HP StorageWorks EVA4400 Brocade Fabric OS Administrator's Guide - Supporting F
HP StorageWorks EVA4400 Manual
View all HP StorageWorks EVA4400 manuals
Add to My Manuals
Save this manual to your list of manuals |
HP StorageWorks EVA4400 manual content summary:
- HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 1
53-1002446-01 ® 15 December 2011 Fabric OS Administrator's Guide Supporting Fabric OS v7.0.1 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 2
1001763-02 Fabric OS Administrator's Guide 53-1002148-01 Fabric OS Administrator's Guide 53-1002148-02 Fabric OS Administrator's Guide 53-1002148-03 Fabric OS Administrator's Guide 53-1002446-01 Added enhancements and new features for Fabric OS v6.4.0. Added support for the Brocade VA-40FC hardware - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 3
Supported hardware and software xxxiv What's new in this document xxxv Document conventions xxxvi Notice to the reader xxxvii Additional information xxxviii Getting technical help xxxviii Document feedback xxxix Section I Standard Features Chapter 1 Understanding Fibre Channel Services - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 4
Basic Configuration Tasks In this chapter 15 Fabric OS overview 15 Fabric OS command line interface 16 Console sessions using the serial port 16 Telnet or SSH sessions 17 Getting help on a command 18 Password modification 19 Default account passwords 19 The Ethernet interface on your switch - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 5
Backbone shutdown 32 Powering off a Brocade switch 32 Powering off a Brocade Backbone 33 Basic connections 33 Device connection 33 Switch connection 34 Performing Advanced Configuration Tasks In this chapter 35 PIDs and PID binding overview 35 Core PID addressing mode 36 Fixed addressing - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 6
route selection 64 FSPF 64 Fibre Channel NAT 65 Inter-switch links 66 Buffer credits 67 Virtual channels 67 Gateway links 68 Configuring a link through a gateway zone 79 Viewing redirect zones 80 Managing User Accounts In this chapter 81 vi Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 7
Chapter 6 Fabric OS Administrator's Guide 53-1002446-01 User accounts overview 81 Role-Based Access Control 82 The management channel 83 Managing user-defined roles 84 Local database user accounts 85 Default accounts 85 Local account passwords 87 Local account database distribution 88 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 8
FCS policies 135 FCS policy restrictions 135 Ensuring fabric domains share policies 136 Creating an FCS policy 136 Modifying the order of FCS switches 137 FCS 149 FCAP configuration overview 150 Fabric-wide distribution of the Auth policy 153 viii Fabric OS Administrator's Guide 53-1002446 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 9
file restoration 181 Restrictions 182 Configuration download without disabling a switch 184 Configurations across a fabric 185 Downloading a configuration file from one switch to another same model switch 186 Security considerations 186 Configuration management for Virtual Fabrics 186 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 10
relative path 202 Downloading from USB using the absolute path 202 FIPS support 202 Public and private key management 202 The firmwareDownload command 203 Power-on firmware checksum test 204 Test and restore firmware on switches 204 Testing a different firmware version on a switch 204 Test - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 11
platforms for Virtual Fabrics 222 Supported port configurations in the fixed-port switches. . . .222 Supported port configurations in the Brocade Backbones. . .222 Virtual Fabrics interaction with other Fabric OS features . . . .223 Limitations and restrictions of Virtual Fabrics 224 Restrictions - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 12
In this chapter 269 Traffic Isolation Zoning overview 269 TI zone failover 270 FSPF routing rules and traffic isolation 272 Enhanced TI zones 274 Illegal configurations with enhanced TI zones 275 xii Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 13
settings 301 Enabling bottleneck detection on a switch 302 Excluding a port from bottleneck detection 303 Displaying bottleneck detection configuration details 304 Changing bottleneck parameters 305 Displaying bottleneck statistics 307 Fabric OS Administrator's Guide xiii 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 14
for duplicate FA-PWWNs 330 Configuring FA-PWWNs 330 Configuring an FA-PWWN for an HBA connected to an Access Gateway 331 Configuring an FA-PWWN for an HBA connected to an edge switch 332 Supported switches and configurations for FA-PWWN 333 xiv Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 15
with other Fabric OS features . . .361 Admin Domains, zones, and zone databases 362 Admin Domains and LSAN zones 363 Configuration upload and download in an AD context . . . . . .364 Licensed Features Administering Licensing In this chapter 367 Fabric OS Administrator's Guide xv 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 16
temporary license shelf life 383 Viewing installed licenses 383 Brocade DCX 8510 Backbone family 394 ICL trunking on the Brocade DCX 8510-8 and DCX 8510-4 . .395 ICLs for the Brocade DCX Backbone family 395 ICL trunking on the Brocade DCX and DCX-4S 396 xvi Fabric OS Administrator's Guide - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 17
399 Restrictions for installing monitors 400 Virtual Fabrics considerations for Advanced Performance Monitoring 400 Access Gateway considerations for Advanced Performance Monitoring 401 End-to-end performance monitoring 401 Maximum number of EE monitors 401 Supported port configurations for EE - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 18
traffic prioritization 421 Trunking considerations before you install the Adaptive Networking license 422 Manually disabling QoS on trunked ports 422 groups 435 Supported configurations for trunking 436 High availability support for trunking 436 xviii Fabric OS Administrator's Guide 53- - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 19
. . . . .459 Allocating buffer credits for F_Ports 460 Displaying the remaining buffers in a port group 460 Buffer credits for each switch model 461 Maximum configurable distances for Extended Fabrics . . . . .462 Buffer credit recovery 463 Fabric OS Administrator's Guide xix 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 20
465 FC-FC routing overview 465 License requirements for FC-FC routing 466 Supported platforms for FC-FC routing 466 Supported configurations for FC-FC routing 467 Unsupported configurations for Network OS connectivity . . .467 Fibre Channel routing concepts 468 Proxy devices 471 FC-FC routing - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 21
513 Port Indexing FIPS Support In this appendix 521 FIPS overview 521 Zeroization functions 521 Power-on self tests 522 Conditional tests 522 FIPS mode configuration 523 LDAP in FIPS mode 524 LDAP certificates for FIPS mode 526 Preparing the switch for FIPS 527 Overview of steps - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 22
xxii Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 23
Virtual Fabrics after the swap 52 Principal ISLs 64 New switch added to existing fabric 66 Virtual channels on a QoS-enabled ISL 68 Gateway link merging SANs 69 Single host and target 79 Windows 2000 VSA configuration 101 Example of a Brocade DCT file 108 Example of the dictiona.dcm file - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 24
switch WWNs 345 AD0 and two user-defined Admin Domains, AD1 and AD2 356 AD0 with three zones 356 Minimum configuration for 64 Gbps ICLs 394 DCX-4S allowed ICL connections 396 ICL triangular topology with Brocade DCX 8510-8 chassis 397 64 Gbps ICL core-edge topology 398 Setting end-to-end - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 25
topology 474 Example of setting up Speed LSAN tag 491 LSAN zone binding 494 EX_Ports in a base switch 502 Logical representation of EX_Ports in a base switch 503 Backbone-to-edge routing across base switch using FC router in legacy mode 504 Fabric OS Administrator's Guide xxv 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 26
xxvi Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 27
FA-PWWN when created using lockdown support . . 141 DCC policy behavior when created manually with PWWN 142 SCC policy states 142 FCAP certificate files 151 Supported services 156 Implicit IP Filter rules 157 Default IP policy rules 158 Fabric OS Administrator's Guide xxvii 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 28
Example ISL connections 317 Number of supported NPIV devices 324 AD user types 340 Ports and devices in CLI output 359 Admin Domain interaction with Fabric OS features 361 Configuration upload and download scenarios in an AD context 364 Available Brocade licenses 368 License requirements and - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 29
Configurable distances for Extended Fabrics 462 LSAN information stored in FC option 510 Zeroization behavior 521 FIPS mode restrictions 523 FIPS and non-FIPS modes of operation 524 Active Directory keys to modify 525 Decimal to hexadecimal conversion table 532 Fabric OS Administrator's Guide - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 30
xxx Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 31
your switch configurations. • Chapter 9, "Installing and Maintaining Firmware," provides preparations and procedures for performing firmware downloads. • Chapter 10, "Managing Virtual Fabrics," describes the concepts and provides procedures for using Virtual Fabrics. Fabric OS Administrator's Guide - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 32
not. Although many different software and hardware configurations are tested and supported by Brocade Communications Systems, Inc. for Fabric OS v7.0.1, documenting all possible configurations and scenarios is beyond the scope of this document. xxxiv Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 33
Fabric OS and Brocade Network OS fabrics through FC-FC routing. (Refer to Chapter 24, "Using FC-FC Routing to Connect Fabrics," on page 465.) • Moved the ICL and ICL trunking information to a new chapter, Chapter 19, "Inter-chassis Links," on page 393. Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 34
WWN Boolean. Elements are exclusive. Example: --show -mode egress | ingress Notes, cautions, and warnings The following notices and statements are used in this manual. They are listed below in order of increasing severity of potential hazards. xxxvi Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 35
potentially hazardous to you or cause damage to hardware, firmware, software, or data. DANGER A Danger statement indicates definitions specific to Brocade and Fibre Channel, see the Brocade Glossary. For definitions of SAN-specific terms, Fabric OS Administrator's Guide 53-1002446-01 xxxvii - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 36
://www.t11.org For information about the Fibre Channel industry, visit the Fibre Channel Industry Association website: http://www.fibrechannel.org Getting technical help Contact your switch support supplier for hardware, firmware, and software support, including product repairs and part ordering. To - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 37
you. Forward your feedback to: [email protected] Provide the title and version number of the document and as much detail as possible about your comment, including the topic heading and page number and your suggestions for improvement. Fabric OS Administrator's Guide 53-1002446-01 xxxix - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 38
xl Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 39
the Switch Configuration File" •Chapter 9, "Installing and Maintaining Firmware" •Chapter 10, "Managing Virtual Fabrics" •Chapter 11, "Administering Advanced Zoning" •Chapter 12, "Traffic Isolation Zoning" •Chapter 13, "Bottleneck Detection" •Chapter 14, "In-flight Encryption and Compression - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 40
2 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 41
the time to the member switches in the fabric from either the principal switch or, if configured, the primary fabric configuration server (FCS) switch. Refer to Chapter 7, "Configuring Security Policies," for additional information on FCS policies. Fabric OS Administrator's Guide 3 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 42
different protocol service, Fibre Channel Common Transport (FC-CT), is used. This protocol provides a simple, consistent format and behavior when a service provider is accessed for registration and query purposes. Management server The Brocade Fabric OS management server (MS) allows a SAN management - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 43
Service configuration information as well as database in the entire fabric. Would you like to continue this operation? (yes, y, no, n): [no] y Request to deactivate MS Platform Service in progress...... *Completed deactivating MS Platform Service in the fabric! Fabric OS Administrator's Guide - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 44
management applications. If the list is empty (the default), the management server is accessible to all systems switch-capable. All management server features are supported within a logical switch. Displaying the management server ACL 1. Connect to the switch Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 45
:ce:44 10:00:00:60:69:04:11:24 10:00:00:60:69:04:11:23 21 switch and log in using an account with admin permissions. 2. Enter the msConfigure command. The command becomes interactive. 3. At the "select" prompt, enter 3 to delete a member based on its port/node WWN. Fabric OS Administrator's Guide - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 46
Enter to update the nonvolatile memory and end the session. Example of deleting a member from the management server ACL switch:admin> msconfigure 0 Done 1 Display the M.A.: 1 Associated Management Addresses: [30] "http://java.sun.com/products/1" 8 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 47
Discovery Service in progress.... *MS Topology Discovery enabled locally. switch:admin> mstdenable ALL Request to enable MS Topology Discovery Service in progress.... *MS Topology Discovery enabled locally. *MS Topology Discovery Enable Operation Complete!! Fabric OS Administrator's Guide 9 53 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 48
the fabric. Once storage and host devices are powered on and connected, the following logins occur: 1. FLOGI-Fabric Login command establishes a 24-bit address for the device logging in, and establishes buffer-to-buffer credits and the class of service supported. 2. PLOGI-Port Login command logs the - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 49
then it exchanges service parameters with the fabric controller. A successful FLOGI sends back the 24-bit address for are as follows: • U_Port - A universal FC port is the base Fibre Channel port type, and all unidentified or uninitiated switches. Fabric OS Administrator's Guide 11 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 50
has changed. • A switch name has changed or an IP address has changed. • Nodes leaving or joining the fabric, such as zoning, powering on or shutting down a device, or zoning changes. NOTE Fabric reconfigurations with no domain change do not cause an RSCN. 12 Fabric OS Administrator's Guide 53 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 51
Fibre Channel standards, the Port World Wide Name (PWWN) of a device cannot overlap with that of another device, thus having duplicate PWWNs within the same fabric is an illegal configuration . Device Recovery To recover reboot the switch at Supportability Administrator's Guide 13 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 52
automatically restarted (Continued) Description webd Webserver daemon used for WebTools (includes httpd as well). weblinkerd Weblinker daemon provides an HTTP interface to manageability applications for switch management and fabric discovery. 14 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 53
can also use the following methods to configure a SAN: • Web Tools For Web Tools procedures, refer to Web Tools Administrator's Guide. • Brocade Network Advisor For additional information, refer to the Brocade Network Advisor User Manual for the version you have. • A third-party application using - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 54
configurations and scenarios is beyond the scope of this document. In some cases, earlier releases are highlighted to present considerations for interoperating with them. The hardware reference manuals for Brocade products describe how to power up devices and set their IP addresses. After the IP - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 55
configure the network interface on a DHCP-enabled switch, plug the switch into the network and power it on. The DHCP client automatically gets the IP switch's network interface is configured and that it is connected to the IP network through the RJ-45 Ethernet port. Fabric OS Administrator's Guide - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 56
the Ethernet port can be managed through switches that are using IP over Fibre Channel. The embedded port must have an assigned IP address. 3. Log off the switch's serial port. 4. From a management station, open a Telnet connection using the IP address of the switch to which you want to connect. The - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 57
the root and factory accounts are not meant for general use, change their passwords if prompted to do so and save the passwords in case they are needed for recovery purposes. Changing the default account passwords at login 1. Connect to the switch and log in using the default administrative account - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 58
switch. You can use either Dynamic Host Configuration Protocol (DHCP) or static IP addresses for the Ethernet network interface configuration. On Brocade Backbones, you must set IP IP addresses are assigned. IPv4 addresses assigned to individual Virtual Fabrics are assigned to IP over Fibre Channel - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 59
:69bc:70::3 If the Ethernet IP address, subnet mask, and gateway address are displayed, then the network interface is configured. Verify the information on your switch is correct. If DHCP is a network prefix length) to set up your IP addresses. Fabric OS Administrator's Guide 21 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 60
for IPv6. 4. Enter the Ethernet Subnetmask at the prompt. 5. Skip the Fibre Channel prompts by pressing Enter. The Fibre Channel IP address is used for management. 6. Enter the Gateway Address at the prompt. 7. Disable DHCP by entering off. 22 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 61
has been configured releases the current Ethernet network interface settings, including Ethernet IP address, Ethernet subnet mask, and gateway IP address. The Fibre Channel IP address and subnet mask are static and are not affected by DHCP; for instructions on setting the FC IP address, see - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 62
[255.255.255.0]: Fibre Channel IP Address [220.220.220.2]: Fibre Channel Subnetmask [255.255.0.0]: Gateway IP Address [10.1.2.1]: DHCP [Off]:on Disabling DHCP When you disable DHCP, enter the static Ethernet IP address and subnet mask of the switch and default gateway address. Otherwise, the - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 63
, because the date and time are used for logging, error detection, and troubleshooting, you must set them correctly. In a Virtual Fabric, there can be a maximum of eight logical switches per Backbone. Only the default switch in the chassis can update the hardware clock. When the date command is - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 64
the time zones supported in the firmware. • Set the time zone based on a country and city combination or based on a time zone ID, such as PST. The time zone setting has the following characteristics: • Users can view the time zone settings. However, only those with administrative permissions can set - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 65
all of the time zones supported by the firmware. • Use timeZone_fmt to FCS switch. Changes to the clock server value on the principal or primary FCS switch are propagated to all switches in the fabric. In a Virtual Fabric, all the switches in the fabric must have the same NTP clock server configured - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 66
the IP address or DNS name of the first NTP server, which the switch must be able to access. The second variable, ntp2, is the second NTP server and is optional. The operand "ntp1;ntp2" is optional; by default, this value is LOCL, which uses the local clock of the principal or primary FCS switch as - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 67
FC IP Addr The switch Fibre Channel IP address. Name The switch symbolic or user-created name in quotes. Setting the domain ID 1. Connect to the switch and log in on an account assigned to the admin role. 2. Enter the switchDisable command to disable the switch. Fabric OS Administrator's Guide - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 68
the underscore ( _ ).? Customizing chassis names 1. Connect to the switch and log in using an account assigned to the admin role. 2. Enter the chassisName command. ecp:admin> chassisname newname 3. Record the new chassis name for future reference. 30 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 69
, it must be configured after the upgrade. Config file upload and download considerations for fabric names A new key, "fabric name" is added to store the user configuration. You can only configure fabric names using config download when the switch is offline. Fabric OS Administrator's Guide 31 53 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 70
2. Enter the switchEnable command. All Fibre Channel ports that passed Power On Self Test (POST) are enabled. If the switch has inter-switch links (ISLs) to a fabric, it joins the fabric. Switch and Backbone shutdown To avoid corrupting your file system, Brocade recommends that you perform graceful - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 71
blade 12 Shutting down the blade.... Broadcast message from root (pts/0) Fri Oct 10 08:36:48 2008... The system is going down for system halt NOW !! 4. Power off the switch. Basic connections Before connecting a switch to a fabric that contains switches running different firmware versions, you - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 72
connection See the hardware reference manual of your specific switch for ISL connection and cable management information. The standard or default ISL mode is L0. distance inter-switch links, refer to Chapter 23, "Managing Long Distance Fabrics". 34 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 73
54 •Track and control switch changes 55 •Audit log configuration 58 •Configuring FLOGI-time handling of duplicate PWWN 60 PIDs and PID binding overview Port identifiers (PIDs, also called Fabric Addresses) are used by the routing and zoning services in Fibre Channel fabrics to identify ports in - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 74
command supports addresses from 0x00 to 0x8F. NOTE The default switch in the Brocade Backbones switch and thereafter it is persistently maintained. • PIDs are assigned in each logical switch starting with 0xFFC0, and can go to 0x8000 in the case of 64-port blades. 36 Fabric OS Administrator's Guide - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 75
is not guaranteed to be equal to the port area ID. 256-area addressing mode This configurable addressing mode is available only in a logical switch on the Brocade Backbone. In this mode, only 256 ports are supported and each port receives a unique 8-bit area address. This mode can be used in FICON - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 76
