1. Field of the Invention
The invention relates generally to serial attached SCSI (“SAS”) domains and more specifically to apparatus and methods using zone group permission table version identifiers for managing zone group permission tables of a SAS domain.
2. Discussion of Related Art
Small Computer Systems Interface (“SCSI”) is an American National Standards Institute (“ANSI”) standard electronic interface specification that allows, for example, computers to communicate with peripheral hardware. Common SCSI compatible peripheral devices may include storage devices, such as disk drives, tape drives, CD drives (“CD-ROM”, “CD-RW”, etc), DVD drives, storage subsystems, printers and scanners. SCSI as originally created included both a command/response data structure specification and an interface and protocol standard for a parallel bus structure for attachment of devices. SCSI has evolved from exclusively parallel interfaces to include both parallel and serial interfaces. “SCSI” is now generally understood as referring either to the communication transport media (parallel bus structures and various serial transports) or to command subsets common to most devices and command sets that meet the needs of specific device types as well as a variety of interface standards and protocols.
SCSI interface transports and commands are also used to interconnect networks of storage devices with processing devices. For example, serial SCSI transport media and protocols such as SAS as well as Serial Advanced Technology Attachment (“SATA”) protocol exchanges may be used in such networks. These applications are often referred to as storage networks. Those skilled in the art are familiar with SAS and SATA standards as well as other SCSI related specifications and standards. Information about such interfaces and commands is generally obtainable at the websites www.t10.org and www.t13.org.
Such SCSI storage networks are often used in large storage systems having a plurality of disk drives that store data for organizations and/or businesses. The network architecture allows storage devices to be physically dispersed in an enterprise while continuing to directly support SCSI commands. This architecture allows for distribution of the storage components in an enterprise without the need for added overhead in converting storage requests from SCSI commands into other network commands and then back into lower level SCSI storage related commands.
A SAS network typically comprises one or more SAS initiators coupled to one or more SAS targets often via one or more SAS expanders. In general, as is common in all SCSI communications, SAS initiators initiate communications with SAS targets. The expanders expand the number of ports of a SAS network domain used to interconnect SAS initiators and SAS targets (collectively referred to as SAS devices or SAS device controllers).
In general, a SAS initiator directs information to a SAS target device through ports of one or more SAS expanders in the SAS domain. A “port” in SAS terminology is a logical concept. A port may comprise one or more physical links in a SAS domain. Such physical links are often referred to as PHYs in the terminology of SAS domains. A port may use a single PHY or, if the port is configured as a wide port, may use multiple PHYs logically grouped to provide higher bandwidth.
A variety of protocols are defined in the SAS standards, each useful for communications with particular types of devices and/or for particular applications. Serial SCSI Protocol (“SSP”) provides a mapping of SCSI exchanges supporting multiple initiators and targets. SATA Tunneled Protocol (“STP”) provides a mapping of SATA expanded to support multiple initiators and targets. Serial Management Protocol (“SMP”) provides a management protocol. Each protocol defines layers of exchanges including, for example, application layer processing, transport layer processing, and link layer processing. For example, in general, STP is used in communicating with SATA devices coupled to the SAS domain. An STP initiator (e.g., a host system or a SAS expander) exchanges information with an STP target (e.g., a SATA storage device) using the STP link layer. The STP link layer generally encapsulates SATA related exchanges and flow control into SAS domain exchanges. For example, SSP is used in communicating with SCSI devices coupled to the SAS domain. An SSP initiator exchanges information with an SSP target using the SSP link layer, transport layer, etc.
