HP 8/80 Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010)
HP 8/80 Manual
View all HP 8/80 manuals
Add to My Manuals
Save this manual to your list of manuals |
HP 8/80 manual content summary:
- HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 1
53-1001763-01 ® 30 March 2010 Fabric OS Administrator's Guide Supporting Fabric OS v6.4.0 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 2
obtain a copy of the programming source code, please visit http://www.brocade.com/support/oscd. Brocade Communications Systems, Incorporated Corporate and Latin American Headquarters Brocade Communications Systems, Inc. 1745 Technology Drive San Jose, CA 95110 Tel: 1-408-333-8000 Fax: 1-408-333 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 3
53-1001336-02 Fabric OS Administrator's Guide 53-1001763-01 Removed SilkWorm 4016 and 4020 June 2006 from supported switches; FCIP chapter updates. Revised for Fabric OS v5.2.0 features. September 2006 Added new hardware platforms: Brocade FC4-48 and FC4-16IP. Added Fabric OS v5.3.0 features - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 4
iv Fabric OS Administrator's Guide 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 5
How this document is organized xxxiii Supported hardware and software xxxiv What's new Services In this chapter 3 Fibre Channel services overview 3 The Management Server 4 Platform services 4 Platform services in a Virtual Fabric 5 Enabling platform services 5 Disabling platform services - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 6
the serial port 16 Telnet switch 31 Enabling a switch 31 Switch and enterprise-class platform shutdown 31 Powering off a Brocade switch 32 Powering off a Brocade enterprise-class platform 32 Basic connections 33 Device connection 33 Switch connection 33 vi Fabric OS Administrator's Guide - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 7
compatibility notes 48 Enabling and disabling blades 48 Enabling blades 48 Disabling blades 50 Blade swapping 50 Swapping blades 51 Swapping blades 52 Power management 53 Powering off a port blade 53 Powering on a port blade 53 Equipment status 54 Checking switch operation 54 Verifying - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 8
NAT 65 Inter-switch links 66 Buffer credits 67 Virtual Channels 67 Gateway links 69 Configuring a link through a gateway 70 Inter-chassis links 71 Supported topologies 72 Routing policies 73 Displaying the current routing policy 74 Exchange-based routing 74 Port-based routing 74 AP - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 9
model using RADIUS and LDAP 99 Setting the switch authentication mode 101 Fabric OS user accounts 101 Fabric OS users protocol 122 Browser and Java support 122 SSL configuration overview 123 Ports and applications used by switches 131 Port configuration 132 Fabric OS Administrator's Guide ix - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 10
changes 136 FCS policies 137 FCS policy restrictions 137 Ensuring fabric domains share policies 138 Creating an FCS policy 138 Modifying the order of FCS switches 139 FCS policy distribution transaction 157 IP Filter policy distribution 158 x Fabric OS Administrator's Guide 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 11
Uploading a configuration file from a switch with Virtual Fabrics enabled 185 Restoring logical switch configuration using configDownload 185 Restrictions 186 Brocade configuration form 187 Installing and Maintaining Firmware In this chapter 189 Firmware download process overview 189 Upgrading - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 12
and ISL sharing 216 Management model for logical switches 219 Account management and Virtual Fabrics 220 Supported platforms for Virtual Fabrics 220 Supported port configurations in the Brocade 5100, 5300, and VA40FC 220 Supported port configurations in the Brocade DCX and DCX-4S221 Virtual - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 13
Guide 53-1001763-01 Deleting a logical switch 228 Adding and removing ports on a logical switch 229 Displaying logical switch configuration 230 Changing the fabric ID of a logical switch 230 Changing a logical switch to a base switch 244 Broadcast zones and FC-FC routing 245 High availability - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 14
. . . . .255 Enabling a zone configuration 255 Disabling configuration management 261 New switch or fabric additions 261 over FC routers 276 General rules for TI zones 276 Supported configurations FC routers with Virtual Fabrics . . . . .281 Creating a TI zone 282 Creating a TI zone in a base - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 15
McDATA Open Fabric mode configuration restrictions 302 Interoperability support for logical switches 302 Switch configurations for interoperability 303 Enabling McDATA Open Fabric mode 303 Enabling McDATA Fabric mode 304 Enabling Brocade Native mode 305 Zone management in interoperable fabrics - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 16
switches firmware downloads 325 Upgrade and downgrade considerations for HCL for interoperability 325 McDATA-aware features 325 McDATA-unaware features 326 M-EOS feature limitations in mixed fabrics 328 Supported hardware in an interoperable environment 329 Supported levels 338 User-defined - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 17
user-defined Admin Domains non-disruptively . .352 Validating an Admin Domain member list 356 SAN management with Admin Domains 356 CLI commands in an AD context 357 Executing a command in a different AD context 357 Displaying an Admin Domain configuration 358 Switching 365 The Brocade 7800 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 18
Removing a licensed feature 377 Ports on Demand 377 Activating Ports on Demand 379 Dynamic Ports on Demand 379 Displaying the port license assignments 379 Enabling Dynamic Ports on Demand 380 Disabling Dynamic Ports on Demand 380 Reserving a port license 381 Releasing a port from a POD set - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 19
Chapter 19 Fabric OS Administrator's Guide 53-1001763-01 Performance data prioritization over FC routers 415 Disabling QoS 416 Bottleneck detection 416 Supported configurations for . . . .418 Enabling bottleneck detection on a switch 419 Excluding a port from bottleneck detection 419 Displaying - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 20
extended ISL 443 Enabling long distance when port group 450 Buffer credits for each switch model 451 Maximum configurable distances for Extended Fabrics . . . . .452 Buffer credit recovery 453 Using the FC-FC Routing Service In this chapter 455 FC-FC routing service overview 455 Supported - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 21
frames 490 Displaying the current broadcast configuration 490 Enabling broadcast frame forwarding 491 Disabling broadcast frame forwarding 491 Resource monitoring 491 FC-FC Routing and Virtual Fabrics 492 Logical switch configuration for FC routing 493 Backbone-to-edge routing with Virtual - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 22
modes 499 Configuring the FC router 500 Configuring LSAN Port indexing on the Brocade 48000 director 513 Port indexing on the Brocade DCX backbone 515 Port indexing on the Brocade DCX-4S backbone 517 FIPS Support In this appendix 521 FIPS overview 521 Zeroization functions 521 Power - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 23
the switch for FIPS 527 Overview of steps 527 Enabling FIPS mode 528 Disabling FIPS mode 529 Zeroizing for FIPS 530 Displaying FIPS configuration 530 Hexadecimal Hexadecimal overview 531 Example conversion of the hexadecimal triplet Ox616000 . .531 Fabric OS Administrator's Guide xxiii - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 24
xxiv Fabric OS Administrator's Guide 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 25
166 Endpoint to gateway tunnel configuration 166 Switch before and after enabling Virtual Fabrics 211 Switch before and after creating logical switches 211 Fabric IDs assigned to logical switches 212 Assigning ports to logical switches 213 Logical switches connected to devices and non-Virtual - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 26
topology 463 Example of setting up Speed LSAN tag 483 LSAN zone binding 486 EX_Ports in a base switch 494 Logical representation of EX_Ports in a base switch 494 Backbone-to-edge routing across base switch using FC router in legacy mode 495 xxvi Fabric OS Administrator's Guide 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 27
Figure 79 Figure 80 Figure 81 Inband Management process 506 Management Station on same subnet 509 Management Station on a different subnet 511 Fabric OS Administrator's Guide xxvii 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 28
xxviii Fabric OS Administrator's Guide 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 29
number of simultaneous sessions 87 Table 14 Default local user accounts 88 Table 15 Authentication configuration options 100 Table 16 Syntax for VSA-based account roles 102 Table 17 dictionary.brocade file entries 103 Table 18 Secure protocol support 117 Table 19 Items needed to deploy secure - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 30
Brocade configuration and connection 187 Enterprise-class platform HA sync states 191 Blade and port types supported on logical switches 221 Virtual Fabrics interaction with Fabric OS features 222 Maximum number of logical switches per chassis 222 Types of zoning 239 Approaches to fabric-based - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 31
an AD context 362 Available Brocade licenses 366 License requirements 368 Base to Upgrade License Comparison 371 List of available ports when implementing PODs 378 Types of monitors supported on Brocade switch models 384 Number of logical switches that support performance monitors 384 Maximum - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 32
xxxii Fabric OS Administrator's Guide 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 33
policies for FC port and switch binding and managing the fabric-wide consistency policy. • Chapter 8, "Maintaining the Switch Configuration File," provides procedures for maintaining and backing up your switch configurations. • Chapter 9, "Installing and Maintaining Firmware," provides preparations - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 34
13, "Administering NPIV," provides procedures for enabling and configuring N-Port ID Virtualization (NPIV). • Chapter 14, "Interoperability for Merged SANs," provides information about using Brocade switches with other brands of switches. • Chapter 15, "Managing Administrative Domains," describes - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 35
-40FC What's new in this document • Information that was added: - Support for new hardware platforms • Brocade VA-40FC switch - Information on device login behavior - 10-bit addressing mode enhancements - WWN-based PID assignment enhancements - NPIV enhancements - Blade compatibility - Loss Dynamic - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 36
command names Identifies the names of user-manipulated GUI elements Identifies keywords and in the narrative portions of this guide are presented in mixed lettercase: for warnings The following notices and statements are used in this manual. They are listed below in order of increasing severity - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 37
cause damage to hardware, firmware, software, or data. Brocade and industry-specific documentation that you might find helpful. Brocade resources To get up-to-the-minute information, go to http://my.brocade.com and register at no cost for a user ID and password. Fabric OS Administrator's Guide - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 38
• Switch model • Switch operating system version • Error numbers and messages received • supportSave command output • Detailed description of the problem, including the switch or fabric behavior immediately following the problem, and specific questions • Description of any troubleshooting steps - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 39
port side of the switch • Brocade 300, 5100, and 5300 - On the switch ID pull-out tab located on the bottom of the port side of the switch. • Brocade 7600, 7800, and 8000 - On the bottom of the chassis. • Brocade 48000 - Inside the chassis next to the power supply bays. • Brocade @brocade.com - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 40
xl Fabric OS Administrator's Guide 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 41
Chapter 4, "Routing Traffic" •Chapter 5, "Managing User Accounts" •Chapter 6, "Configuring Protocols" •Chapter 7, "Configuring Security Policies" •Chapter 8, "Maintaining the Switch Configuration File" •Chapter 9, "Installing and Maintaining Firmware" •Chapter 10, "Managing Virtual Fabrics" •Chapter - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 42
2 Fabric OS Administrator's Guide 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 43
Server, Security Key Distribution Server, and Time Server. Every Brocade switch has reserved three-byte addresses referred to as well-known addresses. These services provided by Brocade switches reside at these addresses and provide a service to either nodes or management applications in the fabric - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 44
consistent format and behavior when a service provider is accessed for registration and query purposes. The Management Server The Brocade Fabric OS Management Server (MS) allows a SAN management application to retrieve information and administer interconnected switches, servers, and storage devices - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 45
a Virtual Fabric. The msPlatShow command displays all platforms registered in a Virtual Fabric. Enabling platform services When FCS policy is enabled, the msplMgmtActivate command can be issued only from the primary FCS switch. The execution of the msplMgmtActivate command is subject to Admin Domain - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 46
end the session. Example of adding a member to the management server ACL switch:admin> msconfigure 0 Done 1 Display the access list 2 Add member based on its Port/Node WWN 3 Delete member based on its Port/Node WWN select : (0..3) [1] 2 6 Fabric OS Administrator's Guide 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 47
, enter y. 8. Press Enter to update the nonvolatile memory and end the session. Example of deleting a member from the management server ACL switch:admin> msconfigure 0 Done 1 Display the access list 2 Add member based on its Port/Node WWN Fabric OS Administrator's Guide 7 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 48
Add member based on its Port/Node WWN 3 Delete member based on its Port/Node WWN based on its Port/Node WWN 3 Delete member based on its Port/Node WWN select : (0..3) [1] 0 Viewing the contents of the management server database 1. Connect to the switch Connect to the switch and log in using - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 49
based on how you want to enable discovery: • For the local switch, enter the mstdEnable command. • For the entire fabric, enter the mstdEnable all command. Example of enabling discovery switch:admin> mstdenable Request to enable MS Topology Discovery Service disabling discovery switch:admin> - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 50
Once storage and host devices are powered on and connected, the following logins occur: 1. FLOGI-Fabric Login command establishes a 24-bit address for the device logging in, and establishes buffer-to-buffer credits and the class of service supported. 2. PLOGI-Port Login command logs the device into - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 51
specific source port and destination port traffic passing though any switch port. This is only supported between F_Ports. • VE_Port - A virtual E_Port is a gigabit Ethernet switch port configured for an FCIP tunnel. However, with a VEX_Port at the other end, it does not propagate fabric services or - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 52
to enter into the Name Server. This enables private devices that do not perform a port still performs a PLOGI and attempts a PRLI with these devices. If a port switch name has changed or an IP address has changed. • Nodes leaving or joining the fabric, such as zoning or powering Guide 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 53
reboot the switch at your send management data to hosts when the switch is accessed through the APIs (FA applications. Reliability, Availability, and Supportability daemon logs error detection, reporting, aliveness check" if auto-FTP is enabled. Traffic daemon implements Bottleneck detection. - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 54
1 High availability of daemon processes 14 Fabric OS Administrator's Guide 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 55
User Manual depending on the version you have. • A third-party application using the API For third-party application procedures, refer to the third-party API documentation. Because of the differences between fixed-port and variable-port devices, procedures sometimes differ among Brocade models - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 56
The hardware reference manuals for Brocade products describe how to power up devices switch, or view the output of the command. To determine which RBAC role you need to run a command, review the section "Role-Based Access Control (RBAC)" on page 84. NOTE When command examples in this guide show user - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 57
from the network, use a console session on the serial port as described in "Console sessions using the serial port" on page 16. NOTE To automatically configure the network interface on a DHCP-enabled switch, plug the switch into the network and power it on. The DHCP client automatically gets the IP - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 58
switch in the network. 5. Enter the account ID at the login prompt. See "Password modification" on page 18 for instructions successful. The prompt displays the switch name and user ID to which you are are logged in as user and enter the help command, a list of all user-level commands that switch - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 59
Model Administrative account Password Brocade 300, 4100, 4900, 5000, 5410, 5424, 5450, 5460, 5470, 5480, admin 5100, 5300, 5424, 7500, 7500E, 7600, 7800, 8000, and VA50-FC switches Brocade 48000 director and Brocade 1. Connect to the switch and log in using the to proceed. for user - root Changing - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 60
switches. The IP addresses can also be assigned to each CP individually. This allows for direct communication with a CP including the standby CP. On the Brocade DCX and DCX-4S Backbones, each CP has two management Ethernet ports another. Each IP-over-FC (IPFC) point of connection Guide 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 61
serial port. For more information, see "Console sessions using the serial port" on page 16. Otherwise, connect using SSH. 1. Connect to the switch and interface is configured. Verify the information on your switch is correct. If DHCP is enabled, the network interface information was acquired from - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 62
2 The Ethernet interface on your switch Static Ethernet addresses Use static Ethernet network interface addresses on Brocade 48000 directors and Brocade DCX and DCX-4S enterprise-class platforms, and in environments where DHCP service is not available. To use static addresses for the Ethernet - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 63
Brocade switches have DHCP enabled. The Brocade 48000 director and Brocade DCX and Brocade DCX-4S enterprise-class platforms do not support DHCP. The Fabric OS DHCP client supports the following parameters: • External Ethernet port instructions on setting the FC IP address. 1. Connect to the switch - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 64
and subnet mask of the switch and default gateway address. 1. Connect to the switch and log in using an Example of disabling DHCP switch:admin> ipaddrset Ethernet IP enabled on the upgraded platform. In upgrades or downgrades between versions of Fabric OS that support autoconfiguration, the enabled - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 65
addresses have been configured. Setting IPv6 autoconfiguration 1. Connect to the switch and log in using an account assigned to the admin role. 2. Take the appropriate following action based on whether you want to enable or disable IPv6 autoconfiguration: • Enter the ipAddrSet -ipv6 -auto command - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 66
). Example of showing and setting the date switch:admin> date Fri Sep 29 17:01:48 UTC 2007 Stealth200E:admin> date "0204101008" switch, you can perform the following tasks: • Display all of the time zones supported in the firmware. • Set the time zone based on a country and city combination or based - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 67
time zones supported by the firmware. • Use timeZone_fmt to set the time zone by Country/City or by time zone ID, such as PST. Example of displaying and changing the time zone to US/Central switch:admin> tstimezone Time Zone : US/Pacific switch:admin> tstimezone US/Central switch:admin> tstimezone - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 68
servers Changes to the clock server value on the principal or primary FCS switch are propagated to all switches in the fabric. Domain IDs Although domain IDs are assigned dynamically when a switch is enabled, you can change them manually so that you can control the ID number or resolve a domain ID - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 69
a domain ID not used within the fabric. The default domain ID for Brocade switches is 1. ATTENTION Do not use domain ID 0. The use of this domain ID can cause the switch to reboot continuously. Avoid changing the domain ID on the FCS in secure mode. To minimize down time, change the domain IDs on - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 70
FC IP Addr Name The switch's Ethernet IP address for IPv4- and IPv6-configured switches. For IPv6 switches, only the static IP address displays. The switch's Fibre Channel IP address. The switch's symbolic or user command to re-enable the switch. Switch names Switches can be identified - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 71
you perform graceful shutdowns of Brocade switches and enterprise-class platforms. Warm reboot refers to shutting down the appliance per the instructions below, also known as a graceful shutdown. Cold boot refers to shutting down the appliance by suddenly shutting down power and then turning it back - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 72
The system is halted flushing ide devices: hda Power down. 5. Power off the switch. Powering off a Brocade enterprise-class platform 1. From the active CP 10 08:36:48 2008... The system is going down for system halt NOW !! 4. Power off the switch. 32 Fabric OS Administrator's Guide 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 73
one. For devices that cannot be powered off, first use the portDisable command to disable the port on the switch, connect the device, and then use the portEnable command to enable the port. Switch connection See the hardware user's guide of your specific switch for interswitch link (ISL) connection - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 74
2 Basic connections 34 Fabric OS Administrator's Guide 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 75
44 •Enabling and disabling blades 48 •Blade swapping 50 •Power management 53 •Equipment status 54 •Track and control switch changes 56 •Audit log configuration 59 PIDs and PID binding overview Port identifiers (PIDs, also called Fabric Addresses) are used by the routing and zoning services in - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 76
mode enabled, each port has a fixed address assigned by the system based on the port number. This address does not change unless you choose to swap the address using the portSwap command. 10-bit addressing mode This is the default mode for all the logical switches created in the Brocade DCX - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 77
from the entire range 0x00 to 0xff for the PID. Port-based mode does not support the upper 16 ports of a 48 port blade in a logical switch. WWN-based PID assignment WWN-based PID assignment is disabled by default. When the feature is enabled, bindings are created dynamically; as new devices log in - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 78
