Home > Articles > Microsoft > MCTS

  • Print
  • + Share This
This chapter is from the book

Network-Attached Storage (NAS) and Storage Area Networks (SAN)

Network-attached storage (NAS) is a file-level computer data storage device that is connected to a computer network to provide shared drives or folders. To make NAS fault tolerant, NAS systems usually contain one or more hard disks, often arranged as RAIDs. NAS units also usually have a web interface as opposed to keyboard/video/mouse.

A storage area network (SAN) is an architecture that attaches remote computer storage devices (such as disk arrays, tape libraries, and optical jukeboxes) to servers in such a way that, to the operating system, the devices appear as locally attached. They are typically used in larger organizations where the SAN acts as a central disk repository that services multiple servers and network applications. The SAN usually contains multiple hard drives that use RAID or other technology to make the system redundant against drive failure and to offer high performance.

Most SANs use the SCSI protocol for communication between servers and disk drive devices. But instead of using the same SCSI interface used in local hard drives, it uses network interfaces, such as

  • Fibre Channel
  • iSCSI

A fabric is a network topology where devices are connected to each other through one or more high-efficiency data paths. In the case of a Fibre Channel fabric, the network includes one or more Fibre Channel switches that enable servers and storage devices to connect to each other through virtual point-to-point connections. For iSCSI fabrics, the network includes one or more Internet Storage Name Service (iSNS) servers that provide discoverability and partitioning of resources.

Fibre Channel

Fibre Channel is a gigabit-speed network technology primarily used for storage networking. Fibre Channel is standardized in the T11 Technical Committee of the InterNational Committee for Information Technology Standards (INCITS), an American National Standards Institute (ANSI)–accredited standards committee. Despite its name, Fibre Channel signaling can run on both twisted pair copper wire and fiber-optic cables. Fibre Channel Protocol (FCP) is the interface protocol of SCSI on the Fibre Channel.

In a Fibre Channel switched fabric (FC-SW), Fibre Channel switches connect devices together. When a host or device communicates with another host or device, the source and target create a point-to-point connection between themselves and communicate directly with each other. The fabric itself routes data from the source to the target. In an FC-SW, the media is not shared. Therefore, any device can communicate with any other device, assuming it is not busy, and communication occurs at full bus speed regardless of whether other devices and hosts are communicating at the same time.

A port in Fibre Channel is any entity that actively communicates over the network. Port is usually implemented in a device such as disk storage, an HBA on a server, or a Fibre Channel switch. There are three major Fibre Channel topologies, describing how a number of ports are connected together:

  • Point-to-Point (FC-P2P): Two devices are connected back to back. This is the simplest topology, with limited connectivity.

  • Arbitrated loop (FC-AL): In this design, all devices are in a loop or ring, similar to token ring networking. Adding or removing a device from the loop causes all activity on the loop to be interrupted. The failure of one device causes a break in the ring. Fibre Channel hubs exist to connect multiple devices together and may bypass failed ports. A loop may also be made by cabling each port to the next in a ring. A minimal loop containing only two ports, while appearing to be similar to FC-P2P, differs considerably in terms of the protocol.

  • Switched fabric (FC-SW): All devices or loops of devices are connected to Fibre Channel switches, similar conceptually to modern Ethernet implementations. The switches manage the state of the fabric, providing optimized interconnections.

When a host or device is powered on, it must first log in to the fabric. This enables the device to determine the type of fabric (a fabric supports a specific set of characteristics) and provides a fabric address to a host or device. A given host or device continues to use the same fabric address while it is logged on to the fabric; the fabric address is guaranteed to be unique for that fabric. For a host or device to communicate with another device, it must establish a connection to that device before transmitting data. The switches route the packets in the fabric.

In a fabric topology, each device (including the HBA) is called a node. Each node has a fixed 64-bit worldwide name (WWN) assigned by the manufacturer and registered with the IEEE to ensure it is globally unique. A node can have multiple ports, each with a unique 64-bit port name and 24-bit port ID. For example, a dual-port HBA has a single worldwide name (WWN) and two worldwide port IDs used for frame routing. When a port logs in to the fabric, it registers various attributes that are stored in the fabric (usually within a switch). Zoning is a method of restricting which ports or WWN can communicate with each other.

LUNs allow SANs to break the SAN storage down into manageable pieces. The SAN then assigns each LUN to one or more servers in the SAN. If a LUN is not mapped to a given server, that server cannot see or access the LUN. LUN masking is a method of restricting which devices can view, send, and receive commands to specific LUNs on a storage controller. You need to identify only the server or cluster that is to access the LUN, and then select which HBA ports on that server or cluster will be used for LUN traffic.

