iSCSI Internet Small Computer System Interface SCSI over TCP over IP Completely separate protocol stack from Fibre Channel (No Fibre Channel Protocol)  Typically used in small to mid-range SAN's No dedicated SAN switches required No SAN switching knowledge required 1/10GigE iSCSI hardware offload cards available ISCSI is not SAN switching End hosts run just IP Storage Array runs just IP Transport is anything IP MDS is an iSCSI to FC gateway MDS and iSCSI MDS is effectively a translational bridge for Fibre Channel and iSCSI How iSCSI gateway works FC Targets FLOGI as usual to FC fabric iSCSI Initiators send Discovery to MDS Implies MDS has an IP enabled Ethernet interfaces MDS applies Zoning/Access Lists iSCSI Initiator thinks FC target is iSCSI target FC Target thinks iSCSI Initiator is FC Initiator MDS iSCSI Gateway Configuration Configure FC to targets Configure IP to Initiators Enable iSCSI Configure Zoning/ Access Control Point server at MDS's IP address iSCSI Access Control Like in FC, access control must be enforced Mounting someone else's volume can be catastrophic Access control can be enforced as: Zoning Based Normal pWWN, FCID, Alias, etc... Initiator's IP address Initiators's iSCSI qualified name (IQN) iSCSI Based Virtual Target IQN IP Address and Subnet iSCSI Topology  This is assuming that all the basic Fi MDS1 conf t zone mode enhanced vsan 10 zone mode enhanced vsan 20 vsan database vsan 10 vsan 20 interface fc1/17 vsan 10 interface fc1/18 vsan 20 interface fc1/13 switchport mode e switchport trunk allowed vsan all show flogi database vsan 10  inter gig1/1 ip address 10.0.0.53 255.255.255.0 no shut feature iscsi iscsi enable module 1 zone default-zone permit vsan 10 ( this is permitting all JBOD1 and 2 disks to be seen) zone commit vsan 10 vsan database vlan 10 interface iscsi 1/1 (this ties the FC to iSCSI network together and translates) show flogi database vsan 10  show iscsi initiator  conf t iscsi import target fc You wold want to create a zone/zoneset to mount only particular drives to each server so you don't accidentally mount the incorrect drive that could cause another server to crash. no zone default-zone permit vsan 10 zone commit vsan 10 zoneset name VSAN10 vsan 10 zone name ISCSIZONE member device-alias JBOD1_PORT0_DISK0 member ip-address 10.0.0.10 exit zoneset activate name VSAN10 vsan 10 zone commit vsan 10 show zone active vsan 10  MDS2 conf t zone mode enhanced vsan 10 zone mode enhanced vsan 20 vsan database vsan 10 vsan 20 interface fc1/13 vsan 20 interface fc1/14 vsan 10 interface fc1/10 switchport trunk allowed vsan all interface gig1/1 ip address 10.0.0.54 You should be able to ping Server 1 and Server 3 form MDS1 or MDS2 no shut feature iscsi iscsi enable module 1  You'll see once you enable iscsi on the module (see what module via )show module" it will create two more interfaces iscsi1/1 and iscsi1/2 which is a logical link and have to issue the no shut down command on both MDS1 and MDS1 for the iscsi interfaces show iscsi global  for this purpose issue the "iscsi authentication none" on MDS1 and MDS2 The rest of the configuration would be on the servers with the iscsi Initiator Properties  Target would be 10.0.0.53 |
Blog >