ATA over Ethernet (AoE) is a network protocol which enables high-performance access to SATA storage devices over Ethernet networks. Like iSCSI, it makes low-cost SANs built with standard commodity technologies possible. AoE encapsulates ATA commands inside Ethernet frames and transports them over an Ethernet network instead of a SATA cable, allowing servers to access remote disks as if they were directly attached. This encapsulation is simple and low-level, enabling high performance data transfer.

Unlike iSCSI, AoE does not use the TCP/IP network layer above Ethernet, but instead runs directly on top of Ethernet. AoE is therefore non-routable and cannot be accessed over the Internet or other IP networks. On the other hand, AoE is lightweight, easier to implement, provides a layer of inherent security, and offers higher performance.

Running directly on Ethernet, the significant CPU overhead of TCP/IP processing is eliminated. Being unroutable, AoE packets travel within a single local Ethernet storage area network, such as one created by a switch or VLAN. This provides a level of inherent security as intruders cannot connect to the SAN network via a router and must physically access the local Ethernet switch. AoE does not provide specific mechanisms for password verification or encryption, although additional security can be implemented at the file-system level. Some AoE targets (eg. ggaoed) support ACLs allowing connections only from specific MAC addresses.

AoE uses a host-based cooperative locking mechanism which requires communication between AoE initiators attempting to access data on a shared AoE storage device. One option provided by AoE uses the target storage device itself to control initiator access. The AoE protocol includes a "config string" feature to records which initiators are using a device, along with other information. Two hosts cannot set the config string simultaneously: only one succeeds, while the other is informed of the conflict.

While hardware AoE SAN appliances are available, CentOS servers can function as AoE targets and initiators using software AoE implementations. Three independently developed AoE target implementations exist for Linux:

• vblade: user space program which is part of the aoetools package
• kvblade: implemented as a Linux kernel module
• ggaoed: which runs in userspace but takes advantage of Linux-specific performance features

The EPEL repo has a source RPM of vblade suitable for CentOS 5. Google turns up several Fedora RPMs for vblade and aoetools available from other online repositories.