Got it
Huawei Enterprise Support Community
Community Forums Wireless & Microwave
What is LUN masking?

What is LUN masking?

109 0 0 0 0
View the author 1#

 What is LUN Masking?

LUN masking is an authorization mechanism used in storage area networks (SANs) to make LUNs available to some hosts but unavailable to other hosts. LUN masking is typically implemented at the host bus adapter (HBA) level on the servers accessing the SAN's storage systems, although some storage controllers also support LUN masking. When LUN masking is configured, a host can see only the LUNs that have been assigned to that host and cannot see or access any other LUNs.

A logical unit number (LUN) is a unique identifier that is used when allocating physical storage. A LUN can reference an entire RAID group, a single drive or partition, or multiple drives or partitions. A LUN is used by a transport protocol associated with an SCSI, iSCSI, Fiber Channel (FC) or similar interface. LUNs are central to the management of block storage arrays shared over a SAN.

Without LUN masking, a host connected to a SAN can see all available LUNs and, in some cases, take actions that might not be desired. For example, a Windows server might inadvertently corrupt non-Windows storage by trying to write volume labels to them. LUN masking makes it possible to prevent the server from accessing or even seeing those non-Windows LUNs.

LUN masking subdivides access to a given port. Then, even if multiple LUNs are available through the same port, the LUN masks can be set to limit the host's access to specific LUNs. For example, the following illustration shows a storage device with four available LUNs and two hosts, each configured with an HBA.

1

 Diagram illustrating LUN masking

Host A contains HBA 1, and Host B contains HBA 2. Each HBA connects to the SAN switch, which in turn connects to the two storage controllers (SC 1 and SC 2). Without masking, both HBAs would have access to all four LUNs. In this case, however, LUN masking has been applied at the HBA level so that Host A can access only LUN 1, LUN 2 and LUN 4, and Host B can access only LUN 3 and LUN 4.


LUN masking can be a useful tool for controlling server access to specific LUNs, but it offers only limited security protection because it is still possible for the HBAs to be compromised, leaving the SAN infrastructure vulnerable. For this reason, most SAN deployments also implement zoning and other mechanisms to provide additional levels of protection, relying on LUN masking primarily to protect against potential server issue

LUN Masking

Like (0) Dislike (0) Favorite(0) Share Report
Previous: How should I assign LAC, RAC and URA on UMTS networks?
Next: How RF Industries is Building 5G Wireless Networks
Back to list

Comment

Advanced
B Color Image Link Quote Code Smilies
You need to log in to comment to the post Login | Register
Comment

Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " User Agreement."

My Followers

Login and enjoy all the member benefits

Login
Huawei Website Support About Huawei Privacy User Agreement Terms of Use Cookies Cookie Settings
Huawei Enterprise Huawei Carrier Forum Training & Certification

Contact Us: e_online@huawei.com Copyright © 2022 Huawei Technologies Co., Ltd. All rights reserved.

APP

Block
Are you sure to block this user?
Users on your blacklist cannot comment on your post,cannot mention you, cannot send you private messages.
Reminder
Please bind your phone number to obtain invitation bonus.