HP StorageWorks 2/32 Brocade Secure Fabric OS Administrator's Guide (53-100024 - Page 101

secPolicyAdd, secModeEnable, switchDisable, secVersionReset

Get HP StorageWorks 2/32 - SAN Switch PDF manuals and user guides View all HP StorageWorks 2/32 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 101 highlights

4 Table 4-5 Recovery Processes (Continued) Symptom Possible Causes Recommended Actions One or more switches is segmented from the fabric. Note: For instructions on rejoining fabrics, refer to the instructions in "Adding Switches and Merging Fabrics with Secure Mode Enabled" on page 4-13. SCC_POLICY is excluding the segmented switches. Management server services on the segmented switches are inconsistent with rest of fabric. The segmented switches are missing PKI objects. Use the secPolicyAdd command on the primary FCS switch to add the switches to the SCC_POLICY. Ensure that the Management Server Platform Service is consistently enabled or disabled across all the switches in the fabric. For information about the management server support provided by Fabric OS, refer to the Fabric OS Command Reference. Determine the status of the PKI objects by following the procedure in "Verifying the Digital Certificate" on page 2-4. If any objects are missing, replace as described in "Creating PKI Objects" on page 2-5. ISLs to the segmented Check the hardware connections and the port status for all ISLs switches are interrupted or between the segmented switches and the fabric. a port failure occurred. Configurations of the segmented switches diverged from rest of the fabric. Disable the segmented switches, reset the configuration parameters to match the rest of the fabric, and reenable the switches. FCS policies on the segmented switches are not identical to the FCS policy of the fabric. If one or more switches is segmented without any FCS switches, enter the secModeEnable command on a segmented switch and specify an FCS policy that is identical to the FCS policy of the rest of the fabric. The segmented switch or group of switches automatically fastboot. If one or more switches is segmented along with a primary FCS switch, modify the FCS policy as required until it is identical to the FCS policy in the rest of the fabric. The fabric contains more than one version stamp. Might be due to no primary FCS switch being available to propagate changes across fabric. Type the secModeEnable command to specify a new primary FCS switch. Specify adequate backup FCS switches to prevent a recurrence. Then, for each segmented portion of the fabric that does not contain the new primary FCS switch, reset the version stamp to 0 by entering switchDisable, secVersionReset, and switchEnable. Secure Fabric OS Administrator's Guide Publication Number: 53-1000244-01 4-21

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
Secure Fabric OS Administrator’s Guide
4-21
Publication Number: 53-1000244-01
4
One or more switches is
segmented from the
fabric.
Note
:
For instructions on
rejoining fabrics, refer to
the instructions in
“Adding Switches and
Merging Fabrics with
Secure Mode Enabled”
on page 4-13.
SCC_POLICY is excluding
the segmented switches.
Use the
secPolicyAdd
command on the primary FCS switch to add
the switches to the SCC_POLICY.
Management server
services on the segmented
switches are inconsistent
with rest of fabric.
Ensure that the Management Server Platform Service is
consistently enabled or disabled across all the switches in the
fabric. For information about the management server support
provided by Fabric OS, refer to the
Fabric OS Command
Reference
.
The segmented switches are
missing PKI objects.
Determine the status of the PKI objects by following the procedure
in
“Verifying the Digital Certificate”
on page 2-4. If any objects
are missing, replace as described in
“Creating PKI Objects”
on
page 2-5.
ISLs to the segmented
switches are interrupted or
a port failure occurred.
Check the hardware connections and the port status for all ISLs
between the segmented switches and the fabric.
Configurations of the
segmented switches
diverged from rest of the
fabric.
Disable the segmented switches, reset the configuration parameters
to match the rest of the fabric, and reenable the switches.
FCS policies on the
segmented switches are not
identical to the FCS policy
of the fabric.
If one or more switches is segmented without any FCS switches,
enter the
secModeEnable
command on a segmented switch and
specify an FCS policy that is identical to the FCS policy of the rest
of the fabric. The segmented switch or group of switches
automatically fastboot.
If one or more switches is segmented along with a primary FCS
switch, modify the FCS policy as required until it is identical to the
FCS policy in the rest of the fabric.
The fabric contains more
than one version stamp.
Might be due to no primary
FCS switch being available
to propagate changes across
fabric.
Type the
secModeEnable
command to specify a new primary FCS
switch. Specify adequate backup FCS switches to prevent a
recurrence. Then, for each segmented portion of the fabric that
does not contain the new primary FCS switch, reset the version
stamp to 0 by entering
switchDisable
,
secVersionReset
, and
switchEnable
.
Table 4-5
Recovery Processes
(Continued)
Symptom
Possible Causes
Recommended Actions