router, access is controlled through an access list and a VLAN identifier (VID) number of the hosts. Additionally, access can be further controlled in the SN 5420 through authentication. For more information about authentication, see the "iSCSI Authentication Overview" section.

An access list enables access to storage devices attached to the SN 5420 according to host IP addresses. An access list contains IP addresses of hosts allowed to access the storage devices. Host VID enables access to storage devices according to the VID of each host. For more information about VLAN access, see the "VLAN Access Overview" section.

You can use a combination of access lists and VIDs to configure access in the SN 5420; that is, you can specify that certain hosts according to IP address in a VLAN can access storage devices attached to the SN 5420.

Once the access is configured in the hosts and the SN 5420, and once the storage mapping is configured in the SN 5420, the SN 5420 routes SCSI requests and responses between hosts and the mapped storage devices.

Figure 1-8 represents the concept of storage mapping and access control for SCSI routing. In the figure, the SN 5420 Storage Router provides three IP hosts with IP access to disk drives across four disk controllers. The SN 5420 contains two SCSI routing instances: one configured with IP address 10.1.2.3 for the Gigabit Ethernet interface and the other with IP address 10.1.2.4. The iSCSI drivers in each IP host are configured to access those SCSI routing instances by their IP addresses through the Gigabit Ethernet interface. An access list in the storage router or VID (or both) specifies that hosts A, B, and C are allowed to access the mapped storage devices. From the perspective of a host, each disk drive mapped to it appears as a locally attached disk drive. Table 1-3 shows the correlation between an access list and/or VID, the Gigabit Ethernet IP addresses of the SCSI routing instances, and the storage device mapping.


Note The purpose of Figure 1-8 and Table 1-3 is only to illustrate the concept of storage mapping and access control. The IP addresses will vary according to each site. Similarly, the type of storage addressing (for example, LUNWWN, WWPN + LUN, Loop ID + LUN, or LUN serial number) will vary according to the types of storage and the types of storage addressing preferred at each site. In addition, the figure and the table exclude any additional SN 5420 Storage Routers that could be configured for high availability.


Figure 1-8 SCSI Routing Storage Mapping and Access Control Concept

Table 1-3 SCSI Routing Storage Mapping and Access Control Concept

Hosts Allowed Access via SN 5420 Access List and/or VID
Storage Devices Apparent to Host as Locally Attached Devices
Via GbE IP Addresses of SCSI Routing Instances
Mapped To
 
Controller
Drive

Host A

Local Disk (D:)

10.1.2.3

1

1

Local Disk (E:)

10.1.2.3

1

2

Local Disk (F:)

10.1.2.3

1

3

Local Disk (G:)

10.1.2.3

2

1

Local Disk (H:)

10.1.2.3

2

2

Local Disk (I:)

10.1.2.3

2

3

Host B

Local Disk (D:)

10.1.2.3

3

1

Local Disk (E:)

10.1.2.3

3

2

Host C

Local Disk (D:)

10.1.2.4

4

1

Local Disk (E:)

10.1.2.4

4

2

Local Disk (F:)

10.1.2.4

4

3

Local Disk (G:)

10.1.2.4

3

3


Available Instances of SCSI Routing

You can configure an SN 5420 Storage Router with up to 12 instances of SCSI routing services. Each instance needs to be configured with a Gigabit Ethernet IP address, mapping between iSCSI target names and physical storage addresses, and access control.

When an SN 5420 is part of a cluster, an instance of SCSI routing can run on only one storage router in a cluster at any given time. For more information about instances of SCSI routing in a cluster, see the "SN 5420 Cluster Management Overview" section. For more information about configuring an SN 5420 Storage Router, see the appropriate configuration chapters in this document.

Transparent SCSI Routing Overview

Transparent SCSI routing provides IP hosts with access to an intelligent storage array as if the storage array were directly attached to the hosts, with access to the storage devices managed primarily in the storage array. Deployed for transparent SCSI routing, the SN 5420 transparently presents each IP host to the storage array as if each host were an FC host. Typically, transparent SCSI routing is used with an intelligent storage array that is directly connected to the SN 5420 Fibre Channel interface. Managing access to storage devices consists of using configuration tools available with an intelligent storage array (to configure, for example, which hosts are granted access and to configure multiple paths between hosts and storage devices). With transparent SCSI routing, an intelligent storage array can manage each IP host as if it were directly attached to the array as an FC host.

