cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
4392
Views
5
Helpful
4
Replies

LUN Masking vs Zoning for UCS and NetApp Storage

gaskincharles
Level 1
Level 1

I know this is more of a Cisco MDS/Storage question, but does anyone know out of LUN Masking and Zoning, which one would be the most prefered method ? I have two Cisco 9148 Fabric switches, two Netapp FAS3210 SAN Controllers, 1 UCS Chassis with 4 B200 M2 blades.I've been told that I should not connect the Cisco UCS Fabric Interconnect directly to the back of the NetApp SAN and configure with LUN Masking, but I rather configure one to one zoning on the Cisco 9148 MDS Fabric Switches. Normally this would not be an issue but we have an offsite location where we do not have any MDS switches at, and I would like to directly connect them to the SAN.

I was told that this could lead to dsik corruption if misconfigured and that Cisco stand point is to use one to one zoning through some type of Cisco Fabric switch. Of course I sure this Cisco would advise anyone to manage this type of setup through their equipment instead of on the SAN. Does anyone have any opinion on the matter ?

1 Accepted Solution

Accepted Solutions

Robert Burns
Cisco Employee
Cisco Employee

Zoning and Masking are two completely different features.

Zoning occurs on your storage switches and is the equivelant to an ACL (Access Control List).  It limits which other targets and/or initiators can be seen.  (Who can I see?)

Masking occurs on your storage array and limits what LUNs an initiator has access to.  (What can I see?)

**UCS is not supported for direclty connecting a storage array into the fabric interconnect, unless you have an upstream storage switch (MDS or equivelant) to push zoning.  The use of zoning prevents a malfunctioning initiator from potentially impacting the operation of others by limiting what they can see within the fabric.

If you happen to have an Nexus 5K by chance, they can also operate as your storage switch.  The N5K is capable of run almost all the same fabric services as MDS and is fully supported.

Regards,

Robert

View solution in original post

4 Replies 4

Robert Burns
Cisco Employee
Cisco Employee

Zoning and Masking are two completely different features.

Zoning occurs on your storage switches and is the equivelant to an ACL (Access Control List).  It limits which other targets and/or initiators can be seen.  (Who can I see?)

Masking occurs on your storage array and limits what LUNs an initiator has access to.  (What can I see?)

**UCS is not supported for direclty connecting a storage array into the fabric interconnect, unless you have an upstream storage switch (MDS or equivelant) to push zoning.  The use of zoning prevents a malfunctioning initiator from potentially impacting the operation of others by limiting what they can see within the fabric.

If you happen to have an Nexus 5K by chance, they can also operate as your storage switch.  The N5K is capable of run almost all the same fabric services as MDS and is fully supported.

Regards,

Robert

Thank you Robert,

This is exacly what I needed to know.

Think am repeating stuff, but wanted to chime in.

You can plug a SAN Device into an FI, but you have to put the FC module in Switch Mode. The drawback there is you cannot mix different fabrics when you do that. Stay End-Host at all costs, unless the SAN Device you are plugging in is the only one you are plugging in.

You don't need zoning with direct attached if you are PINing, and you would have to. But that is just one port per FI. Don't think you can VSAN to any storage device out there, like you can Port-Channel LACP to a NetApp on the NAS side.

I kind of write off direct attached SAN Devices and NAS devices (appliance ports). Having a switch between is really worth it. PINing to port-channels or VSAN's is much more elegent.

Craig

My UCS Blog http://realworlducs.com

I was able to talk to David at AOS about this question, and he provided some good quick feed back.

"As of the 1.4.(3q) firmware version, the direct connect of storage is supported with the UCS. Attached is a document that describes in more detailed the supported methodology."

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: