Dell PowerConnect Brocade M6505 Brocade 7.1.0 Fabric OS Administrator's Guide
Dell PowerConnect Brocade M6505 Manual
View all Dell PowerConnect Brocade M6505 manuals
Add to My Manuals
Save this manual to your list of manuals |
Dell PowerConnect Brocade M6505 manual content summary:
- Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 1
53-1002745-02 ® 25 March 2013 Fabric OS Administrator's Guide Supporting Fabric OS 7.1.0 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 2
, concerning any equipment, equipment feature, or service offered or to be offered by Brocade. Brocade reserves the right to make changes to this Guide 53-1002745-01 Fabric OS Administrator's Guide 53-1002745-02 Added Fabric OS v7.1.0 software features and support for new hardware platforms: Brocade - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 3
Guide 53-1002745-02 Standard Features Understanding Fibre Channel Services 43 Performing Basic Configuration Tasks 55 Performing Advanced Configuration Tasks 79 Routing Traffic 111 Managing User Accounts 133 Configuring Protocols 177 Configuring Security Policies 195 Maintaining the Switch - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 4
Appendix A Appendix B Appendix C Port Indexing 611 FIPS Support 615 Hexadecimal Conversion 627 4 Fabric OS Administrator's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 5
33 Supported hardware and software 34 What's new in this document 35 Document conventions 36 Notice to the reader 37 Additional information 38 Getting technical help 38 Document feedback 40 Section I Standard Features Chapter 1 Understanding Fibre Channel Services Fibre Channel services - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 6
chassis names 75 Fabric name 75 Configuring the fabric name 75 High availability considerations for fabric names 76 Upgrade and downgrade considerations for fabric names. . . . 76 Config file upload and download considerations for fabric names 76 Switch activation and deactivation 76 Disabling - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 7
Chapter 3 Fabric OS Administrator's Guide 53-1002745-02 Performing Advanced Configuration Tasks Port Identifiers (PIDs) and identification by port area ID 87 Port identification by index 87 Configuring a device-switch connection 88 Swapping port area IDs 88 Port activation and deactivation - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 8
112 Fibre Channel NAT 113 Inter-switch links 114 Buffer credits 115 Congestions versus over-subscription 115 Virtual channels 115 Gateway links 117 Configuring a Access Control 134 The management channel 136 Managing user-defined roles 136 8 Fabric OS Administrator's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 9
and OpenLDAP 165 TACACS+ service 171 Remote authentication configuration on the switch 174 Configuring local authentication as backup 176 Configuring Protocols Security protocols 177 Secure Copy 178 Setting up SCP for configuration uploads and downloads . . .179 Secure Shell protocol - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 10
and applications used by switches 192 Port configuration 193 Configuring Security Policies ACL policies FCS policy 201 Modifying the order of FCS switches 201 FCS policy distribution 202 Device Connection Control for DH-CHAP 213 FCAP configuration overview 215 Fabric-wide distribution - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 11
file restoration 246 Restrictions 246 Configuration download without disabling a switch 248 Configurations across a fabric 250 Downloading a configuration file from one switch to another switch of the same model 250 Security considerations 250 Configuration management for Virtual Fabrics 250 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 12
extended ISLs 283 Account management and Virtual Fabrics 286 Supported platforms for Virtual Fabrics 286 Supported port configurations in the fixed-port switches. . . .286 Supported port configurations in Brocade Backbones . . . . . .287 Virtual Fabrics interaction with other Fabric OS features - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 13
Virtual Fabric 298 Configuring a logical switch to use default zoning mode 312 Zone aliases 312 Creating an alias 313 Adding members to an alias 313 Removing members from an alias 314 Deleting an alias 314 Viewing an alias in the defined configuration 315 Fabric OS Administrator's Guide - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 14
configuration 322 Validating a zone 323 Default zoning mode 326 Setting the default zoning mode 326 Viewing the current default zone access mode 327 Zone database size 327 Zone configurations 328 Creating a zone configuration Zone configuration 350 Illegal configurations with enhanced - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 15
Displaying TI zones 369 Troubleshooting TI zone routing problems 370 Setting up TI over FCR (sample procedure 371 Bottleneck Detection Bottleneck detection overview 375 Types of bottlenecks 376 How bottlenecks are reported 376 Supported configurations for bottleneck detection 377 Limitations - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 16
detection on a switch 392 In- Upgrade considerations 420 Fixed addressing mode 420 10-bit addressing mode 420 Configuring NPIV 421 Enabling and disabling NPIV 422 Viewing NPIV port configuration information 423 Viewing virtual PID login information 424 16 Fabric OS Administrator's Guide - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 17
