Cisco ISCSI

8/10/2019 Cisco ISCSI

1/52

2004 Cisco Systems, Inc. All rights reserved. Printed in USA.

Presentation_ID.scr

1 2004 Cisco Systems, Inc. All rights reserved.

OPT-20539761_05_2004_c2

iSCSI DESIGN AND IMPLEMENTATION

SESSION OPT-2053


OPT-20539761_05_2004_c2

Agenda

Storage Networking Technology Review

iSCSI and IP Storage Network ing

Designing the iSCSI Network

High Availability

Network Boot

iSCSI Network Security

Network Management and Administration

Configuring iSCSI

Summary


2/52


Presentation_ID.scr


OPT-20539761_05_2004_c2

iSCSI Design and Implementation




High Availability

Network Boot



Configuring iSCSI

Summary


OPT-20539761_05_2004_c2

The Typical Storage Environment

Direct Attached Storage (DAS)

Storage is captive behindthe server

Server CPU must handleuser I/O requests, but also:

User-database inqui ries

User file/print serving

Data-integrity checking

Communication wit hother devices

Data access is file systemand platform dependant

Costly to scale; complexto manage

FC

Clients

SCSIFC

Direct-Attached Storage (DAS)

Servers

Win2k Linux Win2k Linux Unix

IP Network


3/52


4/52


5/52


Presentation_ID.scr


OPT-20539761_05_2004_c2





High Availability

Network Boot



Configuring iSCSI

Summary


OPT-20539761_05_2004_c2

IP Storage Networking

IP storage networking provides solu tion to carrystorage traffic within IP

Uses TCP: a reliable transport for delivery

Appl icable to local data center and long-haul appl ications

Two primary protocols:iSCSIInternet-SCSIused to transport SCSI CDBs and datawithin TCP/IP connections

FCIPFibre-Channel-over-IPused to transport Fibre Channel frameswithi n TCP/IP connections any FC framenot j ust SCSI

IP TCPTCP FCIPFCIP FCFC SCSI Data

IP TCPTCP iSCSIiSCSI SCSI Data


6/52


Presentation_ID.scr


OPT-20539761_05_2004_c2

What Is iSCSI?

A SCSI transpor t protocol that operates over TCP/IPEncapsulates SCSI CDBs (operational commands: e.g. reador writ e) and data into TCP/IP byte streams

Al lows IP hosts to access IP-based SCSI targets (either natively

or via iSCSI to FC router)

Standards statusRFC 3720 on iSCSI

Collection of RFCs describing iSCSI

RFC 3347iSCSI Requirements

RFC 3721iSCSI Naming and Discover

RFC 3723iSCSI Security

Broad industry supportServer vendors now publishing own suppo rted iSCSI drivers

Native iSCSI storage arrays now appearing


OPT-20539761_05_2004_c2

SCSI Block CommandsSCSI Block CommandsSCSI StreamSCSI Stream

CommandsCommands

ParallelParallelSCSI TransportSCSI Transport

SCSI Applications (File Systems, Databases)

Parallel SCSIParallel SCSI

InterfacesInterfaces

SCSIDevice-TypeCommands

SCSIGeneric

Commands

SCSITransportProtocols

Layer 3Network

Transport

Layer 2Network Fibre ChannelFibre Channel Ethernet, PPP, HDLCEthernet, PPP, HDLC

Other SCSI CommandsOther SCSI Commands

IPIP

TCPTCP

SCSI Commands , Data, and Status

iSCSI Architectural Model

FCPFCPSCSI over FCSCSI over FC

iSCSIiSCSISCSI over TCP/IPSCSI over TCP/IP


7/52


8/52


Presentation_ID.scr


OPT-20539761_05_2004_c2

iSCSI for Remote Block Access

Block access to remotestorage over IP

Appl ication must to leratelatency for long d istances

Metro Ethernet servicesoffer lower-latencytransport alternative

Remote backup overIP WAN

Centralized managementfrom centralized storage

iSCSI-EnabledHost

RemoteMirrors

IPWAN

StoragePool

FCFabric

FCFabric

iSCSI

Device

Site A

Site B

iSCSI


OPT-20539761_05_2004_c2

iSCSI Naming

Initiator and target require iSCSI names

Name is location independent

iSCSI node name = SCSI device name of iSCSI device

Associated with iSCSI nodes, NOT adapters

Up to 255-byte displayable/human readable string(UTF-8 encoding)

Use SLP (Service Location Protocol) V2, iSNS, or querytarget for names (SendTargets)

Two iSCSI name types:

iqniSCSI qualified name

euiExtended Unique Identifier (IEEE EUI-64also used for FC WWNs)


9/52


Presentation_ID.scr


OPT-20539761_05_2004_c2

iSCSI Name Structure

Unique String

iqn.1987-05.com.cisco.1234abcdef987601267da232.bettyiqn.2001-04.com.acme.storage.tape.sys1.xyz

Type DateOrganization

Naming Authori tySubgroup Naming Authority or

String Defined by Organization Naming Authorityiqn

eui

Date = yyyy-mm WhenDomain Acquired

Reversed Domain Name

Type EUI-64 Identifier (ASCII Encoded Hexadecimal)eui.02004567a425678d

Type


OPT-20539761_05_2004_c2

SCSI and iSCSI Relationship

SCSI device = iSCSI node

SCSI port = iSCSI por t

Network portal definedby (IP addr + TCP por t)

Portal group = singleSCSI connection

iSCSI session betweeniSCSI initiator node and

iSCSI target node

Network Portal

10.5.40.22Port 3260, 5000

Network Portal

10.5.40.22Port 3260, 5000

Network Portal

10.6.40.25Port 3260

Network Portal

10.6.40.25Port 3260

iSCSI Target Portiqn[Tag=2]

iSCSI Target Node: iqn.1999-12.com.ajax:12579iSCSI Target Node: iqn.1999-12.com.ajax:12579

Network Entity (iSCSI Client)

iSCSI Initiator Portiqn.1999-12.com.ajax:OS1+[ISID=1+5+1]

PortalGroups

iSCSI Initiator Node: iqn.1999-12.com.ajax:OS1iSCSI Initiator Node: iqn .1999-12.com.ajax:OS1

NetworkPortal

10.1.30.4

NetworkPortal

10.1.30.4

NetworkPortal

10.2.30.3

NetworkPortal

10.2.30.3

IP NetworkiSCSI

Session

Network Portal

10.4.40.21Port 3260

Network Portal

10.4.40.21Port 3260

iSCSI Target Portiqn.1999-12.com.ajax:12579[Tag=1]

