Many IT departments have consolidated their data centers and SANs, achieving great efficiencies along the way. Large enterprises with consolidated SANs have hundreds or thousands of servers running business applications interconnecting through a common network fabric, making the network fabric an ideal nexus from which to deploy solutions such as SAN extension, acceleration, and encryption of data. The Cisco® MDS 9000 16-Port Storage Services Node provides a high-performance, flexible, unified platform for deploying enterprise-class disaster recovery, business continuance, and intelligent fabric applications (Figure 1).
The Cisco MDS 9000 16-Port Storage Services Node hosts four independent service engines, which can each be individually and incrementally enabled to scale as business requirements change, or be configured to run separate applications. Based on the single service engine in the Cisco MDS 9000 18/4-Port Multiservice Module, this
four-to-one consolidation delivers dramatic hardware savings and frees valuable slots in the Cisco MDS 9500 Series Multilayer Directors chassis.
The Cisco MDS 9000 16-Port Storage Services Node integrates transparently into the Cisco MDS 9500 Series Multilayer Directors and the Cisco MDS 9222i Multiservice Modular Switch. Each of the four service engines supports 4 Gigabit Ethernet IP storage services ports, for a total of 16 ports of Fibre Channel over IP (FCIP) connectivity. Traffic can be switched between an IP port and any Fibre Channel port on a Cisco MDS 9000 Family switch. The Cisco MDS 9000 16-Port Storage Services Node supports the full range of services available on other Cisco MDS 9000 Family Fibre Channel switching modules, including virtual SANs (VSANs), security, and traffic management.
The Cisco MDS 9000 16-Port Storage Services Node uses Cisco expertise and knowledge of IP networks to deliver outstanding SAN extension performance, reducing latency for disk and tape with FCIP acceleration features, including FCIP write acceleration and FCIP tape write and read acceleration. Hardware-based encryption helps secure sensitive traffic with IP Security (IPsec), and hardware-based compression dramatically enhances performance for both high- and low-speed links, enabling immediate cost savings in expensive WAN infrastructure. Multiple FCIP interfaces within a single engine or across service engines can be grouped into a PortChannel of up to 16 links for high availability and increased aggregate throughput. FCIP PortChannels can also be enabled for FCIP tape read and write acceleration by running the optional Cisco MDS 9000 I/O Accelerator (IOA) Package on a service engine anywhere in the fabric.
In the IBM System z mainframe environment, the Cisco MDS 9000 16-Port Storage Services Node provides high-density Integrated Channel Extension capabilities, such as the acceleration of FICON read and write traffic for virtual and physical tape (sometimes referred to tape pipelining). Updates for IBM’s z/OS Global Mirror, still commonly known as XRC, can also be accelerated across a WAN using Cisco’s XRC Acceleration feature. All of these capabilities utilize the same hardware-based data compression and IPsec encryption as the open systems solutions described above. The Cisco MDS 9000 16-Port Storage Services Node is especially well suited to maximize channel extension bandwidth in valuable MDS 9500 Series director slots. FICON and open systems traffic can run on the same service engine, and even on the same GbE port, though they must use separate FCIP tunnels and VSANs.
Natively integrating support for intelligent fabric applications, the Cisco MDS 9000 16-Port Storage Services Node provides a platform for distributed fabric services such as Cisco MDS 9000 IOA feature, which provides acceleration and compression for backup and replication applications. These advanced functions are available to any device connected to the fabric, facilitating ease of deployment, scalability, and high availability through clustering.
Main Features and Benefits
The Cisco MDS 9000 16-Port Storage Services Node is designed for mission-critical enterprise storage networks that require secure, robust, cost-effective business-continuance services. The Cisco MDS 9000 16-Port Storage Services Node offers the following main features:
● FCIP for remote SAN extension:
◦ Simplifies data-protection and business-continuance strategies by enabling backup, remote replication, and other disaster-recovery services over WAN distances using open standards FCIP tunneling.