Transparent SCSI routing automatically creates iSCSI targets and maps them to physical targets available in the intelligent storage array. The storage router presents the iSCSI targets to IP hosts (iSCSI initiators) as if the physical targets were directly attached to the hosts. In conjunction with presenting iSCSI targets to hosts, transparent SCSI routing presents each IP host as an FC host to the intelligent storage array. The intelligent storage array is aware of each IP host and responds to each IP host as if it were an FC host connected to the storage array. (See Figure 1-9.) Transparent SCSI routing can present no more than 31 IP hosts as FC hosts to an intelligent storage array.

Figure 1-9 Transparent SCSI Routing Overview

To configure an SN 5420 Storage Router that is deployed for transparent SCSI routing, you should have a basic understanding of the following concepts:

Transparent SCSI Routing: Using iSCSI Protocol to Route SCSI Requests and Responses

Transparent SCSI Routing Basic Network Structure

Transparent SCSI Routing Mapping and Access Control

Available Instances of Transparent SCSI Routing

Transparent SCSI Routing: Using iSCSI Protocol to Route SCSI Requests and Responses

Transparent SCSI routing consists of routing SCSI requests and responses between hosts in an IP network and an intelligent storage array that is directly connected to the SN 5420 Fibre Channel interface. (See Figure 1-10.)

Figure 1-10 Routing SCSI Requests and Responses for Transparent SCSI Routing

Each host that requires IP access to storage via an SN 5420 Storage Router needs to have a compatible iSCSI driver installed. Using the iSCSI protocol, the iSCSI driver allows an IP host to transport SCSI requests and responses over an IP network. From the perspective of a host operating system, the iSCSI driver appears to be a SCSI or Fibre Channel driver for a peripheral channel in the host. From the perspective of the storage array, each IP host appears as an FC host (with one Fibre Channel address for each host).

Transparent SCSI routing consists of the following main actions (Figure 1-11):

Transporting SCSI requests and responses over an IP network between the hosts and the SN 5420 Storage Router

Routing SCSI requests and responses between hosts on an IP network and an intelligent storage array.

Transporting SCSI requests and responses between the SN 5420 Storage Router and an intelligent storage array.

Figure 1-11 Transparent SCSI Routing Actions

Transparent SCSI Routing Basic Network Structure

Figure 1-12 shows the basic structure of a transparent SCSI routing network. IP hosts with iSCSI drivers access the storage routers through an IP network connected to the Gigabit Ethernet interface of each storage router. The storage routers access the intelligent storage array through the Fibre Channel interface of each storage router. A management station manages the storage routers through an IP network connected to the management interface of each storage router. High availability operation for transparent SCSI routing is controlled in the intelligent storage array; therefore, an SN 5420 HA network is not necessary, and the HA interface on the SN 5420 is disabled.

Figure 1-12 Transparent SCSI Routing Basic Network Structure

Transparent SCSI Routing Mapping and Access Control

Transparent SCSI routing occurs in an SN 5420 Storage Router through two types of mapping:

Mapping iSCSI targets to physical targets

Mapping each IP host to a Fibre Channel (FC) address

Mapping iSCSI targets to physical targets makes the physical targets accessible to IP hosts. Mapping each IP host to a FC address allows the host to be presented to a storage array as an FC host with its own FC WWPN.

Mapping iSCSI targets to physical targets consists of creating iSCSI targets that represent physical targets in an intelligent storage array. An iSCSI target is an arbitrary name for a group of physical storage devices. In an SN 5420 deployed for transparent SCSI routing, one iSCSI target is automatically created for each target made available by the intelligent storage array. The iSCSI target name is created automatically using the iSCSI extended unique identifier (EUI) format. The EUI format combines the prefix "eui" with each WWPN made available by the intelligent storage array. For example, if the WWPN of a target in a storage array were 31:00:11:22:33:44:55:66:77, then an iSCSI target would be created in the SN 5420 with the iSCSI target name of eui.310011223344556677.

