Internet Small Computer Systems Interface or iSCSI ( ) is an
Internet Protocol
The Internet Protocol (IP) is the network layer communications protocol in the Internet protocol suite for relaying datagrams across network boundaries. Its routing function enables internetworking, and essentially establishes the Internet.
IP h ...
-based storage networking standard for linking data storage facilities. iSCSI provides block-level access to storage devices by carrying
SCSI
Small Computer System Interface (SCSI, ) is a set of standards for physically connecting and transferring data between computers and peripheral devices. The SCSI standards define commands, protocols, electrical, optical and logical interface ...
commands over a
TCP/IP
The Internet protocol suite, commonly known as TCP/IP, is a framework for organizing the set of communication protocols used in the Internet and similar computer networks according to functional criteria. The foundational protocols in the suit ...
network. iSCSI facilitates data transfers over
intranet
An intranet is a computer network for sharing information, easier communication, collaboration tools, operational systems, and other computing services within an organization, usually to the exclusion of access by outsiders. The term is used in c ...
s and to manage storage over long distances. It can be used to transmit data over
local area network
A local area network (LAN) is a computer network that interconnects computers within a limited area such as a residence, school, laboratory, university campus or office building. By contrast, a wide area network (WAN) not only covers a larger ...
s (LANs),
wide area network
A wide area network (WAN) is a telecommunications network that extends over a large geographic area. Wide area networks are often established with leased telecommunication circuits.
Businesses, as well as schools and government entities, us ...
s (WANs), or the
Internet
The Internet (or internet) is the global system of interconnected computer networks that uses the Internet protocol suite (TCP/IP) to communicate between networks and devices. It is a '' network of networks'' that consists of private, pub ...
and can enable location-independent data storage and retrieval.
The
protocol
Protocol may refer to:
Sociology and politics
* Protocol (politics), a formal agreement between nation states
* Protocol (diplomacy), the etiquette of diplomacy and affairs of state
* Etiquette, a code of personal behavior
Science and technolog ...
allows clients (called ''initiators'') to send SCSI commands ( ''CDBs'') to storage devices (''targets'') on remote servers. It is a
storage area network
A storage area network (SAN) or storage network is a computer network which provides access to consolidated, block-level data storage. SANs are primarily used to access data storage devices, such as disk arrays and tape libraries from ser ...
(SAN) protocol, allowing organizations to consolidate storage into
storage array
A disk array is a disk storage system which contains multiple disk drives. It is differentiated from a disk enclosure, in that an array has cache memory and advanced functionality, like RAID, deduplication, encryption and virtualization.
Compon ...
s while providing clients (such as database and web servers) with the illusion of locally attached SCSI disks. It mainly competes with Fibre Channel, but unlike traditional Fibre Channel which usually requires dedicated cabling, iSCSI can be run over long distances using existing network infrastructure. iSCSI was pioneered by IBM and Cisco in 1998 and submitted as a draft standard in March 2000.
Concepts
In essence, iSCSI allows two hosts to negotiate and then exchange
SCSI
Small Computer System Interface (SCSI, ) is a set of standards for physically connecting and transferring data between computers and peripheral devices. The SCSI standards define commands, protocols, electrical, optical and logical interface ...
commands using
Internet Protocol
The Internet Protocol (IP) is the network layer communications protocol in the Internet protocol suite for relaying datagrams across network boundaries. Its routing function enables internetworking, and essentially establishes the Internet.
IP h ...
(IP) networks. By doing this, iSCSI takes a popular high-performance local storage bus and emulates it over a wide range of networks, creating a
storage area network
A storage area network (SAN) or storage network is a computer network which provides access to consolidated, block-level data storage. SANs are primarily used to access data storage devices, such as disk arrays and tape libraries from ser ...
(SAN). Unlike some SAN protocols, iSCSI requires no dedicated cabling; it can be run over existing IP infrastructure. As a result, iSCSI is often seen as a low-cost alternative to Fibre Channel, which requires dedicated infrastructure except in its
FCoE
Fibre Channel over Ethernet (FCoE) is a computer network technology that encapsulates Fibre Channel frames over Ethernet networks. This allows Fibre Channel to use 10 Gigabit Ethernet networks (or higher speeds) while preserving the Fibre Channel ...