an HBA connected to an Access Gateway 427 Configuring an FA-PWWN for an HBA connected to an edge switch 428 Supported switches and configurations for FA-PWWN 429 Configuration upload and download considerations for FA-PWWN430 Firmware upgrade and downgrade considerations for FA-PWWN .430 Security - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 18
Domains, zones, and zone databases 458 Admin Domains and LSAN zones 459 Configuration upload and download in an AD context . . . . . .460 Licensed Features Administering Licensing Licensing overview 463 Brocade 7800 Upgrade license 470 ICL licensing 471 ICL 1st POD license 471 ICL 2nd POD - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 19
Brocade DCX 8510-8 and DCX 8510-4 . .493 ICLs for the Brocade DCX Backbone family 493 ICL trunking on the Brocade DCX and DCX-4S 494 Virtual Fabrics considerations for ICLs 494 Supported EE monitors 501 Supported port configurations for EE monitor configuration 508 Displaying frame monitors - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 20
switches in Manually disabling QoS on trunked ports 524 QoS zones 525 QoS on E_Ports 526 QoS over FC routers 527 Virtual Fabrics considerations for QoS zone-based traffic prioritization 528 High-availability considerations for QoS zone-based traffic prioritization 528 Supported configurations - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 21
541 Masterless EX_Port trunking 542 Supported configurations and platforms for EX_Port trunking 542 Configuring EX_Port trunking 542 Displaying EX_Port trunking information 542 F_Port trunking 543 F_Port trunking for Access Gateway 543 F_Port trunking for Brocade adapters 545 F_Port trunking - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 22
Monitoring buffers in a port group 562 Buffer credits switch or blade model 563 Maximum configurable distances for Extended Fabrics . . . . .564 570 Supported platforms for FC-FC routing 570 Supported configurations for FC-FC routing 571 Network OS connectivity limitations 571 Fibre Channel - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 23
frame forwarding 604 Resource monitoring 604 FC-FC routing and Virtual Fabrics 606 Logical switch configuration for FC routing 607 Backbone-to-edge routing with Virtual Fabrics 608 Upgrade and downgrade considerations for FC-FC routing . . . . . .609 How replacing port blades affects EX_Port - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 24
24 Fabric OS Administrator's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 25
11 Figure 12 Figure 13 Figure 14 Figure 15 Figure 16 Figure 17 Figure 18 Figure 19 Figure 20 Figure 21 switch added to existing fabric 114 Virtual channels on a QoS-enabled ISL 116 Gateway link merging SANs 117 Single host and target 130 Windows 2000 VSA configuration 154 Example of a Brocade - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 26
WWNs 441 Filtered fabric views showing converted switch WWNs 441 AD0 and two user-defined Admin Domains, AD1 and AD2 452 AD0 with three zones 452 Minimum configuration for 64 Gbps ICLs 492 DCX-4S allowed ICL connections 494 ICL triangular topology with Brocade DCX 8510-8 chassis 495 Full nine - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 27
topology 578 Example of setting up Speed LSAN tag 596 LSAN zone binding 599 EX_Ports in a base switch 607 Logical representation of EX_Ports in a base switch 608 Backbone-to-edge routing across base switch using FC router in legacy mode 609 Fabric OS Administrator's Guide 27 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 28
28 Fabric OS Administrator's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 29
number of simultaneous sessions 136 Default local user accounts 138 LDAP options 151 Authentication configuration options 151 Syntax for VSA-based account roles 153 Entries in dictionary.brocade file 154 Brocade custom TACACS+ attributes 172 Secure protocol support 177 Items needed to deploy - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 30
457 Configuration upload and download scenarios in an AD context 460 Available Brocade licenses 464 License requirements and location name by feature 467 Base to Upgrade license comparison 470 List of available ports when implementing PODs 484 Number of logical switches that support performance - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 31
and N_Port trunk ports 548 Fibre Channel data frames 558 Total FC ports, ports per port group, and unreserved buffer credits per port group 563 Configurable distances for Extended Fabrics 564 620 Decimal-to-hexadecimal conversion table 628 Fabric OS Administrator's Guide 31 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 32
32 Fabric OS Administrator's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 33
the first, "Standard Features," contains the following topics: • Chapter 1, "Understanding Fibre Channel Services," provides information on the Fibre Channel services on Brocade switches. • Chapter 2, "Performing Basic Configuration Tasks," gives a brief overview of Fabric OS, explains the Fabric OS - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 34
for configuring encryption and compression on 16 Gbps ports that connect to other switches using switches but not to others, this guide identifies exactly which switches are supported and which are not. Although many different software and hardware configurations are tested and supported by Brocade - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 35
