iSCSI SAN Topologies                                        Version 2.1• iSCSI SAN Topology Overview• TCP/IP and iSCSI Ove...
Copyright © 2011 - 2013 EMC Corporation. All rights reserved.    EMC believes the information in this publication is accur...
ContentsPreface..............................................................................................................
Contents               Chapter 3         iSCSI Solutions                                 Best practices .....................
ContentsSetting storage system failover values for the server  initiators with Unisphere ....................................
Contents6          iSCSI SAN Topologies TechBook
Figures     Title                                                                                                         ...
Figures               31       Devices ......................................................................................
Figures72    Log on to Target dialog box ........................................................................ 14073   ...
Figures10        iSCSI SAN Topologies TechBook
Preface                      This EMC Engineering TechBook provides a high-level overview of iSCSI                      SA...
Preface                                   E-Lab Interoperability Navigator database. Included under this tab              ...
Preface                  All of the following documentation and release notes can be found at                  EMC Online ...
Preface                                   architecting of solutions with WAN-Optimization appliances from                 ...
Preface                    Courier               Used for:                                          • System output, such ...
Preface                                   content, such as presentations, discussion, relevant Customer                   ...
1                                                                    TCP/IP TechnologyThis chapter provides a brief overvi...
TCP/IP Technology     TCP/IP overview                                 The Internet Protocol Suite is named from the first ...
TCP/IP TechnologyFigure 1   TCP header example           Figure 2 on page 19 defines the fields, size, and functions of th...
TCP/IP Technology     Internet Protocol                                 The Internet Protocol (IP) is the main communicati...
TCP/IP TechnologyTCP terminology                      This section provides information for TCP terminology. Acknowledgeme...
TCP/IP Technology                 Maximum         Each network interface has its own MTU that defines the largest         ...
TCP/IP Technology             DESTINATION PORT contain TCP port numbers that identify the             application programs...
TCP/IP Technology                                 from sending more data than the receiver can handle, thus causing       ...
TCP/IP TechnologyTCP error recovery                     In TCP, each source determines how much capacity is available in t...
TCP/IP Technology                                 starts by transmitting one segment and waiting for its ACK. When        ...
TCP/IP Technology           A TCP receiver generates ACKs on receipt of data segments. The           ACK contains the high...
TCP/IP Technology     TCP network congestion                                 A network link is said to be congested if con...
TCP/IP TechnologyIPv6                   Internet Protocol version 6 (IPv6) is a network layer protocol for                ...
TCP/IP Technology                                 The following features of IPv6 will be further discussed in this        ...
TCP/IP Technology                       Note: Stateless autoconfiguration is suitable only for hosts. Routers must be     ...
TCP/IP Technology                                 IPv6 deployment is primarily driven by IPv4 address space               ...
TCP/IP Technology                          IPv6 address. RFC 3041 specifies a mechanism by which time-varying             ...
TCP/IP Technology                                 This notation allows parsing a URL without confusing the IPv6           ...
TCP/IP Technology                        distance. Anycast addresses cannot be easily identified. They                    ...
TCP/IP Technology                                 ◆      ff00::/8 — The multicast prefix is used for multicast addresses[1...
TCP/IP TechnologyIPv6 packet                         A packet is a formatted block of data carried by a computer network. ...
TCP/IP Technology                                 The protocol field of IPv4 is replaced with a Next Header field. This   ...
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
TechBook: iSCSI SAN Topologies
Upcoming SlideShare
Loading in...5
×

TechBook: iSCSI SAN Topologies

1,150

Published on

This EMC Engineering TechBook provides a high-level overview of iSCSI SAN topologies and includes basic information about TCP/IP technologies and iSCSI solutions.

Published in: Technology, Education
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
1,150
On Slideshare
0
From Embeds
0
Number of Embeds
8
Actions
Shares
0
Downloads
127
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Transcript of "TechBook: iSCSI SAN Topologies "

  1. 1. iSCSI SAN Topologies Version 2.1• iSCSI SAN Topology Overview• TCP/IP and iSCSI Overview• Use Case ScenariosRon DharmaVinay JonnakutiJonghoon (Jason) Jeong
  2. 2. Copyright © 2011 - 2013 EMC Corporation. All rights reserved. EMC believes the information in this publication is accurate as of its publication date. The information is subject to change without notice. THE INFORMATION IN THIS PUBLICATION IS PROVIDED “AS IS.” EMC CORPORATION MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND WITH RESPECT TO THE INFORMATION IN THIS PUBLICATION, AND SPECIFICALLY DISCLAIMS IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Use, copying, and distribution of any EMC software described in this publication requires an applicable software license. EMC2, EMC, and the EMC logo are registered trademarks or trademarks of EMC Corporation in the United State and other countries. All other trademarks used herein are the property of their respective owners. For the most up-to-date regulator document for your product line, go to EMC Online Support (https://support.emc.com). Part number H8080.32 iSCSI SAN Topologies TechBook
  3. 3. ContentsPreface............................................................................................................................ 11Chapter 1 TCP/IP Technology TCP/IP overview.............................................................................. 18 Transmission Control Protocol ................................................ 18 Internet Protocol ........................................................................ 20 TCP terminology............................................................................... 21 TCP error recovery............................................................................ 25 TCP network congestion.................................................................. 28 IPv6 ..................................................................................................... 29 Features of IPv6.......................................................................... 29 Deployment status..................................................................... 31 Addressing.................................................................................. 32 IPv6 packet.................................................................................. 37 Transition mechanisms ............................................................. 38 Internet Protocol security (IPsec).................................................... 40 Tunneling and IPsec .................................................................. 40 IPsec terminology ...................................................................... 41Chapter 2 iSCSI Technology iSCSI technology overview.............................................................. 44 iSCSI discovery.................................................................................. 46 Static............................................................................................. 46 Send target .................................................................................. 46 iSNS.............................................................................................. 46 iSCSI error recovery.......................................................................... 47 iSCSI security..................................................................................... 48 Security mechanisms................................................................. 48 Authentication methods ........................................................... 49 iSCSI SAN Topologies TechBook 3
  4. 4. Contents Chapter 3 iSCSI Solutions Best practices ..................................................................................... 52 Network design ......................................................................... 52 Header and data digest............................................................. 52 EMC native iSCSI targets................................................................. 53 Symmetrix................................................................................... 53 VNX for Block and CLARiiON................................................ 54 Celerra Network Server............................................................ 55 VNX series for File..................................................................... 56 Configuring iSCSI targets ................................................................ 58 Bridged solutions.............................................................................. 60 Brocade........................................................................................ 60 Cisco ............................................................................................ 63 Summary............................................................................................ 69 Chapter 4 Use Case Scenarios Connecting an iSCSI Windows host to a VMAX array ............... 72 Configuring storage port flags and an IP address on a VMAX array ............................................................................ 72 Configuring LUN Masking on a VMAX array...................... 77 Configuring an IP address on a Windows host .................... 79 Configuring iSCSI on a Windows host................................... 81 Configuring Jumbo frames ...................................................... 97 Setting MTU on a Windows host ............................................ 97 Connecting an iSCSI Linux host to a VMAX array...................... 99 Configuring storage port flags and an IP address on a VMAX array .......................................................................... 100 Configuring LUN Masking on a VMAX array.................... 107 Configuring an IP address on a Linux host ......................... 110 Configuring CHAP on the Linux host.................................. 113 Configuring iSCSI on a Linux host using Linux iSCSI Initiator CLI ........................................................................... 113 Configuring Jumbo frames .................................................... 115 Setting MTU on a Linux host................................................. 115 Configuring the VNX for block 1 Gb/10 Gb iSCSI port ........... 117 Prerequisites ............................................................................. 117 Configuring storage system iSCSI front-end ports ............ 118 Assigning an IP address to each NIC or iSCSI HBA in a Windows Server 2008 .......................................................... 123 Configuring iSCSI initiators for a configuration without iSNS ........................................................................................ 126 Registering the server with the storage system .................. 1424 iSCSI SAN Topologies TechBook
  5. 5. ContentsSetting storage system failover values for the server initiators with Unisphere ..................................................... 144Configuring the storage group .............................................. 159iSCSI CHAP authentication.................................................... 172 iSCSI SAN Topologies TechBook 5
  6. 6. Contents6 iSCSI SAN Topologies TechBook
  7. 7. Figures Title Page1 TCP header example ...................................................................................... 192 TCP header fields, size, and functions ........................................................ 193 Slow start and congestion avoidance .......................................................... 264 Fast retransmit ................................................................................................ 275 IPv6 packet header structure ........................................................................ 376 iSCSI example ................................................................................................. 447 iSCSI header example .................................................................................... 458 iSCSI header fields, size, and functions ...................................................... 459 Celerra iSCSI configurations ......................................................................... 5510 VNX 5000 series iSCSI configuration .......................................................... 5611 VNX VG2 iSCSI configuration ..................................................................... 5712 iSCSI gateway service basic implementation ............................................. 6013 Supportable configuration example ............................................................ 6414 Windows host connected to a VMAX array with 1 G connectivity ........ 7215 EMC Symmetrix Manager Console, Directors ........................................... 7316 Set Port Attributes dialog box ...................................................................... 7417 Config Session tab .......................................................................................... 7518 My Active Tasks, Commit All ...................................................................... 7519 EMC Symmetrix Management Console, Storage Provisioning ............... 7820 Internet Protocol Version 6 (TCP/IPv6) Properties dialog box ............... 8021 Test connectivity ............................................................................................. 8022 iSCSI Initiator Properties window ............................................................... 8223 Discovery tab, Discover Portal ..................................................................... 8324 Discover Portal dialog box ............................................................................ 8425 Advanced Settings window .......................................................................... 8526 Target portals .................................................................................................. 8627 Targets tab ....................................................................................................... 8628 Connect to Target dialog box ........................................................................ 8729 Discovered targets .......................................................................................... 8730 Volume and Devices tab ................................................................................ 88 iSCSI SAN Topologies TechBook 7
  8. 8. Figures 31 Devices ............................................................................................................. 89 32 iSNS Server Properties window, storage ports .......................................... 90 33 Discovery tab .................................................................................................. 91 34 iSNS Server added ......................................................................................... 92 35 iSNS Server ...................................................................................................... 93 36 Linux hosts connected to a VMAX array with 10 G connectivity ........... 99 37 Set port attributes ......................................................................................... 101 38 Set Port Attributes dialog box .................................................................... 102 39 Config Session tab ........................................................................................ 103 40 My Active Tasks, Commit All .................................................................... 104 41 CHAP authentication .................................................................................. 105 42 Director Port CHAP Authentication Enable/Disable dialog box ......... 105 43 Director Port CHAP Authentication Set dialog box ............................... 106 44 EMC Symmetrix Management Console, Storage Provisioning ............ 108 45 Verify IP addresses ...................................................................................... 111 46 Test connectivity ........................................................................................... 113 47 Windows host connected to a VNX array with 1 G/ 10 G connectivity..................................................................................................... 117 48 Unisphere, System tab ................................................................................. 119 49 Message box .................................................................................................. 120 50 iSCSI Port Properties window .................................................................... 121 51 iSCSI Virtual Port Properties window ...................................................... 122 52 Warning message ......................................................................................... 123 53 Successful message ...................................................................................... 123 54 Control Panel, Network Connections window ....................................... 124 55 Local Area Connection Properties dialog box ......................................... 125 56 Internet Protocol Version 4 (TCP/IPv4) Properties dialog box ............ 126 57 EMC Unisphere Server Utility welcome window ................................... 128 58 EMC Unisphere Server Utility window, Configure iSCSI Connections.................................................................................................... 129 59 iSCSI Targets and Connections window .................................................. 130 60 Discover iSCSI targets on this subnet ....................................................... 131 61 Discover iSCSI targets for this target portal ............................................. 132 62 iSCSI Targets window ................................................................................. 133 63 Successful logon message ........................................................................... 134 64 Server registration window ........................................................................ 135 65 Successfully updated message ................................................................... 136 66 Microsoft iSCSI Initiator Properties dialog box ....................................... 137 67 Discovery tab ................................................................................................ 137 68 Add Target Portal dialog box ..................................................................... 138 69 Advanced Settings dialog box, General tab ............................................. 138 70 iSCSI Initiator Properties dialog box, Discovery tab .............................. 139 71 iSCSI Initiator Properties dialog box, Targets tab ................................... 1408 iSCSI SAN Topologies TechBook
  9. 9. Figures72 Log on to Target dialog box ........................................................................ 14073 Target, Connected ......................................................................................... 14174 EMC Unisphere Server Utility, welcome window .................................. 14275 Connected Storage Systems ........................................................................ 14376 Successfully updated message .................................................................... 14477 EMC Unisphere, Hosts tab .......................................................................... 14578 Start Wizard dialog box ............................................................................... 14679 Select Host dialog box .................................................................................. 14780 Select Storage System dialog box ............................................................... 14881 Specify Settings dialog box .......................................................................... 14982 Review and Commit Settings ..................................................................... 15183 Failover Setup Wizard Confirmation dialog box ..................................... 15284 Details from Operation dialog box ............................................................ 15385 EMC Unisphere, Hosts tab .......................................................................... 15486 Connectivity Status Window, Host Initiators tab .................................... 15487 Expanded hosts ............................................................................................. 15588 Edit Initiators window ................................................................................. 15589 Confirmation dialog box .............................................................................. 15790 Success confirmation message .................................................................... 15791 Connectivity Status window, Host Initiators tab ..................................... 15892 Initiator Information window ..................................................................... 15893 Select system .................................................................................................. 15994 Select Storage Groups .................................................................................. 16095 Storage Groups window .............................................................................. 16196 Create Storage dialog box ............................................................................ 16197 Confirmation dialog box .............................................................................. 16298 Storage Group, Properties ........................................................................... 16399 Hosts tab ........................................................................................................ 163100 Hosts to be Connected column .................................................................. 164101 Connect LUNs ............................................................................................... 165102 LUNs tab ........................................................................................................ 166103 Selected LUNs ............................................................................................... 167104 Confirmation dialog box .............................................................................. 167105 Success message box .................................................................................... 168106 Added LUNs ................................................................................................. 168107 Computer Management window ............................................................... 169108 Rescanned disks ............................................................................................ 170109 PowerPath icon ............................................................................................. 170110 EMC PowerPath Console screen ................................................................ 171111 Disks ............................................................................................................... 171 iSCSI SAN Topologies TechBook 9
  10. 10. Figures10 iSCSI SAN Topologies TechBook
  11. 11. Preface This EMC Engineering TechBook provides a high-level overview of iSCSI SAN topologies and includes basic information about TCP/IP technologies and iSCSI solutions. E-Lab would like to thank all the contributors to this document, including EMC engineers, EMC field personnel, and partners. Your contributions are invaluable. As part of an effort to improve and enhance the performance and capabilities of its product lines, EMC periodically releases revisions of its hardware and software. Therefore, some functions described in this document may not be supported by all versions of the software or hardware currently in use. For the most up-to-date information on product features, refer to your product release notes. If a product does not function properly or does not function as described in this document, please contact your EMC representative. Audience This TechBook is intended for EMC field personnel, including technology consultants, and for the storage architect, administrator, and operator involved in acquiring, managing, operating, or designing a networked storage environment that contains EMC and host devices.EMC Support Matrix For the most up-to-date information, always consult the EMC Support and E-Lab Matrix (ESM), available through E-Lab Interoperability Navigator Interoperability (ELN) at http://elabnavigator.EMC.com, under the PDFs and Navigator Guides tab. Under the PDFs and Guides tab resides a collection of printable resources for reference or download. All of the matrices, including the ESM (which does not include most software), are subsets of the iSCSI SAN Topologies TechBook 11
  12. 12. Preface E-Lab Interoperability Navigator database. Included under this tab are: ◆ The EMC Support Matrix, a complete guide to interoperable, and supportable, configurations. ◆ Subset matrices for specific storage families, server families, operating systems or software products. ◆ Host connectivity guides for complete, authoritative information on how to configure hosts effectively for various storage environments. Under the PDFs and Guides tab, consult the Internet Protocol pdf under the "Miscellaneous" heading for EMCs policies and requirements for the EMC Support Matrix. Related Related documents include: documentation ◆ The following documents, including this one, are available through the E-Lab Interoperability Navigator, Topology Resource Center tab, at http://elabnavigator.EMC.com. These documents are also available at the following location: http://www.emc.com/products/interoperability/topology-resource-center.htm • Backup and Recovery in a SAN TechBook • Building Secure SANs TechBook • Extended Distance Technologies TechBook • Fibre Channel over Ethernet (FCoE): Data Center Bridging (DCB) Concepts and Protocols TechBook • Fibre Channel over Ethernet (FCoE): Data Center Bridging (DCB) Case StudiesTechBook • Fibre Channel SAN Topologies TechBook • Networked Storage Concepts and Protocols TechBook • Networking for Storage Virtualization and RecoverPoint TechBook • WAN Optimization Controller Technologies TechBook • EMC Connectrix SAN Products Data Reference Manual • Legacy SAN Technologies Reference Manual • Non-EMC SAN Products Data Reference Manual ◆ EMC Support Matrix, available through E-Lab Interoperability Navigator at http://elabnavigator.EMC.com >PDFs and Guides ◆ RSA security solutions documentation, which can be found at http://RSA.com > Content Library12 iSCSI SAN Topologies TechBook
  13. 13. Preface All of the following documentation and release notes can be found at EMC Online Support at https://support.emc.com. EMC hardware documents and release notes include those on: ◆ Connectrix B series ◆ Connectrix MDS (release notes only) ◆ VNX series ◆ CLARiiON ◆ Celerra ◆ Symmetrix EMC software documents include those on: ◆ RecoverPoint ◆ Invista ◆ TimeFinder ◆ PowerPath The following E-Lab documentation is also available: ◆ Host Connectivity Guides ◆ HBA Guides For Cisco and Brocade documentation, refer to the vendor’s website. ◆ http://cisco.com ◆ http://brocade.comAuthors of this This TechBook was authored by Ron Dharma, Vinay Jonnakuti, and TechBook Jonghoon (Jason) Jeong , with contributions from EMC engineers, EMC field personnel, and partners. Ron Dharma is a Principal Integration Engineer and team-lead for Advance Product Solution group in E-Lab. Prior to joining EMC, Ron was a SCSI software engineer, spending almost 11 years resolving integration issues in multiple SAN components. He dabbled in almost every aspect of the SAN including storage virtualization, backup and recovery, point-in-time recovery, and distance extension. Ron provided the original information in this document, and works with other contributors to update and expand the content. Vinay Jonnakuti is a Sr. Corporate Systems Engineer in the EMC Unified Storage division, focusing on EMC VNX and VNXe products. Vinay works on pre-sales deliverables, including collaterals, customer presentations, customer beta testing and proof of concepts. He has been with EMC for over 5 years. Prior to his present role, Vinay worked in the EMC E-Lab, leading the qualification and iSCSI SAN Topologies TechBook 13
  14. 14. Preface architecting of solutions with WAN-Optimization appliances from various partners using various Replication technologies, including SRDF (GigE/FCIP), SAN-Copy, MirrorView, VPLEX, and RecoverPoint. Vinay also worked on Fibre Channel and iSCSI qualification on the VMAX Storage arrays. Jonghoon (Jason) Jeong is a Systems Integration Engineer and has been with EMC for over 5 years. Jonghoon works in E-Lab qualifying new CLARiiON/VNX, Invista, and PowerPath Migration Enabler releases. Conventions used in EMC uses the following conventions for special notices: this document IMPORTANT An important notice contains information essential to software or hardware operation. Note: A note presents information that is important, but not hazard-related. Typographical conventions EMC uses the following type style conventions in this document. Normal Used in running (nonprocedural) text for: • Names of interface elements (such as names of windows, dialog boxes, buttons, fields, and menus) • Names of resources, attributes, pools, Boolean expressions, buttons, DQL statements, keywords, clauses, environment variables, functions, utilities • URLs, pathnames, filenames, directory names, computer names, filenames, links, groups, service keys, file systems, notifications Bold Used in running (nonprocedural) text for: • Names of commands, daemons, options, programs, processes, services, applications, utilities, kernels, notifications, system calls, man pages Used in procedures for: • Names of interface elements (such as names of windows, dialog boxes, buttons, fields, and menus) • What user specifically selects, clicks, presses, or types Italic Used in all text (including procedures) for: • Full titles of publications referenced in text • Emphasis (for example a new term) • Variables14 iSCSI SAN Topologies TechBook
  15. 15. Preface Courier Used for: • System output, such as an error message or script • URLs, complete paths, filenames, prompts, and syntax when shown outside of running text Courier bold Used for: • Specific user input (such as commands) Courier italic Used in procedures for: • Variables on command line • User input variables <> Angle brackets enclose parameter or variable values supplied by the user [] Square brackets enclose optional values | Vertical bar indicates alternate selections - the bar means “or” {} Braces indicate content that you must specify (that is, x or y or z) ... Ellipses indicate nonessential information omitted from the exampleWhere to get help EMC support, product, and licensing information can be obtained on the EMC Online Support site as described next. Note: To open a service request through the EMC Online Support site, you must have a valid support agreement. Contact your EMC sales representative for details about obtaining a valid support agreement or to answer any questions about your account. Product information For documentation, release notes, software updates, or for information about EMC products, licensing, and service, go to the EMC Online Support site (registration required) at: https://support.EMC.com Technical support EMC offers a variety of support options. Support by Product — EMC offers consolidated, product-specific information on the Web at: https://support.EMC.com/products The Support by Product web pages offer quick links to Documentation, White Papers, Advisories (such as frequently used Knowledgebase articles), and Downloads, as well as more dynamic iSCSI SAN Topologies TechBook 15
  16. 16. Preface content, such as presentations, discussion, relevant Customer Support Forum entries, and a link to EMC Live Chat. EMC Live Chat — Open a Chat or instant message session with an EMC Support Engineer. eLicensing support To activate your entitlements and obtain your Symmetrix license files, visit the Service Center on https://support.EMC.com, as directed on your License Authorization Code (LAC) letter e-mailed to you. For help with missing or incorrect entitlements after activation (that is, expected functionality remains unavailable because it is not licensed), contact your EMC Account Representative or Authorized Reseller. For help with any errors applying license files through Solutions Enabler, contact the EMC Customer Support Center. If you are missing a LAC letter, or require further instructions on activating your licenses through the Online Support site, contact EMCs worldwide Licensing team at licensing@emc.com or call: ◆ North America, Latin America, APJK, Australia, New Zealand: SVC4EMC (800-782-4362) and follow the voice prompts. ◆ EMEA: +353 (0) 21 4879862 and follow the voice prompts. Wed like to hear from you! Your suggestions will help us continue to improve the accuracy, organization, and overall quality of the user publications. Send your opinions of this document to: techpubcomments@emc.com Your feedback on our TechBooks is important to us! We want our books to be as helpful and relevant as possible. Send us your comments, opinions, and thoughts on this or any other TechBook to: TechBooks@emc.com16 iSCSI SAN Topologies TechBook
  17. 17. 1 TCP/IP TechnologyThis chapter provides a brief overview of TCP/IP technology.◆ TCP/IP overview ............................................................................... 18◆ TCP terminology ................................................................................ 21◆ TCP error recovery............................................................................. 25◆ TCP network congestion................................................................... 28◆ IPv6....................................................................................................... 29◆ Internet Protocol security (IPsec) ..................................................... 40 TCP/IP Technology 17
