5.x.x. Logical Operation Model The logical operation model describes activity using SCSI busses. The next section provides a glossary related to the logical operations model. The glossary is followed by the logical operation model descripiton. 5.x.x.1 Glossary assigned. An attribute of a logical unit or target routine where it is permitted to respond to I/O processes only for certain path groups. disband. A function associated with multiple path operation where a set of paths established as a path group is broken up to prevent further multiple path operatino within the set of paths. establish. A function associated with multiple path operartion where a non-empty set of paths is treated as equivalent, or grouped, for the purpose of most I/O process activity. grouped. The state of a path where it is included with other similarly named paths for the purpose of conducting multiple path operations. host ID. An identifier given to a host system and communicated to target controllers over an SCSI bus. host system. A logical element which principally causes I/O processes to be started. (Move to Section 3.1.) initiator. An SCSI device which is principally responsible for using an SCSI bus to start I/O processes. An initiator is usually attached to a host system. An initiator is a port to one SCSI bus. (Move to Section 3.1.) multiple path status. A host system established condition where any status for an I/O process may be transferred on any path in an established path group where the connect was made, whether the status leads to a contingent allegiance or not. password. An identifier used to permit otherwise unauthorized access to a logical unit or target routine. path. A named physical link which has been physically used between a host system and a logical unit or a target routine. The name consists of a host ID, an SCSI ID for an initiator, the port of the target controller on which a connect is made, and the LUN or TRN of the selected logical unit or target routine. path group. A set of one or more paths having the same host ID and LUN or TRN. port. A name for the portion an SCSI device where it attaches to one and only one SCSI bus. An SCSI device may have more than one port each of which may be attached to a different SCSI bus. Each port has an SCSI ID and an SCSI address unique to the SCSI bus to which it is attached. Ports are usually called initiators and targets. (Move to Section 3.1.) single path status. A host system established condition where status leading to a contingent allegiance is transferred on the path where the connect occurred. singular. An attribute of an SCSI command which prohibits it being executed if it is immediately preceeded in an I/O process by a command having a Link bit set to 1 or which has the Link bit in its CDB is set to 1. supervisor command. A command which, when otherwise correctly transferred to a target and correctly formed, may not be executed by a target controller unless specifically authorized. target. An SCSI device which is principally responsible for receiving I/O processes. A target is usually attached to a target controller. A target is a port to one SCSI bus. (Move to Section 3.1.) target controller. a logical element which principally executes I/O processes on behalf of a host system. (Move to Section 3.1.) target routine. A selectable function within a target controller which executes I/O processes. A target routine is similar to a logical unit in that it has a name, a target routine number or TRN, and a command set to execute. (Move to Section 3.1.) TRN. TRN is the abbreviation for target routine number, which is the name of a target routine used during an I/O process to select a target controller function to execute an I/O process. (Move to Section 3.1.) unassigned. An attribute of a logical unit or target routine where it is permitted to respond to I/O processes on any path. ungrouped. The state of a path when it is not included in an established path group for the purpose of conducting multiple path operations. A Minimum Logical System Initiator Mode Target Mode +-----+ +-----+ | | | | | P | | P | | O |----------------------------| O | | R | | R | | T | SCSI Bus | T | | | | | +-----+ +-----+ .pa 5.x.y. Logical Operation Model Description A logical system consists of: 1) a minimum of two SCSI ports and a minimum of one SCSI bus connecting them; 2) a minimum of one SCSI port must be capable of operating in initiator mode; 3) a minimum of one SCSI port must be capable of operating in target mode; 4) the initiator and target in 2) and 3) above, must be attached to the same SCSI bus and active at the same time (i.e., not the same port); 5) the logical element attaching an SCSI device which acts principally as an initiator is called a host system; 6) the logical element attaching an SCSI device which acts principally as an target is called a target controller; NOTE: The names given to the logical elements attaching an SCSI device do not preclude any SCSI device from using all functions of SCSI. Thus, a copy manager, acting principally as a target controller, may act as a host system and use all defined functions of the commands and the logical system to perform a copy operation. 7) each port has an SCSI address unique to the SCSI bus on which it is attached; 8) each port, when acting as a target, has a port number assigned by the target controller. The port number is unique within a target controller; 9) each host system is assigned a host ID. A host ID must be unique to a host system in a logical system to prevent unpredictable results; 10) each target controller has one or more logical units identified with unique Logical Unit Numbers (LUN). 11) each target has zero or more target routines identified by target routine numbers (TRN). 12) the extent of a logical system, from the viewpoint of a target controller, is the set of all host systems having at least one port attached via a SCSI bus to at least one port of the target controller. NOTE: A balanced logical system may consist of two SCSI busses with two ports for each host system and target controller, with one port attached to each of the SCSI busses. This configuration provides a redundant path from each host system to each logical unit. An identifier consisting of a host ID, an initiator SCSI address, a target controller port number, and a LUN or TRN, defines a path when the relationship is established as the result of a connect between a host system and a target controller. The LUN or TRN must be valid for the target controller. The logical unit need not be ready or installed (e.g., unpowered but cabled or uncabled). No path exists between a LUN or TRN and a host system unless the LUN or TRN is explicity the object of a connect between that host system and the LUN or TRN. An identifier, consisting of a host ID and either a LUN or TRN, represents one