Home » HP Manuals » Storage Devices » HP 1606 » Manual Viewer

HP 1606 Access Gateway Administrator's Guide (53-1001760-01, June 2010) - Page 73

Enabling trunking, Enabling the DCC policy on trunk

Add to My Manuals
Save this manual to your list of manuals

Page 73 highlights

Trunking in Access Gateway mode 3 Slot Port Type State Master TI DI 10 13 -- -- -- 125 125 10 14 -- -- -- 125 126 5. Enable ports specified in step 3. Continuing with the example shown in step 3, this would mean enabling ports 13 and 14. switch:admin> portenable 10/13 switch:admin> portenable 10/14 6. Show the TA port configuration after enabling the ports: switch:admin> porttrunkarea --show enabled Slot Port Type State Master TI DI 10 13 F-port Master 10/13 125 125 10 14 F-port Slave 10/13 125 126 Enabling the DCC policy on trunk 1. After you assign a Trunk Area, the porttrunkarea command checks whether there are any active DCC policies on the port with the index TA, and then issues a warning to add all the device WWNs to the existing DCC policy with index as TA. All DCC policies that refer to an Index that no longer exist will not be in effect. 2. Add the WWN of all the devices to the DCC policy against the TA. 3. Enter the secpolicyactivate command to activate the DCC policy. You must enable the TA before issuing the secpolicyactivate command in order for security to enforce the DCC policy on the trunk ports. 4. Turn on the trunk ports. Trunk ports should be turned on after issuing the secpolicyactivate command to prevent the ports from becoming disabled in the case where there is a DCC security policy violation. Enabling trunking 1. Connect to the switch and log in using an account assigned to the admin role. 2. Disable the desired ports by entering the portdisable port command for each port to be included in the TA. 3. Enter the porttrunkarea--enable 3 command with appropriate operands to form a trunk group for the desired ports. For example, if ports 36-39 were disabled in step 2, then the example command shown below forms a trunk group for ports 36-39 with index 37. These will be connected to N_Ports on an AG module. switch:admin> porttrunkarea --enable 36-39 -index 37 Trunk area 37 enabled for ports 36, 37, 38 and 39. 4. Enter the portenable port command for each port in the TA to re-enable the desired ports, such as ports 36-39. 5. Enter the switchshow command to display the switch or port information, including created trunks. Access Gateway Administrator's Guide 53 53-1001760-01

