12-05-2011 06:21 AM - edited 03-01-2019 10:10 AM
I know this is more of a Cisco MDS/Storage question, but does anyone know out of LUN Masking and Zoning, which one would be the most prefered method ? I have two Cisco 9148 Fabric switches, two Netapp FAS3210 SAN Controllers, 1 UCS Chassis with 4 B200 M2 blades.I've been told that I should not connect the Cisco UCS Fabric Interconnect directly to the back of the NetApp SAN and configure with LUN Masking, but I rather configure one to one zoning on the Cisco 9148 MDS Fabric Switches. Normally this would not be an issue but we have an offsite location where we do not have any MDS switches at, and I would like to directly connect them to the SAN.
I was told that this could lead to dsik corruption if misconfigured and that Cisco stand point is to use one to one zoning through some type of Cisco Fabric switch. Of course I sure this Cisco would advise anyone to manage this type of setup through their equipment instead of on the SAN. Does anyone have any opinion on the matter ?
Solved! Go to Solution.
12-05-2011 06:29 AM
Zoning and Masking are two completely different features.
Zoning occurs on your storage switches and is the equivelant to an ACL (Access Control List). It limits which other targets and/or initiators can be seen. (Who can I see?)
Masking occurs on your storage array and limits what LUNs an initiator has access to. (What can I see?)
**UCS is not supported for direclty connecting a storage array into the fabric interconnect, unless you have an upstream storage switch (MDS or equivelant) to push zoning. The use of zoning prevents a malfunctioning initiator from potentially impacting the operation of others by limiting what they can see within the fabric.
If you happen to have an Nexus 5K by chance, they can also operate as your storage switch. The N5K is capable of run almost all the same fabric services as MDS and is fully supported.
Regards,
Robert
12-05-2011 06:29 AM
Zoning and Masking are two completely different features.
Zoning occurs on your storage switches and is the equivelant to an ACL (Access Control List). It limits which other targets and/or initiators can be seen. (Who can I see?)
Masking occurs on your storage array and limits what LUNs an initiator has access to. (What can I see?)
**UCS is not supported for direclty connecting a storage array into the fabric interconnect, unless you have an upstream storage switch (MDS or equivelant) to push zoning. The use of zoning prevents a malfunctioning initiator from potentially impacting the operation of others by limiting what they can see within the fabric.
If you happen to have an Nexus 5K by chance, they can also operate as your storage switch. The N5K is capable of run almost all the same fabric services as MDS and is fully supported.
Regards,
Robert
12-05-2011 06:57 AM
Thank you Robert,
This is exacly what I needed to know.
12-05-2011 08:22 AM
Think am repeating stuff, but wanted to chime in.
You can plug a SAN Device into an FI, but you have to put the FC module in Switch Mode. The drawback there is you cannot mix different fabrics when you do that. Stay End-Host at all costs, unless the SAN Device you are plugging in is the only one you are plugging in.
You don't need zoning with direct attached if you are PINing, and you would have to. But that is just one port per FI. Don't think you can VSAN to any storage device out there, like you can Port-Channel LACP to a NetApp on the NAS side.
I kind of write off direct attached SAN Devices and NAS devices (appliance ports). Having a switch between is really worth it. PINing to port-channels or VSAN's is much more elegent.
Craig
12-05-2011 08:53 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide