San Francisco

dave spink toolset




IP

Comparing the layered model of OSI and DOD.

OSI MODEL DOD MODEL DESCRIPTION
Application Application Provides users access to computers, examples telnet and ftp.
Presentation Provides compression, encryption, translation and conversion.
Session Manages and terminates the connections between computers.
Transport (segment) Transport (segment) End to end delivery with TCP awk, seq, and flow control.
Network (packet) Internet (packet) Uses IP routing and fragementation with ICMP for error detection.
Data Link (frames) Network Interface (frames) Deliver frames for nodes on the same network.
Physical (bits) Hardware (bits) Signals are sent as bits on the wire.

TCP flow control uses a sliding window technique. The receiving host advertises how much data it is prepared to receive. The default window size is 64K although the RFC 1323 allows a max size of 1Gbyte.

ARP will create a map of 32-bit IP addresses to a 48-bit Ethernet address. ARP entries are cached into an arp table on the host and managed for up to 5 minutes, however, if the host sees a MAC address on the network that resides in cache it will reset the timeout clock for that entry. Limitations of ARP included no TTL and no timeout value on sent requests. The lack of TTL can be a problem with routers that have slow flush rates. There is a process called "Gratitious ARP" where the host broadcasts it's MAC address so that those hosts with an address already present can reset the timeout value.

Switches (layer 2) provide hosts with their own collision domains but a share broadcast domain. They are interested in the local network only and maintain a MAC address table. Switch Port States via STP moves from blocking, listening, learning, to forwarding using a term called convergence. This could take 50 seconds or more.

Spanning-Tree Protocol (STP) - assume you have two or more switches connected together using multiple links. Without spanning tree enabled you could end up with endless broadcasts and devices receiving multiple copies of frames. For Ethernet to work there can be only one active path between switches. 802.1d is Cisco version of STP. The protocol finds all links to switches and places redundant links in standby mode (blocked state). If the primary path becomes unavailable STP will run again and activate the redundant path. All the switches exchange information using (BPDUs) bridge protocol data units in order to elect a root switch.

VLANs provide isolation by ensuring all user resources form part of one broadcast domain. VLANs operate at layer two and are created by assigning switch ports. For the VLAN to span switches you need to create a "trunk link", something that carries multilple VLANs between switches. They add a "tag" with VLAN information onto the Ethernet frame without modifying the original frame.

Private Address Range RFC 1918:

10.0.0.0	- 10.255.255.255
172.16.0.0	- 172.31.255.255
192.168.0.0	- 192.168.255.255

Variable Length Subnet Masks (VLSM) occurs on the address space of the organisation and is invisible to the Internet. The prerequisite is that extended network prefix must be carried with each internal route advertisement. RIP 1 doesn't support VLSM as only a single subnet mask is sent during router updates. OSPF supports VLSM.

Classless interdomain routing (CIDR) eliminates network classes A,B,C and uses netmasks instead. Routers use a network prefix to determine dividing point between network and hosts rather first 3 bits. The routing information is advertised with a bit mask (like ospf), although they require routers to implement a consistent "longest match" algorithm.



SAN

WWPN (World Wide Port Name) is 64 bits (8 bytes) and either set in the factory (4 bits for format, 12 bits reserved, 24 bits company OUI, 24 bits company specific) or software generated as with the EMC Symmetrix FA cards.

A Fibre Channel address is 24-bits containing source and destination not unlike Ethernet. The difference though is that Ethernet uses MAC addresses while FC uses the address assigned when the node logs in. The D_ID (domain ID and port location) is dynamically assigned when the node connects into the switch and will change if re-cabled to another switch port. The important point to note is that the WWPN does not form part of the 24-bit address. The Address Type is XXYYZZ with XX as domain field, YY is port address within the switch, and ZZ is port field or ALPA of the device.

For a node to communicate in the fabric it performs a Fabric Login (FLOGI). The node sends a Source Identifier (S_ID) with its ALPHA ID (Arbitrated Loop Physical Address Id) and the Login Service returns a D_ID containing the domain ID and port location. This gives the node its physical location in the fabric. Next the node registers itself with the Name Service by performing a Port Login (PLOGI). The Name Service stores information about all nodes connected into the fabric. The process login (PRLI) or "storage connectivity" is establised when LUN information is passed between the source node and destination node. Whenever a node leaves or rejoins the fabric the Fabric Controller service sends Registered State Change Notification (RSCN) to all other nodes in the fabric. The three services (Login, Name and Fabric Controller) may work within a virtual container called zone (similar in concept to VLANs).

Block I/O uses a HBA driver that functions at a layer below the SCSI driver in order to present the Fiber Channel Devices as regular SCSI devices. In contrast, NAS presents storage in the form of a file system that the host can mount via a IP network using NFS.

A zone is a logical connection of nodes that are allowed to communicate with each other. You configure zones on the switch by adding host HBA ports with the desired storage port. Why zone? When a node state is changed, for example cable unplugged the HBA driver needs to perform the login process again. If all HBAs were in the same zone all HBA would be "forced" to login again. Also, without zoning the HBA will attempt to discover storage devices on all HBAs increasing boot up time.

The concept of LUN masking is to only allow access to devices that a host needs. The masking occurs at the storage layer and is implemented via sofware. The host WWPN is provided access to a list of devices. The host port sends I/O requests to a particular LUN via a storage port. The storage array processes the request to verify that host HBA (WWPN) is allowed access to the device.

Thin Provisioning Context - File systems are thin provisioned by default; 10 shares will all show the full capacity of the appliance as "free". Unlike traditional block thin provisioning, you can never over-commit on file systems.

C Bit or Common Bit allows multiplathing software to recognize the LUNs from different paths as the same LUNs. Before setting the C Bit serial numbers of the same LUN are different. After setting C Bit, the serial numbers of the same LUN becoms the same. The multipathing software (MPxIO, vxdmp, PP) uses LUN serial to figure out if LUNs coming from different paths belongs to the same LUN.

Before C Bit
c2t22d0      EMC        SYMMETRIX            5671 350EC550Q  primary 
c3t25d0      EMC        SYMMETRIX            5671 350EC580Q  primary 

After C Bit
c2t22d0      EMC        SYMMETRIX            5671 350EC000Q  primary 
c3t25d0      EMC        SYMMETRIX            5671 350EC000Q  primary