  18. 18. TCP/IP Technology TCP/IP overview The Internet Protocol Suite is named from the first two networking protocols defined in this standard, each briefly described in this section: ◆ “Transmission Control Protocol” on page 18 ◆ “Internet Protocol” on page 20 Transmission Control Protocol The Transmission Control Protocol (TCP) provides a communication service between an application program and the Internet Protocol (IP). The entire suite is commonly referred to as TCP/IP. When an application program wants to send a large chunk of data across the Internet using IP, the software can issue a single request to TCP and let TCP handle the IP details. TCP is a connection-oriented transport protocol that guarantees reliable in-order delivery of a stream of bytes between the endpoints of a connection. TCP achieves this by assigning each byte of data a unique sequence number by maintaining timers, acknowledging received data through the use of acknowledgements (ACKs), and retransmitting data if necessary. Data can be transferred after a connection is established between the endpoints. The data stream that passes across the connection is considered a single sequence of eight-bit bytes, each of which is given a sequence number. TCP accepts data from a data stream, segments it into chunks, and adds a TCP header. A TCP header follows the internet header, supplying information specific to the TCP protocol. This division allows for the existence of host-level protocols other than TCP. Figure 1 on page 19 shows an example of a TCP header.18 iSCSI SAN Topologies TechBook
  19. 19. TCP/IP TechnologyFigure 1 TCP header example Figure 2 on page 19 defines the fields, size, and functions of the TCP header.Figure 2 TCP header fields, size, and functions TCP/IP overview 19
  20. 20. TCP/IP Technology Internet Protocol The Internet Protocol (IP) is the main communications protocol used for relaying datagrams (packets) across an internetwork using the Internet Protocol Suite. It is responsible for routing packets across network boundaries.20 iSCSI SAN Topologies TechBook
  21. 21. TCP/IP TechnologyTCP terminology This section provides information for TCP terminology. Acknowledgements The TCP acknowledgement scheme is cumulative as it acknowledges (ACKs) all the data received up until the time the ACK was generated. As TCP segments are not of uniform size and a TCP sender may retransmit more data than what was in a missing segment, ACKs do not acknowledge the received segment, rather they mark the position of the acknowledged data in the stream. The policy of cumulative acknowledgement makes the generation of ACKs easy and any loss of ACKs do not force the sender to retransmit data. The disadvantage is that the sender does not receive any detailed information about the data received except the position in the stream of the last byte that has been received. Delayed ACKs Delayed ACKs allow a TCP receiver to refrain from sending an ACK for each incoming segment. However, a receiver should send an ACK for every second full-sized segment that arrives. Furthermore, the standard mandates that a receiver must not withhold an ACK for more than 500 ms. The receivers should not delay ACKs that acknowledge out-of-order segments. Maximum segment The maximum segment size (MSS) is the maximum amount of data, size (MSS) specified in bytes, that can be transmitted in a segment between the two TCP endpoints. The MSS is decided by the endpoints, as they need to agree on the maximum segment they can handle. Deciding on a good MSS is important in a general inter-networking environment because this decision greatly affects performance. It is difficult to choose a good MSS value since a very small MSS means an underutilized network, whereas a very large MSS means large IP datagrams that may lead to IP fragmentation, greatly hampering the performance. An ideal MSS size would be when the IP datagrams are as large as possible without any fragmentation anywhere along the path from the source to the destination. When TCP sends a segment with the SYN bit set during connection establishment, it can send an optional MSS value up to the outgoing interface’s MTU minus the size of the fixed TCP and IP headers. For example, if the MTU is 1500 (Ethernet standard), the sender can advertise a MSS of 1460 (1500 minus 40). TCP terminology 21
  22. 22. TCP/IP Technology Maximum Each network interface has its own MTU that defines the largest transmission unit packet that it can transmit. The MTU of the media determines the (MTU) maximum size of the packets that can be transmitted without IP fragmentation. Retransmission A TCP sender starts a timer when it sends a segment and expects an acknowledgement for the data it sent. If the sender does not receive an acknowledgement for the data before the timer expires, it assumes that the data was lost or corrupted and retransmits the segment. Since the time required for the data to reach the receiver and for the acknowledgement to reach the sender is not constant (because of the varying Internet delays), an adaptive retransmission algorithm is used to monitor performance of each connection and conclude a reasonable value for timeout based on the round trip time. Selective TCP may experience poor performance when multiple packets are Acknowledgement lost from one window of data. With the limited information available (SACK) from cumulative acknowledgements, a TCP sender can only learn about a single lost packet per round trip time. An aggressive sender could choose to retransmit packets early, but such retransmitted segments may have already been successfully received. The Selective Acknowledgement (SACK) mechanism, combined with a selective repeat retransmission policy, helps to overcome these limitations. The receiving TCP sends back SACK packets to the sender confirming receipt of data and specifies the holes in the data that has been received. The sender can then retransmit only the missing data segments. The selective acknowledgment extension uses two TCP options. The first is an enabling option, SACKpermitted, which may be sent in a SYN segment to indicate that the SACK option can be used once the connection is established. The other is the SACK option itself, which may be sent over an established connection once permission has been given by SACKpermitted. TCP segment The TCP segments are units of transfer for TCP and used to establish a connection, transfer data, send ACKs, advertise window size, and close a connection. Each segment is divided into three parts: ◆ Fixed header of 20 bytes ◆ Optional variable length header, padded out to a multiple of 4 bytes ◆ Data The maximum possible header size is 60 bytes. The TCP header carries the control information. SOURCE PORT and22 iSCSI SAN Topologies TechBook
  23. 23. TCP/IP Technology DESTINATION PORT contain TCP port numbers that identify the application programs at the endpoints. The SEQUENCE NUMBER field identifies the position in the sender’s byte stream of the first byte of attached data, if any, and the ACKNOWLEDGEMENT NUMBER field identifies the number of the byte the source expects to receive next. The ACKNOWLEDGEMENT NUMBER field is valid only if the ACK bit in the CODE BITS field is set. The 6-bit CODE BITS field is used to determine the purpose and contents of the segment. The HLEN field specifies the total length of the fixed plus variable headers of the segment as a number of 32-bit words. TCP software advertises how much data it is willing to receive by specifying its buffer size in the WINDOW field. The CHECKSUM field contains a 16-bit integer checksum used to verify the integrity of the data as well as the TCP header and the header options. The TCP header padding is used to ensure that the TCP header ends and data begins on a 32-bit boundary. The padding is composed of zeros.TCP window A TCP window is the amount of data a sender can send without waiting for an ACK from the receiver. The TCP window is a flow control mechanism and ensures that no congestion occurs in the network. For example, if a pair of hosts are talking over a TCP connection that has a TCP window size of 64 KB, the sender can only send 64 KB of data and it must stop and wait for an acknowledgement from the receiver that some or all of the data has been received. If the receiver acknowledges that all the data has been received, the sender is free to send another 64 KB. If the sender gets back an acknowledgement from the receiver that it received the first 32 KB (which is likely if the second 32 KB was still in transit or it is lost), then the sender could only send another 32 KB since it cannot have more than 64 KB of unacknowledged data outstanding (the second 32 KB of data plus the third). The primary reason for the window is congestion control. The whole network connection, which consists of the hosts at both ends, the routers in between, and the actual connections themselves, might have a bottleneck somewhere that can only handle so much data so fast. The TCP window throttles the transmission speed down to a level where congestion and data loss do not occur. The factors affecting the window size are as follows: Receiver’s advertised window The time taken by the receiver to process the received data and send ACKs may be greater than the sender’s processing time, so it is necessary to control the transmission rate of the sender to prevent it TCP terminology 23