and is supported in the default switch on a Brocade DCX and DCX-4S. This feature is not supported on application blades such as the FS8-18, FX8-24, and the FCOE10-24. The total number of ports in the default switch must be 256 or less. When the WWN-base PID assignment feature is enabled and a new - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 79
differ from those for fixed-port switches. For example, fixed-port models identify ports only by the port number, while enterprise-class platforms identify ports by slot/port notation. NOTE For detailed information about the Brocade 48000 director, and the Brocade DCX and DCX-4S enterprise - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 80
(for example, 16-port blades and 32-port blades, or 16-port blades and 18-port blades with 16 FC ports and 2 GbE ports, or 16-port and 48-port blades), the area IDs no longer match the port numbers. Table 3 lists the port numbering schemes for the Brocade 48000, and the Brocade DCX and DCX-4S - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 81
ID no longer match. On 48-port blades, port swapping is supported only on ports 0-15. To determine the area ID of a particular port, enter the switchShow command. This command displays all ports on the current (logical) switch and their corresponding area IDs. Port identification by index With the - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 82
be enabled, and both switch ports must be disabled. The swapped area IDs for the two ports remain persistent across reboots, power cycles, and failovers. Brocade 48000 and Brocade DCX platforms only: You can swap only ports 0 through 15 on the FC4-48 and FC8-48 port blades. You cannot swap ports 16 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 83
disabled and you use the portEnable command to enable a disabled port, the port will revert to being disabled after a power cycle or a switch reboot. To ensure the port remains enabled, use the portCfgPersistentEnable command as instructed below. CAUTION The fabric will be reconfigured if - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 84
CR4S-8 46 16-port 2-Gbps port blade FC2-16 4 16-port 4-Gbps port blade FC4-16 17 16-port 8-Gbps port blade FC8-16 21 The third generation CP blade provided with the Brocade 48000. This CP supports 1, 2, 4, 8, and 10 Gbps port speeds, as well as 16-, 32-, and 48-port blades. The CP blade - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 85
-based routing. This port blade is compatible only with the Brocade 48000 CP blades. FC4-48 blades do not support FL_Ports. A 48-port Brocade platform port blade supporting 1, 2, 4, and 8 Gbps port speeds. The Brocade DCX and DCX-4S support loop devices on 48-port blades in a Virtual Fabric-enabled - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 86
Port blades Brocade 48000 (CP4) Brocade DCX and DCX-4S FA4-18 FC10-6 FC4-16 FC4-16IP FC4-32 FC4-48 FC8-16 FC8-32 FC8-48 FC8-64 FCOE10-241 FR4-18i Supported Supported Supported Supported Supported Supported Supported Supported Supported Unsupported Unsupported Supported Supported Supported - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 87
-24 blades will be faulted. Blades are powered up starting with slot 1. The maximum number of application blades supported on a Brocade DCX is eight with any combination. For example, 4 FA4-18, 8 FR4-18i. There is no restriction on port blades (FC8-16, FC8-32, FC8-48, FC10-6 and FC8-64). The FC8-64 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 88
interfering with your new application blade. Enabling blades 1. Connect to the switch and log in as admin. 2. Enter the bladeEnable command with the slot number of the port blade you want to enable. ecp:admin> bladeenable 3 Slot 3 is being enabled 48 Fabric OS Administrator's Guide 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 89
not supported in either the Brocade DCX or DCX-4S enterprise-class platform. • You have turned on the power to the chassis and the FR4-18i blade in that slot was not active prior to the power-on you must persistently enable the ports manually. For instructions on how to manually persistently enable - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 90
. • Blade swapping is not supported when swapping to a different model of blade or a different port count. For example, you cannot swap an FC8-32 blade with an FC8-48 port blade. NOTE This feature is not supported on the FX8-24 DCX Extension blade. 50 Fabric OS Administrator's Guide 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 91
Channel, Ethernet to Ethernet, application to application, etc). • Port Count. Both blades must support the same number of front ports. For example, 16-ports to 16-ports, 32-ports to 32-ports, 48-ports to 48-ports, and so on. • Availability. The ports on the destination blade must be available for - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 92
Port swapping The swap ports action is effectively an iteration of the portSwap command for each port on the source blade to each corresponding port into different logical switches as long as they are carved the same way. If slot 1 and slot 2 ports 0-7 are all in the same logical switch, then blade - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 93
blade to the destination blade. 4. Enter the bladeEnable command on the destination blade to enable all user ports. Power management All blades are powered on by default when the switch chassis is powered on. Blades cannot be powered off when POST or AP initialization is in progress. To manage - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 94
of your system to determine the appropriate values. 5. Enter the psShow to display the current status of the switch power supplies. Refer to the hardware reference manual of your system to determine the appropriate values. 6. Enter the slotShow -m command to display the inventory and the current - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 95
on, and running the POST. ENABLED: The blade is on and enabled. DISABLED: The blade is powered on but disabled. FAULTY: The blade is faulty because an error was detected. The reason code numbers displayed are used by Support personnel to assist with problem diagnosis. Review the system error logs - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 96
-TRAP mode can also be enabled (see the trackChangesHelp command in the Fabric OS Command Reference). Enabling the track changes feature 1. Connect to the switch and log in using an 1001], 5, FID 128, INFO, ras007, Successful login by user admin. 56 Fabric OS Administrator's Guide 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 97
will change if three ports fail. Only one policy parameter needs to pass the MARGINAL or DOWN threshold to change the overall status of the switch. For more information about setting policy parameters, see the Fabric Watch Administrator's Guide. 1. Connect to the switch and log in using an account - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 98
command to view your current switch status policy configuration. Example output from a switch The following example displays what is typically seen from a Brocade 300, 4100, 4900, 5000 [1] Out of range Flash contributing to DOWN status: (0..1) [0] 58 Fabric OS Administrator's Guide 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 99
the Brocade 48000, and Brocade DCX SANs you may want to audit certain classes of events to ensure that you can view and generate an audit log for what is happening on a switch, particularly for security-related event changes. These events include login failures, zone configuration changes, firmware - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 100
auditCfg command operands used to enable auditing of a specific class User ID>///,/,/, , Switch names are logged for switch to the Fabric OS Troubleshooting and Diagnostics Guide. Verifying host syslog - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 101
operands are identified in Table 7 on page 60. 3. Enter the auditCfg --enable command, which enables audit event logging based on the classes configured in step 2. switch:admin> auditcfg --enable Audit filter is enabled. To disable an audit event configuration, enter the auditCfg --disable command - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 102
3 Audit log configuration 62 Fabric OS Administrator's Guide 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 103
Dynamic Load Sharing on ports 79 •Frame Redirection 81 Routing overview Data moves through a fabric from switch to switch and from storage to server supported. Both Unicast Class 2 and 3 traffic are supported. Broadcast and multicast are supported in Class 3 only. Fabric OS Administrator's Guide - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 104
and destination based upon the the switches in ports on the switch. FSPF is not involved in frame switching switch will be used as the Principal ISL. Figure 5 shows the thicker red lines as principal ISLs, and thinner green lines as regular ISLs. FIGURE 5 Principal ISLs ATTENTION FSPF only supports - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 105
a switch transmits user between switches, and based port on a remote switch Destination ID (DID). When an ISL is attached or removed from a switch switch (intra-switch communications), the frame buffer is copied to the destination port and a credit R_RDY is sent to the host. The switch FC-NAT). Using FC - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 106
link between two switches, E_Port-to-E_Port. The ports of the two switches automatically come online as E_Ports, once the login process finishes successfully. For more information on the login process refer to Chapter 1, "Understanding Fibre Channel Services". FIGURE 6 New switch added to existing - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 107
. Some fabric services, such as Management Server must match. If it is enabled in the fabric, then the switch you are introducing into the fabric must also have it enabled. If you experience a segmented fabric, refer to the Fabric OS Troubleshooting and Diagnostics Guide to fix the problem. Buffer - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 108
switch links FIGURE 7 Virtual Channels on a 1/2/4 Gbps ISL Quality of Service (QoS) is a licensed traffic shaping feature available in Fabric OS. QoS allows the prioritization of data traffic based VC8-14, are used to multiplex data frames based upon QoS Zones when congestion occurs. For more - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 109
such as IP or SONET. Except for link initialization, gateways are transparent to switches; the gateway simply provides E_Port connectivity from one switch to another. Figure 9 shows two separate SANs, A-1 and A-2, merged together using a gateway. Fabric OS Administrator's Guide 69 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 110
link merges SAN By default, switch ports initialize links using the Exchange Link Parameters (ELP) mode 1. However, gateways expect initialization with ELP mode 2, also referred to as ISL R_RDY mode. Therefore, to enable two switches to link through a gateway, the ports on both switches must be - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 111
domain and is managed as a separate switch. On the Brocade DCX there are two ICL connectors at ports ICL0 and ICL1 on each core blade, each aggregating a set of 16 ports. Thus, each core blade provides 32 ICL ports and there are 64 ICL ports available for the entire Brocade DCX chassis. All the ICL - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 112
ICL ports only when you issue the portDisable or portEnable commands on the switch for the ports. All ICL ports must be disabled, and then re-enabled for blades and ports, see the Brocade DCX Hardware Installation manual. When you connect two Brocade Backbones, the following features are supported: • - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 113
the Brocade DCX-4S Backbone Hardware Reference Manual for instructions on how to cable ICLs. Chassis 1 Chassis 3 ICL 3 ICL 1 ICL 2 Chassis 2 FIGURE 11 ICL triangular topology Virtual Fabrics considerations: In Virtual Fabrics, the ICL ports can be split across the logical switch, base switch - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 114
is engaged. Port-based routing The choice of routing path is based only on the incoming port and the destination domain. To optimize port-based routing, DLS can be enabled to balance the load across the available output ports within a domain. 74 Fabric OS Administrator's Guide 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 115
routers only: When an FC router is in port-based routing mode, the backbone traffic is load-balanced based on SID and DID. When an FC router is in exchange-based routing mode, the backbone traffic is load-balanced based on SID, DID, and OXID. Whatever routing policy a switch is using applies to the - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 116
. In other words, you cannot enable or disable DLS when the exchange-based routing policy is in effect. When the port-based policy is in force, you can enable DLS to optimize routing. When DLS is enabled, it shares traffic among multiple equivalent paths between switches. DLS recomputes load sharing - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 117
:admin> dlsreset switch:admin> dlsshow DLS is not set Static route assignment A static route can be assigned only when the active routing policy is port-based routing. When exchange-based routing is active, you cannot assign static routes. Static routes are supported only on the Brocade 4100 and - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 118
port-based routing policy. In a stable fabric, frames are always delivered in order, even when the traffic between switches -order frame-based delivery is allowed to minimize the number of frames dropped. Enabling in-order across topology changes 1. Connect to the switch and log in as admin. 2. Enter - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 119
5300, and VA-40FC switches, and the FC8-16/32/64/48 port blades, the FC8-32 and FX8-18 application blades in the Brocade DCX and DCX-4S enterprise-class platforms. On the Brocade 7800 switch and the FX8-24 application blade, Lossless DLS is supported only on FC to FC port flows. ATTENTION When you - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 120
Load Sharing is optional on logical switches in a Virtual Fabric. If you enable this feature, it must be on a per logical switch basis and can affect other logical switches in the fabric.XISL use must be disabled for Lossless DLS to be enabled 80 Fabric OS Administrator's Guide 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 121
of how DLS affects other logical switches in the fabric On a Brocade DCX platform, logical switch 1 consists of ports 0 through 5 in slot 1. Logical switch 2 consists of ports 6-10 in slot 1. The Lossless DLS feature is enabled on logical switch 1. Because ports 0-10 in slot 1 belong to a logical - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 122
port where the appliance is attached to the target switch is the virtual target. Creating a frame redirect zone The first time this command is run the following zone objects are created by default: • The base 40:40:40:40): switch:admin>zone --rdcreate base RD zone, "red_______base". When the base - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 123
•The boot PROM password 95 •The authentication model using RADIUS and LDAP 99 User accounts overview In addition to the default accounts-root, factory, admin, and user-Fabric OS supports up to 252 additional user-defined accounts in each logical switch (domain). These accounts expand your ability - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 124
managed using the local user database. The local user database is manually synchronized using the distribute command to push a copy of the switch's local user database to all other Fabric OS v5.3.0 and later switches in the fabric. Role-Based Access Control (RBAC) Role-Based Action Control (RBAC - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 125
permissions matrix Category Role permission Admin Basic Switch Admin Fabric Admin Operator Security Switch User Zone Admin Admin Admin Admin Domains OM O N N N ON OM O NO O O NO N N NN O O ON N N NN N OM O N OM N NN Fabric OS Administrator's Guide 85 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 126
Admin Fabric Admin Operator Security Switch User Zone Admin Admin Admin Encryption Management Ethernet Configuration Fabric Fabric Distribution Fabric Routing Fabric Watch FICON FIPS Bootprom FIPS Configuration Firmware Key Management Firmware Management FRU Management HA (High Availability - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 127
OM O OM OM OM Switch Management OM O OM OM O Switch Management-IP Configuration OM O OM OM OM Switch Port Configuration OM OM OM OM O Switch Port Management OM OM OM OM O Topology OM O OM O N USB Management OM N N N OM User Management OM N N N OM WWN - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 128
a subset of the account that is making the change. In addition to the default administrative and user accounts, Fabric OS supports up to 252 user-defined accounts in each logical switch (domain). These accounts expand your ability to track account access and audit administrative activities. Default - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 129
user accounts. 1. Connect to the switch user accounts. When changing account parameters, if you change the ADlist for the user user, or any role with an ADlist 11-25 or LFlist 11-128. The user 1. Connect to the switch and log in. different account 1. Connect to the switch and log in using an account - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 130
enabled and there are logical switches defined other than the default logical switch, then distributing the password database to switches is not supported fddCfg --localaccept PWD command. Rejecting distributed user databases on the local switch 1. Connect to the switch and log in using an account - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 131
to the local switch user database only. Configured password policies (and all user account attribute and password state information) are synchronized across CPs and remain unchanged after an HA failover. Password policies can also be manually 's Guide 91 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 132
The password history policy prevents users from recycling recently used passwords, and is enforced across all user accounts when users are setting their own when an administrator sets a password for another user; instead, the user's password history is preserved and the password set by the - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 133
can unlock a locked account at any time. A failed login attempt counter is maintained for each user on each switch instance. The counters for all user accounts are reset to zero when the account lockout policy is enabled. The counter for an individual account is reset to zero when the account is - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 134
user Enabling the admin lockout policy 1. Log in to the switch switch user account that is locked out. Disabling the admin lockout policy 1. Log in to the switch using an account that is an Admin role or securityAdmin role. 2. Enter the passwdCfg --disableadminlockout command. Denial of service service - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 135
to the following switch models: Brocade 300, 4100, 4900, 5000, 5410, 5424, 5450, 5460, 5470, 5480, 5100, 5300, 7500, 7500E, 7600, 7800 and 8000 switches. If your switch is not listed, please contact your switch support provider for instructions. 1. Connect to the serial port interface as described - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 136
higher security. The firmware prompts for this Reboot the switch by typing platforms: Brocade 48000 director and Brocade DCX Brocade 48000, Brocade DCX and DCX-4S enterprise-class platforms. 1. Connect to the serial port following appropriate action based on whether you to Customer Support for - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 137
models: Brocade 300, 4100, 4900, 5000, 5410, 5424, 5450, 5460, 5470, 5480, 5100, 5300, 7500, 7500E, 7600, 7800, 8000, and VA-40FC switches. The password recovery instructions contained within this section are only for the switches listed. If your switch is not listed, contact your switch support - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 138
: Brocade 48000 director, Brocade DCX and DCX-4S Data Center Backbones. On the Brocade 48000 director and Brocade DCX "Connecting to Fabric OS through the serial port" on page 16. 4. Reboot the standby CP blade by sliding the On/Off switch on the ejector handle of the standby Guide 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 139
to the serial port on the new Troubleshooting and Diagnostics Guide. The authentication model using RADIUS and LDAP Fabric OS supports the use of either the local user database and the remote authentication dial-in user service Brocade 48000 and Brocade DCX enterprise-class platforms, the switch - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 140
or LDAP servers do not respond due to power failure or network problems, the switch uses local authentication. Consider the effects of the use of RADIUS or LDAP service on other Fabric OS features. For example, when RADIUS or LDAP service is enabled, all account passwords must be managed on the - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 141
with the assigned switch role in a Brocade Vendor-Specific Attribute (VSA). If the response does not have a VSA role assignment, the User role is assigned. If no Administrative Domain is assigned, then the user is assigned to the default Admin Domain AD0. Fabric OS Administrator's Guide 101 53 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 142
name of the assigned role and other supported attribute values such as Admin Domain member list. Fabric OS users on the RADIUS server All existing Fabric OS mechanisms for managing local switch user accounts and passwords remain functional when the switch is configured to use RADIUS. Changes made - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 143
Auth-Type := Local, User-Password == "myPassword" Brocade-Auth-Role = "admin", Brocade-AVPairs1 = "HomeLF=70", Brocade-AVPairs2 = "LFRoleList=admin:2,4-8,70,80,128;ChassisRole=admin", Brocade-Passwd-ExpiryDate = "11/10/2008", Brocade-Passwd-WarnPeriod = "30" Fabric OS Administrator's Guide 103 53 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 144
key-value pairs. Note that a switch always parses these attributes from Vendor- user-opr Auth-Type := Local, User-Password == "password" Brocade-Auth-Role = "operator", Brocade-AVPairs1 = "ADList=1,2;HomeAD=2", Brocade-AVPairs2 = "ADList=-4-8,20;ADList=7,9,12" 104 Fabric OS Administrator's Guide - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 145
switch access roles. To manage a fabric, these roles can be User, Admin, and SecurityAdmin. Configuring RADIUS server support RADIUS service on Linux consists of the following tasks: • Adding the Brocade attribute to the server • Creating the user • Enabling clients Adding the Brocade attribute - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 146
70,80,128", Brocade-AVPairs3 = "ChassisRole=switchadmin", Brocade-Passwd-ExpiryDate = "11/10/2008", Brocade-Passwd-WarnPeriod = "30" When you use network information service (NIS) for authentication, the only way to enable authentication with the password file is to force the Brocade switch to - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 147
The authentication model using RADIUS and LDAP 5 Enabling clients Clients are the switches that will use the RADIUS server; each client must be defined. By default, all IP addresses are blocked. The Brocade 48000 director, Brocade DCX and DCX-4S enterprise-class platforms send their RADIUS - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 148
Enter String. Attribute value-Enter the login role (Root, Admin, SwitchAdmin, User, etc.) the user group must use to log in to the switch. e. After returning to the Internet Authentication Service window, add additional policies for all Brocade login types for which you want to use the RADIUS server - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 149
.ini file: vendor-product = Brocade dictionary = brocade ignore-ports = no port-number-usage = per-port-type help-id = 2000 b. Create a brocade.dct file that needs to be added into the dictiona.dcm file located in the following path: C:\Program Files\RSA Security\RSA RADIUS\Service Figure 14 on page - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 150
.dct @bandwagn.dct @brocade.dct - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 151
