I was doing some reading this morning on the new MDS 9710 Director Class switch and came across a feature I hadn’t heard of before. The feature is called “Smart Zoning” and is a real godsend for SAN and data center administrators.
Traditionally SAN admins that follow best practices follow the “single initiator”, “single target” rule for zoning FC fabrics. There are a couple reasons why this is a best practice:
- Keep SAN traffic generated by devices in other zones isolated. Traffic like Registered State Change Notifications (RSCN)
- FC switch hardware resources. For every 2 members in a zone that communicate with each other two ACEs (Access Control Entries) are created in the TCAM (Ternary Content Addressable Memory). One entry that permits the host to receive traffic from another host/target and another ACE for the opposite direction. The more members in a zone the more pairs of ACEs that are consumed in the TCAM.
Smart Zoning allows the SAN admin to define which members are targets and which members are initiators. Since targets (SAN front-end ports) do not usually need to talk to targets and initiators (host HBAs) do not need to talk to initiators there isn’t a need for ACEs to get created for target-to-target and initiator-to-initiator.
With Smart Zoning a host will only need a single zone in each fabric instead of the typical 2-4 zones per fabric. The number of zones a host needs depends on how many SAN front-end ports the host needs access to.
Take for example 10 Cisco UCS ESXi hosts that need to access LUNs on an EMC VNX 5500.
- Each host will have 2 vHBAs; one in each SAN fabric
- EMC VNX will have 4 SP front-end ports in each fabric
- Each host vHBA will need to communicate with 4 EMC VNX ports in each fabric
Typically this configuration would look something like this for a single host. Multiple this out for 10 hosts and you have 40 zones needed in each FC fabric.
zone name vnx_spa0-esx01_vmhba1 vsan 200
member device-alias vnx_spa0
member device-alias esx01_vmhba1
zone name vnx_spa2-esx01_vmhba1 vsan 200
member device-alias vnx_spa2
member device-alias esx01_vmhba1
zone name vnx_spb1-esx01_vmhba1 vsan 200
member device-alias vnx_spb1
member device-alias esx01_vmhba1
zone name vnx_spb3-esx01_vmhba1 vsan 200
member device-alias vnx_spb3
member device-alias esx01_vmhba1
With Smart Zoning the configuration would look like this. Note the keyword target or init after the device-alias name. The number of ACEs consumed in the TCAM is the same but the administrative effort is dramatically reduced. The number of zones needed in each fabric goes from 40 to just 10.
zone name vnx_spa_b-esx01_vmhba1 vsan 200
member device-alias vnx_spa0 target
member device-alias vnx_spa2 target
member device-alias vnx_spb1 target
member device-alias vnx_spb3 target
member device-alias esx01_vmhba1 init
There are some requirements for Smart Zoning that should be verified before trying to use this feature:
- NX-OS 5.2(6) or greater is required
- Only supported on MDS 9000/9500s or Nexus 7000 with NX-OS 6.1 or greater
- Smart Zoning is not configurable on Nexus 5000/5500 series switches. I really don’t know why Cisco does things like this, I really wish they would make NX-OS for all devices parity with each other.
- For multi-switch fabrics every switch in the fabric must have NX-OS 5.2(6) or greater and support Smart Zoning. This rules out Nexus 5500s unless they are in NPV mode.
- Here is a screen shot I got from someone at Cisco
To enable the feature:
switch# conf t
switch(config)# zone smart-zoning enable vsan 200
or to enable it as the default zoning mode for all VSANs on the switch
switch# conf t
switch(config)# system default zone smart-zone enable
Next for each zone define which members are targets and which members are initiators (see above zone example)
Jeremy Waldrop's Blog 
Audiophiles may not find it a great mp3 player regarding sound, however for casual listeners and music lovers,
the sound conduction through bone is really a perfectly effective method of listening to music under water.
50 for that life of one’s pool – regardless of whether you never run the heater. Also find the swimming jackets and air filled tubes for your children if they may be too keen on swimming and have not completed their swimming lessons yet. Bentonite gets the property of expanding rapidly and replenishing any pores or crevices in a earthen embankment. Inground pool area is harder to put together and takes longer time to install it.
I have heard some people argue a few years ago before SmartZoning, that single-initiator/multiple-target zoning works without SmartZoning. because HBAs and storage ports are now “smart” enough to know which is initiator/target. However, as I understand it the ports will still “see” each other with non-SmartZoning but ignore the connections to itself. One issue that I have seen occur with single initiator/multiple target zones is with EMC SANcopy, the array will throw errors in Navisphere or Unisphere if it can see itself. Something to the effect of “SANcopy zoning is not configured properly”. I wonder if SmartZoning solves this issue. However, lack of support for Nexus 5K is a show-stopper as FCOE is around the corner.
How does it handle devices that operate as both initiator AND target?
Nvrmnd, I see you can specify “both.”
It looks like Cisco’s example is putting everything under 1 zone. Your example is doing one to many, so you’ll still end up with many zones. Any reasoning why?
every initiator that needs to be zoned to the same targets can be placed in one zone but for other initiators that need to be zoned to different targets will have their own zone
If you have a group of ESXi servers accessing the same array (target) ports, are you saying that you can have a single zone with all of the initiators from all the ESXI servers and array ports?
yes, with Smart Zoning all hosts that need access to the same SAN target ports can be in the same zone. Here is an example zone, notice the keyword target or init after each. Only the init members are zoned to the target members and none of the targets are zoned together and none of the init are zoned together. Behind the scenes nxos creates ACLs for these mappings.
zone name fc_ntap_esx_hosts vsan 603
member device-alias ntap-02_0e target
member device-alias ntap-02_0g target
member device-alias ntap-01_9a target
member device-alias ntap-01_9c target
member device-alias esx15 init
member device-alias esx16 init
member device-alias esx17 init
member device-alias esx18 init
member device-alias esx19 init
member device-alias esx20 init
One of our customer has issues on his switch and their TCAM entries look some thing like below.What do you suggest. Region 3 doesn’t look good. Also we are thinking of enabling smart zoning. But what could we benefit after enabling smart zoning.
TCAM Entries:
=============
Region1 Region2 Region3 Region4 Region5 Region6
Mod Fwd Dir TOP SYS SECURITY ZONING BOTTOM FCC DIS FCC ENA
Eng Use/Total Use/Total Use/Total Use/Total Use/Total Use/Total
— — —— ———- ——— ———— ——— ——— ———
1 1 INPUT 19/407 1/407 138/2852 * 4/407 0/0 0/0
1 1 OUTPUT 0/25 0/25 0/140 0/25 0/12 1/25
1 2 INPUT 19/407 1/407 2444/2852 * 4/407 0/0 0/0
1 2 OUTPUT 0/25 0/25 0/140 0/25 0/12 1/25
1 3 INPUT 19/407 1/407 2072/2852 * 4/407 0/0 0/0
1 3 OUTPUT 0/25 0/25 0/140 0/25 0/12 1/25
—————————————————