After yesterdays post on HBA’s I was thinking about fibre channel, which leads in nicely to todays post about fabric zoning best practices.
So, what is a ‘Single Initiator Zone’ and why do we implement them?
An initiator is the HBA in your ESXi Host, typically these are two port or perhaps in four port depending on your requirements. Each port is known as an initiator.
Part of your VMware design would be to have at least two HBA’s with two ports (initiators) for redundancy. These would then connect to the storage processor on your SAN (the target) which would have four ports, two on each disk controller.
We then have two fabric switches for redundancy to ensure that our SAN continues to recieve storage requests if a single fabric switch failes.
Following this through our ESXi Host has ports E1 & E2 on HBA1 and E3 & E4 on HBA2. The SAN has S1 & S2 on disk controller 1 and S3 & S4 on disk controller 2.
From this we will end up with eight zones, as each zone has a single initiator and single target.
E1 to S1 via Fabric Switch 1
E1 to S3 via Fabric Switch 2
E2 to S2 via Fabric Switch 1
E2 to S4 via Fabric Switch 2
E3 to S1 via Fabric Switch 1
E3 to S3 via Fabric Switch 2
E4 to S2 via Fabric Switch 1
E4 to S4 via Fabric Switch 2
If your like me, then looking at a picture makes a lot more sense
Brocade produce a ‘Fabric Zoning Best Practices’ White Paper, which is the paper I tend to follow when implementing fabric zoning.
The white paper can be found here
Don’t forget that Fabric Zoning has nothing to do with LUN masking which is used to choose which servers are allowed to see which LUN. For example in an vCenter environment you would normally want all of your hosts to be able to see all of the LUN’s for vMotion to work. The only expection to this would be if you had multiple clusters where you would LUN mask each clusters hosts.
3 thoughts on “Fabric Zoning Best Practices”
Hi Craig, great write up, very clear – to add your post I just finished a writing a whitepaper on zoning BP for HP 3PAR SV 7000’s, but I guess this could be applied in other SAN presentation examples.
Here is the high level summary of that guide:
• Zone by pWWN and not by Domain, Port. Zoning by pWWN provides better security.
• NPIV needs to be enabled on 3PAR node ports connected to the FC fabric.
• Zone via single HBA (single initiator to multiple targets per zone (targets = StorServ Node ports)) the number of StorServ port connections per host HBA should be 4 or less.
• RSCN’s (registered state change notifications) should be limited where possible by implementing SIZ (Single initiator zones)
• For high availability clustered environments that require multiple initiators to access the same set of target ports, HP recommend that separate zones be created for each initiator with the same set of target ports.
• Hypervisors can be zoned to four different nodes but the hypervisor HBAs must be zoned to the same host port on HBAs in the nodes for each node pair.
• If the host has a requirement to see both storage and tape devices a single zone should be created for each initiator, using SIZ prevents any hosts-to-host interaction and limits RSCNs to just the zones that need the information. RSCNs are unicast by nature and do not cause broadcast storms across FC switchports, however RSCN’s should be reduced where possible.
• Host ports should be zoned in partner pairs. For example, if a host is zoned into point 0:1:2 (node 0, slot 1, port 2), then it should also be zoned into point 1:1:2 (node 1, slot 1, port 2).
HP SAN Design Reference Guide B-Series Zoning Recommendations page 119
HP UX 3PAR Implementation Guide page 8
HP 3PAR Windows Server 2012, Server 2008 Implementation Guide page 17
HP 3PAR VMware ESX Implementation Guide page 12
HP Brocade Secure Zoning Best Practices
HP 3PAR Peer Persistence Whitepaper
Hi Craig, one question the zoning scheme on text and the image below are different, the text says the SAN ports S1, S2 are only in switch 1 and S3, S4 are only in switch 2. In the image below the S2 and S4 are zoning by switch 2.
Which of this two are correct or best practice to implement?