Section |
Page |
Brocade Fabric OS Administration Guide, 8.0.1 |
1 |
Preface |
19 |
Document conventions |
19 |
Text formatting conventions |
19 |
Command syntax conventions |
19 |
Notes, cautions, and warnings |
20 |
Brocade resources |
20 |
Contacting Brocade Technical Support |
20 |
Brocade customers |
20 |
Brocade OEM customers |
21 |
Document feedback |
21 |
About This Document |
23 |
Supported hardware and software |
23 |
Brocade Gen 5 (16-Gbps) fixed-port Switches |
23 |
Brocade Gen 5 (16-Gbps) DCX 8510 Directors |
23 |
Brocade Gen 6 fixed-port Switches |
23 |
Brocade Gen 6 Directors |
24 |
What's new in this document for 8.0.1 |
24 |
Understanding Fibre Channel Services |
25 |
Fibre Channel services overview |
25 |
Management server |
26 |
Platform services |
26 |
Platform services and Virtual Fabrics |
26 |
Enabling platform services |
27 |
Disabling platform services |
27 |
Management server database |
27 |
Displaying the management server ACL |
27 |
Adding a member to the ACL |
28 |
Deleting a member from the ACL |
29 |
Viewing the contents of the management server database |
30 |
Clearing the management server database |
30 |
Topology discovery |
31 |
Displaying topology discovery status |
31 |
Enabling topology discovery |
31 |
Disabling topology discovery |
31 |
Device login |
32 |
Principal switch |
32 |
E_Port login process |
33 |
Fabric login process |
33 |
Port login process |
33 |
RSCNs |
33 |
Duplicate Port World Wide Name |
34 |
Device recovery |
34 |
High availability of daemon processes |
34 |
FL_Port and arbitrated loop support |
35 |
Performing Basic Configuration Tasks |
37 |
Fabric OS overview |
37 |
Fabric OS command line interface |
37 |
Console sessions using the serial port |
38 |
Connecting to Fabric OS through the serial port |
38 |
Telnet or SSH sessions |
38 |
Rules for Telnet connections |
39 |
Connecting to Fabric OS using Telnet |
39 |
Getting help on a command |
40 |
Viewing a history of command line entries |
41 |
cliHistory |
41 |
cliHistory --show |
42 |
cliHistory --showuser username |
42 |
cliHistory --showall |
42 |
cliHistory --help |
42 |
Notes |
43 |
Using fosexec to run commands on remote switches or domains |
43 |
Password modification |
45 |
Default account passwords |
46 |
Changing the default account passwords at login |
46 |
The switch Ethernet interface |
46 |
Brocade Directors |
46 |
Brocade switches |
47 |
Virtual Fabrics and the Ethernet interface |
47 |
Management Ethernet port bonding |
47 |
Supported Brocade Backbones and Directors |
48 |
Setting up the second Ethernet port on a CP8 blade |
48 |
Displaying the network interface settings |
48 |
Resetting the management network interface error counters |
49 |
Static Ethernet addresses |
49 |
Setting the static addresses for the Ethernet network interface |
50 |
Setting the static addresses for the chassis management IP interface |
50 |
DHCP activation |
51 |
Notes on DHCP |
51 |
Enabling DHCP for IPv4 in fixed-port devices |
51 |
Disabling DHCP for IPv4 in fixed-port devices |
52 |
Enabling DHCP for IPv4 in Directors |
52 |
Configuring DHCPv6 for IPv6 |
53 |
Configuring Stateless DHCPv6 |
54 |
IPv6 autoconfiguration |
55 |
Setting IPv6 autoconfiguration |
55 |
Setting the Ethernet interface mode and speed |
56 |
Date and time settings |
56 |
Setting the date and time |
57 |
Time zone settings |
57 |
Setting the time zone |
58 |
Setting the time zone interactively |
58 |
Network Time Protocol |
59 |
Synchronizing the local time with an external source |
60 |
NTP configuration distribution to Access Gateways |
60 |
Domain IDs |
61 |
Domain ID issues |
61 |
Displaying the domain IDs |
62 |
Setting the domain ID |
62 |
Switch names |
63 |
Customizing the switch name |
63 |
Chassis names |
63 |
Customizing chassis names |
63 |
Fabric name |
64 |
Configuring the fabric name |
64 |
High availability considerations for fabric names |
64 |
Upgrade and downgrade considerations for fabric names |
64 |
Switch activation and deactivation |
64 |
Disabling a switch |
65 |
Enabling a switch |
65 |
Disabling a chassis |
65 |
Enabling a chassis |
66 |
Device shutdown |
66 |
Powering off a Brocade switch |
66 |
Powering off a Brocade Director |
66 |
Basic connections |
67 |
Device connection |
67 |
Switch connection |
67 |
Performing Advanced Configuration Tasks |
69 |
Port identifiers (PIDs) and PID binding overview |
69 |
Core PID addressing mode |
69 |
Fixed addressing mode |
70 |
10-bit addressing (mode 0) |
70 |
256-area addressing (mode 1 and mode 2) |
70 |
Zero-based addressing (mode 1) |
71 |
Port-based addressing (mode 2) |
71 |
WWN-based PID assignment |
71 |
Virtual Fabrics considerations for WWN-based PID assignment |
71 |
NPIV |
72 |
Enabling automatic PID assignment |
72 |
Assigning a static PID |
