Understanding Microsoft iSCSI Initiator Features and Components

This section includes the following topics:

  • What’s new in Microsoft iSCSI Initiator in Windows Server 2008 R2 and Windows 7

  • SAN components in Microsoft iSCSI Initiator

  • Microsoft iSCSI Initiator implementation

  • Microsoft iSCSI Initiator components

  • Services that depend on iSCSI devices

  • How Microsoft iSCSI Initiator accesses targets

What’s new in Microsoft iSCSI Initiator in Windows Server 2008 R2 and Windows 7

The following changes are available for Microsoft® iSCSI Initiator in Windows Server® 2008 R2 and Windows® 7:

  • Graphical user interface enhancement and redesign   The graphical user interface in Microsoft iSCSI Initiator is redesigned to allow easier access to the most commonly used settings. Additions to the interface include layout enhancements, configuration reporting, and a Help system. The graphical user interface for Microsoft ISCSI Initiator is included in Server Core installations of Windows Server 2008 R2.

    • Quick Connect   Quick Connect allows one-click connections to storage devices if they do not require advanced settings, such as Internet Protocol security (IPsec) and Challenge Handshake Authentication Protocol (CHAP). Quick Connect provides a one-step method to discover devices, log on, or make a target location a favorite target.

    • Configuration tab   The Configuration tab allows you to generate a configuration report of all the connected targets and devices on the system.

  • iSCSI digest offload support   Microsoft iSCSI Initiator cyclic redundancy check (CRC—for header and data digests) are offloaded by using a new, industry-standard CPU instruction set. This provides transparent interoperability for all network adapters without requiring changes to networking drivers. This helps decrease CPU utilization, which is important for routed networks. The digest offload support is auto-detected and does not require configuration.

  • iSCSI boot support for up to 32 paths with Microsoft Multipath I/O (MPIO) at boot time   Supporting redundant boot paths is an important consideration for IT administrators when they are planning server implementations. Administrators who implement Windows Server 2008 R2 in 24/7 environments require end-to-end redundancy of all components within the system. This includes components within the physical server chassis and in paths to external storage boot and data volumes. (When servers boot from external storage devices, one additional redundant path does not offer the level of redundancy that is needed to protect against network component failures or outages.)

    Centralizing storage within an external storage chassis enables resilience to hard drive failures and reduces the maintenance that is associated with hard drive replacement. This is especially important so that blade server form factors can reduce power and cooling requirements and enable higher density.

SAN components in Microsoft iSCSI Initiator

Microsoft iSCSI Initiator is a system, such as a server that attaches to an IP network and initiates requests and receives responses from an iSCSI target. The SAN components in Microsoft iSCSI Initiator are largely analogous to Fibre Channel SAN components, and they include the following:

  • iSCSI driver

    To transport blocks of iSCSI commands over the IP network, an iSCSI driver must be installed on the iSCSI host. An iSCSI driver is included with Microsoft iSCSI Initiator.

    A gigabit Ethernet adapter that transmits 1000 megabits per second (Mbps) is recommended for the connection to an iSCSI target. Like standard 10/100 adapters, most gigabit adapters use a preexisting Category 5 or Category 6E cable that. Each port on the adapter is identified by a unique IP address.

  • iSCSI target

    An iSCSI target is any device that receives iSCSI commands. The device can be an end node, such as a storage device, or it can be an intermediate device, such as a network bridge between IP and Fibre Channel devices. Each port on the storage array controller or network bridge is identified by one or more IP addresses.

Note

Each iSCSI host is identified by a unique iSCSI Qualified Name (IQN), which is analogous to a Fibre Channel World Wide Name (WWN).

  • Native and heterogeneous IP SANs

    The relationship between Microsoft iSCSI Initiator and the iSCSI target is shown in Figure 1.

     

     

    Figure 1   Microsoft iSCSI Initiator and the iSCSI target

    In this case, Microsoft iSCSI Initiator acts as a client and the iSCSI target is the storage array. This topology is considered a native iSCSI SAN, because it consists entirely of components that transmit the SCSI protocol over TCP/IP.