When a server or cluster is identified, Storage Explorer automatically discovers the available Fibre Channel HBA ports on that server or cluster. You can also add ports manually by entering their World Wide Name (WWN).

iSCSI

iSCSI is a protocol that enables clients to send SCSI commands over a TCP/IP network using TCP port 3260. Because it uses Ethernet switches and cabling, typically Gigabit Ethernet or Fibre, it can connect a SAN to multiple servers and provide long-distance connections.

A LUN is a logical reference to a portion of a storage subsystem. A LUN can comprise a disk, a section of a disk, a whole disk array, or a section of a disk array in the subsystem. Using LUNs simplifies the management of storage resources in your SAN because LUNs serve as logical identifiers through which you can assign access and control privileges.

Because you connect to the SAN over a network, the network adapter must be dedicated to either network communication (traffic other than iSCSI) or iSCSI, not both. Therefore, if you are using iSCSI, you need two sets of network cards, one for iSCSI and one for network connections.

For a server to connect to a SAN, the server connects to a target using an iSCSI initiator. A target defines the portals/servers (IP addresses) that can be used to connect to the iSCSI device, as well as the security settings (if any) that the iSCSI device requires to authenticate the servers requesting access to its resources.

For a server to connect to an iSCSI SAN, the server uses an iSCSI initiator software to log on and connect to the SAN. After access is granted by the SAN, the server can start reading and writing to all LUNs assigned to that server. After the software initiator connects to a LUN, the iSCSI session emulates a SCSI hard disk so that the server treats the LUN just like any other hard drive.

Each iSCSI initiator can have one or more network adapters through which communication is established. Additional network adapters provide increased bandwidth and redundancy.

The iSCSI software can be built into the iSCSI host adapter (more commonly known as a Host Bus Adapter (HBA). A typical HBA is packaged as a combination of a Gigabit Ethernet NIC and a SCSI bus adapter, which is what it appears as to the operating system. The HBA contains special firmware that contains the iSCSI initiator software. Because a hardware initiator processes iSCSI and TCP processing and the Ethernet interrupts, performance can be increased over iSCSI initiator software running on the server.

For iSCSI initiators to find a storage device to connect to, the iSCSI initiator uses Internet Storage Name Service (iSNS) protocol to provide both naming and resource discovery services for storage devices on the IP network. The iSCSI initiator then uses the following to connect to the SAN:

  • Hostname or IP address (for example, “iscsi.example.com”)
  • Port number (for example, 3260)
  • iSCSI name (for example, the IQN “iqn.2003-01.com.ibm:00.fcd0ab21.shark128”)
  • An optional CHAP secret password

The iSCSI Name follows one of the following formats:

  • iSCSI Qualified Name (IQN): IQN follows the format

    iqn.yyyy-mm.{reversed domain name}

    For example:

    iqn.2001-04.com.acme:storage.tape.sys1.xyz

    IQN addresses are the most common format.

  • Extended Unique Identifier (EUI): EUI follows the format

    eui.{EUI-64 bit address}

    For example:

    eui.02004567A425678D

    EUI is provided by the IEEE Registration authority in accordance with EUI-64 standard.

  • T11 Network Address Authority (NAA): NAA follows the format

    naa.{NAA 64 or 128 bit identifier}

    For example:

    naa.52004567BA64678D

    NAA is part OUI, which is provided by the IEEE Registration Authority. NAA name formats were added to iSCSI in RFC 3980, to provide compatibility with naming conventions used in Fibre Channel and SAS storage technologies.

Configuring the iSCSI Initiators

Microsoft Windows Server 2008 includes two iSCSI Initiator software interfaces. They are

  • iSCSI Initiator applet (located in the Administrative Tools and Control Panel)
  • iscsicli command interface

iSCSI Initiator Applet

By using an iSCSI Initiator (located in the Administrative Tools and the Control Panel), you connect a storage array or volume of a storage array to a server and mount the array or volume as a local volume. An iSCSI initiator is the software component residing on a server or other computer that is installed and configured to connect to an iSCSI target. An iSCSI target is the actual storage array or volume.

When you open the iSCSI Initiator program, you see the following six tabs:

  • General: Enables you to rename the initiator and configure the CHAP authentication and IPSec tunnel.