(Fibre Channel over Ethernet) form. However, the performance of an iSCSI SAN deployment can be severely degraded if not operated on a dedicated network or subnet (LAN or
VLAN
A virtual local area network (VLAN) is any broadcast domain that is partitioned and isolated in a computer network at the data link layer (OSI layer 2).IEEE 802.1Q-2011, ''1.4 VLAN aims and benefits'' In this context, virtual, refers to a physi ...
), due to competition for a fixed amount of bandwidth.
Although iSCSI can communicate with arbitrary types of SCSI devices, system administrators almost always use it to allow servers (such as database servers) to access disk volumes on storage arrays. iSCSI SANs often have one of two objectives:
; Storage consolidation
: Organizations move disparate storage resources from servers around their network to central locations, often in data centers; this allows for more efficiency in the allocation of storage, as the storage itself is no longer tied to a particular server. In a SAN environment, a server can be allocated a new disk volume without any changes to hardware or cabling.
; Disaster recovery
: Organizations mirror storage resources from one data center to a remote data center, which can serve as a hot / standby in the event of a prolonged outage. In particular, iSCSI SANs allow entire disk arrays to be migrated across a WAN with minimal configuration changes, in effect making storage "routable" in the same manner as network traffic.
Initiator
An ''initiator'' functions as an iSCSI client. An initiator typically serves the same purpose to a computer as a SCSI bus adapter would, except that, instead of physically cabling SCSI devices (like hard drives and tape changers), an iSCSI initiator sends SCSI commands over an IP network. An initiator falls into two broad types:
A software initiator uses code to implement iSCSI. Typically, this happens in a kernel-resident device driver that uses the existing
network card
A network interface controller (NIC, also known as a network interface card, network adapter, LAN adapter or physical network interface, and by similar terms) is a computer hardware component that connects a computer to a computer network.
Ear ...
(NIC) and
network stack
The protocol stack or network stack is an implementation of a computer networking protocol suite or protocol family. Some of these terms are used interchangeably but strictly speaking, the ''suite'' is the definition of the communication protoco ...
to emulate SCSI devices for a computer by speaking the iSCSI protocol. Software initiators are available for most popular operating systems and are the most common method of deploying iSCSI.
A hardware initiator uses dedicated hardware, typically in combination with
firmware
In computing, firmware is a specific class of computer software that provides the low-level control for a device's specific hardware. Firmware, such as the BIOS of a personal computer, may contain basic functions of a device, and may provide h ...
running on that hardware, to implement iSCSI. A hardware initiator mitigates the overhead of iSCSI and TCP processing and Ethernet interrupts, and therefore may improve the performance of servers that use iSCSI.
An iSCSI
host bus adapter
In computer hardware, a host controller, host adapter, or host bus adapter (HBA), connects a computer system bus, which acts as the host system, to other computer network, network and computer storage, storage devices. The terms are primarily ...
(more commonly, HBA) implements a hardware initiator. A typical HBA is packaged as a combination of a Gigabit (or 10 Gigabit) Ethernet
network interface controller
A network interface controller (NIC, also known as a network interface card, network adapter, LAN adapter or physical network interface, and by similar terms) is a computer hardware component that connects a computer to a computer network.
Ear ...
, some kind of TCP/IP offload engine (TOE) technology and a SCSI bus adapter, which is how it appears to the operating system.
An iSCSI HBA can include PCI
option ROM
An Option ROM for the PC platform (i.e. the IBM PC and derived successor computer systems) is a piece of firmware that resides in ROM on an expansion card (or stored along with the main system BIOS), which gets executed to initialize the device and ...
to allow
booting
In computing, booting is the process of starting a computer as initiated via hardware such as a button or by a software command. After it is switched on, a computer's central processing unit (CPU) has no software in its main memory, so som ...
from an iSCSI SAN.