logical path. A logical path consists of a set of one or more paths. An implicitly named path exists when the host system has not transferred the host ID to the target controller, but the host system has made at least one connect to the LUN or TRN. An explicitly named path exists when the host system successfully completes an I/O process to transfer the host ID of the host system to the LUN or TRN. NOTE: All actions and functions below which refer to implicitly named paths have equivalent functions in SCSI-2. Any function in the logical operations model referring to an explicitly named path does not exist in SCSI-2. A host system must connect with and transfer its host ID to each LUN or TRN which it wants to use for multiple path operations. Further the host system must do so using each path available between the host system and the logical unit. NOTE: In the balanced logical system example above, each host system must connect with each LUN on two paths and transfer its host ID on each path. A connect using Asynchronous Event Notification does not define a path from the host system to the LUN. The LUN must be selected as the receiver of an I/O process by the host system. AEN uses a physical path between the target controller, turned initiator, and a host system, turned target. This does not define the path in the reverse direction. Explicitly naming a set of paths to a LUN or TRN from the same host system does not establish a path group for conducting multiple path operations. An explicitly named path is initially in the ungrouped state relative to other paths in the logical path. An implicitly named path stays in an ungrouped state since the target cannot identify a real host system. Each initiator connecting with each target controller port must be considered as attached to a unique host system until the transfer of a host ID from the host system occurs. A set of ungrouped paths in a logical path is established as a group through one command from the host system using any one of the paths in the logical path. This set of paths, when established as a group, is called a path group. A path may be added to an established group at a later time by a command from the host system on that path. A path may be removed from a path group by a command from the host system on that path. The inverse of establishing a path group is to disband a path group. A path group may be explicitly disbanded by one command from the host system along any one path in the path group. A path group is implicitly disbanded when the last path is removed from an established path group using a remove path function rather than a disband command. Once a path group is established with two or more paths, the pointers for an active I/O process must be shared between the initiators servicing the paths in the path group. NOTE: If no path group is established which contains two or more paths, SCSI pointer management in each initiator remains the same as in SCSI-2, since the target controller is restricted to operations only on the path where the connect occurred. Once a path group is established, it may be important to control the path where status leading to a contingent allegiance is reported. This is especially true if the main recovery mechanism for all I/O processes is located on one path and other paths are treated like data highways. Therefore, a function of establishing path groups is to identify where status leading to a contingent allegiance is reported. Any status which does not result in contingent allegiance may be sent over any path in the path group. The condition may be altered by disbanding the group and establishing the group with the alternate choice. The host system is given two choices: 1) single path status mode is a host system established condition where status resulting in contingent allegiance is sent only over the path on which the connect was made; 2) multiple path status mode is a host system established condition where status is sent over the next available path in the established path group. When an implicitly named path or an ungrouped path is used to make a connect, multiple path operatoin is not permitted. As a result, single path status mode is also in effect. When operating in multiple status mode, a host system may temporarily switch to single status mode for an I/O process without affecting the established path group. The function is in effect for all linked commands in an I/O process. In addition to single path status mode, all activity related to the I/O process must occur on the path where the connect was made. The function is called suspend multiple path operation. The state of the path may be any one of the following: 1) Implicitly named path. No explicit host ID has been received from a host system to any LUN or TRN on this target controller from the initiator SCSI ID/port. An I/O process received on a path in this state is required to perform all operations on this path. 2) Path to Other LUNs. An explicitly named path to at least one LUN or TRN on this initiator SCSI ID/port, other than the selected logical unit or target routine, exists. This is functionally equivalent to 1) but it imparts additional information to the host system. An I/O process received on a path in this state is required to perform all operations on this path. 3) Ungrouped. An explicitly named path to the selected LUN or TRN exists but it is not currently part of an established path group. An I/O process received on a path in this state is required to perform all operations on this path. 4) Grouped. An explicitly named path to the selected LUN or TRN exists and is presently established in the grouped state. The path group can consist of one or more paths. An I/O process received on this path may respond on any path in this path group unless single path status is in effect or multiple path reconnection has been temporarily suspended for an I/O process. A target controller must keep track of the paths, path groups, the state of each path in the group, and the status tramsfer mode for each of its LUN or TRN. It must communicate on the appropriate paths and report the state of any path to the host system. All path groups are established and managed by the functions defined above save one exception condition which is deferred until after the next topic. Path identification and grouping is not a supervisor mode operation since it does not restrict access to the LUNs in a target controller. Any logical unit attached to an SCSI bus is initially available to receive I/O processes from any host system attached to that SCSI bus. This is permitted whether the path is explicitly named, implicitly named, and whether or not for explicitly named paths, the path is grouped or ungrouped. This state of access is logically equivalent to the SCSI-2 bus with no reservations outstanding. Such unrestricted