Transparent SCSI routing maps iSCSI targets to physical targets using target-only mapping. Target-only mapping maps an iSCSI target to a physical storage target and its LUNs. With target-only mapping, an iSCSI target name is automatically created and mapped to the physical storage address (a WWPN) made available by the intelligent storage array. Any LUNs that are available with a physical WWPN in the storage array are available with a corresponding iSCSI target and are numbered the same as the LUNs in the storage array. For example, if an iSCSI target were created for WWPN 31:00:11:22:33:44:55:66:77 in a storage array, and that WWPN contained LUNs 0 through 2, those LUNs would become available to an IP host as LUNs 0 through 2. An iSCSI driver would see the iSCSI target named eui.310011223344556677 as a controller with three iSCSI LUNs identified as LUN 0, LUN 1, and LUN 2. Each iSCSI LUN would appear as a separate storage device to an IP host.

Mapping each IP host to a Fibre Channel address consists of assigning a WWPN to an IP host that is requesting access to storage; the WWPN is used for presenting the IP host as an FC host to a storage array. In an SN 5420 deployed for transparent SCSI routing, the SN 5420 maintains a pool of 31 WWPNs that are assigned to IP hosts requesting access to storage. When an IP host is granted access, a WWPN is assigned to the IP host and the SN 5420 presents the host as an FC host to the storage array. That host continues using that WWPN until it is finished using the storage. Once the host is finished using the storage (logged out), the WWPN becomes available for assignment to other IP hosts requiring access to storage.

See Table 1-4 for an example of transparent SCSI routing mapping.

Table 1-4 Transparent SCSI Routing Mapping Example

WWPN assigned to IP Host
Apparent to IP Host
iSCSI Target Name
LUNs Apparent with iSCSI Target
WWPN of Storage Array Target
Physical LUNs Available

20:01:00:02:3D:00:01:00

Local Disk (E:)

eui.310011223344556677

LUN 0

31:00:11:22:33:44:55:66:77

LUN 0

Local Disk (G:)

eui.310011223344556677

LUN 1

31:00:11:22:33:44:55:66:77

LUN 1

Local Disk (H:)

eui.310011223344556677

LUN 2

31:00:11:22:33:44:55:66:77

LUN 2

Note In this mapping example, the WWPN, 20:01:00:02:3D:00:01:00, is assigned to the IP host. Using that WWPN, the SN 5420 presents the IP host as an FC host to the storage array. Three devices are made available as local storage devices: Local Disk (E:), Local Disk (F:), and Local Disk (G:). (Microsoft Windows devices are used as examples.) The iSCSI target, eui.310011223344556677, has been automatically created and mapped to a WWPN, 31:00:11:22:33:44:55:66:77, that was made available by the storage array. To the IP host, the iSCSI target appears as a controller with LUNs 0, 1, and 2 available. The LUNs are apparent as they are with the WWPN in the storage array.


Access for transparent SCSI routing is controlled in the IP hosts and the intelligent storage array. In an IP host, the Gigabit Ethernet IP address of the SCSI routing instance in the storage router with which the host is to transport SCSI requests and responses is configured in the iSCSI driver. In the intelligent storage array, access is controlled through its storage management tools. Additionally, access can be further controlled in the SN 5420 through authentication. For more information about authentication, see the "iSCSI Authentication Overview" section.

Once the access is configured in the hosts and the intelligent storage array, the SN 5420 transparently routes SCSI requests and responses between hosts and the mapped storage devices.