TCPSession

LUs

TCPSession


10/52


Presentation_ID.scr


OPT-20539761_05_2004_c2

iSCSI Sessions

iSCSI has the concept of a session

Two session types: (1) Discovery, and (2) Normal operation

Both session types have various phases/stages

1. Initial login phase

2. Security authentication

3. Operational parameter negotiation

4. Full-featured phase

Session can handle SCSI commands and data

after login is complete


OPT-20539761_05_2004_c2

iSCSI Login Sequence

(No Authentication)iSCSI Device wit h

Configured TargetsInitiator (iqn.abcd.PC1)

with iSCSI Driver

SessionType = discovery; Initi atorName=iqn.abcd.PC1

Auth =none; HeaderDiges t=non e; DataDig est=no ne;

SessionType = discovery; Initi atorName=iqn.abcd.PC1DataPDULength=; MaxBurst Size=;

SendTargets=All

iSCSI Login Command

Establis h TCP Session (SYN, SYN/ACK, ACK Sequence)

iSCSI Login Response (Success)

iSCSI Login Command


DataPDULength=; MaxBurst Size=;

iSCSI Text Command

iSCSI Text Response

TargetName=iqn.email.tgt2; iqn.fi lestore01;

Discovery:Contact Targetand NegotiateSecurity andSessionParameters

Discovery:Contact Targetand NegotiateSecurity andSessionParameters

Discovery:Solicit AvailableTargets

Discovery:Solicit AvailableTargets

Normal LoginLogin to EachTarget andNegotiateSecurity andSessionParameters

Normal LoginLogin to EachTarget andNegotiateSecurity andSessionParameters

TCP Port 3260(Listen)TCP Port 3260(Listen)

Block DeviceHas AlreadyInitialized ontothe FibreChannel Fabric

Block DeviceHas AlreadyInitialized o ntothe FibreChannel Fabric

ThisSequence IsRepeated forEvery TargetAvai lable tothis Initiator

ThisSequence IsRepeated forEvery TargetAvai lable tothis Initiator

iSCSI Login Command

SessionType=normal; Init iatorName=iqn.abcd.PC1; TargetName=iqn.email.tgt1iSCSI Login Response (Success)

Auth =none; HeaderDiges t=non e; DataDig est=no ne;

iSCSI Login Command

SessionType=normal; Init iatorName=iqn.abcd.PC1; TargetName=iqn.email.tgt1


DataPDULength= ; MaxBurstSize=; etc

Establish TCP Session (SYN, SYN/ACK, ACK sequence)


11/52


Presentation_ID.scr


OPT-20539761_05_2004_c2

iSCSI Connections and SCSI Phases

A SCSI command and its associated data- and status-phaseexchanges must traverse the same TCP connection

Linked SCSI commands can traverse separateTCP connections for scalability

iSCSI (TCP) Connection 1

iSCSI Session

SCSI Command (1) (Read)SCSI Data (1)

SCSI Status (1)

iSCSI (TCP) Connection 2

Linked SCSI Commands

SCSI Command (1) (Write)SCSI Data (1)

SCSI Status (1)iSCSIHost

iSCSI iSCSI GW

Device


OPT-20539761_05_2004_c2

iSCSI Discovery

Small networks

Static configuration, in itiators, and targets

SendTargets command makes configuration easier

Medium-sized networks

Service Location Protocol (SLP multicast discovery)

Large-sized networks

iSNS (Internet storage-name service)

Includes soft-zone domains

Includes database for ongoing management


12/52


13/52


Presentation_ID.scr


OPT-20539761_05_2004_c2

iSCSI HBAs and TCPOffload Engines (TOEs)

Offloads TCP and,optionally, iSCSIprocessing intohardware

Relieves hostCPU from:

TCP processing16-bitchecksum per packet

iSCSIoptional 32-bit

header and data digests(CRC32C)

TCPOffload

iSCSIand TCPOffload

File SystemFile System

Block DeviceBlock Device

SCSI GenericSCSI Generic

HBADriver

HBADriver

TCP/IPStack

TCP/IPStack

NICDriver

NICDriver

iSCSIDriver

TOEDriver

TOEDriver

SCSI AdapterSCSI Adapter

AdapterAdapterDriverDriver

TCP/IPStack

TCP/IPStack

iSCSITCP/IPStack

TCP/IPStack

App lic ations


OPT-20539761_05_2004_c2



iSCSI and IP Storage Networking


High Availability

Network Boot



Configuring iSCSI

Summary


14/52


Presentation_ID.scr


OPT-20539761_05_2004_c2

OS and Appl ications Suite for iSCSI

Typical operating systems

Windows 2000 and 2003

Linux

Typical applicationsblock accessed

Microsoft Exchange

Microsoft SQL

Low-end Oracle Database

Other application with medium-low I/O

Shared-disk (clus tered) file system

GPFS (General Parallel File System) Network remote boot

Blade server integration


OPT-20539761_05_2004_c2

Design Considerations

Know your application I/O profile

Know your application throughput

Determine needed availabili ty

Best performance achieved from local(no latency) dedicated (no competing traffic)IP storage network

Distance considerations


15/52


Presentation_ID.scr


OPT-20539761_05_2004_c2

iSCSI Integration in Data Centersand Campus Network

CoreCore

CampusCampusAccessAccess

Internet

MDS MDS

MDS MDS

WebServers

AppsServers

FCFabric

Campus

Data Center

iSCSI iSCSI iSCSI iSCSI iSCSI iSCSI iSCSI iSCSI

i SCS I i SC SI i SC SI i SC SI

CampusCampusDistributionDistribution

i SC SI i SC SI

iSCSIiSCSIiSCSIiSCSIiSCSIiSCSI

FC FC FC FC FC FC FC

IPSIPSIPSIPS


OPT-20539761_05_2004_c2

LDAP

Primary

LDAP

Primary

iSCSI in Data CentersInternetInternet

LDAPSlave

AppServers

DNSServer

WebServers

MailServer

DMZ

MZ

Area 51Area 51

DNS

Primary

DNS

Primary ERPERP

WebApp

Servers

MailG/WMailStor

iSCSI

CECE

Router/FW

Router/FW

Router/FW

Internet

iSCSI


16/52


Presentation_ID.scr


OPT-20539761_05_2004_c2

Bui ld an iSCSI Fabric

iSCSI fabric topology

Ethernet fabric topo logy

iSCSI fabric scalability

Trunking

Port channeling

iSCSI fabric availability

VRRP

iSCSI fabric secur ity

Authent ication and binding

iSCSI fabric manageabili ty

iSCSI identity and management

Scalability

Avai labi lit y

Security

Manageability

iSCSIClients

END

TO

END

END

TO

END

SharedStorage Pool

i SC SI i SC SI

iSCSI iSCSI iSCSI

i SCSI i SCS I

iSCSI iSCSI iSCSI

IPSIPSIPSIPS


OPT-20539761_05_2004_c2

Dedicated IP Storage Network

Separate logicalIP network but notnecessarily separatephysical network

Can use a VLAN ofexisting Ethernetnetwork

Recommend use of

dedicated NIC onhost for iSCSI

Minimized potential forbandwidth contention

iSCSI-EnabledHosts

StoragePool

iSCSIRouters

CatalystSwitches

DedicatedIP StorageNetwork

FCFabric

FCFabric

Clients

Front-Side IP Network

FC-AttachedHosts with HBAs

iSCSI iSCSI iSCSI iSCSI


17/52


Presentation_ID.scr


OPT-20539761_05_2004_c2

Trunking

802.1q trunkingStandard technology, framestagged (12 bit f or VLAN id) andmultiplexed

