The Cisco® MDS 9000 Family 4-Port 10-Gbps Fibre Channel Switching Module delivers uncompromising performance with 10-Gbps link bandwidth, 80 Gbps of continuous aggregate bandwidth per module, and the intelligence and advanced features required to make multilayer storage area networks (SANs) a reality. Delivering over five times the effective link bandwidth of 2-Gbps Fibre Channel products, the Cisco 4-Port 10-Gbps Fibre Channel Switching Module includes hardware-enabled innovations designed to dramatically improve performance, scalability, availability, security, and manageability of storage networks, resulting in increased utility and lower total cost of ownership (TCO).
The Cisco 4-Port 10-Gbps Fibre Channel Switching Module is hot-swappable and includes hot-swappable, X2 form-factor pluggable, SC type interfaces. Individual ports can be configured with short-wave or long-wave X2 optical transceivers for connectivity up to 10 kilometers. Up to 250 buffer credits per port are supported for maximum extensibility without requiring additional licensing. With the optional Cisco Enterprise Package, up to 4095 buffer credits can be allocated to an individual port, enabling full link bandwidth over thousands of kilometers with no degradation in link utilization. Ultrahigh per-port bandwidth makes the Cisco 4-Port 10-Gbps Fibre Channel Switching Module ideal for Inter-Switch Link (ISL) connectivity, both within the data center and between data centers across metro optical networks.
With its multiprotocol capability, the Cisco 4-Port 10-Gbps Fibre Channel Switching Module easily integrates IBM Fiber Connection (FICON) protocol, FICON Control Unit Port (CUP) management, and switch cascading to facilitate mainframe connectivity. Virtual SANs (VSANs) allow hardware-based separation of Fibre Channel and FICON traffic switched on a single physical SAN, increasing overall TCO without compromising scalability, availability, manageability, and network security.
The Cisco MDS 9000 Family 4-Port 10-Gbps Fibre Channel Switching Module is compatible all MDS 9500 Series Multilayer Directors as well as MDS 9216A and MDS 9216i multilayer fabric switches providing outstanding value and investment protection. Figure 1 shows a Cisco MDS 9000 Family 4-Port 10-Gbps Fibre Channel Switching Module.
The Cisco MDS 9000 Family 4-Port 10-Gbps Fibre Channel Switching Module offers the following features:
• Fibre channel standard 10-Gbps interfaces-Provide high Fibre Channel switching performance for ISLs and inter-data center connection over a metro optical infrastructure.
• High-performance ISLs-Support up to 16 links in a single PortChannel; links can span any speed-matched ports on any module within a chassis for added scalability and resilience. Up to 4095 buffer-to-buffer credits can be assigned to a single Fibre Channel port, providing industry leading extension of storage networks up to 800 kilometers at 10 Gbps while maintaining full link bandwidth.
• Intelligent network services-Provide integrated support for VSAN technology, access control lists (ACLs) for hardware-based intelligent frame processing, and advanced traffic-management features such as Fibre Channel Congestion Control (FCC) and fabric-wide quality of service (QoS) to enable migration from SAN islands to enterprise-wide storage networks.
• Integrated hardware-based VSANs and Inter-VSAN Routing (IVR)-Enables deployment of large-scale multisite and heterogeneous SAN topologies. Integration into port-level hardware allows any port within a system or fabric to be partitioned into any VSAN. Integrated hardware-base inter-VSAN routing provides line-rate routing between any ports within a system or fabric without the need for external routing appliances.
• Advanced FICON features-In cascaded FICON fabrics, the Cisco 10-Gbps Fibre Channel Switching Module supports 10-Gbps ISL connections on individual ports or up to 160-Gbps logical ISLs using the Cisco PortChannel feature. VSAN-enabled trunking allows reliable transmission of intermixed mainframe and open systems traffic across ISL links. Integrated CUP support enables in-band management of Cisco MDS 9000 Family switches from the mainframe management console.
• Comprehensive security framework-Supports RADIUS and TACACS+, Fibre Channel Security Protocol (FC-SP), Secure File Transfer Protocol (SFTP), Secure Shell (SSH) Protocol, and Simple Network Management Protocol Version 3 (SNMPv3) implementing Advanced Encryption Standard (AES), VSANs, hardware-enforced zoning, ACLs, and per-VSAN role-based access control.