based PID assignment is disabled by default and is supported in the default switch on the Brocade DCX and DCX 8510 Backbone families. This feature is not supported on application blades such as the FS8-18, FX8-24, and the FCOE10-24. The total number of ports in the default switch must be 256 or less - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 77
blades are used for Fibre Channel Application Services and Routing Services, FCIP, Converged Enhanced Ethernet, and encryption support. NOTE On each port blade, a particular port must be represented by both slot number and port number. The Brocade DCX and DCX 8510-8 each have 12 slots that contain - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 78
and 18-port blades with 16 FC ports and 2 GbE ports, or supported only on ports 0-15. To determine the area ID of a particular port, enter the switchShow command. This command displays all ports on the current (logical) switch and their corresponding area IDs. 40 Fabric OS Administrator's Guide - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 79
way to ensure uniqueness. A number of fabric-wide databases supported by Fabric OS (including ZoneDB, the ACL DDC, and switch ports must be disabled. The swapped area IDs for the two ports remain persistent across reboots, power cycles, and failovers. Brocade Administrator's Guide 41 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 80
deactivation By default, all licensed power cycle or a switch reboot. To ensure the port remains enabled, use the portCfgPersistentEnable command as shown in the following instructions . If you change port configurations during a switch failover, the ports may Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 81
of port decommissioning: • The local switch and the remote switch on the other end of the E_Port must both be running Fabric OS 7.0.0 or later. • Port decommissioning is not supported on links configured for encryption or compression. • Port decommissioning is not supported on ports with DWDM, CWDM - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 82
switch. 1. Connect to the switch and log in using an account with admin permissions. 2. Enter the portCfgOctetSpeedCombo command. Example The following example configures the ports in the first octet for combination 3 (support a CR16-8 core blade. 44 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 83
Brocade DCX and Brocade DCX 8510 Backbone families support loop devices on 64-port blades in a Virtual Fabric-enabled environment. The loop devices can only be attached to ports on a 64-port blade that is not a part of the default logical switch . Fabric OS Administrator's Guide 45 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 84
that provides Converged Enhanced Ethernet to bridge a Fibre Channel and Ethernet SAN. Ports are numbered from 0 through 11 from bottom to top on the left set of ports and 12 through 23 from bottom to top on the right set of ports. FX8-24 75 Yes Yes 12 FC 10 1-GbE 2 10-GbE Extension blade with - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 85
version. For more information on maintaining firmware in your Backbone, refer to Chapter 9, "Installing and Maintaining Firmware". Core blades Core blades provide intra-chassis switching and ICL connectivity, between DCX/DCX-4S platforms and between DCX 8510 platforms. • Brocade DCX supports - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 86
pre-conditions • When Virtual Fabrics is enabled (regardless of whether the FR4-18i or FX8-24 blade is in the default switch), replacing an FR4-18i with an FX8-24 (and vice-versa) without rebooting or power cycling the chassis will fault the blade with reason code 91. However, after blade removal - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 87
the power-on you must persistently enable the ports manually. For instructions on how to manually persistently 24 blade is replaced by an FR4-18i blade, the current port configuration continues to be used, and all ports on the FR4-18i blade are persistently disabled. Fabric OS Administrator's Guide - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 88
. • Blade swapping is not supported when swapping to a different model of blade or a different port count. For example, you cannot swap an FC8-32 blade with an FC8-48 port blade. NOTE This feature is not supported on the FX8-24 DCX Extension blade. 50 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 89
operation: • Blade technology. Both blades must be of compatible technology types (for example, Fibre Channel to Fibre Channel, Ethernet to Ethernet, application to application, and so on). • Port count. Both blades must support the same number of front ports (for example, 16 ports to 16 ports, 32 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 90
4 shows Virtual Fabrics, where the blades can be carved up into different logical switches as long as they are carved the same way. If slot 1 and slot 2 ports 0-7 are all interrupted and the ports are set back to their original configurations. 52 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 91
blade to the destination blade. 4. Enter the bladeEnable command on the destination blade to enable all user ports. Power management All blades are powered on by default when the switch chassis is powered on. Blades cannot be powered off when POST or AP initialization is in progress. To manage - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 92
switch and log in using an account with admin permissions. 2. Enter the chassisShow command to verify the model current status of the switch power supplies. Refer to the hardware reference manual of your system to 12 AP BLADE 24 FR4-18i ENABLED 54 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 93
and storage are connected. 3. Optional: Enter the nsShow command to verify devices, hosts, and storage have successfully registered with the name server. 4. Enter the nsAllShow command to display the 24-bit Fibre Channel addresses of all devices in the fabric. switch:admin> nsallshow { 010e00 012fe8 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 94
pass the MARGINAL or DOWN threshold to change the overall status of the switch. For more information about setting policy parameters, see the Fabric Watch Administrator's Guide. 1. Connect to the switch and log in using an account with admin permissions. 2. Enter the switchStatusPolicyShow command - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 95
switchStatusPolicyShow command to view your current switch status policy configuration. Example output from a switch The following example displays what is typically seen from a Brocade switch, but the quantity and types vary by platform. switch:admin> switchstatuspolicyshow To change the overall - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 96
SANs you may want to audit certain classes of events to ensure that you can view and generate an audit log for what is happening on a switch, particularly for security-related event changes. These events include login failures, zone configuration changes, firmware downloads, and other configuration - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 97
the auditCfg --enable command, which enables audit event logging based on the classes configured in step 2. switch:admin> auditcfg --enable Audit filter is enabled. To disable an audit event configuration, enter the auditCfg --disable command. Fabric OS Administrator's Guide 59 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 98
IP Addr: 10.3.220.13. Configuring FLOGI-time handling of duplicate PWWN Fabric OS has two configurable options for handling duplicate PWWN conflicts occurring on the same switch. • Existing login takes precedence over second login (default Found. 60 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 99
switchDisable command to disable the switch. 3. Enter the configure command. 4. Enter y after the F-Port login parameters prompt. F-Port login parameters (yes, y, no, n): [no] y 5. Enter 1 at the Enforce FLOGI/FDISC login prompt to select the optional behavior for handling duplicate PWWNs. Enforce - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 100
3 Configuring FLOGI-time handling of duplicate PWWN 62 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 101
Redirection 78 Routing overview Data moves through a fabric from switch to switch and from storage to server along one or more paths supports unicast Class 2 and 3 traffic, multicast, and broadcast traffic. Broadcast and multicast are supported in Class 3 only. Fabric OS Administrator's Guide - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 102
progresses, it builds a spanning tree rooted on the principal switch. Frames are only sent on the principal ISLs switch is used as the principal ISL. Figure 5 shows the thick red lines as principal ISLs, and thin green lines as regular ISLs. FIGURE 5 Principal ISLs 64 Fabric OS Administrator's Guide - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 103
with private addresses when a packet is routed from the public network to the private network. The Fibre Channel routing equivalent to this IP-NAT is the Fibre Channel network address translation (FC-NAT). Using FC-NAT, the proxy devices in a fabric can have PIDs that are different from the real - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 104
. If the fabric service is enabled in the fabric, then the switch you are introducing into the fabric must also have it enabled. If you experience a segmented fabric, refer to the Fabric OS Troubleshooting and Diagnostics Guide to fix the problem. 66 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 105
so an end-to-end flow control is used on the switch. Flow control in Fibre Channel uses buffer-to-buffer credits, which are distributed by the switch. When to sixteen buffer credits from the switch, depending on the device type, driver version, and configuration. This determines the maximum number of - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 106
on a QoS-enabled ISL Gateway links A gateway merges SANs into a single fabric by establishing point-to-point E_Port connectivity between two Fibre Channel switches that are separated by a network with a protocol such as IP or SONET. Except for link initialization, gateways are transparent to - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 107
Fabrics licensed feature) are not supported through gateway links. Configuring a link through a gateway 1. Connect to the switch at one end of the gateway and log the gateway. 4. Repeat this procedure on the switch at the other end of the gateway. Fabric OS Administrator's Guide 69 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 108
routing (3) with the additional AP dedicated link policy. switch:admin> aptpolicy Current Policy: 3 1(ap) 3 0(ap): Default Policy 1: Port Based Routing Policy 3: Exchange Based Routing Policy 0: AP Shared Link Policy 1: AP Dedicated Link Policy 70 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 109
end FC routers only: When an FC router switch is using applies to the VE_Ports as well. For more information on VE_Ports, refer to the Fibre Channel over IP Administrator's Guide. AP route policy Two additional AP policies are supported under exchange-based routing: • AP Shared Link policy (default - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 110
port-based, is configured on a per-logical switch basis. In-order delivery (IOD) and DLS settings are set per logical switch as well. IOD and DLS settings for the base switch affect all traffic going data packets always follow a predetermined path. 72 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 111
requires DLS to be enabled by default. In addition, the Lossless option is enabled. Frame loss is resetting DLS switch:admin> dlsshow DLS is not set switch:admin> dlsset switch:admin> dlsshow DLS is set switch:admin> dlsreset switch:admin> dlsshow DLS is not set Fabric OS Administrator's Guide - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 112
of order, regardless of the policy configured on other switches in the fabric. NOTE Some devices delivery, but some do not. By default, out-of-order frame-based delivery is switch and log in using an account with admin permissions. 2. Enter the iodReset command. 74 Fabric OS Administrator's Guide - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 113
Brocade FC8-32E and FC8-48E port blades • Brocade FX8-24 application blades in the Brocade DCX and DCX-4S Backbones On the Brocade 7800 switch and the FX8-24 application blade, Lossless DLS is supported only on FC-to-FC . If the end device also requires Administrator's Guide 75 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 114
configuration of the Brocade DCX 8510-8 and DCX 8510-4 hardware to prevent frame loss during a core blade removal and insertion. This feature is on by default and cannot be disabled. Lossless core has the following limitations: • Only supported with IOD disabled, which means Lossless core cannot - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 115
optional on logical switches in Virtual Fabrics. If you enable this feature, it must be on a per-logical switch basis and can affect other logical switches is configurable only on 16 Gbps-capable switches (Brocade 6505, 6510, and Brocade DCX 8510 Backbone family). Fabric OS Administrator's Guide 77 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 116
switches in the fabric that support Frame Redirection. Redirection zones exist only in the defined configuration and cannot be added to the effective configuration. NOTE Fabric OS v7.0.1 is not supported on the Brocade 7600 or Brocade virtual PIDs. 78 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 117
run, the following zone objects are created by default: • The base zone object, "red_______base". • The redirect (RD) zone configuration, "r_e_d_i_r_c__fg". NOTE Frame redirect zones are not supported with D or I initiator target zones. 1. Connect to the switch and log in using an account with admin - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 118
4 Frame Redirection Viewing redirect zones 1. Connect to the switch and log in using an account with admin permissions. 2. Enter the cfgShow command. 80 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 119
policies 89 •The boot PROM password 93 •The authentication model using RADIUS and LDAP 97 User accounts overview In addition to the default permissions assigned to the following roles: root, factory, admin, and user, Fabric OS supports up to 252 additional user accounts on the chassis. These - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 120
for authenticating users-remote RADIUS services, remote LDAP service, and the local switch user database. All options allow users to be centrally managed using the following methods: • Remote RADIUS server: Users are managed in a remote RADIUS server. All switches in the fabric can be configured to - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 121
to roles. TABLE 12 Permission types Abbreviation Definition Description O Observe The user can run commands using options that display information only, such as running userConfig --show -a to show all users on a switch. M Modify The user can run commands using options that create, change - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 122
of the Fabric OS default roles, any other user-defined role, or any existing user account name. The user-defined role. You can also use the classConfig --showroles command to see that the role was indeed added with Observe permission for the security commands: 84 Fabric OS Administrator's Guide - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 123
activities. Default accounts Table 14 lists the predefined accounts offered by Fabric OS available in the local switch user database. The password for all default accounts should be changed during the initial installation and configuration for each switch. Fabric OS Administrator's Guide 85 53 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 124
1 through 128 • Default home logical switch to 128 • Admin role permissions • Admin chassis role permissions 3. In response to the prompt, enter a password for the account. The password is not displayed when you enter it on the command line. 86 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 125
to Chapter 17, "Managing Administrative Domains". 1. Connect to the switch and log in using an account with admin permissions. 2. Enter the userConfig --change command. Local account passwords The following rules apply to changing passwords: • Users can change their own passwords. • To change the - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 126
default logical switch, then distributing the password database to switches is not supported. If the distribute command is issued from a pre-Fabric OS v6.2.0, switches running Fabric OS v6.2.0 or later will reject it. Distributing the password database to switches is not allowed if there are users - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 127
in this section apply to the local switch user database only. Configured password policies (and all user account attribute and password state information) are synchronized across CPs and remain unchanged after an HA failover. Password policies can also be manually distributed across the fabric (see - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 128
used passwords. The password history policy is not enforced when an administrator sets a password for another user; instead, the user's password history is preserved and the password set by the administrator is recorded in the user's password history. 90 Fabric OS Administrator's Guide 53 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 129
not enforced when an administrator changes the password for another user. • MaxPasswordAge Specifies the maximum number of days that can elapse before a password must be changed, and is also known as the password expiration period. MaxPasswordAge values range from 0 to 999. The default value is zero - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 130
lockout policy to prevent them from being locked out from a denial of service attack. However these privileged accounts may then become the target of password guessing attacks. Audit logs should be examined to monitor if such attacks are attempted. 92 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 131
boot PROM password for a switch with a recovery string This procedure applies to the following switch models: Brocade 300, 5410, 5424, 5450, 5460, 5470, 5480, 5100, 5300, 65,10, 7800, 8000, and 8510 switches. If your switch is not listed, please contact your switch support provider for instructions - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 132
NOT set. Please set it now. • If a password was previously set, the following messages display: Send the following string to Customer Support for password recovery: afHTpyLsDo1Pz0Pk5GzhIw== Enter the supplied recovery password. Recovery Password: 94 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 133
switch model. Setting the boot PROM password for a switch without a recovery string This procedure applies to the fixed-port switch models. The password recovery instructions contained within this section are only for the switches listed. If your switch is not listed, contact your switch support - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 134
command to save the new password. 8. Reboot the switch by entering the reset command. Setting the boot PROM password for a Backbone without a recovery string This procedure applies to the Brocade DCX and DCX-4S Backbones. On the Brocade DCX Backbone, set the password on the standby CP blade - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 135
high availability. NOTE To recover lost passwords refer to the Fabric OS Troubleshooting and Diagnostics Guide. The authentication model using RADIUS and LDAP Fabric OS supports the use of either the local user database and the remote authentication dial-in user service (RADIUS) at the same time; or - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 136
RADIUS or LDAP support or configuration, authentication uses the switch's local account names and passwords. Table 15 outlines the aaaConfig command options used to set up the authentication mode. TABLE 15 Authentication configuration options aaaConfig options Description Equivalent setting in - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 137
the assigned switch role in a Brocade Vendor-Specific Attribute (VSA). If the response does not have a VSA permissions assignment, the User role is assigned. If no Administrative Domain is assigned, then the user is assigned to the default Admin Domain AD0. You can set a user password expiration - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 138
of the assigned role and other supported attribute values such as Admin Domain member list. Fabric OS users on the RADIUS server All existing Fabric OS mechanisms for managing local switch user accounts and passwords remain functional when the switch is configured to use RADIUS. Changes made to - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 139
Auth-Type := Local, User-Password == "myPassword" Brocade-Auth-Role = "admin", Brocade-AVPairs1 = "HomeLF=70", Brocade-AVPairs2 = "LFRoleList=admin:2,4-8,70,80,128;ChassisRole=admin", Brocade-Passwd-ExpiryDate = "11/10/2011", Brocade-Passwd-WarnPeriod = "30" Fabric OS Administrator's Guide 101 53 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 140
, with ADList 1, 2, 4, 5, 6, 7, 8, 9, 12, 20 and HomeAD 2. user-opr Auth-Type := Local, User-Password == "password" Brocade-Auth-Role = "operator", Brocade-AVPairs1 = "ADList=1,2;HomeAD=2", Brocade-AVPairs2 = "ADList=-4-8,20;ADList=7,9,12" 102 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 141
to take effect. FreeRADIUS installation places the configuration files in $PREFIX/etc/raddb. By default, the PREFIX is /usr/local. Configuring RADIUS service on Linux consists of the following tasks: • Adding the Brocade attribute to the server • Creating the user • Enabling clients Adding the - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 142
information service (NIS) for authentication, the only way to enable authentication with the password file is to force the Brocade switch to authenticate using password authentication protocol (PAP); this requires the -a pap option with the aaaConfig command. 104 Fabric OS Administrator's Guide - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 143
and instructions on installing IAS, refer to the Microsoft website. 2. Enabling the Challenge Handshake Authentication Protocol (CHAP) If CHAP authentication is required, then Windows must be configured to store passwords with reversible encryption. Reverse password encryption is not the default - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 144
Authentication Service window, add additional policies for all Brocade login types for which you want to use the RADIUS server. After this is done, you can configure the switch. NOTE Windows 2008 RADIUS (NPS) support is also available. RSA RADIUS server Traditional password-based authentication - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 145
Server must remain in the installation directory. Do not move the files to other locations on your computer. Add Brocade-VSA macro and define the attributes as follows: • vid (Vendor-ID): 1588 • type1 (Vendor-Type): 1 • len1 (Vendor-Length): >=2 Fabric OS Administrator's Guide 107 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 146
@axc.dct @bandwagn.dct @brocade.dct - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 147
administrator prior to configuration for any special needs your network environment may have. Following is the overview of the process used to set up LDAP: 1. If your Windows Active Directory server for LDAP needs to be verified by the LDAP client (that is, the Brocade switch), then you must install - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 148
