The present invention relates generally to a storage subsystem, a storage control apparatus and a data copying method, and more particularly to a storage subsystem for performing a data copy process without involving a computer, a storage control apparatus and a data copying method. The invention also relates to a storage subsystem having the fibre channel protocol standardized by ANSI X3T11 as an interface with upper level apparatuses.
The fibre channel protocol standardized by ANSI X3T11 can connect a number of apparatuses and can run at the same time a variety of protocols such as SCSI, ESCON (registered trademark) and TCP/IP. However, the fibre channel protocol has the nature of difficulty in maintaining security.
The characteristic features of the fibre channel will be described first. The fibre channel is a serial transfer protocol without a specific command set. It can use effectively the bandwidth of transmission media because it transfers information asynchronously. Although the fibre channel does not have a specific command set, it utilizes a physical transfer scheme as a transport path of command sets such as SCSI and ESCON (registered trademark). It is therefore possible to accomplish data transfer of high speed and various types by inheriting conventional software resources.
The fibre channel is an interface having the characteristic features of both a channel and a network. Namely, once the source and destination are established, the fibre channel can perform data transfer of small delay and high speed. This is characteristic of the channel. An apparatus wishing communications participates in the communication system of the fibre channel upon an arbitrary event, and exchanges information with a communication partner apparatus to mutually recognize and start communications. This is characteristic of a network. A procedure of information exchange with a partner apparatus is called a log-in in particular.
An apparatus having an interface of the fibre channel is called a node, and the actual interface is called a port. One node can have one or more ports. The number of ports which can participate at the same time in the whole system of the fibre channel is the number represented by a 24-bit address at a maximum, i.e., about 16,770 thousands. A hardware used for such connection is called a fabric. Ports at the source and destination operate by considering only the information of the ports without being conscious of the fabric. The fabric is therefore discussed in many cases as logical media.
Each of the node and port stores an identifier unique in the world assigned from the standardization institute based on the predetermined rule. This identifier corresponds to a MAC address of TCP/IP and is a fixed address in terms of hardware. This address is called a WWN (World Wide Name) and has an eight-byte area.
Communications of the fibre channel are achieved by using signal level information called an Ordered Set and information having a fixed format called a frame.
Each frame comprises: a 4-byte identifier called an SOF (Start of Frame) representative of the start of the frame; a 24-byte frame header for the control of a link operation and the characterization of the frame; a data field in which actual data to be transferred is written; a 4-byte cyclical redundancy code (CRC); and a 4-byte identifier called an EOF (End of Frame) representative of the end of the frame. The data field is variable in the range from 0 to 2112 bytes.
In the frame header, a 3-byte identifier D_ID for identifying the frame transmission destination port is written in the field from 23-rd to 0-th bits of the 0-th word, whereas a 3-byte identifier S_ID for identifying the frame transmission source port is written in the field from 23-rd to 0-th bits of the 1-st word. These identifiers have values effective for all frames to be transmitted and received.
The address identifier S_ID for identifying a transmission source port has a dynamically changing value reported from an upper level apparatus. In FC_CH, the identifier S_ID is assigned by the fabric during its initializing procedure and the assigned value depends on WWN or the like of the node and port of a frame transmission source.
In the frame to be transmitted from a transmission source during a log-in, WWN of the transmission source port is stored in the 8-byte field from 21-st byte to 28-th byte from the start of the data field following the frame header, whereas WWN of the transmission source node is stored in the 8-byte field from 29-th byte to 36-th byte from the start of the data field. Upon the reception of this frame, the request destination apparatus picks up the information contained in the frame, and if the log-in is to be accepted, transmits an ACC frame to the log-in request source, whereas if the log-in is to be rejected an LS-RJT frame is transmitted to the log-in request source.
Upon reception of a response of the ACC frame to the transmitted frame, the log-in request source can know a success of the log-in and enters the state that an I/O process such as data transfer can start. Upon reception of the LS_RJT frame, the I/O process relative to the log-in request destination is not allowed because the log-in was not succeeded.
The log-in of class 3 has been described above. Also in the log-in of other classes, WWN of a node and S_ID of a port are contained in the information to be passed from the log-in request source to the log-in request destination.
Conventional techniques on a method of preventing an illegal access to a storage subsystem are described, for example, in the Publications of JP-A-10-333839 and JP-A-2000-276406.
JP-A-10-333839 discloses a storage subsystem illegal access preventing method using the fibre channel protocol. According to this method, prior to activating an upper level apparatus such as a host computer accessing the storage subsystem, the storage subsystem stores beforehand: WWN (World Wide Name) for uniquely and statically identifying a fiber channel interface port (called a port) of the upper level apparatus; and a table storing a correspondence between the first-mentioned WWN and a specific port (WWN) in the storage subsystem or a correspondence between N_Port_Name and an arbitrary storage area in the storage subsystem. After the upper level apparatus is activated, the storage subsystem checks the contents of each frame issued from the upper level apparatus accessing the storage subsystem. If the N_Port_Name in the frame exists in the table, an access is permitted, whereas if it does not exist, an access reject frame LS-RJT is transmitted to the upper level apparatus to reject an access by the upper level apparatus having the N_Port_Name not existing in the table.
JP-A-2000-276406 discloses the techniques of solving the problems of the difficulty in applying JP-A-HEI-10-333839 to actual systems. The problems are as in the following. The communication performance is considerably limited because it is necessary to determine an access permission for each and every frame. If the access subject is not a port but a partial area in the storage subsystem, the upper level apparatus is required to write WWN in all frames to be transmitted. This results in that the upper level apparatus is required to satisfy the specification out of the standard fibre channel protocol.
According to the disclosed techniques, the storage subsystem stores beforehand: WWN for uniquely and statically identifying an upper level apparatus such as a host computer accessing the storage subsystem or a port of the upper level apparatus; or a table storing a correspondence between a node name (WWN) of the upper level apparatus and each storage area in the storage subsystem permitted or rejected to be accessed. The storage subsystem also stores a table storing a correspondence between WWN of a node and S_ID of a port to be dynamically assigned in the log-in process prior to information transmission/reception, for the identification of the upper level apparatus or the port thereof in order for the upper level apparatus to communicate with the storage subsystem by using the fibre channel interface. Upon an event that an information acquisition request is issued from the upper level apparatus to the storage area in the storage subsystem by using an Inquiry command, each table is searched and compared by using the S_ID contained in the request frame as a search key. In this manner, an access permission/rejection of the storage area is determined.
In some cases, an upper level apparatus performs setting/controlling of the storage subsystem, such as a remote copy and a snap shot of a storage area, by using a control command different from a general read/write command. SNIA (Storage Network Industry Association) standardizes an SAN (Storage Area Network). SNIA is constituted of vendors of SAN products of hardware and software. The backup section meeting of SNIA standardizes SCSI EXTENDED COPY as a SCSI extended protocol for use with SAN. A plurality of vendors intend to use the common specification standardized by the section meeting. SCSI EXTENDED COPY is a common protocol for the communications between apparatuses. This protocol can perform server-less backup of data in a storage, without involving a host computer connected by the fibre channel protocol such as SAN.