HP StorageWorks 8/80 HP StorageWorks Fabric OS 6.2 administrator guide (5697-0 - Page 146

The following example shows how to set a strict SCC and tolerant DCC fabric-wide consistency policy. switch:admin> fddcfg --fabwideset "SCC:S;DCC" switch:admin> fddcfg --showall Local Switch Configuration for all Databases:- DATABASE - Accept/Reject SCC - accept DCC - accept PWD - accept FCS - accept AUTH - accept IPFILTER - accept Fabric Wide Consistency Policy:- "SCC:S;DCC" Notes on joining a switch to the fabric When a switch is joined to a fabric with a tolerant SCC or DCC fabric-wide consistency policy, the joining switch must have a matching tolerant SCC or DCC fabric-wide consistency policy. If the tolerant SCC or DCC fabric-wide consistency policies do not match, the switch can join the fabric, but an error message flags the mismatch. If the tolerant SCC and DCC fabric-wide consistency policies match, the corresponding SCC and DCC ACL policies are compared. The enforcement of fabric-wide consistency policy involves comparison of the Active policy set only. If the ACL policies match, the switch joins the fabric successfully. If the ACL policies are absent on the switch or on the fabric, the switch joins the fabric successfully, and the ACL policies are copied automatically from where they exist to where they are absent. The Active policies set where they exist and overwrite the Active and Defined policies where they are absent. If the ACL policies do not match, the switch can join the fabric, but an error message flags the mismatch. Under both conflicting conditions, secPolicyActivate is blocked in the merged fabric. Use the fddCfg --fabwideset command to resolve the fabric-wide consistency policy conflicts. Use the distribute command to explicitly resolve conflicting ACL policies. When a switch is joined to a fabric with a strict SCC or DCC fabric-wide consistency policy, the joining switch must have a matching fabric-wide consistency policy. If the strict SCC or DCC fabric-wide consistency policies do not match, the switch cannot join the fabric and the neighboring E_Ports are disabled. If the strict SCC and DCC fabric-wide consistency policies match, the corresponding SCC and DCC ACL policies are compared. The enforcement of a fabric-wide consistency policy involves comparison with the Active policy set only. If the ACL polices match, the switch joins the fabric successfully. If the ACL policies are absent either on the switch or on the fabric, the switch joins the fabric successfully, and the ACL policies are copied automatically from where they are present to where they were absent. The Active policy set where it is present overwrites the Active and Defined policy set where it is absent. If the ACL policies do not match, the switch cannot join the fabric and the neighboring E_Ports are disabled. Use the fddCfg --fabwideset command on either this switch or the fabric to set a matching strict SCC or DCC fabric-wide consistency policy. Use ACL policy commands to delete a conflicting ACL policy from one side to resolve an ACL policy conflict. If neither the fabric nor the joining switch is configured with a fabric-wide consistency policy, there are no ACL merge checks required. The descriptions above also apply to joining two fabrics. In this context, the joining switch becomes a joining fabric. Matching fabric-wide consistency policies This section describes the interaction between the databases with active SCC and DCC policies and combinations of fabric-wide consistency policy settings when fabrics are merged. For example: Fabric A with SCC:S;DCC (strict SCC and tolerant DCC) joins Fabric B with SCC:S;DCC (strict SCC and tolerant DCC), the fabrics can merge as long as the SCC policies match (both are strict). 144 Configuring advanced security features