are supported by this release of Fabric OS: • Fixed-port switches: - Brocade 300 switch - Brocade 5100 switch - Brocade 5300 switch - Brocade 5410 embedded switch - Brocade 5424 embedded switch - Brocade 5430 embedded switch - Brocade 5450 embedded switch - Brocade 5460 embedded switch - Brocade - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 36
Brocade 6520 does require the Trunking license. • In "Buffer credit recovery over an E_Port" on page 566, clarified that for an ISL between a device that supports 16 Gbps and a device that supports only 8 Gbps of this guide are presented in Command syntax in this manual follows these conventions: - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 37
following notices and statements are used in this manual. They are listed below in order of increasing to you or cause damage to hardware, firmware, software, or data. DANGER A For definitions specific to Brocade and Fibre Channel, see the Brocade Glossary. For definitions Guide 37 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 38
://www.t11.org For information about the Fibre Channel industry, visit the Fibre Channel Industry Association website: http://www.fibrechannel.org Getting technical help Contact your switch support supplier for hardware, firmware, and software support, including product repairs and part ordering. To - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 39
and messages received • supportSave command output • Detailed description of the problem, including the switch or fabric behavior immediately following the problem, and specific questions • Description of any troubleshooting steps already performed and the results • Serial console and Telnet session - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 40
Document feedback Quality is our first concern at Brocade and we have made every effort to ensure topic needs further development, we want to hear from you. Forward your feedback to: [email protected] Provide the title and version number of the document and as much detail as possible about - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 41
Fibre Channel Services" •Chapter 2, "Performing Basic Configuration Tasks" •Chapter 3, "Performing Advanced Configuration Configuring Protocols" •Chapter 7, "Configuring Security Policies" •Chapter 8, "Maintaining the Switch Configuration File" •Chapter 9, "Installing and Maintaining Firmware - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 42
42 Fabric OS Administrator's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 43
44 •Management server database 45 •Topology discovery 49 •Device login 51 •High availability of daemon processes 53 Fibre Channel services overview Fibre Channel services define service functions that reside at well-know addresses, as illustrated in Figure 1. A well-known address is a reserved - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 44
• It is accessed by an external Fibre Channel node at the well-known address FFFFFAh, so an application can access information about the entire fabric management with minimal knowledge of the existing configuration. • It is replicated on every Brocade switch within a fabric. • It provides an unzoned - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 45
the msplMgmtDeactivate command. 3. Enter y to confirm the deactivation, as in the following example. switch:admin> msplmgmtdeactivate MS Platform Service is currently enabled. This will erase MS Platform Service configuration information as well as database in the entire fabric. Would you like to - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 46
access to the management server is restricted to only those WWNs listed. NOTE The management server is logical switch-capable. All management server features are supported within a logical switch. Displaying the management server ACL Use the following procedure to display the management server ACL - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 47
to the fabric. Use the following procedure to delete a member from the ACL: 1. Connect to the switch and log in using an account with admin permissions. 2. Enter the msConfigure command. The command becomes the member to be deleted from the ACL. Fabric OS Administrator's Guide 47 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 48
procedure to view the contents of the management server database: 1. Connect to the switch and log in using an account assigned to the admin role. 2. Enter the msPlatShow Associated Management Addresses: [30] "http://java.sun.com/products/1" 48 Fabric OS Administrator's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 49
is disabled by default. The commands switch:admin> mstdenable Request to enable MS Topology Discovery Service in progress.... *MS Topology Discovery enabled locally. switch:admin> mstdenable ALL Request to enable MS Topology Discovery Service in progress.... Fabric OS Administrator's Guide - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 50
disabled by default. ATTENTION MS Topology Discovery Service in progress.... *MS Topology Discovery disabled locally. switch:admin> mstddisable Service in progress.... *MS Topology Discovery disabled locally. *MS Topology Discovery Disable Operation Complete!! 50 Fabric OS Administrator's Guide - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 51
and the class of service supported. 2. PLOGI-Port Login switch, requesting principal switch priority and the domain ID list. Buffer-to-buffer credits for the device and switch ports are exchanged in the SW_ACC command sent to the device in response to the FLOGI. Fabric OS Administrator's Guide - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 52
