Yes, do not depend on LUN masking alone as any errors in the LUN masking may affect other nodes. Or, in a worst case, cause data corruption.If you use LUN masking at the storage level along with zoning at the switch level, you afford yourself two levels of security. The LUN masking is done at the port level when multiple hosts are sharing a storage port over a fabric connection. Zoning is used to prevent access to certain storage ports at the fabric level. The smaller you make your zones the less error traffic gets passed from port to port in the fabric. The use of many smaller zones is preferable to the use of fewer larger zones in my humble opinion. Even though this may make management a bit harder, it makes larger fabrics operate better.
By the way, if you will be using storage from multiple vendors in your SAN, then it's a best practice "today", to zone out the different storage arrays. For instance, do not allocate storage to the same server from two different storage subsystems in the same fabric over two HBA adapters, as each storage array manufacturer will most likely ask you to use a different version of path management software.
Editor's note: Do you agree with this expert's response? If you have more to share, post it in one of our .bphAaR2qhqA^0@/searchstorage>discussion forums.
This was first published in December 2002