High-end management, low-cost SANs

IP SANs based on the iSCSI protocol enable easy migration from DAS, and even entry-level iSCSI arrays have sophisticated management tools.

By David Dale

A common misconception about iSCSI is that it’s simply about cheap SAN storage for tier-2 and tier-3 applications. However, with the technology now in the mainstream, and with affordable, easy-to-deploy solutions available from a wide variety of vendors, the reality is somewhat different.

Even entry-level iSCSI storage arrays typically include sophisticated data management capabilities such as point-in-time copy, remote copy, and asynchronous mirroring, and these features are enabling IT organizations to make significant improvements in the availability and recoverability of their data assets while reducing infrastructure and administration costs.

This article discusses what you can expect from iSCSI SANs and describes several typical cases to illustrate the benefits they can provide.

The case for consolidation

Businesses depend on the constant availability of applications and the rapidly growing data they create. This is driving increasingly stringent requirements of IT organizations as they struggle to maintain and improve quality of service (QoS) while they are operating with tight IT budgets, lean staffs, and limited time available to perform data management functions.

Direct-attached storage (DAS) systems are a common infrastructure for these application environments, and Windows is the most common operating system environment.

However, DAS has fundamental limitations that make it difficult to meet users’ demanding business requirements.

Windows environments typically consist of multiple (sometimes many) servers, each with DAS. Typical DAS-based environments use tape for backup and recovery, with tape drives connected either directly to servers or via a network. These DAS infrastructures present challenges for meeting cost and service level requirements:

  • Poor scalability and capacity utilization: Administrators face a frequent need to increase storage capacity to accommodate both rapid data growth and increasingly demanding I/O requirements. Storage utilization with DAS is often as low as 30%, implying substantial investment in unused capacity. Also, adding storage is often disruptive, in some cases requiring more servers;
  • Disruptive backups and long recovery times: In today’s 24×7 world, IT administrators often struggle with compressed, or even nonexistent, backup windows-particularly for their business-critical applications. Perhaps more importantly, data recovery is often even more of a problem: It can take from several hours to several days to recover data from tape-a factor that makes tape-based recovery times increasingly inconsistent with users’ requirements; and
  • Disaster-recovery infrastructure: For many companies using DAS, advanced disaster-recovery capabilities such as remote mirroring are impractical to implement because of the inherent complexity of replicating and managing the DAS/tape infrastructure.

Click here to enlarge image

Today, however, IT organizations have a range of storage consolidation options that address these issues. iSCSI-based IP SANs can provide a new network storage architecture that meets availability, recoverability, and manageability requirements with the cost structure and ease-of-use appropriate for Windows environments. The key to delivering these capabilities is not only the availability of affordable IP SAN solutions, but also the fact that most iSCSI storage arrays come with sophisticated data management options such as snapshots, remote copy, and asynchronous mirroring-features historically associated with high-end SAN arrays and large NAS systems.

These features have recently trickled down to even entry-level iSCSI storage systems, which can transform IT operations from largely manual to largely automated.

One of the features of IP SANs is that deployment is typically fast and simple, and it can be accomplished by existing network and server administrators. It is often useful to think about the project in stages:

  1. Deploy an IP SAN to consolidate and centrally manage storage;
  2. Leverage snapshot technology and, optionally, SATA-based secondary storage for simple and fast backup and recovery; and
  3. Implement low-overhead remote mirroring for affordable disaster recovery.

Many organizations that want to simplify and improve their Windows server environments can realize a variety of benefits by consolidating their DAS infrastructures to an iSCSI SAN. These networks allow storage to be decoupled from each application server for more centralized and efficient management and control of disk resources (see figure on p. 40).

Best practices for deploying an IP SAN include the following:

  • Most implementations use the native iSCSI software initiator that comes with the host operating system. For contemporary servers the host CPU has plenty of horsepower to handle iSCSI processing. For heavy application workloads or older CPUs, you might want to consider a TCP/IP accelerator card or an iSCSI HBA to increase performance;
  • Most iSCSI implementations are implemented with a separate network for the storage traffic (as shown on p. 40)-either by having physically separate switches and host ports or by configuring VLANs on the existing Gigabit Ethernet switching infrastructure. Also, most implementations use jumbo frames, which can improve performance by 15% or more;
  • Most implementations have redundant I/O paths between the servers and the storage devices. A number of options are available; for example, many users have found that trunking provides sufficient path redundancy. For more-business-critical workloads, most users implement multiple physical paths and the MPIO multi-path driver. Environments that need a flexible mix of path aggregation for both performance and redundancy might want to consider Multi-Connected Sessions; and
  • For security, it’s important to activate the authentication capability built into the iSCSI initiator. Also, deploying the IP SAN in a secure data-center environment usually provides sufficient security for most environments. If the SAN extends over a campus or a metropolitan area, you may want to consider IPSec protection.