An ''iSCSI offload engine'', or ''iSOE card'', offers an alternative to a full iSCSI HBA. An iSOE "offloads" the iSCSI initiator operations for this particular network interface from the host processor, freeing up CPU cycles for the main host applications. iSCSI HBAs or iSOEs are used when the additional performance enhancement justifies the additional expense of using an HBA for iSCSI, rather than using a software-based iSCSI client (initiator). iSOE may be implemented with additional services such as
TCP offload engine
TCP offload engine (TOE) is a technology used in some network interface cards (NIC) to offload processing of the entire TCP/IP stack to the network controller. It is primarily used with high-speed network interfaces, such as gigabit Ethernet and 1 ...
(TOE) to further reduce host server CPU usage.
Target
The iSCSI specification refers to a storage resource located on an iSCSI server (more generally, one of potentially many ''instances'' of iSCSI storage nodes running on that server) as a ''target''.
An iSCSI target is often a dedicated network-connected hard disk storage device, but may also be a general-purpose computer, since as with initiators, software to provide an iSCSI target is available for most mainstream operating systems.
Common deployment scenarios for an iSCSI target include:
Storage array
In a data center or enterprise environment, an iSCSI target often resides in a large storage array. These arrays can be in the form of commodity hardware with
free-software
Free software or libre software is computer software distributed under terms that allow users to run the software for any purpose as well as to study, change, and distribute it and any adapted versions. Free software is a matter of liberty, no ...
-based iSCSI implementations, or as commercial products such as i Quantastor CloudByte, StorTrends,
Pure Storage
Pure Storage is an American publicly traded technology company headquartered in Mountain View, California, United States. It develops all-flash data storage hardware and software products. Pure Storage was founded in 2009 and developed its product ...
EqualLogic
EqualLogic products are iSCSI-based storage area network (SAN) systems marketed by Dell. Dell has 3 different lines of SAN products: EqualLogic, Compellent and Dell PowerVault. Before the acquisition by Dell in January 2008, EqualLogic was an i ...
IBM Storwize family
IBM Storwize systems were virtualizing RAID computer data storage systems with raw storage capacities up to 32 PB. Storwize is based on the same software as IBM SAN Volume Controller (SVC).
Formerly Storwize was an independent data storage organ ...
,
Isilon
Dell EMC Isilon is a scale out network-attached storage platform offered by Dell EMC for high-volume storage, backup and archiving of unstructured data. It provides a cluster-based storage array based on industry standard hardware, and is scala ...
,
NetApp filer
A NetApp FAS is a computer storage product by NetApp running the ONTAP operating system; the terms ONTAP, AFF, ASA, FAS are often used as synonyms. "Filer" is also used as a synonym although this is not an official name. There are three types of ...
,
Dell EMC
Dell EMC (EMC Corporation until 2016) is an American multinational corporation headquartered in Hopkinton, Massachusetts and Round Rock, Texas, United States. Dell EMC sells data storage, information security, virtualization, analytics, cloud c ...
,
Kaminario
Silk is a technology company headquartered in Needham, Massachusetts, United States. Silk offers a cloud platform for enterprise customers with mission-critical applications. The company has offices in Boston and Israel.
History
CEO, Dani Gola ...
, NS-series, CX4, VNX, VNXe, VMAX,
Hitachi Data Systems
Hitachi Data Systems (HDS) was a provider of modular mid-range and high-end computer data storage systems, software and services. Its operations are now a part of Hitachi Vantara.
It was a wholly owned subsidiary of Hitachi Ltd. and part of th ...
HNAS, or Pivot3 vSTAC.
A storage array usually provides distinct iSCSI targets for numerous clients.
Software target
Nearly all modern mainstream server operating systems (such as
BSD
The Berkeley Software Distribution or Berkeley Standard Distribution (BSD) is a discontinued operating system based on Research Unix, developed and distributed by the Computer Systems Research Group (CSRG) at the University of California, Berk ...
,
Linux
Linux ( or ) is a family of open-source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991, by Linus Torvalds. Linux is typically packaged as a Linux distribution, which ...
,
Solaris
Solaris may refer to:
Arts and entertainment Literature, television and film
* ''Solaris'' (novel), a 1961 science fiction novel by Stanisław Lem
** ''Solaris'' (1968 film), directed by Boris Nirenburg
** ''Solaris'' (1972 film), directed by ...
or
Windows Server
Windows Server (formerly Windows NT Server) is a group of operating systems (OS) for servers that Microsoft has been developing since July 27, 1993. The first OS that was released for this platform was Windows NT 3.1 Advanced Server. With the r ...
