Using N_Port ID virtualization

Devices attach to the SAN fabric by logging in to it. The device ports are called target ports or also N_ports.

Figure 1 shows an example of a mainframe with two Linux® instances and three devices logged in to the SAN fabric.

Figure 1. Target ports in a SAN fabric

This graphic is described in the text that follows it.

In the example, a mainframe is attached to the Fibre Channel fabric through one FCP channel that is shared by the two Linux instances. Consequently, both Linux instances are known to the SAN by the same shared WWPN. Thus, from the point of view of the SAN, the Linux instances become indistinguishable from each other. This is shown in Figure 2

Figure 2. I/O traffic from two Linux instances are indistinguishable

This graphic is described in the text that precedes it.

N_Port ID Virtualization (NPIV) utilizes a recent extension to the International Committee for Information Technology Standardization (INCITS) Fibre Channel standard. This extension allows an FCP channel to log in multiple times to a Fibre Channel fabric using a single physical port (N_Port). (The previous implementation of the standard required a separate FCP channel for each login.)

Each login uses a different unique port name, and the switch fabric assigns a unique Fibre Channel N_Port identifier (N_Port ID) for each login. These virtualized Fibre Channel N_Port IDs allow a physical Fibre Channel port to appear as multiple, distinct ports, providing separate port identification and security zoning within the fabric for each operating system image. The I/O transactions of each operating system image are separately identified, managed, and transmitted, and are processed as if each operating system image had its own unique physical N_Port (see Figure 3).

Figure 3. NPIV allows initiators of I/O and their traffic to be distinguished in the SAN

This graphic is described in the text that precedes it.

NPIV allows you to implement access control using security zoning. Returning to our example in Figure 2, without NPIV all storage devices are visible to the Linux instances that share one FCP channel. With NPIV, you can define what storage devices the different Linux instances should be able to access.

NPIV support can be configured on the SE per CHPID and LPAR for an FCP channel. The zfcp device driver supports NPIV error messages and FCP channel attributes. For tips on troubleshooting NPIV, see Hints and tips.

NPIV is available as of IBM® System z9® and is applicable to most FICON® features supported on System z9 channel type FCP, except FICON Express. For more details on configuring NPIV, see Introducing N_Port Identifier Virtualization for IBM System z9, REDP-4125, available at:
http://www.redbooks.ibm.com/abstracts/redp4125.htmlwww.redbooks.ibm.com/abstracts/redp4125.html