HP LeftHand SAN Solutions Support Document - Application Notes - Best Practices for Enabling Microsoft Windows with SAN/iQ®
Table Of Contents
- Application Notes Best Practices for Enabling Microsoft Windows with SANiQ
- Contents
- 1 Chapter: Enabling LeftHand SAN volumes with the Microsoft™ iSCSI 2.0x Initiator
- 2 Chapter: Finding the iSCSI Initiator Version
- 3 Chapter: LeftHand Networks and Microsoft™ MPIO Support
- 4 Chapter: Expanding a Windows Volume on the SAN
- 5 Chapter: Shrinking a Windows Volume on the SAN
- 6 Chapter: Setting the Windows Disk Partition Offset for Optimal Performance
- 7 Chapter: Ensure That Application Resources on iSCSI Volumes Come Online After a Server Reboot
- 8 Chapter: Microsoft™ iSCSI Initiator Session Timeout Setting
- 9 Chapter: Measuring Performance in a Windows Environment
- Overview
- Using Windows Performance Monitor to Measure SAN Performance
- Setting up Windows Performance Monitor
- Saving a Performance Monitor Log for Analysis
- Monitoring More Than One Server Simultaneously
- Scheduling Performance Data Collection
- Using IOMeter as a SAN Benchmark Tool
- Configuring the ISCSI Volume
- Configuring IOMeter
- Configuring IOMeter Access Specification for each Test
- Running the Test
- Interpreting Results
- Access Specifications to Run
- 10 Chapter: Frequently Asked Questions
16
Note: This is a critical step to prevent applications from trying to start
prior to their volumes being present. Performing this step will delay
the start of applications until their bound volumes are present.
Setting the Service Dependency
• See Section 7 below
Binding Volumes with the ISCSI Initiator
• See Section 7 below
Optional Instructions
Challenge Authentication Protocol
Instead of using IQN security only (described above), one can also use the
Challenge Authentication Protocol (CHAP). CHAP is a protocol that is used to
authenticate the peer of a connection and is based upon the peer sharing a
password and secret. The Microsoft™ iSCSI initiator service and LeftHand
Networks SAN support both one-way and two-way mutual CHAP.
CHAP authentication uses secrets associated with both the target and the
initiator. Any initiator wanting to access a volume must know the target
secret and any target to be authenticated must know the initiator secret.
Setting up CHAP is a two part process. The first part is establishing an
Authentication Group, the second step is connecting the volume. The following
section details how to configure the Microsoft™ iSCSI initiator and Lefthand
volume for CHAP Authentication.
Creating an Authentication Group and Target Portal
Select the Tasks option from the menu bar, go to Authentication Group, and
select New Authentication Group. Click on the iSCSI tab, click the “Allow
access via iSCSI” check box. Best practice is to also select the “Load
Balancing” check box. To confirm that your iSCSI initiator is Load Balancing
compliant, select the information on compliant initiators link. Click the
“CHAP required” radio button. Use the following steps to find and set the
CHAP Name and Target Secret (see diagram below).
1 Open the iSCSI initiator and go to the Target Portals tab
2 Click on the Add button