one of the default roles available on the switch. 4. Associate the user to the group by adding the user to the group. For instructions on how to create a user refer to www.microsoft.com or Microsoft documentation to create a user in your Active Directory. 5. Add the user's Administrative Domains or - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 149
> Administrative Tools> ADSI.msc ADSI is a Microsoft Windows Resource Utility. This will need to be installed to proceed with the rest of the setup. For Windows 2003, this utility comes with Service Pack 1 or you can download this utility from the Microsoft website. 2. Go to CN=Users. 3. Right - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 150
that users can still log in to the switch in the event of a failover. RADIUS or LDAP configuration is chassis-based configuration data. On platforms containing multiple switch instances, the configuration applies to all instances. The configuration is persistent across reboots and firmware downloads - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 151
can log in to the default switch accounts (admin and user) or any user-defined account. You must know the passwords of these accounts. When the command succeeds, the event log indicates that local database authentication is disabled or enabled. Fabric OS Administrator's Guide 113 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 152
5 The authentication model using RADIUS and LDAP 114 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 153
Shell (SSH) protocol. Configuration upload and download support the use of SCP. SNMP is used in network management systems to monitor network-attached devices for conditions that warrant administrative attention. Supports SNMPv1, v2, and v3. Fabric OS Administrator's Guide 115 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 154
allow the remote computer to authenticate the user, if necessary. SSL Fabric OS uses secure socket layer (SSL) to support HTTPS. A certificate must be generated and installed on each switch to enable SSL. Supports SSLv3, 128-bit encryption by default. Table 19 describes additional software or - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 155
prompt. Example of setting up SCP for configUpload/download switch:admin> configure Not all options will be available on an enabled switch. To disable the switch, use the "switchDisable" command. Configure... System services (yes, y, no, n): [no] n ssl attributes (yes, y, no, n): [no] n http - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 156
commands, or performing firmware download. Both password and public key authentication can coexist on the switch. Allowed-user For outgoing authentication, the default admin user must set up the allowed-user with admin permissions. By default, the admin is the configured allowed-user. While creating - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 157
keys. You will be prompted to enter the name of the user whose the public keys you want to delete. Enter all to delete public keys for all users. For more information on IP Filter policies, refer to Chapter 7, "Configuring Security Policies". Fabric OS Administrator's Guide 119 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 158
find the Java version that is currently running, open the Java console and look at the first line of the window. For more details on levels of browser and Java support, see the Web Tools Administrator's Guide. SSL configuration overview You configure for SSL by obtaining, installing, and activating - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 159
the certificate. Once the certificate is loaded on the switch, HTTPS starts automatically. 6. If necessary, install the root certificate to the browser on the management workstation. 7. Add the root certificate to the Java Plug-in keystore on the management workstation. Certificate authorities - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 160
, you can select it; otherwise, select ftp. Enter the IP address of the switch on which you generated the CSR. Enter the remote directory name of the FTP server to which the CSR is to be sent. Enter your account name and password on the server. 122 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 161
is saved, and enter your login name and password. Example of installing a switch certificate switch:admin> seccertutil import -config swcert -enable https Select protocol [ftp or scp]: ftp Enter IP address: 192.10.11.12 Enter remote directory: path_to_remote_directory Enter certificate name (must - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 162
6. Click Open and follow the instructions to import the certificate. Root certificates for the Java Plug-in For information on Java requirements, see "Browser and Java support" on page 120. This procedure is a guide for installing a root certificate to the Java Plug-in on the management workstation - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 163
default password and RootCert is an example root Brocade switches specifically. • FibreAlliance MIB trap Associated with the FibreAlliance MIB (FA-MIB), this MIB manages SAN switches and devices from any company that complies with FibreAlliance specifications. Fabric OS Administrator's Guide - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 164
match with any of the existing Fabric OS local users have a default RBAC role of admin with the SNMPv3 user access control of read/write. Their SNMPv3 user logs in with an access control of read-only. Both user types will have the default switch as their home Virtual Fabrics. The contextName field - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 165
MIB files, naming conventions, loading instructions, and information about using the Brocade SNMP agent, see the Fabric OS MIB Reference. Telnet protocol Telnet is enabled by default. To prevent passing clear text passwords over the network when connecting to the switch, you can block the Telnet - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 166
any tcp 111 6 any tcp 80 7 any tcp 443 8 any udp 161 9 any udp 111 10 any udp 123 11 any tcp 600 - 1023 12 any udp 600 - 1023 Action permit permit permit permit permit permit permit permit permit permit permit permit 128 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 167
Disabled Ports and applications used by switches If you are using the FC-FC Routing Service, be aware that the secModeEnable command is not supported. Table 23 on page 130 lists the defaults for accessing hosts, devices, switches, and zones. Fabric OS Administrator's Guide 129 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 168
FC port in the fabric. Any switch can join the fabric. All switches in the fabric can be accessed through a serial port. No zoning is enabled. Port configuration Table 24 provides information on ports that the switch uses. When configuring the switch service Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 169
: • Fabric configuration server (FCS) policy - Used to restrict which switches can change the configuration of the fabric. • Device connection control (DCC) policies - Used to restrict which Fibre Channel device ports can connect to which Fibre Channel switch ports. • Switch connection control - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 170
-defined Admin Domains. Both AD0 (when no other user-defined Admin Domains exist) and AD255 provide an unfiltered view of the fabric. Virtual Fabric considerations: ACL policies such as DCC, SCC, and FCS can be configured on each logical switch. The limit for security policy database size is set to - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 171
policies are automatically deleted if the you log out without saving them. 1. Connect to the switch and log in using an account with admin permissions, or an account with O permission for policy deletion by entering the secPolicyActivate command. Fabric OS Administrator's Guide 133 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 172
SCC_POLICY using the switch WWN: switch:admin> secpolicyadd "SCC_POLICY", "12:24:45:10:0a: switch and log in using an account with admin permissions, or an account with OM permissions for the Security RBAC class of commands. 2. Enter the secPolicyAbort command. 134 Fabric OS Administrator's Guide - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 173
a Primary FCS, backup FCS, or non-FCS switch. Only the Primary FCS switch is allowed to modify and distribute the database within the fabric. Automatic distribution is supported and you can either configure the switches in your fabric to accept the FCS policy or manually distribute the FCS policy - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 174
of creating an FCS policy The following example creates an FCS policy that allows a switch with domain ID 2 to become a primary FCS and domain ID 4 to become a backup FCS: switch:admin> secpolicycreate "FCS_POLICY", "2;4" FCS_POLICY has been created 136 Fabric OS Administrator's Guide 53-1002446 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 175
of the FCS policy, refer to "Database distribution settings" on page 161. Database distributions may be initiated from only the Primary FCS switch. FCS policy configuration and management is performed using the command line or a manageability interface. Fabric OS Administrator's Guide 137 53 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 176
such as SCSI routers and loop hubs. By default, all device ports are allowed to connect to all switch ports; no DCC policies exist until they are created. For information regarding DCC policies and F_Port trunking, refer to the Access Gateway Administrator's Guide. Each device port can be bound to - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 177
, and the switch port identification. The following methods of specifying an allowed connection are possible: • deviceportWWN;switchWWN (port or area number) • deviceportWWN;domainID (port or area number) • deviceportWWN;switchname (port or area number) Fabric OS Administrator's Guide 139 53 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 178
for the Security RBAC class of commands. 2. Enter the secPolicyDelete command. Example of deleting stale DCC policies switch:admin> secpolicydelete ALL_STALE_DCC_POLICY About to clear all STALE DCC policies ARE YOU SURE (yes, y, no, n): [no] y 140 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 179
support. TABLE 30 DCC policy behavior with FA-PWWN when created using lockdown support Configuration manually with the physical PWWN of a device. The configurations shown in this table are the recommended configurations when an FA-PWWN is logged into the switch. Fabric OS Administrator's Guide - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 180
SCC policy can be created. By default, any switch is allowed to join the fabric; the SCC policy does not exist until it is created. When connecting a Fibre Channel router to a fabric or switch that has an active SCC policy, the front domain of the Fibre Channel router must be included in the SCC - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 181
authentication, unless ports are configured for in-flight encryption, in which case authentication defaults to DH-CHAP if both switches are configured to accept the DH-CHAP protocol in authentication. To use FCAP on both switches, PKI certificates have to be installed. NOTE The fabric authentication - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 182
. The AUTH policy is distributed by command; automatic distribution of the AUTH policy is not supported. The default configuration directs the switch to attempt FCAP authentication first, DH-CHAP second. The switch may be configured to negotiate FCAP, DH-CHAP, or both. The DH group is used in the DH - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 183
not supported on logical ports ". For more information on Virtual Fabrics, refer to Chapter 10, "Managing Virtual Fabrics". Configuring E_Port authentication 1. Connect to the switch and (yes, y, no, n): [no] y Auth Policy is set to ACTIVE Fabric OS Administrator's Guide 145 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 184
Fibre Channel driver rejects all other ELS frames. The F_Port does not form until the AUTH_NEGOTIATE is completed. It is the HBA's responsibility to send an Authentication Negotiation ELS frame after receiving the FLOGI accept frame with the FC-SP bit set. 146 Fabric OS Administrator's Guide 53 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 185
support authentication: • Emulex LP11000 (Tested with Storport Miniport v2.0 windows driver) • Qlogic QLA2300 (Tested with Solaris v5.04 driver) • Brocade Fibre Channel HBA models 415, 425, 815 and 825 • Brocade HBAs BR-1741M-k, BR-1020, and BR-1007 • BR-1860 Fabric Adapter Fabric OS Administrator - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 186
have not configured shared secrets or certificates, and authentication is checked (for example, you enable the switch), then switch authentication fails. If the E_Port is to carry in-flight encrypted traffic, the authentication protocol must be set to DH-CHAP. You must also use the -g option to set - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 187
configure the switches at both ends of a link to use DH-CHAP for authentication, you must also define a secret key pair-one for each end switch specification, peer secret entry, and local secret entry. To exit the loop, press Enter for the switch name; then type y. Fabric OS Administrator's Guide - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 188
, the user has to perform following steps: 1. Choose a certificate authority (CA). 2. Generate a public, private key, passphrase and a CSR on each switch. 3. Store the CSR from each switch on a file server. 4. Obtain the certificates from the CA. 150 Fabric OS Administrator's Guide 53-1002446 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 189
files as outlined in "FCAP configuration overview" on page 150. 1. Log in to the switch using an account with admin switch:admin> seccertutil export -fcapswcert Select protocol [ftp or scp]: scp Enter IP address: 10.1.2.3 Enter remote directory: /myHome/jdoe/OPENSSL Fabric OS Administrator's Guide - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 190
to start the authentication using the newly imported certificates. 3. Enter the authUtil --policy -sw command and select active or on, the default is passive. This makes the changes permanent and forces the switch to request authentication. 152 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 191
Auth policy The AUTH policy can be manually distributed to the fabric by command; there is no support for automatic distribution. To distribute the AUTH policy, see "Distributing the local ACL policies" on page 162 for instructions. Local Switch configuration parameters are needed to control whether - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 192
of the same type. Activating the default IP Filter policies returns the IP management interface to its default state. An IP Filter policy without any rule cannot be activated. This subcommand prompts for a user confirmation before proceeding. 154 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 193
. An active IP Filter policy cannot be deleted. 1. Log in to the switch using an account 24 represents a 24-bit IPv4 prefix starting from the most significant bit. The special prefix 0.0.0.0/0 matches any IPv4 address. In addition, the keyword any is supported Administrator's Guide 155 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 194
from a switch. A valid port number range is represented by a dash, for example 7-30. Alternatively, service names can also be used instead of port number. Table 34 lists the supported service names and https 443 ssmtp 465 exec 512 login 513 156 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 195
so that management IP traffic initiated from a switch, such as syslog, radius and ftp, is not affected. TABLE 35 Implicit IP Filter rules Source address Destination port Protocol Action Any 1024-65535 TCP Permit Any 1024-65535 UDP Permit Fabric OS Administrator's Guide 157 53-1002446 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 196
interface with the changed IP address. NOTE If a switch is part of a LAN behind a Network Address Translation (NAT) server, depending on the NAT server configuration, the source address in an IP Filter rule may have to be the NAT server address. 158 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 197
transaction is aborted. The IPFilter policy can be manually distributed to the fabric by command; there is no support for automatic distribution. To distribute the IPFilter policy, see "Distributing the local ACL policies" on page 162 for instructions. Switches with Fabric OS v6.2.0 or later have - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 198
and are configured on a per logical switch basis. Table 37 on page 161 explains how the local database distribution settings and the fabric-wide consistency policy affect the local database when the switch is the target of a distribution command. 160 Fabric OS Administrator's Guide 53-1002446 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 199
. Table 38 lists the databases supported in Fabric OS v6.2.0 and later switches. TABLE 38 Supported policy databases Database type Database identifier (ID) Authentication policy database DCC policy database FCS policy database IP Filter policy database Password database SCC policy database AUTH - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 200
7 Policy database distribution Example shows the database distribution settings switch:admin> fddcfg --showall Local Switch Configuration for all Databases:- DATABASE - Accept/Reject SCC - accept DCC - accept PWD - accept FCS - accept AUTH - accept IPFILTER - accept Fabric Wide - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 201
database_id option, both switch:admin> fddcfg --showall Local Switch Configuration for all Databases:- DATABASE - Accept/Reject SCC - accept DCC - accept PWD - accept FCS - accept AUTH - accept IPFILTER - accept Fabric Wide Consistency Policy:- "" Fabric OS Administrator's Guide - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 202
switch:admin> fddcfg --showall Local Switch Configuration for all Databases:- DATABASE - Accept/Reject SCC - accept DCC - accept PWD - accept FCS not match, the switch cannot join the fabric and the neighboring E_Ports are disabled. 164 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 203
FCS fabric-wide consistency policy. Use ACL policy commands to delete the conflicting ACL policy from one side to resolve ACL policy conflict. If neither the fabric nor the joining switch is configured page 166 shows merges that are not supported. Fabric OS Administrator's Guide 165 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 204
as utilizing encryption to avoid sending data in clear text. • Replay Protection - Prevents replay attack in which an attacker resends previously-intercepted packets in an effort to fraudulently authenticate or otherwise masquerade as a valid user. 166 Fabric OS Administrator's Guide 53-1002446 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 205
as nested combinations of these configurations. Endpoint-to-endpoint transport or tunnel In this scenario, both endpoints of the IP connection implement IPsec, as required of hosts in RFC4301. Transport mode encrypts only the payload while tunnel mode encrypts the entire packet. A single pair - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 206
will want an IP address associated with the security gateway so that packets returned to it will go to the security gateway and be tunneled back. FIGURE 16 Endpoint-to-gateway tunnel configuration RoadWarrior configuration In endpoint-to-endpoint security, packets are encrypted and decrypted by - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 207
service IP --flush manual-sa command supported combination. Authentication and encryption encryption algorithms. Use Table 43 when configuring the authentication algorithm. TABLE 43 Algorithm Algorithms and associated authentication policies Encryption Administrator's Guide 169 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 208
IKE SA and parameters used in negotiations to establish IPsec SAs. These include the authentication and encryption algorithms, and the primary authentication method, such as preshared keys, or a certificate-based method, such as RSA signatures. 170 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 209
Associations Manual Key Entry (MKE) provides the ability to manually add, delete and flush SA entries in the SADB. Manual SA entries may not have an associated IPsec policy in the local policy database. Manual SA entries are persistent across system reboots. Fabric OS Administrator's Guide 171 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 210
proposal This example creates an IPsec proposal IPSEC-AH to use AH01 as SA. switch:admin> ipsecconfig --add policy ips sa-proposal -t IPSEC-AH -sa AH01 6. Import the pre-shared key file. Refer to Chapter 6, "Configuring Protocols" for information on how to set up pre-shared keys and certificates - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 211
protection and use IKE01 as key management policy. switch:admin> ipsecconfig --add policy ips transform -t TRANSFORM01 \ -mode transport -sa-proposal --flush manual-sa command with the specified operands to flush the created SAs in the kernel SADB. Fabric OS Administrator's Guide 173 53 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 212
policy ips sa-proposal \ -t IPSEC-AH -lttime 86400 -sa AH01 6. Import the pre-shared key file using the secCertUtil command. The file name should have a .psk extension. For more information on importing the pre-shared key file, refer to "Installing a switch certificate" on page 123. 7. Configure an - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 213
the IPsec SAs created with IKE using the ipsecConfig --show manual-sa -a command. 11. Perform the equivalent steps on the remote peer to complete the IPsec configuration. Refer to your server administration guide for instructions. 12. Generate IP traffic and verify that it is protected using defined - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 214
7 Management interface security 176 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 215
, refer to Chapter 17, "Managing Administrative Domains". For more information about troubleshooting configuration file uploads and downloads, refer to the Fabric OS Troubleshooting and Diagnostics Guide. There are two ways to view configuration settings for a switch in a Brocade fabric: • Issue the - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 216
] [Licenses] [Chassis Configuration End] date = Tue Mar 1 21:28:52 2011 [Switch Configuration Begin : 0] SwitchName = Sprint5100 Fabric ID = 128 [Boot Parameters] [Configuration] [Bottleneck Configuration] [Zoning] [Defined Security policies] 178 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 217
specifies characteristics for the following software components: • FC Routing - Fibre Channel Routing • Chassis configuration - Chassis configuration • FCOE_CH_CONF - FCoE chassis configuration • UDROLE_CONF - User defined role configuration • LicensesDB - License Database (slot based) • DMM_WWN - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 218
all logical switches and the chassis configuration. Only administrators with chassis permissions are allowed to upload other FIDs or the chassis configuration. The following information is not saved in a backup: • dnsConfig information • Passwords 180 Fabric OS Administrator's Guide 53-1002446 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 219
(secure copy) and appears an option for the configupload/download, supportsave, auto FFDC/trace upload (supportftp) commands. Uploading a configuration file in interactive mode 1. Verify that the FTP, SFTP, or SCP service is running on the host computer. 2. Connect to the switch and log in using an - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 220