access may not be appropriate for host systems with extensive multi-user access and/or data bases with sensitive information. Therefore, it is appropriate to control access to a LUN or TRN or an extent on a LUN at a higher level than the RESERVE/RELEASE functions. The ability to control access to logical units in a multiple pathing environment requires path group control since multiple SCSI busses may be involved. Two or more explicitly defined path groups may share a logical unit to the exclusion of other path groups. Access to a logical unit or target routine is controlled with two functions called assign and unassign. Because of the implications to system reliability and integrity, these functions are defined as supervisor commands. Their purpose is to act as the logical equivalent of switches or manual cable changes to restrict access to logical units or extents within logical units. Assignment of a LUN or TRN to one path group means that no host system on any path not in the path group can gain access to the logical unit using the functions defined to this point. Certain commands, such as REQUEST SENSE and INQUIRY may be responded to regardless of the source of the command. A logical unit may be assigned to multiple established path groups. An implicitly named path or an ungrouped path can gain assignment for itself, but it cannot add assignment for any other paths or path groups. Any path holding assignment through an established path group may add assignment of other established path groups to the logical unit. The two functions of assignment are: 1) assign this LUN or TRN to the path group on which the command was received, or 2) add assignment of this LUN for another established path group. The inverse of assign is unassign. A LUN or TRN may be unassigned from any path group to which assignment currently exists from any path for which assignment currently exists. Assignment may be transferred from one host system to another without passing through a state where no assignment exists. Host systems, through their use of the path naming functions and grouping functions, may be assigned to a logical unit or unassigned from a logical unit. The mechanism by which a host system obtains the path group name required for adding or removing assignment of additional path groups is not established by or a concern of the logical system. The provision for assignment permits multiple host systems to control access to a logical unit. The last function in the logical operations model concerns breaking an assignment in the event of some error or failure in a host system which currently has assignment. The break may be temporary or permanent, but it must be controlled, as are other functions which can lead to system reliability, availability, and integrity problems. This function, above all the rest, is a supervisor command function. Assignment permits unrestricted access to a logical unit through assigned path groups. Controlled access is a function which permits access outside the bounds of defined assignment functions. The mechanism to prevent deliberate or accidental loss of assignment protection is the control access function, enabled by a password, and checked by the affected target controller. The password is established by a host system having assignment for any LUN or TRN. The password is not reported by a target controller on any path. The target controller checks its established password, if any, against password supplied by the control access command function from a host system not having assignment. If the target controller has a password established and it matches the password with the command, the control access command and any commands linked to it are executed, if possible. The mechanism by which the unassigned host system acquires the correct password is not established by or a concern of the logical system. The control access command has three functions: 1) establish a password for a LUN or a TRN. The command must be received on a path currently holding assignment. 2) general unassign. The control access command is received from a path that does have assignment. If no password has been set or the password supplied matches the password in the target, the target controller removes assignment for all paths in any path group having assignment when the commmand was processed. The result is that the LUN or TRN has no assignment protection. 3) request temporary unassignment. The control access command is received from a path that does not have assignment. If the password matches the password in the target, the commands linked to the control access commmand are executed to the extent possible. A status which would lead to contingent allegiance on the unassigned path is not permitted, since that would grant the unassigned path permission to continue operations with a REQUEST SENSE command to retrieve the sense data. The contingent allegiance is to an assigned path whether functional or not. When a request for temporary assignment is granted, the issuing host system may link to an assign command which will grant assignment to the once unassigned host system. The host system can then use normal I/O processes to access the LUN or TRN. An I/O process containing a valid control access command requesting temporary assignment, a control access command performing a general unassign, and an assign command for the new host system breaks all old assignments and transfers assignment of the LUN to the new host system. This operation permits continued operation without loss of the function provided by the logical unit. Some I/O processes may be aborted. .pa 7.x.z. Path Control Commands The path control commands required to implement the logical operation model are: 1) Set Host ID. Explicitly name the host system using this path for a logical unit. 2) Report Path Status. Report the status of the path relative to path groups. 3) Suspend Multiple Path Operations. Suspend for the length of a single I/O process the use of multiple path reconnection. All reconnects occur on the path where the connect occurred. 4) Assign. Define the path groups on which a logical unit may operate. 5) Unassign. Remove a path group from the set of authorized path groups granted access to a logical unit 6) Control Access. Transfer password on an assigned path to the target controller for a path group; permit general unassign from an assigned path group; and, allow an unassigned path, having the correct password, access to a logical unit for one I/O process. The exact formats and processing rules are TBD. However, they obey the rules of the logical operations model. Considerations for when and how path groups are terminated and when and how assignment is terminated must be clearly stated. The SCSI-2 functions in the RESERVE and RELEASE commands must be included in the ASSIGN and UNASSIGN commands.