72 |
Clearing PID binding |
72 |
Showing PID assignments |
73 |
Ports |
73 |
Port Types |
73 |
Director port blades |
73 |
Setting port names |
74 |
Port identification by slot and port number |
75 |
Port identification by port area ID |
75 |
Port identification by index |
75 |
Dynamic Portname |
75 |
Dynamic port name format |
79 |
Configuring a device-switch connection |
81 |
Swapping port area IDs |
81 |
Enabling a port |
82 |
Disabling a port |
82 |
Port decommissioning |
83 |
Setting port speeds |
83 |
Setting all ports on a switch to the same speed |
84 |
Setting port speed for a port octet |
84 |
Setting maximum auto-negotiated port speed |
86 |
Decoding fdmiShow command output |
86 |
Blade terminology and compatibility |
87 |
CP blades |
88 |
Core blades |
89 |
Port and application blade compatibility |
89 |
Enabling and disabling blades |
89 |
Enabling blades |
89 |
Exceptions in enabling 48-port and 64-port blades |
90 |
Disabling blades |
90 |
Blade swapping |
90 |
How blades are swapped |
91 |
Swapping blades |
94 |
Disabling switches |
95 |
Power management |
95 |
Powering off a port blade or core blade |
95 |
Powering on a port blade or core blade |
96 |
Equipment status |
96 |
Checking switch operation |
96 |
Verifying High Availability features (Backbones and Directors only) |
96 |
Verifying fabric connectivity |
97 |
Verifying device connectivity |
97 |
Audit log configuration |
97 |
Verifying host syslog prior to configuring the audit log |
98 |
Configuring an audit log for specific event classes |
99 |
Configuring remote syslog servers |
99 |
Using secure syslog CA certificates |
100 |
Hostname support for syslogAdmin command |
100 |
Duplicate PWWN handling during device login |
101 |
Setting 0, First login precedence |
101 |
Setting 1, Second login precedence |
101 |
Setting 2, Mixed precedence |
102 |
Setting the behavior for handling duplicate PWWNs |
102 |
Forward error correction |
103 |
FEC limitations |
103 |
Enabling forward error correction |
103 |
Disabling forward error correction |
104 |
Enabling or disabling FEC for long-distance ports |
105 |
Displaying and clearing the FEC counters |
105 |
FEC-via-TTS |
105 |
Routing Traffic |
107 |
Routing overview |
107 |
Paths and route selection |
107 |
FSPF |
107 |
Fibre Channel NAT |
109 |
Inter-switch links |
109 |
Buffer credits |
111 |
Congestion versus over-subscription |
111 |
Virtual channels |
111 |
Gateway links |
112 |
Configuring a link through a gateway |
113 |
Routing policies |
114 |
Notes |
114 |
Displaying the current routing policy |
114 |
Port-based routing |
114 |
Exchange-based routing |
115 |
Device-based routing |
115 |
Dynamic Path Selection |
115 |
Displaying a dynamic path selection group for reachable domains |
115 |
Route selection |
116 |
Dynamic Load Sharing |
116 |
Setting DLS |
117 |
Frame order delivery |
117 |
Forcing in-order frame delivery across topology changes |
118 |
Restoring out-of-order frame delivery across topology changes |
118 |
Enabling Frame Viewer |
118 |
Using Frame Viewer to understand why frames are dropped |
119 |
Displaying discarded frames by back-end port in Frame Viewer |
119 |
Lossless Dynamic Load Sharing on ports |
120 |
Lossless core |
121 |
ICL limitations |
121 |
Configuring Lossless Dynamic Load Sharing |
121 |
Lossless Dynamic Load Sharing in Virtual Fabrics |
122 |
How DLS affects other logical switches in the fabric |
122 |
Two-hop Lossless DLS route update |
122 |
Configuring Two-hop Lossless DLS |
123 |
Frame Redirection |
123 |
Creating a frame redirect zone |
124 |
Deleting a frame redirect zone |
125 |
Viewing frame redirect zones |
125 |
Buffer-to-Buffer Credits and Credit Recovery |
127 |
Buffer credit management |
127 |
Buffer-to-buffer flow control |
127 |
Optimal buffer credit allocation |
128 |
Considerations for calculating buffer credits |
128 |
Fibre Channel gigabit values reference definition |
128 |
Buffer credit allocation based on full-size frames |
129 |
Fibre Channel data frames |
129 |
Allocating buffer credits based on full-sized frames |
129 |
Calculating the number of buffers required based on full-size frames |
130 |
Allocating buffer credits based on average-size frames |
131 |
Configuring buffers for a single port directly |
132 |
Configuring buffers using frame size |
132 |
Calculating the number of buffers required given the distance, speed, and frame size |
132 |
Allocating buffer credits for F_Ports |
133 |
Monitoring buffers in a port group |
134 |
Buffer credits per switch or blade model |
135 |
Formula for Gen-6 32-Gbps devices |
135 |
Formula for Gen-5 16-Gbps and older devices |
135 |
Maximum configurable distances for Extended Fabrics |
136 |
Formula for Gen-6 32-Gbps devices |
136 |
Formula for Gen-5 16-Gbps and older devices |