fabric is detected then it exchanges service parameters with the fabric controller. A available port types. The Fibre Channel protocol (FCP) auto discovery display the contents of a switch's name server, use the the fabric. • A zone has changed. • A switch name has changed or an IP address has changed. - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 53
Fibre Channel standards, the Port World Wide Name (PWWN) of a device cannot overlap with that of another device, thus having duplicate PWWNs within the same fabric is an illegal configuration downtime and reboot the switch at your convenience. , and Supportability daemon logs Guide 53 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 54
automatically restarted (Continued) Description webd Webserver daemon used for WebTools (includes httpd as well). weblinkerd Weblinker daemon provides an HTTP interface to manageability applications for switch management and fabric discovery. 54 Fabric OS Administrator's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 55
CLI, you can also use the following methods to configure a SAN: • Web Tools For Web Tools procedures, refer to Web Tools Administrator's Guide. • Brocade Network Advisor For additional information, refer to the Brocade Network Advisor User Manual for the version you have. • A third-party application - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 56
supported by Brocade Communications Systems, Inc., documenting all possible configurations and scenarios is beyond the scope of this document. In some cases, earlier releases are highlighted to present considerations for interoperating with them. The hardware reference manuals for Brocade products - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 57
on page 56. NOTE To automatically configure the network interface on a DHCP-enabled switch, plug the switch into the network and power it on When the switch comes up, the Telnet quota is cleared. (For instructions on performing a fast boot with Web Tools, see the Web Tools Administrator's Guide.) - - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 58
role. 2. Verify the switch's network interface is configured and that it is connected to the IP network through the RJ-45 Ethernet port. Switches in the fabric that are not connected through the Ethernet port can be managed through switches that are using IP over Fibre Channel. The embedded port - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 59
all users on a FIFO basis, and this log is persistent across reboots and firmware downloads. This command is also supported for standby CPs. The log records the following information whenever a command ins entered in the switch CLI: • Timestamp • Username • IP address of the telnet session • Options - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 60
named user. This argument is available only to Root, Admin, Factory and Securityadmin RBAC roles. Example cliHistory command output showing username switch:root> clihistory --showuser admin CLI history Date & --help: Displays the command usage 60 Fabric OS Administrator's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 61
a password (Examples: firmwaredownload, configupload/download, passwords, log out and then back in. The default accounts on the switch are admin, user, root, and factory. Use the "admin" account to log in to the switch for the first time and to perform the basic configuration tasks. The password - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 62
IP addresses for the Ethernet network interface configuration. Brocade Backbones On Brocade Backbones, you must set IP addresses for the following components: • Both Control Processors (CP0 and CP1) • Chassis management IP Brocade switches On Brocade switches, you must set the Ethernet and chassis - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 63
IP address if the Ethernet network interface is not configured already. For details, refer to "Connecting to Fabrics are assigned to IP over Fibre Channel (IPFC) network interfaces. In Virtual ipAddrShow Example output for a Brocade Backbone ecp:admin> ipaddrshow SWITCH Ethernet IP Address: 10.1.2.3 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 64
gateway address are displayed, then the network interface is configured. Verify the information on your switch is correct. If DHCP is enabled, the network static Ethernet network interface addresses on Brocade DCX and DCX-4S Backbones, and in environments where DHCP service is not available. To use - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 65
IP address for both CP0 and CP1. Example of setting an IPv4 address switch:admin> ipaddrset Ethernet IP Address [10.1.2.3]: Ethernet Subnetmask [255.255.255.0]: Fibre Channel IP Address [220.220.220.2]: Fibre Channel Subnetmask [255.255.0.0]: Gateway IP Address [10.1.2.1]: DHCP [OFF]: off Example of - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 66
information has been configured releases the current Ethernet network interface settings. These include the Ethernet IP address, Ethernet subnet mask, and gateway IP address. The Fibre Channel IP address and subnet mask are static and are not affected by DHCP; for instructions on setting the - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 67