  • Discovery: Specifies the location of the SAN and Internet Storage Name Service (iSNS) servers.

  • Targets: Specifies to which storage devices the server has access and allows you to log on to those devices.

  • Favorite Targets: Specifies which targets reconnect each time you start your computer.

  • Volumes and Devices: Shows volumes and devices that are connected to the server.

  • RADIUS: Specifies the RADIUS server to use for authentication.

Figure 3.1 shows the Discovery tab.

Figure 3.1

Figure 3.1 The iSCSI Initiator Properties dialog.

  1. To connect to the iSCSI array, select the Discovery tab and click Add Portal.
  2. In the Add Target Portal dialog box, provide the name or IP address of your iSCSI array. The default communication port for iSCSI traffic is 3260. If you have configured CHAP security or are using IPSec for communication between your client and the array, click Advanced and make necessary configuration changes.
  3. Back in the Add Target Portal dialog box, click OK to make the initial connection to the iSCSI array.
  4. To see the list of available targets (volumes to connect to and mount on the server), select the Targets tab.
  5. To connect to an available target, choose the target and click Log On.
    • If you want your server to connect to this volume automatically when your system boots, make sure you select Automatically Restore This Connection When The System Boots. If you do not, you need to reconnect it manually.
    • To enable high availability and to boost performance, choose Enable Multi-Path. Of course, you would need to have multiple network adapters dedicated to the iSCSI connection to use multi-pathing (MPIO).
    • If you are using CHAP or IPSec for communication with a target, click Advanced. After you are finished configuring the Log On options, click OK. The target status should change to Connected (see Figure 3.2).
      Figure 3.2

      Figure 3.2 Log On to Target dialog box for iSCSI.

  6. To bind the available iSCSI targets to the iSCSI startup process and assign them to a drive letter or mount point, select the Volumes and Devices tab. Click Add and specify the drive letter or mount point. Then Click OK.

If the iSCSI volume is a new volume that has not been mounted before, when you open the Disk Management console, it is treated as a new hard drive. At this point, you have to initialize the new drive, create a partition, and format the new volume.

iSCSICLI

iSCSICLI is a command-line tool suitable for scripting the Microsoft iSCSI initiator service. Although some of these commands may become lengthy and complex, this enables you to access all features of iSCSI. Some of the functions include:

  • iscsicli AddTarget: Creates a connection to a volume or device

  • iscsicli AddPersistentDevices: To make an iSCSI device persistent

  • iscsicli RemovePersistentDevices: Prevents the reconnection to a specified volume

  • iscsicli ClearPersistentDevices: Removes all volumes and devices from the list of persistent devices.

For more information, access the Microsoft iSCSI Software Initiator User’s Guide from Microsoft:

Storage Explorer

With Storage Explorer, you can view and manage the Fibre Channel and iSCSI fabrics that are available in your SAN. Storage Explorer can display detailed information about servers connected to the SAN, as well as components in the fabrics such as host bus adapters (HBA), Fibre Channel switches, and iSCSI initiators and targets (see Figure 3.3).

Figure 3.3

Figure 3.3 The Storage Explorer dialog.

In addition, you can also perform many administrative tasks on an iSCSI fabric including logging onto the iSCSI targets, configuring iSCSI security, adding iSCSI target portals, adding iSNS servers, and managing Discovery Domains and Discovery Domain Sets.

Storage Manager for SANs

The Storage Manager for SANs, a Windows Server 2008 feature, can be used to create and manage logical unit numbers (LUN) on both Fibre Channel and iSCSI disk storage subsystems that support Virtual Disk Service (VDS).

For Fibre Channel SANs, when a server or cluster is identified, Storage Manager for SANs automatically discovers the available Fibre Channel HBA ports on that server or cluster. You can also add ports manually by typing their World Wide Name (WWN).

For iSCSI SANs, you only need to identify the server or cluster that will access the LUN, and Storage Manager for SANs automatically discovers the iSCSI initiators on that server or cluster and lists all the available adapters for those initiators. After the iSCSI initiator adapters have been discovered, you can select which adapters will be used for LUN traffic.