137 |
Downgrade considerations |
137 |
When a port is configured with -framesize and -distance options |
138 |
When a port is configured with the -buffers option |
138 |
Configuring credits for a single VC |
138 |
Increasing credits for normal distance E_Ports |
138 |
Buffer credit recovery |
139 |
Buffer credit recovery over an E_Port |
139 |
Buffer credit recovery over an F_Port |
139 |
Buffer credit recovery over an EX_Port |
140 |
Enabling and disabling buffer credit recovery |
140 |
Credit loss detection |
141 |
Back-end credit loss detection and recovery support on Brocade 6520 switches |
141 |
Enabling back-end credit loss detection and recovery for link reset thresholds |
141 |
Performing link reset for loss of sync from peer ports |
142 |
Back-end credit loss detection and recovery for link faults |
143 |
Managing User Accounts |
145 |
User accounts overview |
145 |
Role-Based Access Control |
145 |
Role permissions |
146 |
Management channel |
147 |
Managing user-defined roles |
147 |
Creating a user-defined role |
147 |
Assigning a user-defined role to a user |
148 |
Configuring time-based access |
148 |
Local database user accounts |
149 |
Default accounts |
149 |
Displaying account information |
150 |
Creating an account |
150 |
Deleting an account |
150 |
Changing account parameters |
150 |
Local account passwords |
151 |
Changing the password for the current login account |
151 |
Changing the password for a different account |
151 |
Local user account database distribution |
151 |
Distributing the local user database |
151 |
Accepting distributed user databases on the local switch |
152 |
Rejecting distributed user databases on the local switch |
152 |
Password policies |
152 |
Password strength policy |
152 |
Password history policy |
153 |
Password expiration policy |
154 |
Account lockout policy |
155 |
Enabling the admin lockout policy |
155 |
Unlocking an account |
155 |
Disabling the admin lockout policy |
155 |
Denial of service implications |
155 |
Changing the root password without the old password |
156 |
Configuring the password hash type |
156 |
The boot PROM password |
157 |
Setting the boot PROM password for a switch with a recovery string |
157 |
Setting the boot PROM password for a Backbones and Directors with a recovery string |
158 |
Setting the boot PROM password for a switch without a recovery string |
159 |
Setting the boot PROM password for a Backbone or Director without a recovery string |
159 |
Remote authentication |
160 |
Remote authentication configuration |
160 |
Client/server model |
160 |
Authentication server data |
161 |
Switch configuration |
161 |
Supported LDAP options |
161 |
Command options |
162 |
Setting the switch authentication mode |
163 |
Fabric OS user accounts |
163 |
Fabric OS users on the RADIUS server |
164 |
Windows 2012 IAS |
164 |
Linux FreeRADIUS server |
165 |
RADIUS configuration with Virtual Fabrics |
166 |
Setting up a RADIUS server |
166 |
Configuring RADIUS server support with Linux |
167 |
Adding the Brocade attributes to the server |
167 |
Creating the user |
167 |
Enabling clients |
168 |
Configuring RADIUS server support with Windows 2012 |
168 |
RSA RADIUS server |
171 |
Setting up the RSA RADIUS server |
172 |
Obfuscation of RADIUS shared secret |
173 |
LDAP configuration and Microsoft Active Directory |
174 |
Configuring Microsoft Active Directory LDAP service |
174 |
Creating a user |
175 |
Creating a group |
175 |
Assigning the group (role) to the user |
175 |
Adding a Virtual Fabric list |
175 |
Adding attributes to the Active Directory schema |
176 |
LDAP configuration and OpenLDAP |
176 |
OpenLDAP server configuration overview |
176 |
Enabling group membership |
177 |
Adding entries to the directory |
177 |
Assigning a user to a group |
178 |
Assigning the LDAP role to a switch role |
178 |
Modifying an entry |
178 |
Adding a Virtual Fabric list |
178 |
TACACS+ service |
180 |
TACACS+ configuration overview |
180 |
Configuring the TACACS+ server on Linux |
180 |
The tac_plus.cfg file |
180 |
Adding a user and assigning a role |
181 |
Configuring Virtual Fabric lists |
181 |
Configuring the password expiration date |
181 |
Configuring a Windows TACACS+ server |
182 |
Remote authentication configuration on the switch |
182 |
Adding an authentication server to the switch configuration |
182 |
Enabling and disabling remote authentication |
182 |
Deleting an authentication server from the configuration |
183 |
Changing an authentication server configuration |
183 |
Changing the order in which authentication servers are contacted for service |
183 |
Displaying the current authentication configuration |
183 |
Configuring local authentication as backup |
184 |
Configuring Protocols |
185 |
Security protocols |
185 |