  24. 24. TCP/IP Technology from sending more data than the receiver can handle, thus causing packet loss. TCP introduces flow control by declaring a receive window in each segment header. Sender’s congestion window The congestion window controls the number of packets a TCP flow has in the network at any time. The congestion window is set using an Additive-Increase, Multiplicative-Decrease (AIMD) mechanism that probes for available bandwidth, dynamically adapting to changing network conditions. Usable window This is the minimum of the receiver’s advertised window and the sender’s congestion window. It is the actual amount of data that the sender is able to transmit. The TCP header uses a 16-bit field to report the receive window size to the sender. Therefore, the largest window that can be used is 2**16 = 65 KB. Window scaling The ordinary TCP header allocates only 16 bits for window advertisement. This limits the maximum window that can be advertised to 64 KB, limiting the throughput. RFC 1323 provides the window scaling option, to be able to advertise windows greater than 64 KB. Both the endpoints must agree to use window scaling during connection establishment. The window scale extension expands the definition of the TCP window to 32 bits and then uses a scale factor to carry this 32-bit value in the 16-bit Window field of the TCP header (SEG.WND in RFC-793). The scale factor is carried in a new TCP option, Window Scale. This option is sent only in a SYN segment (a segment with the SYN bit on), hence the window scale is fixed in each direction when a connection is opened.24 iSCSI SAN Topologies TechBook
  25. 25. TCP/IP TechnologyTCP error recovery In TCP, each source determines how much capacity is available in the network so it knows how many packets it can safely have in transit. Once a given source has this many packets in transit, it uses the arrival of an ACK as a signal that some of its packets have left the network and it is therefore safe to insert new packets into the network without adding to the level of congestion. TCP uses congestion control algorithms to determine the network capacity. From the congestion control point of view, a TCP connection is in one of the following states. ◆ Slow start: After a connection is established and after a loss is detected by a timeout or by duplicate ACKs. ◆ Fast recovery: After a loss is detected by fast retransmit. ◆ Congestion avoidance: In all other cases. Congestion avoidance and slow start work hand-in-hand. The congestion avoidance algorithm assumes that the chance of a packet being lost due to damage is very small. Therefore, the loss of a packet means there is congestion somewhere in the network between the source and destination. Occurrence of a timeout and the receipt of duplicate ACKs indicates packet loss. When congestion is detected in the network it is necessary to slow things down, so the slow start algorithm is invoked. Two parameters, the congestion window (cwnd) and a slow start threshold (ssthresh), are maintained for each connection. When a connection is established, both of these parameters are initialized. The cwnd is initialized to one MSS. The ssthresh is used to determine whether the slow start or congestion avoidance algorithm is to be used to control data transmission. The initial value of ssthresh may be arbitrarily high (usually ssthresh is initialized to 65535 bytes), but it may be reduced in response to congestion. The slow start algorithm is used when cwnd is less than ssthresh, while the congestion avoidance algorithm is used when cwnd is greater than ssthresh. When cwnd and ssthresh are equal, the sender may use either slow start or congestion avoidance. TCP never transmits more than the minimum of cwnd and the receiver’s advertised window. When a connection is established, or if congestion is detected in the network, TCP is in slow start and the congestion window is initialized to one MSS. Each time an ACK is received, the congestion window is increased by one MSS. The sender TCP error recovery 25
  26. 26. TCP/IP Technology starts by transmitting one segment and waiting for its ACK. When that ACK is received, the congestion window is incremented from one to two, and two segments can be sent. When each of those two segments is acknowledged, the congestion window is increased to four, and so on. The window size increases exponentially during slow start as shown in Figure 3. When a time-out occurs or a duplicate ACK is received, ssthresh is reset to one half of the current window (that is, the minimum of cwnd and the receivers advertised window). If the congestion was detected by an occurrence of a timeout, the cwnd is set to one MSS. When an ACK is received for data transmitted, the cwnd is increased. However, the way it is increased depends on whether TCP is performing slow start or congestion avoidance. If the cwnd is less than or equal to the ssthresh, TCP is in slow start and slow start continues until TCP is halfway to where it was when congestion occurred, then congestion avoidance takes over. Congestion avoidance increments the cwnd by MSS squared divided by cwnd (in bytes) each time an ACK is received, increasing the cwnd linearly as shown in Figure 3. This provides a close approximation to increasing cwnd by, at most, one MSS per RTT. Congestion avoidance: Linear growth of cwnd cwnd ssthresh Slow start: Exponential growth of cwnd RTT SYM-001457 Figure 3 Slow start and congestion avoidance26 iSCSI SAN Topologies TechBook
  27. 27. TCP/IP Technology A TCP receiver generates ACKs on receipt of data segments. The ACK contains the highest contiguous sequence number the receiver expects to receive next. This informs the sender of the in-order data that was received by the receiver. When the receiver receives a segment with a sequence number greater than the sequence number it expected to receive, it detects the out-of-order segment and generates an immediate ACK with the last sequence number it has received in-order (that is, a duplicate ACK). This duplicate ACK is not delayed. Since the sender does not know if this duplicate ACK is a result of a lost packet or an out-of-order delivery, it waits for a small number of duplicate ACKs, assuming that if the packets are only reordered there will be only one or two duplicate ACKs before the reordered segment is received and processed and a new ACK is generated. If three or more duplicate ACKs are received in a row, it implies there has been a packet loss. At that point, the TCP sender retransmits this segment without waiting for the retransmission timer to expire. This is known as fast retransmit (Figure 4). After fast retransmit has sent the supposedly missing segment, the congestion avoidance algorithm is invoked instead of the slow start; this is called fast recovery. Receipt of a duplicate ACK implies that not only is a packet lost, but that there is data still flowing between the two ends of TCP, as the receiver will only generate a duplicate ACK on receipt of another segment. Hence, fast recovery allows high throughput under moderate congestion. 23 lost in the network Send segments 21 - 26 Received segment 21 and 22 Receive ACK for 21 send ACK for 21 and 22 and 22 expecting 23 Received 3 duplicate ACKs expecting 23 Received 24 still expecting 23 send Retransmit 23 a duplicate ACK Received 25 still expecting 23 send a duplecate ACK Received ACK for 26 expecting 27 Received 26 still expecting 23 send a duplicate ACK GEN-000299Figure 4 Fast retransmit TCP error recovery 27
  28. 28. TCP/IP Technology TCP network congestion A network link is said to be congested if contention for it causes queues to build up and packets start getting dropped. The TCP protocol detects these dropped packets and starts retransmitting them, but using aggressive retransmissions to compensate for packet loss tends to keep systems in a state of network congestion even after the initial load has been reduced to a level which would not normally have induced network congestion. In this situation, demand for link bandwidth (and eventually queue space), outstrips what is available. When congestion occurs, all the flows that detect it must reduce their transmission rate. If they do not do so, the network will remain in an unstable state with queues continuing to build up.28 iSCSI SAN Topologies TechBook