VLAN 1-4095

Load balancing available basedon IP address, MAC

VLAN terminationCreate subin terfacesVLANs

One IP address to eachsubinterface

Design with trunking

Multiple iSCSI initiators in thesame VLAN target dif ferentiSCSI interfacesload sharing

Add more subin ter faces in thesame VLANscale up bandwidth

switch(config)# int gigabitethernet 2/5.100

swit ch(con fig-if)# ip add 10.10.10.5 255.255.255.0Switch(config)# int gigabitethernet 2/8.100

Switch(config -if)# i p add 10.10.10.8 255.255.255.0

vlan 100: gig2/5.100

vlan 200: gig2/5.200

vlan 300: gig2/5.100

Gig2/8.100

Gig2/8.200

Gig2/8.300

IPSIPS

i SCSI i SCS I

iSCSI iSCSI iSCSI

i SCS I i SCS I

iSCSI iSCSI iSCSI

i SCS I i SCSI

iSCSI iSCSI iSCSI


OPT-20539761_05_2004_c2

GE PortChannel

PortChannel on MDS IPS

802.3ad standard technol ogyto group multip le GE links forlarger bandwidth

Static PortChannel

Two adjacent GEs on thesame IPS module form onePortChannel

Design with GE PortChannel

Increase HA forlarge deployment

Layer 3 port channelIP address on PortChannelinterface

Port parameters must match

sw(config)# int port-channel 100

sw(config-if)# ip add 10.10.10.1 255.255.255.0

sw(config)# int gigabitethernet 2/7

sw(config-if)# channel-group 100

sw(config)# int gigabitethernet 2/8

sw(config-if)# channel-group 100

Catalyst

20:1 One ISL10:1 with GEPortChannel

MDS

oooooooo

IPSIPS

i SCS I i SCS I

iSCSI iSCSI iSCSI

i SC SI i SC SI

iSCSI iSCSI iSCSI


18/52


Presentation_ID.scr


OPT-20539761_05_2004_c2

Best practice design

VSAN membership

Ass ign toiSCSI hosts

Ass ign toiSCSI interfaces

Ass ign to d isk

VLAN termination

Sub-interface

Access control

VLAN and VSAN

mappingManagement

Troubleshooting

VLAN and VSAN Mapping

SharedStorage Pool

vrrp

Vlan 10 Vlan 20

VSAN 10

SAN

switch(config)#iscsi initiator ip-add 51.51.51.51

switch(config-(iscsi-init))#vsan 10

switch(config)#vsan database

switch(config-vsan-db)#vsan 10interface iscsi 2/3

iSCSI based

sw(config-(iscsi-tgt)#pwwn .

sw(config-(iscsi-tgt)#initiator ipadd 51.51.51.51 permit

Zone based

Sw(config)#zone name marketingvsan 10

Sw(config-zone)#member ip-add ..

Sw(config-zone)#member pwwn

IPSIPS

IPNetwork

IPSIPS

VSAN 20

iSCSIClients i SC SI i SC SI

iSCSI iSCSI iSCSI

i SCSI i SCS I

iSCSI iSCSI iSCSI


OPT-20539761_05_2004_c2

Proxy Initiator

Transparent modedefault

Proxy initiator

One pWWN to representmultiple iscsi initiators forscalability

Less entries in t he FCName Server

Ease management of zoning

Useful in cl ustering applications

Move the burden of lun maskingconfiguration and operation tothe IPS blades for sim plermanageability

10.10.10.1pWWN-1

I0.10.10.10pWWN-10

Proxy Initiator

pwwn-proxy

nn:nn:nn:nn:nn:nn:nn:nn

SAN

Proxy-initiator mode

sw(config)#int iscsi 2/3

sw(config-if)#switchport proxy-initiator nwwn pwwn

Proxy InitiatorIP Address:10.10.10.100

IPSIPS

SharedStorage Pool

iSCSIClients

IPNetwork

i SC SI i SC SI

iSCSI iSCSI iSCSI

i SCSI i SCS I

iSCSI iSCSI iSCSI


19/52


Presentation_ID.scr


OPT-20539761_05_2004_c2

IVR in iSCSI

Inter-VSAN routing

Bridging between VSANs

Facilitates resource sharingamong different VSAN

Implement IVR in iSCSI

Unique domain IDs for switchesin the IVR topology

Future release allows dup licatedomain IDsNAT functi on

Ivr zones/zoneset

Ivr zoneset ivrzs1

ivr zon e ivrz1 (H2, H3, T1)

H1

H2 H3 H4 H5

H6

S1 S2

T1T1

VSAN 30 VSAN 40

VSAN 50

Ivr vsan-topology database

sw1 (vsan 30, vsan 50, vsan 60)

ivr zon e ivrz1 (H2, H3, T1)

iSCSI iSCSI

i SCSI i SCSI

IPSIPS

i SC SI i SCS I


OPT-20539761_05_2004_c2

Internet Storage Name Service (iSNS)

iSNSA nam e servic e provi des storageresource discoveryregister/deregister/query

Automatic login contro l servi ceaccess control

State change notification service

Open mapping o f FC and iSCSI devices

Light w eigh protocol on top of TCP (iSNSP)

Client-server model with directory service

Design with iSNSDynamic discovery for large-scaledeployment

Seamless integration wit h FCname service

iSNS server support fromMS Windows and Linux available Shared

Storage Pool

NS in MDSNS in MDS

iSNS Client

SAN

iSNSP

iSCSIClients

IPNetwork

iSNSServer

iSNSP

IPSIPS

i SC SI i SC SI

iSCSI iSCSI iSCSI

i SCSI i SCS I

iSCSI iSCSI iSCSI


20/52


21/52


Presentation_ID.scr


OPT-20539761_05_2004_c2

QoS for iSCSI: What and How to Apply?Best Practice Design for Convergence Network

