1. Field of the Invention
This invention relates generally to a method for creating and implementing zones within a network communication system, and more particularly to a method for creating and implementing such zones for devices within a network communication system using fibre channel connections.
2. Description of the Related Art
As the result of continuous advances in technology, particularly in the area of networking such as the Internet, there is an increasing demand for communications bandwidth. For example, the transmission of data over a telephone company""s trunk lines, the transmission of images or video over the Internet, the transfer of large amounts of data as might be required in transaction processing, or videoconferencing implemented over a public telephone network typically require the high speed transmission of large amounts of data. As applications such as these become more prevalent, the demand for communications bandwidth capacity will only increase.
Fibre channel is a transmission medium that is well-suited to meet this increasing demand, and the Fibre Channel family of standards (developed by the American National Standards Institute (ANSI)) is one example of a standard which defines a high speed communications interface for the transfer of large amounts of data via connections between a variety of hardware devices, including devices such as personal computers, workstations, mainframes, supercomputers, and storage devices. Use of fibre channel is proliferating in many applications, particularly client/server applications which demand high bandwidth and low latency I/O. Examples of such applications include mass storage, medical and scientific imaging, multimedia communications, transaction processing, distributed computing and distributed database processing applications.
In one aspect of the fibre channel standard, the communications between devices is based on the use of a fabric. The fabric is typically constructed from one or more fibre channel switches and each device (or group of devices, for example, in the case of loops) is coupled to the fabric. Devices coupled to the fabric are capable of communicating with every other device coupled to the fabric.
However, there are situations where the ability to freely communicate between all devices on a fabric is not desirable. For example, it may be desirable to screen off certain devices on a fabric in order to perform testing and/or maintenance activities on only those devices, without risking interfering with the other devices on the fabric. Alternately, devices may be segregated according to use. For example, the devices coupled to the fabric may be segregated in one fashion during normal operation and in another fashion to facilitate back-ups or system maintenance. As another example, different levels of security may be enforced by allowing only certain sets of devices to communicate with each other. As a final example, devices may be segregated according by operating system or other technical features.
Conventional fibre channel fabric topologies do not allow the logical segregation of devices which are coupled to the same fabric. Rather, devices can be prevented from communicating with each other typically only if they are actually physically separated (e.g., coupled to different fabrics). However, this method does not facilitate the dynamic re-configuration of connections between devices since each re-configuration requires a physical recoupling of devices.
Thus, there is a need to configure a fabric so as to restrict communications between sets of devices connected to the fabric. There is further a need to be able to dynamically re-configure the fabric and to support multiple configurations of device connections.
In accordance with the present invention, a method is for use in a system comprising a first fabric and a plurality of devices coupled to the first fabric by fibre channel connections. The method is for logically organizing the devices and includes the following steps. A definition of a first configuration is accessed. The first configuration includes at least one zone, and each zone includes at least one device as a member of the zone. Responsive to the definition of the first configuration, communications between the devices coupled to the first fabric is restricted. The first configuration may be an effective one of a plurality of configurations. The members of each zone may be identified in a number of ways, including by the port on the fabric to which the member device is coupled, by a name for the device which is independent of the device""s location on the fabric, or by an arbitrated loop physical address.
In one embodiment, communications between devices are restricted as follows. When a first device queries for the address of a second device, the address is returned only if the first and second device are members of a common zone. This prevents the first device from learning the addresses of other devices connected to the fabric but not within a common zone with the first device. Alternately or additionally, communications may be restricted by blocking communications between devices if they are not members of a common zone. In another aspect of the invention, at least one zone is characterized by a type of communication, such as read-only access or a specific communications protocol, and communications within that zone are restricted to the specified type of communication.
In another aspect of the invention, zoning configuration information is stored within the fabric itself and/or the zoning functionality is implemented by the fabric. Additionally, the zoning configuration information and/or zoning functionality may be distributed among the individual fabric elements which make up the fabric.
In another aspect of the invention, a fabric element includes a plurality of ports, a storage medium, and a logic device coupled to each of the foregoing. Each port is adapted to be coupled to a device by a fibre channel connection. The storage medium is for storing a definition of the first configuration. The logic device restricts communications for devices coupled to the plurality of ports, responsive to the definition of the first configuration.
In yet another aspect of the invention, zoning is implemented by software.
Zoning is advantageous because it overcomes many of the limitations of completely open connectivity between all devices coupled to the fabric. Zoning allows for the creation of segmentation or zones within a fabric. This allows the devices coupled to the fabric to be subdivided into logical groups of devices without the need to physically re-configure the network. Zones may be used to create different user groups, test and maintenance areas, and/or security barriers between devices. Zones are dynamic and can be easily and quickly changed to suit varying network needs.