Chapter 1 Before Configuring SN 5428-2 Storage Router Software
SCSI Routing Overview
Access for SCSI routing is controlled in the IP hosts and the storage router. In an IP host, the iSCSI driver is configured with the Gigabit Ethernet IP address of the SCSI routing instance in the storage router with which the host is to transport SCSI requests and responses. In a storage router, access is controlled through an access list and a VLAN identifier (VID) number of the hosts. Additionally, access can be further controlled in the SN 5428-2 through authentication. See the “Authentication Overview” section on page 1-24for more information about authentication.
An access list enables access to storage devices attached to the SN 5428-2 according to any combination of host IP address(es), CHAP user name(s), or iSCSI name(s). An access list contains these combinations of hosts allowed to access the storage devices. Host VID enables access to storage devices according to the VID of each host. See the “VLAN Access Overview” section on page 1-20for more information about VLAN access.
For each iSCSI target, you can associate one access list allowing read/write access, and one access list allowing read-only access. See Chapter 6, “Configuring SCSI Routing,” for more information about read/write and read-only access.
You can use a combination of access lists and VIDs to configure access in the SN 5428-2; that is, you can specify that certain hosts according to IP address in a VLAN can access storage devices attached to the SN 5428-2.
Once the access is configured in the hosts and the SN 5428-2, and once the storage mapping is configured in the SN 5428-2, the SN 5428-2 routes SCSI requests and responses between hosts and the mapped storage devices.
Figure 1-8represents the concept of storage mapping and access control for SCSI routing. In the figure, the SN 5428-2 Storage Router provides three IP hosts with IP access to disk drives across four disk controllers. The SN 5428-2 contains two SCSI routing instances: one configured with IP address
10.1.2.3for the Gigabit Ethernet interface and the other with IP address 10.1.2.4. The iSCSI drivers in each IP host are configured to access those SCSI routing instances by their IP addresses through the Gigabit Ethernet interface. An access list in the storage router or VID (or both) specifies that hosts A, B, and C are allowed to access the mapped storage devices. From the perspective of a host, each disk drive mapped to it appears as a locally attached disk drive. Table 1-3shows the correlation between an access list and/or VID, the Gigabit Ethernet IP addresses of the SCSI routing instances, and the storage device mapping.
Note The purpose of Figure 1-8and Table 1-3is only to illustrate the concept of storage mapping and access control. The IP addresses will vary according to each site. Similarly, the type of storage addressing (for example, LUN ID, WWPN + LUN or LUN serial number) will vary according to the types of storage and the types of storage addressing preferred at each site. In addition, the figure and the table exclude any additional SN 5428-2 Storage Routers that could be configured for high availability.
Cisco SN 5428-2 Storage Router Software Configuration Guide