) can provide iSCSI target functionality, either as a built-in feature or with supplemental software. Some specific-purpose operating systems implement iSCSI target support.
Logical unit number
In
SCSI
Small Computer System Interface (SCSI, ) is a set of standards for physically connecting and transferring data between computers and peripheral devices. The SCSI standards define commands, protocols, electrical, optical and logical interface ...
terminology, LU stands for ''logical unit'', which is specified by a unique ''
logical unit number
In computer storage, a logical unit number, or LUN, is a number used to identify a logical unit, which is a device addressed by the SCSI protocol or by Storage Area Network protocols that encapsulate SCSI, such as Fibre Channel or iSCSI.
A LUN m ...
''. A LUN represents an individually addressable (logical) SCSI device that is part of a physical SCSI device (target). In an iSCSI environment, LUNs are essentially numbered disk drives. An initiator negotiates with a target to establish connectivity to a LUN; the result is an iSCSI connection that emulates a connection to a SCSI hard disk. Initiators treat iSCSI LUNs the same way as they would a raw SCSI or IDE hard drive; for instance, rather than mounting remote directories as would be done in NFS or
CIFS
Server Message Block (SMB) is a communication protocol originally developed in 1983 by Barry A. Feigenbaum at IBM and intended to provide shared access to files and printers across nodes on a network of systems running IBM's OS/2. It also provide ...
environments, iSCSI systems format and directly manage filesystems on iSCSI LUNs.
In enterprise deployments, LUNs usually represent subsets of large
RAID
Raid, RAID or Raids may refer to:
Attack
* Raid (military), a sudden attack behind the enemy's lines without the intention of holding ground
* Corporate raid, a type of hostile takeover in business
* Panty raid, a prankish raid by male college ...
disk arrays, often allocated one per client. iSCSI imposes no rules or restrictions on multiple computers sharing individual LUNs; it leaves shared access to a single underlying filesystem as a task for the operating system.
Network booting
For general data storage on an already-booted computer, any type of generic network interface may be used to access iSCSI devices. However, a generic consumer-grade network interface is not able to boot a diskless computer from a remote iSCSI data source. Instead, it is commonplace for a server to load its initial operating system from a
TFTP
Trivial File Transfer Protocol (TFTP) is a simple lockstep File Transfer Protocol which allows a client to get a file from or put a file onto a remote host. One of its primary uses is in the early stages of nodes booting from a local area netwo ...
server or local boot device, and then use iSCSI for data storage once booting from the local device has finished.
A separate
DHCP server
The Dynamic Host Configuration Protocol (DHCP) is a network management protocol used on Internet Protocol (IP) networks for automatically assigning IP addresses and other communication parameters to devices connected to the network using a cli ...
may be configured to assist interfaces equipped with
network boot
Network booting, shortened netboot, is the process of booting a computer from a network rather than a local drive. This method of booting can be used by routers, diskless workstations and centrally managed computers (thin clients) such as pub ...
capability to be able to boot over iSCSI. In this case, the network interface looks for a DHCP server offering a
PXE PXE may refer to:
* Preboot Execution Environment, booting computers via a network
* Proof and Experimental Establishment, an Indian defense laboratory
* Pseudoxanthoma elasticum, a genetic disease
* Pentium Extreme Edition, a variant of Pentium D ...
or
bootp
The Bootstrap Protocol (BOOTP) is a computer networking protocol used in
Internet Protocol networks to automatically assign an IP address to network devices from a configuration server. The BOOTP was originally defined in RFC 951.
While some part ...
boot image. This is used to kick off the iSCSI remote boot process, using the booting network interface's
MAC address
A media access control address (MAC address) is a unique identifier assigned to a network interface controller (NIC) for use as a network address in communications within a network segment. This use is common in most IEEE 802 networking techno ...
to direct the computer to the correct iSCSI boot target. One can then use a software-only approach to load a small boot program which can in turn mount a remote iSCSI target as if it was a local SCSI drive and then fire the boot process from said iSCSI target. This can be achieved using an existing
Preboot Execution Environment
In computing, the Preboot eXecution Environment, PXE (most often pronounced as ''pixie'', often called PXE Boot/''pixie boot''.) specification describes a standardized client–server environment that boots a software assembly, retrieved from ...