  29. 29. TCP/IP TechnologyIPv6 Internet Protocol version 6 (IPv6) is a network layer protocol for packet-switched internets. It is designated as the successor of IPv4. Note: For the most up-to-date support information, always refer to the EMC Support Matrix > PDF and Guides > Miscellaneous> Internet Protocol. Note: The information in this section was acquired from Wikipedia.org, August 2007, which provides further details on many of these topics. The main improvement of IPv6 is the increase in the number of addresses available for networked devices. IPv4 supports 232 (about 4.3 billion) addresses. In comparison, IPv6 supports 2128 (about 34×1037) addresses, or approximately 5×1028 addresses for each of roughly 6.5 billion people. However, that is not the intention of the designers. The extended address length simplifies operational considerations, including dynamic address assignment and router decision-making. It also avoids many complex workarounds that were necessary in IPv4, such as Classless Inter-Domain Routing (CIDR). Its simplified packet header format improves the efficiency of forwarding in routers. More information on this topic is provided in “Larger address space” on page 30 and “Addressing” on page 32. This section contains the following information: ◆ “Features of IPv6” on page 29 ◆ “Deployment status” on page 31 ◆ “Addressing” on page 32 ◆ “IPv6 packet” on page 37 ◆ “Transition mechanisms” on page 38Features of IPv6 To a great extent, IPv6 is a conservative extension of IPv4. Most transport- and application-layer protocols need little or no change to work over IPv6. The few exceptions are applications protocols that embed network-layer addresses (such as FTP or NTPv3). Applications, however, usually need small changes and a recompile in order to run over IPv6. IPv6 29
  30. 30. TCP/IP Technology The following features of IPv6 will be further discussed in this section: ◆ “Larger address space” on page 30 ◆ “Stateless autoconfiguration of hosts” on page 30 ◆ “Multicast” on page 31 ◆ “Jumbograms” on page 31 ◆ “Network-layer security” on page 31 ◆ “Mobility” on page 31 Larger address space The main feature of IPv6 is the larger address space: 128 bits long (versus 32 bits in IPv4). The larger address space avoids the potential exhaustion of the IPv4 address space without the need for network address translation (NAT) and other devices that break the end-to-end nature of Internet traffic. Note: In rare cases, NAT may still be necessary, but it will be difficult in IPv6 so should be avoided whenever possible. It also makes administration of medium and large networks simpler, by avoiding the need for complex subnetting schemes. Ideally, subnetting will revert to its original purpose of logical segmentation of an IP network for optimal routing and access. There are a few drawbacks to larger addresses. For instance, in regions where bandwidth is limited, IPv6 carries some bandwidth overhead over IPv4. However, header compression can sometimes be used to alleviate this problem. IPv6 addresses are also harder to memorize than IPv4 addresses, which are, in turn, harder to memorize than Domain Name System (DNS) names. DNS protocols have been modified to support IPv6 as well as IPv4. For more information, refer to “Addressing” on page 32. Stateless IPv6 hosts can be automatically configured when connected to a autoconfiguration of routed IPv6 network. When first connected to a network, a host sends hosts a link-local (automatic configuration of IP addresses) multicast (broadcast) request for its configuration parameters. If configured suitably, routers respond to such a request with a router advertisement packet that contains network-layer configuration parameters. If IPv6 autoconfiguration is not suitable, a host can use stateful autoconfiguration (DHCPv6) or be configured manually.30 iSCSI SAN Topologies TechBook
  31. 31. TCP/IP Technology Note: Stateless autoconfiguration is suitable only for hosts. Routers must be configured manually or by other means. Multicast Network infrastructures, in most environments, are not configured to route multicast. The link-scoped aspect of multicast (that is, on a single subnet) will work but the site-scope, organization-scope, and global-scope multicast will not be routed. IPv6 does not have a link-local broadcast facility. The same effect can be achieved by multicasting to the all-hosts group (FF02::1). The m6bone is catering for deployment of a global IPv6 multicast network. Jumbograms IPv6 has optional support for packets over the IPv4 limit of 64 KB when used between capable communication partners and on communication links with a maximum transmission unit larger than 65,576 octets. These are referred to as jumbograms and can be as large as 4 GB. The use of jumbograms may improve performance over high-MTU (Maximum Transmission Unit) networks. An optional feature of IPv6, the jumbo payload option, allows the exchange of packets larger than this size between cooperating hosts. Network-layer IP security (IPsec), the protocol for IP network-layer encryption and security authentication, is an integral part of the base protocol suite in IPv6. In IPv4, this is optional (although usually implemented). IPsec is not widely deployed except for securing traffic between IPv6 Border Gateway Protocol (BGP) routers (the core routing protocol of the Internet). Mobility Mobile IPv6 (MIPv6) avoids triangular routing and is as efficient as normal IPv6. This advantage is mostly hypothetical, since neither MIP nor MIPv6 are widely deployed.Deployment status As of December 2005, IPv6 accounts for only a small percentage of the live addresses in the Internet, which is still dominated by IPv4. Many of the features of IPv6 have been ported to IPv4, with the exception of stateless autoconfiguration, more flexible addressing, and Secure Neighbor Discovery (SEND). IPv6 31
  32. 32. TCP/IP Technology IPv6 deployment is primarily driven by IPv4 address space exhaustion, which has been slowed by the introduction of classless inter-domain routing (CIDR) and the extensive use of network address translation (NAT). Estimates as to when the pool of available IPv4 addresses will be exhausted vary widely, ranging from around 2011 (2005 report by Cisco Systems) to Paul Wilson’s (director of APNIC) prediction of 2023. To prepare for the inevitable, a number of governments are starting to require support for IPv6 in new equipment. The U.S. Government, for example, has specified that the network backbones of all federal agencies must deploy IPv6 by 2008 and bought 247 billion IPv6 addresses to begin the deployment. The People’s Republic of China has a 5-year plan for deployment of IPv6, called the “China Next Generation Internet.” Addressing The following subjects are briefly discussed in this section: ◆ “128-bit length” on page 32 ◆ “Notation” on page 33 ◆ “Literal IPv6 addresses in URLs” on page 33 ◆ “Network notation” on page 34 ◆ “Types of IPv6 addresses” on page 34 ◆ “Special addresses” on page 35 ◆ “Zone indices” on page 36 128-bit length The primary change from IPv4 to IPv6, as discussed in “Larger address space” on page 30, is the length of network addresses. IPv6 addresses are 128-bits long (as defined by RFC 4291), compared to IPv4 addresses, which are 32 bits. IPv6 has enough room for 3.4×1038 unique addresses, while the IPv4 address space contains about 4 billion addresses. IPv6 addresses are typically composed of two logical parts: a 64-bit (sub-)network prefix and a 64-bit host part, which is either automatically generated from the interfaces Media Access Control (MAC) address or assigned sequentially. Globally unique MAC addresses offer an opportunity to track user equipment (and thus users) across time and IPv6 address changes. In order to restore some of the anonymity existing in the IPv4, RFC 3041 was developed to reduce the prospect of user identity being permanently tied to an32 iSCSI SAN Topologies TechBook
  33. 33. TCP/IP Technology IPv6 address. RFC 3041 specifies a mechanism by which time-varying random bit strings can be used as interface circuit identifiers, replacing unchanging and traceable MAC addresses. Notation IPv6 addresses are normally written as eight groups of four hexadecimal digits. For example, the following is a valid IPv6 address: 2001:0db8:85a3:08d3:1319:8a2e:0370:7334 If one or more four-digit group(s) is 0000, the zeros may be omitted and replaced with two colons(::). For example, 2001:0db8:0000:0000:0000:0000:1428:57ab can be shortened to 2001:0db8::1428:57ab. Following this rule, any number of consecutive 0000 groups may be reduced to two colons, as long as there is only one double colon used in an address. Leading zeros in a group can also be omitted (as in ::1 for localhost). For example, the following addresses are all valid and equivalent: 2001:0db8:0000:0000:0000:0000:1428:57ab 2001:0db8:0000:0000:0000::1428:57ab 2001:0db8:0:0:0:0:1428:57ab 2001:0db8:0:0::1428:57ab 2001:0db8::1428:57ab 2001:db8::1428:57ab Note: Having more than one double-colon abbreviation in an address is invalid, as it would make the notation ambiguous. A sequence of 4 bytes at the end of an IPv6 address can also be written in decimal, using dots as separators. This notation is often used with compatibility addresses. For example, the following two addresses are the same: ::ffff:1.2.3.4 ::ffff:0102:0304 and 0:0:0:0:0:ffff:0102:0304. Additional information can be found in RFC 4291 — IP Version 6 Addressing Architecture.Literal IPv6 addresses In a URL the IPv6-Address is enclosed in brackets. For example: in URLs http://[2001:0db8:85a3:08d3:1319:8a2e:0370:7344]/ IPv6 33