To add and configure a server with Fibre Channel connections, follow these steps:

  1. In the console tree for Storage Manager for SANs, click LUN Management.
  2. In the Actions pane, click Manage Server Connections.
  3. In the Manage Server Connections dialog box, click Add.
  4. In the Add Server dialog box, type the name or browse to the server that you want to add, and optionally, type a description for it.
  5. Click OK. The server will now be listed in the Manage Server Connections dialog box, with all the ports that were automatically discovered on it listed on the Fibre Channel Ports tab.
  6. If necessary, you can add a Fibre Channel manually by clicking Add on the Fibre Channel Ports tab and entering the WWN of the new port. Then click OK.
  7. To enable Fibre Channel ports for LUN access, select a server from the server list. Then on the Fibre Channel Ports tab, select all the ports that you want to enable on the selected server.
  8. Click OK when you have finished configuring the Fibre Channel connections.

Storage Manager for SANs includes the Provision Storage Wizard, which you can use to create a logical unit number (LUN) on a Fibre Channel or iSCSI disk storage subsystem. Before you create a LUN on a storage subsystem, verify that all the following requirements are fulfilled:

  • The storage subsystem supports Virtual Disk Service (VDS).
  • The VDS hardware provider for the storage subsystem is installed on your server.
  • Storage space is available on the storage subsystem.
  • If the server to which you will be assigning the LUN will access the LUN through more than one Fibre Channel port or iSCSI initiator, Multipath I/O has been installed and is running on that server.

To create a LUN, select LUN Management. In the Actions pane, click Create LUN. Then follow the steps in the Provision Storage Wizard pages.

If you create a LUN and do not choose to create a volume for it immediately by using the Provision Storage Wizard, the disk associated with that LUN is visible to the server to which you assign it, but it is offline. Before you can create a partition or volume on that disk, you must first use Disk Management or DiskPart to bring the disk online.

You can also use Storage Manager for SANs to assign a LUN to a server or cluster with the Assign LUN wizard. To start the Assign LUN wizard, click LUN Management in Storage Manager, and then select the LUN you want to assign in the Results pane. Then click Assign LUN in the Actions pane.

  • + Share This
  • 🔖 Save To Your Account

Pearson IT Certification Promotional Mailings & Special Offers

I would like to receive exclusive offers and hear about products from Pearson IT Certification and its family of brands. I can unsubscribe at any time.

Overview


Pearson Education, Inc., 221 River Street, Hoboken, New Jersey 07030, (Pearson) presents this site to provide information about Pearson IT Certification products and services that can be purchased through this site.

This privacy notice provides an overview of our commitment to privacy and describes how we collect, protect, use and share personal information collected through this site. Please note that other Pearson websites and online products and services have their own separate privacy policies.

Collection and Use of Information


To conduct business and deliver products and services, Pearson collects and uses personal information in several ways in connection with this site, including:

Questions and Inquiries

For inquiries and questions, we collect the inquiry or question, together with name, contact details (email address, phone number and mailing address) and any other additional information voluntarily submitted to us through a Contact Us form or an email. We use this information to address the inquiry and respond to the question.

Online Store

For orders and purchases placed through our online store on this site, we collect order details, name, institution name and address (if applicable), email address, phone number, shipping and billing addresses, credit/debit card information, shipping options and any instructions. We use this information to complete transactions, fulfill orders, communicate with individuals placing orders or visiting the online store, and for related purposes.

Surveys

Pearson may offer opportunities to provide feedback or participate in surveys, including surveys evaluating Pearson products, services or sites. Participation is voluntary. Pearson collects information requested in the survey questions and uses the information to evaluate, support, maintain and improve products, services or sites; develop new products and services; conduct educational research; and for other purposes specified in the survey.

Contests and Drawings

Occasionally, we may sponsor a contest or drawing. Participation is optional. Pearson collects name, contact information and other information specified on the entry form for the contest or drawing to conduct the contest or drawing. Pearson may collect additional personal information from the winners of a contest or drawing in order to award the prize and for tax reporting purposes, as required by law.

Newsletters

If you have elected to receive email newsletters or promotional mailings and special offers but want to unsubscribe, simply email information@informit.com.

Service Announcements

On rare occasions it is necessary to send out a strictly service related announcement. For instance, if our service is temporarily suspended for maintenance we might send users an email. Generally, users may not opt-out of these communications, though they can deactivate their account information. However, these communications are not promotional in nature.

Customer Service

We communicate with users on a regular basis to provide requested services and in regard to issues relating to their account we reply via email or phone in accordance with the users' wishes when a user submits their information through our Contact Us form.

Other Collection and Use of Information


Application and System Logs

Pearson automatically collects log data to help ensure the delivery, availability and security of this site. Log data may include technical information about how a user or visitor connected to this site, such as browser type, type of computer/device, operating system, internet service provider and IP address. We use this information for support purposes and to monitor the health of the site, identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents and appropriately scale computing resources.