    In contrast, a heterogeneous IP SAN, such as the one illustrated in Figure 2, consists of components that transmit the SCSI protocol over TCP/IP and Fibre Channel connections.

     

     

    Figure 2   Heterogeneous IP SAN

    To accomplish this, a network bridge or gateway device is installed between the IP and the Fibre Channel devices. The network bridge translates between the TCP/IP and Fibre Channel protocols, so that the iSCSI host sees the storage device as an iSCSI target.

Note

Servers that directly access the Fibre Channel target must contain host bus adapters (HBAs) rather than the network adapters of iSCSI hosts. iSCSI hosts can use a network adapter or an HBA.

Microsoft iSCSI Initiator implementation

Support for the following functionality is included with Microsoft iSCSI Initiator:

  • iSCSI Naming Service (iSNS)   Helps with ease-of-management and controlled discovery in larger environments

  • iSCSI/Remote Boot   Supports remote booting from online storage on computers that are running Windows Server 2008 R2.

  • CHAP   Allows one-way and mutual CHAP to authenticate Microsoft iSCSI Initiator and the target

  • Digests   Provides advanced support for software header and data digest calculations by using the Intel Slicing-by-8 algorithm

  • Support for IPV6 addressing   Uses IPv6 addresses and protocols in addition to IPv4

  • IPsec   Helps ensure privacy by encrypting the data.

  • Microsoft Multipath I/O (MPIO)   Helps ensure high availability of data by utilizing multiple paths between the CPU on which the application is executing and the iSCSI target where the data is physically stored

Note

MPIO is available in all editions of Windows Server 2008 R2. It is not available in Windows 7.

  • Multiple connections per session   Helps ensure speed and availability.

Microsoft iSCSI Initiator components

Microsoft iSCSI Initiator includes the following components:

  • Kernel-mode driver (mini port driver—msiscsi.sys)   SCSI device driver component that is responsible for moving data from the storage stack to the network stack. This driver operates only when the iSCSI traffic uses a standard network adapter, not when specialized iSCSI HBAs are used. This driver and some multifunction HBAs support the Storport storage driver.

  • Initiator service (iscsiexe.dll)   A service that manages all Microsoft iSCSI Initiators (including network adapters and HBAs) on behalf of the operating system. Its functions include aggregating device discovery information and managing security. The Internet Storage Name Service (iSNS) client includes support to discover and connect to servers that are running Microsoft iSCSI Initiator.

  • Management applications   These applications include the iSCSI command-line interface (iSCSICLI.exe), graphical user interface (iscsicpl.exe) property pages, and Windows Management Instrumentation (WMI).

  • Microsoft Multipath I/O support for iSCSI (including device-specific module drivers)   Device-specific module (DSM) drivers provide high-availability path fail over and load balancing to external storage arrays.

Microsoft iSCSI Initiator includes a kernel-mode driver that uses the TCP/IP stack in Windows Server 2008 R2 and Windows 7 and one or more network adapters that are exposed to the Windows operating system. The kernel-mode driver interface and the application programming interface (API) are well defined. Independent software vendors (ISVs) and independent hardware vendors (IHVs) can use these interfaces to produce customized components. In conjunction with a Storport storage driver, IHVs can build specialized hardware for Microsoft iSCSI Initiator (iSCSI HBA) that can be used by the Microsoft iSCSI Initiator service.

Microsoft supports the use of iSCSI HBAs when they have been qualified by the Designed for Windows Logo Program. iSCSI HBAs that don’t use the Microsoft iSCSI Initiator service are not supported.

Note

Microsoft does not support using non-Microsoft iSCSI software initiators on the Windows operating system.

Services that depend on iSCSI devices

Devices that are connected to a computer through Microsoft iSCSI Initiator are presented to the Windows operating system later in the boot process than direct-attached storage. There are applications and services that make assumptions about the timing of the availability of the devices. The Microsoft iSCSI Initiator service and the Service Control Manager in the Windows operating system help these applications and services synchronize with information about the devices and volumes that are hosted on iSCSI targets.

