HP StorageWorks 2/16V Brocade Secure Fabric OS Administrator's Guide (53-10002 - Page 58

Modifying the FCS Policy

Get HP StorageWorks 2/16V - SAN Switch PDF manuals and user guides View all HP StorageWorks 2/16V manuals
Add to My Manuals
Save this manual to your list of manuals

Page 58 highlights

3 Modifying the FCS Policy Only one FCS policy can exist, and it cannot be empty or deleted if secure mode is enabled. The FCS policy is named FCS_POLICY. Changes made to the FCS policy are saved to permanent memory only after the changes have been saved or activated; they can be aborted later if desired (see "Managing Secure Fabric OS Policies" on page 3-25). The FCS policy can be modified through any of the following methods: • Using the secPolicyFCSMove command to change the position of a switch in the list, as described in "Changing the Position of a Switch Within the FCS Policy" on page 3-9 • Using the secFCSFailover command to fail over the primary FCS switch role to the backup FCS switch from which the command is entered, as described in "Failing Over the Primary FCS Switch" on page 3-10 • Using the secPolicyAdd command to add members, as described in "Adding a Member to an Existing Policy" on page 3-27 • Using the secPolicyRemove command to remove members, as described in "Removing a Member from a Policy" on page 3-28 Note If the last FCS switch is removed from the fabric, secure mode remains enabled but no primary FCS switch is available. To specify a new primary FCS switch, enter the secModeEnable command again and specify the primary and backup FCS switches. This is the only instance in which the secModeEnable command can be entered when secure mode is already enabled. The possible FCS policy states are shown in Table 3-1. Table 3-1 FCS Policy States Policy State Characteristics No policy, or policy with no entries Not possible if secure mode is enabled. Policy with one entry A primary FCS switch is designated but there are no backup FCS switches. If the primary FCS switch becomes unavailable for any reason, the fabric is left without an FCS switch. Policy with multiple entries A primary FCS switch and one or more backup FCS switches are designated. If the primary FCS switch becomes unavailable, the next switch in the list becomes the primary FCS switch. You might not want to put Fabric OS v2.6.x switches in the FCS policy if your primary FCS switch is running Fabric OS v3.2.0, v4.4.0, v5.0.1, v5.1.0, or v5.2.0 and using multiple user accounts (MUA) because Fabric OS v2.6.x does not support MUA. See the Fabric OS Administrator's Guide for more information on MUA. 3-8 Secure Fabric OS Administrator's Guide Publication Number: 53-1000244-01

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
3-8
Secure Fabric OS Administrator’s Guide
Publication Number: 53-1000244-01
3
Modifying the FCS Policy
Only one FCS policy can exist, and it cannot be empty or deleted if secure mode is enabled. The FCS
policy is named FCS_POLICY.
Changes made to the FCS policy are saved to permanent memory only after the changes have been
saved or activated; they can be aborted later if desired (see
“Managing Secure Fabric OS Policies”
on
page 3-25).
The FCS policy can be modified through any of the following methods:
Using the
secPolicyFCSMove
command to change the position of a switch in the list, as described
in
“Changing the Position of a Switch Within the FCS Policy”
on page 3-9
Using the
secFCSFailover
command to fail over the primary FCS switch role to the backup FCS
switch from which the command is entered, as described in
“Failing Over the Primary FCS Switch”
on page 3-10
Using the
secPolicyAdd
command to add members, as described in
“Adding a Member to an
Existing Policy”
on page 3-27
Using the
secPolicyRemove
command to remove members, as described in
“Removing a Member
from a Policy”
on page 3-28
The possible FCS policy states are shown in
Table 3-1
.
You might not want to put Fabric OS v2.6.x switches in the FCS policy if your primary FCS switch is
running Fabric OS v3.2.0, v4.4.0, v5.0.1, v5.1.0, or v5.2.0 and using multiple user accounts (MUA)
because Fabric OS v2.6.x does not support MUA. See the
Fabric OS Administrator’s Guide
for more
information on MUA.
Note
If the last FCS switch is removed from the fabric, secure mode remains enabled but no primary FCS
switch is available. To specify a new primary FCS switch, enter the
secModeEnable
command again
and specify the primary and backup FCS switches. This is the only instance in which the
secModeEnable
command can be entered when secure mode is already enabled.
Table 3-1
FCS Policy States
Policy State
Characteristics
No policy, or policy with no entries
Not possible if secure mode is enabled.
Policy with one entry
A primary FCS switch is designated but there are no backup
FCS switches. If the primary FCS switch becomes unavailable
for any reason, the fabric is left without an FCS switch.
Policy with multiple entries
A primary FCS switch and one or more backup FCS switches
are designated. If the primary FCS switch becomes unavailable,
the next switch in the list becomes the primary FCS switch.