Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News

8/4/2010
10:15 AM
George Crump
George Crump
Commentary
50%
50%

The Truth About iSCSI

Over the next several entries we are going to explore several of the protocols that are available to IT managers as they try to select a protocol for use in their environments. First up is iSCSI. The protocol it seems most will look to first because it is believed to be both cost effective and easier to use then the currently more commonplace fibre channel. The truth about iSCSI though is that it is a real storage protocol and it needs to be treated like one.

Over the next several entries we are going to explore several of the protocols that are available to IT managers as they try to select a protocol for use in their environments. First up is iSCSI. The protocol it seems most will look to first because it is believed to be both cost effective and easier to use then the currently more commonplace fibre channel. The truth about iSCSI though is that it is a real storage protocol and it needs to be treated like one.iSCSI encapsulates SCSI commands into an IP packet and transmits them across an Ethernet network. The encapsulation can be done by a software agent on the server operating system (OS) and most OS's now have that capability. The advantage of the software based version of iSCSI is it keeps costs down. The initiator agent in most cases comes free with the OS. The encapsulation process though, when done in software, does take CPU resources and may impact performance if the server is already CPU constrained. That is not the case for most servers today. We don't see using an iSCSI software driver on a server as a big consumer of CPU resources anymore.

On the storage side, often called the target, there needs to be something that either converts iSCSI to some other protocol like fibre or SCSI, but more commonly today the storage system itself is native iSCSI. When configuring the devices the iSCSI agent will query the iSCSI storage system for a list of available volumes and then you can select which volume should be assigned to that server.

All of this connectivity then happens with Ethernet as the interconnecting infrastructure. Which today, especially in the 1GbE form, can be had for very little investment. Most businesses and data centers will be learning how to interconnect via an Ethernet infrastructure long before they need storage interconnectivity. iSCSI's theoretical advantage then is that when the time comes for shared storage, the IT staff already knows the infrastructure part and half the job is complete. Now they just need to learn storage.

While iSCSI does have its advantages is also has some potential unknowns that need to either be worked around or avoided. The first is that this is a real storage protocol and needs to be treated like one. That means it really should be on its own network either physically or logically. Otherwise storage traffic can congest the standard network and cause performance or reliability issues. Having storage on its own network makes it easier to diagnose problems with either network.

iSCSI may start out simple but as it scales it can become challenging. Fine tuning an IP network for maximum performance requires experience and understanding. Care must be taken when selecting ethernet cards and switches to make sure that they can support the full speed that you are implementing. Many low end switches for example, are not designed to have all or even most of the ports running full speed at the same time. They are counting on bandwidth use being random between ports and only a few needing full speed at any point in time. The problem is though flooding all available ports with traffic is entirely possible in a storage environment. For example when doing a backup from servers with iSCSI attached servers to an iSCSI attached disk backup. Keeping these networks separate and making sure the components will support a fully active data path are critical.

Performance is another scaling concern. Most iSCSI storage environments are still 1GbE based, even newer ones. 1GbE is more readily available and costs, usually a key iSCSI motivator, are significantly less expensive than the 10GbE alternative. For some, especially smaller environments, 1GbE is all the storage I/O they will ever need most of the time. For others they will look at using multiple 1GbE connections from the servers to increase performance or they will look at 10GbE. In the multi-1GbE configurations make sure that your iSCSI initiator will support that configuration and you don't see a big performance drop-off going to the second interface card. Also see if those cards can be used in an active-active fashion not only as a failover. If you decide to invest in 10GbE make sure that everything else in the environment can keep up with the 10GbE connection. Many environments have trouble getting full line speed performance out of a 10GbE connection and end up only being able to use 30 to 40% of available bandwidth.

iSCSI has its roll to play in the enterprise and in the SMB, it can drive down costs but does have some limitations that can be worked around or avoided. Knowing these will help you make the right protocol selection for your shared storage environment.

Track us on Twitter: http://twitter.com/storageswiss

Subscribe to our RSS feed.

George Crump is lead analyst of Storage Switzerland, an IT analyst firm focused on the storage and virtualization segments. Find Storage Switzerland's disclosure statement here.

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Oldest First  |  Newest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 8/3/2020
Pen Testers Who Got Arrested Doing Their Jobs Tell All
Kelly Jackson Higgins, Executive Editor at Dark Reading,  8/5/2020
New 'Nanodegree' Program Provides Hands-On Cybersecurity Training
Nicole Ferraro, Contributing Writer,  8/3/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Changing Face of Threat Intelligence
The Changing Face of Threat Intelligence
This special report takes a look at how enterprises are using threat intelligence, as well as emerging best practices for integrating threat intel into security operations and incident response. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-17452
PUBLISHED: 2020-08-09
flatCore before 1.5.7 allows upload and execution of a .php file by an admin.
CVE-2020-17451
PUBLISHED: 2020-08-09
flatCore before 1.5.7 allows XSS by an admin via the acp/acp.php?tn=pages&sub=edit&editpage=1 page_linkname, page_title, page_content, or page_extracontent parameter, or the acp/acp.php?tn=system&sub=sys_pref prefs_pagename, prefs_pagetitle, or prefs_pagesubtitle parameter.
CVE-2020-17447
PUBLISHED: 2020-08-09
MyBB before 1.8.24 allows XSS because the visual editor mishandles [align], [size], [quote], and [font] in MyCode.
CVE-2020-16248
PUBLISHED: 2020-08-09
** DISPUTED ** Prometheus Blackbox Exporter through 0.17.0 allows /probe?target= SSRF. NOTE: follow-on discussion suggests that this might plausibly be interpreted as both intended functionality and also a vulnerability.
CVE-2020-15820
PUBLISHED: 2020-08-08
In JetBrains YouTrack before 2020.2.6881, the markdown parser could disclose hidden file existence.