Secure Copy |
186 |
Setting up SCP for configuration uploads and downloads |
187 |
Secure Shell protocol |
187 |
SSH public key authentication |
187 |
Allowed-user |
188 |
Configuring incoming SSH authentication |
188 |
Configuring outgoing SSH authentication |
189 |
Deleting public keys on the switch |
189 |
Deleting private keys on the switch |
190 |
Generate and install hostkey on a switch |
190 |
Managing SecCryptoCfg templates |
190 |
Format and rule of the template |
190 |
Default secCryptoCfg templates |
191 |
Default_generic |
191 |
Default_strong |
192 |
Default_fips |
193 |
Default_cc |
194 |
Configuring the ciphers, KEX, and MAC algorithms |
194 |
Secure Sockets Layer protocol |
195 |
Browser and Java support |
195 |
SSL configuration overview |
195 |
Certificate authorities |
196 |
Generating a public/private key pair |
196 |
Generating and storing a Certificate Signing Request |
196 |
Obtaining certificates |
197 |
Installing a switch certificate |
198 |
Generating self-signed certificates |
199 |
The browser |
199 |
Checking and installing root certificates on Internet Explorer |
199 |
Checking and installing root certificates on Mozilla Firefox |
199 |
Root certificates for the Java plugin |
200 |
Installing a root certificate to the Java plugin |
200 |
Simple Network Management Protocol |
200 |
SNMP Manager |
201 |
SNMP Agent |
201 |
Management Information Base |
201 |
Basic SNMP operation |
201 |
Configuring SNMP using CLI |
202 |
Configuring SNMP security level |
202 |
Supported protocol configurations for SNMPv3 users |
203 |
Configuring SNMPv3 user/traps |
203 |
Telnet protocol |
211 |
Blocking Telnet |
211 |
Unblocking Telnet |
212 |
Listener applications |
213 |
Ports and applications used by switches |
213 |
Port configuration |
214 |
Configuring Security Policies |
215 |
ACL policies overview |
215 |
How the ACL policies are stored |
215 |
Virtual Fabric considerations for ACL policies |
215 |
Policy members |
216 |
ACL policy management |
216 |
Displaying ACL policies |
216 |
Saving changes without activating the policies |
216 |
Activating ACL policy changes |
217 |
Deleting an ACL policy |
217 |
Adding a member to an existing ACL policy |
217 |
Removing a member from an ACL policy |
218 |
Abandoning unsaved ACL policy changes |
218 |
FCS policies |
218 |
FCS policy restrictions |
219 |
Ensuring fabric domains share policies |
220 |
Creating an FCS policy |
220 |
Modifying the order of FCS switches |
220 |
FCS policy distribution |
221 |
Device Connection Control policies |
222 |
Virtual Fabrics considerations |
222 |
DCC policy restrictions |
222 |
Creating a DCC policy |
223 |
Deleting a DCC policy |
224 |
DCC policy behavior with Fabric-Assigned PWWNs |
224 |
SCC Policies |
226 |
Virtual Fabrics considerations for SCC policies |
226 |
Creating an SCC policy |
226 |
Authentication policy for fabric elements |
227 |
Virtual Fabrics considerations |
228 |
E_Port authentication |
228 |
Virtual Fabrics considerations |
228 |
Configuring E_Port authentication |
228 |
Re-authenticating E_Ports |
229 |
Device authentication policy |
230 |
Virtual Fabrics considerations |
230 |
Configuring device authentication |
230 |
AUTH policy restrictions |
230 |
Authentication protocols |
231 |
Viewing the current authentication parameter settings for a switch |
231 |
Setting the authentication protocol |
231 |
Secret key pairs for DH-CHAP |
232 |
Characteristics of a secret key pair |
232 |
Viewing the list of secret key pairs in the current switch database |
232 |
Note about Access Gateway switches |
233 |
Setting a secret key pair |
233 |
FCAP configuration overview |
233 |
Generating the key and CSR for FCAP |
234 |
Exporting the CSR for FCAP |
234 |
Importing CA for FCAP |
235 |
Importing the FCAP switch certificate |
235 |
Starting FCAP authentication |
235 |
Fabric-wide distribution of the authorization policy |
236 |
IP Filter policy |
236 |
Virtual Fabrics considerations for IP Filter policy |
236 |
Creating an IP Filter policy |
236 |
Cloning an IP Filter policy |
236 |
Displaying an IP Filter policy |
237 |
Saving an IP Filter policy |
237 |
Activating an IP Filter policy |
237 |
Deleting an IP Filter policy |
237 |
IP Filter policy rules |
238 |
Source address |
238 |
Destination port |
238 |
Protocol |
239 |
Action |
239 |
Traffic type and destination IP |
239 |
Implicit filter rules |
240 |
Default policy rules |
240 |
IP Filter policy enforcement |
240 |
Adding a rule to an IP Filter policy |
241 |
Deleting a rule from an IP Filter policy |
241 |
Aborting an IP Filter transaction |
241 |
IP Filter policy distribution |
241 |
Policy database distribution |
242 |
Database distribution settings |
243 |
Displaying the database distribution settings |
243 |
Enabling local switch protection |