Figure 1-13 represents the concept of storage mapping and access control for transparent SCSI routing. In the figure, the SN 5420 Storage Router provides three IP hosts with access to disk drives made available by the intelligent storage array. A single SCSI routing instance in the storage router is configured with IP address 10.1.2.3 for the Gigabit Ethernet interface. The iSCSI driver in each IP host is configured to access that SCSI routing instance by its IP address 10.1.2.3 through the Gigabit Ethernet interface on the storage router. From the perspective of an IP host, each disk drive mapped to it appears as a locally attached disk drive. From the perspective of the storage array, each host is connected directly to it, with each host having a WWPN. Table 1-5 shows the correlation between the IP hosts, the Gigabit Ethernet IP address of the SCSI routing instance, storage device mapping, and IP-host-to-FC-address (WWPN) mapping.


Note The purpose of Figure 1-13 and Table 1-5 is only to illustrate the concept of storage mapping, FC address mapping, and access control. The IP addresses and WWPNs will vary according to each site. In addition, the figure and the table exclude any additional SN 5420 Storage Routers that could be configured for multiple paths between hosts and storage devices.


Figure 1-13 Transparent SCSI Routing Storage Mapping and Access Control Concept

Table 1-5 Transparent SCSI Routing Storage Mapping and Access Control Concept

Hosts Allowed Access by Intelligent Storage Array and SN 5420 Authentication
Storage Devices Apparent to Host as Locally Attached Devices
Via GbE IP Address of SCSI Routing Instance
Mapped To Storage
 
WWPN
Drive (LUN)

Host A: apparent to storage array as FC host with WWPN 20:10:00:02:3D:00:01:00

Local Disk (D:)

10.1.2.3

31:00:11:22:33:44:55:66:77

0

Local Disk (E:)

10.1.2.3

31:00:11:22:33:44:55:66:77

1

Local Disk (F:)

10.1.2.3

31:00:11:22:33:44:55:66:77

2

Host B: apparent to storage array as FC host with WWPN 20:10:00:02:3D:00:01:01

Local Disk (D:)

10.1.2.3

31:00:11:22:33:44:55:66:88

0

Local Disk (E:)

10.1.2.3

31:00:11:22:33:44:55:66:88

1

Host C: apparent to storage array as FC host with WWPN 20:10:00:02:3D:00:01:02

Local Disk (D:)

10.1.2.3

31:00:11:22:33:44:55:66:99

0

Local Disk (E:)

10.1.2.3

31:00:11:22:33:44:55:66:99

1

Local Disk (F:)

10.1.2.3

31:00:11:22:33:44:55:66:99

2

Local Disk (G:)

10.1.2.3

31:00:11:22:33:44:55:66:99

3


Available Instances of Transparent SCSI Routing

When an SN 5420 Storage Router is deployed for transparent SCSI routing, it is automatically configured for one instance of transparent SCSI routing service; only that one instance can exist in that SN 5420.

While the instance of transparent SCSI routing needs to be configured with a Gigabit Ethernet IP address, mapping between iSCSI target names and physical storage addresses is automatic and cannot be configured. When an SN 5420 is deployed for transparent SCSI routing, it cannot participate in a storage router cluster. However, multiple SN 5420s can be connected to an intelligent storage array, where it is possible to manage failover and multiple paths. In networks where multiple SN 5420 Storage Routers are connected to an intelligent storage array, each SN 5420 has one (and only one) instance of transparent SCSI routing; the instance is unique to that storage router and cannot fail over to another storage router. For more information about configuring an SN 5420 Storage Router, see the appropriate configuration chapters in this document.

iSCSI SAN Interconnect Overview

iSCSI SAN interconnect provides an FC host with access to storage devices in a remote Fibre Channel SAN via an IP network and iSCSI protocol. With iSCSI SAN interconnect, two SN 5420 Storage Routers are required: a local SN 5420 that is connected to the FC-host SAN and a remote SN 5420 that is connected to another SAN. The storage routers are connected to each other through an IP network. (See Figure 1-14.)

