In general the initiator performs the discovery of all the devices in a SAN environment. If zoning is not done previously, the initiator will probe and discover all devices on the SAN fabric. As part of the discovery , every device will also be queried to discover its properties and capabilities. On a large this could take forever and be a massive waste of time and resources. So inorder to speed up and smooth this discovery process, the name server was created. Each time any device joins the fabric, it performs a process referred as a fabric login (FLOGI). This FLOGI assigns a 24 bit N-Port IDS to all the devices and specifies the class of service to be used.
After a successful FLOGI process, the device then performs a port login (PLOGI) to the name server to register its capabilities. All devices joining a fabric perform PLOGI to the name server. As part of the PLOGI, the device will ask the name server for a list of devices on the fabric and this is where zoning is helpful. Instead of returning a list of all devices on the fabric, the name server returns only a list of those devices that are zoned so as to accessible from the device performing the PLOGI. This process is quicker and more secure that probing the entire SAN for all the devices and it is also allows for greater control and more flexible SAN management.
Whenever a change takes place in the name server database, the fabric controller sends a Registered State Change Notification (RSCN) to all the nodes impacted by the change. If zoning is not configured, the fabric controller sends the RSCN to all the nodes in the fabric.
Involving the nodes that are not impacted by the change increases the amount of fabric-management traffic. For a large fabric, the amount of FC traffic generated due to this process can be significant and might impact the compute-to-storage data traffic. Zoning helps to limit the number of RSCNs in a fabric. In the presence of zoning, a fabric sends the RSCN to only those nodes in a zone where the change has occurred.
What is Zoning ?
Zoning is an FC switch function that enables node ports within the fabric to be logically segmented into groups and communicate with each other within the group.
Zoning also provides access control, along with other access control mechanisms, such as LUN masking. Zoning provides control by allowing only the members in the same zone to establish communication with each other. Multiple zones can be grouped together to form a zone set and this zone set is applied to the fabric. Any new zone configured needs to be added to the active zone set in order to applied to the fabric.
Zone members, zones, and zone sets form the hierarchy defined in the zoning process. A zone set is composed of a group of zones that can be activated or deactivated as a single entity in a fabric. Multiple zone sets may be defined in a fabric, but only one zone set can be active at a time. Members are the nodes within the FC SAN that can be included in a zone.
FC switch ports, FC HBA ports, and storage system ports can be members of a zone. A port or node can be a member of multiple zones. Nodes distributed across multiple switches in a switched fabric may also be grouped into the same zone. Zone sets are also referred to as zone configurations.
Best Practices for Zoning
Always keep the zones small so that the troubleshooting may get simpler.
Have only a single initiator in each zone and it is not recommended to have more than one initiator in a zone.
To make troubleshooting easier, also keep the number of targets in a zone small.
Give meaningful aliases and names to your zones so that they can easily identified during troubleshooting.
Zone changes need to be done with extreme caution and caring to prevent unwanted access of sensitive data.
Zoning can be categorized into three types:
WWN zoning: It uses World Wide Names to define zones. The zone members are the unique WWN addresses of the FC HBA and its targets (storage systems). A major advantage of WWN zoning is its flexibility. If an administrator moves a node to another switch port in the fabric, the node maintains connectivity to its zone partners without having to modify the zone configuration. This is possible because the WWN is static to the node port. WWN zoning is also referred as soft zoning sometimes.
Port zoning: It uses the switch port ID to define zones. In port zoning, access to node is determined by the physical switch port to which a node is connected. The zone members are the port identifiers (switch domain ID and port number) to which FC HBA and its targets (storage systems) are connected. If a node is moved to another switch port in the fabric, port zoning must be modified to allow the node, in its new port, to participate in its original zone. However, if an FC HBA or storage system port fails, an administrator just has to replace the failed device without changing the zoning configuration. Port zoning is also referred as hard zoning sometimes.
Mixed zoning: It combines the qualities of both WWN zoning and port zoning. Using mixed zoning enables a specific node port to be tied to the WWN of another node.