243 |
Disabling local switch protection |
244 |
ACL policy distribution to other switches |
244 |
Distributing the local ACL policies |
244 |
Fabric-wide enforcement |
244 |
Displaying the fabric-wide consistency policy |
245 |
Setting the fabric-wide consistency policy |
245 |
Notes on joining a switch to the fabric |
245 |
Matching fabric-wide consistency policies |
246 |
Non-matching fabric-wide consistency policies |
246 |
Management interface security |
247 |
Configuration examples |
248 |
Endpoint-to-endpoint transport or tunnel |
248 |
Gateway-to-gateway tunnel |
248 |
Endpoint-to-gateway tunnel |
249 |
RoadWarrior configuration |
249 |
IPsec protocols |
249 |
Security associations |
250 |
IPsec proposal |
250 |
Authentication and encryption algorithms |
250 |
IPsec policies |
251 |
IPsec traffic selector |
251 |
IPsec transform |
251 |
IKE policies |
251 |
Key management |
252 |
Pre-shared keys |
252 |
Security certificates |
252 |
Static Security Associations |
252 |
Creating the tunnel |
252 |
Example of an end-to-end transport tunnel mode |
254 |
Notes |
255 |
Maintaining the Switch Configuration File |
257 |
Configuration settings |
257 |
Configuration file format |
258 |
Chassis section |
258 |
Switch section |
258 |
Configuration file backup |
259 |
Considerations for FTP server credentials with special characters |
259 |
Examples to verify the use of special characters |
260 |
Uploading a configuration file in interactive mode |
261 |
Configuration file restoration |
261 |
Restrictions |
261 |
Configuration download without disabling a switch |
263 |
Restoring a configuration |
263 |
Configurations across a fabric |
264 |
Downloading a configuration file from one switch to another switch of the same model |
264 |
Security considerations |
264 |
Configuration management for Virtual Fabrics |
264 |
Uploading a configuration file from a switch with Virtual Fabrics enabled |
264 |
Restoring a logical switch configuration using configDownload |
265 |
Restrictions |
266 |
Brocade configuration form |
266 |
Managing Virtual Fabrics |
267 |
Virtual Fabrics overview |
267 |
Logical switch overview |
268 |
Default logical switch |
268 |
Logical switches and fabric IDs |
269 |
Port assignment in logical switches |
270 |
Logical switches and connected devices |
272 |
Management model for logical switches |
273 |
Logical fabric overview |
274 |
Logical fabric and ISLs |
274 |
Base switch and extended ISLs |
275 |
Base fabric |
278 |
Logical ports |
278 |
Logical fabric formation |
279 |
Account management and Virtual Fabrics |
279 |
Setting up IP addresses for a logical switch |
279 |
Logical switch login context |
280 |
Supported platforms for Virtual Fabrics |
281 |
Supported port configurations in the fixed-port switches |
281 |
Supported port configurations in Brocade Backbones and Directors |
282 |
Restrictions on Brocade Backbones |
282 |
Virtual Fabrics interaction with other Fabric OS features |
282 |
Limitations and restrictions of Virtual Fabrics |
283 |
Restrictions on XISLs |
284 |
Restrictions on moving ports |
284 |
Enabling Virtual Fabrics mode |
284 |
Disabling Virtual Fabrics mode |
285 |
Configuring logical switches to use basic configuration values |
286 |
Creating a logical switch or base switch |
286 |
Executing a command in a different logical switch context |
288 |
Deleting a logical switch |
288 |
Adding and moving ports on a logical switch |
289 |
Displaying logical switch configuration |
290 |
Changing the fabric ID of a logical switch |
290 |
Changing a logical switch to a base switch |
291 |
Configuring a logical switch for XISL use |
292 |
Changing the context to a different logical fabric |
293 |
Creating a logical fabric using XISLs |
293 |
Administering Advanced Zoning |
297 |
Zone types |
297 |
Zoning overview |
298 |
Approaches to zoning |
299 |
Zone objects |
300 |
Zoning schemes |
300 |
Zone configurations |
301 |
Zoning enforcement |
301 |
Identifying the enforced zone type |
302 |
Considerations for zoning architecture |
302 |
Best practices for zoning |
302 |
Broadcast zones |
303 |
Broadcast zones and FC-FC routing |
304 |
High availability considerations with broadcast zones |
304 |
Loop devices and broadcast zones |
304 |
Broadcast zones and default zoning mode |
304 |
Zone aliases |
304 |
Creating an alias |
305 |
Adding members to an alias |
305 |
Removing members from an alias |
306 |
Deleting an alias |
306 |
Viewing an alias in the defined configuration |
307 |
Zone creation and maintenance |
307 |
Displaying existing zones |
307 |
Creating a zone |
308 |
Adding devices (members) to a zone |
309 |
Removing devices (members) from a zone |
310 |
Replacing zone members |
311 |
Notes and restrictions |
311 |
Deleting a zone |
312 |
Viewing a zone |