The SAS specifications presently support zoning capabilities within a SAS domain. A SAS zoning expander (e.g., a SAS expander with zoning capabilities) can control whether a particular PHY is permitted to participate in a connection with another particular PHY. This controls whether two SAS devices attached to the SAS zoning expander through the PHYs are able to communicate. This is important for sharing storage resources among multiple servers, and ensuring that each of the servers is blocked from connecting to other servers and associated storage devices of the other servers. SAS zoning expanders and the PHYs are assigned zone groups. Thus, when SAS exchanges are routed through SAS zoning expanders, the SAS zoning expanders may verify that the PHYs (e.g., the SAS devices coupled to the PHYs) are permitted to participate in the connection. Further, the SAS zoning expander may deny the connection if the PHYs are not permitted to participate in the connection.
A SAS domain may additionally comprise a zone manager, which assigns zone groups to PHYs that are capable of participating in connections within the SAS domain. A zone manager may be an application that interacts with components of the SAS domain to manage the permission settings of the SAS domain. Every PHY in a SAS domain, and the associated SAS devices coupled to the PHY, may be assigned to a zone group. As presently practiced according to the SAS specification, there are up to 128 possible zone groups.
To facilitate zoning, each SAS zoning expander stores a zone group permission table that controls whether a connection is allowed between PHYs based on their zone groups. The purpose of the zone group permission table is for each SAS zoning expander to lookup the zone group associated with a source and destination SAS address to see if they have permission to connect to each other. A requested connection between two PHYs is allowed if the zone group permission table indicates that access between the zone group of the source port and the zone group of the destination port is allowed. Otherwise, the connection is rejected with an error.
For zoning to function correctly, all SAS zoning expanders within the SAS domain should have the same zone group permission table. Otherwise, one SAS zoning expander may allow a connection that should be denied based on the zoning permissions of the SAS domain. Thus, a zoning supervisor is provided within a SAS domain that is capable of generating SMP commands for SAS zoning configuration and management. The zoning supervisor may be one of the SAS zoning expanders, or may be a device attached to the SAS domain. One of the SAS zoning expanders may be elected as the SAS zoning expander supervisor based on having the largest SAS address in the topology. The SAS zoning expander supervisor is responsible for propagating zone permission table changes to all SAS zoning expanders in the SAS domain. The purpose of the supervisor is to ensure that all of the other SAS zoning expanders are using the same zone group permission table and to coordinate the update of zone group permission tables within the SAS domain.
To ensure that all SAS zoning expanders are using the same zone group permission table, the supervisor must retrieve the zone group permission table of each SAS zoning expander (e.g., using an SMP report zone permission request) and compare the retrieved zone group permission table with a current version within the supervisor to determine whether each SAS zoning expander is using the same current zone group permission table. A zone table is logically structured as a 128 zone by 128 zone matrix where each element identifies whether the corresponding zone group of the row may connect with the corresponding zone group of the column. Thus the process of the supervisor to read the zone permission table from each other SAS zoning expander requires transmission of (at least) a 128×128 bit zone group permission table from each of the SAS zoning expanders to the supervisor. Additionally, the supervisor must expend time comparing all of the retrieved zone group permission tables with the current version within the supervisor to determine whether all SAS zoning expanders are using the same zone group permission table. If any of the zone group permission tables are different, then the supervisor needs to update the zone group permission table on the SAS zoning expander that is different (e.g., using an SMP configure zone permission request).
It is a problem that this process must be done at least each time a new SAS zoning expander is elected supervisor or when the SAS zoning expanders are reset during test cases. The process may also be done during discovery and when changes are made to the zone group permission table of the SAS domain. The process is slow and resource intensive. There are also no mechanisms in present SAS zone management to determine which zone group permission table is more up to date. There is no information to choose which zone group permission table to use to resolve a conflict in the event that there are multiple conflicting zone group permission tables within the SAS domain. This can lead to incorrect zoning and server security issues. A SAS zoning expander cannot ensure that the zone group permission table is current. Finally, the zoning configuration and synchronization process slows the entire SAS domain discovery and table routing configuration process because I/O presently cannot be allowed to flow through the SAS domain until the zone group permission tables are the same on each SAS zoning expander.
It is evident from the above discussion that a need exists for an improved structure and method for managing zone group permission tables of a SAS domain.