9.5.01 HP P4000 SAN Solution User Guide (AX696-96168, February 2012)

ManualsBrandsHP ManualsStorageHP StoreVirtual 4335 Hybrid Storage

231

232

233

234

235

236

237

238

239

240

iSCSI load balancing

Use iSCSI load balancing to improve iSCSI performance and scalability by distributing iSCSI

sessions for different volumes evenly across storage systems in a cluster. iSCSI load balancing uses

iSCSI Login-Redirect. Only initiators that support Login-Redirect should be used.

When using VIP and load balancing, one iSCSI session acts as the gateway session. All I/O goes

through this iSCSI session. You can determine which iSCSI session is the gateway by selecting the

cluster, then clicking the iSCSI Sessions tab. The Gateway Connection column displays the IP

address of the storage system hosting the load balancing iSCSI session.

Configure iSCSI load balancing when setting up servers. See “iSCSI and the HP P4000 SAN

Solution” (page 230).

Requirements

• Cluster configured with a virtual IP address. See “Virtual IP addresses” (page 230).

• A compliant iSCSI initiator.

Compliant iSCSI initiators

A compliant initiator supports iSCSI Login-Redirect AND has passed HP’ test criteria for iSCSI

failover in a load balanced configuration.

Find information about which iSCSI initiators are compliant by clicking the link in the New or Edit

Server window.

The link opens to the http://www.hp.com/go/P4000compatibility where you log in and search

for the HP P4000 SAN Solutions Compatibility Matrix.

If your initiator is not on the list, do not enable load balancing.

Authentication (CHAP)

Server access with iSCSI can use the following authentication methods:

• Initiator node name (single host)

• CHAP (Challenge-Handshake Authentication Protocol), which can support single or multiple

hosts.

NOTE: The iSCSI terminology in this discussion is based on the Microsoft iSCSI Initiator

terminology. For the terms used in other common operating systems, see “iSCSI and CHAP

terminology” (page 232).

CHAP is a standard authentication protocol. The SAN/iQ software supports the following

configurations:

• No CHAP—Authorized initiators can log in to the volume without proving their identity. The

target does not challenge the server.

• 1-way CHAP—Initiators must log in with a target secret to access the volume. This secret proves

the identity of the initiator to the target.

• 2-way CHAP—Initiators must log in with a target secret to access the volume as in 1-way

CHAP. In addition, the target must prove its identity to the initiator using the initiator secret.

This second step prevents target spoofing.

iSCSI load balancing 231