  34. 34. TCP/IP Technology This notation allows parsing a URL without confusing the IPv6 address and port number: https://[2001:0db8:85a3:08d3:1319:8a2e:0370:7344]:443/ Additional information can be found in RFC 2732 — Format for Literal IPv6 Addresses in URLs and RFC 3986 — Uniform Resource Identifier (URI): Generic Syntax. Network notation IPv6 networks are written using Classless Inter-Domain Routing (CIDR) notation. An IPv6 network (or subnet) is a contiguous group of IPv6 addresses, the size of which must be a power of two. The initial bits of addresses, identical for all hosts in the network, are called the networks prefix. A network is denoted by the first address in the network and the size in bits of the prefix (in decimal), separated with a slash. For example: 2001:0db8:1234::/48 stands for the network with addresses: 2001:0db8:1234:0000:0000:0000:0000:0000 through 2001:0db8:1234:FFFF:FFFF:FFFF:FFFF:FFFF Because a single host can be seen as a network with a 128-bit prefix, you will sometimes see host addresses written followed with: /128. Types of IPv6 IPv6 addresses are divided into the following three categories: addresses ◆ Unicast Addresses — Identifies a single network interface. A packet sent to a unicast address is delivered to that specific computer. ◆ Multicast Addresses — Used to define a set of interfaces that typically belong to different nodes instead of just one. When a packet is sent to a multicast address, the protocol delivers the packet to all interfaces identified by that address. Multicast addresses begin with the prefix FF00::/8. Their second octet identifies the addresses scope, that is, the range over which the multicast address is propagated. Commonly used scopes include link-local (2), site-local (5), and global (E). ◆ Anycast Addresses — Also assigned to more than one interface, belonging to different nodes. However, a packet sent to an anycast address is delivered to just one of the member interfaces, typically the “nearest” according to the routing protocol’s idea of34 iSCSI SAN Topologies TechBook
  35. 35. TCP/IP Technology distance. Anycast addresses cannot be easily identified. They have the structure of normal unicast addresses, and differ only by being injected into the routing protocol at multiple points in the network.Special addresses There are a number of addresses with special meaning in IPv6: ◆ ::/128 — The address with all zeros is an unspecified address, and is to be used only in software. ◆ ::1/128 — The loopback address is a localhost address. If an application in a host sends packets to this address, the IPv6 stack will loop these packets back to the same host (corresponding to 127.0.0.1 in IPv4). ◆ ::/96 — The zero prefix was used for IPv4-compatible addresses. It is now obsolete. ◆ ::ffff:0:0/96 — This prefix is used for IPv4 mapped addresses (see “Transition mechanisms” on page 38). ◆ 2001:db8::/32 — This prefix is used in documentation (RFC 3849). Addresses from this prefix should be used anywhere an example IPv6 address is given. ◆ 2002::/16 — This prefix is used for 6to4 addressing. ◆ fc00::/7 — Unique Local Addresses (ULA) are routable only within a set of cooperating sites. They were defined in RFC 4193 as a replacement for site-local addresses. The addresses include a 40-bit pseudorandom number that minimizes the risk of conflicts if sites merge or packets somehow leak out. This address space is split into two parts: • fc00::/8 — ULA Central, currently not used as the draft is expired. • fd00::/8 — ULA, as per RFC 4193, Generator and unofficial registry. ◆ fe80::/64 — The link-local prefix specifies that the address is valid only in the local physical link. This is analogous to the Autoconfiguration IP address 169.254.0.0/16 in IPv4. ◆ fec0::/10 — The site-local prefix specifies that the address is valid only inside the local organization. Note: Its use has been deprecated in September 2004 by RFC 3879 and systems must not support this special type of address. IPv6 35
  36. 36. TCP/IP Technology ◆ ff00::/8 — The multicast prefix is used for multicast addresses[10] as defined by in "IP Version 6 Addressing Architecture" (RFC 4291). There are no address ranges reserved for broadcast in IPv6. Instead, applications use multicast to the all-hosts group. IANA maintains the official list of the IPv6 address space. Global unicast assignments can be found at the various RIRs or at the Ghost Route Hunter (GRH) DFP pages. Zone indices Link-local addresses present a particular problem for systems with multiple interfaces. Because each interface may be connected to different networks and the addresses all appear to be on the same subnet, an ambiguity arises that cannot be solved by routing tables. For example, host A has two interfaces that automatically receive link-local addresses when activated (per RFC 2462): fe80::1/64 and fe80::2/64), only one of which is connected to the same physical network as host B which has address fe80::3/64. If host A attempts to contact fe80::3, how does it know which interface (fe80::1 or fe80::2) to use? The solution, defined by RFC 4007, is the addition of a unique zone index for the local interface, represented textually in the form <address>%<zone_id>. For example: http://[fe80::1122:33ff:fe11:2233%eth0]:80/ However, this may cause the following problems due to clashing with the percent-encoding used with URIs. ◆ Microsoft Windows IPv6 stack uses numeric zone IDs: fe80::3%1 ◆ BSD applications typically use the interface name as a zone ID: fe80::3%pcn0 ◆ Linux applications also typically use the interface name as a zone ID: fe80::3%eth0, although Linux ifconfig as of version 1.42 (part of net-tools 1.60) does not display zone IDs. Relatively few IPv6-capable applications understand zone ID syntax (with the notable exception of OpenSSH), rendering link-local addresses unusable within them if multiple interfaces use link-local addresses.36 iSCSI SAN Topologies TechBook
  37. 37. TCP/IP TechnologyIPv6 packet A packet is a formatted block of data carried by a computer network. Figure 5 shows the structure of an IPv6 packet header. Figure 5 IPv6 packet header structure The IPv6 packet is composed of two main parts: ◆ Header The header is in the first 40 octets (320 bits) of the packet and contains: • Both source and destination addresses (128 bits each) • Version (4-bit IP version) • Traffic class (8 bits, Packet Priority) • Flow label (20 bits, QoS management) • Payload length in bytes (16 bits) • Next header (8 bits) • Hop limit (8 bits, time to live) ◆ Payload The payload can be up to 64 KB in size in standard mode, or larger with a jumbo payload option (refer to “Jumbograms” on page 31). Fragmentation is handled only in the sending host in IPv6. Routers never fragment a packet, and hosts are expected to use Path MTU (PMTU) discovery. IPv6 37
  38. 38. TCP/IP Technology The protocol field of IPv4 is replaced with a Next Header field. This field usually specifies the transport layer protocol used by a packets payload. In the presence of options, however, the Next Header field specifies the presence of an Extra Options header, which then follows the IPv6 header. The payloads protocol itself is specified in a field of the Options header. This insertion of an extra header to carry options is analogous to the handling of AH and Encapsulating Security Payload (ESP) in IPsec for both IPv4 and IPv6. Transition mechanisms Until IPv6 completely supplants IPv4, which is not likely to happen in the near future, a number of so-called transition mechanisms are needed to enable IPv6-only hosts to reach IPv4 services and to allow isolated IPv6 hosts and networks to reach the IPv6 Internet over the IPv4 infrastructure. The following transition mechanisms are briefly discussed in this section. ◆ “Dual stack” on page 38 ◆ “Tunneling” on page 38 ◆ “Automatic tunneling” on page 39 ◆ “Configured tunneling” on page 39 ◆ “Proxying and translation” on page 39 Dual stack Since IPv6 is a conservative extension of IPv4, it is relatively easy to write a network stack that supports both IPv4 and IPv6 while sharing most of the code. Such an implementation is called a dual stack. A host implementing a dual stack is called a dual-stack host. This approach is described in RFC 4213. Most current implementations of IPv6 use a dual stack. Some early experimental implementations used independent IPv4 and IPv6 stacks. There are no known implementations that implement IPv6 only. Tunneling In order to reach the IPv6 Internet, an isolated host or network must be able to use the existing IPv4 infrastructure to carry IPv6 packets. This is done using a technique somewhat misleadingly known as tunnelling that consists of encapsulating IPv6 packets within IPv4, in effect using IPv4 as a link layer for IPv6. IPv6 packets can be directly encapsulated within IPv4 packets using protocol number 41. They can also be encapsulated within UDP38 iSCSI SAN Topologies TechBook

×