Web Analytics

Pearson may use third party web trend analytical services, including Google Analytics, to collect visitor information, such as IP addresses, browser types, referring pages, pages visited and time spent on a particular site. While these analytical services collect and report information on an anonymous basis, they may use cookies to gather web trend information. The information gathered may enable Pearson (but not the third party web trend services) to link information with application and system log data. Pearson uses this information for system administration and to identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents, appropriately scale computing resources and otherwise support and deliver this site and its services.

Cookies and Related Technologies

This site uses cookies and similar technologies to personalize content, measure traffic patterns, control security, track use and access of information on this site, and provide interest-based messages and advertising. Users can manage and block the use of cookies through their browser. Disabling or blocking certain cookies may limit the functionality of this site.

Do Not Track

This site currently does not respond to Do Not Track signals.

Security


Pearson uses appropriate physical, administrative and technical security measures to protect personal information from unauthorized access, use and disclosure.

Children


This site is not directed to children under the age of 13.

Marketing


Pearson may send or direct marketing communications to users, provided that

  • Pearson will not use personal information collected or processed as a K-12 school service provider for the purpose of directed or targeted advertising.
  • Such marketing is consistent with applicable law and Pearson's legal obligations.
  • Pearson will not knowingly direct or send marketing communications to an individual who has expressed a preference not to receive marketing.
  • Where required by applicable law, express or implied consent to marketing exists and has not been withdrawn.

Pearson may provide personal information to a third party service provider on a restricted basis to provide marketing solely on behalf of Pearson or an affiliate or customer for whom Pearson is a service provider. Marketing preferences may be changed at any time.

Correcting/Updating Personal Information


If a user's personally identifiable information changes (such as your postal address or email address), we provide a way to correct or update that user's personal data provided to us. This can be done on the Account page. If a user no longer desires our service and desires to delete his or her account, please contact us at customer-service@informit.com and we will process the deletion of a user's account.

Choice/Opt-out


Users can always make an informed choice as to whether they should proceed with certain services offered by Adobe Press. If you choose to remove yourself from our mailing list(s) simply visit the following page and uncheck any communication you no longer want to receive: www.pearsonitcertification.com/u.aspx.

Sale of Personal Information


Pearson does not rent or sell personal information in exchange for any payment of money.

While Pearson does not sell personal information, as defined in Nevada law, Nevada residents may email a request for no sale of their personal information to NevadaDesignatedRequest@pearson.com.

Supplemental Privacy Statement for California Residents


California residents should read our Supplemental privacy statement for California residents in conjunction with this Privacy Notice. The Supplemental privacy statement for California residents explains Pearson's commitment to comply with California law and applies to personal information of California residents collected in connection with this site and the Services.

Sharing and Disclosure


Pearson may disclose personal information, as follows:

  • As required by law.
  • With the consent of the individual (or their parent, if the individual is a minor)
  • In response to a subpoena, court order or legal process, to the extent permitted or required by law
  • To protect the security and safety of individuals, data, assets and systems, consistent with applicable law
  • In connection the sale, joint venture or other transfer of some or all of its company or assets, subject to the provisions of this Privacy Notice
  • To investigate or address actual or suspected fraud or other illegal activities
  • To exercise its legal rights, including enforcement of the Terms of Use for this site or another contract
  • To affiliated Pearson companies and other companies and organizations who perform work for Pearson and are obligated to protect the privacy of personal information consistent with this Privacy Notice
  • To a school, organization, company or government agency, where Pearson collects or processes the personal information in a school setting or on behalf of such organization, company or government agency.

Links


This web site contains links to other sites. Please be aware that we are not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of each and every web site that collects Personal Information. This privacy statement applies solely to information collected by this web site.

Requests and Contact


Please contact us about this Privacy Notice or if you have any requests or questions relating to the privacy of your personal information.

Changes to this Privacy Notice


We may revise this Privacy Notice through an updated posting. We will identify the effective date of the revision in the posting. Often, updates are made to provide greater clarity or to comply with changes in regulatory requirements. If the updates involve material changes to the collection, protection, use or disclosure of Personal Information, Pearson will provide notice of the change through a conspicuous notice on this site or other appropriate way. Continued use of the site after the effective date of a posted revision evidences acceptance. Please contact us if you have questions or concerns about the Privacy Notice or any objection to any revisions.

Last Update: November 17, 2020