a manual process explained later. • Only IPv4 is supported for LDAP. • LDAP authentication is used on the local switch only and not for the entire fabric. • You can use the User-Principal-Name and not the Common-Name for AD LDAP authentication. To provide backward compatibility, authentication based - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 152
model using RADIUS and LDAP 3. Create a group name that uses the switch's role name so that the Active Directory group's name is the same as the switch switch. 4. Associate the user to the group by adding the user to the group. For instructions on how to create a user user user To create a user "user@ - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 153
model using comes with Service Pack 1 or you can download this utility from the Microsoft web site. 2. Go to CN=Users 3. Right =10;LFRoleList=admin:128,10;ChassisRole=admin In this example, the logical switch that would be logged into by default is 10. If 10 is 's Guide 113 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 154
5 The authentication model using RADIUS and LDAP Authentication servers on the switch At least one RADIUS or LDAP server must be configured before you can enable RADIUS or LDAP service. You can configure the RADIUS or LDAP service even if it is disabled on the switch. You can configure up to five - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 155
local authentication as backup It is useful to enable local authentication so that the switch can take over authentication locally if the RADIUS or LDAP servers fail to respond because of power outage or network problems. Example of enabling local authentication, enter the following command for - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 156
5 The authentication model using RADIUS and LDAP 116 Fabric OS Administrator's Guide 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 157
Ports and applications used by switches to the switch while the switch remains supports the secure protocols shown in Table 18. TABLE 18 Secure protocol support HTTP connection. Web Tools supports the use of hypertext transfer protocol. Configuration upload and download support the use of SCP. SNMP - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 158
remote computer and allow the remote computer to authenticate the user, if necessary. Fabric OS uses secure socket layer (SSL) to support HTTPS. A certificate must be generated and installed on each switch to enable SSL. Supports SSLv3, 128-bit encryption by default. Table 19 describes additional - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 159
switch:admin> configure Not all options will be available on an enabled switch. To disable the switch, use the "switchDisable" command. Configure... System services signature validation for firmware (yes, y, no, n): [no] Secure Shell protocol To ensure security, Fabric OS supports secure shell (SSH - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 160
based authentication systems is that in many cases, it is possible to establish secure connections without having to manually type in a password. RSA and DSA asynchronous algorithms are FIPS-compliant. Allowed-user The default admin user must set up the allowed-user switch. The allowed-user switch: - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 161
95:42:5c:d1 alloweduser@mymachine 5. Import the public key to the switch by logging in to the switch as the allowed-user and entering the sshUtil importpubkey command to import the key. Example of , such as firmwareDownload or configUpload. Fabric OS Administrator's Guide 121 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 162
Deleting keys on the switch 1. Log in to the switch as the allowed-user. 2. Use the Web-based management tools like Web Tools. SSL support is a standard Fabric OS feature. Switches configured support, see the Web Tools Administrator's Guide. 122 Fabric OS Administrator's Guide 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 163
Typically, the CA provides the certificate files listed in Table 21. Brocade supports .pem, .crt. and .cer files from the Certificate Authority. switches, consider using one certificate authority (CA) to sign all management certificates for a fabric. If you use different CAs, management services - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 164
Generating new rsa public/private key pair Done. Because CA support for the 2048-bit key size is limited, you should this procedure on each switch. 1. Connect to the switch and log in as eg, city name):San Jose Organization Name (eg, company name):Brocade Organizational Unit Name Guide 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 165
the switch on instructions on the CA Web site; then, perform this procedure for each switch the instructions to switch certificate Perform this procedure on each switch. 1. Connect to the switch switch certificate is saved, and enter your login name and password. Example of installing a switch switch - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 166
certificate is listed. Take the appropriate following action based on whether you find the certificate: • If the instructions to import the certificate. Root certificates for the Java Plug-in For information on Java requirements, see "Browser and Java support" on page 122. This procedure is a guide - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 167
MIB (SW-MIB), this MIB monitors Brocade switches specifically. • FibreAlliance MIB trap Associated with the FibreAlliance MIB (FA-MIB), this MIB manages SAN switches and devices from any company that complies with FibreAlliance specifications. Fabric OS Administrator's Guide 127 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 168
allow SNMP to obtain the port information only from within the current Virtual Fabrics context. Switch and Chassis context enforcement All attributes are classified into one of two categories: • Chassis-level attributes • Switch-level attributes 128 Fabric OS Administrator's Guide 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 169
the user has the chassis-role permission. The context is switched instructions, and information about using the Brocade SNMP agent, see the Fabric OS MIB Reference. Telnet protocol Telnet is enabled by default. To prevent passing clear text passwords over the network when connecting to the switch - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 170
Unblocking Telnet 1. Connect to the switch through a serial port or SSH and log in as admin. 2. Type in the ipfilter --delete command. Refer to "Deleting a rule to an IP Filter policy" on page 157 for more information on deleting IP filter rules. 130 Fabric OS Administrator's Guide 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 171
Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Ports and applications used by switches If you are using the FC-FC Routing Service, be aware that the secModeEnable command is not supported in Fabric OS v6.1.0 and later. Table 23 lists the - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 172
can connect to any FC port in the fabric. Any switch can join the fabric. All switches in the fabric can be accessed through a serial port. No zoning is enabled. Port configuration Table 24 provides information on ports that the switch uses. When configuring the switch for various policies, take - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 173
policies overview Each supported Access Control List (FCS) policy - Used to restrict which switches can ports can connect to which Fibre Channel switch ports. • Switch connection control (SCC) policy - Used to restrict which switches can join with a switch types of FCS, DCC, SCC, and IPFilter. The - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 174
and in AD0 only if there are no user-defined Admin Domains. Both AD0 (when no other user-defined Admin Domains exist) and AD255 provide an 1Mb per logical switch. Policy members The FCS, DCC and SCC policy members are specified by device port WWN, switch WWN, domain IDs, or switch names, depending - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 175
switch and log in using an account assigned to the admin role. 2. Type the secPolicyShow command. switch to the switch and log Connect to the switch and log in an ACL policy 1. Connect to the switch and log in using an account assigned deleting an ACL policy switch:admin> secpolicydelete " - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 176
to the switch and log in using the switch WWN: switch:admin> secpolicyadd ports 1 and 3 (WWNs of devices are 11:22:33:44:55:66:77:aa and 11:22:33:44:55:66:77:bb): switch to the switch and log in 00:40 from the SCC_POLICY: switch:admin> secpolicyremove "SCC_POLICY", "12 switch and log switch - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 177
modify and distribute the database within the fabric. Automatic distribution is supported and you can either configure the switches in your fabric to accept the FCS policy or manually distribute the FCS policy. Changes made to the FCS policy are saved to permanent memory only after the changes have - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 178
FCS: switch:admin> secpolicycreate "FCS_POLICY", "2;4" FCS_POLICY has been created 3. To save or activate the new policy, enter either the secPolicySave or the secPolicyActivate command. Once the policy has been activated you can distribute the policy. 138 Fabric OS Administrator's Guide 53 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 179
to activate and save the new order. FCS policy distribution The FCS policy can be automatically distributed using the fddCfg --fabwideset command or it can be manually distributed to the switches using the distribute -p command. Each switch that receives the FCS policy must be configured to receive - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 180
DCC policies and F_Port trunking, refer to the Access Gateway Administrator's Guide. Each device port can be bound to one or more switch ports; the same device ports and switch ports may be listed in multiple DCC policies. After a switch port is specified in a DCC policy, it permits connections only - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 181
not supported on the CEE ports of the Brocade 8000. Creating a DCC policy DCC policies must follow the naming convention "DCC_POLICY_nnn," where nnn represents a unique string. The maximum length is 30 characters, including the prefix DCC_POLICY_. Device ports must be specified by port WWN. Switch - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 182
:cc, ports 1 through 4 of switch domain 4, and all devices currently connected to ports 1 through 4 of switch domain 4: switch:admin> switch:admin> secpolicydelete ALL_STALE_DCC_POLICY About to clear all STALE DCC policies ARE YOU SURE (yes, y, no, n): [no] y 142 Fabric OS Administrator's Guide - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 183
ISL. The following functionality changes: • A logical switch supports an SCC policy. You can configure and distribute an SCC policy on a logical switch. • SCC enforcement is performed on a ISL based on the SCC policy present on the logical switch. For more information on Virtual Fabrics, refer to - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 184
there is a state change for the switch or port. The state change can be due to a switch reboot, a switch or port disable and enable, or the activation of a policy. Key database on switch Local secret A Peer secret B Key database on switch Local secret B Peer secret A Switch A FIGURE 16 DH-CHAP - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 185
initiate authentication. Authentication is not supported on logical ports ". For more information on Virtual enable a Virtual Fabric and configure the E_Ports to perform authentication using the AUTH policies authUtil command. switch:admin> fosconfig -enable vf Fabric OS Administrator's Guide - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 186
for specific ports on the switch switch:admin> authutil --authinit 2,3,4 Example for all E_Ports on the switch switch:admin> authutil --authinit allE Example for enterprise-class platforms using the slot/port format switch:admin> authutil --authinit 1/1, 1/2 146 Fabric OS Administrator's Guide 53 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 187
also be categorized as an F_Port, node port, or an HBA authentication policy. Fabric-wide distribution of the device authentication policy is not supported because the device authentication requires manual interaction in setting the HBA shared secrets and switch shared secrets, and most of the HBAs - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 188
: auth type, hash type, group type. Supported HBAs The following HBAs support authentication: • Emulex LP11000 (Tested with Storport Miniport v2.0 windows driver) • Qlogic QLA2300 (Tested with Solaris v5.04 driver) • Brocade Fibre Channel HBA models 415, 425, 815 and 825 Authentication protocols - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 189
(for example, you enable the switch), then switch authentication fails. Secret key pairs for DH-CHAP When you configure the switches at both ends of 10:00:00:60:69:80:07:52 Unknown 10:00:00:60:69:80:07:5c 1 switchA Setting a secret key pair 1. Log in to the switch using an account assigned to - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 190
secrets > Enter WWN, Domain, or switch name (Leave blank when done): 10:20:30:40:50:60:70:80 Enter peer secret: Re-enter peer enable the ports on a peer switch using the portDisable and portEnable commands. FCAP configuration overview You can configure the switch to use either Brocade - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 191
ATTENTION Only the .pem file is supported for FCAP authentication. TABLE 31 FCAP certificate switch:admin> seccertutil export -fcapswcert Select protocol [ftp or scp]: scp Enter IP address: 10.1.2.3 Enter remote directory: /myHome/jdoe/OPENSSL Enter Login Name: jdoe Fabric OS Administrator's Guide - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 192
will need to install or import them onto the local and remote switches. 1. Log in to the switch using an account assigned to the admin role. 2. Enter the secCertUtil This makes the changes permanent and forces the switch to request authentication. 152 Fabric OS Administrator's Guide 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 193
manually distributed to the fabric by command; there is no support for automatic distribution. To distribute the AUTH policy, see "Distributing the local ACL policies" on page 160 for instructions. Local Switch rules. Fabric OS supports multiple IP Filter switch all the logical switches in the chassis - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 194
active policy. 1. Log in to the switch using an account assigned to the admin role set to no. 1. Log in to the switch using an account assigned to the admin role instead. 1. Log in to the switch using an account assigned to the admin user confirmation before proceeding. 1. Log in to the switch using - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 195
from a switch. A valid port number range is represented by a dash, for example 7-30. Alternatively, service names can also be used instead of port number. Table 32 lists the supported service names and their corresponding port number. TABLE 32 Supported services Service name Port number http - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 196
Supported services (Continued) Service name Port number snmp 161 ssh 22 sunrpc 111 telnet 23 www 80 TCP and UDP protocols are valid selections. Fabric OS v6.2.0 and later does not support port ranges is allowed, so that management IP traffic initiated from a switch port TCP 80 TCP - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 197
found for the source address, destination port, and protocol, the corresponding action interface of a switch is changed through . NOTE If a switch is part of a . 1. Log in to the switch using an account assigned to the Log in to the switch using an account assigned to the switch using an account - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 198
transaction is aborted. The IPFilter policy can be manually distributed to the fabric by command; there is no support for automatic distribution. To distribute the IPFilter policy, see "Distributing the local ACL policies" on page 160 for instructions. Switches with Fabric OS v6.2.0 or later have - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 199
basis. Table 36 lists the databases supported in Fabric OS v6.2.0 and later switches. TABLE 36 Supported policy databases Database type Database identifier (ID) Authentication policy database DCC policy database FCS policy database IP Filter policy database Password database SCC policy database - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 200
FCS - accept AUTH - accept IPFILTER - accept Fabric Wide Consistency Policy:- "" Enabling local switch protection 1. Connect to the switch is strict, the database cannot be manually distributed. When you set a strict switches in the fabric. 160 Fabric OS Administrator's Guide 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 201
Active policy set for that policy type (SCC, DCC, or both) to the other switches in the fabric. NOTE FC routers cannot join a fabric with a strict fabric-wide consistency policy. FC routers do not support the fabric-wide consistency policies. Table 37 describes the fabric-wide consistency settings - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 202
FCS - accept AUTH - accept IPFILTER - accept Fabric Wide Consistency Policy:- "SCC:S;DCC" Notes on joining a switch to the fabric When a switch the switch can switch joins the fabric successfully. If the ACL policies are absent on the switch or on the fabric, the switch the switch switch switch - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 203
policies Ports are disabled. 1. To resolve the policy conflict, manually distribute the database you want to use to the switch with the the merge fails and the ports are disabled. Table 39 on page 164 shows merges that are not supported. Fabric OS Administrator's Guide 163 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 204
Ports connecting switches Brocade switch or enterprise-class platform. There may be routers, gateways, and firewalls in between the two ends. ATTENTION Enabling services. The goal of IPsec is to provide the following capabilities: • Authentication - Ensures that the sending and receiving end-users - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 205
Prevents replay attack, a type of denial of service (DoS) attack where an attacker intercepts a series of packets and resends them to cause the management interfaces based on IPv4 or IPv6 addresses, a range of IPv4 or IPv6 addresses, the type of application, port numbers, and port types used - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 206
network in order to take advantage of protection provided by a corporate firewall against Internet-based attacks. In either case, the protected endpoint will want an IP address associated with , integrity and confidentiality of the communication. 166 Fabric OS Administrator's Guide 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 207
MD5 and SHA to calculate a hash based on a secret key and the contents secret key. To protect against denial of service attacks, the IPsec protocols use a is created. Use the ipsecConfig --flush manual-sa command to remove all SA is the supported combination. Authentication Guide 167 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 208
MD5 hash algorithm is blocked when FIPS mode is enabled Triple DES is a more secure variant of policies An IPsec policy determines the security services afforded to a packet and the treatment selector (IP address, protocol, and port information) and transform set. IPsec traffic Guide 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 209
or a certificate-based method, such as RSA signatures. Key management The IPsec key management supports Internet Key Exchange or Manual key/SA to import, delete, or display the pre-shared keys in the local switch database. For more information on this procedure, refer to Chapter 6, "Configuring - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 210
local policy database. Manual SA entries are persistent across system reboots. Creating the tunnel These instructions do not take the Enable IPsec. a. Connect to the switch and log in using an account assigned to the admin role. b. Enter the ipSecConfig --enable command to enable IPsec on the switch - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 211
peer. switch:admin> ipsecconfig transform on each switch using the ipSecConfig switch: switch using protected. switch:admin> 33.69.132 -transform TRANSFORM01 switch:admin> ipsecconfig --add policy ips ping session from the two switches. b. Verify that IP traffic ipSecConfig --show manual-sa -a manual- - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 212
switch switch as Admin. 2. Enable IPsec. a. Connect to the switch and log in using an account assigned to the admin role. b. Enter the ipSecConfig --enable command to enable IPsec on the switch switch certificate" on page 125. 7. Configure an IKE policy for the remote peer. switch support switch switch - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 213
manual-sa -a command. 11. Perform the equivalent steps on the remote peer to complete the IPsec configuration. Refer to your server administration guide for instructions . • Use the ipSecConfig --show manual-sa -a command with the operands Use the ipSecConfig --flush manual-sa command with the - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 214
7 Management interface security 174 Fabric OS Administrator's Guide 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 215
AD-enabled switches, refer to Chapter 15, "Managing Administrative Domains". For more information about troubleshooting configuration file uploads and downloads, refer to the Fabric OS Troubleshooting and Diagnostics Guide. There are two ways to view configuration settings for a switch in a Brocade - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 216
role permissions added to your user account, then the following firmware on any existing switches from pre-Fabric OS v6.2.0 to v6.2.0, then you must perform the configUpload command to upload both chassis and switch information. CAUTION If you have Virtual Fabrics enabled Guide 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 217
ID = 1 [Boot Parameters] [Configuration] [Bottleneck Configuration] [Zoning] [Defined Security policies] [Active Security policies] [iSCSI] [cryptoDev] [FICU SAVED FILES] [Banner] [End] [Switch Configuration End : 1] Fabric OS Administrator's Guide 53-1001763-01 Configuration settings 8 177 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 218
components are defined in the chassis area: • FC Routing • Chassis configuration • FCoE chassis configuration • switch instance on a switch with Virtual Fabric mode enabled. These are the switch-specific data that affect only that logical switch behavior. The following components are in the switch - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 219
Verify that the FTP or SCP service is running on the host computer. 2. Connect to the switch and log in as admin. printer. Example of configUpload on a switch without Admin Domains switch:admin> configupload Protocol (scp, ftp, local) [ftp]: Server Name or IP Address [host]: 10.1.2.3 User Name [user - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 220
, because configuration files from other model switches or firmware versions might cause your switch to fail. If a configDownload command is issued on a non-FCR platform (for example, the configuration file from a Brocade 7500 downloads to a Brocade 7600), any FCR-like parameters may be viewed in - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 221
switches in a Virtual Fabric-enabled system. Only configurations related to ports within the default switch will be applied. In case something happens to your switch of LUN IDs and LUNs for all accessible targets. FC Router route information. A translate (xlate) domain's 's Guide 181 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 222
and edited files may become corrupted and can lead to switch failures. Configuration download without disabling a switch You can download configuration files to a switch while the switch is enabled; that is, you do not need to disable the switch for changes in SNMP, Fabric Watch, or ACL parameters - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 223
of switch, may cause this switch to fail. A switch reboot switch:AD5:admin>configdownload Protocol (scp or ftp) [ftp]: Server Name or IP Address [host]: 10.1.2.3 User Name [user of switch, may cause this switch to fail. A switch reboot > Activating configDownload: Switch is disabled configDownload - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 224
