Jump to content

Logical Unit Number masking: Difference between revisions

Add links
From Wikipedia, the free encyclopedia
Browse history interactively
← Previous editNext edit →
Content deleted Content added
VisualWikitext
'unref' template
No edit summary
Line 1: Line 1:
{{unref|date=September 2009}}
{{unref|date=September 2009}}
{{Fibre Channel}}
{{Fibre Channel}}
'''Logical Unit Number Masking''' or '''LUN masking''' is an authorization process that makes a [[Logical Unit Number]] available to some hosts and unavailable to other hosts.
'''Logical Unit Number Masking''' or '''LUN masking''' is an authorisation process that makes a [[Logical Unit Number]] available to some hosts and unavailable to other hosts.


The security benefits are limited in that with many [[Host adapter|HBA]]s it is possible to forge source addresses ([[World Wide Name|WWNs]]/[[MAC address|MACs]]/[[IP address|IPs]]). However, it is mainly implemented not as a security measure per se, but rather as protection against misbehaving servers from corrupting disks belonging to other servers. For example, Windows servers attached to a [[Storage area network|SAN]] will under some conditions corrupt non-Windows (Unix, Linux, NetWare) volumes on the SAN by attempting to write Windows volume labels to them. By hiding the other LUNs from the Windows server, this can be prevented, since the Windows server does not even realize the other LUNs exist.
The security benefits are limited in that with many [[Host adapter|HBA]]s it is possible to forge source addresses ([[World Wide Name|WWNs]]/[[MAC address|MACs]]/[[IP address|IPs]]). However, it is mainly implemented not as a security measure per se, but rather as protection against misbehaving servers from corrupting disks belonging to other servers. For example, Windows servers attached to a [[Storage area network|SAN]] will under some conditions corrupt non-Windows (Unix, Linux, NetWare) volumes on the SAN by attempting to write Windows volume labels to them. By hiding the other LUNs from the Windows server, this can be prevented, since the Windows server does not even realize the other LUNs exist.

Revision as of 15:09, 20 July 2010

Fibre Channel
Layer 4. Protocol mapping
LUN masking
Layer 3. Common services
Layer 2. Network
Fibre Channel fabric
Fibre Channel zoning
Registered state change notification
Layer 1. Data link
Fibre Channel 8b/10b encoding
Layer 0. Physical

Logical Unit Number Masking or LUN masking is an authorisation process that makes a Logical Unit Number available to some hosts and unavailable to other hosts.

The security benefits are limited in that with many HBAs it is possible to forge source addresses (WWNs/MACs/IPs). However, it is mainly implemented not as a security measure per se, but rather as protection against misbehaving servers from corrupting disks belonging to other servers. For example, Windows servers attached to a SAN will under some conditions corrupt non-Windows (Unix, Linux, NetWare) volumes on the SAN by attempting to write Windows volume labels to them. By hiding the other LUNs from the Windows server, this can be prevented, since the Windows server does not even realize the other LUNs exist.

Stub icon

This computer-storage-related article is a stub. You can help Wikipedia by expanding it.

Retrieved from "https://en.wikipedia.org/enwiki/w/index.php?title=Logical_Unit_Number_masking&oldid=374504965"