Download the authoritative guide: Enterprise Data Storage 2018: Optimizing Your Storage Infrastructure
So named because it is programmed into the hardware, hard zoning is the most secure of any zone type in that it prevents communication from any device not in the same hard zone. Hard zones cannot overlap, and they require at least one dedicated Inter-Switch Link (ISL) for each zone that includes more than one switch. The dedicated ISL guarantees the I/O bandwidth in the hard zone. This gives the SAN manager the flexibility to balance bandwidth across all hard zones for maximum overall fabric performance. Designing hard zones for maximum performance eliminates the need to reconfigure the SAN zone when adjusting the workload and minimizing I/O bottlenecks.
A SAN switch supports a maximum of sixteen hard zones per SAN fabric. Each of these sixteen isolated hard zones can be further sub-divided into other zones via the name server, segmented loop, or broadcast zone features. This allows the SAN manager to create specific sub zones inside the hard zones. The combination of hard zones with other zone types enables the larger fabric to be carved into separate fabrics for specific uses. This maximizes switch port efficiency and reduces the number of switches required.
Name Server Zones
Name server zones are extremely flexible. They allow the SAN manager to create up to 256 named zones, using either switch ports or world wide names (WWN) to assign zones. Name server zones can overlap, and by providing load balancing for maximum data throughput under heavy workloads, all ISLs within a hard zone are available to all the name server zones. So, while there is no performance difference between a port-based name server zone and a WWN server zone, there are several reasons to choose one type over another, as discussed next.
Switch Ports Zone
The easiest way to physically map out all the devices onto a SAN is to define a name server zone that correlates with switch ports, since all devices are connected to a particular port on a specific switch. There are two instances when zones based on switch ports can create problems. First, switch port zones are relatively coarse -- all devices on the port must be included in the zone. Second, if a device is moved from one port to another, it may end up moving to a different zone. This problem is commonly found in cable or Gigabit Ethernet Interface Card (GBIC) replacements.
World Wide Names Zone
A more flexible solution is to define zones based on world wide names (WWN). With the world wide name server zone, a device is assigned to a zone according to its unique name. This gives the SAN manager total freedom to host or store the device anywhere within the SAN fabric. Regardless of the physical port that serves as its connection, a device assigned by WWN will stay in its assigned zone. This type of zoning also eases troubleshooting by allowing the SAN manager to move a device at a questionable port location to another port location to verify if the problem is with the port, the GBIC, or the cable, or if it follows the device to the other port without reconfiguring the zone.
The ability to troubleshoot down to the device level on a loop is a secondary advantage in using WWN zoning within a public fabric. For example, "just a bunch of disks" (JBODs) are often attached to a single port and are hard to troubleshoot if a single device misbehaves, especially if the loop appears as one device on a SAN. However, troubleshooting is much easier if the WWN registers problems at the device level. Additionally, the WWN naming feature can take advantage of Redundant Array of Inexpensive Disk (RAID) controllers that have the ability to present multiple Fibre Channel devices on a single arbitrated loop.
Unfortunately, there are some legacy devices currently installed that do not report a WWN to the name server. Obviously, switch port zoning is the only name server option available in these instances.
Broadcast zones are assigned to separate network traffic from that of Small Computer System Interface (SCSI), or storage traffic in a SAN environment, or a Transmission Control Protocol/Internet Protocol (TCP/IP). Broadcast zones can be set up to send broadcast messages only to those IP devices that need to receive them. By eliminating unnecessary message processing by host and storage connections that don't process IP traffic, broadcast zones reduce traffic on the fabric. Broadcast zones can be flexibly applied by creating up to 16 overlapping zones. Also, broadcast zones can overlap name server zones. However, they cannot overlap hard zones.
Segmented Loop Zoning
Segmented Loop Zoning (SLZ), on the other hand, enables private devices to be zoned much as if they were part of the public fabric. With the freedom to locate the ports in each zone on any switch in the fabric, the SAN manager can create up to 256 non-overlapping SLZs in a fabric. And with all ISLs shared between switches, these zones can extend across and up to six cascaded or mesh switches in a fabric.