HP StorageWorks 2/24 FW 07.00.00/HAFM SW 08.06.00 McDATA Products in a SAN Env - Page 238
between SANtegrity Authentication and Binding, PDCM arrays, Preferred path, Software-enforced zoning
View all HP StorageWorks 2/24 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 238 highlights
Physical Planning Considerations 5 5. Preferred path - A preferred path provides soft control of fabric routing decisions on a switch-by-switch or port-by-port basis. The path instructs a fabric to use a preferred exit port out of a director or fabric switch for a specified receive port and target domain. If a preferred path is prohibited by SANtegrity Binding, PDCM arrays, or hard zoning, the path is not programmed. In addition, if a preferred path is not a shortest path as calculated by Dijkstra's fibre shortest path first (FSPF) algorithm, the preferred path is not programmed. However, preferred paths do take precedence over dynamic load balancing enabled through the OpenTrunking feature, soft zoning, or device-level access control. In general, preferred paths should be configured to influence predictable or well-known Fibre Channel traffic patterns for load balancing or distance extension applications. 6. Software-enforced zoning - When a device queries the name server of a fabric element for a list of other attached devices, soft zoning ensures only a list of devices in the same zone as the requesting device is returned. Soft zoning only informs a device about authorized zoning configurations; it does not explicitly prohibit an unauthorized connection. Connectivity configured through SANtegrity Binding, PDCM arrays, hardware-enforced zoning, and preferred paths takes precedence over soft zoning. 7. Device-level access control - Persistent binding and storage access control can be implemented at the device level as an addition or enhancement to other security features (SANtegrity Binding, PDCM arrays, zoning, and preferred paths) that are more explicitly enforced. Security methods described in this section work in parallel with each other and are allowed to be simultaneously enabled and activated. Users are responsible for security configuration and operation within the constraints and interactions imposed by their fabric design and the methods described here. Because incompatible security configurations can cause unintended connectivity problems or shut down Fibre Channel traffic in a fabric, it is imperative that users study and understand the interactions between SANtegrity Authentication and Binding, PDCM arrays, zoning, preferred paths, and device-level access control. 5-32 McDATA Products in a SAN Environment - Planning Manual