Вы находитесь на странице: 1из 5




Dont Call It A WOC: Infineta Systems

Cisco ACE: Insert Client IP Address


MAY 8, 2012 65 COMMENTS

The CCIE Data Center blueprint makes mention of NPV and NPIV, and Cisco UCS also makes heavy use of both
topics, topics that many may be unfamiliar with most. This post (part of my CCIE Data Center prep series) will
explain what they do, and how theyre different.
(Another great post on NPV/NPIV is from Scott Lowe, and can be found here. This is a slightly different approach
to the same information.)
NPIV and NPV are among the two most ill-named of acronyms Ive come across in IT, especially since they
sound very similar, yet do two fairly different things. NPIV is an industry-wide term and is short for N_Port ID
Virtualization, and NPV is a Cisco-specific term, and is short for N_Port Virtualization. Huh? Yeah, not only do
they sound similar, but the names give very little indication as to what they do.

First, lets talk about NPIV. To understand NPIV, we need to look at what happens in a traditional Fibre Channel
When a host plugs into a Fibre Channel switch, the host end is called an N_Port (Node Port), and the FC switchs
interface is called an F_Port (Fabric Port). The host has whats known as a WWPN (World Wide Port Name, or
pWWN), which is a 64-bit globally unique label very similar to a MAC address.
However, when a Fibre Channel host sends a Fibre Channel frame, that WWPN is no where in the header.
Instead, the host does a Fabric Login, and obtains an FCID (somewhat analagous to an IP addres). The FCID is
a 24-bit number, and when FC frames are sent in Fibre Channel, the FCID is what goes into the source and
destination fields of the header.

Note that the first byte (08) of the FCID is the same domain ID as the FC switch that serviced the hosts FLOGI.
In regular Fibre Channel operations, only one FCID is given per physical port. Thats it. Its a 1 to 1 relationship.
But what if you have an ESXi host, for example, with virtual fibre channel interfaces. For those virtual fibre
channel interfaces to complete a fabric login (FLOGI), theyll need their own FCIDs. Or, what if you dont want to
have a Fibre Channel switch (such as an edge or blade FC switch) go full Fibre Channel switch?
NPIV lets a FC switch give out multiple FCIDs on a single port. Simple as that.

The magic of NPIV: One F_Port gives out multiple FCIDs on (0x070100 to the ESXi host and 0x070200 and
0x070300 to the virtual machines)

NPV: Engage Cloak!

NPV is typically used on edge devices, such as a ToR Fibre Channel switch or a FC switch installed in a blade
chassis/infrastruture. What does it do? Im gonna lay some Star Trek on you.
NPV is a clocking device for a Fibre Chanel switch.

Wait, did you just compare Fibre Channel to a Sci-Fi technology?

How is NPV like a cloaking device? Essentially, an NPV enabled FC switch is hidden from the Fibre Channel
When a Fibre Channel switch joins a fabric, its assigned a Domain_ID, and participates in a number of fabric
services. With this comes a bit of baggage, however. See, Fibre Channel isnt just like Ethernet. A more accurate
analogue to Fibre Channel would be Ethernet plus TCP/IP, plus DHCP, distributed 802.1X, etc. Lots of stuff is
going on.
And partly because of that, switches from various vendors tend not to get a long, at least without enabling some
sort of Interopability Mode. Without interopability mode, you cant plug a Cisco MDS FC switch into say, a
Brocade FC switch. And if you do use interopability mode and two different vendors in the same fabric, there are
usually limitations imposed on both switches. Because of that, not many people build multi-vendor fabrics.
Easy enough. But what if you have a Cisco UCS deployment, or some other blade system, and your Fibre
Channel switches from Brocade? As much as your Cisco rep would love to sell you a brand new MDS-based
fabric, theres a much easier way.
Engage the cloaking device.
(Note: NPV is a Cisco-specific term, while other vendors have NPV functionality but call it something else, like
Brocades Access Gateway.) A switch in NPV mode is invisible to the Fibre Channel fabric. It doesnt participate
in fabric services, doesnt get a domain ID, doesnt do fabric logins or assign FCIDs. For all intents and purposes,
its invisible to the fabric, i.e. cloaked. This simplifies deployments, saves on domain IDs, and lets you plug
switches from one vendor into a switch of another vendor. Plug a Cisco UCS Fabric Interconnect into a Brocade
FC switch? No problem. NPV. Got a Qlogic blade FC switch plugging into a Cisco MDS? No problem, run NPV
on the Qlogic blade FC switch (and NPIV on the MDS).

The hosts perform fabric logins just like they normally would, but the NPV/cloaked switch passes FLOGIs up to
the NPIV enabled port on the upstream switch. The FCID of the devices bears the the Domain ID of the
upstream switch (and appears directly attached to the upstream switch).
The NPV enabled switch just proxies the FLOGIs up to the upstream switch. No fuss, no muss. Different vendors
can interoperate, we save domain IDs, and its typically easier to administer.
TL;DR: NPIV allows multiple FLOGIs (and multiple FCIDs issued) from a single port. NPV hides the FC switch
from the fabric.