Fibre Channel over IP
Fibre Channel over IP (FCIP or FCIP) is an IP-based storage area networking (SAN) technology developed by the IETF in July 2004 (RFC 3821) that enables the transmission of Fibre Channel data streams between SAN facilities over IP networks using tunneling techniques. The underlying wide-area IP transport provides routing and congestion control. The end-to-end TCP connection provides for sequential (in-order) delivery of data. The FC encapsulation protocols provide the interface between FC and TCP/IP and the FC protocols provide the interface to the storage systems.
The specification describes mechanisms that allow the interconnection of separate Fibre Channel (FC) SANs over IP networks, as depicted in the figure to the right. The result is the formation of a logically unified, FC-based SAN deployed over a larger geographic scope than the SAN protocols themselves typically permit. The motivation behind defining these interconnection mechanisms was a desire to connect physically remote Fibre Channel sites and to allow remote disk access, tape backup, and live mirroring. One of two main approaches to storage over IP networks (the other being iSCSI), FCIP was a key technology that enabled rapid development of the SAN market by enhancing the capabilities and performance of storage systems. This field is generically known as Storage over Internet Protocol (SoIP).
Fibre Channel Frame Encapsulation Header Structure
The figure to the left provides a description on the basic fields of the FC encapsulation header. The primary fields include:
- Protocol#: an IANA-assigned protocol number identifying the protocol using the encapsulation. In the case of FCIP, this field is always set to one (1).
- Version: reflects the current version of the protocol, which is currently also always set one (1).
- pFlags: These are the protocol-specific flags. There are two bits in this field that have meaning (the rest are reserved). The first bit (bit position zero) is called the Special Frame (SF) bit. The SF bit indicates whether the FCIP frame is an encapsulated FC Frame or an FCIP Special Frame (FSF). The bit is set to zero for the former (which is a frame carrying data), and to 1 for the latter (which is an FCIP control frame. The last bit is the Change (CH) bit and it indicates if an echoed frame contains intentional changes.
- Flags: These are encapsulation flags and are currently set to all zeroes.
- Frame Length: Contains the length of the entire FC Encapsulated frame including the FC Encapsulation Header and the FC frame in units of 32-bit words
- Time Stamp [integer]: integer component of the frame time stamp.
- Time Stamp [fraction]: fractional component of the frame time stamp.
- CRC: an error check code that verifies the header has not been altered.
You will note several other fields that appear to have the same name preceded by a minus sign (e.g., -pFlags, -Flags, -Version, etc.). This protocol is seriously concerned with trapping errors. These fields are all one's compliment versions of the corresponding fields (i.e., without the minus sign). The second row (4 bytes) of the header also contains an exact duplicate of the first row (4 bytes). This is a seriously paranoid protocol!
The primary function of the FCIP protocol is the forwarding of Fibre Channel frames using frame encapsulation. When considered from an IP network perspective, FCIP devices are peers that communicate using TCP/IP. Each FCIP transport environment contains two or more TCP endpoints in the IP-based network. If one were to view FCIP from a Fibre Channel fabric perspective, pairs of FCIP devices merely forward FC frames between fabric devices (i.e., switches). The Fibre Channel end nodes are unaware of the existence of the FCIP tunneling link. The path (route) taken by an encapsulated Fibre Channel frame follows normal routing procedures of the IP Network. Since TCP is used for the actual tunneling, the specification delivers a byte stream in the same order that it was sent.
But FCIP end points do not actively participate in Fibre Channel frame routing. Fibre Channel primitive signals, primitive sequences, and Class 1 Fibre Channel frames are not transmitted across an FCIP Link because they cannot be encoded using direct Fibre Channel frame encapsulation. However, FCIP control and services module may take advantage of TCP/IP quality of service (QoS) features, and as a result deliver performance enhancements reminiscent of local Fibre Channel storage networks.
As one would expect for any IP network, it is necessary to statically or dynamically configure each FCIP infrastructure with appropriate IP addresses and TCP port numbers corresponding to FCIP devices with which it is expected to initiate communication. If dynamic discovery of participating FCIP devices is supported, the discovery itself is performed using the Service Location Protocol (SLPv2) . Before creating a TCP connection to a peer FCIP device, the initiating device attempting to create the TCP connection either statically or dynamically determines the IP address, TCP port, expected Fibre Channel fabric World Wide Name (WWN), TCP connection parameters, and QoS information.
If one is interested in supporting IP network security, the following rules should apply – as indicative of any security desired in an IP infrastructure. FCIP entities must:
- implement cryptographically protected authentication and cryptographic data integrity keyed to the authentication process, and
- implement data confidentiality security features
A number of vendors, including Cisco, Brocade, Nortel, and Lucent have introduced FCIP-based products (such as switches and routers).
|<mp3>http://podcast.hill-vt.com/podsnacks/2008q2/fcip.mp3%7Cdownload</mp3> | Fibre Channel over IP (FCIP)|