• Sophisticated diagnostics-Provide intelligent diagnostics, protocol decoding, and network analysis tools as well as integrated Call Home capability for added reliability, faster problem resolution, and reduced service costs.
• 10-Gbps port density-Enables integration of up to 44 10-Gbps ports in a single switch and 132 ports per rack.
The Cisco MDS 9000 Family offers industry-leading port density, scaling from 4 to 528 ports per chassis. Using the Cisco 4-Port 10-Gbps Fibre Channel Switching Module, up to 44 10-Gbps ports can be integrated into a single chassis, and 132 ports can be integrated into a single 42-unit rack. Because building a large-scale storage network requires more than just high port density, Cisco Systems® has introduced innovative features that make multilayer storage networks a reality. VSANs, Inter-VSAN Routing (IVR), advanced traffic management, hardware-enabled serviceability, and comprehensive security features make the Cisco MDS 9000 Family the platform of choice for businesses requiring high scalability and low TCO.
Ideal for efficient, secure SAN consolidation, VSANs allow more efficient storage network utilization by creating hardware-based isolated environments within a single physical SAN fabric or switch. Each VSAN can be zoned as a typical SAN and maintains its own fabric services for added scalability and resilience. VSANs allow the cost of SAN infrastructure to be shared among more users, while ensuring absolute segregation of traffic and retaining independent control of configuration on a VSAN-by-VSAN basis.
Integrated SAN Routing
In another step toward deploying the most efficient, cost-effective, consolidated storage networks, the Cisco MDS 9000 Family 4-Port 10-Gbps Fibre Channel Switching Modules also support IVR routing functionality for Fibre Channel. IVR allows selective transfer of data traffic between specific initiators and targets on different VSANs while maintaining isolation of control traffic within each VSAN. With IVR, data can transit VSAN boundaries while maintaining control plane isolation, thereby maintaining fabric stability and availability. Integrated IVR eliminates the need for external routing appliances, greatly increasing routing scalability while delivering line-rate routing performance, simplifying management, and eliminating the challenges associated with maintaining separate systems. Integrated IVR means lower total cost of SAN ownership.
Integrated Mainframe Support
The Cisco 4-Port 10-Gbps Fibre Channel Switching Module is mainframe ready, with full support for IBM zSeries FICON and Linux environments. Qualified by IBM for attachment to all FICON-enabled devices in an IBM zSeries operating environment, the module supports transport of the FICON protocol in cascaded fabrics, as well as intermix of FICON and open systems Fibre Channel Protocol (FCP) on the same switch. VSANs simplify intermix of SAN resources between z/OS, mainframe Linux, and open systems environments, allowing for increased SAN utilization and simplified SAN management. VSAN-based intermix mode eliminates the uncertainty and instability often associated with zoning-based intermix techniques. VSANs also greatly reduce the probability of a misconfiguration or component failure in one VSAN affecting operation in other VSANs. VSAN-based management access control simplifies partitioning of SAN management responsibilities between mainframe and open systems environments, enhancing security. FICON VSANs can be managed using the integrated Cisco Fabric Manager; the Cisco command-line interface (CLI); or IBM CUP-enabled management tools, including IBM SA/390, Resource Measurement Facility (RMF), or Dynamic Channel Path Management (DCM).
Advanced Traffic Management
Advanced traffic management capabilities integrated into every Cisco MDS 9000 Family 4-Port 10-Gbps Fibre Channel Switching Module simplify deployment and optimization of large-scale fabrics.
• Virtual Output Queuing-Ensures line-rate performance on each port, independent of traffic pattern, by eliminating head-of-line blocking.
• Up to 4095 buffer-to-buffer credits-Can be assigned to an individual port for optimal bandwidth utilization across distance.
• PortChannels-Allow users to aggregate up to 16 physical ISLs into a single logical bundle, providing optimized bandwidth utilization across all links. The bundle can consist of any speed-matched ports from any module in the chassis, ensuring that the bundle can remain active even in the event of a module failure.
• Fabric Shortest Path First (FSPF)-Based multipathing provides the intelligence to load balance across up to 16 equal cost paths and, in the event of a switch failure, dynamically reroute traffic.
