/ciol/media/agency_attachments/c0E28gS06GM3VmrXNw5G.png)
Follow UsZoning - the term usually referred to logical partitioning, is a software feature that is used to manage devices on a storage area network (SAN). A SAN architecture provides port-to-port connections between servers and storage through bridges, switches and hubs. Zoning enables administrators to group devices by limiting access through the ports.
SAN technology makes information highly accessible and this accessibility generates a need for heightened network security and the optimization of data transfer processes. And here, the technique of Zoning incorporates an efficient method of managing, partitioning and controlling access to devices in a SAN. It helps maximize resources while maintaining data security. It also enables heterogeneous devices to be grouped by operating system, which is useful in SAN administration.
Zoning components include:
- Zones
- Zone Sets
- Default Zones
- Zone Members
Zones
A zone is comprised of devices that can access each other through port-to-port connections. Devices in the same zone can see and communicate with each other; devices in different zones cannot. Figure 1 (Source: storageareanetworking) illustrates three zones with four devices in each zone. The devices in zone 1 (orange) can only communicate with other devices in zone 1. This principle applies to devices in zones 2 and 3 as well.
Zone Sets
Zone sets are group of zones that can be enabled or disabled together. Each zone set can include up to 256 zones. A device can only see other devices in the same zone. However, devices can be included as members of more than one zone set.
Default Zone
A default zone consists of all devices that are not members of a zone in a currently enabled or active zone set. You can enable or disable the default zone separately from the active zone set. If no zone set is enabled, then all devices are considered to be in the default zone.
Zone Member Identification
A zone member is identified by either its port number or World Wide Name (WWN). A WWN is a 64-bit number that uniquely identifies a director (switch), even on global networks.
How Zoning works
Zoning is typically implemented on a per-port basis, although more complex versions allow Zoning on MAC or network address. In a port-based Zoning scheme, individual ports are assigned to one or more groups. Ports that are members of a group or zone can communicate with each other, but are isolated from ports in other zones. Since a switch may support many devices on a single port, it is possible to build large populations of devices within a single zone. In addition, switches can be cascaded together to extend a zone to multiple switched segments.
Types of Zoning
Soft Zoning
Soft zoning, or name server zoning uses a name server database located in the director. The name server database stores WWNs and port numbers used to identify the devices during the zoning process. The device identification method may be mixed and matched.
Hard Zoning
Hard zoning uses a route table, located in the director, to specify which WWNs can be included in a zone. This configuration requires all devices to pass through the route table, enabling the director to regulate data transfers by checking zones. This zoning configuration is more limited than soft zoning because it does not take port numbers into consideration.
Persistent Binding
Persistent binding is an Host Bus Adapters (HBAs) -based program that configures a logical route across the network fabric by specifying Logical Unit Numbers (LUNs). It enables the administrator to specify storage resources in a multihost fabric. In order to transfer data, the HBA must be persistently bound to the LUNs of the desired storage. This method decreases addressing space and increases network manageability.
Benefits of Zoning
Restricting Routes
The administrator can utilize zoning to improve security by limiting data transfer routes. Restricting communication between devices insures that accidental data transfer between devices will not occur. This increases security by insuring that devices outside of a zone do not have access to devices within a zone.
Enables Subsets of User Groups
Zones can also be used to define logical subsets of closed user groups. Administrators can specify user groups by granting access rights to specific zones for specific users, thereby protecting data on specific devices. The user groups can be further divided into subgroups
Separates Operating Systems
Zoning provides barriers between systems with different operating environments or uses. For example, it is often necessary to separate servers and enterprise storage that use different operating systems because accidental transfer of information from one to another can delete critical data. Zoning can prevent data loss by grouping devices on similar operating systems into zones.
Zoning precautions
Although zoning is a highly beneficial software feature, some precautions should be taken when implementing zoning.
- Verify that all WWNs are accurate. This will help you avoid sending data to the wrong device.
- Plan ahead. Spend time designing zone configurations. Organization is key to setting up zones that successfully manage the SAN. If design isn''t considered, zones could be inadvertently set up to exclude all ports.
Zoning is a reliable method for managing devices in a SAN. Through its implementation, an administrator can increase network security and develop a heterogeneous fabric. Zoning is also cost-effective because in that it eliminates the need to purchase additional components.