ISCSI: Difference between revisions

This article needs additional citations for verification. Please help improve this article by adding citations to reliable sources. Unsourced material may be challenged and removed. Find sources: "ISCSI" – news · newspapers · books · scholar · JSTOR (January 2007) (Learn how and when to remove this message)

This article may require cleanup to meet Wikipedia's quality standards. No cleanup reason has been specified. Please help improve this article if you can. (December 2006) (Learn how and when to remove this message)

Internet SCSI (iSCSI) is a network protocol standard, officially ratified on 2003-02-11 by the Internet Engineering Task Force, that allows the use of the SCSI protocol over TCP/IP networks. iSCSI is a transport layer protocol in the SCSI-3 specifications framework. Other protocols in the transport layer include SCSI Parallel Interface and Fibre Channel.

Acceptance of iSCSI in corporate production environments has accelerated now that Gigabit Ethernet is becoming more common. Building iSCSI-based Storage Area Networks (SAN) has become a less costly but worthy alternative to creating Fibre Channel-based SANs.

The iSCSI (IPA pronunciation: [aɪskʌzi]) protocol uses TCP/IP for its data transfer. Unlike other network storage protocols, such as Fibre Channel (which is the foundation of most SANs), it requires only the simple and ubiquitous Ethernet interface (or any other TCP/IP-capable network) to operate. This enables low-cost centralization of storage without all of the usual expense and incompatibility normally associated with Fibre Channel storage area networks.

Critics of iSCSI expect worse performance than Fibre Channel due to the overhead added by the TCP/IP protocol to the communication between client and storage. However new techniques like TCP Offload Engine (TOE) help in reducing this overhead. Tests have shown excellent performance of iSCSI SANs, whether TOEs or plain Gigabit Ethernet NICs were used. The iSCSI market is growing steadily, and should improve in performance and usability as more organizations deploy Gigabit and 10 Gigabit networks, and manufacturers integrate iSCSI support into their operating systems, SAN products and storage subsystems. iSCSI becomes even more appealing as Ethernet can now support higher speeds than Fibre Channel. Vendors are starting to come out with 10G cards.

In the context of computer storage, iSCSI allows a machine to use an iSCSI initiator to connect to remote targets such as disks and tape drives on an IP network for block level I/O. From the point of view of the class drivers and application software, the devices appear as locally attached SCSI devices. More complex environments consisting of multiple hosts and/or devices are called Storage Area Networks (SAN).

iSCSI devices should not be confused with Network-Attached Storage (NAS) devices which include server software to handle the arbitration of simultaneous access requests from different hosts. Allowing multiple hosts to have simultaneous access to a single device is a difficult task common to all SCSI devices. Without host-to-host communication, each host is unaware of the state and intentions of the other hosts. This condition leads to data corruption and race conditions. In the realm of disk storage, cluster software solves this issue.

An iSCSI initiator, in client/server terminology, is akin to a client device that connects to some service offered by the server (in this case an iSCSI target). An iSCSI target is akin to a server, in that it provides block level access to its storage media (usually a hard drive, but can be other types of SCSI devices if the iSCSI target software supports them.) The primary difference between a regular client/server system and an iSCSI initiator/target system is that while many clients can simultaneously access the same files served by a single server, iSCSI requires complex coordination between initiators to synchronize accesses to the same files.

iSCSI can be used to give an OS block-level access to a remote device (one attached to another computer likely on the same LAN). Depending on the types of devices supported by the iSCSI target, this block-level access can be used to build RAID volumes using remote disks, or to connect and use remote DVD/CD-writers and scanners, or to simply access additional storage space. iSCSI (like all SCSI protocols) does not mandate how devices are shared amongst multiple computers at the same time; instead the OS in control of the iSCSI device is responsible for controlling remote access to the device. The initiator and the OS that it is running on will determine how the iSCSI device appears, and whether it is a /dev entry or gets a drive letter or something else.

iSCSI host bus adapters (HBAs) are network interface controllers that incorporate a TCP Offload Engine with onboard iSCSI processing. iSCSI HBAs are usually abstracted purely as SCSI controllers by the operating system driver system. In this case, the HBA is not a part of the system network stack. Recently there has been considerable effort in providing standard vendor-independent iSCSI management facilities via operating system driver interfaces. These standard interfaces also work with software initiators.