Qos functions: classification, marking, and scheduling

Traffic shaping

Throttle traffic on out bound

Flows affected durin g congestion

GTS, FRTS, CAR

Rate limiting

Drop packets when limi t is reached

Both inbound and outbound

CAR

Congestion management with FIFO, PQ, CQ, WFQ, DWFQ

Recommendation

Traffic shaping and congestion management

Not to use rate limiting


OPT-20539761_05_2004_c2

QoS on IPS

iSCSI traffic to be marked as high priori ty traffic inthe IP networktcp port 3260

DSCP value set for iSCSI traffic on each iSCSI port

Apply to both control and data frames

sw(config)# int iscsi 2/6

sw(config -if)# tcp qos (0-63)


22/52


Presentation_ID.scr


OPT-20539761_05_2004_c2

iSCSI Read

One-to-one relationship between iSCSI and FCP frames

Single round trip between ini tiator and target to retrieve data

Target

iSCSI Read4kB

FCPSCSIRead4kB

FCPData

FCPData

SCSIStatus=Good

iSCSI Status=Good

iSCSIData-in

iSCSIData-in

IP Network

Initiator

iSCSI

Fibre Channel

SAN

Fibre Channel

SAN

FC


OPT-20539761_05_2004_c2

iSCSI Write

Typical SCSI write requires two round tr ipsMust wait for tr ansfer ready before sending data

iSCSI initiator and target may negotiate Initial R2T = no duringlogin (unsolicited data)

iSCSI data out can follow SCSI write

iSCSI Write4kBITT=12340000

TransferReadyiSCSIDataOut

iSCSIDataOutFCPData

FCPData

SCSI Status=Good

iSCSI Status=good

Two RoundTrips forFCP Write

R2T(ReadytoTransfer)

If R2TRequired,

Then iSCSIData Out

Must Wait SCSIWrite4kB

Fibre Channel

SAN

Fibre Channel

SAN

IP Network

Initiator

iSCSI

Target

FC


23/52


Presentation_ID.scr


OPT-20539761_05_2004_c2

Throughput in iSCSI

SCSI controls data movement

Latency impact on throughput

Throughput is calculated:total data transmitted/end-to-end latency

Factors contri bute to latency:equipment, pr otocol, distance

The larger the distance,the longer the latency1ms/300km

Maximize the throughput

Manage the distance: as sho rtas possible

TCP impact on iSCSI throughput


OPT-20539761_05_2004_c2

Understand TCP Behavior

Throughput

Time

MWS

SSthresh

Slow Start Congestion Avoidance


24/52


Presentation_ID.scr


OPT-20539761_05_2004_c2

How Does TCP Impact IP NetworkThroughput

Number of bytes in flight = Bandwidth*Delay (BW*Delay)

To maximize throughput

Goodput (output = input)

TCP congestion window (cwnd) > = Bandwidth *Delay product

If cwnd too small, throughput is smaller than the network capacity

If cwnd too bi g, congestion happens, which causes retransmission,emptiness of the network

To recover from errors

Size of TCP sender-side socket buf fers = 2*BW*Delay

High-performance network optionsLarge windows (RFC1323)

SACK


OPT-20539761_05_2004_c2

Performance Objectives and

Determining Factors

Understand performance objectives

Number of users

Number of I/O requests

Acceptable response t ime

Desired throughput

Factors impact performance

System resources (CPU, memory, bus architecture)

Storage resources (RPM, cache, RAID level)

Network equipment/gateway

Avai lable IP network bandw idth (espec ial ly in WAN)

Distance between iSCSI initiators and targets

TCP implementation and configuration

I/O block size


25/52


Presentation_ID.scr


OPT-20539761_05_2004_c2

Performance Tuning of iSCSI Network:Best-Practice Design

Use TOE cards on sys tems with high CPU utilizations

RAID-level implementation on disk array

Things related to TCP/IP

Increase TCP window size to make the pipe full (min and maxTCP bandwidth, estimated delay)

Avo id lossy network or use Qos to prior it ize iSCSI traff ic

Enable jumbo-frame support end to end

Enable SACK (default)

Use TCP send buf fer on IPS

Increase I/O block size from 8k to 64k or larger Store-and-forward mode in MDS (no iSCSI CRC)

Fan-out ratio consideration


OPT-20539761_05_2004_c2

iSCSI Deployment Scenarios

Very little delay due to small dis tancein campus network => throughputclose to bandwidth

Appl ications examples: diskconsolidation and file sharing

Disk saving resulting from storageconsolidation

Ease of management in comparingto DASsystem and storage

Consider oversubscription designof IPS links for cos t saving

Large fan-out ratio: iSCSI hostsand storage port

Security consideration Campus Network

iSCSI iSCSI

iSCSIiSCSI iSCSIiSCSI iSCSIiSCSI iSCSIiSCSI

IPSIPSIPSIPS


26/52


Presentation_ID.scr


OPT-20539761_05_2004_c2


iSCSI Deployment Scenarios (Cont.)

Very little or no delay withindata center

Appl ications examples:Web services

iSCSI hosts to provide backup forprimary FC servers

ISL oversubscription and fan out

Blade-server integration

iSCSI remote boot

Number of NIC cards to use

File-sharing considerationiSCSI hosts a NFS serverNAS filer

GPFS

Core

Core

NFS Server

NASFiler


iSCSI iSCSI

iSCSI iSCSI i SC SI i SC SI

iSCSI iSCSI iSCSI iSCSINAS

IPSIPS IPSIPS

IPSIPS IPSIPS


OPT-20539761_05_2004_c2

Blade Server Integration with iSCSI

Shared StoragePool

LUN 3

LUN 2

LUN 1

LUN 0

LUN 3

LUN 2

LUN 1

LUN 0

LUN 3

LUN 2

LUN 1

LUN 0

LUN 3

LUN 2

LUN 1

LUN 0

DHCP Server

Blade Servers

TFTP Server

Boot Imagefor Diskless

Servers

Blade Servers

SAN

MDS

RADIUS ServerEnd Users

iSCSIIP

EthernetSwitch

EthernetSwitch

EthernetSwitch

EthernetSwitch

IPSIPS


27/52


Presentation_ID.scr


OPT-20539761_05_2004_c2


Transport fo r metro network canbe: metro Ethernet, DWDM, CWDM,Sonet, dark fiber

Within metro d istance => smalllatency incurred by the network;Ex. 1 ms one-way delayfor 300 km (180 miles)

Al l design considerat ions in campusand data center network apply

Appl ication examples: streamingmedia service in distributed data

centers; storage consol idationand file-sharing service

Apply QoS

MetroNetwork

i SCSI i SCSI



IPSIPS IPSIPS


OPT-20539761_05_2004_c2


Transparently extend SAN over thedistance for DR through di stributeddata center

Appl ication example: fastfile-sharing service for remoteoffice users

Heterogeneous OS andstorage array

Distance impactTranspor t be Sonet, lease line, FR, etc.