◦ Optimizes utilization of WAN resources for backup and replication by enabling hardware-based compression, hardware-based encryption, XRC Acceleration for IBM System z-based replication, FCIP write acceleration, and tape read and write acceleration for both FCIP and FICON over IP. Up to 48 virtual Inter-Switch Link (ISL) connections are provided on the 16-Gigabit Ethernet ports through tunneling.
◦ Preserves Cisco MDS 9000 Family enhanced capabilities, including VSANs, advanced traffic management, and security, across remote connections.
● Cisco IOA
◦ Optimizes utilization of metropolitan area network (MAN) resources for backup and replication by enabling hardware-based compression, Fibre Channel write acceleration, and Fibre Channel tape read and write acceleration.
◦ Through transport- and speed-independent implementation, provides a unified solution for 1-, 2-, 4-, 8-, and 10-Gbps links over MANs and WANs.
◦ With transparent insertion of the Cisco IOA service, requires no fabric reconfiguration or rewiring.
◦ Enables port channels for FCIP tape acceleration to provide high availability and resiliency.
◦ Provides a high availability, resilient, and scalable environment with PortChannels, service clustering, and Lightweight Reliable Transport Protocol (LRTP).
● Integrated IP storage services in a high-density form factor: The module supports 16 Gigabit Ethernet ports for FCIP. Individual ports can be configured with hot-swappable shortwave and longwave Small Form-Factor Pluggables (SFPs) for connectivity up to 200 kilometers.
● Integrated hardware-based VSANs and Inter-VSAN Routing (IVR): The module enables deployment of large-scale multisite and heterogeneous SAN topologies. Integration into port-level hardware allows any port in a system or fabric to be partitioned into any VSAN. Integrated hardware-based IVR provides line-rate routing between any ports in a system or fabric without the need for external routing appliances.
● Intelligent network services: The module uses VSAN technology for hardware-enforced, isolated environments in a single physical fabric, access control lists (ACLs) for hardware-based intelligent frame processing, and advanced traffic management features such as fabricwide quality of service (QoS) to facilitate migration from SAN islands to enterprise-wide storage networks.
● Sophisticated diagnostics: The module provides intelligent diagnostics, protocol decoding, and network analysis tools as well as integrated Call Home capability for added reliability, faster problem resolution, and reduced service costs.
● Comprehensive network security framework: The module supports RADIUS and TACACS+, Fibre Channel Security Protocol (FC-SP), Secure File Transfer Protocol (SFTP), Secure Shell (SSH) Protocol, and Simple Network Management Protocol Version 3 (SNMPv3) implementing the AES, VSANs, hardware-enforced zoning, ACLs, and per-VSAN role-based access control (RBAC). RBAC provides separate control over management functions and access on a per-VSAN basis, enabling separation of duties among administrators on the same physical switch. Gigabit Ethernet ports support IPsec authentication, data integrity, and hardware-assisted data encryption.
● IP Version 6 (IPv6) support: The module supports IPv6 as mandated by the U.S. Department of Defense (DoD), Japan, and China. IPv6 support is provided for FCIP and for management traffic routed in band and out of band.
Integrated FCIP for Remote SAN and Mainframe Channel Extension
Data-distribution, data-protection, and business-continuance services are significant components of today’s information-centered businesses. The capability to efficiently replicate critical data on a global scale helps ensure
a higher level of data protection for valuable corporate information, and it also increases utilization of backup resources and lowers total cost of storage ownership. The Cisco MDS 9000 16-Port Storage Services Node uses the open standards FCIP protocol to extend the distance of current Fibre Channel and FICON solutions, enabling interconnection of SAN islands over extended distances.
Advanced SAN Extension Features
The Cisco MDS 9000 16-Port Storage Services Node supports hardware-based FCIP compression to increase the effective WAN bandwidth of SAN extension solutions. The module can deliver up to a 40:1 compression ratio, with typical ratios of 4:1 or 5:1 over a wide variety of data sources.