to download a configuration file while the switch is enabled, see "Configuration download without disabling a switch" on page 184. -fid FID -sfid FID The FID must be defined on the switch and the source FID must be defined in the downloaded configuration file. 182 Fabric OS Administrator's Guide - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 221
need to disable and enable each switch individually once the configuration download has completed. Non-Virtual Fabric configuration files downloaded to a Virtual Fabric system have configuration applied only to the default switch. If there are multiple logical switches created in a Virtual Fabric - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 222
for changes to take effect. Example of configDownload without Admin Domains switch:admin> configdownload Protocol (scp, ftp, local) [ftp]: Server Name or IP Address [host]: 10.1.2.3 User Name [user]: UserFoo Path/Filename [/config.txt]: 184 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 223
.txt,password Configurations across a fabric To save time when configuring fabric parameters and software features, you can save a configuration file from one switch and download it to other switches of the same model type, as shown in the following procedure. Fabric OS Administrator's Guide 185 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 224
Fabrics Do not download a configuration file from one switch to another switch that is a different model or runs a different firmware version, because it can cause the switch to fail. If you need to reset affected switches, issue the configDefault command after download is completed but before - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 225
Wait for the configuration file to download to the switch. 6. Verify the LISL ports are set up correctly. Example of a non-interactive download from a switch with an FID = 8, to FID 10 configdownload -fid 8 -sfid 10 -ftp 10.1.2.3,UserFoo,config.txt,password Fabric OS Administrator's Guide 187 53 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 226
is not limited to, logical switch definitions, whether Virtual Fabrics is enabled or disabled, and the F_Port trunking ports, except the LISL ports. The LISL ports on the system are not affected by the Virtual Fabrics configuration file download. 188 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 227
, there is a guide for FC port setting tables. The tables can be used to record configuration information for the various blades. TABLE 45 Brocade configuration and connection Brocade configuration settings IP address Gateway address Chassis configuration option Management connections Serial cable - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 228
8 Brocade configuration form 190 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 229
into slots 5 and 8 on the Brocade DCX. CR4S-8 blades can be inserted only into slots 3 and 6 on the Brocade DCX 8510-4. NOTE For more information on troubleshooting a firmware download, refer to the Fabric OS Troubleshooting and Diagnostics Guide. Fabric OS Administrator's Guide 191 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 230
the secondary partition. ATTENTION The Brocade 8000 does not support a non-disruptive firmwareDownload. The switch reboots once the firmware upgrade or downgrade is complete. In dual-CP systems, the firmware download process, by default, sequentially upgrades the firmware image on both CPs using HA - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 231
testing and restoring firmware, see "Test and restore firmware on Backbones" on page 206. Password-less firmware download You can download firmware without a password using the sshutil command for public key authentication when SSH is selected. The switch has to be configured to install the private - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 232
core files prior to executing the firmware download. This helps to troubleshoot the firmware download process if a problem is encountered. 6. Optional: Enter the errClear command to erase all existing messages in addition to internal messages. 194 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 233
in switch. • Flash displays the install date of firmware stored in nonvolatile memory. • BootProm displays the version of the firmware stored in the boot PROM. Obtain and decompress firmware Firmware upgrades are available for customers with support service contracts and for partners on the Brocade - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 234
details about overriding the autocommit option. Switch firmware download process overview The following list describes the default behavior after you enter the firmwareDownload command (without options) on Brocade fixed-port switches: • The Fabric OS downloads the firmware to the secondary partition - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 235
level of both partitions is the same. Example of an interactive firmware download switch:root> firmwaredownload Server Name or IP Address: 10.31.2.25 User Name: releaseuser File Name: /home/SAN/fos/v7.0.1/v7.0.1 Network Protocol(1-auto-select, 2-FTP, 3-SCP, 4-SFTP) [1]: 4 Verifying if the public - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 236
the IP addresses and MAC addresses has changed. ATTENTION To successfully download firmware, you must have an active Ethernet connection on each CP. Backbone firmware download process overview The following summary describes the default behavior of the firmwareDownload command (without options) on - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 237
contact your switch service provider. For further troubleshooting, refer to the Fabric OS Troubleshooting and Diagnostics Guide. 8. Enter the firmwareDownload command and respond to the interactive prompts. 9. At the "Do you want to continue [y/n]" prompt, enter y. The firmware is downloaded to one - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 238
download being performed on the CPs, but does not impact performance. Fibre Channel traffic is not disrupted during autoleveling, but GbE traffic on AP blades may be affected. ecp:admin> firmwaredownload Type of Firmware (FOS, SAS, or any application) [FOS]: Server Name or IP Address: 10.1.2.3 User - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 239
firmwareShow command to display the new firmware versions. Firmware download from a USB device The Brocade 300, 5100, 5300, 6505, 6510, 7800, 8000, and VA-40FC switches and the Brocade DCX, DCX-4S, or DCX 8510 Backbones support a firmware download from a Brocade branded USB device attached to the - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 240
signed using the OpenSSL utility to provide FIPS support.To use the digitally signed software, you must configure the switch to enable Signed Firmwaredownload. If it is not enabled, the firmware download process ignores the firmware signature and performs as before. If Signed Firmwaredownload - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 241
are displayed: Enforce secure config Upload/Download: Select yes Webtools attributes System Enforce signed firmware download: Select yes Default is no; press Enter to select default setting. Default is no; press Enter to select default setting. Fabric OS Administrator's Guide 203 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 242
the original version. Testing a different firmware version on a switch 1. Verify that the FTP, SFTP, or SSH server is running on the host server and that you have a user ID on that server. 2. Obtain the firmware file from the Brocade website at http://www.brocade.com or switch support provider and - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 243
Test and restore firmware on switches 9 User Name: userfoo File Name: /home/userfoo/v7.0.0 Password: Do Auto-Commit after Reboot [Y]: n Reboot system after download [N]: y Firmware is being downloaded to the switch. This step may take up to 30 minutes. Checking system settings for - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 244
of each CP. This procedure enables you to evaluate firmware before you commit. As a standard practice, do not run mixed firmware levels on CPs. Testing different firmware versions on Backbones 1. Connect to the Brocade Backbone IP address. 2. Enter the ipAddrShow command and note the address - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 245
version of firmware. ATTENTION Stop! If you want to restore the firmware, stop here and skip ahead to step 12; otherwise, continue to step 10 to commit the firmware on both CPs, which completes the firmware download CPs contain the new firmware. Fabric OS Administrator's Guide 207 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 246
, that upgrading a Backbone with only one CP is disruptive to switch traffic. Validating a firmware download Validate the firmware download by running the following commands: firmwareShow, firmwareDownloadStatus, nsShow, nsAllShow, and fabricShow. 208 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 247
devices prior to the firmware download. fabricShow Displays all switches in a fabric. Make sure the number of switches in the fabric after the firmware download is exactly the same as the number of attached devices prior to the firmware download. Fabric OS Administrator's Guide 209 53-1002446 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 248
9 Validating a firmware download 210 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 249
•Management model for logical switches 221 •Account management and Virtual Fabrics 221 •Supported platforms for Virtual Fabrics 222 •Limitations and restrictions of Virtual Fabrics 224 •Enabling Virtual Fabrics mode 225 •Disabling Virtual Fabrics mode 226 •Configuring logical switches to use - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 250
can create using the Virtual Fabrics suite of features. Logical switch overview Traditionally, each switch and all the ports in the switch act as a single Fibre Channel switch (FC switch) that participates in a single fabric. The logical switch feature allows you to divide a physical chassis into - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 251
FID 15 in the chassis. The default logical switch is initially assigned FID 128. You can change this value later. NOTE Each logical switch is assigned one and only one FID. The FID identifies the logical fabric to which the logical switch belongs. Fabric OS Administrator's Guide 213 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 252
P1 P3 P5 P7 P9 Logical switch 2 Logical switch 1 (Default logical switch) P0 P1 P7 P8 P2 Logical switch 2 P3 Logical switch 3 P4 P9 Logical switch 3 P5 Logical switch 4 P6 Logical switch 4 FIGURE 20 Assigning ports to logical switches 214 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 253
and E_Ports from one logical switch to another. If you want to configure a different type of port, such as a VE_Port or EX_Port, you must configure them after you move them. Some types of ports cannot be moved from the default logical switch. Refer to "Supported platforms for Virtual Fabrics" on - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 254
other logical switches. You connect logical switches to non-Virtual Fabrics switches using an ISL, as shown in Figure 21. You connect logical switches to other logical switches in two ways: • Using ISLs • Using base switches and extended ISLs (XISLs) 216 Fabric OS Administrator's Guide 53-1002446 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 255
1 P4 P5 P7 Logical switch 7 P6 Fabric ID 15 Logical switch 4 P6 Fabric ID 8 P8 Logical switch 8 P9 Fabric ID 8 Switch FIGURE 23 Logical switches connected to other logical switches through physical ISLs Figure 24 shows a logical representation of the configuration in Figure 23. Fabric 128 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 256
logical switches. • Base switches do not support direct device connectivity. A base switch can have only E_Ports, VE_Ports, EX_Ports, or VEX_Ports, but no F_Ports. • The base switch provides a common address space for communication between different logical fabrics. • A base switch can be configured - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 257
ISL XISL Physical chassis 2 P1 Logical switch 5 (Default logical switch) Fabric ID 128 P2 Logical switch 6 Fabric ID 1 P4 P7 Logical switch 7 P6 Fabric ID 15 P8 P9 Base switch Fabric ID 8 FIGURE 27 Logical fabric using ISLs and XISLs Fabric OS Administrator's Guide 219 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 258
to connect logical switches. A logical port represents the ports at each end of a logical ISL. A logical port is a software construct only and does not correspond to any physical port. Most port commands are not supported on logical ports. For example, you cannot change the state or configuration of - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 259
for each Virtual Fabric. For a management host to manage a logical switch using the Internet Protocol over Fibre Channel (IPFC) IP address, it must be physically connected to the Virtual Fabric using a host bus adapter (HBA). All user operations are classified into one of the following: • Chassis - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 260
on each type of logical switch. TABLE 47 Blade and port types supported on logical switches Blade type Default logical switch User-defined logical switch Base switch FC8-16 FC8-32 FC8-32E FC8-48 FC8-48E FC16-32 FC16-48 FC8-64 FC10-6 FS8-18 FCOE10-24 FX8-24: FC ports GE ports Yes (F, E) Yes - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 261
user ports within the same cable across multiple logical switches is not supported. • The default logical switch cannot use XISLs. • The default logical switch cannot be designated as the base switch. • VE_Ports on the FR4-18i blade are supported on the base switch only for carrying Fibre Channel - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 262
4 Brocade 5100 3 Brocade 6510 41 Brocade VA-40FC 3 1. The maximum is 3 logical switches if you are using FC-FC routing. Refer to "Supported port configurations in the Brocade Backbones" on page 222 for restrictions on the default logical switch. 224 Fabric OS Administrator's Guide 53 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 263
Load Sharing is enabled on the logical switch. • The logical switch has ICL ports. • The logical switch is the default logical switch in the Brocade DCX, DCX-4S, or DCX 8510 family. • The logical switch is a base switch. • The logical switch is an edge switch for an FC router. In this case, if the - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 264
it. switch:admin> fosconfig --show FC Routing service: iSCSI service: iSNS client service: Virtual Fabric: Ethernet Switch Service: disabled Service not supported on this Platform Service not supported on this Platform disabled Service not supported on this Platform switch:admin> fosconfig - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 265
the logical switch, you must disable the switch to configure it and set the domain ID. You then assign ports to the logical switch. Optionally, you can define the logical switch to be a base switch. Each chassis can have only one base switch. Fabric OS Administrator's Guide 227 53-1002446 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 266
option to execute the command without any user prompts or confirmation. 3. Set the context to the new logical switch. setcontext fabricID The fabricID parameter is the fabric ID of the logical switch you just created. 4. Disable the logical switch. switchdisable 5. Configure the switch attributes - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 267
command on all logical switches sw0:FID128:admin> fosexec --fid all -cmd "fabricshow" "fabricshow" on FID 128: Switch ID Worldwide Name Enet IP Addr FC IP Addr Name 97: fffc61 10:00:00:05:1e:82:3c:2a 10.32.79.105 0.0.0.0 >"sw0" Fabric OS Administrator's Guide 229 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 268
, you must manually reinstall them on the port after the move. NOTE If the logical switch to which the port is moved has fabric mode Top Talkers enabled, then if the port is an E_Port, fabric mode Top Talker monitors are automatically installed on that port. 230 Fabric OS Administrator's Guide 53 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 269
configured. If the -port option is omitted, all ports on the specified slot are assigned to the logical switch. NOTE On the Brocade DCX and DCX 8510-8, the lscfg command does not allow you to add ports 48- 63 of the FC8-64 blade to the base switch. These ports are not supported on the base switch - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 270
in "Configuring a logical switch to use XISLs" on page 234. 4. Enter the following command to change the logical switch to a base switch: lscfg --change fabricID -base The fabricID parameter is the fabric ID of the logical switch with the attributes you want to change. 232 Fabric OS Administrator - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 271
OFF switchBeacon: OFF FC Router: OFF Fabric Name: MktFab7 Allow XISL Use: ON LS Attributes: [FID: 7, Base Switch: No, Default Switch: No, Address Mode 0] (output truncated) switch_25:FID7:admin> configure Not all options will be available on an enabled switch. To disable the switch, use the - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 272
Configuring a logical switch to use XISLs When you create a logical switch, it is configured to use XISLs by default. Use the following procedure to allow or disallow the logical switch to use XISLs in the base fabric. XISL use is not supported . 234 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 273
is not already enabled. See "Enabling Virtual Fabrics mode" on page 225 for instructions. Enabling Virtual Fabrics automatically creates the default logical switch, with FID 128. All ports in the chassis are assigned to the default logical switch. Fabric OS Administrator's Guide 235 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 274
to these ports on the logical switch. e. (Optional) Configure the logical switch to use XISLs, if it is not already XISL-capable. See "Configuring a logical switch to use XISLs" on page 234 for instructions. By default, newly created logical switches are configured to allow XISL use. f. Repeat step - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 275
for storage virtualization or encryption. See "Frame Redirection" on page 78 for more information. • LSAN zones Provide device connectivity between fabrics without merging the fabrics. See "LSAN zone configuration" on page 485 for more information. Fabric OS Administrator's Guide 237 53-1002446 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 276
(TI zones) Isolate inter-switch traffic to a specific, dedicated path through the fabric. See Chapter 12, "Traffic Isolation Zoning," for more information. Zoning overview Zoning is a fabric-based service that enables you to partition your storage area network (SAN) into logical groups of devices - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 277
appropriate to have an HBA from each of the cluster members included in the zone; this is equivalent to having a shared SCSI bus between the cluster members and assumes that the clustering software can zoning philosophy is the preferred method. Fabric OS Administrator's Guide 239 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 278
no fabric zoning is the least desirable zoning option because it allows devices to have unrestricted access 2 (domain ID 4, port index 30). On fixed-port models, "3,13" specifies port 13 in switch domain ID 3. Note the following effects on zone membership based Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 279
or port versions of the switch at once, and you can quickly alternate between them. For example, you might want to have one configuration enabled during the business hours and another enabled overnight. However, only one zone configuration can be enabled at a time. Fabric OS Administrator's Guide - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 280
Default zoning mode" on page 252). This does not mean that the zone database is deleted, however, only that there is no configuration active in the fabric. On power-up, the switch automatically reloads the saved configuration. If a configuration . 242 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 281
way to do this is to use WWN identification exclusively for all zoning configurations. Use of aliases The use of aliases is optional with zoning. Using aliases requires structure when defining zones. Aliases aid administrators of zoned fabrics in understanding the structure and context. Effect of - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 282
Fabric OS-level switch. Switches with earlier Fabric OS versions do not have the switch versus an edge switch. • Zone using a Backbone rather than a switch. A Backbone has more resources to handle zoning changes and implementations. Broadcast zones Fibre Channel Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 283
zone. When a switch receives a broadcast packet IP device that exists in the edge or backbone fabric as well as the proxy device in the remote fabric. See Chapter 24, "Using FC-FC Routing to Connect Fabrics," for information about proxy devices and the FC router. Fabric OS Administrator's Guide - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 284
switch has broadcast zone-capable firmware on the active CP (Fabric OS v5.3.x or later) and broadcast zone-incapable firmware on the standby CP (Fabric OS version there is no effective zone configuration. The default zoning mode has two options: • All Access-All Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 285
-enabled, merging new switches into the fabric is not recommended and may cause unpredictable results with the potential of mismatched Effective Zoning configurations. Do you want to save Defined zoning configuration only? (yes, y, no, n): [no] y Fabric OS Administrator's Guide 247 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 286
-enabled, merging new switches into the fabric is not recommended and may cause unpredictable results with the potential of mismatched Effective Zoning configurations. Do you want to save Defined zoning configuration only? (yes, y, no, n): [no] y 248 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 287
-enabled, merging new switches into the fabric is not recommended and may cause unpredictable results with the potential of mismatched Effective Zoning configurations. Do you want to save Defined zoning configuration only? (yes, y, no, n): [no] y Fabric OS Administrator's Guide 249 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 288
-enabled, merging new switches into the fabric is not recommended and may cause unpredictable results with the potential of mismatched Effective Zoning configurations. Do you want to save Defined zoning configuration only? (yes, y, no, n): [no] y 250 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 289
. 2. Enter the cfgShow command to view the zone configuration objects you want to validate. switch:admin> cfgShow Defined configuration: cfg: USA_cfg Purple_zone; White_zone; Blue_zone zone: Blue_zone 1,1; array1; 1,2; array2 zone: Purple_zone Fabric OS Administrator's Guide 251 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 290
configuration. The default zoning mode has two options: • All Access-All devices within the fabric can communicate with all other devices. • No Access-Devices in the fabric cannot access any other device in the fabric. The default zone mode applies to the entire fabric, regardless of switch model - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 291
, merging new switches into the fabric is not recommended and may cause unpredictable results with the potential of mismatched Effective Zoning configurations. Do you want to save Defined zoning configuration only? (yes, y, no, n): [no] y Updating flash ... Fabric OS Administrator's Guide 253 53 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 292