switch:admin> ipaddrset Ethernet IP Address [10.1.2.3]: Ethernet Subnetmask [255.255.255.0]: Fibre Channel IP Address [220.220.220.2]: Fibre Channel enter the static Ethernet IP address and subnet mask of the switch and default gateway address. Otherwise, the Ethernet settings may conflict with other - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 68
IP Address: 10.20.128.1 DHCP: Off switch:admin> IPv6 autoconfiguration IPv6 can assign multiple IP addresses to each network interface. Each interface is configured with a link local address in almost all all managed entities on the target platform. 68 Fabric OS Administrator's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 69
troubleshooting, you must set them correctly. In a Virtual Fabric, there can be a maximum of eight logical switches per Backbone. Only the default switch switch the switch and log date switch:admin switch by name. You can specify the setting using country and city or time zone parameters. Switch switch - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 70
default, all switches are set to Greenwich Mean Time (0,0). If all switches in a fabric are in one time zone, it is possible for you to keep the time zone setup at the default setting. • System services to list all of the time zones supported by the firmware. • Use timeZone_fmt to set the time - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 71
server value on the principal or primary FCS switch are propagated to all switches in the fabric. In a Virtual Fabric, all the switches in the fabric must have the same NTP clock server configured. This includes any Fabric OS v6.2.0 or earlier switches in the fabric. This ensures that time does - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 72
domain IDs persistently set, one of them needs to have its domain ID changed to a domain ID not used within the fabric. The default domain ID for Brocade switches is 1. Domain ID issues Keep the following restrictions in mind when working with domain IDs. • Do not use domain ID 0. Using this domain - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 73
Enet IP Addr The switch Ethernet IP address for IPv4- and IPv6-configured switches. For IPv6 switches, only the static IP address displays. FC IP Addr The switch Fibre Channel IP address. Name The switch symbolic or user-created name in quotes. Fabric OS Administrator's Guide 73 53-1002745 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 74
and log in on an account assigned to the admin role. 2. Enter the switchDisable command to disable the switch. 3. Enter the configure command. 4. Enter y after the Fabric Parameters prompt. Fabric parameters (yes, y, no, n): [no] y 5. Enter a unique domain ID at the Domain prompt. Use a domain - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 75
in a logical fabric must be running Fabric OS v7.1.0. Switches running earlier versions of the firmware can co-exist in the fabric, but do not show the fabric name details. • You must have admin permissions to configure the fabric name. Configuring the fabric name To set and display the fabric name - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 76
and downgrade considerations for fabric names Fabric names are lost during a firmware downgrade. No default fabric name is provided. If a fabric name is needed, it must be configured after the upgrade. Config file upload and download considerations for fabric names A new key, "fabric name" is added - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 77
from root (ttyS0) Wed Jan 25 16:12:09 2006... The system is going down for system halt NOW !! INIT: Switching to runlevel: 0 INIT: Sending processes the TERM signal Unmounting all filesystems. The system is halted flushing ide devices: hda Power down. 5. Power off the switch. Powering off a Brocade - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 78
manual of your specific switch for ISL connection and cable management information. The standard or default ISL mode is L0. ISL mode L0 is a static mode, with the following maximum ISL distances: • 10 km at 1 Gbps • 5 km at 2 Gbps • 2.5 km at 4 Gbps • 1 km at 8 Gbps • 1 km at 10 Gbps • 1 km at 16 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 79
switch changes 104 •Audit log configuration 107 •Duplicate PWWN handling during device login 109 Port Identifiers (PIDs) and PID binding overview Port identifiers (PIDs, also called Fabric Addresses) are used by the routing and zoning services in Fibre Channel problems in Guide 79 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 80
determine which switch the device resides Brocade Backbone, fixed addressing mode is used only on the default logical switch supports addresses from 0x00 to 0x8F. NOTE The default switch in the Brocade support up to 256 NPIV devices. A logical switch can support up to 144 ports that can each support - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 81
: • Port-based mode is not supported on the default switch. • 48-port cards are supported in port-based addressing mode (mode 2) on both DCX-4S and 8510-4 devices. However, the upper 16 ports of a 64-port card are not supported.The Brocade DCX does not support port-based addressing (mode 2) on - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 82
Virtual Fabrics considerations for WWN-based PID assignment WWN-based PID assignment is disabled by default and is supported in the default switch on the Brocade DCX and DCX 8510 Backbone families. This feature is not supported on application blades such as the FS8-18, FX8-24, and the FCOE10-24. The - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 83