Large distanceLatency impact on operators/end usersfrom user-experience stand point

Latency impact on applicationsfromperformance and throughput s tand point

Apply QoS on WAN-edge devices

Secure the data


iSCSI iSCSI

WAN

IPSIPS IPSIPS



28/52


Presentation_ID.scr


OPT-20539761_05_2004_c2





High Availability

Network Boot



Configuring iSCSI

Summary


OPT-20539761_05_2004_c2

What Can Fail in a Storage Network?

Failure causes:Hardware, software, or cable failures

Misconfiguration or upg rades

Intentional attack

Storage

Co

ntroller

DiskFailure

Controller orInterface Failure

Network Failure (Software,Hardware, Links, etc)

LinkFailure

NIC or HBAFailure

HostFailure

App licat ion


29/52


Presentation_ID.scr


OPT-20539761_05_2004_c2

iSCSI High-Availability Approaches

Two approaches:

Client-based

Multipathing

NIC teaming

Network-based

VRRP

PWWN aliasing

Static target importing and trespass

Can use combinations of the above accordingto requirements


OPT-20539761_05_2004_c2

iSCSI HA Multipathing Variations

Acti ve/Act ive:balanced i/oover both paths(implementationspecific)

Acti ve/Passi ve:i/o over primarypathswitchesto standby pathupon failure

A/A or A/P w il lvary by vendorimplementationand storage type

Standby (Failover) Path

Primary Path

Act ive

Act ive

Act ive

Passive

pWWN apWWN a

pWWN bpWWN b

pWWN apWWN a

pWWN bpWWN b

LUN Mapped overMultiple PathsUsing DifferentController pWWNs

MultipathingSoftware Balancesi/o over AvailableiSCSI Interfaces

MultipathingSoftware MonitorsAct ive i SCSI Path

iSCSI Driver

Multipathing

App lic atio nApp lic atio n

iSCSI Driver

MultipathingApp lic atio nApp lic atio n


30/52


Presentation_ID.scr


OPT-20539761_05_2004_c2

Real GigEAdd ress

IP: 10.0.0.2MAC: 00000f123456

Real GigE AddressIP: 10.0.0.3

MAC: 00000f654321

iSCSI HA: VRRP (MDS9000 Family)

RFC 2338

Protects Ethernet port, card, or switch failure

Al ternate port , card o r swi tch assumes conf iguration of fai ledport/card/switch

Maintains same virtual IP and MAC addresses

Same storage mappings (target WWPN and LUNs)

iSCSI sessions terminated and reestablished (state not retained)

pWWN apWWN a

VRRP Multicast HelloPackets Exchanged i n Band

Between Switch A and Switch B

Virtual Address

IP: 10.0.0.1MAC: 00000fabcdef

Switch A

Switch B

10.0.0.200

Storage Array

IPNetwork

Initiator Configuredto See Targets at

Virtual Address

iSCSI


OPT-20539761_05_2004_c2

iSCSI HA: PWWN Aliasing and Trespass

Protects against FC port/fabric failure, or storage arraycontroller/port failure

Available fo r statically imported iSCSI targets

Controller ports can be active/active or active/passiveSecondary path will only take over if primary path fails

LUNs mus t be visible over both ports (e.g. pWWN a and pWWN b)Some targets require receipt of a Trespass command to invoke the export of LUsto the passive port

LUN MustBe VisibleThrough BothController Ports

pWWN apWWN a

pWWN bpWWN b

10.0.0.1

Storage Array

This Path Takes Over ifPath to pWWN a Fails

iSCSI Virtual Target = abcPrimary Access = pWWN aSecondary Access = pWWN b

10.0.0.200iSCSI


31/52


Presentation_ID.scr


OPT-20539761_05_2004_c2

FibreChannelFabric

iSCSI HA: Comparison of Approaches

Multipathing Host initiator presented with

TWO iSCSI targets (withdifferent iSCSI names)

Multipathing software resolvesaccess to common LUN throughthe two targets

Both paths active to the network(Multipathing software may usewith A/A or A/P)

VRRP

Host initiator presented with

SINGLE iSCSI target at same(virtual) IP address

Only one path acti ve at a time (a/p)

iqn.email.tgt1

iqn.email.tgt2

10.1.1.1

10.2.2.2

iqn.email.tgt1

Virtual IP10.1.1.1

iSCSI

iSCSI

iqn.email.tgt1


OPT-20539761_05_2004_c2





High Availability

Network Boot



Configuring iSCSI

Summary


32/52


Presentation_ID.scr


OPT-20539761_05_2004_c2

Network Boot

Typical iSCSI client (e.g. host server)loads in the following order:

1. Operating system (e.g. Windows 2000, Linux)

2. Network

3. iSCSI client driver

How can you load the OS over iSCSI?

Network boot uses PXE (Preboot ExecutionEnvironment) capability present in many

server BIOS and NICs (part of Intels Wiredfor Management (WFM) spec)


OPT-20539761_05_2004_c2

Network Boot: Boot Sequence

1. BIOS sends DHCP request

2. DHCP server returns:

Servers IP address and g/way

TFTP server add ress and ROMextension filename

iSCSI server, target, and LUN

3. BIOS uses TFTP to fetch andexecute inbp.com file

4. ROM extensi on sends DHCPrequest for iSCSI Boot String

5. DHCP server r eturns iSCSIserver, iSCSI target, and LUN

6. ROM extension interceptsINT13 disk r/w and redirectsto iSCSI server

7. BIOS reads C: drive (through inbp.com t o load OS (Windows)

8. BIOS executes Windows OS andloads networks and iSCSI drivers

9. Windows uses i SCSI driver toaccess drives (normal operation)

DHCPServer

TFTP

Server0 1 2

iSCSI Servere.g. SN5428 orMDS9000 IPS-8

Fibre ChannelAttac hedStorage Array

33

Fibre ChannelFibre Channel

11

22

4455

C: D: E:

NIC

Diskless Win2k ServerPXE 2.1

NetworkDriver

iSCSIDriver

WindowsOS

SystemBIOS

ROMExtension

UNDIDriver

88

66

99 77


33/52


Presentation_ID.scr


OPT-20539761_05_2004_c2

iSCSI Remote Boot Implementation

iSCSI Clients(Diskless

Server)