The Cisco MDS 9000 16-Port Storage Services Node supports IPsec encryption for secure transmission of sensitive data over extended distances. Hardware enablement of IPsec helps ensure line-rate throughput. Together, hardware-based compression and hardware-based encryption provide a high-performance, highly secure SAN extension capability.
Additionally, the Cisco MDS 9000 16-Port Storage Services Node supports FCIP write acceleration, a feature that can significantly improve application performance when storage traffic is extended across long distances. When FCIP write acceleration is enabled, WAN throughput is optimized by reducing the latency of command acknowledgments. XRC Acceleration is the equivalent feature for IBM’s z/OS Global Mirror mainframe-based replication, accelerating the updates to reduce latency and maximize bandwidth utilization. Similarly, the module supports FCIP and FICON over IP tape acceleration, which significantly improves throughput over WAN links for remote tape backup and restore operations.
Cisco I/O Accelerator Feature
Replication and backup applications over MANs and WANs can benefit from Cisco IOA feature services such as Fibre Channel disk write acceleration (FCWA), Fibre Channel tape read and write acceleration, Fibre Channel data compression over MAN links, and PortChannels for FCIP tape acceleration.
Ideal for efficient, secure SAN consolidation, ANSI T11-standard VSANs enable more efficient storage network utilization by creating hardware-based isolated environments with a single physical SAN fabric or switch. Each VSAN can be zoned as a typical SAN and maintained with its own fabric services for added scalability and resilience. VSANs allow the cost of SAN infrastructure to be shared among more users, while helping ensure segregation of traffic and retaining independent control of configuration on a VSAN-by-VSAN basis.
Integrated SAN Routing
In another step toward deployment of efficient, cost-effective, consolidated storage networks, the Cisco MDS 9000 16-Port Storage Services Node supports IVR, the industry’s first and most efficient routing function for Fibre Channel. IVR allows selective transfer of data between specific initiators and targets on different VSANs while maintaining isolation of control traffic within each VSAN. With IVR, data can transit VSAN boundaries while maintaining control plane isolation, thereby maintaining fabric stability and availability. IVR eliminates the need for external routing appliances, greatly increasing routing scalability while delivering line-rate routing performance, simplifying management, and eliminating the challenges associated with maintaining separate systems. IVR lowers total cost of SAN ownership.
Advanced Traffic Management
The advanced traffic management capabilities integrated into the Cisco MDS 9000 16-Port Storage Services Node simplify deployment and optimization of large-scale fabrics.
● Virtual output queuing: Helps ensure line-rate performance on each port, independent of traffic pattern, by eliminating head-of-line blocking
● PortChannels: Allow users to aggregate up to 16 FCIP ISLs into a single logical bundle, providing optimized bandwidth utilization across all links; the bundle can consist of any speed-matched ports from any module in the chassis, helping ensure that the bundle can remain active even in the event of a module failure
● Fabric Shortest Path First (FSPF)-based multipathing: Provides the intelligence to load balance across up to 16 equal-cost paths and, in the event of a switch failure, dynamically reroute traffic
● QoS: Can be used to manage bandwidth and control latency, to prioritize critical traffic
Advanced Diagnostics and Troubleshooting Tools
Management of large-scale storage networks requires proactive diagnostics, tools to verify connectivity and route latency, and mechanisms for capturing and analyzing traffic. The Cisco MDS 9000 Family integrates the industry’s most advanced analysis and diagnostic tools. Power-on self-test (POST) and online diagnostics provide proactive health monitoring. The Cisco MDS 9000 16-Port Storage Services Node implements diagnostic capabilities such as Fibre Channel Traceroute to detail the exact path and timing of flows and Switched Port Analyzer (SPAN) to intelligently capture network traffic.
After traffic has been captured, it can be analyzed with the Cisco Fabric Analyzer, an embedded Fibre Channel analyzer. Comprehensive port-based and flow-based statistics facilitate sophisticated performance analysis and service-level agreement (SLA) accounting. With the Cisco MDS 9000 Family, Cisco delivers a comprehensive toolset for troubleshooting and analysis of storage networks.