(PXE) boot ROM, which is available on many wired Ethernet adapters. The boot code can also be loaded from CD/DVD, floppy disk (or floppy disk image) and USB storage, or it can replace existing PXE boot code on adapters that can be re-flashed. The most popular free software to offer iSCSI boot support is
iPXE
iPXE is an open-source implementation of the Preboot eXecution Environment (PXE) client software and bootloader, created in 2010 as a fork of gPXE (gPXE was named Etherboot until 2008).TCP ports 860 and 3260) for the protocols itself, with higher-level names used to address the objects within the protocol.
Special names refer to both iSCSI initiators and targets. iSCSI provides three name-formats:
; iSCSI Qualified Name (IQN)
: Format: The iSCSI Qualified Name is documented in RFC 3720, with further examples of names in RFC 3721. Briefly, the fields are:
:* literal iqn (iSCSI Qualified Name)
:* date (yyyy-mm) that the naming authority took ownership of the domain
:* reversed domain name of the authority (e.g. org.alpinelinux, com.example, to.yp.cr)
:* Optional ":" prefixing a storage target name specified by the naming authority.
:From the RFC:
; Extended Unique Identifier (EUI)
: Format: eui. (e.g. eui.02004567A425678D)
; T11 Network Address Authority (NAA)
: Format: naa. (e.g. naa.52004567BA64678D)
IQN format addresses occur most commonly. They are qualified by a date (yyyy-mm) because domain names can expire or be acquired by another entity.
The IEEE Registration authority provides EUI in accordance with the EUI-64 standard. NAA is part OUI which is provided by the IEEE Registration Authority. NAA name formats were added to iSCSI in RFC 3980, to provide compatibility with naming conventions used in Fibre Channel and Serial Attached SCSI (SAS) storage technologies.
Usually, an iSCSI participant can be defined by three or four fields:
# Hostname or IP Address (e.g., "iscsi.example.com")
# Port Number (e.g., 3260)
# iSCSI Name (e.g., the IQN "iqn.2003-01.com.ibm:00.fcd0ab21.shark128")
# An optional CHAP Secret (e.g., "secretsarefun")
iSNS
iSCSI initiators can locate appropriate storage resources using the Internet Storage Name Service (iSNS) protocol. In theory, iSNS provides iSCSI SANs with the same management model as dedicated Fibre Channel SANs. In practice, administrators can satisfy many deployment goals for iSCSI without using iSNS.
Security
Authentication
iSCSI initiators and targets prove their identity to each other using CHAP, which includes a mechanism to prevent
cleartext
In cryptography, plaintext usually means unencrypted information pending input into cryptographic algorithms, usually encryption algorithms. This usually refers to data that is transmitted or stored unencrypted.
Overview
With the advent of comp ...
passwords from appearing on the wire. By itself, CHAP is vulnerable to
dictionary attack
In cryptanalysis and computer security, a dictionary attack is an attack using a restricted subset of a keyspace to defeat a cipher or authentication mechanism by trying to determine its decryption key or passphrase, sometimes trying thousands o ...
reflection attack
In computer security, a reflection attack is a method of attacking a challenge–response authentication system that uses the same protocol in both directions. That is, the same challenge–response protocol is used by each side to authenticate t ...
s. If followed carefully, the best practices for using CHAP within iSCSI reduce the surface for these attacks and mitigate the risks.
Additionally, as with all IP-based protocols,
IPsec
In computing, Internet Protocol Security (IPsec) is a secure network protocol suite that authenticates and encrypts packets of data to provide secure encrypted communication between two computers over an Internet Protocol network. It is used in ...
can operate at the network layer. The iSCSI negotiation protocol is designed to accommodate other authentication schemes, though interoperability issues limit their deployment.
Logical network isolation
To ensure that only valid initiators connect to storage arrays, administrators most commonly run iSCSI only over logically isolated backchannel networks. In this deployment architecture, only the management ports of storage arrays are exposed to the general-purpose internal network, and the iSCSI protocol itself is run over dedicated network segments or
VLANs
A virtual local area network (VLAN) is any broadcast domain that is partitioned and isolated in a computer network at the data link layer (OSI layer 2).IEEE 802.1Q-2011, ''1.4 VLAN aims and benefits'' In this context, virtual, refers to a physi ...
. This mitigates authentication concerns; unauthorized users are not physically provisioned for iSCSI, and thus cannot talk to storage arrays. However, it also creates a transitive trust problem, in that a single compromised host with an iSCSI disk can be used to attack storage resources for other hosts.
Physical network isolation
While iSCSI can be logically isolated from the general network using VLANs only, it is still no different from any other network equipment and may use any cable or port as long as there is a completed signal path between source and target. Just a single cabling mistake by a network technician can compromise the barrier of logical separation, and an accidental bridging may not be immediately detected because it does not cause network errors.
In order to further differentiate iSCSI from the regular network and prevent cabling mistakes when changing connections, administrators may implement self-defined color-coding and labeling standards, such as only using yellow-colored cables for the iSCSI connections and only blue cables for the regular network, and clearly labeling ports and switches used only for iSCSI.
While iSCSI could be implemented as just a VLAN cluster of ports on a large multi-port switch that is also used for general network usage, the administrator may instead choose to use physically separate switches dedicated to iSCSI VLANs only, to further prevent the possibility of an incorrectly connected cable plugged into the wrong port bridging the logical barrier.
Authorization
Because iSCSI aims to consolidate storage for many servers into a single storage array, iSCSI deployments require strategies to prevent unrelated initiators from accessing storage resources. As a pathological example, a single enterprise storage array could hold data for servers variously regulated by the
Sarbanes–Oxley Act
The Sarbanes–Oxley Act of 2002 is a United States federal law that mandates certain practices in financial record keeping and reporting for corporations.
The act, (), also known as the "Public Company Accounting Reform and Investor Protecti ...
for corporate accounting,
HIPAA
The Health Insurance Portability and Accountability Act of 1996 (HIPAA or the Kennedy– Kassebaum Act) is a United States Act of Congress enacted by the 104th United States Congress and signed into law by President Bill Clinton on August 21, 1 ...
for health benefits information, and
PCI DSS
The Payment Card Industry Data Security Standard (PCI DSS) is an information security standard used to handle credit cards from major card scheme, card brands. The standard is administered by the Payment Card Industry Security Standards Council a ...
for credit card processing. During an audit, storage systems must demonstrate controls to ensure that a server under one regime cannot access the storage assets of a server under another.
Typically, iSCSI storage arrays explicitly map initiators to specific target LUNs; an initiator authenticates not to the storage array, but to the specific storage asset it intends to use. However, because the target LUNs for SCSI commands are expressed both in the iSCSI negotiation protocol and in the underlying SCSI protocol, care must be taken to ensure that access control is provided consistently.
Confidentiality and integrity
For the most part, iSCSI operates as a cleartext protocol that provides no cryptographic protection for data in motion during SCSI transactions. As a result, an attacker who can listen in on iSCSI Ethernet traffic can:
* Reconstruct and copy the files and filesystems being transferred on the wire
* Alter the contents of files by injecting fake iSCSI frames
* Corrupt filesystems being accessed by initiators, exposing servers to software flaws in poorly tested filesystem code.
These problems do not occur only with iSCSI, but rather apply to any SAN protocol without cryptographic security. IP-based security protocols, such as
IPsec
In computing, Internet Protocol Security (IPsec) is a secure network protocol suite that authenticates and encrypts packets of data to provide secure encrypted communication between two computers over an Internet Protocol network. It is used in ...
, can provide standards-based cryptographic protection to this traffic.
Implementations
Operating systems
The dates in the following table denote the first appearance of a native driver in each operating system. Third-party drivers for Windows and Linux were available as early as 2001, specifically for attaching IBM's IP Storage 200i appliance.
Targets
Most iSCSI targets involve disk, though iSCSI tape and medium-changer targets are popular as well. So far, physical devices have not featured native iSCSI interfaces on a component level. Instead, devices with Parallel SCSI or Fibre Channel interfaces are bridged by using iSCSI target software, external bridges, or controllers internal to the device enclosure.
Alternatively, it is possible to virtualize disk and tape targets. Rather than representing an actual physical device, an emulated virtual device is presented. The underlying implementation can deviate drastically from the presented target as is done with
virtual tape library
A virtual tape library (VTL) is a data storage virtualization technology used typically for backup and recovery purposes. A VTL presents a storage component (usually hard disk storage) as tape libraries or tape drives for use with existing backup ...
(VTL) products. VTLs use disk storage for storing data written to virtual tapes. As with actual physical devices, virtual targets are presented by using iSCSI target software, external bridges, or controllers internal to the device enclosure.
In the security products industry, some manufacturers use an iSCSI RAID as a target, with the initiator being either an IP-enabled encoder or camera.
Converters and bridges
Multiple systems exist that allow Fibre Channel, SCSI and SAS devices to be attached to an IP network for use via iSCSI. They can be used to allow migration from older storage technologies, access to SANs from remote servers and the linking of SANs over IP networks. An iSCSI gateway bridges IP servers to Fibre Channel SANs. The TCP connection is terminated at the gateway, which is implemented on a Fibre Channel switch or as a standalone appliance.
Fibre Channel over Ethernet
Fibre Channel over Ethernet (FCoE) is a computer network technology that encapsulates Fibre Channel frames over Ethernet networks. This allows Fibre Channel to use 10 Gigabit Ethernet networks (or higher speeds) while preserving the Fibre Channel ...
HyperSCSI HyperSCSI is an outdated computer network Protocol (computing), protocol for accessing storage by sending and receiving SCSI commands. It was developed by researchers at the Data Storage Institute in Singapore in 2000 to 2003.
HyperSCSI is unlike iS ...
iSCSI Extensions for RDMA
The iSCSI Extensions for RDMA (iSER) is a computer network protocol that extends the Internet Small Computer System Interface (iSCSI) protocol to use Remote Direct Memory Access ( RDMA). RDMA is provided by either the Transmission Control Protocol ...
SCST
SCST is a GPL licensed SCSI target software stack.
The design goals of this software stack are high performance, high reliability, strict conformance to existing SCSI standards, being easy to extend and easy to use. SCST does not only support mul ...
Linux SCSI target software stack
*
Service Location Protocol
The Service Location Protocol (SLP, srvloc) is a service discovery protocol that allows computers and other devices to find services in a local area network without prior configuration. SLP has been designed to scale from small, unmanaged networks ...
Notes
References
Further reading
* - Internet Small Computer Systems Interface (iSCSI) (obsolete)
* - Internet Small Computer Systems Interface (iSCSI) Naming and Discovery (updated)
* - String Profile for Internet Small Computer Systems Interface (iSCSI) Names
* - Securing Block Storage Protocols over IP (Scope: The use of IPsec and IKE to secure iSCSI, iFCP, FCIP, iSNS and SLPv2.)
* - Small Computer Systems Interface protocol over the Internet (iSCSI) Requirements and Design Considerations
* - Small Computer Systems Interface (SCSI) Command Ordering Considerations with iSCSI
* - T11 Network Address Authority (NAA) Naming Format for iSCSI Node Names (obsolete)
* - Finding Internet Small Computer Systems Interface (iSCSI) Targets and Name Servers by Using Service Location Protocol version 2 (SLPv2)
* - Bootstrapping Clients using the Internet Small Computer System Interface (iSCSI) Protocol
* - Definitions of Managed Objects for Internet Small Computer System Interface (iSCSI)
* - Declarative Public Extension Key for Internet Small Computer Systems Interface (iSCSI) Node Architecture (obsolete)
* - Definitions of Managed Objects for iSNS (Internet Storage Name Service)
* - Internet Small Computer System Interface (iSCSI) Corrections and Clarifications (obsolete)
* - DA: Datamover Architecture for the Internet Small Computer System Interface (iSCSI)
* - Internet Small Computer System Interface (iSCSI) Extensions for Remote Direct Memory Access (RDMA)
* – Internet Small Computer System Interface (iSCSI) Protocol (consolidated)
{{DEFAULTSORT:Iscsi
Application layer protocolsEthernetSCSINetwork booting