Figure 1-14 iSCSI SAN Interconnect Overview

The local SN 5420 is deployed for iSCSI SAN interconnect, and the remote SN 5420 is deployed for SCSI routing. The local SN 5420 acts on behalf of the FC hosts as an iSCSI initiator that requests service from a remote SN 5420. The remote SN 5420 provides access to storage devices as iSCSI targets, and the local SN 5420 presents those storage devices to the FC hosts as if the devices were directly attached to the FC-host SAN. An SN 5420 Storage Router deployed for iSCSI SAN interconnect can represent no more than 31 iSCSI targets to the FC hosts. To configure an SN 5420 Storage Router that is deployed for iSCSI SAN interconnect, you will need to have a basic understanding of the following concepts:

iSCSI SAN Interconnect: Using iSCSI Protocol to Route SCSI Requests and Responses

iSCSI SAN Interconnect Basic Network Structure

iSCSI SAN Interconnect Mapping and Access Control

Available Instances of iSCSI SAN Interconnect

iSCSI SAN Interconnect: Using iSCSI Protocol to Route SCSI Requests and Responses

An FC host needs no additional hardware or software to access storage devices via an SN 5420 Storage Router deployed for iSCSI SAN interconnect. The SN 5420 acts on behalf of the FC host to transport SCSI commands and responses across an IP network. (See Figure 1-15.)

Figure 1-15 Routing SCSI Requests and Responses for iSCSI SAN Interconnect

Using iSCSI protocol, the SN 5420 transports SCSI commands and responses between the FC host and storage devices via a remote SN 5420 that is configured for SCSI routing. From the perspective of the FC host, the storage devices accessed through the SN 5420s appear to be attached directly to the FC-host SAN.

iSCSI SAN interconnect consists of the following main actions (Figure 1-16):

Transporting SCSI requests and responses over an FC SAN between the FC hosts and an SN 5420 deployed for iSCSI SAN interconnect

Transporting SCSI requests and responses over an IP network between an SN 5420 deployed for iSCSI SAN interconnect and an SN 5420 deployed for SCSI routing

Routing SCSI requests and responses between an SN 5420 deployed for iSCSI SAN interconnect on an IP network and storage devices on an FC SAN

Transporting SCSI requests and responses over an FC SAN between an SN 5420 deployed for SCSI routing and physical storage devices

Figure 1-16 iSCSI SAN Interconnect Actions

iSCSI SAN Interconnect Basic Network Structure

Figure 1-17 shows the basic structure of an iSCSI SAN interconnect network. FC hosts connect to the Fibre Channel interface of each local SN 5420 Storage Router (deployed for iSCSI SAN interconnect). Each local SN 5420 connects to an IP network through its Gigabit Ethernet interface. Through the IP network, each local SN 5420 can access remote SN 5420s that are deployed for SCSI routing. FC storage devices connect to the Fibre Channel interface of each remote SN 5420 Storage Router (deployed for SCSI routing). A management station manages the storage routers through an IP network connected to the management interface of each storage router. For multiple paths between FC hosts and remote FC storage devices, multiple SN 5420s deployed for iSCSI SAN interconnect need to be connected to the FC-host SAN. However, multiple SN 5420 Storage Router deployed for iSCSI SAN interconnect cannot be configured in a cluster. Therefore, an SN 5420 HA network is not necessary, and the HA interface on the SN 5420 is disabled.

Figure 1-17 iSCSI SAN Interconnect Basic Network Structure

iSCSI SAN Interconnect Mapping and Access Control

iSCSI SAN interconnect occurs through two types of mapping:

In a remote SN 5420 that is deployed for SCSI routing—Mapping physical targets to iSCSI targets

In a local SN 5420 that is deployed for iSCSI SAN interconnect—Mapping each iSCSI target in a remote SN 5420 to a local Fibre Channel (FC) address

Mapping physical targets to iSCSI targets in remote SN 5420 deployed for SCSI routing is described in the "SCSI Routing Mapping and Access Control" section.

In an SN 5420 deployed for iSCSI SAN interconnect, mapping each iSCSI target in a remote SN 5420 to a local FC address consists of automatically creating a local WWPN for each iSCSI target made available by a remote SN 5420. The local SN 5420 retrieves the physical WWPN from the remote SN 5420 and creates a local WWPN that is based on the physical WWPN. Each local WWPN is used to present remote storage devices as if they were connected directly to the local SAN. The local SN 5420 converts a physical WWPN to a local WWPN by changing the first nibble of the WWPN to a hexadecimal 3. For example, a physical WWPN of 21:00:00:00:00:00:00:1A, that is available from the remote SN 5420, would be presented as 31:00:00:00:00:00:00:1A on the local SAN. Changing the first nibble ensures that each WWPN is unique across SANs.