in the following procedure. Do not download a configuration file from one switch to another switch that is a different model or firmware version, because it can cause the switch to fail. If you need to reset affected switches, issue the configDefault command. Verify that all domain IDs are unique - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 225
from a switch with Virtual Fabrics enabled The configUpload Name or IP Address [host]: 10.1.2.3 User Name [user]: UserFoo Path/Filename [/config.txt switch after restoring the Virtual Fabric configuration to fully restore your switch or chassis configuration. Fabric OS Administrator's Guide - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 226
system and take effect. This includes, but is not limited to, logical switch definitions, whether the Virtual Fabrics feature is enabled or disabled, and the F_Port trunking ports, except the LISL ports. The LISL ports on the system are not affected by the Virtual Fabric configuration file download - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 227
43 as a hard copy reference for your configuration information. In the hardware reference manuals for the Brocade 48000 director and the Brocade DCX and DCX-4S enterprise-class platform, there is a guide for FC port setting tables. The tables can be used to record configuration information for the - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 228
8 Brocade configuration form 188 Fabric OS Administrator's Guide 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 229
and 6 on the Brocade DCX-4S. NOTE For more information on troubleshooting a firmware download, refer to the Fabric OS Troubleshooting and Diagnostics Guide. You can download Fabric OS to a director, which is a chassis; and to a nonchassis-based system, also referred to as a switch. The difference in - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 230
the secondary partition. ATTENTION The Brocade 8000 does not support a non-disruptive firmwareDownload. The switch reboots once the firmware upgrade or downgrade is complete. In dual-CP systems, the firmware download process, by default, sequentially upgrades the firmware image on both CPs using HA - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 231
Domains and the firmware download process, nondisruptive firmware installation, the switch CUP port must the desired version of firmware. NOTE You should not run mixed firmware levels on CPs. Table inSync n/a If Ethernet Switch Service Run firmwareDownload -s on the is enabled, no sync. standby - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 232
and included with any trouble reports. 5. Connect to the switch and log in to the switch as admin. Enter the supportSave command to retrieve all current core files prior to executing the firmware download. This helps to troubleshoot the firmware download process if a problem is encountered. If you - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 233
upgrades are available for customers with support service contracts and for partners on the Brocade Web site at http://www.brocade.com. At the Brocade Web site click Brocade Connect, log in, and follow the instructions to register and download firmware. Partners with authorized accounts can use - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 234
, wait for the time-out (30 minutes for network problems) before issuing the firmwareDownload command again. Disrupting the process can render the switch inoperable and require you to seek help from your switch service provider. Do not disconnect the switch from power during the process because the - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 235
download on switches 9 Upgrading firmware for Brocade 300, 4100, 4900, 5000, 5100, 5300, 5410, 5424, 5450, 5460, 5470, 5480, 7500, 7500E, 7600, 7800, 8000, and VA-40FC switches. 1. Take the following appropriate action based on what service you are using: • If you are using FTP or SCP, verify - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 236
synchronized prior to beginning the firmware download process. If only one CP blade is inserted or powered on, you can run problem persists, refer to the Fabric OS Troubleshooting and Diagnostics Guide. If the troubleshooting information fails to help resolve the issue, contact your switch service - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 237
help from your switch service provider. Do not disconnect the switch from power during the process because the switch could become inoperable when rebooted. Upgrading firmware on enterprise-class platforms (including blades) There is only one chassis management IP address for the Brocade 48000 and - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 238
, contact your switch service provider. For further troubleshooting, refer to the Fabric OS Troubleshooting and Diagnostics Guide. 8. Enter . ecp:admin> firmwaredownload Type of Firmware (FOS, SAS, or any application) [FOS]: Server Name or IP Address: 10.1.2.3 User Name: userfoo File Name: /home - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 239
firmwareShow command to display the new firmware versions. Following is an example of firmwareShow output on the Brocade 48000 director. switch:admin> firmwareshow Slot Name Appl Primary .4.0 SAS v3.3.0 v3.3.0 DMM v3.3.0 v3.3.0 * Local CP Fabric OS Administrator's Guide 199 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 240
, 7800, 8000, and VA-40FC switches and the Brocade DCX and DCX-4S Backbones support a firmware download from a Brocade branded USB device attached to the switch or active CP. Before the USB device can be accessed by the firmwareDownload command, it must be enabled and mounted as a file system. The - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 241
signed using the OpenSSL utility to provide FIPS support.To use the digitally signed software, you must configure the switch to enable Signed Firmwaredownload. If it is not enabled then the firmware download process ignores the firmware signature and work as before. If Signed Firmwaredownload - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 242
9 FIPS Support When firmwareDownload installs a firmware file, it needs to validate the signature of the file. Different scenarios are handled as follows: • If a firmware file does not have a signature, how it is handled depends on the "signed_firmware" parameter on the switch. If it is enabled, - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 243
that the FTP or SSH server is running on the host server and that you have a user ID on that server. 2. Obtain the firmware file from the Brocade Web site at http://www.brocade.com or switch support provider and store the file on the FTP or SSH server. 3. Unpack the compressed files preserving - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 244
. Enter the firmwareShow command and verify that both partitions on the switch have the original firmware. Test and restore firmware on enterprise-class platforms This procedure enables you to perform a firmware download on each CP and verify that the procedure was successful before committing to - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 245
on enterprise-class platforms 9 Testing different firmware versions on enterprise-class platforms 1. Connect to the Brocade enterprise-class platform IP address. 2. Enter the ipAddrShow command and note the to the same version as the active CP. Fabric OS Administrator's Guide 205 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 246
of the firmwareCommit command, type the firmwareShow command to confirm both partitions on both CPs contain the new firmware. d. Enter the haShow command to confirm that the HA state is in sync. ATTENTION Stop! Perform haFailover on the active CP. 206 Fabric OS Administrator's Guide 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 247
discrepancy, it is possible that a device or switch cannot connect to the fabric and further troubleshooting is necessary. firmwareShow Displays the current firmware level on the switch. For Brocade directors, this command displays the firmware loaded on both partitions (primary and secondary) for - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 248
of attached devices prior to the firmware download. Displays all switches in a fabric. Make sure the number of switches in the fabric after the firmware download is exactly the same as the number of attached devices prior to the firmware download. 208 Fabric OS Administrator's Guide 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 249
overview 210 •Logical fabric overview 214 •Management model for logical switches 219 •Account management and Virtual Fabrics 220 •Supported platforms for Virtual Fabrics 220 •Limitations and restrictions of Virtual Fabrics 222 •Enabling Virtual Fabrics mode 223 •Disabling Virtual Fabrics - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 250
are Virtual Fabrics-capable: • Brocade DCX and DCX-4S • Brocade 5300 • Brocade 5100 • Brocade VA-40FC On the Brocade VA-40FC, Virtual Fabrics is supported only in Native mode For additional information about supported switches and port types, see "Supported platforms for Virtual Fabrics" on - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 251
can create up to eight logical switches, depending on the switch model. Figure 21 shows a Virtual Fabrics-enabled switch before and after it is divided into logical switches. Before you create logical switches, the chassis appears as a single switch (default logical switch). After you create logical - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 252
has 10 ports, labeled P0 through P9. After logical switches are created, the ports are assigned to specific logical switches. Note that ports 0, 1, 7, and 8 have not been assigned to a logical switch and so remain assigned to the default logical switch. 212 Fabric OS Administrator's Guide 53 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 253
it remains in the default logical switch, as is the case with ports 0, 1, 7, and 8. See "Adding and removing ports on a logical switch" on page 229 for instructions for assigning and moving ports on logical switches. A logical switch can have as many ports as are available in the chassis. In Figure - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 254
separate fabrics. Switch 1 H1 D1 D2 Fabric 128 Switch 2 Switch 3 Switch 4 Fabric 1 Fabric 15 Fabric 8 FIGURE 25 Logical switches in a single "FC-FC Routing and Virtual Fabrics" on page 492. Logical fabric overview A logical fabric is a fabric that contains at least one logical switch. - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 255
10 You connect logical switches to other logical switches in two ways: • Using ISLs • Using base switches and shared ISLs Logical fabric and ISLs Figure 26 shows two physical chassis divided into logical switches. In Figure 26, ISLs are used to connect the logical switches with fabric ID 1 and - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 256
a base switch. A base switch is a special logical switch that is used for interconnecting the physical chassis. A base switch has the following properties: • ISLs connected through the base switch can be used for communication among the other logical switches. • Base switches do not support direct - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 257
to ports because they are not physical cables. They are just a logical representation of the switch connections that are allowed by the XISL. Physical chassis 1 Logical switch 1 P1 (Default logical switch) Fabric ID 128 P2 Logical switch 2 Fabric ID 1 Logical switch 3 Fabric ID 15 P5 P6 Base - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 258
, logical ISLs are formed to connect logical switches. A logical port represents the ports at each end of a logical ISL. A logical port is a software construct only and does not correspond to any physical port. Most port commands are not supported on logical ports. For example, you cannot change the - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 259
switches, firmware upgrade, HA failover) • Logical switch operations These are operations that are limited to the logical switch, such as displaying or changing port states. Logical switch operations include all operations that are not covered in the chassis management operations. When a user - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 260
restrictions. Supported port configurations in the Brocade 5100, 5300, and VA-40FC There are no restrictions on the ports in the Brocade 5100, 5300, and VA-40FC; however, the following rules apply: • Any port can belong to any logical switch (including the base and default logical switches), with - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 261
Yes Yes 1. In the Brocade DCX, ports 56-63 of the FC8-64 blade are not supported as E_Ports on the default logical switch. The Brocade DCX-4S does not have this limitation. 2. In the Brocade DCX, ports 48-63 of the FC8-64 blade are not supported in the base switch. The Brocade DCX-4S does not have - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 262
enabled. You must use ISLs to connect the logical switches in an edge fabric. Only 8-Gbps ports are allowed to be used as FC router EX_Ports, with the exception of VEX_Ports on the FR4-18i blade. See Chapter 21, "Using the FC-FC Routing Service," for more information about Virtual Fabrics and FC-FC - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 263
FICON CUP enabled. • The logical switch is operating in interoperability mode 2 or 3. • The logical switch has ICL ports. • The logical switch is an edge switch for an FC router. • The logical switch is using GbE ports (VE_Ports). • The logical switch is the default logical switch in the Brocade DCX - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 264
enables it. switch:admin> fosconfig --show FC Routing service: iSCSI service: iSNS client service: Virtual Fabric: Ethernet Switch Service: disabled Service not supported on this Platform Service not supported on this Platform disabled Service not supported enabled on ports in the default switch, - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 265
then disables it. switchA:FID128:admin> fosconfig --show FC Routing service: disabled iSCSI service: Service not supported on this Platform iSNS client service: Service not supported on this Platform Virtual Fabric: enabled switch:admin> fosconfig --disable vf WARNING: This is a disruptive - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 266
, including assigning a unique domain ID. configure 6. Enable the logical switch: switchenable 7. Assign ports to the logical switch, as described in "Adding and removing ports on a logical switch" on page 229. Example The following example creates a logical switch with FID 4, then assigns domain ID - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 267
switchDomain: 14 switchId: fffc0e switchWwn: 10:00:00:05:1e:82:3c:2b zoning: OFF switchBeacon: OFF FC Router: OFF Allow XISL Use: ON LS Attributes: [FID: 4, Base Switch: No, Default Switch: No, Address Mode 0] Index Port Address Media Speed State Proto 22 22 0e1600 -- N8 No_Module - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 268
ID Worldwide Name Enet IP Addr FC IP Addr Name 30: fffc1e 10:00:00:05:1e:82:3c:2c 10.32.79.105 0.0.0.0 >"switch_5" Deleting a logical switch You must remove all ports from the logical switch before deleting it. You cannot delete the default logical switch. NOTE If you are in the context - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 269
-force option to execute the command without any user prompts or confirmation. NOTE On the Brocade DCX, the lscfg command does not allow you to add ports 48-63 of the FC8-64 blade to the base switch. These ports are not supported on the base switch. The Brocade DCX-4S does not have this limitation - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 270
2. Enter the following command to change the fabric ID of a logical switch: lscfg --change fabricID -newfid newFID [ -force ] Specify the -force option to execute the command without any user prompts or confirmation. 3. Enable the logical switch. 230 Fabric OS Administrator's Guide 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 271
00:05:1e:82:3c:2c zoning: OFF switchBeacon: OFF FC Router: OFF Allow XISL Use: ON LS Attributes: [FID: 7, Base Switch: No, Default Switch: No, Address Mode 0] Index Port Address Media Speed State Proto 18 18 1e1200 -- N8 No_Module FC Fabric OS Administrator's Guide 231 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 272
System services (yes, y, no, n): [no] switch_25:FID7:admin> lscfg --change 7 -base Creation of a base switch requires that the proposed new base switch on this system be disabled. Would you like to continue [y/n]?: y Disabling the proposed new base switch... Disabling switch fid 7 Please enable your - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 273
to a different logical fabric 10 XISL use is not supported for the following cases: • FICON logical fabrics. • Logical switches in an edge fabric connected to an FC router. If the logical switch is enabled, you cannot allow XISL use. If the logical switch is disabled or has not yet joined the edge - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 274
feature, if it is not already enabled. See "Enabling Virtual Fabrics mode" on page 223 for instructions. This automatically creates the default logical switch, with FID 128. All ports in the chassis are assigned to the default logical switch. c. Create a base switch and assign it a fabric ID that - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 275
the same fabric ID as the local switch and all non-Virtual Fabric switches connected through ISLs to these logical switches. The switchShow command displays logical ports as E_Ports, with -1 for the slot and the user port number for the slot port. Fabric OS Administrator's Guide 235 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 276
10 Creating a logical fabric using XISLs 236 Fabric OS Administrator's Guide 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 277
•Zone merging scenarios 264 Special zones Fabric OS has the following types of zones: • Zones Enable you to partition your fabric into logical groups of devices that can access each other. These configuration" on page 477 for more information. Fabric OS Administrator's Guide 237 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 278
Isolation zones (TI zones) Isolate inter-switch traffic to a specific, dedicated path Brocade Native mode only. For information about zoning in InteropMode 2 or 3, see Chapter 14, "Interoperability for Merged SANs". Zoning enables you to partition your storage area network (SAN Guide 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 279
WWN, or domain,port of the switch to which the device is connected. The primary approaches to fabric-based zoning are summarized in Table 49. Table 49 on page 240 lists the various approaches you can take when implementing zoning in a fabric. Fabric OS Administrator's Guide 239 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 280
and tightly controlled environment, such as when host-based zoning or LUN masking is deployed. Zone objects A zone object is any device in a zone, such as: • Physical port number or port index on the switch • Node World Wide Name (N-WWN) • Port World Wide Name (P-WWN) Zone objects identified by - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 281
port 14 in slot number 2 (domain ID 4, port index 30). On fixed-port models, "3,13" specifies port 13 in switch domain ID 3. Note the following effects on zone membership based port numbers or a WWN. For example, you can use the name "Eng" as an alias for "10:00:00:80 most generic services. If other - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 282
configuration is built when you enable a specified zone configuration. • configuration active in the fabric. On power-up, the switch automatically reloads the saved configuration. If switch performs this blocking at the transmit side of the port on which the destination device is located. Frame-based - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 283
based If security is a priority, frame-based a normal part of a functioning SAN, the pause in I/O might not Ensuring that the HBA drivers are current can shorten the enabled, or disabled according to the transactional model, it is automatically (by closing the transaction) distributed to all switches - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 284
level switch. Switches with switch versus an edge switch. • Zone using an enterprise-class platform rather than a switch enabled, broadcast frames are not forwarded to any F_Ports. If a broadcast zone is enabled zone can have domain,port, WWN, and alias forwarded to all the ports that are part of - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 285
When a switch receives instructions. Broadcast zones and FC-FC routing If you create broadcast zones in a metaSAN consisting of multiple fabrics connected through an FC FC-FC Routing Service," for information about proxy devices and the FC router. Fabric OS Administrator's Guide 245 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 286
If a switch has broadcast zone-capable firmware on the active CP (Fabric OS v5.3.x or later) and broadcast zone-incapable firmware on the definitions should not include logical port numbers. Zoning is not enforced on logical ports. Creating an alias 1. Connect to the switch and log in as admin - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 287
Any changes made on the Effective configuration will not take effect until it is re-enabled. Do you want to save Defined zoning configuration only? (yes, y, no, n): [no] y Adding members to an alias 1. Connect to the switch and log in as admin. 2. Enter the aliAdd command, using the following syntax - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 288
is re-enabled. Do you want to save Defined zoning configuration only? (yes, y, no, n): [no] y Deleting an alias 1. Connect to the switch and log is displayed. Example The following example shows all zone aliases beginning with "arr". switch:admin> alishow "arr*" alias: array1 21:00:00:20:37:0c:76:8c - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 289
should not include logical port numbers. Zoning is not enforced on logical ports. Creating a zone 1. Connect to the switch and log in as is re-enabled. Do you want to save Defined zoning configuration only? (yes, y, no, n): [no] y Adding devices (members) to a zone 1. Connect to the switch and log - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 290
it is re-enabled. Do you want to save Defined zoning configuration only? (yes, y, no, n): [no] y Deleting a zone 1. Connect to the switch and log in as is re-enabled. Do you want to save Defined zoning configuration only? (yes, y, no, n): [no] y 250 Fabric OS Administrator's Guide 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 291
enforcement table. Note that zone configuration names are case-sensitive; blank spaces are ignored. switch:admin> zone --validate "White_zone" 4. Enter the following command to validate all zones in Invalid configuration * - Member does not exist Fabric OS Administrator's Guide 251 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 292
used to specify the zone database location. Supported mode flag values are: • 0 - to the entire fabric, regardless of switch model. The default setting is All Access. user-specified Admin Domains are present in the fabric. Setting the default zoning mode 1. Connect to the switch Guide 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 293
commands. Example switch:admin> no, n): [no] y switch:admin> cfgsave You are about it is re-enabled. Do you want switch and log in as admin. 2. Enter the defZone --show command. NOTE If you perform a firmware supported maximum switches in the fabric. • Whether or not interoperability mode is enabled - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 294
Zoning configurations When enabling a new zone configuration, ensure that the size of the defined configuration does not exceed the maximum configuration size supported by all switches in the fabric. This is particularly important if you downgrade to a Fabric OS version that supports a smaller zone - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 295
enabled. Do you want to save Defined zoning configuration only? (yes, y, no, n): [no] y Enabling switch is automatically aborted. A message displays on the other switches to indicate that the transaction was aborted. 1. Connect to the switch switch:admin> cfgenable "USA_cfg" You are about to enable - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 296