11 Zone database size Viewing the current default zone access mode 1. Connect to the switch and log in using an account with admin permissions. 2. Enter the defZone --show command. NOTE If you perform a firmware download of an older release, then the current default zone access state will appear as - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 293
[; member...]" 3. Enter the cfgSave command to save the change to the defined configuration. The cfgSave command ends and commits the current zoning transaction buffer to nonvolatile memory. If a transaction is open on a different switch in the fabric when this command is run, the transaction on the - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 294
[; member...]" 3. Enter the cfgSave command to save the change to the defined configuration. The cfgSave command ends and commits the current zoning transaction buffer to nonvolatile memory. If a transaction is open on a different switch in the fabric when this command is run, the transaction on the - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 295
to disabling the zone configuration. See "Default zoning mode" on page 252 for information about setting this mode to No Access. The following procedure ends and commits the current zoning transaction buffer to nonvolatile memory. If a transaction is open on a different switch in the fabric when - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 296
zone1 was done in error: switch:admin> zoneremove "zone1","3,5" switch:admin> cfgtransabort Viewing all zone configuration information If you do not Effective configuration: cfg: USA_cfg zone: Blue_zone 1,1 21:00:00:20:37:0c:76:8c 21:00:00:20:37:0c:71:02 258 Fabric OS Administrator's Guide 53- - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 297
command to clear all zone information in the transaction buffer. ATTENTION Be careful using the cfgClear command because it deletes the defined configuration. switch:admin> cfgclear The Clear All action will clear all Aliases, Zones, FA Zones Fabric OS Administrator's Guide 259 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 298
US_Test1 Blue_zone 5. If you want the change preserved when the switch reboots, enter the cfgSave command to save it to nonvolatile (flash) memory. 6. Enter the cfgEnable command for the appropriate zone configuration to make the change effective. 260 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 299
no longer present. 6. If you want the change preserved when the switch reboots, enter the cfgSave command to save it to nonvolatile (flash) memory. 7. Enter the cfgEnable command for the appropriate zone configuration to make the change effective. Fabric OS Administrator's Guide 261 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 300
to the host for archiving and it can be downloaded from the host to a switch in the fabric. See "Configuration file backup" on page 180, "Configuration file restoration" on page 181, or the when zoning is in secure mode, no merge operations occur. 262 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 301
11 Zone merging Brocade Advanced Zoning is configured on the primary fabric configuration server (FCS). The primary FCS switch makes zoning changes and other security-related changes. The primary FCS switch also distributes zoning to all other switches in the secure fabric. All existing interfaces - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 302
status does not match across switches, issue the cfgenable command. • Merging two fabrics Both fabrics have identical zones and configurations enabled, including the default zone mode. The two size exceeds the maximum limit of another switch. 264 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 303
56 on page 267: Default access mode • Table 57 on page 268: Mixed Fabric OS versions Zone merging scenarios: Defined and effective configurations Switch A Switch B Expected results Switch A has a defined configuration. Switch B does not have a defined configuration. Switch A has a defined and - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 304
Switch B defined:cfg2 zone1: ali1; ali2 effective: cfg2 zone1: ali1; ali2 defined: cfg1 zone2: ali1; ali2 effective: irrelevant Expected results Fabric segments due to: Zone Conflict cfg mismatch Fabric segments due to: Zone Conflict content mismatch 266 Fabric OS Administrator's Guide - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 305
Clean merge - noaccess takes precedence and defzone configuration from Switch B propagates to fabric. defzone: noaccess Clean merge - defzone configuration is allaccess in the fabric. Clean merge - defzone configuration is noaccess in the fabric. Fabric OS Administrator's Guide 267 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 306
Fabric segments due to zone conflict. Fabric segments due to zone conflict. NOTE When merging mixed versions of Fabric OS where both sides have default zone mode No Access set, the merge results vary depending on which switch initiates the merge. 268 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 307
Chapter Traffic Isolation Zoning 12 In this chapter •Traffic Isolation Zoning overview 269 •Enhanced TI zones 274 •Traffic Isolation Zoning over FC routers 276 •General rules for TI zones 279 •Supported configurations for Traffic Isolation Zoning 280 •Limitations and restrictions of Traffic - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 308
8 is routed through E_Port 1. Similarly, traffic entering Domain 3 from E_Port 9 is routed to E_Port 12, and traffic entering Domain 4 from E_Port 7 is routed to the devices through N_Ports 5 and 6. Traffic when failover is enabled and disabled. 270 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 309
occurs, depending on the failover option: • If failover is disabled 12" configurations, switch RSCNs are generated. Each switch that is part of the TI zone generates RSCNs to locally attached devices that are part of the TI zone and are registered to receive RSCNs. Fabric OS Administrator's Guide - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 310
Enable the zones (cfgEnable). 3. Reset all the zones you changed in step 12 15 7 = Dedicated Path 6 = Ports in the TI zone 5 Domain 2 Domain 4 FIGURE 32 Fabric incorrectly configured switch changes its active domain ID, the route is broken. See the configure Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 311
the non-dedicated path is not the shortest path. Domain 1 8 1 9 3 Domain 3 9 14 12 15 = Dedicated Path 16 = Ports in the TI zone Domain 2 FIGURE 33 Dedicated path is the only the dedicated path is configured to be the shortest path. Fabric OS Administrator's Guide 273 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 312
TI zones Domain 1 8 1 9 3 Domain 3 9 14 12 15 16 FIGURE 34 = Dedicated Path = Ports in the TI especially useful in FICON fabrics. See the FICON Administrator's Guide for example topologies using enhanced TI zones. See "Additional configuration rules for enhanced TI zones" on page 281 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 313
12 Illegal configurations configuration. You can also display a report of existing and potential problems with TI zone configurations, as described in "Troubleshooting TI zone routing problems" on page 291. Illegal ETIZ configuration (3,7), (3,8) Fabric OS Administrator's Guide 275 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 314
ETIZ configuration: two paths from one port = ETIZ 1 = ETIZ 2 Traffic Isolation Zoning over FC routers This section describes how TI zones work with Fibre Channel routing (TI over FCR). See Chapter 24, "Using FC-FC Routing to Connect Fabrics," for information about FC routers, phantom switches - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 315
Traffic Isolation Zoning over FC routers 12 Edge fabric 1 Backbone available, then devices are not imported. NOTE For TI over FCR, all switches in the backbone fabric and in the edge fabrics must be running Fabric OS Xlate Domain 4 Proxy Target Fabric OS Administrator's Guide 277 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 316
12 Traffic Isolation Zoning over FC routers In the TI zone, when you designate E_Ports between the front and xlate phantom switches E_Port for the xlate phantom domain) Note that in this configuration the traffic between the front and xlate domains can go through Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 317
FCR is not supported with FC Fast Write. • For the FC8-16, FC8-32, FC8-48, FC8-64, and FX8-24 blades only: If Virtual Fabrics is disabled, two or more shared area EX_Ports connected to the same edge fabric should not be configured in different TI zones. This configuration is not supported. General - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 318
-63 can still be in a failover path for TI traffic. The Brocade DCX-4S and DCX 8510-4 do not have this limitation. • VE_Ports are supported in TI zones. • TI Zoning is not supported in fabrics with switches running firmware versions earlier than Fabric OS v6.0.0. However, the existence of a TI zone - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 319
12 Additional configuration rules for enhanced TI zones Enhanced TI zones (ETIZ) have the following additional configuration rules: • Enhanced TI zones are supported only if every switch in the fabric is ETIZ capable. A switch Zoning over FC routers" on Administrator's Guide 281 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 320
option is not supported in logical fabrics that use XISLs. Although logical switches that use XISLs allow the creation of a TI zone with failover disabled, this is not a supported configuration. Base switches (FID 1) and one in the base fabric. 282 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 321
of ports 10, 12, 14, and 16. You must also include ports 3 and 8, because they belong to logical switches participating in the logical 10 12 14 FIGURE 44 = Dedicated Path = Ports in the TI zones Creating a TI zone in a base fabric Domain 2 17 7 8 16 Fabric OS Administrator's Guide 283 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 322
shows a logical representation of the configuration in Figure 45. This SAN is similar to that shown in Figure 38 on page 277 and you would set up the TI zones in the same way as described in "Traffic Isolation Zoning over FC routers" on page 276. 284 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 323
the procedure described in "Creating a TI zone in a base fabric" on page 287. 1. Connect to the switch and log in using an account with admin permissions. 2. Enter the zone --create command: zone --create -t objtype [-o optlist] name -p "portlist" Fabric OS Administrator's Guide 285 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 324
zone in the backbone fabric with failover enabled and the state set to activated (default settings): switch:admin> zone --create -t ti backbonezone -p "10:00:00:04:1f:03:16:f2; 1,1; 1,4; 2,7; 2,1; 10:00:00:04:1f:03:18:f1, 10:00:00:04:1f:04:06:e2" 286 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 325
" c. Reset the failover option to failover disabled. Then continue with step 4. zone --add -o n name 5. Enter the cfgEnable command to reactivate your current effective configuration and enforce the TI zones. cfgenable "base_config" Fabric OS Administrator's Guide 287 53 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 326
-p "1,3; 1,10; 7,12; 7,14; 2,16; effective configuration to the switch and option to failover enabled. This is a temporary change to avoid frame loss during the transition. zone --add -o f name b. Enable the zones. cfgenable "current_effective_configuration" 288 Fabric OS Administrator's Guide - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 327
12 c. Reset the failover option to failover disabled. Then continue with step 4. zone --add -o n name 4. Enter the cfgEnable command to reactivate your current effective configuration configuration and enforce the TI zones. cfgenable "current_effective_configuration" Fabric OS Administrator's Guide - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 328
has been activated by cfgEnable) If you enter the cfgShow command to display information about all zones, the TI zones appear in the defined zone configuration only and do not appear in the effective zone configuration. 290 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 329
and a remote domain have been detected, which might cause a problem for devices that join the fabric later. 1. Connect to the switch and log in using an account with admin permissions. 2. Enter the zone --showTIerrors command. zone --showTIerrors Fabric OS Administrator's Guide 291 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 330
12 Setting up TI over FCR (sample procedure) Following is an example report that would be generated for the illegal configuration shown in Figure 36 on page 275. switch: up across the FC router, the TI zones for each path can have the same name. 292 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 331
can determine the front and translate domains. E1switch:admin> fabricshow Switch ID Worldwide Name Enet IP Addr FC IP Addr Name 1: fffc01 50:00:51:e3:95:36: ' configuration (yes, y, no, n): [no] y zone config "cfg_TI" is in effect Updating flash ... Fabric OS Administrator's Guide 293 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 332
the front and translate domains. E2switch:admin> fabricshow Switch ID Worldwide Name Enet IP Addr FC IP Addr Name 1: fffc01 50:00:51:e3:95: :00:00:00:03:00:00" BB_DCX_1:admin> zone --show Defined TI zone configuration: TI Zone Name: TI_Zone1 Port List: 1,9; 1,1; 2,4; 2,7; 10:00:00: - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 333
) 12 b. Enter the following commands to reactivate your current effective configuration and enforce the TI zones. BB_DCX_1:admin> cfgactvshow Effective configuration: configuration (yes, y, no, n): [no] y zone config "cfg_TI" is in effect Updating flash ... Fabric OS Administrator's Guide 295 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 334
12 Setting up TI over FCR (sample procedure) 296 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 335
Supported configurations for bottleneck detection 300 •Advanced bottleneck detection settings 301 •Enabling bottleneck detection on a switch bottlenecks. • Reduce the time it takes to troubleshoot network problems. If you notice one or more applications Administrator's Guide 297 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 336
configure bottleneck detection on a per-switch basis, with optional per-port exclusions. NOTE Bottleneck detection is disabled by default. Best practice is to enable bottleneck detection on all switches rate at which the other end of the link can continuously Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 337
parameters to determine whether alerts are generated You have the option of receiving per-port alerts based on the latency and of 12 seconds) are affected by latency. This exceeds the threshold of 10%, so an alert would be generated for a latency bottleneck. Fabric OS Administrator's Guide - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 338
. The sub-second latency criterion parameter settings are not preserved on downgrade to firmware versions earlier than Fabric OS 7.0.0. If you downgrade and then upgrade back to Fabric OS 7.0.0, the settings revert to their default values. 300 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 339
detection is supported in both VF and non-VF modes. In VF mode, if a port on which bottleneck detection is enabled is moved out of a logical switch, any per-port configurations are retained by the logical switch. The per-port configuration does not propagate outside of the logical switch. If the - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 340
to be considered affected by latency. The default value of 50 means that the observed switch and log in using an account with admin permissions. 2. Enter the bottleneckmon --enable command to enable bottleneck detection on all eligible ports on the switch. 302 Fabric OS Administrator's Guide - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 341
3. Repeat step 1 and step 2 on every switch in the fabric. NOTE Best practice is to use the default values for the alerting and sub-second latency criterion enter the bottleneckmon --include command. Example switch:admin> bottleneckmon --exclude 4 Fabric OS Administrator's Guide 303 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 342
of bottleneck detection configuration for the switch, which includes the following: • Whether the feature is enabled • Switch-wide parameters • Per 0 3 Y 0.990 0.900 4000 600 Excluded ports: Slot Port ============ 0 2 0 3 0 4 304 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 343
configure switch-wide alerting and sub-second latency criterion parameters that apply to every port on the switch time options. For a trunk, you can change the parameters only on the master port. 1. Connect to the switch 600 Excluded ports Port Fabric OS Administrator's Guide 305 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 344
.6 -lsubsecsevthresh 40 6 switch:admin> bottleneckmon --status Bottleneck detection - Enabled Switch-wide sub-second latency bottleneck criterion: Time threshold - 0.800 Severity threshold - 50.000 Switch-wide alerting parameters 306 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 345
to three hours. This command has several display options: • Display only latency bottlenecks, only congestion had a bottleneck occur during any second in the corresponding interval. switch:admin> bottleneckmon --show -interval 5 -span 30 Wed Jan Administrator's Guide 307 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 346
and non-default values of alerting parameters. 1. Connect to the switch and log in using an account with admin permissions. 2. Enter the bottleneckmon --disable command to disable bottleneck detection on the switch. switch:admin> bottleneckmon --disable 308 Fabric OS Administrator's Guide 53 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 347
can enable either encryption or compression selectively. Figure 49 shows an example of 16 Gbps links connecting three Brocade switches. One link is configured with encryption and compression, one with just encryption, and one with just compression. Fabric OS Administrator's Guide 309 53-1002446 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 348
feature is not supported in FIPS mode. In-flight encryption is not FIPS compliant. • Brocade Network Advisor does not support encryption or compression. • L!L through any encryption-enabled port or compression-enabled port is not supported. 310 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 349
two E_Ports across an ISL. You can enable encryption or compression or both on an E_Port on a per port basis. By default, this feature is disabled on all ports on a switch. Encryption and compression capabilities and configurations from each end of the ISL are exchanged during E_Port initialization - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 350
Fabrics considerations The E_Ports in the user-created logical switch, base switch, or default switch can support encryption and compression. You can configure encryption on XISL ports, but not on LISL ports. However, frames from the LISL ports are implicitly encrypted or compressed as they pass - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 351
number of a specific user port. sw0:FID128:root> portenccompshow User Encryption Compression Port configured Active configured Active 17 No No No No 18 No No No No 19 No No No No 20 No No No No 21 No No No No Fabric OS Administrator's Guide 313 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 352
the local switch and the remote switch. NOTE When setting a secret key pair, you are entering the shared secrets in plain text. Use a secure channel, such as SSH or the serial console, to connect to the switch on which you are setting the secrets. 314 Fabric OS Administrator's Guide 53-1002446 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 353
example enables encryption on port 15 of an FC16-32 blade in slot 9 of an enterprise class platform: portcfgencrypt --enable 9/15 4. Enable the port with the portEnable command. After manually enabling the port, the new configuration becomes active. Fabric OS Administrator's Guide 315 53-1002446 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 354
This example disables encryption on port 15 of an FC16-32 blade in slot 9 of an enterprise class platform: portcfgencrypt --disable 9/15 4. Enable the port with the portEnable command. After enabling the port, the new configuration becomes active. 316 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 355
following example shows configuring and enabling encryption and compression.In this case, encryption and compression are applied to the E_Ports at either end of and ISL connecting a port on a blade in an enterprise class platform named myDCX to a port on a Brocade 6510 switch named myswitch. Table - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 356
. Authentication and secret key must also be configured as these are required before configuring encryption. The commands in this example are shown entered on the Brocade 6510 named myswitch. The same commands must also be entered on the peer switch. This first part of the example shows a command - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 357
result. Notice that the output shows encryption to be enabled on the port. myswitch:root> portcfgencrypt --enable 0 Please disable port to configure Encryption/Compression. myswitch:root> portdisable 0 myswitch:root> portcfgencrypt --enable 0 Turning ON Encryption on port(246) will cause the - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 358
Recovery F_Port Buffers Fault Delay: NPIV PP Limit: CSCTL mode: Frame Shooter Port D-Port mode: Compression: Encryption: FEC: myswitch:root> encryption on port 0: myswitch:root> portdisable 0 myswitch:root> portcfgencrypt --disable 0 myswitch:root> portenable 0 320 Fabric OS Administrator's Guide - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 359
: OFF Rate Limit EX Port Mirror Port Credit Recovery F_Port Buffers Fault Delay: NPIV PP Limit: CSCTL mode: Frame Shooter Port D-Port mode: Compression: Encryption: FEC: myswitch:root> OFF OFF OFF ON OFF 0(R_A_TOV) 126 OFF OFF OFF OFF OFF OFF Fabric OS Administrator's Guide 321 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 360
14 Encryption and compression example 322 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 361
Chapter NPIV 15 In this chapter •NPIV overview 323 •Configuring NPIV 325 •Enabling and disabling NPIV 326 •Viewing NPIV port configuration information 327 NPIV overview N_Port ID Virtualization (NPIV) enables a single Fibre Channel protocol port to appear as multiple, distinct ports, - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 362
all platforms that do not have Virtual Fabrics enabled. When Virtual Fabrics is enabled on the Brocade DCX and DCX-4S, fixed addressing mode is used only on the default logical switch. The number of NPIV devices supported on shared area ports (48-port blades) is reduced to 64 from 128 when Virtual - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 363
60 Platform Number of supported NPIV devices (Continued) Virtual Fabrics Logical switch type NPIV support DCX-4S Enabled Logical switch Yes, 255 virtual device limit.3 DCX-4S Enabled Base switch No. 1. Maximum limit support takes precedence if user-configured maximum limit is greater - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 364
the --enable or --disable option. The following example shows NPIV being enabled on port 10 of a Brocade 5100: switch:admin> portCfgNPIVPort --enable 10 the firmware considers that port as an F_Port even though the NPIV feature was enabled. 326 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 365
