8/8/2019 iSCSI - An Emerging Protocol
http://slidepdf.com/reader/full/iscsi-an-emerging-protocol 1/15
iSCSI - An emerging Protocol
MADHUKAR GUNJANLSI Technologies (ESG)
8/8/2019 iSCSI - An Emerging Protocol
http://slidepdf.com/reader/full/iscsi-an-emerging-protocol 2/15
Network Storage Models
Network Storage Models
2LSI Proprietary
• Expansion beyond server’s internaldrive capacity• Storage resources are assigned to servers• High performance SCSI or FibreChannel connections• Sharing storage resources is not provided• Operating distances are very short• Tape backup
• Storage Resources moved to the frontend of the network• Stored data is shared: single copysharing• Uses file system calls – NFS,CIFS• Storage traffic travels across themessaging network “LAN”• The LAN performance is impacted
• Pooling of external storage devices for better utilizationand availability• LAN-free backup• Non-disruptive expansion and maintenance• Leverage existing staff to manage three or four times more storage• SAN ROI estimates* range from 65-297 percent
8/8/2019 iSCSI - An Emerging Protocol
http://slidepdf.com/reader/full/iscsi-an-emerging-protocol 3/15
SCSI Protocols and Standards
T10
T11SCSI Architecture (SAM)& Commands (SCSI-3)
FCP VI FICON I
P (RFC 4338)
Fibre Channel
3LSI Proprietary
IETF
FC Fibers,Hubs, Switches
FC-1
FC-2
FC-0
Any IPNetwork
iSCSI
TCPIP
IP
FCIP
iFCP
TCP
Any IPNetwork
ParallelSCSI
SCSI Cables
8/8/2019 iSCSI - An Emerging Protocol
http://slidepdf.com/reader/full/iscsi-an-emerging-protocol 4/15
EthernetHeader
CRC
iSCSI - Data Encapsulation Into Packets
IPHeader
TCPHeader
iSCSIHeader
iSCSI DATA
• iSCSI is a transport protocol for SCSI that operates on top of TCPthrough encapsulation of SCSI commands in a TCP/IP stream. Enablesthe transport of I/O Block data over IP Networks.
4LSI Proprietary
Reliable data transport and delivery (TCP Windows, ACKs,ordering, etc.) Also Demux within node ( port numbers )
Provides IP “routing” capability so that packet canfind its way through the network
Provides physical network capability (Cat 5, MAC, etc.)
Delivery of iSCSI Protocol Data Unit (PDU) for SCSI
functionality (initiator, target, data read/write, etc.)
8/8/2019 iSCSI - An Emerging Protocol
http://slidepdf.com/reader/full/iscsi-an-emerging-protocol 5/15
SOFTWARE HARDWAREINITIATOR INITIATOR
Application Application
OS OS
SCSI SCSI
iSCSI Source driver
1.Command processing
2.Login
3.Session management4.Authentication
iSCSI source driver
1.Command processing
2.Login
3.Session management4.Authentication
• Transport Layer : Multiplexing , Fragmentation ,
Port link Establishment( Default3260)
Flow control Using SlidingWindow Protocol
Synchronize Out of order packetand Discarded Packet
• Internet Protocol Layer :
H
O
S
T
SCSI to iSCSI Mapping - STACK
5LSI Proprietary
1.Connectionmanagement
2.Chip interface
3.Data transfer
iSCSI chipfirmware
iSCSI CRC
TCP / IP TCP/IP offload
Ethernet Ethernet
Physical
InterfacePhysical
interface
Network layer to IP-Based SAN Maintains IP address IP Routers & Switches used to
transfer iSCSI PDU.
• Data Link Layer : Gigabit Ethernet (GbE) Improves Performance upon FC 10 GbE yet to Implement
T
O
E
/
N
I
C
8/8/2019 iSCSI - An Emerging Protocol
http://slidepdf.com/reader/full/iscsi-an-emerging-protocol 6/15
iSCSI Architecture
• 2x 1Gbps Ethernet Port/ Controller
• Block access to remote storageover IP
• Auto-negotiate to 1000/100/10Mb/s.
• Supports IPv4 Only
• Configuration Parameters IP Address Per Port
Supports Manual or DHCP
6LSI Proprietary
Configuration
Do Not Support remote
shell (RSH) or remote login.
Host can access Target via GUI or CLI remotely. Supports all the Ethernet services and the protocol
Gigabit Ethernet Switch , Gateway and Router act as Connecter for route , switch and protocol conversion.
8/8/2019 iSCSI - An Emerging Protocol
http://slidepdf.com/reader/full/iscsi-an-emerging-protocol 7/15
iSCSI Naming Convention
• iSCSI Name: Identifies iSCSI node and its encapsulated SCSI device
Used in authentication of targets to initiators
Must be world wide unique
Utilized existing naming authorities
Human readable 233 character name
7LSI Proprietary
• eqn – IEEE EUI-64 NameName based on Fibre Channel EUI-64 identifier
• iqn – iSCSI Qualified Name
8/8/2019 iSCSI - An Emerging Protocol
http://slidepdf.com/reader/full/iscsi-an-emerging-protocol 8/15
An iSCSI Session• iSCSI Connection:
Verify a TCP connection over which the initiator and target communicate via iSCSI PDUs.
Verify uniquely identified in a session by aninitiator defined connection ID (CID).
Verify the response and any data associatedwith an iSCSI command must be returned onthe same connection.
• iSCSI Session:
8LSI Proprietary
Verify a set of iSCSI connections that link aniSCSI initiator and target.
Verify uniquely identified by a 64 bit Session ID(SID) built from a 48 bit initiator defined Initiator Session ID (ISID) and a 16 bit target definedTarget Session Identifying Handle (TSIH).