result in localized disruption to traffic on ports associated with the traffic isolation zone changes. Do you want to enable 'USA_cfg' configuration (yes, y, no the zone configuration because this would enable All Access mode and cause a large number of requests to the switch. In this situation, set - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 297
the Effective configuration will not take effect until it is re-enabled. Do you want to save Defined zoning configuration only? (yes from zone1 was done in error: switch:admin> zoneremove "zone1","3,5" switch:admin> cfgtransabort Viewing all zone configuration information Guide 257 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 298
:85 21:00:00:20:37:0c:71:df Clearing all zone configurations 1. Connect to the switch and log in as admin. 2. Enter the cfgClear command to clear all zone information in the zone configuration in nonvolatile memory for all switches in the fabric. 258 Fabric OS Administrator's Guide 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 299
a zone. 1. Connect to the switch and log in as admin. 2. "Test": switch:admin> cfgshow switch:admin> zone --copy Test1 US_Test1 4. Enter switch:admin> cfgshow "Test*" cfg: Test1 Blue_zone cfg: Test_cfg Purple_zone; Blue_zone switch switch the switch and log in as admin. . switch:admin - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 300
object is no longer present. 6. If you want the change preserved when the switch reboots, enter the cfgSave command to save it to nonvolatile (flash) memory. 7. Domain other than AD255. switch:admin> zoneObjectRename "White_zone", "Purple_zone" 260 Fabric OS Administrator's Guide 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 301
fabric should be configured with the same default zone mode as the existing switches. • Merging and segmentation The fabric is checked for segmentation during power-up or when a switch is disabled or enabled, or when a new switch is added. Fabric OS Administrator's Guide 261 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 302
new zone database is propagated to other the switches within the merge request. • Merging two fabrics Both fabrics have identical zones and configurations enabled, including the default zone mode. The two fabrics merge, the ISL will be segmented. 262 Fabric OS Administrator's Guide 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 303
mode, no merge operations occur. Brocade Advanced Zoning is configured on the primary Fabric Configuration Server (FCS). The primary FCS switch makes zoning changes and other security-related changes. The primary FCS switch also distributes zoning to all other switches in the secure fabric. All - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 304
results. Zone merging scenarios Switch A Switch B Expected results Switch A has a defined configuration. Switch B does not have a defined configuration. defined: cfg1: zone1: ali1; ali2 effective: none Switch A has a defined and enabled configuration. Switch B has a defined configuration but - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 305
to: Zone Conflict cfg mismatch. Cannot merge switches with different TI zone configurations. Clean merge. defined: none Fabric segments because all switches in the fabric must be running Fabric OS v6.4.0 or later to support Enhanced TI zones. Fabric OS Administrator's Guide 265 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 306
Switch A Different default zone access mode settings. defzone: allaccess Switch configuration from Switch B propagates defzone configuration from Switch A propagates to Switch B propagates to fabric. Fabric segments because Switch A has a hidden zone configuration (no access) activated and Switch - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 307
FC routers 273 •General rules for TI zones 276 •Supported from a specific set of source ports (N_Ports). For example, you that requests and responses of FCIP-based applications such as tape pipelining use the fabric attempts to isolate all inter-switch traffic entering from a member of the zone - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 308
Domain 4 from E_Port 7 is routed to the devices through N_Ports 5 and 6. Traffic coming from other ports in Domain 1 would not use E_Port 1, but would use E_Port 2 instead. Use the zone command of traffic when failover is enabled and disabled. 268 Fabric OS Administrator's Guide 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 309
enabled or disabled in TI zones Failover enabled option: • If failover is enabled for the TI zone, the : • If failover is enabled for the TI zone, E_Ports, failover must be enabled. If failover is disabled, inter-switch RSCNs are generated. Each switch that paths between switches. Disabling failover - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 310
Brocade Encryption Switch: Domain controller frames can use any path between switches Ports in the TI zone 5 Domain 2 Domain 4 FIGURE 35 Fabric incorrectly configured for TI zone with failover disabled • For the Brocade this problem, add enabled; if a switch If failover is enabled, the traffic path - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 311
Domain 2. If failover is enabled, all traffic will use the 9 14 12 15 = Dedicated Path 16 = Ports in the TI zone Domain 2 FIGURE 36 Dedicated In this situation, if failover is enabled, the TI zone traffic uses the 16 FIGURE 37 = Dedicated Path = Ports in the TI zone Domain 2 Dedicated - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 312
= ETIZ 2 Enhanced TI zones are especially useful in FICON fabrics. See the FICON Administrator's Guide for example topologies using enhanced TI zones. When you create TI zones, ensure that all traffic from a port to all destinations on a remote domain have the same path. You cannot create separate - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 313
zones work with Fibre Channel routing (TI over FCR). See Chapter 21, "Using the FC-FC Routing Service," for information about FC routers, phantom switches, and the FC-FC Routing Service. Some VE_Port-based features, such as tape pipelining, require the request and corresponding response traffic to - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 314
FC can communicate with each other. If failover is enabled and the TI path is not available, an not imported. NOTE For TI over FCR, all switches in the backbone fabric and in the edge fabrics 10 -1 Host 2 E_Ports EX_Ports -1 = Dedicated Path = Ports in the TI zone FIGURE 41 TI zone in an edge - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 315
5 6 FC router 1 WWN WWN Edge fabric 2 Target 3 1 7 2 8 9 3 FC router 2 Edge fabric 3 FIGURE 42 = Dedicated Path = Ports in the port WWN.) Port WWNs should be used only in TI zones within a backbone fabric and should not be used in other TI zones. Fabric OS Administrator's Guide - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 316
supported only from edge fabric to edge fabric. Traffic isolation from backbone to edge is not supported enabled or disabled. • TI over FCR is not supported with FC swapped with another port. • A given ports for enable switch and each switch considers only the routing required for its local ports - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 317
: Devices - M-switch - Brocade 7500 - Brocade 7500 - M-switch - Devices • In interopmode 2, a zone member for a TI zone is limited to a port index of 255 or less. • VE_Ports are supported in TI zones. • TI Zoning is not supported in fabrics with switches running firmware versions earlier than - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 318
Brocade Encryption Switch. Enhanced TI zones are not supported on the Brocade 4100, 4900, 5000, 7500, 7500E, 7600, and 48000. • Enhanced TI zones are supported only if every switch in the fabric is ETIZ capable. A switch , which use port WWNs. See "Traffic Isolation Zoning over FC routers" for - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 319
same shared area on the FC4-48 and FC8-48 port blades. • Ports that are in different TI zones -enabled TI zones. • TI zones that have members with port index greater than 511 are not supported failover disabled, this is not a supported configuration. Base switches do not allow the creation of - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 320
Domain 1 11 XISL XISL Domain 7 12 14 13 15 XISL XISL 8 7 LS1, FID1 Domain 5 LS2, FID3 16 Domain 6 Base switch Domain 2 17 Chassis 2 FIGURE 44 = Dedicated Path = Ports in the TI zones Dedicated path with Virtual Fabrics Figure 45 shows a logical representation of FID1 in Figure 44. To - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 321
6 11 E 12 E 15 E 16 E 13 EX Base switch Domain 2 14 EX FIGURE 47 = Dedicated Path = Ports in the TI zones Example configuration for TI zones over FC routers in logical fabrics Figure 48 shows a logical representation of the configuration in Figure 47. This SAN is similar to that shown in - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 322
Fabric 3 FIGURE 48 Logical representation of TI zones over FC routers in logical fabrics must enable the current effective configuration route might be missing for ports in that TI zone. base fabric, use the procedure described in "Creating a TI zone in a base fabric" on page 284. 1. Connect to the switch - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 323
Then create a TI zone in the base fabric, as described in "Creating a TI zone in a base fabric". Remember that your changes are not enforced until you enter the cfgEnable command, as shown here: switch:admin> cfgenable "USA_cfg" You are about to enable a new zoning configuration. This action will - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 324
base fabric: zone --create -t objtype -o f name -p "portlist" The disable failover option is not supported in base can remove ports from existing you must enable the current Connect to the switch and log in as add command to add ports or change the failover ports from an existing TI zone - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 325
switch:admin> zone --add -o n bluezone To enable failover and add ports to TI zone greenzone: switch:admin> zone --add -o f greenzone -p "3,4" To remove ports from the TI zone bluezone: switch enable the current effective configuration to state. 1. Connect to the switch and log in as admin. switch:admin> zone - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 326
about the TI zone purplezone: switch:admin> zone --show purplezone Defined TI zone configuration: TI Zone Name: redzone: Port List: 1,2; 1,3; 3,3; 4,5 Configured Status: Activated / Failover-Enabled Enabled Status: Activated / Failover-Enabled 286 Fabric OS Administrator's Guide 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 327
switch:admin> zone --show -ascending Defined TI zone configuration: TI Zone Name: bluezone: Port List: 8,3; 8,5; 9,2; 9,3; Configured Status: Deactivated / Failover-Disabled Enabled Status: Activated / Failover-Enabled TI Zone Name: greenzone: Port OS Administrator's Guide 287 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 328
Name Enet IP Addr FC IP Addr Name 1: fffc01 50:00:51:e3:95:36:7e:04 0.0.0.0 0.0.0.0 "fcr_fd_1" 4: fffc04 10:00:00:60:69:80:1d:bc 10.32.72.4 0.0.0.0 >"E1switch" 6: fffc06 50:00:51:e3:95:48:9f:a0 0.0.0.0 0.0.0.0 "fcr_xd_6_9" The Fabric has 3 switches b. Enter the following commands - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 329
Switch ID Worldwide Name Enet IP Addr FC IP Addr Name 1: fffc01 50:00:51:e3:95:36:7e:09 0.0.0.0 0.0.0.0 "fcr_fd_1" 4: fffc04 50:00:51:e3:95:48 to enable a new ports associated with the traffic isolation zone changes Do you want to enable TI Zone Name: TI_Zone1 Port List: 1,9; 1,1; 2,4; - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 330
:08:00:00 BB_DCX_1:admin> cfgenable cfg_TI You are about to enable a new zoning configuration. This action will replace the old zoning result in localized disruption to traffic on ports associated with the traffic isolation zone changes Do you want to enable 'cfg_TI' configuration (yes, y, no - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 331
virtual N_Port IDs, you must use WWN-based zoning. If you are using domain,port zoning for an NPIV port, and all the virtual PIDs associated with the port are included in the zone, then a port login (PLOGI) to a non-existent virtual PID is not blocked by the switch; rather, it is delivered to the - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 332
. The number of NPIV devices supported on shared area ports (48-port blades) is reduced to 64 from 128 when Virtual Fabrics mode is enabled. 10-bit addressing mode The 10-bit addressing mode is the default mode for all the logical switches created in the Brocade DCX and DCX-4S enterprise-class - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 333
Logical switch type NPIV support DCX-4S Enabled Logical switch Yes, 255 virtual device limit.3 DCX-4S Enabled Base switch No. 1. Maximum limit support takes precedence if user-configured maximum limit is greater. This applies to shared areas on the FC4-48, FC8-48, and FC8-64 port blades - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 334
example shows NPIV being enabled on port 10 of a Brocade 5100: switch:admin> portCfgNPIVPort --enable 10 NOTE If the NPIV feature is disabled, the port is toggled if NPIV devices are logged in from that F_Port (a true NPIV port). Otherwise, the firmware considers that port as an F_Port even - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 335
switchShow command: switch:admin> switchshow switchName:switch switchType:66.1 switchState:Online switchMode:Native switchRole:Principal switchDomain:1 switchId:fffc01 switchWwn:10:00:00:05:1e:82:3c:2a zoning:OFF switchBeacon:OFF FC Router:OFF FC Router BB Fabric ID:128 Area Port Media Speed State - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 336
00:16:fc c0:50:76:ff:fb:00:16:f8 ... ... c0:50:76:ff:fb:00:16:80 50: PIDs of a port. Following is sample output from the portLoginShow command: switch:admin> portloginshow 80 192 2048 c scr=3 scr=3 scr=3 d_id=FFFFFC d_id=FFFFFC 296 Fabric OS Administrator's Guide 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 337
management functions must be disabled. Interoperability supports enabling the switch with the following modes: • InteropMode 0 for Brocade Native mode, which supports all stand-alone Brocade fabrics, but provides no interoperability support. Fabric OS Administrator's Guide 297 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 338
Service". • Access Gateway connectivity Use Access Gateway (AG) when you have switches from different vendors. AG uses N_Port Virtualization (NPIV) functionality in Brocade embedded switches in AG mode. NPIV enables multiple hosts to connect through one port to any fabric switch that supports - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 339
OS switches in IM2 or IM3 to work in all of the domain ID ranges currently supported by Fabric OS. By default, Fabric OS switches operate the interopMode --enable -mcdata/openmcdata command, configured domain ID offset values do not change when you switch between IM2 and Guide 299 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 340
81XXYY A1XXYY C1XXYY 01XXYY For instructions to convert decimal numbers to reconfigure the domain ID offset to a value supported in IM2 or IM3 or the operation fails (96) is used. The default mode is used when you enable IM2 or IM3 without specifying a Domain ID offset. In IM Guide 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 341
assign the incoming switch a different domain ID. If the principal switch cannot assign a different domain ID to the incoming switch, it will segment from the fabric. • The DCC policy or port based security is not supported in McDATA Fabric mode. Fabric OS Administrator's Guide 301 53-1001763 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 342
means that McDATA Fabric mode, McDATA Open Fabric mode, and Brocade Native mode are supported in the same chassis. Although there is always at least one logical switch instance per chassis, multiple logical switch instances can exist in a chassis. 302 Fabric OS Administrator's Guide 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 343
for interoperability 14 In a Virtual Fabric, the logical switch used to communicate among different logical switches is called the base switch and it must be in Brocade Native mode. If you set a logical switch to interopmode 2 or interopmode 3, it cannot use the logical links between - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 344
to 97. (For detailed instructions, see Chapter 2, "Performing Basic Configuration Tasks".) switch:admin> configure Configure... Fabric Brocade prerequisites necessary to enable interopMode 2 on the fabric (see "McDATA Fabric mode configuration restrictions" on page 301.) 2. Connect to the switch - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 345
more information on the switch, refer to the switch documentation. 7. After enabling McDATA Fabric mode on all switches, physically connect the legacy M-EOS switches to the Fabric OS fabric, one at a time. Enabling Brocade Native mode You can configure logical switches in Brocade Native mode. When - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 346
support zone activation using an M-series support LSAN port WWN is allowed in IM3 only; you must use the port enabled on an M-EOS switch, by default, all ports are isolated and traffic is not permitted. This is unlike Brocade behavior with Brocade Native mode enabled (and all data traffic is enabled - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 347
Activating zones creates zone configurations on legacy McDATA switches. McDATA default zone and safe zone modes replace the Brocade default zoning mode. You can set McDATA default zone mode or McDATA safe zone mode, but not both. Setting the default zone enables any device in the default zone to see - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 348
be re-enabled. Setting the safe zone mode on a stand-alone switch 1. Connect to the switch and log switch:admin> cfgmcdtmode --enable safezoning safezoning McDATA mode has been enabled switch in the fabric. The cfgMcdtMode affects the entire fabric. Disabling safe zone mode 1. Connect to the switch - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 349
zone configuration objects that are currently enabled; only one configuration can be is committed, any inaccurate parameters must be manually corrected. In McDATA Fabric mode, you mode change, which supports the initial configuration of new switches. This prevents fabric Guide 309 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 350
switches. NOTE For support of Frame Redirection in McDATA Fabric Mode (interopmode 2), M-series products must use M-EOS v9.8 or later. For support particular path when traversing M-EOS switches. In the case where a Preferred Path goes away, only the ports assigned to that path are Guide 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 351
list when bringing up an ISL. Enabling Fabric Binding using DCFM automatically enables Insistent Domain ID on all Fabric OS and M-EOS switches in the fabric. Disabling Fabric Binding does not turn off Insistent Domain ID. The firmware supports a Fabric OS switch sending the Exchange Fabric Binding - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 352
, if the authentication feature key is not installed on the M-EOS switch. Yes Strict authentication is enforced on all E_Ports. The ISL goes down (port disable) if the connecting M-EOS switch does not support authentication, for example, if the authentication feature key is not installed - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 353
Authentication (Fabric builds normally). No E_Port does not connect (Authentication Rejected). When the Fabric OS switch generates the reject, it will disable the Fabric OS port. When the M-EOS switch generates the reject, it will go to an invalid attachment state. Yes Connected without any - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 354
Rejected). When the Fabric OS switch generates the reject, it will disable the Fabric OS port. When the M-EOS switch generates the reject, it will switch is in Active or On mode, and the M-EOS switch is Off, the E_Port does not connect because the Fabric OS switch rejects the authentication based - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 355
). How authentication is affected when the M-EOS switch does not have the feature keys enabled is discussed in this section. Table 63 on page 316 shows how authentication is affected when a Fabric OS switch is connected to a dumb M-EOS switch. Fabric OS Administrator's Guide 315 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 356
the shared secret on the E_Port side. M-EOS switches do not support VE_Port or VEX_Port connections; any configurations with these port types are Fabric OS-only configurations. However, both VE and VEX_Ports support running in McDATA interop mode. 316 Fabric OS Administrator's Guide 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 357
on the Fabric OS switches. Table 64 shows the switch authentication policy for switches always perform authentication even when in Passive mode. Table 64 shows the switch switch secret Fabric OS Passive switch switch generates the reject, it disables the Fabric OS port. When the M-EOS switch - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 358
the Fabric the reject, it OS port. When the disables the M-EOS switch Fabric OS port. generates the reject, When the M-EOS it goes to an invalid switch generates attachment state. the reject, it goes to an invalid attachment state. 318 Fabric OS Administrator's Guide 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 359
OS switch generates the reject, it disables the Fabric OS port. When the M-EOS switch generates OS switch generates the reject, it disables the Fabric OS port. When the M-EOS switch generates the OS switch generates the reject, it disables the Fabric OS port. When the M-EOS switch generates the - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 360
switch Fabric OS switch the Fabric OS disables the Fabric OS port. generates the reject, generates the reject, switch generates When the M-EOS switch it goes OS port. When the OS port. When the disables the to an invalid attachment M-EOS switch M-EOS switch Fabric OS port. state. generates - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 361
in Passive mode. Because ports in Passive mode do not initiate authentication, VEX_Ports cannot have an authenticated connection between them. FCR SANtegrity FC-FC Routing (FCR) SANtegrity is supported for Fabric Binding when EX_Ports are attached to a McDATA edge switch. Fabric Binding lets you - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 362
switches that do not have insistent domain ID enabled port preferred domain ID behaves as insistent while Fabric Binding is enabled support SANtegrity interoperability without first disabling Fabric Binding, the ports will segment upon subsequent initialization. When an FC enabled enabled enabled switch. - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 363
to 2. NOTE Logical switches can be configured for FICON CUP on the 48-port blades in the Brocade DCX and the DCX-4S. For information on how to display the FICON-CUP parameters and how to change the MIHPTO value to 60 for interoperable fabrics, see the FICON Administrator's Guide. Fabric OS version - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 364
, it sends a Pause notification frame that support Coordinated HCL switches in the fabric. When the specified switch restarts it sends out a resume notification. Bypassing the Coordinated HCL check on firmware download When you download the Fabric OS firmware on switches in interoperable fabrics, it - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 365
upgrades or downgrades from Brocade Native mode. • FC frames uses the SID and DID according to the domain offset setting. Allows configuring stand-alone and fabric-wide tasks such as basic switch and port operations. Supported in McDATA Open Fabric mode and McDATA Fabric mode. Displays the firmware - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 366
of 0x61AAPP. In McDATA Fabric mode, zone activations can be performed from any switch. In McDATA Open Fabric mode, zone activations can be performed from an M-Series management tool, such as the Brocade Data Center Fabric Manager (DFCM) management tool. McDATA-unaware features Table 69 describes - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 367
4900, 5000, 5100, 5300, and the VA-40FC switches, and the Brocade 48000 and the Brocade DCX Backbone. Note: All switches must be running FOS v6.1.0 or later to support this feature. Coordinated Hot Code Load in Fabric OS v6.1.0. Interoperability IP over FC • Fabric OS Native mode: No • McDATA Open - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 368