• QoS-Can be used to manage bandwidth and control latency to prioritize critical traffic.
• FCC-An end-to-end feedback-based congestion control mechanism that augments the Fibre Channel buffer-to-buffer credit mechanism to provide enhanced traffic management.
Advanced Diagnostics and Troubleshooting Tools
Management of large-scale storage networks requires proactive diagnostics, tools to verify connectivity and route latency, and mechanisms for capturing and analyzing traffic. The Cisco MDS 9000 Family integrates advanced analysis and debug tools. Power-on self-test (POST) and online diagnostics provide proactive health monitoring. The Cisco MDS 9000 Family 4-Port 10-Gbps Fibre Channel Switching Modules provide the integrated hardware functionality required to implement diagnostic capabilities such as Fibre Channel Traceroute for detailing the exact path and timing of flows and Switched Port Analyzer (SPAN) and Remote Switched Port Analyzer (RSPAN) to intelligently capture network traffic. After traffic has been captured, it can then be analyzed with the Cisco Fabric Analyzer, an embedded Fibre Channel analyzer. Comprehensive port-based and flow-based statistics enable sophisticated performance analysis and service-level agreement (SLA) accounting. With the Cisco MDS 9000 Family, Cisco Systems delivers a comprehensive toolset for troubleshooting and analysis of storage networks.
Comprehensive Solution for Robust Security
Addressing the need for failproof security in storage networks, the Cisco MDS 4-Port 10-Gbps Fibre Channel Switching Module-offer an extensive security framework to protect highly sensitive data crossing today's enterprise networks. The module employs intelligent packet inspection at the port level, including the application of ACLs for hardware enforcement of zones, VSANs, and advanced Port Security features.
Extended zoning capabilities are enabled to ensure that logical unit numbers (LUNs) are accessible only by specific hosts (LUN zoning), to limit SCSI read commands for a certain zone (read-only zoning), and to restrict broadcasts to only the selected zones (broadcast zones). VSANs are used to achieve higher security and greater stability by providing complete isolation among devices that are connected to the same physical SAN. IVR enables controlled sharing of resources between VSANs. In addition, FC-SP provides switch-switch and host-switch Diffie-Hellman Challenge Handshake Authentication Protocol (DH-CHAP) authentication supporting RADIUS or TACACS+ to help ensure that only authorized devices access protected storage networks.
Table 1 lists the product specifications for the Cisco MDS 9000 Family 4-Port 10-Gbps Fibre Channel Switching Module.
Table 1. Product Specifications
• Cisco MDS 9000 Family
• Cisco MDS SAN-OS Release 3.0(1) or later
• Fibre Channel standards
• 10GFC, Revision 4.0 (ANSI/INCITS 364:2003)
• FC-PI-2, Revision 10 (ANSI/INCITS 404-2006)
• FC-FS, Revision 1.9 (ANSI/INCITS 373-2003)
• FC-FS-2, Revision 0.91
• FC-LS, Revision 1.2
• FC-SW-2, Revision 5.3 (ANSI/INCITS 355-2001)
• FC-SW-3, Revision 6.6 (ANSI/INCITS 384-2004)
• FC-SW-4, Revision 7.5 (ANSI/INCITS 418-2006)
• FC-GS-3, Revision 7.01 (ANSI/INCITS 348-2001)
• FC-GS-4, Revision 7.91 (ANSI/INCITS 387-2004)
• FC-GS-5, Revision 8.2
• FC-BB, Revision 4.7 (ANSI/INCITS 342-2001)
• FC-BB-2, Revision 6.0 (ANSI/INCITS 372-2003)
• FC-BB-3, Revision 6.8 (ANSI/INCITS 414-2006)
• FCP, Revision 12 (ANSI/INCITS 269-1996)
• FCP-2, Revision 8 (ANSI/INCITS 350-2003)
• FCP-3, Revision 4 (ANSI/INCITS 416-2006)
• FC-SB-2, Revision 2.1 (ANSI/INCITS 349-2001)