Note The type of mapping used in the remote SN 5420 needs to be target-only mapping. In addition, the storage devices connected to the remote SN 5420 must be capable of being addressed by WWPNs. For more information about target-only mapping in an SN 5420 deployed for SCSI routing see, the "SCSI Routing Mapping and Access Control" section of this document.


The physical LUNs that are available through a WWPN in a remote SN 5420 are available on the local SAN and are numbered identically. For example, if a storage controller with WWPN 21:00:00:00:00:00:00:1A and LUNs 0 through 2 were available from a remote SN 5420, that WWPN would be presented as a local WWPN with LUNs 0 through 2 available on the local SAN. A local FC host would see the remote WWPN as 31:00:00:00:00:00:00:1A and a controller with three LUNs identified as LUN 0, LUN 1, and LUN 2. Each LUN would appear to an FC host as a locally attached storage device.

Access for iSCSI SAN interconnect is controlled in the local SN 5420 (connected to the FC hosts) and remote SN 5420s (connected to the storage devices). In the local SN 5420, access to remote SN 5420s is controlled by specifying Gigabit Ethernet IP addresses of SCSI routing instances in the remote SN 5420s. In remote SN 5420s, access is controlled through access lists. Additionally, access can be further controlled in the remote SN 5420 through authentication. For more information about authentication, see the "iSCSI Authentication Overview" section.

Once the IP addresses of the SCSI routing instances in remote storage routers are configured in the local storage router, and once the remote storage routers are configured, the local storage router routes SCSI requests and responses between the FC hosts in a local SAN and the FC storage devices in a remote SAN.

Figure 1-18 represents the concept of iSCSI SAN interconnect mapping and access control. In the figure, the local SN 5420 provides three FC hosts with IP access to remote FC storage devices. The local storage router is configured to access a SCSI routing instance in the remote storage router with the IP address 10.1.2.3. Access control in the remote SN 5420s determines which storage devices can be presented to the FC hosts. For more information about access control in a storage router deployed for SCSI routing, see "SCSI Routing Mapping and Access Control" section. From the perspective of the FC host, each storage device presented to it by the local SN 5420 appears as a locally attached storage device. Table 1-6 shows the WWPN addresses appearing in the host FC network and the storage devices in the remote FC network.


Note The purpose of Figure 1-18 and Table 1-6 is only to illustrate the concept of mapping and access control for iSCSI SAN interconnect. The IP addresses will vary according to each site. In addition, the figure excludes additional SN 5420 Storage Routers that could be configured for high availability or multiple paths.


Figure 1-18 iSCSI SAN Interconnect Storage Mapping and Access Concept

Table 1-6 iSCSI SAN Interconnect Storage Mapping and Access Control Concept

Hosts in local SAN
Storage Devices Apparent to FC Hosts as Locally Attached Devices
Storage Devices Apparent on Local SAN
Storage Devices Available from Remote SN 5420
Via GbE IP Address in Remote SN 5420
WWPN
LUN
WWPN
LUN

FC Hosts A, B, and C

Local Disk (D:)

31:00:00:00:00:00:00:1A

0

21:00:00:00:00:00:00:1A

0

10.1.2.3

Local Disk (E:)

31:00:00:00:00:00:00:1A

1

21:00:00:00:00:00:00:1A

1

10.1.2.3

Local Disk (F:)

31:00:00:00:00:00:00:1A

2

21:00:00:00:00:00:00:1A

2

10.1.2.3

Local Disk (G:)

31:00:00:00:00:00:00:42

0

21:00:00:00:00:00:00:42

0

10.1.2.3

Local Disk (H:)

31:00:00:00:00:00:00:42

1

21:00:00:00:00:00:00:42

1

10.1.2.3

Local Disk (I:)

31:00:00:00:00:00:00:43

0

21:00:00:00:00:00:00:43

0

10.1.2.3


Available Instances of iSCSI SAN Interconnect

When an SN 5420 Storage Router is deployed for iSCSI SAN interconnect, it is automatically configured for one instance of iSCSI SAN interconnect service; only that one instance can exist in that SN 5420.