switch: admin> configure Configure... Fabric parameters (yes, y, no, n): [no] y WWN Based persistent PID (yes, y, no, n): [no] y System services to the switch and log in using an account with admin permissions. 2. Enter the wwnAddress -bind command to assign a 16-bit PID Guide 83 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 84
is configured to duplicate (mirror) the traffic passing between a specified source port and destination port. This is only supported for pairs of F_Ports. Refer to the Fabric OS Troubleshooting and Diagnostics Guide for more information on port mirroring. • U_Port - A universal Fibre Channel port - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 85
connections. • AP blades are used for Fibre Channel Application Services and Routing Services, FCIP, Converged Enhanced Ethernet, and encryption support. NOTE On each port blade, a particular port must be represented by both slot number and port number. The Brocade DCX and DCX 8510-8 each have 12 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 86
Supported devices This feature is available on a CP8 blade when it is installed on a Brocade DCX, Brocade DCX-4S, Brocade DCX 8510-8 or Brocade instructions on setting port modes, and "Setting port speeds" on page 92 for instructions eth0 by default. If Take the entire switch down and then power - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 87
a unique identifier in a switch. To select a specific -32E, FC16-32), the numbering is contiguous up to port 15; from port 16, the A number of fabric-wide databases supported by Fabric OS (including ZoneDB, Brocade DCX-4S and DCX 8510-4 Backbones. Fabric OS Administrator's Guide 87 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 88
any time an 8G device logs in. Upgrades from prior releases which supported only modes 0 and 1 will not change the existing setting, but switches reset to factory defaults with Fabric OS v6.3.1 or later will be configured to Mode 0 by default. The default setting on new units may vary by vendor - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 89
switch:admin>portdisable 1 ecp:admin>portdisable 1/2 4. Enter the portSwap command. switch default, instructions. CAUTION The fabric will be reconfigured if the port you are enabling or disabling is connected to another switch. The switch Connect to the switch and log in configurations during a switch - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 90
. The following restrictions apply to port decommissioning: • The local switch and the remote switch on the other end of the E_Port must both be running Fabric OS 7.0.0 or later. • Port decommissioning is not supported on links configured for encryption or compression. • Port decommissioning is not - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 91
next option. ATTENTION Forcing the link to an operating mode not supported by the network equipment to which it is attached might result yes] y Advertise 10 Mbps / Half Duplex (yes, y, no, n): [yes] y Committing configuration...done. switch:admin> Fabric OS Administrator's Guide 91 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 92
all ports on the switch to 8 Gbps: switch:admin> switchcfgspeed 8 Committing configuration...done. The following example sets the speed for all ports on the switch to autonegotiate: switch:admin> switchcfgspeed 0 Committing configuration...done. 92 Fabric OS Administrator's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 93
permissions. 2. Enter the portCfgOctetSpeedCombo command. Example The following example configures the ports in the first octet for combination 3 (support autonegotiated or fixed port speeds of 16 Gbps and 10 Gbps): switch:admin> portcfgoctetspeedcombo 1 3 NOTE For information on how encryption and - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 94
the default logical switch. Ports are numbered from 0 through 31 from bottom to top on the left set of ports and 32 through 63 from bottom to top on the right set of ports. 97 No Yes 32 A 32-port, 16-Gbps port blade supporting 2, 4, 8, 10, and 16 Gbps port speeds. NOTE: 10 Gbps speed for FC16 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 95
8-Gbps Fibre Channel, Firmware". Core blades Core blades provide intra-chassis switching and ICL connectivity, between DCX/DCX-4S platforms and between DCX 8510 platforms. • Brocade DCX supports two CORE8 core blades. • Brocade DCX-4S supports two CR4S-8 core blades. • Brocade DCX 8510-8 supports - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 96
application blades are supported for each Brocade Backbone. NOTE During power up of a Brocade DCX or DCX- configuration data would be applied to the new FX8-24. • The FX8-24 and FS8-18 blades cannot co-exist with the FCOE10-24 blade. Enabling and disabling blades Port blades are enabled by default - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 97
, FC8-64, and FC16-48 port blade enabling exceptions Because FC16-32 port blades, port swapping is supported on all 32 ports. This means that if you replace a 32-port blade where a port has been swapped on ports 16 16-31. Disabling blades Use the following procedure to disable a blade: 1. Connect to the switch - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 98
The selection process includes selecting the switch and the blades to be affected by Fibre Channel to Fibre Channel, Ethernet to Ethernet, application to application, and so on). • Port count. Both blades must support the same number of front ports (for example, 16 ports to 16 Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 99
