Welcome!

@CloudExpo Authors: Kevin Benedict, Zakia Bouachraoui, Elizabeth White, Maria C. Horton, Liz McMillan

Related Topics: @CloudExpo, Containers Expo Blog, SDN Journal

@CloudExpo: Article

The Rise and Fall of SANTap | @CloudExpo #Cloud

A decade later, the Holy Grail of seamless live data tapping from SAN remains elusive

I am not sure how many people remember Cisco SANTap. About ten years ago, Cisco introduced a data tapping mechanism in the MDS 9000 fibre channel switches. The idea was to allow the data path to be "tapped" at-will. Tapping in this case meant using a mechanism in the switch to split the data being written from client hosts to the storage, allowing the identical "split" data to be routed through a second, separate path.

SANTap therefore allowed a copy of the data to be seamlessly "mirrored" through the switch and subsequently used by other applications for multiple purposes (especially for backup). It facilitated real-time protection of critical data, and allowed advanced functions such as migration, snapshots, etc.

It was a great idea. However while it might sound like a simple solution, the details were exceedingly complicated. Two considerations immediately reveal how convoluted such a seemingly simple proposition could become:

  1. Fibre channel SAN inevitably involves multipath. For a LUN to be protected, all paths involved must be tapped. None can be left out. When using high-availability, this means paths will also travel through another switch. Every bit of data from these paths through different switches must be tapped without missing a single command.
  2. The application or appliance that receives the data must be fast enough to receive real-time tapping. The smallest hiccup in data cannot be tolerated, since the tapping mechanism will not wait for the receiving application or appliance to "catch up," or client performance will be affected. When this happens, SANTap switches to error mode and tracks the changed data in a dirty data map. The appliance then has to perform recovery - meaning copy the missed data first - and get back in sync. Unfortunately, SANTap's primary design intent was for use with backup storage, and organizations rarely implement their highest-performing servers and devices in the backup space. It wasn't surprising then to see these applications and devices struggle with data ingress off the "tap" when administrators tried out this new technology.

These two real-world scenarios are just the tip of the iceberg when it comes to tapping data from SAN. The scope and complexity cannot be exaggerated, and it could be the reason why SANTap was not adopted pervasively by many vendors for their applications. The most recent material referencing the technology was from 2007, where EMC announced SANTap with RecoveryPoint.

Years ago when SANTap was at its infancy, while I was still in my previous company, I met with the Cisco engineering team working on SANTap and tried to persuade them to adjust certain aspects of the feature so we could integrate it into our own data protection product, which was perfect for SANTap. In fact we had already demonstrated a functional version, but were running into issues when many paths were tapped.

However that was another era at another time. For various inexplicable and non-technical reasons, the project just faded into oblivion. There were no other well-known products publicized that used SANTap. Nearly a decade later, the Holy Grail of seamless live data tapping from SAN remained elusive.

That is, until now. Newly available technologies allow third parties to build SANTap-like mechanisms.

Appliances which can tap live data with a Transparent Data Intercept technique have been developed that allow live insertion of interception points into the data path of fibre channel links. This technique is normally described as physical insertion by unplugging the storage or host ports, plugging that connection into the tapping appliances, and then connecting the appliance ports back to the switches. By doing this one link at a time, the data path can be intercepted transparently without downtime, and without any changes to the SAN environment.

This works extremely well. However, the same appliance can be inserted into the data paths without having to physically unplug cables. Using switches that support virtual SAN, such as most Cisco (vSAN) or Brocade (Virtual Fabric) switches, appliances with the Transparent Data Intercept capability can be simply plug into the switch ports, and tap into the data links. No changes to the original cable configuration are necessary.

This technique brought back the memory of SANTap. With an appliance and virtual SAN, this is exactly what it is - simply plug the appliances into the switches, then use virtual SAN to map into the links to be intercepted. Once inserted, the SAN environment is automatically discovered and organized by LUNs and hosts, and all detailed paths can be clearly identified, even across switches. All the related complexity can be hidden by clever software.

The implication is quite significant, if not earth-shattering. This means using this type of technology, after plugging the appliances into the switches and creating a few small virtual SANs, selected storage or host ports can be intercepted seamlessly. The entire SAN configuration can potentially be graphically illustrated. Individual LUNs can be selected and tapped, and the data can be migrated, or backed up for disaster recovery, periodically or continuously, local or remote. In addition, this process can enable cache, anti-virus, or even just SAN system health and performance analysis.

Through advanced Transparent Datapath Intercept technology, this tapping mechanism may soon be opened up via APIs for all storage solution developers to build their own applications - fulfilling the promise originally proposed by SANTap. One can only imagine what other great innovative products people can come up with once this interface is made available.

Come to think of it, maybe Cisco should adopt this and consider it as a "SANTap, redux"...

More Stories By Wai Lam

Wai Lam is co-founder and CTO of Cirrus Data Solutions (www.cdsi.us.com), a developer of Data Migration Server and Data Caching Server for storage area networks (SANs). He was previously CTO and VP of Engineering at FalconStor, a company he co-founded in 2000. There, he was the chief architect, holding 18 of 21 company patents. His inventions and innovations include many industry "firsts" in advanced storage virtualization, data protection, and disaster recovery. Wai received the prestigious China national "Top 1000 Technological Leaders" award in 2013

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


CloudEXPO Stories
@CloudEXPO and @ExpoDX, two of the most influential technology events in the world, have hosted hundreds of sponsors and exhibitors since our launch 10 years ago. @CloudEXPO and @ExpoDX New York and Silicon Valley provide a full year of face-to-face marketing opportunities for your company. Each sponsorship and exhibit package comes with pre and post-show marketing programs. By sponsoring and exhibiting in New York and Silicon Valley, you reach a full complement of decision makers and buyers in multiple vertical markets. Our delegate profiles can be located in our show prospectus.
There are many examples of disruption in consumer space – Uber disrupting the cab industry, Airbnb disrupting the hospitality industry and so on; but have you wondered who is disrupting support and operations? AISERA helps make businesses and customers successful by offering consumer-like user experience for support and operations. We have built the world’s first AI-driven IT / HR / Cloud / Customer Support and Operations solution.
LogRocket helps product teams develop better experiences for users by recording videos of user sessions with logs and network data. It identifies UX problems and reveals the root cause of every bug. LogRocket presents impactful errors on a website, and how to reproduce it. With LogRocket, users can replay problems.
Data Theorem is a leading provider of modern application security. Its core mission is to analyze and secure any modern application anytime, anywhere. The Data Theorem Analyzer Engine continuously scans APIs and mobile applications in search of security flaws and data privacy gaps. Data Theorem products help organizations build safer applications that maximize data security and brand protection. The company has detected more than 300 million application eavesdropping incidents and currently secures more than 4,000 modern applications for its Enterprise customers around the world.
Rafay enables developers to automate the distribution, operations, cross-region scaling and lifecycle management of containerized microservices across public and private clouds, and service provider networks. Rafay's platform is built around foundational elements that together deliver an optimal abstraction layer across disparate infrastructure, making it easy for developers to scale and operate applications across any number of locations or regions. Consumed as a service, Rafay's platform eliminates the need to build an in-house platform or developing any specialized compute distribution capabilities. The platform significantly simplifies the deployment of containerized apps anywhere. Organizations can now achieve their desired levels of reliability, availability and performance with any combination of public cloud environments through a developer-friendly SaaS offering. From deploying ...