313 |
Viewing zone configuration names without case distinction |
314 |
Examining changes in the zone database |
314 |
Validating a zone |
315 |
Inconsistencies between the defined and effective configurations |
317 |
Default zoning mode |
318 |
Setting the default zoning mode |
319 |
Viewing the current default zone access mode |
319 |
Zone database size |
320 |
Zone configurations |
320 |
Creating a zone configuration |
321 |
Adding zones to a zone configuration |
321 |
Removing members from a zone configuration |
322 |
Enabling a zone configuration |
322 |
Disabling a zone configuration |
322 |
Validating zone members in the zone configuration |
323 |
Deleting a zone configuration |
325 |
Deleting invalid zones |
325 |
Abandoning zone configuration changes |
326 |
Viewing all zone configuration information |
326 |
Viewing selected zone configuration information |
326 |
Viewing the zone aliases in the zone configuration |
327 |
Viewing the configuration in the effective zone database |
328 |
Clearing all zone configurations |
328 |
Zone object maintenance |
329 |
Copying a zone object |
329 |
Deleting a zone object |
330 |
Renaming a zone object |
330 |
Zone configuration management |
331 |
Security and zoning |
331 |
Zone merging |
332 |
Fabric segmentation and zoning |
333 |
Zone merging scenarios |
333 |
Concurrent zone transactions |
339 |
Viewing zone database transactions |
340 |
Peer Zoning |
340 |
Peer Zoning compared to other zoning types |
341 |
Advantages of Peer Zoning |
344 |
Peer Zone connectivity rules |
344 |
Firmware upgrade and downgrade considerations for Peer Zoning |
345 |
LSAN and QoS Peer Zoning considerations |
345 |
Peer Zone configuration |
345 |
Creating Peer Zones |
345 |
Adding devices to a Peer Zone |
346 |
Replacing a device in a Peer Zone |
346 |
Removing devices from a Peer Zone |
346 |
Deleting Peer Zones |
346 |
Viewing Peer Zones |
346 |
Target Driven Zoning |
347 |
Limitations and considerations for Target Driven Zoning |
348 |
Target Driven Zoning configuration |
348 |
Enabling Target Driven Zoning |
348 |
Disabling Target Driven Zoning |
349 |
Viewing Target Driven Zoning |
350 |
Supported commands for Peer Zones and Target Driven Peer Zones |
351 |
Boot LUN zoning |
352 |
Setting up boot LUN zoning |
354 |
Configuring the server and HBA for BLUN zone |
354 |
Configuring the Brocade switch for BLUN zone |
354 |
Traffic Isolation Zoning |
357 |
Traffic Isolation Zoning overview |
357 |
TI zone failover |
358 |
Additional considerations when disabling failover |
359 |
FSPF routing rules and traffic isolation |
359 |
Enhanced TI zones |
361 |
Invalid configurations with enhanced TI zones |
362 |
Invalid ETIZ configuration: separate paths from a port to devices on same domain |
362 |
Invalid ETIZ configuration: separate paths from a single port to the same domain |
363 |
General rules for TI zones |
364 |
Additional configuration rules for enhanced TI zones |
365 |
Limitations and restrictions of Traffic Isolation Zoning |
366 |
Creating a TI zone |
366 |
Modifying TI zones |
367 |
Changing the state of a TI zone |
368 |
Deleting a TI zone |
368 |
Displaying TI zones |
368 |
Enforcing Local TI Filtering |
369 |
Traffic Isolation Zoning over FC routers |
370 |
TI zones within an edge fabric |
371 |
TI zones within a backbone fabric |
372 |
Limitations of TI zones over FC routers |
373 |
Fabric-Level Traffic Isolation in a backbone fabric |
374 |
Fabric-Level TI zones |
375 |
Failover behavior for Fabric-Level TI zones |
376 |
Creating a separate TI zone for each path |
376 |
Creating a single TI zone for all paths |
377 |
Setting up TI zones over FCR (sample procedure) |
378 |
Virtual Fabrics considerations for Traffic Isolation Zoning |
381 |
Traffic Isolation Zoning over FC routers with Virtual Fabrics |
383 |
Troubleshooting TI zone routing problems |
385 |
Traffic Isolation Zone violation handling for trunk ports |
386 |
Optimizing Fabric Behavior |
387 |
Adaptive Networking overview |
387 |
Ingress Rate Limiting |
387 |
Virtual Fabrics considerations |
388 |
Limiting traffic from a particular device |
388 |
Disabling Ingress Rate Limiting |
388 |
QoS |
388 |
License requirements for QoS |
389 |
QoS on E_Ports |
389 |
QoS over FC routers |
390 |
vTap and QoS High Priority Zoning Compatibility mode |
391 |
QoSH5 zones |
391 |
Virtual Fabrics considerations for QoS zone-based traffic prioritization |
392 |
Traffic prioritization based on QoS zones |
393 |
Notes on QoS zoning |
395 |
Setting QoS zone-based traffic prioritization |
395 |
Setting QoS zone-based traffic prioritization over FC routers |
396 |
Disabling QoS zone-based traffic prioritization |
397 |
Supported configurations for QoS zone-based traffic prioritization |
397 |
