Assessing Network Connectivity -
Networks play a role in all storage configurations, both locally within the data center and across metropolitan- and wide-area topologies. -
Effective deployment requires offensive and defensive thinking for networking. -
Defensive strategies aim to protect existing data using as much of the existing network infrastructure as possible. -
Offensive strategies aim to consolidate current and future investments in line with corporate data networking initiatives for greater economies of scale. -
New product categories bridge traditional storage networking with mainstream data networking. -
Last-mile connectivity continues to rapidly improve, presenting companies with radically different cost and bandwidth models that can influence metropolitan and remote storage networking options. 9.1 Modern Networks Use Layered Protocols -
Data networking is analogous to modern shipping systems and operates with a layered architecture. -
Layer one is the physical layer and can be likened to a railroad . -
SONET (Synchronous Optical Network) and SDH (Synchronous Digital Hierarchy) are layer-one networks. -
Layer two is the link layer and is analogous to big-rig truck trailers . -
Ethernet, Token Ring, and Fibre Channel are layer-two network protocols and can be transmitted across almost any layer-one network. -
Layer three is the network layer and can be compared to containerized freight containers. -
The advantage of a standard container size is the flexibility to move across layer-two and layer-one topologies with virtually no modification. -
IP is the de facto network-layer protocol and can be transported across Ethernet (layer two) or directly on layer one (packet-over-SONET). 9.2 Options for Metropolitan- and Wide-Area Storage Networking -
DAS can use file-based backup over the LAN, with remote connections using existing wide-area transports for other data networking traffic. -
While simple to configure, DAS places added loads on the servers and the LAN bandwidth. -
Some applications can tolerate block-to-file conversions for LAN-based backup; others cannot. -
SANs allow direct network connectivity for backup and other storage operations both locally and across MANs. -
For metropolitan distances, Fibre Channel SANs can use a dedicated link or operate within the existing SONET or SDH network (layer one). -
Fibre Channel SANs operating at 1 or 2 Gbps require the entire optical link be dedicated to SAN traffic. -
Optical links are frequently a high-ticket item and should be provisioned and shared across the entire company. -
Converting Fibre Channel to IP and Ethernet for metropolitan- and wide-area networking allows shared use of expensive optical circuits. -
Ethernet frames can be multiplexed by a layer-three switch or router with SONET or SDH links to the metropolitan optical network. 9.3 Metropolitan- and Wide-Area Storage Network Products -
Metropolitan- and wide-area storage products employ a variety of IP storage protocols for optimized deployment. -
Each protocol implementation is specifically suited to a combination of Fibre Channel and IP SANs and devices. -
IP storage products such as IP storage switches, routers, gateways, and HBAs often make use of multiple protocols, depending on application and topology requirements. -
Conventional storage networking products such as Fibre Channel switches and directors may also implement specific IP storage protocols to accomplish required conversions. -
IP storage switches, routers, and gateways can be deployed to connect two Fibre Channel SANs across MANs and WANs. -
IP storage switches can also be deployed within data center configurations to establish an IP core for the SAN. -
A SAN already using an IP core (such as iSCSI or iFCP) will have IP access built in and not require additional conversion equipment for metropolitan- or wide-area connectivity. 9.4 MAN and WAN Services -
The network services industry has undergone a boom-and-bust cycle. -
A glut of fiber- optic cable has been left behind in the wake of bankruptcies and other debacles, leaving ample supply of unused bandwidth available for corporations. -
The last mile or local loop has traditionally been the biggest bottleneck for companies to get high-speed access to optical networking services. -
Commercial areas frequently have access to optical bandwidth, particularly in downtown business districts. -
Local exchange carriers (LECs) handle metropolitan and regional networking services. -
Interexchange carriers (IXCs) handle long-distance services. -
Competitive local exchange carriers (CLECs) and Ethernet local exchange carriers (ELECs) compete with LECs by offering new services and may also have links between metropolitan and regional areas. -
LECs, IXCs, CLECs and ELECs generally provision layer-one and layer-two networks. -
Internet service providers (ISPs) generally provision layer-three networks. -
ISPs can pool bandwidth among layer-three network subscribers, enabling a range of prices and services. -
Virtual private networks (VPNs) allow secure connections on layer-three networks. -
Data compression helps reduce the need for bandwidth ”critical for more expensive layer-one or layer-two networks. -
New options in fixed-wireless and free-space optical systems present attractive last-mile bandwidth access. 9.5 Security for Storage Networking -
The introduction of IP networking to storage has brought with it numerous questions about security. -
Most data center SAN security has been solved using comprehensive zoning mechanisms for fabric configuration, device access, and management. -
Metropolitan- and wide-area networking have been secured using encryption and VPNs ”solutions that have served the mainstream data communications market for years . -
Security areas can be broken down to device I/O, data center SANs, and metropolitan- and wide-area SAN interconnect. -
Each area mandates its own security considerations. -
The minimum requirements for IP storage security is a VPN at the data center egress point to a shared or provisioned network. -
Additional security options are available within data center SANs and at the device I/O level. -
Implementing end-to-end encryption for IP storage security may have performance impacts. |