Verify resources of a target (i.e., LUNs) must be
identical across all connections that make up asession. Verify commands can be alternated across all
connections in a session for bandwidthaggregation.
Verify error recovery connections can becreated on the same network portal as a failedconnection.
8/8/2019 iSCSI - An Emerging Protocol
http://slidepdf.com/reader/full/iscsi-an-emerging-protocol 9/15
An iSCSI Login
• Login Process:
A sequence of Login Request PDUs from initiator and Login ResponsePDU’s from target.
Authentication and operational parameter data is passed between initiator and target in named key/value pairs in the PDU data segments:
Example Data Segment from a leading iSCSI Login RequestInitiatorName=eui.madhukar7
InitiatorAlias=maddyAuthMethod=None,CHAP
9LSI Proprietary
TargetName=eui.FEDCBA0987654321TargetAddress=storagearray:3270:3SessionType=Normal
Example Reply from the storage arrayTargetAlias=gunjanArrayAuthMethod=None
TargetPortalGroupTag=3
During login, only the Login Request, Logout Request, and Reject PDUs areallowed
8/8/2019 iSCSI - An Emerging Protocol
http://slidepdf.com/reader/full/iscsi-an-emerging-protocol 10/15
iSCSI – Multiple Management Configuration
• Management Topology • Single Path Topology
10LSI Proprietary
• Dual Path Topology • Redundant Dual Path Topology
8/8/2019 iSCSI - An Emerging Protocol
http://slidepdf.com/reader/full/iscsi-an-emerging-protocol 11/15
iSCSI Security: Protect valuable data
• Secure IP connection
Integrity, authentication, and confidentiality Based on IKE and ESP (IPsec components)
• Extensive applied security requirements Selection of Integrity (MAC) and encryption algorithms Profile for usage of IKE authentication and key mgt.
11LSI Proprietary
• Inband Authentication (part of Login) SRP, CHAP, Kerberos, and other mechanisms CHAP with strong secrets is required
- Can’t use passwords
iSCSI CHAP: Stronger than basic CHAP- When specification is followed
8/8/2019 iSCSI - An Emerging Protocol
http://slidepdf.com/reader/full/iscsi-an-emerging-protocol 12/15
CHAP Authentication Protocol
• Based on shared secret, random challenge Uses a secure (one-way) hash, usually MD5
One-way hash: Computationally infeasible to invert
12LSI Proprietary
SecretSecret
Challenge
Hash
= ?
Response
Hash
Host Storage
8/8/2019 iSCSI - An Emerging Protocol
http://slidepdf.com/reader/full/iscsi-an-emerging-protocol 13/15
FCIP
•Provides a mechanism to tunnel FibreChannel over IP based networks•Levera e IP infrastructure to interconnect
•TCP/IP based protocol for interconnecting FibreChannel storage devices or FC SANs using an IPinfrastructure to complement or replace Fibre Channel
iSCSIiFCP
iSCSI is a transport protocol for SCSI that operateson top of TCP through encapsulation of SCSI
13LSI Proprietary
and extend FC SAN•FCIP Gateways enable to connect to astandard Gigabit Ethernet/IP network.•Cost effective•Can be deployed over LANs, MANs andWANs
switching and routing elements•Lower layer FC transport is replaced with TCP/IP andGigabit Ethernet.•Enables the rapid deployment of IP based SANslinking to FC SANs•Enables highly scalable implementations usingexisting FC SANs
commands in a TCP/IP streamBuilds on SCSI and Ethernet technologiesEnables the transport of I/O block data over IPnetworksManage IP based storage networks with existing toolsand IT expertise
8/8/2019 iSCSI - An Emerging Protocol
http://slidepdf.com/reader/full/iscsi-an-emerging-protocol 14/15
Product Performance – MB/sec
Drive
Type
Dual
FC-FC
Quad
FC-FC FC-SAS SAS- SAS iSCSI-SAS
Sustained throughputcache read (512k)
1600 MB/s 1800 MB/s 1600 MB/s 1600 MB/s 400 MB/s
Sustained throughputdisk read (512k)
FC 850 MB/s 850 MB/s
SAS 800 MB/s 800 MB/s 400 MB/s
SATA 800 MB/s 800 MB/s 400 MB/s
Sustained throughputdisk write (512k) FC 800 MB/s 800 MB/s
14LSI Proprietary
Cache mirroring disabled SATA 750 MB/s 750 MB/s 400 MB/s
Sustained throughputdisk write (512k)
FC 350 MB/s 350 MB/s
Cache mirroring enabled SAS 350 MB/s 350 MB/s 350 MB/s
Cache mirroring enabled SATA 350 MB/s 350 MB/s 350 MB/s
Number of drives required for benchmark test and code thread
FC 64D / 8T 64D / 8T
SAS 48D / 8T 48D / 8T 48D / 8T
SATA 48D / 8T 48D / 8T 48D / 8T
8/8/2019 iSCSI - An Emerging Protocol
http://slidepdf.com/reader/full/iscsi-an-emerging-protocol 15/15
Trend - Current $ Future2003 Open Systems
External Storage
DAS
41%
NAS
12%
iSCSI
0%
SAN (FC)
47%
• Predictions of the size of theiSCSI market have historicallymissed the mark by a long shot,
• IDC predicts that the iSCSImarket will leap from about $300million in 2005 to more than $3billion in 2008.
• Number of start-ups (e.g., LSITechnologies, Intransa, and
15LSI Proprietary
2008 Open Systems
External Storage
DAS
17%
NAS
17%
iSCSI
15%
SAN (FC)
51%
e an e wor s an onelarge vendor (Network Appliance)bang the IP SAN drum loudly,many market heavy weights paylittle more than lip service toiSCSI,
• More than 6,000 enterprises havedeployed iSCSI,