SharedStoragePool

iSCSI Disksas BootDisks

Boot Imagefor Diskless

Servers

iSCSIiSCSI

iSCSI iSCSIiSCSI

iSCSIiSCSI

iSCSI iSCSIiSCSI

DHCP Server

Master Server

TFTP Server

IP Address

TFTP ServerInformation

Inbp.comIPSIPS


OPT-20539761_05_2004_c2





High Availability

Network Boot



Configuring iSCSI

Summary


34/52


Presentation_ID.scr


OPT-20539761_05_2004_c2

Secure iSCSI Network and Storage

Average $2.7 mill ion loss when proprietaryinformation s tolen according to CSI and FBI

Intrusion and denial of service attack

Where to secure

In storagewhile at rest

In iSCSI networkon the wire

iSCSI security components

Traditional segmentation and access cont rol

Authent icationEmerging SAN architecture

IP network security techniques


OPT-20539761_05_2004_c2

Secure iSCSI Network: Highlights

SAN Management

SSH, Radius,SNMPv3, SFTP

iSCSI Security Services

VSAN

ZoningiSCSI Host Can Be Zonedwith IP Address or IQN Name

LUN Masking/Mapping

iSCSI HostIP Access

ACLS

VLANs/PVLANs

IPSec VPN

Firewalls

iSCSI Authentication

LUN Masking/Mapping

Target Access Securit y

Zoning

Advanced Zoni ng

LUN Zoning

Read-Only Zoning

CiscoMDS 9000

Family

AAA Aut henticat ion

SSH, Radius, SNMPv3,SFTP, RBAC

Target

Host

RADIUS


35/52


Presentation_ID.scr


OPT-20539761_05_2004_c2

Traditional Storage Means

Zoning

Segmentation within a fabric and initial access control

Soft zoning and hard zoning

Zone members can be either iSCSI hosts IP addressesand/or symbolic names

LUN masking

Defining relationship between iSCSI hosts andstorage devices

Detailed into LUN levelPerformed at array controller

iSCSI hosts can be represented by proxy in itiator in MDS


OPT-20539761_05_2004_c2

AAA iSCSI Authent ication

Al low ONLY authenticated iSCSI init iators to accessconfigured LUNs

Two-way authentication

iSCSI initiators authenticated by iSCSI routers

iSCSI routers/targets authenticated by iSCSI initiators

Choice of authentication methods

RADIUS external server

TACACS+ external server

Local username database (CHAP)

CHAP (Challenge Handshake Authentication Protocol)used as authentication pro tocol


36/52


Presentation_ID.scr


OPT-20539761_05_2004_c2

iSCSI Authentication (Cont.)

Optional mutual authentication ofinitiators and targets

CHAP used as authentication methodSpecified globally on/off or by GE interface

Initiators authenticated to targetsPer target username/password con figured ininitiator and ch ecked against local databaseor AAA server

Targets authenticated to initiatorsInitiator username/password in switch,checked against secret configured in ini tiator

RADIUS orTACACS+Server

CHAP

User1/pwd1User2/pwd2/

iqn.target1

username: User1

iqn.target1

username: User1

iqn.target2username: User2

iqn.target2username: User2

Initiator Configuration

Initiator n ame:iqn.really.bigserver1Password: abc123

iqn.target1Username: User1Password: pwd1

iqn.target2Username: User2Password: pwd2

Initiator Name:iqn.really.bigserver1

Username: is csiuser1

FC

FC


OPT-20539761_05_2004_c2

Emerging Secure SAN Archi tecture

Secure transport for fabric accessSNMP v3, SSH, SFTP, SSL, AAA

VSAN

Partitioning SAN fabric into vir tual entities

Tagging each frame by MDS to insure total iso lation of each entity, hence security

iSCSI port VSAN membership assign

iSCSI initiator VSAN membership assign

iSCSI based access control

Access to iSCSI vir tual target/LUN granted to in div idual iSCSI hos t

iSCSI LUN mapping provides more access control more granularlyat LUN level

Adverti sement of iSCSI v ir tual target Making an iSCSI zone read-only zoneprotecting the data integrity

on iSCSI virtual target

Role-based management access control

Apply t o iSCSI related network m anagemen t ro les


37/52


Presentation_ID.scr


OPT-20539761_05_2004_c2

IP Network Security Techniques

FirewallStandalone or int elligent firewall service module

Al low well-known TCP port 3260 for iSCSI

IPSec VPNVPN tunnel for iSCSI remote access

Access Contro l L is t (ACL)

VLAN and PVLANSubinterface implementation on iSCSI

Separated VLAN for iSCSI

Port securityAl low, block, o r rest rain access to Ethernet based onMAC address

IDShow do you know when the attack happens


OPT-20539761_05_2004_c2





High Availability

Network Boot



Configuring iSCSI

Summary


38/52


Presentation_ID.scr


OPT-20539761_05_2004_c2

Management and Administration

Network management protocolsSNMP v3

Network management tools

CLIlook and feel the same as IOS

Cisco Fabric Manager (CFM)for fabr ic wide tasks

Cisco Devices Manager (CDM)for device specific tasks

Integration w ith other leading management tools underway

Network operation and monitoring

SPANsource can be iSCSI interface, designed to work

with Port Analyzer AdapterCisco Protocol Analyzer

Cisco Traffic Analyzer


OPT-20539761_05_2004_c2

iSCSI Network Management

The Cisco Fabric Manager(CFM) with full multiprotocolmanagement

Multiprotocol topology discovery

Multiprotocol zoning and VSANassignment

CFM maps iSCSI as dotted linkand Fibre Channel as solid link

iSCSI assigned addresses(WWNs) are kept in nonvolatil e

configurationCan be easily extract ed via TFTP,FTP, SFTP to be arch ived

Each iSCSI session can beclosely monitored throughCFM stats

Cisco Fabric ManagerScreenshot Showing Multiprotocol

SAN Topology


39/52


Presentation_ID.scr


OPT-20539761_05_2004_c2

Cisco Fabric Manager: Screenshot

Cisco Fabric Manager

Screenshot ShowingMultiprotocol SAN Topology

Dual-HomediSCSI Hosts

FCIP Links

iSCSI Hostsin Default

Zone

Port Channels

FibreChannel

Hosts


OPT-20539761_05_2004_c2





High Availability

Network Boot



Configuring iSCSI

Summary


40/52


Presentation_ID.scr


OPT-20539761_05_2004_c2

MDS iSCSI Overview

IPS module creates virtual iSCSI targets and mapsthem to physical FC targets

Presents FC targets to IP hosts as iSCSI targets

Presents each iSCSI host as a FC host

Storage device responds to IP host as it wereconnected to Fabric


OPT-20539761_05_2004_c2

Logical Representation

and Mapping on MDS

iSCSI Initi ators Presentedas FC Initiator s

FC Targets Presentedas iSCSI Targets

iqn.abc.123

iqn.def.123iqn.ghi.456

iqn.jkl.555

iSCSI Storage View

IP

pWWN a

Fibre Channel SAN View

pWWN bpWWN c

pWWN d

FCFC

iSCSI

iSCSI

iSCSI

IP Network

pWWN 12:3456fcid 0x550001

IP Addr 10.1.1.2iqn.target.abc

IP Addr 10.1.1.1iqn.initiator.abc

Fibre ChannelFabric

pWWN 12:3478fcid 0x550002


41/52


Presentation_ID.scr


OPT-20539761_05_2004_c2

iSCSI Initiator and Target Views

iSCSI host is assignedIP address and IQN name

iSCSI driver maps SCSIrequests and responsesto IP packets

FC zoning and LUN maskingcontrols access from initiatorto target

FC target owns pWWN andis assigned FCID

pWWN Bfcid 0x550002

pWWN Afcid 0x550001

Fibre Channel

Fabric

ip Addr 10.1.1.1iqn.initiator.abc

ip Addr 10.1.1.2iqn.target.xyz

iSCSI

FC

IP Network

FC


OPT-20539761_05_2004_c2

Present FC Target as iSCSI Target (Dynamic)

DynamicIPS module maps each FC target asone iSCSI target with un ique IQN name

Al l LUNs in SAN are avai lable as an iSCSI LUN

iSCSI target IQN created

MDS1(config)# iscsi import target fc

Command Imports All FC Targetsand Assigns an IQN for Each

pWWN; Each GE Configured


pWWN 12:3478fcid 0x550002

FC

FC


42/52


Presentation_ID.scr


OPT-20539761_05_2004_c2

MDS1(config)# iscsi virtual-targetname anyname

MDS1(config-iscsi-tgt)# pWWN12:34..78 (Real pWWN of Target)

MDS1(config-iscsi-tgt)# initiatoriqn.initiator.abc (Initiator iqn.xxx or ip

Add ress that Can Access th is Target )

MDS1(config-iscsi-tgt)# advertiseinterface gig 2/1 (Interface to BeAdvert ised, Defaul t Is All GE Port s)

Present FC Target as iSCSI Target (Static)

Staticmanually select which FC target wil l beadvertised as iSCSI target

Access can be cont ro lled by control ler


pWWN 12:3478fcid 0x550002

FC

FC


OPT-20539761_05_2004_c2

Present iSCSI Host as FC Host (Dynamic)

Mapping each iSCSI host to a vir tual FC hostwith pWWN and FCID

DynamicnWWN and pWWN are allocatedby MDS FC WWN pool

Issues Are that pWWN CanChange with Each SessionDrops and Reconnects

This Can Be Resolved withPersistent pWWN/nWWN

After Ini ti al Login

iSCSI


pWWN 12:3456fcid 0x550001


43/52


Presentation_ID.scr


OPT-20539761_05_2004_c2

Present iSCSI Host as FC Host (Static)

Staticused if iSCSI host must have thesame pWWN as in connecting to intelligentFC storage with LUN mapping

MDS1(config)# iscsi init iator nameiqn.intitiator.abc (Real IQN Name)

MDS1(config-iscsi-init)#pWWN 12:34..56(Any pWWN to Used)

MDS1(config-iscsi-init)#nWWN 22:22..56


pWWN 12:3456fcid 0x550001

iSCSI


OPT-20539761_05_2004_c2

Basic Configuration Procedures

Configure interface on IPS module for iSCSI access

iSCSI initiator configuration

iqn name or ip address

iSCSI target creation and mapping

Access contro l

iSCSI-based

Zone-based


44/52


Presentation_ID.scr


OPT-20539761_05_2004_c2

Interface Configurations

First enable iSCSI

sw(config)# iSCSI enable

Assignment IP address to the GE inter face

sw(config)# interface gigabitethernet 2/5

sw(config-if)# ip address 10.10.10.1 255.255.255.0

Parameters such as MTU size

Enable the GE interface for iSCSI transport

sw(config)# int iscs i 2/5


OPT-20539761_05_2004_c2

iSCSI Initiator Configuration

Create an iSCSI initiator using IP address

sw(config)# iscsi initiator ip-address 10.10.10.1 255.255.255.255

sw(config-(iscsi-init))# static pwwn hh:hh:hh:hh:hh:hh:hh:hh

Or sw(config-(iscsi-init))# static pwwn system-assign

Or do nothing for d ynamic assign

sw(config-(iscsi-init))# vsan 100

sw(config-(iscsi-init))# vsan 101

Other parameters such as MTU size can be configured

Create an iSCSI init iator using IQN namesw(config)# iscsi initiator name iqn.com.cisco.initiator.abc

The rest is the same as using IP address

Use SwitchWWN Pool

to KeeppWWN

Persistent

Can Be MultipleVSANs for

Trunking

SystemDynamic

Ass ign WithoutPersistency


45/52


Presentation_ID.scr


OPT-20539761_05_2004_c2

iSCSI Virtual Target Configuration

Dynamic import of FC target

sw(config)# iscsi import target FC

Static creation of iSCSI virtual target

sw(config)# iscsi virtual-target nameiqn.com.cisco.target.abc

sw(config-(iscsi-tgt))# pwwn hh:hh:hh:hh:hh:hh:hh:hh fc-lun 2 iscsi-lun 0

sw(config-(iscsi-tgt))# trespass

Useful If AllLUNs in FC Areto Be Available

to iSCSI

LUN MappingProvides

Flexibility Whennot All FC LunsAre Exposed

Enable Trespassto Allow StandbyLink to Become

Act ive in the Evenof Primary Failure


OPT-20539761_05_2004_c2

Target-Only iSCSI Mapping

Map an iSCSI target to a physical storage target andall its LUNs are used

MDS9000 Configuration:

iscsi virtual-target name iqn.emailpWWN 20:00:07:63:00:c5:87:52

MDS Switch

LUN 0

LUN 1

LUN 2

LUN 3

Serial# 00018874

Serial# 00118874

Serial# 00218874

Serial# 00318874

Physical Storage Array

WWPN: 20:00:07:63:00:c5:87:52

LUN 3

LUN 2

LUN 1

LUN 0

Targetiqn.email


46/52


Presentation_ID.scr


OPT-20539761_05_2004_c2

Mapping to Host Server

Each mapped LUN appears as a local disk vo lumeto the host server

TargetEmail

MDS SwitchServer e.g Win2K Server

Local Disk (D:)

