Cisco Systems SN 5428-2 Network Router User Manual


 
1-8
Cisco SN 5428-2 Storage Router Software Configuration Guide
OL-4691-01
Chapter 1 Before Configuring SN 5428-2 Storage Router Software
SCSI Routing Overview
Access for SCSI routing is controlled in the IP hosts and the storage router. In an IP host, the iSCSI driver
is configured with the Gigabit Ethernet IP address of the SCSI routing instance in the storage router with
which the host is to transport SCSI requests and responses. In a storage router, access is controlled
through an access list and a VLAN identifier (VID) number of the hosts. Additionally, access can be
further controlled in the SN 5428-2 through authentication. See the “Authentication Overview” section
on page 1-24 for more information about authentication.
An access list enables access to storage devices attached to the SN 5428-2 according to any combination
of host IP address(es), CHAP user name(s), or iSCSI name(s). An access list contains these combinations
of hosts allowed to access the storage devices. Host VID enables access to storage devices according to
the VID of each host. See the “VLAN Access Overview” section on page 1-20 for more information
about VLAN access.
For each iSCSI target, you can associate one access list allowing read/write access, and one access list
allowing read-only access. See Chapter 6, “Configuring SCSI Routing,” for more information about
read/write and read-only access.
You can use a combination of access lists and VIDs to configure access in the SN 5428-2; that is, you
can specify that certain hosts according to IP address in a VLAN can access storage devices attached to
the SN 5428-2.
Once the access is configured in the hosts and the SN 5428-2, and once the storage mapping is
configured in the SN 5428-2, the SN 5428-2 routes SCSI requests and responses between hosts and the
mapped storage devices.
Figure 1-8 represents the concept of storage mapping and access control for SCSI routing. In the figure,
the SN 5428-2 Storage Router provides three IP hosts with IP access to disk drives across four disk
controllers. The SN 5428-2 contains two SCSI routing instances: one configured with IP address
10.1.2.3 for the Gigabit Ethernet interface and the other with IP address 10.1.2.4. The iSCSI drivers in
each IP host are configured to access those SCSI routing instances by their IP addresses through the
Gigabit Ethernet interface. An access list in the storage router or VID (or both) specifies that hosts A,
B, and C are allowed to access the mapped storage devices. From the perspective of a host, each disk
drive mapped to it appears as a locally attached disk drive. Table 1-3 shows the correlation between an
access list and/or VID, the Gigabit Ethernet IP addresses of the SCSI routing instances, and the storage
device mapping.
Note The purpose of Figure 1-8 and Table 1-3 is only to illustrate the concept of storage mapping and access
control. The IP addresses will vary according to each site. Similarly, the type of storage addressing (for
example, LUN ID, WWPN + LUN or LUN serial number) will vary according to the types of storage
and the types of storage addressing preferred at each site. In addition, the figure and the table exclude
any additional SN 5428-2 Storage Routers that could be configured for high availability.