Limitations and restrictions for QoS zone-based traffic prioritization |
397 |
CS_CTL-based frame prioritization |
398 |
Supported configurations for CS_CTL-based frame prioritization |
398 |
High availability considerations for CS_CTL-based frame prioritization |
399 |
Enabling CS_CTL-based frame prioritization on ports |
399 |
Disabling CS_CTL-based frame prioritization on ports |
399 |
Using CS_CTL auto mode at the chassis level |
399 |
Considerations for using CS_CTL-based frame prioritization |
400 |
In-flight Encryption and Compression |
401 |
In-flight encryption and compression overview |
401 |
Supported ports for in-flight encryption and compression |
402 |
In-flight encryption and compression restrictions |
403 |
Bandwidth and port limits for in-flight encryption and compression |
403 |
Port speed on encryption- or compression-enabled ports |
404 |
How in-flight encryption and compression are enabled |
404 |
Authentication and key generation for encryption and compression |
405 |
Availability considerations for encryption and compression |
406 |
Virtual Fabrics considerations for encryption and compression |
406 |
In-flight compression on long-distance ports |
407 |
Compression ratios for compression-enabled ports |
407 |
Configuring in-flight encryption and compression on an EX_Port |
407 |
Configuring in-flight encryption and compression on an E_Port |
408 |
Viewing the encryption and compression configuration |
409 |
Configuring and enabling authentication for in-flight encryption |
409 |
Enabling in-flight encryption |
412 |
Enabling in-flight compression |
412 |
Disabling in-flight encryption |
413 |
Disabling in-flight compression |
414 |
Diagnostic Port |
415 |
Supported platforms for D_Port |
415 |
Licensing requirements for D_Port |
416 |
Understanding D_Port |
416 |
D_Port configuration modes and testing |
417 |
General limitations and considerations for D_Port tests |
419 |
Access Gateway limitations and considerations for D_Ports |
420 |
High Availability limitations and considerations for D_Ports |
420 |
8-Gbps LWL and ELWL SFP transceiver limitations for D_Ports |
421 |
Topology 1: ISLs |
421 |
Topology 2: ICLs |
422 |
Topology 3: Access Gateways |
422 |
Saving port mappings on an Access Gateway |
424 |
Topology 4: HBA to switch |
424 |
Using D_Port in static-static mode between switches |
425 |
Enabling D_Port in static mode |
425 |
Disabling D_Port in static mode |
427 |
Disabling D_Port globally |
427 |
Using D_Port in dynamic mode |
427 |
Preprovisioning D_Ports |
427 |
Using D_Port between switches and HBAs |
429 |
Enabling D_Port in static mode between a switch and an HBA |
429 |
Using non-Brocade HBAs for D_Port testing |
429 |
Enabling D_Port testing with an Emulex HBA |
429 |
Enabling D_Port testing with a QLogic HBA |
430 |
BCU D_Port commands |
430 |
Host Bus Adapter limitations and considerations for D_Ports |
431 |
Confirming SFP and link status with an HBA |
432 |
Using D_Port in on-demand mode |
433 |
Using D_Port show commands |
433 |
NPIV |
437 |
NPIV overview |
437 |
Upgrade considerations |
438 |
Fixed addressing mode |
438 |
10-bit addressing mode |
438 |
Configuring NPIV |
438 |
Enabling and disabling NPIV |
439 |
Base device logout |
440 |
Difference in the device logout behaviors |
440 |
Enabling base device logout |
441 |
Use cases and dependencies |
441 |
Viewing base device logout setting |
442 |
Viewing NPIV port configuration information |
443 |
Viewing virtual PID login information |
444 |
Fabric-Assigned PWWN |
445 |
Fabric-Assigned PWWN overview |
445 |
User- and auto-assigned FA-PWWN behavior |
446 |
Configuring an FA-PWWN for an HBA connected to an Access Gateway |
447 |
Configuring an FA-PWWN for an HBA connected to an edge switch |
447 |
Supported switches and configurations for FA-PWWN |
448 |
Configuration upload and download considerations for FA-PWWN |
449 |
Security considerations for FA-PWWN |
449 |
Restrictions of FA-PWWN |
449 |
Access Gateway N_Port failover with FA-PWWN |
450 |
Inter-chassis Links |
451 |
Inter-chassis links |
451 |
License requirements for ICLs |
451 |
Using the QSFPs that support 2 km on ICL ports |
452 |
ICLs between DCX 8510 Backbones |
452 |
ICL trunking between Brocade DCX 8510 Backbones |
454 |
ICLs between X6 Directors |
455 |
ICL trunking between Brocade X6 Directors |
458 |
ICLs between DCX 8510 Backbones and X6 Directors |
459 |
ICL trunking between DCX 8510 Backbones and X6 Directors |
461 |
Virtual Fabrics considerations for ICLs |
462 |
Supported topologies for ICL connections |
463 |
Mesh topology |
463 |
Core-edge topology |
465 |
Managing Trunking Connections |
467 |
Trunking overview |
467 |
Types of trunking |
467 |
Masterless trunking |
468 |
License requirements for trunking |
468 |
Port groups for trunking |
468 |
