Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News

8/4/2010
10:15 AM
George Crump
George Crump
Commentary
50%
50%

The Truth About iSCSI

Over the next several entries we are going to explore several of the protocols that are available to IT managers as they try to select a protocol for use in their environments. First up is iSCSI. The protocol it seems most will look to first because it is believed to be both cost effective and easier to use then the currently more commonplace fibre channel. The truth about iSCSI though is that it is a real storage protocol and it needs to be treated like one.

Over the next several entries we are going to explore several of the protocols that are available to IT managers as they try to select a protocol for use in their environments. First up is iSCSI. The protocol it seems most will look to first because it is believed to be both cost effective and easier to use then the currently more commonplace fibre channel. The truth about iSCSI though is that it is a real storage protocol and it needs to be treated like one.iSCSI encapsulates SCSI commands into an IP packet and transmits them across an Ethernet network. The encapsulation can be done by a software agent on the server operating system (OS) and most OS's now have that capability. The advantage of the software based version of iSCSI is it keeps costs down. The initiator agent in most cases comes free with the OS. The encapsulation process though, when done in software, does take CPU resources and may impact performance if the server is already CPU constrained. That is not the case for most servers today. We don't see using an iSCSI software driver on a server as a big consumer of CPU resources anymore.

On the storage side, often called the target, there needs to be something that either converts iSCSI to some other protocol like fibre or SCSI, but more commonly today the storage system itself is native iSCSI. When configuring the devices the iSCSI agent will query the iSCSI storage system for a list of available volumes and then you can select which volume should be assigned to that server.

All of this connectivity then happens with Ethernet as the interconnecting infrastructure. Which today, especially in the 1GbE form, can be had for very little investment. Most businesses and data centers will be learning how to interconnect via an Ethernet infrastructure long before they need storage interconnectivity. iSCSI's theoretical advantage then is that when the time comes for shared storage, the IT staff already knows the infrastructure part and half the job is complete. Now they just need to learn storage.

While iSCSI does have its advantages is also has some potential unknowns that need to either be worked around or avoided. The first is that this is a real storage protocol and needs to be treated like one. That means it really should be on its own network either physically or logically. Otherwise storage traffic can congest the standard network and cause performance or reliability issues. Having storage on its own network makes it easier to diagnose problems with either network.

iSCSI may start out simple but as it scales it can become challenging. Fine tuning an IP network for maximum performance requires experience and understanding. Care must be taken when selecting ethernet cards and switches to make sure that they can support the full speed that you are implementing. Many low end switches for example, are not designed to have all or even most of the ports running full speed at the same time. They are counting on bandwidth use being random between ports and only a few needing full speed at any point in time. The problem is though flooding all available ports with traffic is entirely possible in a storage environment. For example when doing a backup from servers with iSCSI attached servers to an iSCSI attached disk backup. Keeping these networks separate and making sure the components will support a fully active data path are critical.

Performance is another scaling concern. Most iSCSI storage environments are still 1GbE based, even newer ones. 1GbE is more readily available and costs, usually a key iSCSI motivator, are significantly less expensive than the 10GbE alternative. For some, especially smaller environments, 1GbE is all the storage I/O they will ever need most of the time. For others they will look at using multiple 1GbE connections from the servers to increase performance or they will look at 10GbE. In the multi-1GbE configurations make sure that your iSCSI initiator will support that configuration and you don't see a big performance drop-off going to the second interface card. Also see if those cards can be used in an active-active fashion not only as a failover. If you decide to invest in 10GbE make sure that everything else in the environment can keep up with the 10GbE connection. Many environments have trouble getting full line speed performance out of a 10GbE connection and end up only being able to use 30 to 40% of available bandwidth.

iSCSI has its roll to play in the enterprise and in the SMB, it can drive down costs but does have some limitations that can be worked around or avoided. Knowing these will help you make the right protocol selection for your shared storage environment.

Track us on Twitter: http://twitter.com/storageswiss

Subscribe to our RSS feed.

George Crump is lead analyst of Storage Switzerland, an IT analyst firm focused on the storage and virtualization segments. Find Storage Switzerland's disclosure statement here.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
DevSecOps: The Answer to the Cloud Security Skills Gap
Lamont Orange, Chief Information Security Officer at Netskope,  11/15/2019
Attackers' Costs Increasing as Businesses Focus on Security
Robert Lemos, Contributing Writer,  11/15/2019
TPM-Fail: What It Means & What to Do About It
Ari Singer, CTO at TrustPhi,  11/19/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: -when I told you that our cyber-defense was from another age
Current Issue
Navigating the Deluge of Security Data
In this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-5541
PUBLISHED: 2019-11-20
VMware Workstation (15.x before 15.5.1) and Fusion (11.x before 11.5.1) contain an out-of-bounds write vulnerability in the e1000e virtual network adapter. Successful exploitation of this issue may lead to code execution on the host from the guest or may allow attackers to create a denial-of-service...
CVE-2019-5542
PUBLISHED: 2019-11-20
VMware Workstation (15.x before 15.5.1) and Fusion (11.x before 11.5.1) contain a denial-of-service vulnerability in the RPC handler. Successful exploitation of this issue may allow attackers with normal user privileges to create a denial-of-service condition on their own VM.
CVE-2010-4660
PUBLISHED: 2019-11-20
Unspecified vulnerability in statusnet through 2010 due to the way addslashes are used in SQL string escapes..
CVE-2011-0529
PUBLISHED: 2019-11-20
Weborf before 0.12.5 is affected by a Denial of Service (DOS) due to malformed fields in HTTP.
CVE-2019-10765
PUBLISHED: 2019-11-20
iobroker.admin before 3.6.12 allows attacker to include file contents from outside the `/log/file1/` directory.