• FC-SB-3, Revision 1.6 (ANSI/INCITS 374-2003)
• FC-VI, Revision 1.84 (ANSI/INCITS 357-2002)
• FC-FLA, Revision 2.7 (INCITS TR-20-1998)
• FC-PLDA, Revision 2.1 (INCITS TR-19-1998)
• FC-Tape, Revision 1.17 (INCITS TR-24-1999)
• FC-MI, Revision 1.92 (INCITS TR-30-2002)
• FC-MI-2, Revision 2.6 (INCITS TR-39-2005)
• FC-DA, Revision 3.1 (INCITS TR-36-2004)
• FC-SP, Revision 1.74
• FAIS, Revision 0.7
• IP over Fibre Channel (RFC 2625)
• IPv6, IPv4 and ARP over Fibre Channel (RFC 4338)
• Extensive IETF-standards based TCP/IP, SNMPv3, and remote monitoring (RMON) MIBs
• Class of Service: Class 2, Class 3, Class F
• Fibre Channel standard port types: E, F, FL, B
• Fibre Channel enhanced port types: SD, ST, TE
• Four 10-Gbps Fibre Channel ports per module
Features and Functions
• Name server
• Registered State Change Notification (RSCN)
• Login services
• Fabric Configuration Server (FCS)
• Public loop
• In-order delivery
• PortChannel with Multipath Load Balancing
• QoS-flow-based, zone-based
• N_Port ID Virtualization
Diagnostics and Troubleshooting Tools
• POST diagnostics
• Online diagnostics
• Internal port loopbacks
• SPAN and RSPAN
• Fibre Channel Traceroute
• Fibre Channel Ping
• Fibre Channel Debug
• Cisco Fabric Analyzer
• Online system health
• Port-level statistics
• Real-Time Protocol Debug
• Per-VSAN role-based access control
• Fibre Channel Zoning
• N_Port WWN
• N_Port FC-ID
• Fx_Port WWN
• Fx_Port WWN and interface index
• Fx_Port domain ID and interface index
• Fx_Port domain ID and port number
• DH-CHAP switch-switch authentication
• DH-CHAP host-switch authentication
• Port Security and Fabric Binding
• Management access
• SSHv2 implementing AES
• SNMPv3 implementing AES
• FC-SB-3 compliant
• Cascaded FICON fabrics
• Intermix of FICON and Fibre Channel FCP traffic
• CUP management interface
• Configuration file management
• Nondisruptive software upgrades for Fibre Channel interfaces
• Call Home
• Power-management LEDs
• Port beaconing
• System LED
• SNMP traps for alerts
• Network boot
• Port speed: 10-Gbps fixed speed
• Buffer credits: 250 per port (default), up to 4095 on an individual port (with optional Enterprise Package license activated)
• PortChannel: up to 16 ports
• Supported Cisco optics, media, and transmission distances
10 Gbps-SR, SC X2
10 Gbps-SR, SC X2
10 Gbps-LR, SC X2
10 Gbps-ER, SC X2
10 Gbps-SR, SC Ethernet X2
10 Gbps-SR, SC Ethernet X2
10 Gbps-Ethermet DWDM X2
50/125-micron (enhanced) multimode
50/125-micron (enhanced) multimode
Reliability and Availability
• Hot-swappable module
• Hot-swappable X2 optics
• Online diagnostics
• Stateful Process Restart
• Nondisruptive Supervisor Failover
• Any module, any port configuration for PortChannels
• Fabric-based multipathing
• Per-VSAN fabric services
• Port Tracking
• Virtual Routing Redundancy Protocol (VRRP) for management
• Access methods through Cisco MDS 9500 Series Supervisor Module
• Out-of-band 10/100 Ethernet port (Supervisor-1)
• Out-of-band 10/100/1000 Ethernet port (Supervisor-2)
• RS-232 serial console port
• In-band IP over Fibre Channel
• DB-9 COM port
• Access methods through Cisco MDS 9000 Family Fibre Channel Switching Module
• In-band FICON CUP over Fibre Channel
• Access protocols
• CLI by console and Ethernet ports
• SNMPv3 by Ethernet port and in-band IP over Fibre Channel access
• Storage Networking Industry Association (SNIA) Storage Management Initiative Specification (SMI-S)
• FICON CUP
• Distributed Device Alias service
• Network security
• Per-VSAN role-based access control using RADIUS-based and TACACS+-based authentication, authorization, and accounting (AAA) functions