A storage area network (SAN) or storage network is a Computer network which provides access to consolidated, block-level data storage. SANs are primarily used to enhance accessibility of storage devices, such as disk arrays and tape libraries, to servers so that the devices appear to the operating system as locally-attached devices. A SAN typically is a dedicated network of storage devices not accessible through the local area network (LAN) by other devices, thereby preventing interference of LAN traffic in data transfer.
The cost and complexity of SANs dropped in the early 2000s to levels allowing wider adoption across both enterprise and small to medium-sized business environments.
A SAN does not provide file abstraction, only block-level operations. However, file systems built on top of SANs do provide file-level access, and are known as shared-disk file systems.
Storage Architectures
Storage area networks (SANs) are sometimes referred to as network behind the servers and historically developed out of the centralised data storage model, but with its own data network. A SAN is, at its simplest, a dedicated network for data storage. In addition to storing data, SANs allow for the automatic backup of data, and the monitoring of the storage as well as the backup process. A SAN is a combination of hardware and software. It grew out of data-centric mainframe architectures, where clients in a network can connect to several servers that store different types of data. To scale storage capacities as the volumes of data grew, direct-attached storage (DAS) was developed, where disk arrays or just a bunch of disks (JBODs) were attached to servers. In this architecture storage devices can be added to increase storage capacity. However, the server through which the storage devices are accessed is a single point of failure, and a large part of the LAN network bandwidth is used for accessing, storing and backing up data. To solve the single point of failure issue, a direct-attached shared storage architecture was implemented, where several servers could access the same storage device.
DAS was the first network storage system and is still widely implemented where data storage requirements are not very high. Out of it developed the network-attached storage (NAS) architecture, where one or more dedicated file server or storage devices are made available in a LAN. Therefore, the transfer of data, particularly for backup, still takes place over the existing LAN. If more than a terabyte of data was stored at any one time, LAN bandwidth became a bottleneck. Therefore, SANs were developed, where a dedicated storage network was attached to the LAN, and terabytes of data are transferred over a dedicated high speed and bandwidth network. Within the storage network, storage devices are interconnected. Transfer of data between storage devices, such as for backup, happens behind the servers and is meant to be transparent. While in a NAS architecture data is transferred using the TCP and IP protocols over Ethernet, distinct protocols were developed for SANs, such as Fibre Channel, iSCSI, Infiniband. Therefore, SANs often have their own network and storage devices, which have to be bought, installed, and configured. This makes SANs inherently more expensive than NAS architectures.
SAN Components
SANs have their own networking devices, such as SAN switches. To access the SAN so-called SAN servers are used, which in turn connect to SAN interfaces. Within the SAN a range of data storage devices may be interconnected, such as SAN capable disk arrays, JBODS and tape libraries
Host Layer
Servers that allow access to the SAN and its storage devices are said to form the host layer of the SAN. Such servers have host bus adapters (HBAs), which are cards that attach to slots on the server main board (usually PCI slots) and run with a corresponding firmware and driver. Through the host bus adapters the operating system of the server can communicate with the storage devices in the SAN. A cable connects to the host bus adapter card through the gigabit interface converter (GBIC). These interface converters are also attached to switches and storage devices within the SAN, and they convert digital bits into light impulses that can then be transmitted over the Fiber Channel cables. Conversely, the GBIC converts incoming light impulses back into digital bits. The predecessor of the GBIC was called gigabit link module (GLM). This is applicable for Fiber Channel deployments only.
Fabric Layer
The fabric layer consists of SAN networking devices that include SAN switches, routers, protocol bridges, gateway devices, and cables. SAN network devices move data within the SAN, or between an initiator, such as an HBA port of a server, and a target, such as the port of a storage device. SAN networks are usually built with redundancy, so SAN switches are connected with redundant links. SAN switches connect the servers with the storage devices and are typically non-blocking, thus transmitting data across all attached wires at the same time. When SANs were first built, hubs were the only devices that were Fibre Channel capable, but Fibre Channel switches were developed and hubs are now rarely found in SANs. Switches have the advantage over hubs that they allow all attached devices to communicate simultaneously, as a switch provides a dedicated link to connect all its ports with one another. SAN switches are for redundancy purposes set up in a meshed topology. A single SAN switch can have as few as 8 ports, up to 32 ports with modular extensions. So called director class switches can have as many as 128 ports. When SANs were first built Fibre Channel had to be implemented over copper cables, these days multimode optical fibre cables are used in SANs. In switched SANs the Fibre Channel switched fabric protocol FC-SW-6 is used, where every device in the SAN has a hardcoded World Wide Name (WWN) address in the host bus adapter (HBA). If a device is connected to the SAN its WWN is registered in the SAN switch name server. In place of a WWN, or worldwide port name (WWPN), SAN Fibre Channel storage device vendors may also hardcode a worldwide node name (WWNN). The ports of storage devices often have an WWN starting with 5, while the bus adapters of servers start with 10 or 21.
Storage Layer
On top of the Fibre Channel-Switched Protocol is often the serialized Small Computer Systems Interface (SCSI) protocol, implemented in servers and SAN storage devices. It allows software applications to communicate, or encode data, for storage devices. The internet Small Computer Systems Interface (iSCSI) over Ethernet and the Infiniband protocols may also be found implemented in SANs, but are often bridged into the Fibre Channel SAN. However, Infiniband and iSCSI storage devices, in particular, disk arrays, are available.
The various storage devices in a SAN are said to form the storage layer. It can include a variety of hard disk and magnetic tape devices that store data. In SANs disk arrays are joined through a RAID, which makes a lot of hard disks look and perform like one big storage device. Every storage device, or even partition on that storage device, has a logical unit number (LUN) assigned to it. This is a unique number within the SAN and every node in the SAN, be it a server or another storage device, can access the storage through the LUN. The LUNs allow for the storage capacity of a SAN to be segmented and for the implementation of access controls. A particular server, or a group of servers, may, for example, be only given access to a particular part of the SAN storage layer, in the form of LUNs. When a storage device receives a request to read or write data, it will check its access list to establish whether the node, identified by its LUN, is allowed to access the storage area, also identified by a LUN. LUN masking is a technique whereby the host bus adapter and the SAN software of a server restrict the LUNs for which commands are accepted. In doing so LUNs that should in any case not be accessed by the server are masked. Another method to restrict server access to particular SAN storage devices is fabric-based access control, or zoning, which has to be implemented on the SAN networking devices and the servers. Thereby server access is restricted to storage devices that are in a particular SAN zone.