Since iSCSI HBAs offload considerable processing in the iSCSI stack, interrupt generation is less than comparable software initiator setups. Applications leaving few spare CPU cycles should benefit from the use of a dedicated HBA.

iSCSI HBAs have the advantage of including PCI option ROMS to allow booting from iSCSI targets. Alternative iSCSI boot methods with software initiators would require substantial work.

Most industry focus has been placed on creating iSCSI disk targets though iSCSI tape and medium changer targets are popular as well. So far, physical devices have not featured native iSCSI interfaces on a component level. Instead, devices with SCSI Parallel Interface or Fibre Channel interfaces are bridged by using iSCSI target software, external bridges, or controllers internal to the device enclosure.

Alternatively, disk and tape targets can be virtualizations. Rather than representing an actual physical device, an emulated virtual device is presented. The underlying implementation can deviate drastically from the presented target as is done with Virtual Tape Library (VTL) solutions. VTLs use disk storage for storing data written to virtual tapes. As with actual physical devices, virtual targets are presented by using iSCSI target software, external bridges, or controllers internal to the device enclosure.

In the security products industry, some manufacturers use an iSCSI RAID as a target, with the initiator being either an IP-enabled encoder or camera.

There are multiple systems which allow Fibre Channel, SCSI & SAS devices to be attached to an IP network for use via iSCSI. They can be used to allow migration from older storage technologies, access to SANs from remote servers and the linking of SANs over IP networks.

iSCSI provides three name formats for different types of naming authorities:

• iSCSI Qualified Name (IQN), Format: iqn.yyyy-mm.{reversed domain name} (e.g. iqn.2001-04.com.acme:storage.tape.sys1.xyz)
• Extended Unique Identifier (EUI), Format: eui.{EUI-64 bit address} (e.g. eui.02004567A425678D)
• T11 Network Address Authority (NAA), Format: naa.{NAA 64 or 128 bit identifier} (e.g. naa.52004567BA64678D)

In the case of IQN the address is qualified by a date (yyyy-mm) since a domain name can expire or be acquired by another entity. EUI is provided by the IEEE Registration authority in accordance with EUI-64 standard. NAA is part OUI which is provided by the IEEE Registration Authority.

NAA name formats were added to iSCSI in RFC 3980, to provide compatibility with naming conventions used in Fibre Channel and SAS storage technologies.

Each target is defined by three or four fields:

HostNameOrAddress PortNumber iSCSIName CHAPSecret (optional)

Example:

iscsi.example.com 3260 iqn.2003-01.com.ibm:00.fcd0ab21.shark128 "123ismysecretpassword"

• iSCSI is one of the longest palindromes in the IT industry.

• Fibre Channel over IP (FCIP)
• Internet Fibre Channel Protocol (iFCP)
• Internet Storage Name Service (iSNS)
• Service Location Protocol
• ATA-over-Ethernet (AoE)
• HyperSCSI SCSI over Ethernet frames instead of IP (as iSCSI is)
• ISCSI Extensions for RDMA (iSER)

• RFC 3720 - Internet Small Computer Systems Interface (iSCSI)
• RFC 3783 - Small Computer Systems Interface (SCSI) Command Ordering Considerations with iSCSI

• Picquelle Report (iSCSI Standards & 10GbE Ratified)
• "iSCSI: Insecure SCSI". A talk on iSCSI security given at the BlackHat Security Conference
• NetBSD iSCSI Target HOWTO
• NetBSD iSCSI Initiator HOWTO