In any network when a switch is initiated, a connection is established between all devices connected to it. So is in a SAN network. A "Fabric" in a SAN environment is referred to a SAN switch. A network without any restrictions to the storage unit compromises on security, availability and management of storage. This problem can be solved by "Zoning" which is a feauture in fabric switches. Zoning creates rules restrictions as in what FC device can see what other devices connected on the fabric. This is similar to a V-LAN.
Below figure illustrates Zoning on a Fabric.
Types of Zoning
- Hardware zoning.
- Software Zoning.
Hardware Zoning
Fabric port number is used to configure hardware zoning. The physical ports of the fabric are the members. Hardware zoning provides the highest security.
Dissadvantage: Zoning has to be re-configured if the device is connected to a different port.
Software zoning
An HBA card has WWNN(World wide node name) and WWPN(World wide port name). Just like a MAC address goes to ethernet card, WWN goes to HBA card. You don't have to worry about the port on the fabric were the device is connected if it is a software zoning.
For an initiator(servers) WWNN starts with 20:_, WWPN starts with 10:_.
For targets WWNN starts with 50:_.
WWN spoofing
A device can change it's WWN rather using the one given by it's manufacturer. An unknown device can gain trust of a storage device and can access it by spoofing the WWN number.