Comprehensive Solution for Robust Network Security
Addressing the need for fail-proof security in storage networks, the Cisco MDS 9000 16-Port Storage Services Node offers an extensive security framework to protect highly sensitive data moving in today’s enterprise networks. The module employs intelligent frame inspection at the port level, including the application of ACLs for hardware enforcement of zones, VSANs, and advanced port security features.
● Extended zoning capabilities restrict broadcasts to only the selected zones (broadcast zones)
● VSANs are used to achieve higher security and greater stability by providing complete isolation among devices that are connected to the same physical SAN
● FC-SP provides switch-switch and host-switch Diffie-Hellman Challenge Handshake Authentication Protocol (DH-CHAP) authentication supporting RADIUS and TACACS+, to help ensure that only authorized devices can access protected storage networks
● For FCIP deployments, the comprehensive IPsec protocol suite delivers secure authentication,
data integrity, and hardware-based encryption
Table 1 lists the product specifications for the Cisco MDS 9000 16-Port Storage Services Node.
Table 1. Product Specifications
● FC-PH, Revision 4.3 (ANSI INCITS 230-1994)
● FC-PH, Amendment 1 (ANSI INCITS 230-1994/AM1-1996)
● FC-PH, Amendment 2 (ANSI INCITS 230-1994/AM2-1999)
● FC-PH-2, Revision 7.4 (ANSI INCITS 297-1997)
● FC-PH-3, Revision 9.4 (ANSI INCITS 303-1998)
● FC-PI, Revision 13 (ANSI INCITS 352-2002)
● FC-PI-2, Revision 10 (ANSI INCITS 404-2006)
● FC-PI-4, Revision 8 (ANSI INCITS 450-2008)
● FC-FS, Revision 1.9 (ANSI INCITS 373-2003)
● FC-FS-2, Revision 1.01 (ANSI INCITS 424-2007)
● FC-FS-2, Amendment 1 (ANSI INCITS 424-2007/AM1-007)
● FC-FS-3, Revision 0.5
● FC-LS, Revision 1.62 (ANSI INCITS 433-2007)
● FC-AL, Revision 4.5 (ANSI INCITS 272-1996)
● FC-AL-2, Revision 7.0 (ANSI INCITS 332-1999)
● FC-AL-2, Amendment 1 (ANSI INCITS 332-1999/AM1-2003)
● FC-AL-2, Amendment 2 (ANSI INCITS 332-1999/AM2-2006)
● FC-SW-2, Revision 5.3 (ANSI INCITS 355-2001)
● FC-SW-3, Revision 6.6 (ANSI INCITS 384-2004)
● FC-SW-4, Revision 7.5 (ANSI INCITS 418-2006)
● FC-SW-5, Revision 8.1
● FC-GS-3, Revision 7.01 (ANSI INCITS 348-2001)
● FC-GS-4, Revision 7.91 (ANSI INCITS 387-2004)
● FC-GS-5, Revision 8.51 (ANSI INCITS 427-2007)
● FC-GS-6, Revision 9.21
● FC-BB, Revision 4.7 (ANSI INCITS 342-2001)
● FC-BB-2, Revision 6.0 (ANSI INCITS 372-2003)
● FC-BB-3, Revision 6.8 (ANSI INCITS 414-2006)
● FC-BB-4, Revision 2.7 (ANSI INCITS 419-2008)
● FC-IFR, Revision 1.03
● FCP, Revision 12 (ANSI INCITS 269-1996)
● FCP-2, Revision 8 (ANSI INCITS 350-2003)
● FCP-3, Revision 4 (ANSI INCITS 416-2006)
● FC-SB-2, Revision 2.1 (ANSI INCITS 349-2001)
● FC-SB-3, Revision 1.6 (ANSI INCITS 374-2003)
● FC-SB-3, Amendment 1 (ANSI INCITS 374-2003/AM1-2007)
● FC-VI, Revision 1.84 (ANSI INCITS 357-2002)
● FC-SP, Revision 1.8 (ANSI INCITS 426-2007)
● FAIS, Revision 1.03 (ANSI INCITS 432-2007)
● FAIS-2, Revision 2.23 (ANSI INCITS 449-2008)
● FC-FLA, Revision 2.7 (INCITS TR-20-1998)
● FC-PLDA, Revision 2.1 (INCITS TR-19-1998)
● FC-Tape, Revision 1.17 (INCITS TR-24-1999)
● FC-MI, Revision 1.92 (INCITS TR-30-2002)