The instance of iSCSI SAN interconnect needs to be configured with a Gigabit Ethernet IP address through which it will communicate with instances of SCSI routing in remote SN 5420 Storage Routers. Mapping between WWPN addresses available through a remote SN 5420 and WWPN addresses presented to local FC hosts is automatic and cannot be configured. When an SN 5420 is deployed for iSCSI SAN interconnect, it cannot participate in a storage router cluster. However, multiple SN 5420s can be connected to FC hosts in a SAN if multiple paths are required between the FC hosts in one SAN and the FC storage devices in another SAN. When multiple SN 5420s deployed for iSCSI SAN interconnect are connected to FC hosts in a SAN, each SN 5420 has one (and only one) instance of iSCSI SAN interconnect; the instance is unique to that SN 5420 and cannot fail over to another SN 5420. For more information about configuring an SN 5420 Storage Router, see the appropriate configuration chapters in this document.

VLAN Access Overview

SN 5420 VLAN access provides IP hosts with access to storage devices according to the VLAN to which each host belongs.

Figure 1-19 shows a sample network that employs SN 5420 VLAN access. In the figure, the SN 5420 Gigabit Ethernet interface is connected to an IP network through an IEEE 802.1Q trunk; the SN 5420 Fibre Channel interface is connected to storage devices 1, 2, and 3. The SN 5420 is configured with two SCSI routing instances named SR100 and SR200. The IP network contains two VLANs: VLAN 100 and VLAN 200. The SCSI routing instance, SR100, is configured to allow the hosts in VLAN 100 to access storage devices 1 and 2. The SCSI routing instance, SR200, is configured to allow the hosts in VLAN 200 to access storage device 3.

Figure 1-19 VLAN Access Overview

If the SN 5420 is used in a Cisco switched network environment, configure the SN 5420 using the Cisco proprietary VLAN Trunking Protocol (VTP). With VTP, the SN 5420 will exchange VTP packets with an externally attached switch to dynamically learn about the VLANs that are accessible in the IP network. The SN 5420 then uses VTP to propagate VLAN information around the switched network using layer 2 multicast packets.

If the SN 5420 is used in a non-Cisco switched network environment, configure the SN 5420 for VLAN without using VTP. The SN 5420 does not exchange VTP packets to learn about the VLANs in the network. Instead, you must manually assign VLANs in the network with a VLAN identifier (VID) number. You can optionally assign each VLAN with a unique name and manually set the MTU size.

If the SN 5420 participates in a cluster, the VLAN information configured for the SN 5420 is propagated to all SN 5420s in the cluster.

The SN 5420 uses IEEE 802.1Q standard for VLAN encapsulation. With 802.1Q encapsulation, VLAN information is carried in packets sent and received through the SN 5420 Gigabit Ethernet interface. These packets contain the VID and other VLAN information needed for VLAN members to participate in a VLAN.

A VLAN is granted access to storage devices via a SCSI routing instance configured in the SN 5420. The iSCSI targets assigned to the SCSI routing instance determine which storage devices the VLAN can access.

iSCSI Authentication Overview

iSCSI authentication is a software service that is available in each SN 5420 deployed for SCSI routing or transparent SCSI routing. It authenticates IP hosts and SN 5420s deployed for iSCSI SAN interconnect that request access to storage. iSCSI authentication is provided by an AAA (authentication, authorization, and accounting) subsystem configured in each SN 5420 (that is deployed for SCSI routing or transparent SCSI routing). AAA is Cisco's architectural framework for configuring a set of three independent security functions in a consistent and modular manner: authentication, authorization, and accounting. The SN 5420 Storage Router software implements the authentication function.

