Fibre Channel zoning

From Wikipedia, the free encyclopedia

Fibre Channel zoning has a similar meaning to other uses of the word - it focuses certain groups of resources together. In Fibre Channel, zoning is the partitioning of a fabric (or storage area network) into smaller subsets to restrict interference, add security, and to simplify management. If a SAN hosts several hundred disk drives, each system connected to the SAN doesn't need to see all of them. Zoning applies only to the switched fabric (FC-SW) topology of Fibre Channel switches.

There are two main methods of zoning, hard and soft, and two sets of attributes, name and port.

Soft zoning restricts the name services of a device to reflect only those devices it should see. Therefore, when a server looks at the content of the fabric, it will only see the devices it is allowed to see. However, any server can still attempt to contact any device on the network by address. In this way, soft zoning is similar to the computing concept of security through obscurity.

In contrast, hard zoning restricts actual communication across a fabric. This requires greater resources in the fabric switches, but is much more secure.

Zoning can also be applied to either switch ports or end-station name. Port zoning restricts ports from talking to unauthorized ports. This requires a heterogeneous SAN if it is to be used beyond a single switch. Name zoning restricts access by World Wide Name. This is more flexible, but WWNs can be spoofed, reducing security.

Zoning is mainly used in large storage applications, this term is sometimes confused with LUN masking at Servers(HBA). Basically this performs the same functionality as that performed by the LUN masking techniques being employed. The one to one initiater and target mapping provide besides an ease of working also user defined bandwidths allocation.