● FC-MI-2, Revision 2.6 (INCITS TR-39-2005)
● FC-DA, Revision 3.1 (INCITS TR-36-2004)
● IP over Fibre Channel (RFC 2625)
● IPv6, IPv4 and ARP over FC (RFC 4338)
● Extensive IETF-standards based TCP/IP, SNMPv3, and remote monitoring (RMON) MIBs
● Class of Service: Class 2, Class 3, and Class F
● Fibre Channel standard port types: E, F, FL, and B
● Fibre Channel enhanced port types: SD, ST, and TE
Cards, ports, and slots
Features and Functions
● Name server
● Registered state change notification (RSCN)
● Login services
● Cisco Fabric Configuration Server (FCS)
● Private loop
● Public loop
● Translative loop
● In-order delivery
● PortChannel with multipath load balancing
● Flow-based and zone-based QoS
● Hardware-based compression for MAN and WAN data
● Hardware-based encryption
● Hardware-based data integrity
● FCIP disk write acceleration
● FCIP tape read and write acceleration
● FICON tape read and write acceleration
● XRC Acceleration (for IBM z/OS Global Mirror)
Diagnostics and troubleshooting tools
● POST diagnostics
● Online diagnostics
● Internal port loopbacks
● SPAN and remote SPAN
● Fibre Channel Traceroute
● Fibre Channel Ping
● Fibre Channel Debug
● Cisco Fabric Analyzer
● Online system health
● Port-level statistics
● Real-Time Protocol (RTP) debug
● Per-VSAN RBAC
● Fibre Channel zoning
◦ N-port worldwide name (WWN)
◦ N-port FC-ID
◦ Fx-port WWN
◦ Fx-port WWN and interface index
◦ Fx-port domain ID and interface index
◦ Fx-port domain ID and port number
◦ DH-CHAP switch-switch authentication
◦ DH-CHAP host-switch authentication
● Port security and fabric binding
● IPsec for FCIP
● IKEv1 and v2
● Management access
◦ SSH v2 implementing AES
◦ SNMPv3 implementing AES
● Configuration file management
● Nondisruptive software upgrades for Fibre Channel interfaces
● Call Home
● Power-management LEDs
● Port beaconing
● System LED
● SNMP traps for alerts
● Network boot
● Port speed: 1 Gbps
● PortChannels: Up to 16 FCIP links
● FCIP tunnels: Up to 3 per port
Supported Cisco optics, media, and transmission distances (Ethernet transceivers for Gigabit Ethernet ports)
● 1-Gbps SX, LC SFP
● 1-Gbps SX, LC SFP
● 1-Gbps LX/LH, LC SFP
● 50/125-micron multimode
● 62.5/125-micron multimode
● 9/125- or 10/125-micron single mode
Reliability and availability
● Hot-swappable module
● Hot-swappable SFP optics
● Online diagnostics
● Stateful process restart
● Nondisruptive supervisor failover
● Any module, any port configuration for PortChannels
● Fabric-based multipathing
● Per-VSAN fabric services
● Port tracking
● VRRP for management and FCIP
● Access methods through Cisco MDS 9500 Series Supervisor Module
◦ Out-of-band 10/100 Ethernet port (Supervisor-1 Module)
◦ Out-of-band 10/100/1000 Ethernet port (Supervisor-2 Module)
◦ RS-232 serial console port
◦ In-band IP-over-Fibre Channel
◦ DB-9 COM port
● Access protocols
◦ CLI through console and Ethernet ports
◦ SNMPv3 through Ethernet port and in-band IP-over-Fibre Channel access
◦ Storage Networking Industry Association (SNIA) Storage Management Initiative Specification (SMI-S)
● Distributed device alias service
● Network security
◦ Per-VSAN RBAC using RADIUS and TACACS+ based authentication, authorization, and accounting (AAA) functions