Supported platforms for trunking |
469 |
Supported configurations for trunking |
469 |
High Availability support for trunking |
469 |
Requirements for trunk groups |
469 |
Recommendations for trunk groups |
470 |
Configuring trunk groups |
471 |
Enabling trunking |
471 |
Disabling trunking |
471 |
Displaying trunking information |
472 |
ISL trunking over long-distance fabrics |
473 |
EX_Port trunking |
474 |
Masterless EX_Port trunking |
474 |
Supported configurations and platforms for EX_Port trunking |
474 |
Backward compatibility support |
475 |
Configuring EX_Port trunking |
475 |
Displaying EX_Port trunking information |
475 |
F_Port trunking |
475 |
F_Port trunking for Access Gateway |
476 |
Requirements for F_Port trunking on an Access Gateway |
477 |
Configuring F_Port trunking for an Access Gateway |
477 |
F_Port trunking for Brocade adapters |
478 |
Configuring F_Port trunking for a Brocade adapter |
478 |
F_Port trunking considerations |
479 |
PWWN formats for F_Port trunk ports |
480 |
F_Port trunking in Virtual Fabrics |
480 |
Displaying F_Port trunking information |
481 |
Disabling F_Port trunking |
481 |
Enabling the DCC policy on a trunk area |
482 |
Managing Long-Distance Fabrics |
483 |
Long-distance fabrics overview |
483 |
Extended Fabrics device limitations |
483 |
Long-distance link modes |
484 |
Configuring an extended ISL |
484 |
Enabling long distance when connecting to TDM devices |
486 |
Forward error correction on long-distance links |
486 |
Enabling FEC on a long-distance link |
486 |
Disabling FEC on a long-distance link |
486 |
Using FC-FC Routing to Connect Fabrics |
489 |
FC-FC routing overview |
489 |
License requirements for FC-FC routing |
489 |
Supported platforms for FC-FC routing |
490 |
Supported configurations for FC-FC routing |
491 |
Network OS connectivity limitations |
491 |
Fibre Channel routing concepts |
491 |
Proxy devices |
496 |
FC-FC routing topologies |
497 |
Phantom domains |
497 |
Identifying and deleting stale xlate domains |
501 |
Domain ID range for front and translate phantom domains |
501 |
FC router authentication |
502 |
Setting up FC-FC routing |
503 |
Verifying the setup for FC-FC routing |
503 |
Backbone fabric IDs |
504 |
Assigning backbone fabric IDs |
505 |
Assigning alias names to fabric IDs |
505 |
FCIP tunnel configuration |
506 |
Inter-fabric link configuration |
506 |
Configuring an IFL for both edge and backbone connections |
506 |
Configuring EX_Ports on an ICL |
510 |
FC router port cost configuration |
511 |
Port cost considerations |
512 |
Setting router port cost for an EX_Port |
512 |
Shortest IFL cost configuration |
513 |
Configuring shortest IFL cost |
517 |
EX_Port frame trunking configuration |
518 |
LSAN zone configuration |
519 |
Zone definition and naming |
519 |
LSAN zones and fabric-to-fabric communications |
519 |
Controlling device communication with the LSAN |
520 |
Configuring interconnectivity between backbone and edge fabrics |
522 |
Setting the maximum LSAN count |
522 |
HA and downgrade considerations for LSAN zones |
523 |
LSAN zone policies using LSAN tagging |
523 |
Enforce tag |
523 |
How the Enforce tag works |
524 |
Speed tag |
525 |
Rules for LSAN tagging |
526 |
Configuring an Enforce LSAN tag |
527 |
Configuring a Speed LSAN tag |
527 |
Removing an LSAN tag |
527 |
Displaying the LSAN tag configuration |
528 |
LSAN zone binding |
528 |
LSAN zone binding considerations |
530 |
How LSAN zone binding works |
530 |
FC router matrix definition |
531 |
LSAN fabric matrix definition |
531 |
Setting up LSAN zone binding |
531 |
Viewing the LSAN zone binding matrixes |
532 |
Location embedded LSAN zones |
532 |
Creating location embedded LSAN zones |
533 |
Migrating LSAN zones to location embedded LSAN zones in the edge fabric |
535 |
Limitations of location embedded LSAN zones |
535 |
Peer LSAN zone support |
536 |
Proxy PID configuration |
536 |
Fabric parameter considerations |
537 |
Inter-fabric broadcast frames |
537 |
Displaying the current broadcast configuration |
537 |
Enabling broadcast frame forwarding |
537 |
Disabling broadcast frame forwarding |
538 |
Resource monitoring |
538 |
FC-FC routing and Virtual Fabrics |
539 |
Logical switch configuration for FC routing |
540 |
Backbone-to-edge routing with Virtual Fabrics |
541 |
Upgrade and downgrade considerations for FC-FC routing |
542 |
How replacing port blades affects EX_Port configuration |
542 |
Displaying the range of output ports connected to xlate domains |
543 |
Port Indexing |
545 |
Switch and blade sensors |
547 |
Brocade switch sensors |
547 |
Brocade blade temperature sensors |
547 |
System temperature monitoring |
548 |
Hexadecimal Conversion |
549 |
Hexadecimal overview |
549 |
Example conversion of the hexadecimal triplet Ox616000 |
549 |