Authentication provides a method of identifying users (including login and password dialog, challenge and response, and messaging support) prior to receiving access to the requested object, function, or network service. AAA authentication is configured by defining a list of authentication services. iSCSI authentication, which uses the AAA authentication services list, can be enabled for specific SCSI routing instances in an SN 5420 deployed for SCSI routing.

When iSCSI authentication is enabled, IP hosts (with iSCSI drivers) and SN 5420s (deployed for iSCSI SAN interconnect) must provide user name and password information each time an iSCSI TCP connection is established. iSCSI authentication uses the iSCSI CHAP (Challenge Handshake Authentication Protocol) authentication method.

SN 5420 Cluster Management Overview

You can configure Cisco SN 5420 Storage Routers in a cluster to allow the storage routers to back each other up in case of failure.


Note An SN 5420 Storage Router can participate in a cluster only if it is deployed for SCSI routing. An SN 5420 deployed for transparent SCSI routing or iSCSI SAN interconnect can function only as a stand-alone system.


An SN 5420 Storage Router cluster consists of two to four storage routers connected as follows:

Connected to the same hosts

Connected to the same storage systems

Connected to each other through their management and high availability (HA) interfaces

In a cluster, storage routers continually exchange HA information to propagate configuration data to each other and to detect failures in the cluster. The storage routers exchange HA information through two separate networks: one connected to the management interface of each storage router and the other connected to the HA interface of each storage router. To make sure that HA information is exchanged reliably between storage routers, the storage routers balance the transmission of HA information between the management and the HA interfaces.

A storage router cluster supports up to 12 active instances of SCSI routing. At any given time, an instance of SCSI routing can run on only one storage router in a cluster. The instance continues running on the storage router where it was started until one of the following actions occurs:

The instance is explicitly stopped or failed over to another storage router in the cluster.

The instance automatically fails over to another storage router because an interface is unavailable or another software or hardware problem occurs.

Each storage router in a cluster can run up to 12 instances of SCSI routing. For example, if one storage router is already running two instances, it is eligible to run up to ten additional instances.

Interface Naming

Configuring the SN 5420 Storage Router software requires that you understand hardware interface naming. This section describes the interface naming system used with the SN 5420 Storage Router hardware.

Each storage router interface is assigned a three-character name consisting of two lower-case letters followed by a number. The letters designate the interface type; the number designates the chassis slot occupied by the interface (Figure 1-20).

Figure 1-20 SN 5420 Interface Naming System

Table 1-7 shows valid interface type designators for the SN 5420; Figure 1-21 shows chassis slot locations for the SN 5420. For example, a Fibre Channel interface in chassis slot 1 would have the name fc1.

Table 1-7 Interface Type Designators

Interface Type
Description

fc

Fibre Channel

ge

Gigabit Ethernet


Figure 1-21 SN 5420 Chassis-Slot Numbering

Where to Go Next

When you are ready to configure the SN 5420 software, proceed to one of the following chapters in this configuration guide according to your needs:

"First-Time Configuration"—For initial setup or after configuration has been reset to factory default configuration

"Configuring System Parameters"—Using the CLI for setting up and modifying system parameters

"Configuring for VLAN"—Using the CLI for setting up and modifying VLAN configurations

"Configuring SCSI Routing" —Using the CLI for setting up and modifying SCSI routing configurations

"Configuring Transparent SCSI Routing"—Using the CLI for verifying and modifying transparent SCSI routing configurations

"Configuring iSCSI SAN Interconnect"—Using the CLI for verifying and modifying iSCSI SAN interconnect configurations

"Configuring Authentication"—Using the CLI for setting up and modifying authentication configurations

"Configuring a Storage Router Cluster"—Using the CLI for setting up and modifying cluster configurations

"Maintaining and Managing the Storage Router"—Downloading software, backing up and restoring configurations, and other related maintenance and management tasks

"Command Line Interface Reference"—For a basic understanding of the command line interface and information on all CLI commands.


Note This guide does not describe how to configure iSCSI drivers. Install and configure iSCSI drivers according to readme and example configuration files for each driver.