◦ SSH v2 implementing AES
◦ SNMPv3 implementing AES
◦ Management applications
◦ Cisco MDS 9000 Family CLI
◦ Cisco Fabric Manager
◦ Cisco Device Manager
◦ CiscoWorks Resource Manager Essentials (RME) and CiscoWorks Device Fault Manager (DFM)
● Scriptable CLI
● Cisco Fabric Manager GUI
● Cisco Device Manager GUI
● Temperature, ambient operating: -32 to 104°F (0 to 40°C)
● Temperature, ambient nonoperating and storage: -40 to 167°F (-40 to 75°C)
● Relative humidity, ambient (noncondensing) operating: 10 to 90 percent
● Relative humidity, ambient (noncondensing) nonoperating and storage: 10 to 95 percent
● Altitude, operating: -197 to 6500 ft (-60 to 2000m)
● Dimensions (H x W x D): 1.75 x 14.4 x 16 in. (3.0 x 35.6 x 40.6 cm)
◦ Occupies one slot in a Cisco MDS 9500 Series or MDS 9222i chassis
● Weight: Cisco MDS 9000 Family 16-Port Storage Services Node only: 10.0 lb (4.5kg)
Approvals and compliance
● Safety compliance
◦ CE Marking
◦ UL 60950
◦ CAN/CSA-C22.2 No. 60950
◦ EN 60950
◦ IEC 60950
◦ TS 001
◦ AS/NZS 3260
◦ 21 CFR 1040
● EMC compliance
◦ FCC Part 15 (CFR 47) Class A
◦ ICES-003 Class A
◦ EN 55022 Class A
◦ CISPR 22 Class A
◦ AS/NZS 3548 Class A
◦ VCCI Class A
◦ EN 55024
◦ EN 50082-1
◦ EN 61000-6-1
◦ EN 61000-3-2
◦ EN 61000-3-3
Table 2 provides ordering information for the Cisco MDS 9000 16-Port Storage Services Node.
Table 2. Ordering Information
Cisco MDS 9000 Family 16-Port Storage Services Node
Cisco MDS 9000 Family Gigabit Ethernet, 1/2-Gbps Fibre Channel-Shortwave, SFP, LC
Cisco MDS 9000 Family Gigabit Ethernet, 1/2-Gbps Fibre Channel-Longwave, SFP, LC
Gigabit Ethernet Copper SFP, RJ-45
Cisco MDS 9000 Family 16-Port Storage Services Node, spare
SAN Extension License (1 engine) for the SSN-16 module in MDS 9500, spare
SAN Extension License (1 engine) for the SSN-16 module in MDS 9222i, spare
Cisco I/O Accelerator License (1 engine) for the SSN-16 in MDS 9500, spare
Cisco I/O Accelerator License (1 engine) for the SSN-16 in MDS 9200, spare
For a complete list of supported optics, see
Service and Support
Cisco offers a wide range of services programs to accelerate customer success. These innovative services programs are delivered through a unique combination of people, processes, tools, and partners, resulting in high levels of customer satisfaction. Cisco services help you protect your network investment, optimize network operations, and prepare the network for new applications to extend network intelligence and the power of your business. For more information about Cisco services, seeor
Financing to Help You Achieve Your Objectives
Cisco Capital can help you acquire the technology you need to achieve your objectives and stay competitive. We can help you reduce CapEx. Accelerate your growth. Optimize your investment dollars and ROI. Cisco Capital financing gives you flexibility in acquiring hardware, software, services, and complementary third-party equipment. And there’s just one predictable payment. Cisco Capital is available in more than 100 countries..
For More Information
For more information about the Cisco MDS 9000 16-Port Storage Services Node, visitor contact your local account representative.