to view the switch ports information. The following example shows whether a port is configured for NPIV: switch:admin> portcfgshow Ports of Slot 0 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 for the portShow command: switch:admin> portshow 2 Fabric OS Administrator's Guide 327 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 366
15 Viewing NPIV port configuration information portName: 02 output from the portLoginShow command: switch:admin> portloginshow 2 Type PID World Wide Name credit df_sz cos fe 630240 c0:50:76:ff:fb:00:16:fc 101 2048 c fe 63023f FFFFFC 328 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 367
(DFP) to simplify server deployment in your Fibre Channel SAN (FC SAN) environment. Server deployment typically requires that multiple administrative teams (for example, server and storage teams) coordinate with each other to perform configuration tasks such as zone creation in the fabric - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 368
server to use the FA-PWWN feature, it must be using a Brocade HBA or Adapter. Refer to the release notes for the HBA or Adapter versions that support this feature. Some configuration of the HBA must be performed to use the FA-PWWN. User- and auto-assigned FA-PWWN behavior An FA-PWWN can be - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 369
Switch running FOS 7.0.0 F-Port N-Port Scenario 1 An FA-PWWN is configured for an HBA device connected to an Access Gateway Switch. Edge Switch running FOS 7.0.0 NPIV F-Port F-Port HBA Scenario 2 Configure an 20:08:00:05:1e:d7:2b:74 \ \ Fabric OS Administrator's Guide 331 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 370
a switch running a version of Fabric OS earlier than 7.0.0, the HBA will continue to disable its port. Configuring an FA-PWWN for an HBA connected to an edge switch For Yes Port/User 52:00:10:00:00:0f:50:44 10 52:00:10:00:00:0f:50:45 -- Yes Port/Auto 332 Fabric OS Administrator's Guide 53- - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 371
Brocade 5300 - Brocade 6505 - Brocade 6510 - Brocade VA-40FC • Access Gateway platforms running Fabric OS v7.0.0 or later: - Brocade 300 - Brocade 5100 - Brocade 6510 • Brocade HBAs with driver version 3.0.0.0: - Brocade 415 - Brocade 425 - Brocade 815 - Brocade 825 Fabric OS Administrator's Guide - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 372
export the FA-PWWN configuration. ATTENTION Brocade recommends you delete all FA-PWWNs from the switch with the configuration being replaced before you upload or download a modified configuration. This is to ensure no duplicate FA-PWWNs in the fabric. Firmware upgrade and downgrade considerations - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 373
following restrictions when using the FA-PWWN feature: • FA-PWWN is supported only on Brocade HBAs and Adapters. Refer to the release notes for the supported Brocade HBA or Adapter versions. • FA-PWWN is not supported for the following: - FCoE devices - FL_Ports - Swapped ports (using the portswap - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 374
16 Access Gateway N_Port failover with FA-PWWN 336 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 375
which switches, ports, and devices you can view and modify. An Admin Domain is a filtered administrative view of the fabric. NOTE If you do not implement Admin Domains, the feature has no impact on users and you can ignore this chapter. Admin Domains permit access to a configured set of users. Using - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 376
Figure 52, users can see all switches and E_Ports in the fabric, regardless of their Admin Domain; however, the switch ports and end devices are filtered based on Admin Domain membership. FIGURE 52 Filtered fabric views when using Admin Domains 338 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 377
must not end with "_ADn". - The LSAN zone names must not be longer than 57 characters. Refer to Chapter 24, "Using FC-FC Routing to Connect Fabrics," for information about the FC-FC Routing Service and LSAN zones. Admin Domain access levels Admin Domains offer a hierarchy of administrative access - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 378
Creates and manages all Admin Domains. Assigns other administrators or users to each Admin Domain. The default admin account is the first physical fabric administrator. Only a physical fabric administrator can create other physical fabric administrators. Can be assigned to one or more Admin Domains - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 379
you can see which devices, switch ports, and switches are not yet assigned to any Admin Domains. AD0 owns the root zone database (legacy zone database). user-defined Admin Domains (AD1 and AD2). AD255 always encompasses the entire physical fabric. Fabric OS Administrator's Guide 341 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 380
a configurable property of a non-default user account. Here is some additional information about AD accounts: • You can log in to only one Admin Domain at a time. You can later switch to a different Admin Domain (refer to "Switching to a different Admin Domain context" on page 360 for instructions - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 381
administrator. Port control is provided only through switch port membership and is not provided for device members. When you create an Admin Domain, the end automatically grant usage of corresponding domain,index members in the zone configuration. If you specify a device WWN member in the Admin - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 382
switch. • A switch member allows switch administrative operations such as disabling and enabling a switch, rebooting, and firmware downloads. • A switch member does not provide zoning rights for the switch the following switch WWN is in NAA=1 format: 10:00:00:60:69:e4:24:e0 The following switch WWN - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 383
User Domain ID = 1 WWN = 50:00:51:f0:52:36:f9:04 WWN = 10:00:00:00:c2:37:2b:a3 Domain ID = 2 WWN = 50:00:52:e0:63:46:e9:04 WWN = 10:00:00:00:c8:3a:fe:a2 FIGURE 55 Filtered fabric views showing converted switch WWNs Fabric OS Administrator's Guide - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 384
Domain transaction. Setting the default zoning mode for Admin Domains To begin implementing an Admin Domain structure within your SAN, you must first set the default zoning mode to No Access. You must be in AD0 to change the default zoning mode. 346 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 385
co-exist. 3. Set the default zone mode to No Access, if you have not already done so. Refer to "Setting the default zoning mode" on page 253 for instructions. 4. Switch to the AD255 context, if you are not already in that context: ad --select 255 Fabric OS Administrator's Guide 347 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 386
after login. • If you do not specify one, the home Admin Domain is the lowest valid Admin Domain in the numerically-sorted AD list. • Users can log in to their Admin Domains and create their own Admin Domain-specific zones and zone configurations. 348 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 387
--addad ad1admin -a "green_ad2" Creating a physical fabric administrator user account 1. Connect to the switch and log in using an account with admin permissions. 2. Enter the userConfig --add command using the -r option to set the role to admin and the -a option to provide access to Admin Domains - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 388
in the remaining list. Example of removing Admin Domain green_ad2 from the user account adm1 switch:admin> userconfig --deletead adm1 -a "green_ad2" Broadcast message from root (pts/0) Wed Jan 27 20:57:14 2010... Security Policy, Password or Account Attribute Change: adm1 will be logged out Ads for - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 389
the -s option to specify switch members. ad --add ad_id -d "dev_list" -s "switch_list" In the syntax, ad_id is the Admin Domain name or number, dev_list is a list of device WWNs or domain,index members, and switch_list is a list of switch WWNs or domain IDs. Fabric OS Administrator's Guide 351 53 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 390
if the Admin Domain you want to rename is part of the effective configuration. 1. Connect to the switch and log in using an account with admin permissions. 2. Switch to the AD255 context, if you are not already in that context. ad --select 255 352 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 391
deleting Admin Domain AD_B3 switch:AD255:admin> ad --delete AD_B3 You are about to delete an AD. This operation will fail if zone configuration exists in the AD Do you want to delete 'AD_B3' admin domain (yes, y, no, n): [no] y switch:AD255:admin> Fabric OS Administrator's Guide 353 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 392
Domain management for physical fabric administrators Deleting all user-defined Admin Domains When you clear the Admin Domain configuration, all user-defined Admin Domains are deleted, the explicit membership list of AD0 is cleared, and all fabric resources (switches, ports, and devices) are returned - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 393
. cfgadd "cfgName", "member[;member]" 5. Enable the configuration to complete the transaction. cfgenable cfgName 6. Switch to the AD255 context. ad --select 255 7. Explicitly add devices that are present in the user-defined ADs to AD0. ad --add AD0 -d "dev_list" 8. Enter the ad --apply command - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 394
:00:02:00:00:00 Effective configuration: cfg: AD0_cfg zone: AD0_RedZone 10:00:00:00:01:00:00:00 10:00:00:00:02:00:00:00 Zone CFG Info for AD_ID: 1 (AD Name: AD1, State: Active) : Defined configuration: cfg: AD1_cfg AD1_BlueZone zone: AD1_BlueZone 356 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 395
admin domains (yes, y, no, n): [no] y sw0:AD255:admin> ad --apply You are about to enforce the saved AD configuration. This action will trigger AD apply to all switches in the fabric Do you want to apply all admin domains (yes, y, no, n): [no] y Fabric OS Administrator's Guide 357 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 396
Any devices and switch ports that are not defined as part of the Admin Domain are not shown and are not available to that AD user. Each Admin Domain can also have its own zone configurations (defined and effective) with zones and aliases under them. 358 Fabric OS Administrator's Guide 53-1002446 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 397
SAN be one that you can access. This option creates a new shell with the current User_ID, switches to the specified Admin Domain, performs the the AD7 context switch:AD255:admin> ad --exec 7 "switchshow" Displaying an Admin Domain configuration You can display Administrator's Guide 359 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 398
Effective configuration AD Number: 1 AD Name: TheSwitches State: Active Switch WWN members: 50:06:06:99:00:2a:e9:01; 50:00:51:e0:23:36:f9:01; 50:06:06:98:05:be:99:01; Switching to a different Admin Domain context You can switch between different Admin Domain contexts. This option creates - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 399
Watch Fabric Watch configuration operations are allowed only if the local switch is part of the current Admin Domain. FC-FC Routing Service You can create LSAN zones as a physical fabric administrator or as an individual AD administrator. The LSAN zone can be part of the root zone database or - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 400
Switch Connection Control (SCC) policies are supported only in AD0 and AD255, because ACL configurations are supported only in AD0 and AD255. iSCSI iSCSI operations are supported for each user-defined Admin Domain. AD-level zone information is merged with the root zone configuration and enforced. - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 401
. Refer to "Validating a zone" on page 251 for instructions on using the zone --validate command. NOTE AD zone databases administrative domain feature is not active (AD1 through AD254 are not configured and no explicit members are added to AD0), AD0 supports both All Access and No Access default - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 402
17 SAN management with . Refer to Chapter 24, "Using FC-FC Routing to Connect Fabrics," for information about LSAN zones. Configuration upload and download in an AD context is allowed only if the switch is a member of the current Admin Domain. 364 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 403
Licensed Features Section II This section describes optionally licensed Brocade Fabric OS features and includes the following chapters: • Chapter Chapter 23, "Managing Long Distance Fabrics" • Chapter 24, "Using FC-FC Routing to Connect Fabrics" Fabric OS Administrator's Guide 365 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 404
366 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 405
installed on your switch, use the configUpload command before you upgrade or downgrade Fabric OS. Fabric OS includes basic switch and fabric support software, and support for optionally require a license key, yet are still installed on a switch. Fabric OS Administrator's Guide 367 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 406
Backbone. It is chassis-based when applied to a Brocade 6510 switch. • Enables full hardware capabilities on the Brocade 7800 base switch, increasing the number of Fibre Channel ports from four to sixteen and the number of GbE ports from two to six. • Supports up to eight FCIP tunnels instead of two - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 407
Encryption Performance Upgrade Provides additional encryption bandwidth on encryption platforms. For the Brocade Encryption Switch, two Encryption Performance Upgrade licenses can be installed Applies to the Brocade DCX 8510 Backbone family only. Fabric OS Administrator's Guide 369 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 408
ports in Brocade 5100, 5300, 6510, and VA-40FC switches, the Brocade Encryption Switch, or the Brocade DCX, DCX-4S, and DCX 8510 family platforms to be configured as an EX_Port supporting FC-FC routing. • Eliminates the need to add an FR4-18i blade or use the Brocade 7500 for FC-FC routing purposes - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 409
Local switch and any attached switches. See the Fabric Watch Administrator's Guide. FCIP High Performance Extension over FCIP/FC NOTE: Local and attached switches. License is needed on both sides of tunnel. FCIP Trunking Advanced Extension Local and attached switches. Fibre Channel Routing - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 410
license required. N/A OpenSSH public key No license required. N/A Performance monitoring Advanced Performance Monitoring for advanced features. No license required for basic features. Local switch. Port fencing Fabric Watch Local switch. 372 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 411
: The 8 Gbps license is installed by default, and you should not remove it. Local switch 10 Gigabit FCIP/Fibre Channel license is needed to support 10Gb FC ports on FC16-32 blades, FC16-48 blades, and the Brocade 6510, as well as to support the 10Gb Ethernet ports on FX8-24 blades. (See the Ports - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 412
. No license required. N/A Local and any switch you will be managing using Web Tools. N/A Brocade 7800 Upgrade license The Brocade 7800 has four Fibre Channel (FC) ports and two GbE ports active by default. The number of physical ports active on the Brocade 7800 is fixed. There is one upgrade - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 413
Brocade DCX 8510-8 and a DCX 8510-4, as the latter supports half Brocade DCX chassis, without consuming valuable front-end ports. Each Brocade DCX chassis must have the ICL 16-link license installed Brocade DCX 8510-8 and DCX 8510-4 platforms only. Fabric OS Administrator's Guide 375 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 414
The 10 GbE feature on the FX8-24 blade and the 10 Gbps FC feature on the 16 Gbps FC blades are both enabled by the same 10 Gigabit FCIP/Fibre Channel license (10G license). This license can also enable the 10 Gbps FC feature on a Brocade 6510 switch as a chassis-based license. Any unassigned slot - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 415
Gbps access on the 16 Gbps FC ports on the Brocade 6510 switch, and the FC16-32 and FC16-48 port blades. • The two 10-GbE ports on the FX8-24 extension blade. Before the Fabric OS v7.0.0 release, this feature was enabled by the 10-GbE license. Fabric OS Administrator's Guide 377 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 416
Mc-6140 platform. The new FC ports use different protocols and physical connections. Enabling 10 Gbps operation on an FC port To enable 10 Gbps operation on an FC port on a Brocade 6510 switch or an FC16-32 or FC16-48 blade, follow these steps. 378 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 417
6510-switch:admin> licenseshow aTFPNFXGLmABANMGtT4LfSBJSDLWTYD3EFrr4WGAEMBA 10 Gigabit FCIP/Fibre Channel (FTR_10G) license Capacity 1 Consumed 1 6510-switch:admin> portcfgoctetspeedcombo 2 6510-switch:admin> portcfgspeed 2 10 6510-switch:admin> Fabric OS Administrator's Guide 379 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 418
on an FX8-24 blade To enable the 10-GbE ports on an FX8-24 blade, follow these steps. 1. Connect to the Brocade Backbone and log Gigabit FCIP/Fibre Channel (FTR_10G) license Capacity 1 Consumed 1 Configured Blade xge1 -- 10G No_Module FCIP 380 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 419
switch basis. • A universal temporary license can be installed on a switch, but can be applied to multiple switches. The following licenses are available as temporary or universal temporary licenses: • 10 Gigabit FCIP/Fibre Channel -add command. Fabric OS Administrator's Guide 381 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 420
firmware download, or a port or switch should not be installed on a switch until you are ready switch. Universal temporary licenses are always retained in the license database on the product even though they can be explicitly deleted from any user interface. 382 Fabric OS Administrator's Guide - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 421
with the software license keys and installation instructions. Adding a licensed feature To enable a feature, go to the feature's appropriate section in this manual. Enabling a feature on a switch may be a separate task from adding the license. Fabric OS Administrator's Guide 383 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 422
8 Gig FC license DataFort Compatibility license Server Application Optimization license Removing a licensed feature 1. Connect to the switch and log in using an account with admin permissions. 2. Enter the licenseShow command to display the active licenses. 384 Fabric OS Administrator's Guide 53 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 423
Ports on Demand The Brocade models in the following list can be purchased with the number of licensed ports indicated. As your needs increase, you can activate unlicensed ports up to a particular maximum by purchasing and installing the optional Ports on Demand licensed product: • Brocade 300-Can be - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 424
23-25 0-25 POD1: 9-12 and 21-22 POD2: 0, 13-16, and 23 0-23 POD 1: 0-23 N/A 0-35 0-47 24 GbE and 8 FC 24 GbE and 8 FC 0-31 0-39 Ports on Demand is ready to be unlocked in the switch firmware. Its license key may be part of the licensed paperpack supplied with switch software, or you can - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 425
Connect to the switch and log in using an account with admin permissions. 2. Verify the current states of the ports using the portShow command. In the portShow output, the Licensed field indicates whether the port is licensed. 3. Install the Brocade Ports on Demand license. For instructions on how - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 426
:admin> licenseport --show 24 ports are available in this switch Full POD license is installed Dynamic POD method is in use 24 port assignments are provisioned for use in this switch: 12 port assignments are provisioned by the base switch license 388 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 427
switch: 12 port assignments are provisioned by the base switch license 12 port assignments are provisioned by a full POD license 24 ports are assigned to installed licenses: 12 ports are assigned to the base switch license 12 if any are available. Fabric OS Administrator's Guide 389 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 428
the port is licensed until it is manually removed from the POD port set. switch:admin> licenseport --show 24 ports are available in this switch Full POD license is installed Dynamic POD method is in use 24 port assignments are provisioned for use in this switch: 390 Fabric OS Administrator's Guide - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 429
POD license: None Ports not assigned to a license: 0, 7, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20 6. Enter the switchEnable command to bring the switch back online. 7. Enter the switchShow command to verify the switch state is now online. Fabric OS Administrator's Guide 391 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 430
18 Ports on Demand 392 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 431
on the switch for must be installed on both Brocade Backbones, the following features are supported: • Trunking • Buffer-to-buffer credit sharing • QoS NOTE You cannot interconnect a Brocade DCX Backbone family chassis with a Brocade DCX 8510 Backbone family chassis. Fabric OS Administrator's Guide - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 432
user ports. Refer to the hardware reference manuals for details about the port groups. Following are ICL configuration guidelines for trunking bandwidth and High Availability: • ICLs must be installed switches on the chassis and have 16 ICLs in each. NOTE Brocade Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 433
switch are not supported. This is a topology restriction with 16 Gbps ICLs and any ISLs that are E_Ports or VE_Ports. ICL trunking on the Brocade DCX 8510-8 and DCX 8510-4 ICL trunks automatically form on the ICLs if the ISL Trunking license is installed OS Administrator's Guide 395 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 434
XISLs. The "Allow XISL Use" attribute for the switch must be off. • All of the user ports in an ICL cable must be in the same logical switch. Distributing the user ports within the same cable across multiple logical switches is not supported. 396 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 435
of each follows. The illustrations in this section show sample topologies. Refer to the Brocade SAN Scalability Guidelines for details about maximum topology configurations. Mesh topology You can connect the Brocade Backbones in a mesh topology, in which every chassis is connected to every other - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 436
the Brocade DCX 8510-8, each chassis can be either a Brocade DCX 8510-4 or a DCX 8510-8. Each line in Figure 61 represents four QSFP cables. The cabling scheme should follow the parallel example shown in Figure 58. FIGURE 61 64 Gbps ICL core-edge topology 398 Fabric OS Administrator's Guide 53 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 437
End-to-end performance monitoring 401 •Frame monitoring 406 •Top Talker monitors 410 •Trunk monitoring 415 •Saving and restoring monitor configurations Web Tools and Brocade Network Advisor. See the Web Tools Administrator's Guide and Brocade Network Advisor User Manual for information about - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 438
-40FC Brocade 5300 4 3 Each logical switch can have its own set of performance monitors. The installation of monitors is restricted to the ports that are present in the respective logical switch. • Top Talker and EE monitors are supported on the default logical switch, the base switch, and user - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 439