Section	Page
About This Document	13
How this document is organized	13
Supported hardware and software	13
What’s new in this document	14
Document conventions	15
Text formatting	15
Command syntax conventions	15
Notes, cautions, and warnings	15
Notice to the reader	16
Key terms	16
Additional information	17
Brocade resources	17
Other industry resources	17
Optional Brocade features	18
Getting technical help	18
Document feedback	19
Access Gateway Basic Concepts	21
In this chapter	21
Brocade Access Gateway overview	21
Comparing Native Fabric and Access Gateway modes	21
Fabric OS features in Access Gateway mode	23
Access Gateway port types	24
Comparison of Access Gateway ports to standard switch ports	24
Access Gateway hardware considerations	25
Configuring Ports in Access Gateway mode	27
In this chapter	27
Enabling and disabling Access Gateway mode	27
Port state description	29
Access Gateway mapping	30
Port-based mapping	30
Device-based mapping	35
Considerations for Access Gateway mapping	42
N_Port configurations	44
Displaying N_Port configurations	45
Unlocking N_Ports	45
Managing Policies and Features in Access Gateway Mode	47
In this chapter	47
Access Gateway policies overview	47
Displaying current policies	47
Access Gateway policy enforcement matrix	48
Advanced Device Security policy	48
How the ADS policy works	48
Enabling and disabling the Advanced Device Security policy	49
Setting the list of devices allowed to log in	49
Setting the list of devices not allowed to log in	50
Removing devices from the list of allowed devices	50
Adding new devices to the list of allowed devices	50
Displaying the list of allowed devices on the switch	51
ADS policy considerations	51
Upgrade and downgrade considerations for the ADS policy	51
Automatic Port Configuration policy	51
How the APC policy works	51
Enabling and disabling the APC policy	52
Automatic Port Configuration policy considerations	52
Upgrade and downgrade considerations for the APC policy	53
Port Grouping policy	53
How port groups work	53
Adding an N_Port to a port group	54
Deleting an N_Port from a port group	55
Removing a port group	55
Renaming a port group	55
Disabling the Port Grouping policy	55
Port Grouping policy modes	56
Creating a port group and enabling Automatic Login Balancing mode	56
Rebalancing F_Ports	57
Enabling Managed Fabric Name Monitoring mode	58
Disabling Managed Fabric Name Monitoring mode	58
Displaying the current fabric name monitoring timeout value	58
Setting the current fabric name monitoring timeout value	59
Port Grouping policy considerations	59
Upgrade and downgrade considerations for the Port Grouping policy	60
Device Load Balancing Policy	60
Enabling WWN Load Balancing	60
Disabling Device Load Balancing	60
Device Load Balancing considerations	61
Persistent ALPA Policy	61
Enabling Persistent ALPA	62
Disabling Persistent ALPA	62
Persistent ALPA device data	62
Removing device data from the database	62
Displaying device data	63
Clearing ALPA values	63
Persistent ALPA policy considerations	63
Upgrade and downgrade considerations for Persistent ALPA	63
Failover	64
Failover with port-based mapping	64
Failover with device-based mapping	66
Enabling and disabling Failover on a N_Port	67
Enabling and disabling Failover for a port group	67
Upgrade and downgrade considerations for Failover	68
Failback	68
Failback configurations in Access Gateway	68
Enabling and disabling Failback on an N_Port	69
Enabling and disabling Failback for a port group	70
Upgrade and downgrade considerations for Failback	70
Trunking in Access Gateway mode	70
How Trunking works	70
Configuring Trunking on the Edge switch	71
Configuration management for trunk areas	72
Enabling trunking	73
Disabling F_Port trunking	74
Trunking monitoring	74
Trunking considerations for the Edge switch	74
Trunking considerations for Access Gateway module	77
Upgrade and downgrade considerations for Trunking in Access Gateway mode	77
Adaptive Networking on Access Gateway	78
Upgrade and downgrade considerations with Adaptive Networking in AG mode enabled	79
Adaptive Networking on Access Gateway considerations	79
Per Port NPIV login limit	80
Setting the login limit	80
Considerations for the Brocade 8000	80
SAN Configuration with Access Gateway	83
In this chapter	83
Connectivity of multiple devices overview	83
Direct target attachment	83
Considerations	83
Target aggregation	84
Access Gateway cascading	84
Fabric and Edge switch configuration	85
Verifying the switch mode	85
Enabling NPIV on M-EOS switches	86
Connectivity to Cisco Fabrics	87
Enabling NPIV on a Cisco switch	87
Rejoining Fabric OS switches to a fabric	87
Reverting to a previous configuration	87
Troubleshooting	89

Match case Limit results 1 per page

Access Gateway Administrator’s Guide

53-1001760-01

Trunking in Access Gateway mode

Slot

Port

Type

State

Master

-------------------------------------------

125 125

125 126

-------------------------------------------

Enable ports specified in step 3. Continuing with the example shown in step 3, this would

mean enabling ports 13 and 14.

switch:admin>

portenable 10/13

switch:admin>

portenable 10/14

Show the TA port configuration after enabling the ports:

switch:admin>

porttrunkarea --show enabled

Slot

Port

Type

State

Master

-------------------------------------------

F-port

Master

10/13

125 125

F-port

Slave

10/13

125 126

Enabling the DCC policy on trunk

After you assign a Trunk Area, the

porttrunkarea

command checks whether there are any

active DCC policies on the port with the index TA, and then issues a warning to add all the

device WWNs to the existing DCC policy with index as TA.

All DCC policies that refer to an Index that no longer exist will not be in effect.

Add the WWN of all the devices to the DCC policy against the TA.

Enter the

secpolicyactivate

command to activate the DCC policy.

You must enable the TA before issuing the

secpolicyactivate

command in order for security to

enforce the DCC policy on the trunk ports.

Turn on the trunk ports.

Trunk ports should be turned on after issuing the

secpolicyactivate

command to prevent the

ports from becoming disabled in the case where there is a DCC security policy violation.

Enabling trunking

Connect to the switch and log in using an account assigned to the admin role.

Disable the desired ports by entering the

portdisable

port

command for each port to be

included in the TA.

Enter the

porttrunkarea

enable 3

command with appropriate operands to form a trunk group

for the desired ports. For example, if ports 36-39 were disabled in step 2, then the example

command shown below forms a trunk group for ports 36-39 with index 37. These will be

connected to N_Ports on an AG module.

switch:admin>

porttrunkarea --enable 36-39 -index 37

Trunk area 37 enabled for ports 36, 37, 38 and 39.

Enter the

portenable

port

command for each port in the TA to re-enable the desired ports, such

as ports 36-39.

Enter the

switchshow

command to display the switch or port information, including created

trunks.