. The maximum port number is also available in the ESS ILS. • NPIV NPIV management on the Fabric OS switch is the same as in the standard Fabric OS SAN that is not merged. There are no limitations for NPIV support in an M-EOS Fabric 1.0 mode fabric. 328 Fabric OS Administrator's Guide 53-1001763 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 369
OS switches support trunking when participating in Brocade Native, McDATA Fabric, or McDATA Open Fabric mode. Trunk ports (bandwidth aggregation) only apply to an ISL between two Fabric OS switches. Note the following: - Fabric OS frame-based trunking Fabric OS frame-based trunking is supported for - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 370
/48 port -4G 10G 16/32/48 port -8G FC4-16IP FR4-18i Brocade DCX Backbone FA4-18 FC8-16/32/48/641 10G FC4-16IP FR4-18i FA4-18 FS8-18 Brocade DCX-4S FX8-24 FC8-16/32/48/641 FC10-6 FR4-18i FA4-18 FS8-18 FX8-24 Switches and Appliances Brocade 300 Brocade 4100 Brocade 4900 Brocade - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 371
Supported features in an interoperable environment 14 TABLE 71 Fabric OS interoperability with M-EOS (Continued) Fabric OS v6.2.0 Fabric OS v6.3.0 Fabric OS v6.4.0 Chassis Type Blade Type Brocade VA-40FC Embedded Server Switches 3016 5410 5424 5450 5480 M-EOS Hardware Mi10K M6140 M6064 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 372
and v6.4.0 Interop mode 2 Interop mode 3 Dynamic Load Sharing Yes (DLS); port based routing Dynamic Path Selection (DPS); exchange based routing Yes Supported outbound from Fabric OS-based switches. M-EOS can provide reciprocal load balancing using OpenTrunking. E/EX_Port Yes Authentication - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 373
VE-to-VEX Port Yes Virtual Channels (VC RDY) Yes Only allowed between Fabric OS-based switches. Zone Activation support Yes Yes Yes No No Yes Yes No In Virtual Fabrics, ACL policies such as DCC, SCC and FCS can be configured on per logical switch basis. Yes Only supported in conjunction - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 374
features are not supported in McDATA Fabric and McDATA Open Fabric modes and cannot be installed on any Fabric OS switch in the fabric: • Administrative Domains • Quickloop and QuickLoop Zoning • Timer Server function • Open E_Port • Broadcast Zoning • Management Server service and FDMI • Alias - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 375
switches, ports, and devices you can view and modify. An Admin Domain is a filtered administrative view of the fabric. NOTE If you do not implement Admin Domains, the feature has no impact on users are mutually exclusive and are not supported at the same time on a switch. Do not confuse Admin Domains - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 376
on which Admin Domain they are in. As shown in Figure 52, users can see all switches and E_Ports in the fabric, regardless of their Admin Domain; however, the switch ports and end devices are filtered based on Admin Domain membership. FIGURE 52 Filtered fabric views when using Admin Domains - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 377
instructions). • The fabric must be in the native operating mode. Admin Domains are not supported in interoperability mode. • Gigabit Ethernet (GbE) ports the FC-FC Routing Service," for information about the FC-FC Routing Service and LSAN zones. Fabric OS Administrator's Guide 337 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 378
, AD0 has an implicit and an explicit membership list. User-defined Admin Domains have only explicit members. • The implicit membership list contains all devices, switch ports, and switches that have not been assigned to any other Admin Domain. 338 Fabric OS Administrator's Guide 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 379
switch ports, and switches in the fabric. When you explicitly create AD1 through AD254, the devices, switch ports, and switches used to create these user when you create Admin Domains because you can see which devices, switch ports, and switches are not yet assigned to any Admin Domains. AD0 owns the - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 380
can later switch to a different Admin Domain (see "Switching to a different Admin Domain context" on page 358 for instructions). • For default accounts such as admin and user, the respectively: switch:admin> switch:AD1:admin> switch:AD255:admin> 340 Fabric OS Administrator's Guide 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 381
the device is connected) member usage. Switch port members Switch port members are defined by switch domain,index and have the following properties: • A switch port member grants port control rights and zoning rights for that switch port. • A switch port member grants view access and zoning rights - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 382
to the switch. • A switch member grants port control for all ports in that switch. • A switch member allows switch administrative operations such as disabling and enabling a switch, rebooting, and firmware downloads. • A switch member does not provide zoning rights for the switch ports or devices - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 383
as seen from AD3 and AD4. The switch WWNs are converted to the NAA=5 syntax; the device WWNs and domain IDs remain the same. Fabric Visible to AD3 User WWN = 10:00:00:00:c7 c8:3a:fe:a2 FIGURE 55 Filtered fabric views showing converted switch WWNs Fabric OS Administrator's Guide 343 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 384
service for Fabric OS features and operate in mixed-release Fabric OS environments. High availability is supported with some backward compatibility. When an E_Port comes online, the adjacent switches merge their AD databases. The receiving switch transaction model, switches switches within your SAN, you - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 385
determine the current Admin Domain. If necessary, switch to the AD0 context by entering the ad must specify at least one member (switch, switch port, or device). You cannot create Log in to the switch as the physical fabric for instructions. 4. Switch to the AD255 context, if you are - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 386
consisting of two switch ports (designated by domain,index), one device (designated by device WWN), and two switches (designated by domain ID and switch WWN). switch:AD255:admin> ad --create blue_ad -d "100,5; 1,3; 21:00:00:e0:8b:05:4d:05; -s "97; 10:00:00:60:69:80:59:13" User assignments to Admin - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 387
pfa_admin1 with an admin role, access to all Admin Domains (AD0 through AD255), and home Admin Domain set to 255. This user account is now a physical fabric administrator. switch:admin> userconfig --add pfa_admin1 -r admin -h 255 -a "0-255" Fabric OS Administrator's Guide 347 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 388
user account When you remove an Admin Domain from an account, all of the currently active sessions for that account are logged out. 1. Connect to the switch Example switch:admin> the switch and log in as admin. 2. Switch to the appropriate command based on whether you Domain AD_B5. switch:AD255:admin - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 389
the definition to the fabric, enter ad --apply. All active user sessions associated with the Admin Domain are terminated. The deactivate option does not disable ports. Example The following example deactivates Admin Domain AD_B4. switch:AD255:admin> ad --deactivate AD_B4 You are about to deactivate - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 390
adds two switch ports, designated by domain,index, to AD1. switch:AD255:admin port members and the -s option to specify switch members: ad --remove ad_id -d "dev_list" -s "switch_list" Removing the last member element of an Admin Domain deletes the Admin Domain. 4. Enter the appropriate command based - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 391
4. Enter the appropriate command based on whether you want to Domain Eng_AD to Eng_AD2. switch:AD255:admin> ad Connect to the switch and log in as admin. 2. Switch to the Admin memory, enter cfgsave. 4. Switch to the AD255 context. deletes Admin Domain AD_B3. switch:AD255:admin> ad --delete - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 392
all zone configurations" on page 258 for instructions. 2. Connect to the switch and log in as admin. 3. Switch to the AD255 context, if you are from the user-defined ADs. You can use this procedure to remove all Admin Domains before enabling Virtual Fabrics. 1. Connect to the switch and log in - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 393
user Enable the configuration to complete the transaction. cfgenable cfgName 6. Switch user-defined ADs are also defined and zoned in AD0. 9. Clear the user user- : AD0, plus two user-defined Admin Domains (AD1 user-defined Admin Domains are deleted, as shown in Figure 57. Fabric OS Administrator - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 394
15 Admin Domain management for physical fabric administrators FIGURE 56 AD0 and two user-defined Admin Domains, AD1 and AD2 FIGURE 57 AD0 with three zones sw0:admin> ad --exec 255 "cfgshow" Zone CFG :00:00:00:02:00:00:00; 10:00:00:00:03:00:00:00 354 Fabric OS Administrator's Guide 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 395
about to enable a new zoning on ports associated with the traffic isolation zone changes Do you want to enable 'AD0_cfg configuration. This action will trigger AD apply to all switches in the fabric Do you want to apply all admin apply to all switches in the fabric Do you want to apply all admin domains - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 396
(User_ID), users are presented with only their relevant AD-based views (see Figure 51 on page 336 and Figure 52 on page 336). Any devices and switch ports that are not defined as part of the Admin Domain are not shown and are not available to that AD user. 356 Fabric OS Administrator's Guide 53 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 397
SAN TABLE 74 For Ports and devices in CLI output Condition domain,index Device WWN • The port is specified . RASLog and SYSlog output is not filtered based on AD membership. See the Fabric OS Command switch:AD255:admin> ad --exec 7 "switchshow" Fabric OS Administrator's Guide 357 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 398
-AD254 contexts: the membership of the current Admin Domain is displayed. • AD0: the device and switch list members are categorized into implicit and explicit member lists. 1. Connect to the switch and log in as any user type. 2. Enter the ad --show command. ad --show If you are in the AD0 context - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 399
Admin Domain interactions do not extend to user session tunneling across switches. A user logged into a switch can control only the local switch ports as specified in the Admin Domain. When the fabric is in secure mode, the following applies: • There is no support for ACL configuration under each - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 400
, and FC-CT based management applications (such as Tivoli). Access from applications or hosts using Management Server calls can be controlled using the Management Server ACL support provided by the msConfigure command. Note that this is a switch-specific setting and not a fabric-wide setting. Port - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 401
SAN zone" on page 251 for instructions on using the zone --validate AD. Admin Domains support the default zone AD0 supports both allaccess one for each user-defined Admin Domain. fabric (AD255) and no support for zone database updates. With AD support, zoning updates are supported selectively at - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 402
SAN Using the FC-FC Routing Service," for switch is a member of the Admin Domain, all switch Switch switch membership Yes With ADs and without switch membership Yes Without ADs Yes AD1 - AD254: With switch membership No Without switch No No Yes3 No Switch configuration and other parameters - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 403
Licensed Features Sectiona II This section describes optionally licensed Brocade Fabric OS features and includes the following chapters: • Chapter 16, • Chapter 20, "Managing Long Distance Fabrics" • Chapter 21, "Using the FC-FC Routing Service" Fabric OS Administrator's Guide 363 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 404
364 Fabric OS Administrator's Guide 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 405
, you must purchase a new license. If a license is not version-based, then it is valid for all versions of the feature. Fabric OS includes basic switch and fabric support software, and support for optionally licensed software that is enabled using license keys. Table 77 lists the optionally licensed - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 406
license feature set. This license enables full hardware capabilities on the Brocade 7800 base switch, increasing the number of Fibre Channel ports from four to sixteen and the number of GbE ports from two to six. A Brocade 7800 switch with the Upgrade License also supports up to eight FCIP tunnels - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 407
the Brocade 8000 switch. FICON Management Server Enables host-control of switches in mainframe environments. (Also known as "CUP", Control Unit Port) High Performance Extension over FCIP/FC Includes the FC-Fastwrite feature and IPsec capabilities. Applies to (formerly known as "FC-IP Services - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 408
required for base use. For more information on this products licensing, refer to the Fabric Watch Administrator's Guide. FC Fastwrite FC-IP Services or High Performance Extension over FCIP/FC Local and attached switches. FCIP FC-IP Services or Local and attached switches. High Performance - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 409
switches. High-Performance Extension over FCIP/FC or Advanced FICON Acceleration on Brocade 7800 FIPS No license required. n/a Firmware download - yes: Performance Monitoring. Local switch. Port fencing Fabric Watch Local switch. Fabric OS Administrator's Guide 369 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 410
. 10 Gigabit Ethernet license to use 10GbE ports on FX8-24 blade. Brocade 8000 - Must have license installed to enable the 8 FC ports. A maximum of 8 FC ports are allowed. Local switch. QoS Adaptive Networking Local switch and attached switches. QoS on an HBA Server Application Optimization - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 411
79. TABLE 79 Feature Base to Upgrade License Comparison Base model Upgrade License Number of Fibre Channel (FC) ports 4 16 Number of GbE ports 2 6 Number of 10-GbE ports 0 0 Number of FCIP Tunnels 2 6 Tape Pipelining over FCIP Tunnel No Yes ICL licensing Brocade ICL links operate - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 412
port goes offline or the switch is rebooted. The switch ports return to their pre-licensed state maximum speed of 4 Gbps. Slot-based licensing Slot-based licensing is used on the Brocade DCX and DCX-4S platforms to support been auto- or manually-assigned, do not remove it unless manually done. This - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 413
16 Upgrade/downgrade considerations When a Slot-based license is present on the switch, firmware downgrade to pre-Fabric OS v6.3.0 is allowed, but the Slot-based features that were licensed will not be functional. Adding a license to a slot 1. Connect to the switch and log in using an account - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 414
. 1. Connect to the switch and log in using an account assigned to the admin role. 2. Enter the reboot command for the expiry to take affect. Universal Time-based licenses Universal Time-based licenses behave the same way as the Time-based temporary licenses supported in prior FOS versions. Prior - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 415
reached, the time-based license can no longer be used on a switch. This expiration of the Universal Time-based license key provides the Brocade Web site at http://www.brocade.com. 2. Select Products > Software License Keys. The Software License Keys instruction page appears Guide 375 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 416
license keys and installation instructions. Adding a licensed feature To enable a feature, go to the feature's appropriate section in this manual. Enabling a feature on a switch may be a separate task from adding the license. For the Brocade 48000 director and the Brocade DCX and DCX-4S enterprise - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 417
48, 64, or 80 licensed ports. A maximum of 80 ports is allowed. Brocade 8000-Must have license installed to enable the 8 FC ports. A maximum of 8 ports are allowed. Brocade VA-40FC-Can be purchased with 24, 32, or 40 licensed ports. A maximum of 40 ports is allowed. Fabric OS Administrator's Guide - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 418
, if you bought a POD license for a Brocade 300, you cannot use that license on a Brocade 5100 or VA-40FC. The licenses are based on the switches WWN and are not interchangeable. Table 80 shows the ports that are enabled by default and the ports that can be enabled after you install the first and - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 419
, you can disable and re-enable the switch to activate ports. 5. Use the portShow command to check the newly activated ports. Dynamic Ports on Demand The Brocade 4016, 4018, 4020, and 4024 switch modules are for bladed servers. These switches support the Dynamic Ports on Demand (POD) feature. The - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 420
any prior port license assignments the next time the switch is rebooted. The static POD assignments become the initial Dynamic POD assignments. After the Dynamic POD feature is enabled, you can customize the POD license associations. The Dynamic POD feature is supported on the Brocade 4016, 4018 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 421
assigned to the full POD license Ports assigned to the base switch license: 1*, 2*, 3*, 4*, 5*, 6*, 8*, 21, 22, 23 Ports assigned to the full POD license: None Ports not assigned to a license: 0, 7, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20 Fabric OS Administrator's Guide 381 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 422
release the license. After a port is assigned to the POD set, the port is licensed until it is manually removed from the POD port set. When a port is released from its POD port set (Base, Single, or Double), it creates a vacancy in that port set. 1. Connect to the switch and log in using an account - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 423
DCFM. See the Web Tools Administrator's Guide and DCFM User's Manual for information about monitoring performance using a 7500, 7500E, 7600, 7800, 8000, VA-40FC, and the Brocade Encryption Switch, use only the port number where needed in the commands. Types of monitors Advanced Performance - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 424
Brocade 5300 4 3 Each logical switch can have its own set of performance monitors. The installation of monitors is restricted to the ports that are present in the respective logical switch. • Top Talker and end-to-end monitors are supported on the default logical switch, the base switch, and user - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 425
of interswitch links configured on the switch affects the amount of resources available for end-to-end monitors. The Brocade FC4-48 blade allows end-to-end monitors on all 48 ports. For the FC4-16IP blade, end-to-end monitors are supported on the FC ports (ports 0 through 7), but not on the GbE - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 426
For frames received at the port with the end-to-end enabled, the Brocade DCX, DCX-4S, and 5300 models allow up to 256 end-to-end monitors on one logical switch. The Brocade port 2 on Switch X, specifying 0x051200 as the SID and 0x111eef port 14 on Switch Y, specifying 0x111eef as the SID and 0x051200 as - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 427
, all existing end-to-end monitors are deleted. End-to-end masks are not supported on the Brocade DCX, DCX-4S, 300, 5100, 5300, 5410, 5424, 5450, 5480, 7800, and VA-40FC models. On FC4-48 port blades, the upper 32 ports can be addressed only when the area ID and the AL_PA are used together - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 428
1. Connect to the switch and log in as admin. 2. Enter the perfMonitorShow command to list the valid end-to-end monitor numbers for a port. 3. Enter the perfDelEEMonitor switch:admin> perfdeleemonitor 0, 2 End-to-End monitor number 2 deleted switch:admin> 388 Fabric OS Administrator's Guide - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 429
been transmitted by the port) or a user-defined frame type generates alerts based on the Brocade Encryption Switch Brocade 4800 (all blades except FC4-48) 12 16 Brocade 48000 (FC4-48 blade): • Lower 16 ports (0 through 15) 12 16 • Middle 16 ports (16 through 31) 6 12 • Upper 16 ports - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 430
and manage filter-based monitors, you can user-defined frame type and applying frame monitors to ports 3, 4, and 5 switch:admin> fmconfig --create MyFrameMonitor -pat "17,0xFF,0x007;7,0x4F,0x01;" -port 3-5 Starting port :3 End port :5 Create Success :0 390 Fabric OS Administrator's Guide - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 431
configuration unless you specify the -nosave option on this command. Example The following example removes the user-defined frame monitor, MyFrameMonitor, from all ports. switch:admin> fmconfig --delmonitor MyFrameMonitor Saving frame monitor configuration If you assign or remove frame monitors on - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 432
port configuration. The second command saves the port configuration persistently. switch:admin> fmconfig --addmonitor SCSI -port 3-12 -nosave switch:admin> fmconfig --save SCSI Displaying frame monitors 1. Connect to the switch on the port. switch:admin> fmconfig --show SCSI Port|Frame Type - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 433
4100, 4900, 5000, 5100, 5300, 7500, 7500E, 7600, 7800, 8000, VA-40FC, 48000, and Brocade Encryption Switch. Top Talker monitors are not supported on the CEE ports of the Brocade 8000 switch. Applications can use the Top Talker data to do the following: • Re-route the traffic through different - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 434
17 Top Talker monitors The Top Talker monitor is based on SID/DID and not WWNs. Once Top Talker is installed on a switch or port, it remains installed across power cycles. Top Talkers supports two modes, port mode and fabric mode: • Port mode Top Talker A Top Talker monitor can be installed on an - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 435
Before enabling fabric mode mode is enabled. Any Top switch switch and log in as admin. 2. Enter the perfTTmon --show command. perfttmon --show [slotnumber/]port [n] [wwn | pid] The output is sorted based port 4 on the Brocade 48000, Brocade DCX, or DCX-4S in PID format: perfttmon --show 2/4 pid switch - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 436
on an F_Port 1. Connect to the switch and log in as admin. 2. Enter the perfTTmon --delete command. perfttmon --delete [slotnumber/]port For example, to delete the monitor on port 7: perfttmon --delete 7 To delete the monitor on slot 2, port 4 on the Brocade 48000, Brocade DCX, or DCX-4S: perfttmon - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 437
, 5480, 7500, 7500E, 7600, 7800, 8000, VA-40FC48000, Brocade Encryption Switch, Brocade DCX, and DCX-4S platforms support 12 frame monitors for trunks. • For the Brocade 8000, trunk monitoring is supported only on the FC ports and not on the CEE ports. Displaying end-to-end and ISL monitor counters - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 438
' counters on port 2, continue? (yes, y, no, n): [no] y The following example clears statistics counters for an ISL monitor: switch:admin> perfMonitorClear --class ISL 1 This will clear ISL monitor on port 1, continue? (yes, y, no, n): [no] y 398 Fabric OS Administrator's Guide 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 439
Monitoring is deleted when the switch is rebooted. Using the Data Center Fabric Manager (DCFM) Enterprise Edition, you can store performance data persistently. For details on this feature, see the DCFM User's Manual (Enterprise Edition). Fabric OS Administrator's Guide 399 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 440