Maximum number of EE monitors The maximum number of end-to-end monitors supported varies depending on the switch model: • The Brocade DCX, DCX-4S, DCX 8510, 5100, 6505, 6510, 8000, VA-40FC, and Brocade Encryption Switch models allow up to 1024 end-to-end monitors shared by all ports in the same ASIC - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 440
20 End-to-end performance monitoring Supported port configurations for EE monitors You can configure EE monitors on F_Ports and, depending on the switch model, on E_Ports. The following platforms support EE monitors on E_Ports: • Brocade 6505 • Brocade 6510 • Brocade DCX 8510 family Identical EE - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 441
field is ignored). The default EE mask value is ff:ff:ff. NOTE Only one mask per port can be set. When you set a mask, all existing end-to-end monitors are deleted. End-to-end masks are supported only on the Brocade 8000, and Brocade Encryption Switch. 1. Connect to the switch and log in using an - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 442
EE mask. The mask is applied to all end-to-end monitors on the port. Individual masks for switch and log in using an account with admin permissions. 2. Enter the perfmonitorshow command. perfmonitorshow --class monitor_class [slotnumber/]portnumber [interval] 404 Fabric OS Administrator's Guide - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 443
for an end-to-end monitor: switch:admin> perfMonitorClear --class EE 1/2 5 End-to-End monitor number 5 counters are cleared switch:admin> perfMonitorClear --class EE 1/2 This will clear ALL EE monitors' counters on port 2, continue? (yes, y, no, n): [no] y Fabric OS Administrator's Guide 405 53 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 444
, 12 202 DCX, DCX-4S, DCX 8510, and Brocade Encryption Switch 1. For switches in Access Gateway mode, the maximum number of offsets per port is 7. 2. For switches in Access Gateway mode, the maximum number of offsets per port is 15. The actual number of frame monitors that can be configured on - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 445
and action options set values and actions for Fabric Watch, but do not apply monitoring. To apply the custom values, use the thconfig --apply command. See the Fabric Watch Administrator's Guide for more information about using this command. Example of creating a user-defined frame type switch:admin - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 446
SCSI frame type monitor to ports 3 through 12, but does not save the port configuration. The second command saves the port configuration persistently. switch:admin> fmmonitor --addmonitor SCSI -port 3-12 -nosave switch:admin> fmmonitor --save SCSI 408 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 447
,0x0; baacc 4,0xff,0x84;12,0xff,0x00;17,0xff,00; This example displays configuration details for the pre-defined SCSI frame monitor. Note that in the last entry, the "-" in the Count column indicates that the monitor is configured, but is not installed on the port. switch:admin> fmmonitor --show - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 448
installed on a port to measure the traffic originating from the port and flowing to different destinations. You can configure Top Talker monitors on F_Ports and, depending on the switch model, on E_Ports. The following platforms support Top Talker monitors on E_Ports: - Brocade 6505 - Brocade 6510 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 449
routing You can enable Top Talker monitors on a platform that is configured to be an FC router. Top Talker monitors and FC routers are concurrently supported on the following platforms: - Brocade 6505 - Brocade 6510 - Brocade DCX 8510 Backbone family, with the following blades only: FC16-32, FC16-48 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 450
• Top Talker is not supported on VE_Ports, EX_Ports, and VEX_Ports. • The maximum number of all port mode Top Talker monitors on an ASIC is 16. If Virtual Fabrics is enabled, the maximum number of all port mode Top Talker monitors on an ASIC is 8. 412 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 451
to the new switch. Displaying the top n bandwidth-using flows on a port (port mode) 1. Connect to the switch and log in using an account with admin permissions. 2. Enter the perfTTmon --show command. perfttmon --show [slotnumber/]port [n] [wwn | pid] Fabric OS Administrator's Guide 413 53-1002446 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 452
0x03f600 0x011300 121.748 3/14,3/15 Deleting a Top Talker monitor on a port (port mode) 1. Connect to the switch and log in using an account with admin permissions. 2. Enter the perfTTmon --delete command. perfttmon --delete [slotnumber/]port 414 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 453
platforms support 12 frame monitors for trunks, except for the Brocade 300, which supports 8 frame monitors for trunks. • For the Brocade 8000, trunk monitoring is supported only on the FC ports and not on the CEE ports. Saving and restoring monitor configurations To prevent the switch configuration - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 454
Advanced Performance Monitoring is deleted when the switch is rebooted. Using the Brocade Network Advisor Enterprise Edition, you can store performance data persistently. For details on this feature, see the Brocade Network Advisor User Manual. 416 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 455
QoS zone-based traffic prioritization over FC routers 431 •Disabling QoS zone-based you to ensure optimized behavior in the SAN. Even under the worst congestion conditions, Chapter 12, "Traffic Isolation Zoning," for more information about this feature. Fabric OS Administrator's Guide 417 53 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 456
from a particular device to the switch port. Ingress rate limiting requires this feature. • Quality of Service (QoS) SID/DID Traffic Prioritization pairs that consume the most bandwidth and can then configure them with certain QoS attributes so they get proper Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 457
enabled, the rate limit configuration on a port is on a per-logical switch basis. That is, if a port is configured to have a certain having a high, medium, or low priority. Fabric OS supports two types of prioritization: • Class Specific Control (CS_CTL)-based Administrator's Guide 419 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 458
73. TABLE 73 Virtual channels assigned to QoS priority for frame prioritization CS_CTL value Priority Number of VCs VCs assigned 1 - 8 9 - 16 17 - 24 High priority 4 Medium priority 4 Low priority 2 10, 11, 12, 13 2, 3, 4, 5 8, 9 420 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 459
prioritization 21 Supported configurations for CS_CTL-based frame prioritization • CS_CTL-based frame prioritization is supported on all 8-Gbps and 16-Gbps platforms. • All switches in the fabric should be running Fabric OS v6.0.0 or later. NOTE If a switch is running a firmware version earlier - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 460
by default on long-distance 8 Gbps and 16 Gbps ports. The following procedure does not apply to these ports. 1. Connect to the switch and log in using an account with admin permissions. 2. Display the ISL information using the following command: islshow 422 Fabric OS Administrator's Guide 53 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 461
is automatically enabled by default, ON if QoS is enabled manually, and OFF or ".." if QoS is disabled. 5. Manually disable QoS on all 64.000G TRUNK 4: 24-> 12 10:00:00:05:1e:41:42:ad 30 B5300 sp: 8.000G bw: 16.000G TRUNK switch:admin> portcfgshow (output Administrator's Guide 423 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 462
to VCs 8 and 9. The id is optional; if it is not specified, the virtual channels are allocated using a round-robin scheme. FC routers" on page 426 for additional considerations when using QoS to prioritize traffic between device pairs in different edge fabrics. 424 Fabric OS Administrator's Guide - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 463
. For example, in Figure 67, QoS should be enabled on the encircled E_Ports. NOTE By default, QoS is enabled on 8 Gbps ports, except for long-distance 8 Gbps ports. QoS is disabled by default on all 4 Gbps ports and long-distance 8 Gbps ports. Fabric OS Administrator's Guide 425 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 464
prioritization over FC routers" on page 431 for detailed instructions. Following are requirements for establishing QoS over FCR: • QoS over FC routers is supported in Brocade native mode only. It is not supported in interopmode 2 or interopmode 3. 426 Fabric OS Administrator's Guide 53-1002446 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 465
21 QoS zones • QoS over FC routers is supported for the following configurations: - Edge-to-edge fabric configuration: supported on all platforms. - Backbone-to-edge fabric configuration: supported on 16-Gbps-capable platforms only (Brocade 6510 and Brocade DCX 8510 family), and only if the setup - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 466
Note the following configuration rules for traffic prioritization: • All switches in the fabric must be running Fabric OS v6.0.0 or later. ATTENTION If QoS traffic crosses an ISL for a switch running a firmware version earlier than Fabric OS v6.0.0, the frames are dropped. • By default, all devices - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 467
zones using D,I notation are not supported for QoS over FCR. • QoS to the switch and log optional; if it is not specified, the virtual channels are allocated using a round-robin scheme. 3. Enter the cfgAdd command to add the QoS zone to the zone configuration Administrator's Guide 429 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 468
in localized disruption to traffic on ports associated with the traffic isolation zone changes Do you want to enable 'cfg1' configuration (yes, y, no, n): [no] y zone config "cfg1" is in effect Updating flash ... sw0:admin> portcfgqos --enable 3 430 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 469
prioritization 1. Connect to the switch and log in using an account with admin permissions. 2. Enter the cfgRemove command to remove the QoS zones from the current zone configuration. 3. Enter the portCfgQos command to disable QoS on the E_Ports. Fabric OS Administrator's Guide 431 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 470
21 Disabling QoS zone-based traffic prioritization 432 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 471
of links. The Trunking license is required for any type of trunking, and must be installed on each switch that participates in trunking. For details on obtaining and installing licensed features, see Chapter 18, "Administering Licensing". Fabric OS Administrator's Guide 433 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 472
trunking is configured on an inter-fabric link (IFL) between an FC router ( switch). For more information, see "Configuring F_Port trunking for Brocade adapters" on page 448, the Access Gateway Administrator's Guide, and the Brocade Adapters Administrators Guide for more information about configuring - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 473
groups must be between Brocade switches (or Brocade adapters, in the case of F_Port trunking). Brocade trunking is proprietary and not supported on M-EOS or third-party switches. • There must be a direct connection between participating switches. Fabric OS Administrator's Guide 435 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 474
is supported on the FC ports of all Brocade platforms and blades supported in Fabric OS v7.0.0. EX_Port trunking is supported only on those platforms that support EX_Ports. See "Supported platforms for FC-FC routing" on page 466 for more information. 436 Fabric OS Administrator's Guide 53 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 475
After you install the Trunking license, you must re-initialize the ports that are to be used in trunk groups so that they recognize that trunking is enabled. This procedure needs to be performed only one time, and is required for all types of trunking. Fabric OS Administrator's Guide 437 53 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 476
Gateway" on page 447 or "Configuring F_Port trunking for Brocade adapters" on page 448 for information. Enabling trunking on a port or switch You can enable trunking for a single port or for an entire switch. Since trunking is automatically enabled when you install the Trunking license, you need to - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 477
4.00Gbps, Throughput 1.66Gbps (48.45%) Rx: Bandwidth 4.00Gbps, Throughput 1.67Gbps (48.48%) Tx+Rx: Bandwidth 8.00Gbps, Throughput 3.33Gbps (48.46%) 4: 12->892 10:00:00:05:1e:46:42:01 3 deskew 15 MASTER 13->893 10:00:00:05:1e:46:42:01 3 deskew 15 Fabric OS Administrator's Guide 439 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 478
you do regular E_Ports. EX_Port trunking support is designed to provide the best utilization and balance of frames transmitted on each link between the FC router and the edge fabric. You should trunk all ports connected to the same edge fabrics. 440 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 479
supported only with Brocade edge fabrics. You can use EX_Port frame trunking in the following configurations and cases: • For ports with speeds of 2 Gbps up to a maximum speed of 16 Gbps and trunking over long distance. • In the edge fabric, when the FC router is connected to a switch that supports - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 480
older FC routers and all previously supported Brocade switches in the backbone fabric or Brocade edge fabric. Configuring EX_Port trunking With EX_Port trunking, you use the same CLI commands as you do for E_Port trunking. See "Configuring trunk groups" on page 437 for instructions. Displaying - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 481
mode without F_Port masterless trunking. Figure 71 shows a switch in AG mode with F_Port masterless trunking. FIGURE 70 Switch in Access Gateway mode without F_Port trunking FIGURE 71 Switch in Access Gateway mode with F_Port masterless trunking Fabric OS Administrator's Guide 443 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 482
, refer to the Access Gateway Administrator's Guide for additional requirements that are specific to F_Port trunking on an Access Gateway. F_Port trunking for Brocade adapters You can configure trunking between the F_Ports on an edge switch and the Brocade adapters. In addition to the requirements - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 483
cannot be assigned a Trunk Area. FICON FICON is not supported on F_Port trunk ports. However, FICON can still run on ports that are not F_Port trunked within the same switch. HA Sync If you plug in a standby CP with a firmware version earlier than Fabric OS v6.2.0 and a Trunk Area is present - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 484
77 on page 446. Supported. Routing will route against the switch. For example, the same AD1 and AD2 with TA 8 holds true. If you remove port 9 from the TA, it adds Index 9 back to the switch. That means port 3,9 can be seen by AD1 along with 3,8; 4,13 and 4,14. 446 Fabric OS Administrator's Guide - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 485
an 8-bit area address that remains persistent. After F_Port trunking configurations are removed from a port in a logical switch, that port returns to the default 10-bit area address model, which supports up to 1024 F_Ports in a logical switch. NOTE Because the DCX and DCX 8510-8 platforms have - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 486
in the TA. Configuring F_Port trunking for Brocade adapters F_Port trunking for Brocade adapters requires configuration on the FC switch as well as on the Brocade HBAs. This section describes the configuration steps you do on the switch. See the Brocade Adapters Administrator's Guide for a detailed - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 487
Tx+Rx: Bandwidth 32.00Gbps, Throughput 3.24Gbps (11.80%) Disabling F_Port trunking 1. Connect to the switch and log in using an account assigned to the admin role. 2. Enter the portDisable command to disable the the DCC policy on the trunk ports. Fabric OS Administrator's Guide 449 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 488
from becoming disabled in the case where there is a DCC security policy violation. You can configure authentication on all Brocade trunking configurations. For more information on authentication, see Chapter 7, "Configuring Security Policies". 450 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 489
•Buffer credit management 455 •Buffer credit recovery 463 Long distance fabrics overview The most effective configuration for implementing long-distance SAN fabrics is to deploy Fibre Channel switches at each location in the SAN. Each switch handles local interconnectivity and multiplexes traffic - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 490
port. Changes made by this command are persistent across switch reboots and power cycles. This command supports the following long-distance link modes: • Static Mode (LO) - L0 is the normal (default) mode for an E_Port. It configures the E_Port as a standard (not long distance) ISL. A total - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 491
equal. For information on trunking concepts and configurations, refer to Chapter 22, "Managing Trunking Connections". • Only qualified Brocade SFPs are used. Only Brocade-branded or certain Brocade-qualified SFPs are supported. 1. Connect to the switch and log in using an account assigned to - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 492
credit recovery enabled. 1. Connect to the switch and log in using an account assigned to the admin role. 2. Disable QoS. switch:admin> portcfgqos --disable [slot/]port If you do not disable QoS, after the second or third Link Reset (LR), ARBS display. 454 Fabric OS Administrator's Guide 53 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 493
Class 3 service and rely on the Fibre Channel Receiver-Ready (R_RDY) control word to be sent by the receiving link port to the sender. The rate of frame transmission is regulated by the receiving port based on the availability of buffers to hold received frames. Fabric OS Administrator's Guide 455 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 494
sent by the receiver at the other end. As the distance between switches and the link speed increases, additional buffer calculating how many ports can be configured for long distance on all Fabric OS v7.x-capable switch modules: • Each port is part 456 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 495
the smaller of the distance measured during port initialization versus the desired_distance parameter, which is required when a port is configured as an LD or an LS mode link. It is best practice to use LS over LD. The assumption of Fibre Channel Fabric OS Administrator's Guide 457 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 496
user ports in a port group, and the unreserved buffer credits available per port group. The values reflect an estimate, and may differ from the supported values in Table 80. 1. Determine the desired distance in kilometers of the switch-to-switch Fabric Services, Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 497
-distance connection. This example uses 8 Gbps. 3. Look up the data_rate value for the speed of the connection. See "Fibre Channel gigabit values reference definition" on page 457 to determine the data_rate value. For 8 Gbps, the data_rate is 8.5 Fabric OS Administrator's Guide 459 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 498
the admin role. 2. Enter the portCfgFPortBuffers command. switch:admin> portcfgfportbuffers --enable 2/44 12 To disable the port buffer configuration and return to the default buffer allocation: switch:admin> portcfgfportbuffers --disable 2/44 NOTE The configured number of buffers for the given port - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 499
1692 5300 80 16 292 5410 12 12 580 5424 24 24 484 5450 26 26 468 5480 24 24 484 6505 24 24 7424 6510 48 48 6752 7800 16 16 408 8000 *** Extended Fabrics is not supported on this switch *** VA-40FC 40 40 1692 Brocade Encryption Switch 32 16 1392 FC8-16 16 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 500
988 6510 7712 3856 1928 1542 964 7800 410 205 102 N/A N/A 8000 *** Extended Fabrics is not supported on this switch *** VA-40FC 1694 847 423 N/A N/A Brocade Encryption Switch 1392 696 348 N/A N/A FC8-16 1294 647 323 N/A N/A FC8-32 1294 647 323 N/A N/A FC8-32E - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 501
attempt is initiated. During link reset, the frame and credit loss counters are reset without performance degradation. This feature is only supported on E_Ports that are configured for long distance and are connected between the following switch or blade models: • Brocade 300, 5100, 5300, 5410, 5424 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 502
23 Buffer credit recovery 464 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 503
to xlate domains 505 FC-FC routing overview The FC-FC routing service provides Fibre Channel routing between two or more fabrics without merging those fabrics. For example, using FC-FC routing, you can share tape drives across multiple fabrics without the administrative problems, such as change - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 504
Encryption Switch For the Brocade Backbone families, note the following restrictions: • EX_Ports and VEX_Ports are supported only on the FX8-24 DCX Extension Blade, and the 8-Gbps and 16-Gbps port blades. Ports on the core blade cannot be configured as EX_Ports. 466 Fabric OS Administrator's Guide - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 505
same chassis as the FX8-24 blade. • The Backbones have a limit of 128 EX_Ports for each chassis. Refer to the Network OS Administrator's Guide for supported Network OS platforms. Supported configurations for FC-FC routing FC-FC routing supports the following configurations: • FC router connected to - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 506
similarly to an E_Port and VE_Port respectively, but terminate at the switch and do not propagate fabric services or routing topology information from one edge fabric to another. Refer to the Fibre Channel over IP Administrator's Guide for details about VE_Ports. • Edge fabric An edge fabric is - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 507
ID (PID) of the proxy device. The proxy device appears to the fabric as a real Fibre Channel device, has a name server entry, and is assigned a valid port ID. The port ID is relevant only on the fabric in which the proxy device has been created. Fabric OS Administrator's Guide 469 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 508
SANs interconnected with Fibre Channel routers. A simple metaSAN can be constructed using an FC router to connect two or more separate fabrics. Additional FC Edge SAN 1 connected to storage in Edge SAN 2 through a backbone fabric connecting two FC routers. 470 Fabric OS Administrator's Guide 53- - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 509
responds by sending frames to the proxy host. Hosts and targets are exported from the edge SAN to which they are attached and, correspondingly, imported into the edge SAN reached through Fibre Channel routing. Figure 75 illustrates this concept. Fabric OS Administrator's Guide 471 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 510
24 Fibre Channel routing concepts Host Proxy host (imported device) Proxy target (imported device) Fabric 1 EX_Port Target E_Port IFL Fabric 2 E_Port IFL FC router FIGURE 75 MetaSAN with imported devices FC-FC routing topologies The FC-FC routing service provides two types of routing: • Edge- - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 511