Click here to enlarge image

Migration from an existing DAS infrastructure is usually straightforward, although thorough planning is critical, and leveraging your storage vendor’s professional services offerings is a sound best practice.

Leverage snapshots

Tape media is often used to back up business application environments. While tape is a low-cost means of data protection, tape-based backup has fundamental limitations for environments requiring non-disruptive backup and rapid restore. A minor recovery from tape can take hours, while recovery from a more-catastrophic failure can take days.

The use of snapshot technology addresses these issues by allowing administrators to effectively freeze the state of the data on disk at a particular point in time (see figure, left). Since this is not a “copy” per se, the operation is almost instantaneous, regardless of the amount of data involved, which can eliminate the traditional concept of a backup window.

Snapshots can be kept on the primary array, or copied off to secondary storage (e.g., a low-cost SATA array) for backup consolidation or tape archiving.

Data recovery is also extremely fast, since reverting to an earlier snapshot is effectively just a mount operation. Recovery from tape becomes unnecessary, saving operator hours and downtime.

Click here to enlarge image

Almost all iSCSI-based storage systems support some type of snapshot technology, and snapshots have become a best practice in data protection and recovery. In addition, Microsoft has exposed Windows APIs through its Volume Shadow Copy Service (VSS), which enables array vendors to tightly integrate their snapshot capabilities with the Windows administration environment for safe, automated backup-and-restore operations at the application level.

Mirroring for DR

Ensuring business continuity is one of the more-challenging tasks faced by today’s IT administrators. DAS architectures with a reliance on tape backup usually require additional functionality to ensure application availability in the event of some type of catastrophic failure at the main data center. Remote mirroring to an off-site disaster-recovery location is the dominant method IT managers use to ensure application availability after a site disaster (see figure, left).

Although these types of solutions are available, until recently many were impractical to deploy in a typical Windows or Linux environment because of their complexity and extensive bandwidth requirements. Many even require expensive and proprietary software, not to mention extensive services to aid in design, installation, and ongoing management.

However, formerly high-end capabilities have trickled down to the low-end with the advent of IP SANs. Almost all iSCSI storage systems today offer an asynchronous mirroring option, which provides a flexible, affordable way to perform remote mirroring of data to other systems over an existing IP-based LAN, MAN, or WAN. Compared to other alternatives, this solution is quick to deploy and cost-effective, making it a good fit for Windows environments. This enables the deployment of a disaster-recovery solution that satisfies the majority of application service-level requirements in Windows environments.

Many organizations have been able to reap the benefits of moving their Windows servers from a DAS/tape architecture to an IP SAN. Taking advantage of the affordability and simplified data management capabilities found in iSCSI-based storage environments, these organizations have been able to realize higher levels of data availability, faster system recoverability, and an agility that lets them quickly add storage when needed to accommodate growth.


By leveraging affordable IP SAN technologies and the built-in features of iSCSI storage systems, companies can transform their storage infrastructure into a simple, powerful environment that effectively meets the increasing demands of their business applications.

David Dale is chair of the SNIA IP Storage Forum and director of industry standards at Network Appliance.

Definitions: Snapshots vs. point-in-time copies

Snapshot: A fully usable copy of a defined collection of data that contains an image of the data as it appeared at the point in time at which the copy was initiated. A snapshot can be either a duplicate or a replicate of the data it represents.

Point-in-time copy: A fully usable copy of a defined collection of data that contains an image of the data as it appeared at a single point in time. The copy is considered to have logically occurred at that point in time, but implementations may perform part or all of the copy at other times (e.g., via database log replay or rollback), as long as the result is a consistent copy of the data as it appeared at that point in time. Implementations may restrict point-in-time copies to be read-only, or may permit subsequent writes to the copy. Three classes of point-in-time copies are split mirror, changed block, and concurrent. Pointer remapping and copy-on-write are implementation techniques often used for the latter two classes.

For more information about the use of these techniques see the SNIA Tutorial, “Storage Consolidation with IP Storage,” at www.snia.org/education/tutorials. More information about IP Storage is also available at www.snia.org/ipstorage.

Definitions’ source: The Dictionary of Storage Networking Terminology, SNIA.

This article was originally published on January 01, 2007