08 iSCSI Considerations

7/28/2019 08 iSCSI Considerations

1/141PowerEdge M1000e Administration and Configuration



iSCSI is:

Block level storage

Standards based:

Open standard for SCSI over IP

Ratified by IETF standards committee

iSCSI performs extremely well:

Switched Gb Ethernet outperforms 1Gb Fibre

124 MB/sec per interface

10 Gb-Ethernet iSCSI deployments to be available in the future

iSCSI is a secure, reliable storage

Security built-in to standard (IPSec, VLANs, CHAP)

Multilayer access control (IP address, Initiator, CHAPs)

Switched GbE is point to point, full duplex

iSCSI exploits existing IP knowledge base:

Leverages existing network management tools (SNMP, etc.)

Is a consistent protocol with WAN and LAN infrastructures

Reduces interoperability issues:

IP standards are mature



What is iSCSI?

iSCSI defines how storage traffic is handled across a TCP/IP network in the

following suite of RFCs:

RFC 3720 iSCSI

RFC 3721 Naming and Discovery

RFC 3722 String Names

RFC 3723 Securing Block IP Protocols

Provides all the benefits of a SAN:

MPIO, Boot from SAN, Clustering, HBAs, and SAN backup

iSCSI uses a combination of two familiar networking technologies:

Gigabit Ethernet Data Link level protocol to connect between a server and

a level 2 switch:

Uses a MAC address to route between the two

Uses flow control to control the traffic

Uses jumbo frames (9000 byte)

TCP/IP

Routing protocol

Guaranteed delivery system

Storage traffic uses the familiar SCSI protocol to perform SCSI reads and writes to

storage devices from a server



iSCSI initiators issue SCSI commands

Commands are Read, Write or Status

Commands are used to request services from components (logical unit known as a

target)

iSCSI targets service the requests from the initiator

iSCSI transmits and receives block storage applications over TCP/IP networks by

encapsulating SCSI commands into TCP and transporting them over the network via IP

iSCSI deployments:

Initial deployments are commonly project-oriented:

Deal with lack of storage for email, databases, and new applications

Provide storage consolidation

Improve the storage management feature set provided by DAS

After initial deployment, SAN becomes infrastructure:

Expanded use for existing applications

New servers and applications

New IT operations

Disk-to-disk backup

Snapshot-based backups

Disaster protection



iSCSI requires that the iSCSI initiator and target nodes have one of two types of names.

Name types:

IQN, iSCSI qualified names

Example: iqn.2001-05.com.equallogic:6-8a0900-9f46a0201-

be4ff0d21dd428df-testvoulume1

Format

Reverse DNS naming equallogic.com = com.equallogic

Naming Authority would add a unique string of characters

EUI (enterprise unique identifier)

Example: eui.abcde49123779abcd

Format

Formed using the IEEE EUI (Extended Unique Identifier)

format (16 hex characters)

High 24 bits is the company id, which is IEEE assigned

Low 40 bits is the manufacturer assigned value preceded by

the date that the name was assigned

Both are intended to be long lived and unique.

Both are controlled by a central naming authority such as a department within the

corporation.

The default iSCSI protocol port number is 3260.



Logging on to the iSCSI target will make the volume visible to this host. To log on to

the target:

From the Targets tab, highlight the target you will attach to

Press the Log On button

When Log On to Target appears, select the Automatically restore this

connection when the system reboots checkbox and press OK

Select the Persistent Targets tab and confirm that the iSCSI name of the

target is listed



When a login occurs:

The first login request goes to the PS Series group IP address.

Within the response that is returned to the initiator, there is a Status

class field indicating that the initiator must login to another IP

address. In the case of the PS Series, this IP address will effectively bethe least busy port.

Initially, the login process appears to be round-robin but as traffic

starts to flow, the least busy port or the port with the fewest

connections is chosen.

Then, the initiator is redirected to the least busy port and logs in to that IP

address.

This process of redirection is normal and fully covered in the iSCSI spec.

It is also used in other ways with the PS Series:

If you have a connection to eth2 and if for some reason the switch

port that eth2 is connected to fails, then the initiator will retry thecurrent port briefly, and then attempt to log in to the group IP

address again. Once again, it would be redirected to another port.

While the user may see a brief blip in performance, redirection should

not cause errors.



Network Configuration Choices

Private network

Requires separate switch

Can be inappropriate for some deployments

Separate Subnet/VLAN

Most commonCan use switch level access control for SAN

Port blocking (iSCSI uses port 3260)

Address filtering

LAN (merged LAN and SAN)

May be required with software initiators on desktops or blade servers

WAN

Should be used with VPN or other encryption mechanisms

Network Switch Options

Flow control

Ability of receiver to slow down a sender to avoid packet loss

Unicast storm controlSwitch feature to control storms; must be disabled on SAN ports

Spanning Tree

Switch capability to detect loops in multiple switch configurations

Lengthens time for ports to become usable; should be shortened in SANs (oravoided).

Separate vs. shared subnets (Layer 2 vs. Layer 3)

VLANs allow for separate network traffic while using the same switchinfrastructure

VLANs are separate subnets; adds requirement for L3 switches

Jumbo Frames

Allow larger packet sizes (~9000 bytes vs. 1500 bytes)

Can help improve performance, especially with software initiators



General iSCSI traffic guidelines:

iSCSI traffic tends to be "bursty" with large amounts of data coming all at oncefollowed by idle periods.

The switch needs enough bandwidth to handle the bursts AND enough buffer spaceto buffer packets for other, less fortunate members of the network. Those members

may not able to handle full speed bursts and must use flow control to mitigate theincoming data.

General GE Switch guidelines:

Ideally, the switching fabric should be able to handle 2 Gbps times the number ofports (because the traffic is full duplex). So, a 24-port switch should have an internalspeed of at least 48 Gbps.

For buffer space, a figure of at least 512KB per port seems to be a good startingpoint.

The reason for emphasizing per port is that some switches are designed sothat multiple ports share the same buffer space (and sometimes the samefabric interconnection).

This means that if only one port in this group is passing traffic, then it hasplenty of buffer space and/or bandwidth. As soon as you start passing trafficon multiple ports, and the space and/or bandwidth needs to be dividedamong the ports, there is no longer enough available per port to do the job.

Jumbo frames guidelines:

The maximum frame size that the PS Series can currently handle is 9014 bytes.

Some manufacturers of network equipment call this "9000 bytes"; it dependson whether they count the 14-byte Ethernet header as part of the frame ornot.

We recommend that you not set the jumbo frame size on your switch toanything more than 9014 (or 9000) bytes.

Trunks, ISLs, and Stack cables

Recommend stacking cables if available or if not available then sufficient Trunk, ISLs,to support the load. Rule of thumb is 1 trunk for each active port within the group.


14/14

08 iSCSI Considerations

Documents

Transcript of 08 iSCSI Considerations