Local Disk (E:)

Local Disk (F:)

Local Disk (G:)

Target-Only

Mapping

LUN 0

LUN 1

LUN 2

LUN 3

Serial# 00018874

Serial# 00118874

Serial# 00218874

Serial# 00318874


WWPN: 20:00:07:63:00:c5:87:52 Loopid: 129

LUN 3

LUN 2

LUN 1

LUN 0


OPT-20539761_05_2004_c2

Target-and-LUN iSCSI Mapping

Map to a uniquely identifiable LUN using one of:

WWPN + LUN

LUN WWN (not always assigned)


WWPN: 20:00:07:63:00:c5:87:52

Targetiqn.email

MDS SwitchMDS9000 configuration:

iscsi virtual-target name iqn.emailpWWN 20:00:07:63:00:c5:87:52 fc-lun 2 iscs i-lun 0

LUN 0

LUN 0

LUN 1

LUN 2

LUN 3

Serial# 00018874

Serial# 00118874

Serial# 00218874

Serial# 00318874


47/52


Presentation_ID.scr


OPT-20539761_05_2004_c2

Mapping Virtual Targets to Host Servers

LUN 0

LUN 1

LUN 1

LUN 0

LUN 1

LUN 0

Serial# 00014522

Serial# 00114522

Serial# 00019876

Serial# 00119876

WWPN: 20:00:07:63:00:11:22:33

Target Email

Server e.g Win2K Server

Local Disk (D:)

Local Disk (E:)

Local Disk (F:)

Local Disk (G:)

Serial# 00018874

Serial# 00118874

Physical Storage Arrays

WWPN: 20:00:07:63:00:44:55:66

WWPN: 20:00:07:63:00:bb:cc:dd

Target DB

Target Web

Target and LUNMapping

Target and LUNMapping

Target-onlyMapping

LUN 0

LUN 1

LUN 0

LUN 0


OPT-20539761_05_2004_c2

Access Control

iSCSI-based

sw(config)# iscsi virtual-target i qn.com.cisco.target.abc

sw(config-(iscsi-tgt))# initi ator permit

Or sw(config-(iscsi-tgt))# initiator permit

Or sw(config-(iscsi-tgt))# all-initiator-permit

sw(config-(iscsi-tgt))# advertise interface

Zone-based

sw(config)# zone name iscsi-zone vsan 100

sw(con fig-zone)# member pwwn 21:00:00:20:37:4b:9a:bc

sw(con fig-zone)# member i p-address 10.10.10.1

sw(config-zone)# member symbolic -nodenameiqn.com.cisco.initiator.abc


48/52


Presentation_ID.scr


OPT-20539761_05_2004_c2

IP Storage Network Design




High Availability

Network Boot



Configuring iSCSI

Summary


OPT-20539761_05_2004_c2

Summary

Leverages the existing IP infrastructure

Hence the in telligence, capacity, and best practice designcan be leveraged in the iscsi infrastructure

Complementary to FC yet represents a low-costtransport choice

Midrange applications connectivity

Midrange server connectivity with blade serverintegration as new system candidate

Potential long-distance SAN transport


49/52


Presentation_ID.scr


OPT-20539761_05_2004_c2

Reference Materials

http://www.t10.org/

http://www.t11.org/index.htm

http://www.ietf.org/rfc.html on RFC 3720

http://www.cisco.com/en/US/partner/products/hw/ps4159/index.html


OPT-20539761_05_2004_c2

Associated Sessions

OPT-1051Introduct ion to Storage Technologiesand Applications

OPT-2051Fibre Channel Storage Area NetworkDesign

OPT-2052FCIP Design and Implementation

OPT-2054Storage Networking Security

OPT-3052Troubleshooting MDS 9000 IP Storage

Area Networks Refer to the session listing on the Networkers

Speaker website at:http://wwwin.cisco.com/Mkt/events/nw/2004/speaker.html


50/52


Presentation_ID.scr


OPT-20539761_05_2004_c2

Appendix

SCSISmall ComputerSystem Interface

iSCSIinternet SCSI

DASDirect Attached Storage

FCFibre Channel

CDBCommand DescriptorBlock

R2TReady To Transfer

LUNLogical Unit Number

SLPService Location Protocol

IQN iSCSI Qualified Name

EUIExtended Unique Identi fier

iSNSInternet Storage NameService

TOETCP Offload Engine

NFSNetwork File System

GPFSGeneral Parallel File System

DMZDemili tarized Zone

MZMilitari zed Zone

IVRInter-VSAN Routing

GTSGeneric Traffic Shaping

FRTSFrame-Relay Traffic Shaping

CARCommitted Access Rate

PQPriority Queuing


OPT-20539761_05_2004_c2

Appendix: (Cont.)

CWDMCoarse WavelengthDivision Multiplexing

DRDisaster Recovery

VRRPVirtual RouterRedundancy Protocol

BIOSBasic Input/Output System

ROMRead-only Memory

SNMP v3Simple NetworkManagement Protocol, version 3

SSHSecure Shell

SSLSecure Socket Layer

AAAAuthenticat ionAuthor izat ion Account ing

RADIUSRemote AuthenticationDial-in User Service

CQCustom Queuing

FIFOFirs t In First Out

WFQWeighted Fair Queuing

DSCPDifferent iated ServicesCode Point

SSSlow Start

CACongestion Avoidance

MWSMaximum Window Size

SACKSelective

Acknowledgment RPMRotations Per Minute

RAIDRedundant Arrays ofInexpensive Disks

DWDMDense WavelengthDivision Multiplexing


51/52


Presentation_ID.scr


OPT-20539761_05_2004_c2

Appendix: (Cont.)

TACACS+Terminal Access Controller AccessControl System

RBACRole-Based Access Control

CHAPChallenge Handshake Authentication Protocol

CFMCisco Fabric Manager

CDMCisco Device Manager

SPANSwitched Port Analyzer

MDSMultilayer Director Switch

IPSIP Service (module)

PAAPort Analyzer Adapter

CS+Terminal Access Controller Access Control System


OPT-20539761_05_2004_c2

Q AND A


52/52


OPT-20539761_05_2004_c2

Complete Your Online Session Evaluation!

WHAT: Complete an online session evaluationand your name will be entered into adaily drawing

WHY: Win fabulous prizes! Give us your feedback!

WHERE: Go to the Internet stations locatedthroughout the Convention Center

HOW: Winners wil l be posted on the onsiteNetworkers Website; four winners per day

Cisco ISCSI

Documents

Transcript of Cisco ISCSI