(408) 943-4100               V   Commercial Support Toggle between Light and Dark mode

Fibre Channel

  5 minute read.

Last Modified 2021-08-18 09:33 EDT

Fibre Channel is a high-speed data transfer protocol providing in-order, lossless delivery of raw block data. Fibre Channel is primarily used to connect computer data storage to servers in storage area networks in commercial data centers. The Fibre Channel protocol is fast, cost effective, and reliable over a wide variety of storage workloads.

This is a TrueNAS Enterprise feature. TrueNAS systems licensed for Fibre Channel have Fibre Channel Ports added to Sharing > Block Shares (iSCSI).

Sharing ISCSI Fibre Channel Ports

Fibre Channel ISCSI Share Example

Initiators and Authorized Access screens only apply to iSCSI and can be ignored when configuring Fibre Channel.

Go to Storage > Pools. Find an existing pool, click   and Add zvol to create a new zvol.


Configure these tabs in Sharing > Block Shares (iSCSI):

If a portal with listen interface does not exist, click Add and add this portal.
Connected InitiatorsInitiators currently connected to the system. Shown in IQN format with an IP address. Set initiators and click an -> (arrow) to add the initiators to either the Allowed Initiators or Authorized Networks lists. Clicking Refresh updates the Connected Initiators list.
Allowed InitiatorsInitiators allowed access to this system. Enter an iSCSI Qualified Name (IQN) and click + to add it to the list. Example: iqn.1994-09.org.freebsd:freenas.local
Authorized NetworksNetwork addresses allowed use this initiator. Each address can include an optional CIDR netmask. Click + to add the network address to the list. Example:
DescriptionAny notes about initiators.
Group IDAllow different groups to be configured with different authentication profiles. Example: all users with a group ID of 1 will inherit the authentication profile associated with Group 1.
UserUser account to create for CHAP authentication with the user on the remote system. Many initiators use the initiator name as the user name.
SecretUser password. Must be at least 12 and no more than 16 characters long.
Peer UserOnly entered when configuring mutual CHAP. Usually the same value as User.
Peer SecretMutual secret password. Required when Peer User is set. Must be different than the Secret.

Add a new target.

Sharing ISCSI Targets Add Fibre

Enter or select values specific to your use case for the Target Name, Target Alias, Target Mode, and Portal Group. The Initiator Group ID selects which existing initiator group has access to the target. Options for the Authentication Method are None, Auto, CHAP, or Mutual CHAP. Authentication Group Number can be set to none or an integer. This value represents the number of existing authorized accesses.

An extra Target Mode option appears after going to Targets and clicking ADD. This new option is to select whether the target to create is iSCSI, Fibre Channel, or both.

The Target Reporting tab provides Fibre Channel port bandwidth graphs.

Add a new extent.


NameName of the extent. If the Extent size is not 0, it cannot be an existing file within the pool or dataset.
DescriptionNotes about this extent.
EnabledSet to enable the iSCSI extent.
Extent TypeDevice provides virtual storage access to zvols, zvol snapshots, or physical devices. File provides virtual storage access to a single file.
DeviceOnly appears if Device is selected. Select the unformatted disk, controller, or zvol snapshot.
Logical Block SizeLeave at the default of 512 unless the initiator requires a different block size.
Disable Physical Block Size ReportingSet if the initiator does not support physical block size values over 4K (MS SQL).
Enable TPCSet to allow an initiator to bypass normal access control and access any scannable target. This allows xcopy operations which are otherwise blocked by access control.
Xen initiator compat modeSet when using Xen as the iSCSI initiator.
LUN RPMDo NOT change this setting when using Windows as the initiator. Only needs to be changed in large environments where the number of systems using a specific RPM is needed for accurate reporting statistics.
Read-onlySet to prevent the initiator from initializing this LUN.

Add a new Associated Target.


Select values for Target and Extent. The LUN ID is a value between 0 and 1023. Some initiators expect a value below 256. Leave this field blank to automatically assign the next available ID.

Click to expand the option, select options as presented under test data, and Save.

The iSCSI share does not work when the service is not turned on. To turn on the iSCSI service, go to Services and toggle iSCSI.

NPIV (N_Port ID Virtualization)

NPIV allows the administrator to use switch zoning to configure each virtual port as if it was a physical port in order to provide access control. This is important in an environment with a mix of Windows systems and virtual machines in order to prevent automatic or accidental reformatting of targets containing unrecognized filesystems. It can also be used to segregate data; for example, to prevent the engineering department from accessing data from the human resources department. Refer to the switch documentation for details on how to configure zoning of virtual ports.

To create virtual ports on the TrueNAS system, go to System > Tunables and click ADD. Enter these options:

  • Variableinput hint.isp.X.vports, replacing X with the number of the physical interface.
  • Value : input the number of virtual ports to create. There cannot be more than 125 SCSI target ports, including all physical Fibre Channel ports, all virtual ports, and all configured combinations of iSCSI portals and targets.
  • Type : make sure loader is selected.


In the example shown, two physical interfaces were each assigned 4 virtual ports. Two tunables were required, one for each physical interface. After the tunables are created, the configured number of virtual ports appears in Sharing > Block Shares (iSCSI) > Fibre Channel Ports screen so they can be associated with targets. They are also advertised to the switch so zoning can be configured on the switch.

After a virtual port has been associated with a target, it is added to the Target tab of Reporting where its bandwidth usage can be viewed.