Why you need to implement a Storage Area Network using iSCSI over an IP Network

what is iSCSI and why it makes a good storage area network (SAN)

advantages of storage area network (SAN)

The first image defines what is iSCSI and what exactly its role is, in Storage Area Networks. Convergence is happening over IP everywhere (one reason why IP is exciting!), and even the Storage Area Network is expected to converge over IP networks through iSCSI especially with the anticipation of lossless Converged Enhanced Ethernet. The other popular convergence option being FCOE (Fiber Channel Over Ethernet).

The second image lists the advantages of Storage Area Networks, in general. If you have been hesitating to implement/ upgrade to a Storage Area Network (SAN) because of cost, complexity, or any other reason, iSCSI SAN now offers you lot of advantages in addition to the ones mentioned above. Let us look at some of them:

  • With iSCSI, a separate network for SAN is not required as it uses the existing IP Networks and components (NIC, Switches, Cables etc) to create the Storage Area Network.
  • The cost of creating a iSCSI SAN is very less when compared to the cost of creating a FC(Fiber Channel) SAN.
  • iSCSI based SAN can co-exist with the existing FC based SAN. Customers have the option of retaining their existing investments on FC SAN’s and still expand by adding additional storage capacity using iSCSI SAN.
  • iSCSI SAN does not have any distance limitation. You can have a Data Center anywhere in the world and still back up/ restore the data remotely (over WAN/Internet) to your Local Area Network/ vice versa.
  • Since iSCSI SAN can be located anywhere, they are very useful for disaster recovery objectives.
  • iSCSI SAN can use either a specialized HBA (Host Bus Adapter) to connect the servers to the SAN (or) just use the standard NIC Cards/ Ethernet ports for the same. This enables server I/O consolidation and reduces complexity/ cost.
  • Gigabit Server Adapters (NIC Cards) are normally available in the market, and iSCSI can use them to connect to the network at Gigabit speeds today. They are available in Single Port/ Dual Port/ Quad Port etc, and connect to the server using PCI Express slots. Very soon, even 10 Gigabit Ethernet NIC Cards are expected to become popular, which offers much more capacity/ speed for SAN performance.
  • Since iSCSI uses the normal IP based network components, its easy to learn, implement and maintain. Contrast this with Fiber Channel (FC) based SAN which requires a high level of expertise to create and maintain them.
  • iSCSI is very much suitable for implementation of SAN in virtual server environments as it supports software initiators that make such integration easier. Also, since iSCSI supports whatever bandwidths supported by IP Networks, it can support 10 GE which might be required for virtual server environments.
  • iSCSI allows direct backup’s to tape or disks, even from certain virtual servers.

Limitations / Disadvantages of iSCSI SAN:

  • The IP network, currently is a best effort network. Hence it may drop packets or deliver them out of order during network congestion. But these attributes are not favorable for storage area networks as they need to be highly reliable. So, till the lossless Converged Enhanced Ethernet technologies are standardized and implemented, iSCSI SAN may still not be the most reliable option when compared to FC SAN.
  • Server CPU’s may be burdened with iSCSI and TCP/IP Stack processing if HBA/ NIC cannot offload that function. This may result in the server processor cycles not working to their capacity for application processing, which is what they are primarily supposed to do.
  • Since iSCSI is generally not run on a separate network (but is mixed with the IP network traffic), there may be networks congestion/ bandwidth constraints during peak hours especially if the network is not designed to support the bandwidth required for both the applications.
  • iSCSI operates on clear text protocol (normally) and hence there is a chance that it might be exposed to hackers who are more familiar with the widely used IP Networks.

Salient points/ Good practices for iSCSI SAN that might be useful:

  • CHAP (Challenge Handshake Authentication Protocol) can be provisioned for authentication of iSCSI messages for security. Encryption, even if possible, may not be feasible – currently.
  • Some specialized HBA’s/ NIC Cards can offload processor hungry processes like iSCSI and TCP/ IP Stack processing. This can make the server processor work more efficiently.
  • Major Operating Systems (Including Windows and Linux) provide built-in software initiator drivers for iSCSI which makes their integration with IP network components, easy.
  • Its better to have a dedicated port for iSCSI SAN connection from a server (instead of sharing one network port). Better still, redundant ports can be provided for High Availability/ Link Aggregation.
  • Its a good practice to have iSCSI packets flow on a separate VLAN so that the storage traffic can be logically separated from the general network traffic. Better still, if iSCSI can be operated on its own physical network segment (with dedicated switches/ cables, etc).

In case you have any points to add on the above topic, you could comment below. You can also contact us using the contact form. In order to be updated on the various computer networking technologies, you can subscribe to this blog using your email address in the sidebar box mentioned as “Get Email Updates When New Articles are Published”.