Channel routing concepts 24 Phantom domains A phantom domain is a domain created by the Fibre Channel router. The FC router creates two types of phantom domains: front phantom domains and translate phantom domains. A front phantom domain, or front domain, is a domain that is projected from the FC - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 512
24 Fibre Channel routing concepts Host 1 Fabric 1 Front domain 1 (FC router 1) Xlate domain 1 (Fabric 2) Front domain 2 (FC router 2) Xlate domain 2 (Fabric 3) Target 1' Target 2' Target 3' FIGURE 77 EX_Port phantom switch the fabric. 474 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 513
Fibre Channel SANs over IP-based networks. (Refer to "FCIP tunnel configuration" on page 478.) 4. Configure IFLs for edge and backbone fabric connection. (Refer to "Inter-fabric link configuration" on page 478.) 5. Modify port cost for EX_Ports, if you want to change from the default settings - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 514
to a Brocade Network OS fabric. 4. Verify that the Fabric-Wide Consistency Policy is not in "strict" mode by issuing the fddCfg --showall command. When it is in strict mode, ACL cannot support Fibre Channel routing in the fabric. switch:admin> fddcfg --showall Local Switch Configuration for all - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 515
in the backbone fabric. Rather, the backbone fabric administrator is responsible for making sure that all switches in the backbone have the same fabric ID. Because fabric IDs are used heavily by the routing protocol between the Fibre Channel routers, using the wrong fabric ID can affect both - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 516
--enable fcr FC Router service is enabled switch:admin> switchenable FCIP tunnel configuration The optional Fibre Channel over IP (FCIP) Tunneling Service enables you to use "tunnels" to connect instances of Fibre Channel SANs over IP-based networks to transport all Fibre Channel ISL and IFL - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 517
OS Command Reference. A Fibre Channel router can interconnect multiple fabrics. EX_Ports or VEX_Ports attached to more than one edge fabric must configure a different fabric ID for each edge fabric. 3. (Optional) Configure FC router port cost if you want to change the default values. For information - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 518
6. Physically attach ISLs from the Fibre Channel router to the edge fabric. 7. Enter the portCfgShow command to view ports that are persistently disabled. FC ports on the Brocade 7800 switches and FX8-24 blades are configured as persistently disabled by default, to avoid inadvertent fabric merges - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 519
configuration 24 State: NOT OK Pid format: Not Applicable Operate mode: Brocade primary wwn: N/A Edge fabric's version stamp: N/A switch:admin_06> portshow 7/10 portName: 0 Invalid_crc: 0 Delim_err: 0 Address_err: 0 Frjt : Fbsy : Fabric OS Administrator's Guide 53-1002446-01 0 0 481 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 520
Switch Info (WWN, enet IP, name 4 95 10:00:00:05:1e:37:00:45 10.32.156.31 "Brocade 5300" 5 95 10:00:00:05:1e:37:00:45 10.32.156.31 "Brocade 5300" 6 95 10:00:00:05:1e:37:00:45 10.32.156.31 "Brocade 5300" FC router port cost configuration The FC - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 521
port cost configuration 24 Every IFL has a default cost. The default router port cost values are: • 1000 for a legacy (v5.1 or XPath FCR) IFL • 1000 for an EX_Port IFL • 10,000 for a VEX_Port IFL The FC router port cost settings are 0, 1000, or 10,000. If the cost is set to 0, the default cost - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 522
to enable the ports that you disabled in step 1. switch:admin> portenable 7/10 EX_Port frame trunking configuration You can configure EX_Ports to use frame-based trunking just as you do regular E_Ports. EX_Port frame trunking support is designed to provide the best utilization and balance of - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 523
performance reasons, Brocade recommends that you do not configure LSANs for device sharing between Fabric OS fabrics until after you activate the Integrated Routing license. Use of Admin Domains with LSAN zones and FC-FC routing You can create LSAN zones as a physical fabric administrator or as an - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 524
24 LSAN zone configuration sensitive; for example, lsan_ is equivalent to LSAN_, Lsan_, and (and optionally on the SANs are under separate administrative control, then separate administrators FC router using an EX_Port or VEX_Port. • Switch2 is connected to the FC Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 525
zone configuration 24 switch:admin switch:admin> zonecreate "lsan_zone_fabric2", "10:00:00:00:c9:2b:c9:0c;50:05:07:61:00:5b:62:ed;50:05:07:61:00:49:20:b4" 9. Enter the cfgShow command to verify that the zones are correct. switch:admin> cfgshow Defined configuration: Fabric OS Administrator's Guide - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 526
configuration (yes, y, no, n): [no] y zone config "zone_cfg" is in effect Updating flash ... 11. Log in as an admin and connect to the FC router. 12. Enter the following commands to display information about the LSANs: • lsanZoneShow -s shows the LSAN. switch Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 527
of LSAN zones, or LSAN count, that can be configured on the edge fabrics. By default, the maximum LSAN count is set to 3000. You can increase the maximum LSAN count to 5000 without disabling the switch. The maximum number of LSAN devices supported is 10,000 (this includes both physical and proxy - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 528
example, the tag "abc" is equivalent to "ABC" and "Abc". If you specify "abc", "xyz", and "fab1" as Enforce tags, then the FC router accepts only those LSAN zones the FC router, and then configure the LSANs in the target edge fabrics with the tag. 490 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 529
on the FC router, and not on the edge switches. If Virtual Fabrics is enabled, you configure the tags on the base switch on which the EX_Ports and VEX_Ports are located. You then must ensure that the LSAN zones in the edge fabrics incorporate the tags correctly. Fabric OS Administrator's Guide 491 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 530
on an FC router is eight. • Up to 500 Speed LSAN tags are supported. Configuring an Enforce LSAN tag 1. Log in to the FC router as admin. 2. Enter the following command to disable the FC router: -speed fasttag2 LSAN tag set successfully 492 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 531
optional, advanced feature that increases the scalability envelope for very large metaSANs. NOTE LSAN zone binding is supported only on FC routers with Fabric OS v5.3.0 and later. The FC router matrix feature is supported only on FC routers with Fabric OS v6.1.0 and later. Fabric OS Administrator - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 532
access its local edge fabrics. The LSAN zone limit supported in the backbone fabric is not limited by the capability of one FC router. In addition, due to the lower LSAN count, the CPU consumption by the FC router is lower. If you configure the metaSAN such that the backbone fabric has two groups - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 533
FC routers running a Fabric OS version earlier than 6.1.0: • The matrix database is not automatically distributed from this FC router to other FC routers. • You must manually configure the LSAN fabric matrix on these FC routers to match the other FC Fabric OS Administrator's Guide 495 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 534
24 LSAN zone configuration FC router matrix definition Depending on the structure of the backbone fabric, you can specify pairs of FC routers that can access each other. For the metaSAN shown in Figure 79, the following FC routers can access each other: • FC router 1 and FC router 2 • FC router 3 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 535
fcrlsanmatrix --fabricview -fcr SAVED FCR PAIRS FCR FCR 10:00:00:60:69:c3:12:b2 (2) 10:00:00:60:69:c3:12:b3 (unknown) FCR:Admin> fcrlsanmatrix --fabricview -lsan LSAN MATRIX is activated Fabric ID Fabric ID 4 5 4 7 10 19 Fabric OS Administrator's Guide 497 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 536
translate domain. Fabric parameter considerations By default, EX_Ports and VEX_Ports detect, autonegotiate, and configure the fabric parameters without user intervention. You can optionally configure these parameters manually. • To change the fabric parameters on a switch in the edge fabric, use the - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 537
fabrics. NOTE Broadcast frame forwarding is not supported in an FCR fabric with a Brocade 8000. By default, broadcast frame forwarding is disabled on an FC router. If your edge fabric includes a Brocade 8000, do not enable broadcast frame forwarding on the FC router, because this can degrade FCR - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 538
24 Resource monitoring Resource monitoring It is possible to exhaust resources, such as proxy PIDs. Whenever a resource is exhausted, Fabric OS generates an error message. The messages are described in the Fabric OS Message Reference. You can monitor FC default Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 539
23 on page 217. ATTENTION If you connect an EX_Port or VEX_Port from an FC router running Fabric OS v6.1.x or earlier to a logical switch that allows XISL use, the EX_Port or VEX_Port is not disabled; however, this configuration is not supported. Fabric OS Administrator's Guide 501 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 540
configure the FID. • Although the Brocade 6510 supports up to four logical switches, if you are using FC-FC routing, the Brocade 6510 can have a maximum of only three logical switches. Logical switch configuration for FC in the other fabrics. 502 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 541
Backbone-to-edge routing is not supported in the base switch, unless you use a legacy FC router. A legacy FC router is an FC router configured on a Brocade 7500 switch or an FR4-18i blade. Base switches can participate in a backbone fabric with legacy FC routers. You cannot connect devices to - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 542
continue to be supported on this blade, however. Brocade recommends that you save your FC-FC routing configuration (using the configUpload command) before performing any downgrades. For further instructions on downgrading, refer to Chapter 9, "Installing and Maintaining Firmware". How replacing port - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 543
24 Displaying the range of output ports connected to xlate domains The edge fabric detects only one front domain from an FC xlate domains. 1. Log in to a switch in the edge fabric. 2. Enter the port = 2, cost = 10000, costCnt = 0, type = 1 Fabric OS Administrator's Guide 505 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 544
24 Displaying the range of output ports connected to xlate domains 506 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 545
supported as backbone fabrics. The Fibre Channel routing feature for M-EOS interoperability is not a licensed feature. Release Compatibility Table 82 on page 508 outlines which releases of Fabric OS remain compatible with which releases of M-EOS, when connected by FC router. Fabric OS Administrator - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 546
and M-EOSn interoperability compatibility matrix1 Fabric OS Versions of M-EOSn (MCDATA Mi10K) v9.2.0 v9 supported. 2. In Fabric OS v7.0.0 and later, interoperation with M-EOS can be done only using FC Router with the M-EOS fabric connected through an EX_Port. 508 Fabric OS Administrator's Guide - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 547
M-EOSc switches. For M-EOSc switches, if you set a front domain ID that is not within the valid range for M-EOS, then in Fibre Channel routing, a daemon internally requests a valid M-EOS domain ID. Unless you change the front domain ID, there is no impact. Fabric OS Administrator's Guide 509 53 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 548
McDATA Fabric mode using Fibre Channel Routing as discussed in Chapter 24, "Using FC-FC Routing to Connect Fabrics". If the mode is not configured correctly, the port is disabled because of incompatibility. To allow interconnectivity with M-EOS SANs, use the -m option of the portCfgEXPort command - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 549
how to connect an EX_Port of an FC router to a Native McDATA fabric configured in Fabric mode. NOTE For additional information on configuring the FC router, refer to Chapter 24, "Using FC-FC Routing to Connect Fabrics". 1. To verify the Native McDATA firmware version, use the M-EOSc show system - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 550
configuration" on page 485. The FC router can support up to 2048 zones when connected to an M-EOS v9.9 switch. NOTE For more explanation on any of the steps in the following procedure, refer to the Zoning User Manual online at http://www.brocade . 512 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 551
EOS switch and the FC router, complete the configuration by performing the following steps: 1. Physically connect the EX_Port that you configured for the Fabric OS switch to the FC router. 2. Log in to the Fabric OS switch making sure you have admin permissions. Fabric OS Administrator's Guide 513 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 552
configured FC router EX_Port to the M-EOS switch, and issue the switchShow command on the Brocade FC router. New domains should be visible for each IFL (front domain) that connects the Fabric OS switch to the FC switches: Switch Other AD: No Switch entry for 3 Other AD: No Switch entry for 4 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 553
:00:01:00:00 zone:lsan_test 50:06:01:60:38:e0:0b:a4 10:00:00:00:c9:44:54:04 7. Log into the FC router and run the lsanZoneShow -s command to verify that the designated FIDs and devices are shared among LSANs. Fabric OS Administrator's Guide 515 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 554
A Fabric configurations for interconnectivity 516 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 555
FC 269 3 13 3 ------ -- 16G No_Module FC 270 3 14 3 ------ -- 16G No_Module FC 271 3 15 3 ------ -- 16G No_Module FC 736 3 16 4 ------ -- 16G No_Module FC 737 3 17 4 ------ -- 16G No_Module FC 738 3 18 4 ------ -- 16G No_Module FC Fabric OS Administrator's Guide - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 556
No, Default Switch: Yes, Address Mode 0] Index Slot Port Address Media Speed State Proto 0 1 0 500000 -- N16 No_Module FC 1 1 1 500100 -- N16 No_Module FC 2 1 2 500200 -- N16 No_Module FC (output truncated) Example of port index mapping on an FC8-64 blade on a Brocade DCX - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 557
an FX8-24 application blade on the Brocade DCX 8510-8 Backbone. The assignment of port index numbers to PIDs will vary depending on blade type, platform type, and slot number. switch:FID128:admin> switchshow -slot 10 switchName: my8510-8 (output truncated) Slot Blade Type ID Model Name Status - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 558
-- N8 No_Module FC 17 2 1 501100 -- N8 No_Module FC 18 2 2 501200 -- N8 No_Module FC 19 2 3 501300 -- N8 No_Module FC 20 2 4 501400 -- N8 No_Module FC (output truncated) 31 2 15 501f00 id N4 No_Light FC 520 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 559
As part of FIPS 140-2 level 2, compliance passwords, shared secrets, and the private keys used in SSL, TLS, and system login need to be cleared out or zeroized. Before enabling FIPS compliance mode, a power-on self test (POST) is executed when the switch is powered on to check for the consistency of - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 560
command is used with the --remove --all option, then the entire key database is deleted. The passwdDefault command removes user-defined accounts in addition to default passwords for the root, admin, and user default accounts. However, only the root account has permissions for this command - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 561
Troubleshooting and Diagnostics Guide for instructions on how to recover if your system cannot get out of the conditional test mode. FIPS mode configuration By default, the switch protocols PEAP-MSCHAPv2 Root account Disabled Signed firmware Mandatory firmware signature validation SNMP SSH - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 562
Enter Name Server IP address in dot notation: [] 123.123.123.124 DNS parameters saved successfully Enter option 1 Display Domain Name Service (DNS) configuration 2 Set DNS configuration 3 Remove DNS configuration 4 Quit Select an item: (1..4) [4] 4 524 Fabric OS Administrator's Guide 53-1002446 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 563
Service: Switch database 4. Set up LDAP according to the instructions in "LDAP configuration and Microsoft Active Directory" on page 109, and then perform the following additional Microsoft Active Directory settings a. To support Directory. Fabric OS Administrator's Guide 525 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 564
[ftp or scp]: scp Enter IP address: 192.168.38.206 Enter remote directory: /users/aUser/certs Enter Login Name: aUser Enter LDAP certificate name (must have ".pem" suffix): swLdapca.pem Password: Success: exported LDAP certificate 526 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 565
DSA keys. • Optional: Configure the RADIUS server or the LDAP server. • Optional: Configure any authentication protocols. • For LDAP only: Install an SSL certificate on . • Disable the Boot PROM access. • Configure the switch for signed firmware. Fabric OS Administrator's Guide 527 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 566
to use only PEAP-MS-CHAPv2. Note that among the Windows RADIUS servers supported, only Windows 2000- and Windows 2003-based RADIUS servers may be used in a FIPS-compliant configuration. • If the switch is set for LDAP, refer to the instructions in "Setting up LDAP for FIPS mode" on page 524 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 567
to the following prompts to enable signed firmware: • System services: No • cfgload attributes: Yes • Enforce secure config Upload/Download: Press Enter to accept the default • Enforce firmware signature validation: Yes Example switch:admin> configure Not all options will be available on an enabled - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 568
Reboot the switch. Displaying FIPS configuration 1. Log in to the switch using an account with admin or securityadmin permissions, or a user account with the O permission for the FCIPCfg RBAC class of commands. 2. Enter the fipsCfg --showall command. 530 Fabric OS Administrator's Guide 53-1002446 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 569
3 bytes, is called a hex triplet. Fibre Channel uses hexadecimal notation in hex triplets to specify well the PID (610600 - bolded) in the nsShow output is in hexadecimal. switch:admin> nsshow { Type Pid COS PortName NodeName TTL(sec) N 610600; Administrator's Guide 531 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 570
03 04 05 06 07 08 09 0a Decimal 11 12 13 14 15 16 17 18 19 20 Hex 0b 0c 0d 0e 0f 10 11 12 13 14 Decimal 21 22 23 24 25 26 27 28 29 30 Hex 15 16 17 178 179 180 Hex ab ac ad ae af b0 b1 b2 b3 b4 532 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 571
245 246 247 248 249 250 Hex f1 f2 f3 f4 f5 f6 f7 f8 f9 fa Decimal 251 252 253 254 255 Hex fb fc fd fe ff Fabric OS Administrator's Guide 533 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 572
D Hexadecimal overview 534 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 573
password rules, 87 user-defined, 85 activating Admin Domains, 350 POD, 387 ports on demand, 385 TI zones, 289 AD0, 340 AD255, 341 Adaptive Networking, 417 Fabric OS Administrator's Guide 53-1002446-01 adding a new switch or fabric to a zone, 263 Admin Domain members, 351 alias members, 247 end-to - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 574
121 certificates browser, configuring, 123 CSR, certificate signing request, 122 HTTPS, 116 installing, 123 obtaining, 123 private key, 121 public key, 121 root, 121 root, configuring, 124 security, 116 SSH, 116 SSL, 116, 120, 121, 151 switch, 121, 151 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 575
351 TI zones, 289 default IP Policy Rules, 158 logical switch, 212 zone mode, 252, 346 defined AD configuration, 346 zone configuration, 242 deleting accounts, 87 Admin Domains, 353, 354 alias, 248 end-to-end monitors, 404 frame monitors, 408 logical switches, 230 RADIUS configuration, 112 TI zones - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 576
120 encryption, in-flight, 309 538 end-to-end monitors deleting, 404 restoring configuration, 415 saving configuration, 415 setting a mask, 403 end-to-end performance monitoring, 401 enforce LSAN tag, 490 equipment status, 54 events date and time, 25 EX_Port, 500, 511 EX_Ports, 12 extended fabrics - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 577
FIPS, 526 installing a root certificate to the Java plug-in, 124 Integrated Routing, 466 interfabric link, see IFL Internet Explorer and SSL support, 120 interswitch link, 34 inter-switch link (ISL), 66 IP Filter supported services, 156 IP-NAT, 65 Fabric OS Administrator's Guide 539 53-1002446 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 578
Fabric OS SANs, 507 merging zones, 254 MIB, 125 modifying TI zones, 288 zoning configurations, 254 modifying the FCS policy, 135 monitoring end-to-end performance, 401 trunks, 415 monitors clearing counters, 405 Mozilla Firefox and SSL support, 120 540 Fabric OS Administrator's Guide 53-1002446 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 579
), 120 platforms, FC routing supported, 466 PLOGI, 12 POD activating, 387 enabling ports, 42 policies, routing, 63 policy members, identifying, 132 password expiration, 91 password strength, 89 port, 42 activating POD, 387 enabling, 42 port index, 517 Fabric OS Administrator's Guide 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 580
changing passwords, 19 default zone mode, 346 mask for end-to-end monitors, 403 password, boot PROM, 93 security level, 127 switch date and time, 25 the IP address, 22 time zone, 27 time zones, 26 traffic prioritization, 429 traffic prioritization over FC routers, 431 setting chassis configurations - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 581
support FC router, 142 Java version, 120 SNMPv3 and v1, 125 SW-EXTTRAP, 126 switch access methods, Web Tools, 15 certificates, installing, 123 certificates, installing for FIPS, 526 configuring, 111 deleting RADIUS configuration, 112 disabling port, 42 displaying RADIUS configuration, 113 name - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 582
ISLs (LISL), 219 logical switch configuration, displaying, 231 logical switch to base switch change, 232 logical switches, about, 212 logical switches, creating, 227 logical switches, deleting, 230 overview, 211 platform services, 5 ports, moving, 230 restrictions, 224 supported platforms, 222 with - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 583
zone configurations creating, 255 deleting, 257 disabling, 257 enabling, 256 removing, 256 zone database and Admin Domains, 362 zone, broadcast, 244 zones QoS zones, 424 TI zones, 269 Fabric OS Administrator's Guide 545 53-1002446-01 - HP StorageWorks EVA4400 | Brocade Fabric OS Administrator's Guide - Supporting F - Page 584
546 Fabric OS Administrator's Guide 53-1002446-01
53-1002446-01
15 December 2011
®
Fabric OS
Administrator’s Guide
Supporting Fabric OS v7.0.1