17 Performance data collection 400 Fabric OS Administrator's Guide 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 441
FC routers 415 •Disabling QoS 416 •Bottleneck detection 416 •Enabling bottleneck detection on a switch 419 •Excluding a port switch 423 Adaptive Networking overview Adaptive Networking is a suite of tools and capabilities that enable you to ensure optimized behavior in the SAN specific port in - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 442
a particular device to the switch port. Use ingress rate limiting for the following situations: • To reduce existing congestion in the network or proactively avoid congestion. • To enable you to offer flexible bandwidth limit services based on requirements. • To enable more important devices to use - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 443
Brocade Encryption Switch, Brocade DCX, or DCX-4S. • QoS traffic prioritization takes precedence over ingress rate limiting. • Ingress rate limiting is not enforced on trunked ports. Virtual Fabrics considerations: If Virtual Fabrics is enabled 9 Fabric OS Administrator's Guide 403 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 444
48000. You must manually enable QoS on 4 Gbps ports. • 8 Gbps platforms SID/DID traffic prioritization is a licensed feature for the 8 Gbps platforms: Brocade 300, 5100, 5300, 5410, 5424, 5450, 5460, 5470, 5480, 7800, 8000, VA-40FC, DCX, DCX-4S, and Brocade Encryption Switch. An Adaptive Networking - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 445
the portcfgshow output, the value of QOS_E_Port is AE for port 19 and ".." for port 24. This means that QoS is enabled by default on port 19 and disabled on port 24. You need to disable QoS on port 19. switch:admin> islshow 1: 2->300 10:00:00:05:1e:43:00:00 100 DCX sp: 8.000G bw - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 446
enable .. .. .. .. NPIV capability ON ON ON ON NPIV PP Limit 126 126 126 126 QOS E_Port AE AE AE AE EX Port .. .. .. .. Mirror Port switch automatically sets the priority for the "host,target" pairs specified in the zones based a QoS zone. See "QoS over FC routers" on page 408 for additional - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 447
. For example, in Figure 62, QoS should be enabled on the encircled E_Ports. NOTE By default, QoS is enabled on 8 Gbps ports, except for long-distance 8 Gbps ports. QoS is disabled by default on all 4 Gbps ports and long-distance 8 Gbps ports. Fabric OS Administrator's Guide 407 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 448
each edge fabric. • Enable QoS on the EX_Ports (or VEX_Ports) in the backbone fabric. See "Setting traffic prioritization over FC routers" on page 415 for detailed instructions. Following are requirements for establishing QoS over FCR: • QoS over FC routers is supported in Brocade native mode only - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 449
in the backbone fabric. • QoS over FC routers is supported only if Virtual Fabrics is disabled in the backbone fabric. QoS over FC routers cannot be enabled if Virtual Fabrics is also enabled in the backbone fabric. • The port WWN of the host or target and the port WWN of the proxy device must be - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 450
5100 • Brocade 5300 • Brocade 5410 • Brocade 5424 • Brocade 5450 • Brocade 5460 • Brocade 5470 • Brocade 5480 • Brocade 7800 • Brocade 8000 • Brocade VA-40FC • FC8-16, FC8-32, or FC8-48 port blade in the Brocade DCX or DCX-4S platform. - To preserve the priority level across ISLs, the switches must - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 451
to the upgrade. NOTE If you already manually enabled QoS on these ports before the upgrade, you do not have to manually enable them again after the upgrade. Manually enabling QoS on 4 Gbps ports and long-distance 8 Gbps ports after upgrade 1. Connect to the switch and log in as admin. 2. Display the - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 452
ports 2 and 19 and enabled manually on port 8. Port 19 is an 8 Gbps port, so you do not need to enable QoS unless this is also a long-distance port. The portcfgshow output indicates that port 19 is a long-distance port (Long Distance is ON). You need to manually enable QoS on ports 2 and 19. switch - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 453
NotApplicable, ??:INVALID, switch:admin> portcfgqos --enable 2 switch:admin> portcfgqos --enable 19 Limitations and port is marked as a session-based zoning port. • Traffic prioritization is enforced on the egress ports only, not on the ingress ports. • Traffic prioritization is not supported - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 454
, 5450, 5460, 5470, 5480, 7800, 8000, VA-40FC, Brocade Encryption Switch, and the Brocade DCX and DCX-4S enterprise-class platform, QoS is enabled by default on all ports. If you use the portCfgQos command to enable QoS on a specific port, the port is toggled to apply this configuration, even though - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 455
--enable 3 Setting traffic prioritization over FC routers 1. Connect to the switch in the edge fabric and log in as admin. 2. Create QoS zones in the edge fabric. The QoS zones must have WWN members only, and not D,I members. See "Setting traffic prioritization" on page 414 for instructions - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 456
enables to troubleshoot network problems. If problems in the fabric. In Fabric OS 6.3.x, bottleneck detection was configured on a per-port basis. Starting in Fabric OS 6.4.0, you configure bottleneck detection on a per-switch basis, with per-port exclusions. 416 Fabric OS Administrator's Guide - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 457
to enable bottleneck detection on all switches in the fabric, and leave it on to continuously gather statistics. Supported configurations for E_Ports, only the traffic egressing the port is monitored. For FCoE ports, bottleneck detection monitors traffic going from the FC side to the CEE side, and - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 458
support E_Ports, FCoE ports, and trunks. If you downgrade to a firmware version earlier than Fabric OS v6.3.0, bottleneck detection is no longer supported. If you later upgrade to Fabric OS 6.4.0, the switch attempts to enable is not possible to attribute a base fabric bottleneck to the exact logical - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 459
is applied to all eligible ports on that switch. If ineligible ports later become eligible or, in the case of a logical switch, if ports are moved to the logical switch, bottleneck detection is automatically applied to those ports. Enabling bottleneck detection enables both latency and congestion - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 460
on the switch. After you enable bottleneck detection, you can change the alert parameters on all eligible ports on the switch or on individual ports. You can also change the alert parameters on ports that have been excluded from bottleneck detection. 420 Fabric OS Administrator's Guide 53-1001763 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 461
Excluded ports Port ==== 2 3 4 Example The following example changes alert settings for the entire logical switch. switch:admin> bottleneckmon --config -alert -lthresh .97 -cthresh .8 -time 5000 switch:admin> bottleneckmon --status Bottleneck detection - Enabled Fabric OS Administrator's Guide - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 462
only latency bottlenecks, only congestion bottlenecks, or both combined. • Display bottleneck statistics for a single port, bottleneck statistics for all ports on the switch, or a list of ports affected by bottleneck conditions. • Continuously update the displayed data with fresh data. 1. Connect to - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 463
the list of excluded ports and non-default values of alerting parameters. 1. Connect to the switch and log in as admin. 2. Enter the bottleneckmon --disable command to disable bottleneck detection on the switch. switch:admin> bottleneckmon --disable Fabric OS Administrator's Guide 423 53-1001763 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 464
18 Disabling bottleneck detection on a switch 424 Fabric OS Administrator's Guide 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 465
to appear as a single port. Enabling multiple physical ports form a trunking group where the traffic is distributed dynamically and in order at the frame level, thus achieving greater performance with fewer inter-switch links. Trunking groups are based on the user port number with contiguous eight - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 466
must be set to interopMode 0 for Brocade Native mode, which supports all stand-alone Brocade switches, but provides no interoperability support. See "Interoperability for Merged SANs" on page 297 for information and procedures related to interoperability. • The port ISL R_RDY mode must be disabled - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 467
19 Supported hardware Trunking is supported on the FC ports of all Brocade platforms and blades supported in Fabric OS v6.4.0. Recommendations for trunking groups To identify the most useful trunking groups, consider the following recommendations along with the standard guidelines for SAN design - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 468
to the switch and log in using an account assigned to the admin role. 2. Enter the switchCfgTrunk command. Mode 1 enables and mode 0 disables ISL Trunking for all ports on the switch. switch:admin> switchcfgtrunk 1 Committing configuration...done. 428 Fabric OS Administrator's Guide 53-1001763 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 469
groups 1, 2, and 3; ports 4, 13, and 14 are masters. switch:admin> trunkshow 1: 6-> 4 for a switch that is part of an FC Router backbone 48.45%) Rx: Bandwidth 4.00Gbps, Throughput 1.67Gbps (48.48%) Tx+Rx: Bandwidth 8.00Gbps, Throughput 3.33Gbps (48.46%) Fabric OS Administrator's Guide 429 53 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 470
5450, 5480, and VA-40FC switches with the 8 Gbps SFPs installed. The Brocade 300, 5100, 5300, 5410, 5424, 5450, 5480, and VA-40FC support long-distance modes L0, LE, LS, and LD. The distance supported on each platform depends on the available buffers, number of back-end ports, and number of offline - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 471
-40FC platforms support a trunk group with up to eight ports. The trunking groups are based on the user port number, with contiguous eight ports as one group, such as 0-7, 8-15, 16-23 and up to the number of ports on the switch. FIGURE 65 Trunk group configuration for the Brocade 5100 Prerequisites - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 472
that F_Port trunking does not support shared area ports on the FC8-48 and FC4-48 blades in the Brocade 48000. F_Port trunking is supported on the shared area ports on the FC8-48 and FC8-64 in the Brocade DCX and DCX-4S. Enabling F_Port trunking 1. Connect to the switch and log in using an account - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 473
not allowed on the base switch. NOTE A base switch is a logical switch that is used to communicate among different logical switches. • F_Port trunks enabled on Fabric OS v6.2.0 are non-disruptive to Fabric v6.4.0. • If F_Port trunking is enabled on some ports in the default switch, and you disable - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 474
ports 2f:xx:nn:nn:nn:nn:nn:nn (1) Port WWNs for: switch's Fx_Ports. 25:xx:nn:nn:nn:nn:nn:nn (1) Port WWNs for: switch's based platforms. This feature does not work on M-EOS or third party switches. Figure 66 shows a switch in AG mode without F_Port masterless trunking. Figure 67 shows a switch - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 475
portShow command. configdownload Note: Switches in Access Gateway mode do not perform authentication. If you issue the configDownload command for a port configuration that is not compatible with F_Port trunking, and the port is Trunk Area-enabled, then the port will be persistently disabled. Note - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 476
Area on those ports. On the FC4-48 blade, F_Port masterless trunking is supported only on ports 0 - 15. FICON is not supported on F_Port trunk ports. However, FICON can still run on ports that are not F_Port trunked within the same switch. If you plug in a standby CP with a firmware version earlier - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 477
against the F_Port trunk master. Port and exchange-based routing is supported on the F_Port trunk masters. Bandwidth information will be modified accordingly as the F_Port trunk forms. The switchCfgTrunk 0 command will fail if a port has TA enabled. All ports on a switch must be TA-disabled first - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 478
to display the switch and port information. 6. Enter the porttrunkarea --show enabled command to display the TA-enabled port configuration. switch:admin> porttrunkarea --show enabled Port Type State Master TA DA 36 F-port Master 36 37 36 37 F-port Slave 36 37 37 38 F-port Slave 36 37 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 479
1.62Gbps (11.76%) Tx+Rx: Bandwidth 32.00Gbps, Throughput 3.24Gbps (11.80%) Enabling the DCC policy on a Trunk Area After you assign a Trunk Area, the ports from becoming disabled in the case where there is a DCC security policy violation. You can configure authentication on all three Brocade - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 480
19 F_Port masterless trunking 440 Fabric OS Administrator's Guide 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 481
SAN. Each switch handles local interconnectivity and multiplexes traffic across long-distance dark fiber or wave division multiplexing (WDM) links while the Brocade Extended Fabrics software enables SAN management over long distances. Brocade distance decreases for each switch. The Extended Fabrics - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 482
eight Gigabit Ethernet ports and eight FC ports. It is used to implement the iSCSI Gateway Service. The Gigabit Ethernet ports are used to connect iSCSI initiators, and the FC ports are used to connect to any device. • FC8-64 blade - Extended Fabrics is not supported on this blade. • Brocade 8000 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 483
and configurations, refer to Chapter 19, "Managing Trunking Connections". • Only qualified Brocade SFPs are used. Only Brocade-branded or certain Brocade-qualified SFPs are supported on the 8 Gbps platforms. 1. Connect to the switch and log in using an account assigned to the admin role. 2. Enter - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 484
to Time-Division Multiplexing (TDM) devices and your Brocade switch has QoS and buffer credit recovery enabled. 1. Connect to the switch and log in using an account assigned to the admin role. 2. Disable QoS. switch:admin> portcfgqos --disable [slot/]port If you do not disable QoS, after the second - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 485
and core-to-edge ISL connections within a switch. Configuring long-distance ISLs between core and edge switches is possible, but is not a recommended practice. With the exception of 3xxx series and earlier switches, all switch ports provide protection against buffer depletion through buffer limiting - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 486
for ISL Trunking. • Each user port reserves eight buffer credits when online or offline. • Any remaining buffers can be reserved by any port in the port group. • When QoS is enabled and the port is online, an additional 14 buffers are allocated to that port. • The following switches and blades have - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 487
bytes 288 - 17,184 bits You can allocate buffer credits based on distance using the portCfgLongDistance command. The Long distance link the distance measured during port initialization versus the desired_distance parameter, which is required when a port is configured as an Guide 447 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 488
page 451 and Table 93 on page 452 to get the total ports in a switch or blade, number of user ports in a port group, and the unreserved buffer credits available per port group. The values reflect an estimate, and may differ from the supported values in Table 93. 1. Determine the desired distance in - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 489
user port) = 492 buffers to a single port, you can calculate the maximum single port extended distance supported: [Maximum Distance X in km] = (BufferCredits + 6) * 2 / LinkSpeed 498 km = (492 + 6 buffers for Fabric Services) * 2 / 2 Gbps How many 50 km ports 21 ports Allocating buffer credits based - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 490
support EX_Port, Port Mirroring, Long-Distance, L_Port, Fast Write, QoS, and Trunk Area enabled ports. Displaying the remaining buffers in a port group 1. Connect to the switch command. switch:admin> portbuffershow 17 User Port Lx Max/Resv Buffer Needed Link Remaining Port Type Mode - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 491
Buffer credits Switch/blade model Total FC ports (per switch/blade) User port group size Unreserved buffers (per port group) 300 24 4100/5000 32 4900 64 5100 40 5300 80 5410 12 5424 24 5450 26 5480 24 7500 16 7600 16 7800 16 VA-40FC 40 Brocade Encryption Switch 32 FA4 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 492
can be configured assuming 2112 Byte Frame Size Switch/blade model 1 Gbps 2 Gbps 4 Gbps 8 Gbps 300 4100/5000 4900 5100 5300 5410 5424 5450 5480 7500 7600 7800 VA-40FC Brocade Encryption Switch FA4-18 FC4-16 FC4-16IP FC4-32 FC4-48 FC8-16 FC8-32 FC8-48 FC10-6 FR4-18i FS8-18 FX8-24 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 493
long distance and are connected between the following switch or blade models: • Brocade 300, 5100, 5300, 5410, 5424, 5450, 5480, VA-40FC • FC8-16, FC8-32, FC8-48 If a long-distance E_Port from one of these supported switches or blades is connected to any other switch or blade type, the buffer credit - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 494
20 Buffer credit recovery 454 Fabric OS Administrator's Guide 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 495
merging those fabrics. A Fibre Channel router (FC router) is a switch running the FC-FC routing service. The FC-FC routing service can be simultaneously used as an FC router and as a SAN extension over wide area networks (WANs) using FCIP. FCR supports backbone-to-edge routing, allowing devices in - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 496
FC-FC routing service overview Supported platforms for Fibre Channel routing Fibre Channel routing is supported on the following platforms: • Brocade DCX and DCX-4S (FC8-16, FC8-32, FC8-48, FC8-64, FS8-18, FX8-24, or FR4-18i blade) • Brocade 5100 switch • Brocade 5300 switch • Brocade VA-40FC switch - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 497
. Integrated Routing is not supported on 8-Gbps blades in the Brocade 48000. Fibre Channel routing concepts Fibre Channel routing introduces the following concepts: • Fibre Channel router (FC router) A switch running the FC-FC routing service. See "Supported platforms for Fibre Channel routing - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 498
the supported platforms by using an EX_Port or VEX_Port. • Backbone fabric A backbone fabric is an intermediate network that connects one or more edge fabrics. In a SAN, the backbone fabric consists of at least one FC router and possibly a number of Fabric OS-based Fibre Channel switches (see - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 499
2 VE_Port IP cloud Edge fabric 3 E_Port IFL IFL IFL FC router VEX_Port EX_Port (2) = LSAN Backbone fabric FIGURE 69 A Channel device, has a name server entry, and is assigned a valid port ID. The port ID is relevant only on the fabric in which the proxy device has Guide 459 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 500
consisting of a host in Edge SAN 1 connected to storage in Edge SAN 2 through a backbone fabric connecting two FC routers. ISL FC router EX_Port FC router EX_Port Backbone fabric IFL IFL E_Port Edge SAN 1 Edge SAN 2 E_Port = LSAN FIGURE 70 Edge SANs connected through a backbone fabric - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 501
edge SAN reached through Fibre Channel routing. Figure 71 illustrates this concept. Host Proxy host (imported device) Proxy target (imported device) Fabric 1 EX_Port Target E_Port IFL Fabric 2 E_Port IFL FC router FIGURE 71 MetaSAN with imported devices Routing types The FC-FC routing service - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 502
FC-FC Routing Service receives the frames from the backbone switches NOTE Management Server Platform services and interopmode are not supported in the backbone FC routers in a backbone fabric and four edge fabrics connected to the FC routers. 462 Fabric OS Administrator's Guide 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 503
to Fabric 1. There is one front domain for each FC router that is connected to Fabric 1. • Xlate FC router 1) Xlate domain 1 (Fabric 2) Front domain 2 (FC router 2) Xlate domain 2 (Fabric 3) Target 1' Target 2' Target 3' FIGURE 73 EX_Port phantom switch topology Fabric OS Administrator's Guide - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 504
you have the proper setup for FC-FC routing. (See "Verifying the setup for FC-FC routing" on page 464.) • Assign backbone fabric IDs. (See "Backbone fabric IDs" on page 466.) • Configure FCIP tunnels if you are connecting Fibre Channel SANs over IP-based networks. (See "FCIP tunnel configuration" on - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 505
FR4-18i blade and slots 3, 9, 10, and 12 with 8-Gbps port blades enabled. Proceed to step 3. • If you are not configuring a Brocade 48000, Brocade DCX, or Brocade DCX-4S platform, then skip to step 4. switch:admin> slotshow -m Slot Blade Type ID Model Name Status 1 AP BLADE 33 FA4-18 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 506
FC routing is not supported. To turn off interoperability mode, disable the switch and enter the interopMode 0 command, as described in "Enabling Brocade the FC router is disabled. All switches in a backbone fabric switch are not propagated to other switches switches -switch backbone fabric, - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 507
(1-128)[128] switch:admin> fosconfig --enable fcr FC Router service is enabled switch:admin> switchenable FCIP tunnel configuration The optional Fibre Channel over IP (FCIP) Tunneling Service enables you to use "tunnels" to connect instances of Fibre Channel SANs over IP-based networks to transport - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 508
(or VEX_Port) and assigns a Fabric ID of 30 to port 7. switch:admin> portcfgexport 7/10 -a 1 -f 30 switch:admin> portcfgexport 7/10 Port 7/10 info Admin: enabled State: NOT OK Pid format: Not Applicable Operate mode: Brocade Native Edge Fabric ID: 30 Preferred Domain ID: 160 Front - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 509
command to enable the ports that you disabled in step 1. switch:admin> portenable 7/10 6. Physically attach ISLs from the Fibre Channel router to the edge fabric. 7. Enter the portCfgShow command to view ports that are persistently disabled. FC ports on the Brocade 7500 and 7800 switches and FR4 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 510
Port ON Mirror Port ON FC Fastwrite ON 9. Enter either the portCfgEXPort or portShow command to verify that each port is configured correctly: switch:admin> portcfgexport 7/10 Port 7/10 info Admin: enabled State: NOT OK Pid format: Not Applicable Operate mode: Brocade 0 port generation - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 511
EX_Port FID Neighbor Switch Info (WWN, enet EX_Port FID Neighbor Switch Info (WWN Switch Info (WWN, enet IP, name 4 95 10:00:00:05:1e:37:00:45 10.32.156.31 "Brocade 7500" 5 95 10:00:00:05:1e:37:00:45 10.32.156.31 "Brocade 7500" 6 95 10:00:00:05:1e:37:00:45 10.32.156.31 "Brocade 7500" FC Router port - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 512
link with the smallest router port cost. The FC router port cost is similar to the link cost setting available on E_Ports, which allows you to customize traffic flow. The router port link cost values are either 1000 or 10,000. The router module chooses the router port path based on the lowest cost - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 513