The basic mechanism works as follows:

Microsoft iSCSI Initiator is configured to be automatically started by the service control manager during system startup. This service can be configured to delay its startup sequence until a list of devices and disk volumes has completed initialization. For example, if there is a service stored on a SQL Server database (or a service with code or data installed on a iSCSI disk volume), which has an assumption that all devices and disk volumes are available before it starts, then that service must be configured to start after Microsoft iSCSI Initiator completes its initialization.

How Microsoft iSCSI Initiator accesses targets

Node names

Microsoft iSCSI Initiator strictly follows the rules that are specified for iSCSI node names. The rules are applied for the Microsoft iSCSI Initiator node name and any target node names that are discovered. Rules for building iSCSI node names (as described in the iSCSI specification and the “String Profile for iSCSI Names” internet draft) are as follows:

  • Node names are encoded in the UTF-8 character set. Note that the Microsoft iSCSI Initiator service does not support UCS-4 characters. RFC 2044 describes UTF-8 encoding.

  • Node names are 223 bytes or less.

  • Node names may contain alphabetic characters (a to z), numbers (0 to 9), a period (.), a hyphen (-), or a colon (:).

  • Uppercase characters are always mapped to lowercase characters.

In addition, Microsoft iSCSI Initiator takes the following actions if rules for node names are violated:

  • Returns an error if there is an attempt to set the node name to an invalid string.

  • Returns an error if there is an attempt to manually configure a target with an invalid target node name.

  • Generates a node name dynamically (based on the computer name) if a node name is not set.

  • Maps invalid characters. For example, if a computer name includes an underscore, Microsoft iSCSI Initiator changes it to a hyphen (-). (If the computer name is Computer1_Dept1, then the equivalent part of the node name becomes Computer1-Dept1.)

  • Generates an event log if a target has a node name that is not valid. It ignores that target, and in some cases, all targets that are discovered with it (for example, if a target in the SendTargets node has an invalid node name, Microsoft iSCSI Initiator ignores all targets within the SendTargets text response).

Initiator Instance

Microsoft iSCSI Initiator aggregates the software initiator component and iSCSI HBAs into a common iSCSI node. To do this, Microsoft iSCSI Initiator must track the individual iSCSI HBAs and software initiators because a number of the APIs allow the operations to occur on only one HBA. For example, the LoginIScsiTarget API has a parameter that specifies which HBA or software initiator to use. The Microsoft iSCSI Initiator service and APIs refer to each HBA or software initiator as an Initiator Instance.

Discovery mechanisms

Microsoft iSCSI Initiator supports four discovery mechanisms:

  • SendTargets   Microsoft iSCSI Initiator performs an iSCSI discovery login followed by a SendTargets operation on portals and portal groups that are statically configured by using the iscsicli AddTargetPortal command. This occurs at the time the target portal is added, whenever the service starts, or whenever a management application requests a refresh.

    For more information about iSCSI terms, such as portals and portal groups, see the iSCSI RFC.

  • Internet Storage Name Service (iSNS)   The address of the iSNS servers that Microsoft iSCSI Initiator uses is statically configured by using the iscsicli AddiSNSServer command. Microsoft iSCSI Initiator obtains the list of targets from the iSNS servers whenever the service starts, whenever a management application requests a refresh, and whenever the iSNS server sends a state change notification.

  • HBA discovery   iSCSI HBAs that conform to interfaces in Microsoft iSCSI Initiator can participate in target discovery by means of an interface between the HBA and the Microsoft iSCSI Initiator service. Microsoft iSCSI Initiator requests the list of targets from the HBA whenever the service starts and whenever the HBA indicates that the target list has changed.

  • Manually configured targets   iSCSI targets can be manually configured by using the iscsicli AddTarget command or by using the graphical user interface in Microsoft iSCSI Initiator. It is possible for a manually configured target to be configured as Hidden, in which case the target is not reported unless it is discovered by another mechanism. Manually configured targets are persisted. Those targets that are not configured as Hidden are available whenever the service restarts.