LUN masking or LUN zoning: Which one is a better fit for a SAN fabric?

GlassHouse Technologies' Steve Pinder weighs the pros and cons of using LUN masking and LUN zoning in SAN fabrics, switches and HBA configurations.

Steve Pinder, GlassHouse Technologies

Published: 01 Mar 2010

LUN masking or LUN zoning: Which is a better fit for a storage-area network (SAN) fabric?

LUN masking takes place at either the host bus adapter (HBA) or storage controller, and restricts the hosts' ability to access specific LUNs. LUN zoning generally takes place on storage-area network (SAN) switches and compartmentalises the SAN fabric, grouping hosts and storage arrays into zones.

It is possible to leave a SAN fabric as an "open" fabric and not bother with zoning at all. In theory, this would allow every host to see every LUN on every storage array. However, you can implement LUN masking to prevent this from happening. If you only implement SAN zoning, a host would gain access to every LUN that was available on any storage array that it was zoned with.

Neither configuration is ideal, so you will almost always find it best if both LUN masking and LUN zoning are configured on a SAN. One exception to this would be a host that is directly connected to a storage array port. No zoning would be required as the host would not be connected to a SAN fabric, and no LUN masking would be required as it is guaranteed that the host would be the only one to have access to that port.

For more on LUNs:

1. Learn more about LUNs and their role in SAN management
2. Learn how to backup a LUN snapshot

Essential Guide

LUN masking or LUN zoning: Which one is a better fit for a SAN fabric?

GlassHouse Technologies' Steve Pinder weighs the pros and cons of using LUN masking and LUN zoning in SAN fabrics, switches and HBA configurations.

Related Q&A from Steve Pinder

Adding an old hard drive to RAID sets on servers

Choosing a RAID level depends on capacity needs and data criticality

FATA disk vs Fibre Channel for Exchange and SQL workloads

Read more on SAN, NAS, solid state, RAID

logical unit number (LUN)

Storage 101: How to create, share and manage a LUN in SAN storage

LUN storage: Working with a SAN's logical unit numbers

LUN zoning

SearchCIO

4 IT contract negotiation strategies to drive value in 2021

Turning data into actionable insights with machine learning

Evolving role of the CIO key to the future of work

SearchSecurity

12 Microsoft Exchange Server security best practices

Cring ransomware attacking vulnerable Fortigate VPNs

Utilizing existing tech to achieve zero-trust security

SearchNetworking

Common network vulnerabilities and how to prevent them

Understand top SD-WAN advantages and disadvantages

Arista simplifies network management in latest CloudVision

SearchDataCenter

New Intel Ice Lake processors boost performance, security

IBM tools speed mainframe application modernization projects

Nvidia vs. AMD: Compare GPU offerings

SearchDataManagement

Why consider an augmented data catalog?

Alation brings data catalog technology to the public cloud

Yellowbrick Manager embraces Kubernetes for data warehouse