7/10 10000 • To set the cost of the EX_Port back to the default, enter a cost value of 0: switch:admin> fcrrouterportcost 7/10 0 6. Enter the portEnable command to enable the ports that you disabled in step 1. switch:admin> portenable 7/10 Fabric OS Administrator's Guide 473 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 514
is supported only on EX_Ports in the following platforms: • Brocade DCX and DCX-4S (FC8-16, FC8-32, FC8-48, FC8-64, FS8-18, or FX8-24) • Brocade 5100 switch • Brocade 5300 switch • Brocade VA-40FC switch • Brocade Encryption Switch For the Brocade DCX and DCX-4S, Virtual Fabrics must be enabled for - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 515
with Brocade edge fabrics. You can use EX_Port frame trunking in the following configurations and cases: • For ports with speeds of 2 Gbps up to a maximum speed of 8 Gbps and trunking over long distance. • In the edge fabric, when the FC router is connected to a switch that supports eight ports from - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 516
prior to the HA failover, it remains enabled after the HA failover. Backward compatibility support For backward compatibility, an FC router that supports EX_Port trunking can continue to interoperate with older FC routers and all previously supported Brocade switches in the backbone fabric or - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 517
FC routers provide multiple mechanisms to manage inter-fabric device connectivity through extensions to existing switch management interfaces. You can define and manage LSANs using Brocade a device import. To support legacy applications, WWNs are reported based on the administrative domain context - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 518
LSAN configuration. switch:admin> cfgadd "zone_cfg", "lsan_zone_fabric75" switch:admin> cfgenable "zone_cfg" You are about to enable a new zoning configuration. This action will replace the old zoning configuration with the current configuration selected. 478 Fabric OS Administrator's Guide 53 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 519
:b4; na FC4s: FCP [IBM DNEF-309170 F90F] Fabric Port Name: 20:08:00:05:1e:34:11:e5 Permanent Port Name: 50:05:07:61:00:49:20:b4 The Local create and enable the LSAN configuration. switch:admin> cfgadd "zone_cfg", "lsan_zone_fabric2" switch:admin> cfgenable "zone_cfg" You are about to enable a - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 520
switch switch: FC the FC router, switch. The maximum number of LSAN devices supported FC routers in the same backbone fabric should have the same maximum LSAN count defined, to prevent the FC FC routers. 1. Enter the fcrlsancount command with no parameters to display the current LSAN limit. switch switch - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 521
Be aware of how LSAN zones impact high availability and firmware downgrades: • The LSAN zone matrix is synchronized to the standby CP. • On a dual CP switch, both CPs must have Fabric OS v5.3.0 or later to enable the feature. • If the feature is enabled on the active CP, introducing a CP with an - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 522
fast access to target devices D1 and D2. You could set up the Speed tag as follows: 1. In FC router 1 and FC router 2, configure the Speed tag as "super". 2. In edge fabric 2, configure two LSANs: lsan_f2_f1 (H1, when the target device is offline. 482 Fabric OS Administrator's Guide 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 523
LSAN tagging Note the following rules for configuring LSAN tags: • You configure the tags on the FC router, and not on the edge switches. If Virtual Fabrics are enabled, you configure the tags on the base switch on which the EX_ and VEX_Ports are located. You then have to ensure that the LSAN zones - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 524
enable the FC tag 1. Log in to the FC router as admin. 2. Enter 4. Toggle the host or target port to trigger the fast import process switch before removing an Enforce LSAN tag. You do not need to disable the switch to remove a Speed LSAN tag. 1. Log in to the FC FC router as admin. 2. Enter - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 525
devices supported in the backbone fabric can be higher. Figure 75 on page 486 shows a sample metaSAN with four FC routers in the backbone fabric. Without LSAN zone binding, each FC router in the backbone fabric would store information about LSAN zones 1, 2, 3, and 4. Fabric OS Administrator's Guide - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 526
number of LSAN devices is 10,000. • With LSAN zone binding, the metaSAN can import more than 10,000 devices and the backbone fabric can support more FC routers. • With LSAN zone binding, CPU consumption by an FC router is lower. 486 Fabric OS Administrator's Guide 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 527
FC FC router to other FC routers. • You must manually configure the LSAN fabric matrix on these FC routers to match the other FC FC routers can access each other: • FC router 1 and FC router 2 • FC router 3 and FC router 4 Because there is no device sharing between the two groups of FC four FC - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 528
add -lsan 0 0 will erase the entire LSAN fabric matrix settings in the cache. The FC router matrix and the LSAN fabric matrix are used together to determine which fabrics can access each --add -lsan 10 19 FCR:Admin> fcrlsanmatrix --apply -all 488 Fabric OS Administrator's Guide 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 529
PID configuration When an FC router is first configured, you replace a switch. If you replace the switch and want to the assignment of the xlate domain port number (which is used to determine user intervention. You can optionally configure these parameters manually. Fabric OS Administrator's Guide - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 530
switch using the switchDisable command. If executed on an enabled switch OS switches. FC supported in an FCR fabric with a Brocade 8000. By default, broadcast frame forwarding is disabled on an FC router. If your edge fabric includes a Brocade 8000, do not enable broadcast frame forwarding on the FC - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 531
proxy devices • Max NR_Ports The following example shows the use of the fcrResourceShow command to display physical port (EX_Port) resources. switch:admin> fcrresourceshow Daemon Limits: Max Allowed Currently Used LSAN Zones: 3000 28 Fabric OS Administrator's Guide 491 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 532
with the reason "ExPort in non base switch". You must explicitly create a base switch, move the EX_ and VEX_Ports to the base switch, and then enable the ports. If you move existing EX_ or VEX_Ports to any logical switch other than the base switch, these ports are automatically disabled. If you want - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 533
in legacy mode to a base switch, you must set the backbone FID of the FC router to be the same as that of the base switch. • All FCR commands can be executed only in the base switch context. • The fcrConfigure command is not allowed when Virtual Fabrics is enabled. Instead, use the lsCfg command - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 534
8 EX EX SW4 SW8 FIGURE 77 Logical representation of EX_Ports in a base switch Fabric 1 SW2 SW6 Backbone-to-edge routing with Virtual Fabrics Since the base switch does not allow F_Ports, you cannot have devices connected to the base switch. 494 Fabric OS Administrator's Guide 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 535
all FC router operations on the switch. Brocade recommends that you save your FC-FC routing configuration (using the configUpload command) before performing any downgrades. For further instructions on downgrading, refer to Chapter 9, "Installing and Maintaining Firmware". How replacing port blades - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 536
0; the values can be in a range of 129- 255. The range of the output ports connected to the xlate domain is 1-128. This range enables the front domain to connect to 127 remote xlate domains. 1. Log in to a switch in the edge fabric. 2. Enter the lsDbShow command on the edge fabric. In the - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 537
for Merged SANs," for more information. The FC router interoperates with M-EOS fabrics in both McDATA Open Mode and McDATA Fabric Mode. Fabric OS provides the ability to configure any EX_Port to connect to an M-EOS fabric by using an E_Port without disrupting the existing services. All the - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 538
FC routing capability of the Brocade series port to an FC router EX_Port and the one EX_Port to the Fabric OS edge fabric. • LSAN zone database binding-Increases FCR scalability to support more FC routers in the backbone and support more devices in the metaSAN. 498 Fabric OS Administrator's Guide - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 539
the front domain ID, there is no impact. The behavior with non-Mi10k switches displays the regular switch when configured. After the port is properly configured and connected, running switchShow on the FC router displays the M-EOS switch that is connected. From the M-EOS side, the EOSc show fabric - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 540
to a Native McDATA fabric configured in Fabric mode. NOTE For additional information on configuring the FC router, refer to Chapter 21, "Using the FC-FC Routing Service". 1. To verify the Native McDATA firmware version, use the M-EOSc show system command. 2. To display the front domain on the - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 541
the portEnable command. ecp:admin_06> portenable 10/13 If the port was persistently disabled, use the following command to enable the port: ecp:admin_06> portcfgpersistentenable 10/13 7. Physically attach the IFLs from the FC router to the switches in the edge fabrics. • Connect IFL1 and verify - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 542
FC router can support up to 2048 zones when connected to an M-EOS v9.6 switch. NOTE For detailed instructions for the steps in the following procedure, refer to the Zoning User Manual. http://www.brocade in a multiple-fabric SAN, use the following procedure to correct the problem. 1. Log in to - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 543
the EX_Port on the connected fabric. b. Enter the portLogClear command for the port. c. Enable the port on the FC router. d. Enter the portLogDump command for the port, capturing the output. Use the portLogDump tool to troubleshoot the problem, using the command output. If an EX_Port connecting an - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 544
Port Name: 50:00:51:e3:70:9a:3d:e8 Permanent Port Name: 10:00:00:00:c9:44:54:04 Port Index: na Share Area: No Device Shared in Other AD: No Switch Port Name: 50:06:06:91:23:45:6a:13 Permanent Port Name: 10:00:00:00:00:03:00:00 Port cfgactvshow. switch:admin FC router and run the lsanZoneShow - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 545
•Examples of supported configurations 509 Inband Management overview Inband Management on the Brocade 7500 Extension Switch allows a management station to communicate to the CP through the GE ports for tasks such as downloading firmware, SNMP polling, SNMP traps, troubleshooting, and configuration - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 546
0. These new Ethernet interfaces are internal only and are not accessible from outside the switch. They are used strictly for communicating IP packets between the CP and the GE port processor. Figure 79 shows the Inband Management process. During initialization, the hardware addresses for inbd0 and - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 547
port processor. Only a route on the CP is created with the internal GE port port. Also note that the portCfg inbandmgmt portcfg based on the GE port number entered. 1. Connect to the switch - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 548
Station. switch:admin> portcfg inbandmgmt ge0 routedel 192.168.3.0 255.255.255.0 Viewing Inband Management IP addresses and routes The portShow inbandmgmt command displays the addresses that are currently configured for that GE port number and a status of Inband Management (Enabled/Disabled - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 549
of when the Management Station is on the same subnet as the GE ports on the Brocade 7500 Extension Switches. Using the network diagram shown in Figure 80, the configuration would be set up as listed below. FIGURE 80 Management Station on same subnet 1. Configure the IP address for each of the - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 550
of supported configurations b. On the 7500 R1, create an IP address on the GE interface: switch:admin> portcfg ipif ge0 create 192.168.3.20 255.255.255.0 1500 2. Configure the management interfaces on the 7500 L1. a. Configure the internal addresses for the inbd devices for CP and GE port (GE port - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 551
(GE port 0 for this example). switch:admin> portcfg inbandmgmt ge0 ipaddrset cp 192.168.255.1 255.255.255.0 switch:admin> portcfg inbandmgmt ge0 ipaddrset ge 192.168.255.2 255.255.255.0 b. Add the route on the switch going to the Management Station. Fabric OS Administrator's Guide 511 53-1001763 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 552
B Examples of supported configurations switch:admin> portcfg inbandmgmt ge0 routeadd 192.168.3.0 255.255.255.0 192.168.2.250 4. Configure the routes on Router A. a. the 7500 R1 management address. linux> route add -host 10.1.2.20 gw 192.168.3.250 512 Fabric OS Administrator's Guide 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 553
for the maximum number of ports used by the FC4-48 and FC8-48 blades. The FC8-64 is not supported on the Brocade 48000 director. If your blade does not have the maximum number of ports, use the lower sections of 185 321/201 337/217 353/233 369/249 Fabric OS Administrator's Guide 513 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 554
director TABLE 99 Default index/area_ID core PID assignment with no port swap for the Brocade 48000 director (Continued) Port on blade Slot 1 Slot 2 Idx/area Idx/area Slot 113/113 0 0/0 16/16 32/32 48/48 64/64 80/80 96/96 112/112 514 Fabric OS Administrator's Guide 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 555
truncated) TABLE 100 Default index/16-bit PID assignment with no port swap on a Brocade DCX backbone Port (DCX) Slot 1 Index/PID Slot 2 Index/PID Slot 3 48 768/0x00c0 784/0x10c0 800/0x20c0 816/0x30c0 832/0x40c0 848/0x50c0 864/0x60c0 880/0x70c0 Fabric OS Administrator's Guide 515 53- - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 556
DCX backbone TABLE 100 Default index/16-bit PID assignment with no port swap on a Brocade DCX backbone (Continued) Port (DCX) Slot 1 Index/PID Slot 2 Index/PID Slot 3 Index/PID Slot 4 Index/PID 77/0x4d40 93/0x5d40 109/0x6d40 125/0x7d40 516 Fabric OS Administrator's Guide 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 557
16/0x1040 32/0x2040 48/0x3040 64/0x4040 80/0x5040 96/0x6040 112/0x7040 Port indexing on the Brocade DCX-4S backbone The Brocade DCX-4S does not need a mapping of ports because it is -- N4 No_Module 66 2 2 0a4200 -- N4 No_Module (output truncated) Fabric OS Administrator's Guide 517 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 558
Default index/16-bit PID assignment with no port swap for the Brocade DCX-4S Port on blade Slot 1 Index/PID Slot 2 Index 178/0xb200 242/0xf200 49 49/0x3100 113/0x7100 177/0xb100 241/0xf100 48 48/0x3000 112/0x7000 176/0xb000 240/0xf000 47 47/0x2f00 111/0x6f00 175 's Guide 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 559
Default index/16-bit PID assignment with no port swap for the Brocade DCX-4S (Continued) Port on blade Slot 1 Index/PID Slot 2 17 17/0x1100 81/0x5100 145/0x9100 209/0xd100 16 16/0x1000 80/0x5000 144/0x9000 208/0xd000 15 15/0x0f00 79/0x4f00 143/ OS Administrator's Guide 519 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 560
C Port indexing on the Brocade DCX-4S backbone 520 Fabric OS Administrator's Guide 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 561
out or zeroized. Power-up self tests are executed when the switch is powered on to check for the consistency of the algorithms implemented in the switch. Known-answer- When FIPS mode is enabled, this is a chassis-wide setting and affects all logical switches. Zeroization functions Explicit - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 562
every random number generation. Key-based SSH authentication is not used for SSH sessions. Key-based SSH authentication is not used for user mode and perform a recovery procedure to reset the switch. For more information on this procedure, refer to the Fabric OS Troubleshooting and Diagnostics Guide - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 563
to the Fabric OS Troubleshooting and Diagnostics Guide for instructions on how to recover if your system cannot get out of the conditional test mode. FIPS mode configuration By default, the switch comes up in non-FIPS mode. You can run the fipsCfg --enable fips command to enable FIPS mode, but you - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 564
CONFIGURATIONS RADIUS configuration does not exist. adldap.local LDAP CONFIGURATIONS Position Server Port Domain Timeout(s) : 1 : GEOFF5.ADLDAP.LOCAL : 389 : adldap.local : 3 Primary AAA Service: LDAP Secondary AAA Service: Switch database 524 Fabric OS Administrator's Guide 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 565
on the switch by using the dnsConfig command. Example of setting the DNS switch:admin> dnsconfig Enter option 1 Display Domain Name Service (DNS) Enable FIPS algorithm policy on the Microsoft Active Directory. Refer to www.microsoft.com for instructions. Fabric OS Administrator's Guide 525 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 566
D FIPS mode configuration LDAP certificates for FIPS mode To utilize the LDAP services for FIPS between the switch and the host, you must generate a CSR on the Active Directory server and import and export the CA certificates. To support server certificate validation, it is essential to have the CA - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 567
on Microsoft Active Directory server and CA certificate on the switch for using LDAP authentication. 4. Block Telnet, HTTP, and RPC. 5. Disable BootProm access. 6. Configure the switch for signed firmware. 7. Disable root access. 8. Enable FIPS. Fabric OS Administrator's Guide 527 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 568
to the boot PROM: fipscfg --disable bootprom Block boot PROM access before disabling root account. 7. Enable signed firmware by typing the configure command and respond to the prompts as follows: System services No cfgload attributes Yes 528 Fabric OS Administrator's Guide 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 569
Press enter to accept default. Enforce firmware signature validation Yes Example switch:admin> configure Not all options will be available on an enabled switch. To disable the switch, use the "switchDisable" command. Configure... System services (yes, y, no, n): [no] ... cfgload attributes (yes - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 570
an account assigned the admin or securityAdmin role. 2. Type the command fipsCfg --zeroize. 3. Reboot the switch. Displaying FIPS configuration 1. Log in to the switch using an account assigned the admin or securityAdmin role. 2. Type the command fipsCfg --showall. 530 Fabric OS Administrator - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 571
a base of port IDs. Example conversion of the hexadecimal triplet Ox616000 Notice the PID in the nsShow output is in hexadecimal. switch Port Name: 20:08:00:05:1e:01:23:e0 Permanent Port Name: 10:00:00:00:c9:29:b3:84 Port Domain ID = 97 06 = Area (port number) = 06 00 = Port (ALPA) = 0 (not used - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 572
3d 3e 3f 40 41 42 43 44 45 46 Decimal 71 72 73 74 75 76 77 78 79 80 Hex 47 48 49 4a 4b 4c 4d 4e 4f 50 Decimal 81 82 83 84 85 86 87 88 89 90 Hex 178 179 180 Hex ab ac ad ae af b0 b1 b2 b3 b4 532 Fabric OS Administrator's Guide 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 573
245 246 247 248 249 250 Hex f1 f2 f3 f4 f5 f6 f7 f8 f9 fa Decimal 251 252 253 254 255 Hex fb fc fd fe ff Fabric OS Administrator's Guide 533 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 574
E Hexadecimal overview 534 Fabric OS Administrator's Guide 53-1001763-01 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 575
ID mode, 301 A AAA service requests, 99 access browser support, 122 changing account parameters, user-defined, 88 activating Admin Domains, 348 POD, 379 ports on demand, 377 TI zones, 285 AD0, 338 AD255, 339 Adaptive Networking, 401 Fabric OS Administrator's Guide 53-1001763-01 adding a new switch - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 576
466 backing up a configuration, 178 base switches about, 216 creating, 225 blade swapping, 50 blades compatibility, 44, 46 disabling and enabling, 44 enabling exceptions for the FR4-18i, 49 port area ID, 41 port identification, 41 port indexing, 41 port numbering schemes, 40 powering off and on, 53 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 577
OS and M-EOS SANs, 497 multiple EX_Ports to an edge fabric, 464 to devices, 33 connection restrictions, 87 serial, 17 telnet, 17 core/edge topology and ISL trunking, 427 CP blade, 376 access, 105 creating accounts, 88 Admin Domains, 345 alias, 246 base switches, 225 logical switches, 225 policy, 143 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 578
switches, 228 RADIUS configuration, 114 TI zones, 286 zone configurations, 256 zones, 250 detecting bottlenecks, 416 devices proxy, 461 dictionary.brocade zone configuration, 242 enabling bottleneck detection, 419 port, 43 Virtual Fabrics, 223 zone configurations, 255 enabling and disabling ISL - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 579
OS Administrator's Guide 53-1001763-01 Fabric OS supported protocols, 117, 118 Fabric Wide Consistency Policy, 466 FC router, 143 FC routing concepts, 457 supported platforms, 456 FC routing types, 461 FCAP, 144 FC-FC Routing, 143 FC-FC Routing and Virtual Fabrics, 492 FC-FC routing service, 455 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 580
host-based zoning, switch link (ISL), 66 IP Filter supported services, 155 IP-NAT, 65 IPsec algorithms, 167 Authentication Header protocol, 166 configuration on the management interface, 164 Encapsulating Security Payload protocol, 166 flushing SAs, 173 IKE policies, 169 key management, 169 manual - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 581
about, 214 changing context, 233 logical ISLs, 217 logical ports, 218 logical switches about, 210 allowing XISL use, 232 changing FID, 230 changing to a base switch, 231 creating, 225 deleting, 228 displaying configuration, 230 moving ports, 229 login changing password, 89 fails, 17 with Admin - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 582
, FC routing supported, 456 PLOGI, 12 POD activating, 379 enabling ports, 43 policies, routing, 63 policy creating, 143 creating, SCC, 143 members, identifying, 134 password expiration, 93 password strength, 91 SCC, 143 port, 43 activating POD, 379 enabling, 43 Port Login, 10 port mirroring, 11 port - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 583
deleting RADIUS configuration, 114 disabling port, 43 displaying RADIUS configuration, 115 name limitations, 30 RADIUS client, 107 RADIUS configuration, disabling, 114 user-defined accounts, 88 switch access, 131 switch firmware version, finding, 193 switch names, 30 switch WWN in Admin Domains, 342 - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 584
ISLs (LISL), 217 logical switch configuration, displaying, 230 logical switch to base switch change, 231 logical switches, about, 210 logical switches, creating, 225 logical switches, deleting, 228 overview, 209 platform services, 5 ports, moving, 229 restrictions, 222 supported platforms, 220 with - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 585
based PID assignment, 37 WWNs switch WWNs in Admin Domains, 342 X XISL, about, 216 xlate domains, 462 Fabric OS Administrator's Guide 53-1001763-01 Z zone adding a new switch , 242 enabling a configuration, 255 enforcement, 242 host-based, 239 LUN masking, 239 merging, 253 name server-based, 239 no - HP 8/80 | Fabric OS Administrator's Guide v6.4.0 (53-1001763-01, June 2010) - Page 586
zone configurations creating, 254 deleting, 256 disabling, 256 enabling, 255 removing, 255 zone database and Admin Domains, 360 zone, broadcast, 244 zones QoS zones, 406 TI zones, 267 546 Fabric OS Administrator's Guide 53-1001763-01
53-1001763-01
30 March 2010
®
Fabric OS
Administrator’s Guide
Supporting Fabric OS v6.4.0