Unanswered Question
Oct 17th, 2008

Welcome to the Cisco Networking Professionals Ask the Expert conversation. This is an opportunity to learn how to build scalable and efficient SAN with predictable performance with Cisco expert Mark Allen. Mark is the manager of the storage technical marketing group at Cisco and is responsible for the Cisco MDS 9000 family of products. His expertise includes designing large-scale IP and storage area networks (SANs) and remote SAN extension solutions. He has been at Cisco for 16 years and has a broad knowledge of many network solutions including routing, switching, storage, mainframe, and optical networks. Prior to Cisco, he was a quality assurance engineer with Sun Microsystems, working on optical and IBM emulator products. He has also worked for Tandem and Memorex, testing and developing IP and IBM communications products.

Remember to use the rating system to let Mark know if you have received an adequate response.

Mark might not be able to answer each question due to the volume expected during this event. Our moderators will post many of the unanswered questions in other discussion forums shortly after the event. This event lasts through October 31, 2008. Visit this forum often to view responses to your questions and the questions of other community members.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
thomas.chen Wed, 10/22/2008 - 09:35

I have EMC Clariions and HDS 9500 in my network and want to use their respective storage replication software, do they work with your switches and how?

cutran Wed, 10/22/2008 - 16:50

The Cisco MDS platform supports many storage array vendor's replication solution, which includes EMC, IBM, HP and HDS. Each storage array vendor have their own storage to storage replication solution. The MDS have an integrated solution that allows these replication solutions to span a wide area network (WAN) using our FCIP protocol on our GE interfaces, which we call the SAN Extension solution. Within the FCIP protocol capabilities, the MDS provides hardware level encryption and compression of the data to better utilize and secure the data while transporting it across the Metro-Area-Network (MAN) or WAN.

As the replication solution writes across this FCIP link and as the distance increases, performance will be degraded because of the latency going across such a far distance. Also integrated into the MDS SAN Extension solution is a feature we call FCIP-Write Acceleration or FCIP-WA. This allows these replication solutions to reduce latency and better utilize the bandwidth, which in turns increase performance. There are papers on Cisco's website at that provides design guides and more in-depth explanation of this solution. Both EMC and HDS benefit from all of these features. I hope this answers your question.

fcabrera1109 Fri, 10/24/2008 - 06:28

How can I get CID working on a cisco iad2432 T1 e&m-wink for inbound calls?

cutran Mon, 10/27/2008 - 08:38

Hello. I believe you have the wrong alias on this posting. You will want to open to a post dealing with IP Phone technologies or Call Manager. This posting is regarding Storage Area Networks.

b.hsu Mon, 10/27/2008 - 10:35

What type of security is on your switches? Is there any encryption capabilities?

mallen Mon, 10/27/2008 - 13:37

The MDS 9000 series of directors and switches have an comprehensive list of security features:

RADIUS and TACACS+ for authentication and authorization

Fibre Channel Security Protocol (FC-SP)

Secure File Transfer Protocol (SFTP) and Secure Shell (SSH) Protocol

Simple Network Management Protocol

Version 3 (SNMPv3)

VSANs and per-VSAN role-based access

hardware-enforced zoning


IPSec encryption for FCIP and iSCSI interfaces

AES-256 encryption of data at rest with Storage Media Encryption (SME)

aghaznavi Tue, 10/28/2008 - 11:24

Our Data Center is deploying VWMare ESX clusters and we heard about NPIV support coming from them. Does Cisco support this?

cutran Tue, 10/28/2008 - 12:17

Yes, the Cisco MDS does support VMWare's ESX clusters in an NPIV environment. In fact, we have another techology called NPV that is implemented on our Blade Switches that provide the following capabilities:

1) No Domain ID used for the blade switch

2) Creation of "virtual pwwn" for ease of management and operational flexibility (replace and move of blade servers)

3) Allow the Blade Server running ESX with NPIV capability that is connected to a Blade Switch running in NPV mode (nested NPIV)

For more details on this solution, it can be downloaded on Emulex's website at or internally at Cisco's website at

Or another paper would be

bbaley Wed, 10/29/2008 - 13:23

How many ports can your fabric grow too? What is the support number of switches that can be in your network? How many ports can I have in one of your switches?

mallen Wed, 10/29/2008 - 19:15

First, let me address the switch maximum limits. The maximum number of port for the different MDS 9000 family are:

MDS 9513 - 528 1, 2, 4 or 8Gb Fibre Channel ports

MDS 9509 - 336 1, 2, 4 or 8Gb Fibre Channel ports

MDS 9506 - 192 1, 2, 4 or 8Gb Fibre Channel ports

MDS 9222i - 66 1, 2, 4 or 8Gb Fibre Channel ports plus 2 Gigabit Ethernet ports

MDS 9134 - 32 1, 2 or 4Gb Fibre Channel ports plus 2 10Gb Fibre Channel ports

MDS 9124 - 24 1, 2 or 4Gb Fibre Channel ports

The maximum number of ports in a fabric and the maximum number or switches in a fabric can be found in Cisco MDS 9000 Family Troubleshooting Guide under Configuration limits. For SAN-OS 3.x, this document can be found at:

For SAN-OS 3.x, the maximum verified number of zone members is 16,000 with a maxium of 20,000 zone members. So depending on the zoning methid used, this equates to 8000 devices verified in a single fabric.

The maximum verified number of switches in a single fabric is 55 switches with a maximum of 239 switches.

metzger_jon Thu, 10/30/2008 - 06:21

Is there a verified and maximum number of zones in a single VSAN? If not, is there a recommended maximum number?

cutran Thu, 10/30/2008 - 08:38

Hello Jon. Cisco has qualified up to 10,000 zones. This number is based upon the physical fabric. If you only have one VSAN (i.e. VSAN 1), then you can have 10,000 zones in VSAN 1. If you have say two VSANs (VSAN 1 and VSAN 2), then if it is evenly split, both VSANs can handle 5,000 zones. The other thing to take note is that within the physical fabric as well within the zones, MDS supports 20,000 zone members. This means that these 10,000 zones have 2 zone members.


This Discussion