logical switches. For example Figure 3 shows the source blade has ports in a logical switch or must be included in the associated logical switch or logical fabric of the source ports. blades can be carved up into different logical switches as long as they are carved the same way. If slot 1 and - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 100
the ports are set back to their original configurations. 3. Once the command completes successfully, move switches Switches are enabled by default. In some cases, you may need to disable a switch the switch to the disabled state without actually disabling it. However, on reset, the switch will - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 101
--help: Displays the command usage. Power management All blades are powered on by default when the switch chassis is powered on. Blades cannot be powered off when POST or AP initialization are powered off, using the powerOffListSet command. Fabric OS Administrator's Guide 101 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 102
By default, the manually switch operation: 1. Connect to the switch and log in using an account with admin permissions. 2. Enter the switchShow command. This command displays a switch summary and a port summary. 3. Check that the switch and ports are online. 102 Fabric OS Administrator's Guide - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 103
the switch. 1. Connect to the switch and log in using switch power supplies. Refer to the hardware reference manual -48 ENABLED 3 SW BLADE 39 FC8-16 ENABLED 4 SW BLADE 51 FC8-48 ENABLED ENABLED 9 SW BLADE 37 FC8-16 ENABLED 10 AP BLADE 43 FS8 1. Connect to the switch and log in using - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 104
1. Connect to the switch and log in using an Fibre Channel addresses of all devices in the fabric. switch: and control switch changes The track changes feature allows the system messages log for the switch. Use the errDump or errShow command feature: 1. Connect to the switch and log in using an account - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 105
is configured to send SNMP traps. switch:admin> trackchangesshow Track changes status: ON Track changes generate SNMP-TRAP: NO Viewing the switch status Watch Administrator's Guide. Use the following procedure to view the switch status policy threshold values: 1. Connect to the switch and log in - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 106
switch status policy configuration. Example output from a switch The following example displays what is typically seen from a Brocade switch, but the quantity and types vary by platform. switch contributing to MARGINAL status: (0..4) [1]2 106 Fabric OS Administrator's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 107
switch, particularly for security-related event changes. These events include login failures, zone configuration changes, firmware downloads, and other configuration audit event log behaviors and limitations: • By default, all event classes are configured for audit; to create an audit event log for - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 108
daemon, refer to the Fabric OS Troubleshooting and Diagnostics Guide. NOTE If an AUDIT message is logged configured in step 2. switch:admin> auditcfg --enable Audit filter is enabled. To disable an audit event configuration, enter the auditCfg --disable command. 108 Fabric OS Administrator's Guide - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 109
configuration and confirm that the correct event classes are being audited, and the correct filter state appears (enabled or disabled). switch:admin> auditcfg --show Audit filter is enabled. 2-SECURITY 4-FIRMWARE , 2008/10/10-08:28:16 (GMT), [SEC-3021], INFO the default Guide 109 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 110
Enter the switchDisable command to disable the switch. 3. Enter the configure command. 4. Enter y after the first login take precedence over the second login (default). • Enter 1 to have the second login override the switchEnable command to re-enable the switch. With any of these settings, detection - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 111
Redirection 130 Routing overview Data moves through a fabric from switch to switch and from storage to server along one or more paths supports unicast Class 2 and 3 traffic, multicast, and broadcast traffic. Broadcast and multicast are supported in Class 3 only. Fabric OS Administrator's Guide - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 112
ISL from each switch is used as the principal ISL. Figure 5 shows the thick red lines as principal ISLs, and thin green lines as regular ISLs. FIGURE 5 Principal ISLs NOTE FSPF only supports 16 routes in a zone, including Traffic Isolation Zones. 112 Fabric OS Administrator's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 113
), the frame buffer is copied to the destination port and a credit R_RDY message is sent to the host. The switch only needs to read word zero and word one of the Fibre Channel frame to perform what is known as cut-through routing. A frame may begin to emerge from the output port before - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 114
. If the fabric service is enabled in the fabric, then the switch you are introducing into the fabric must also have it enabled. If you experience a segmented fabric, refer to the Fabric OS Troubleshooting and Diagnostics Guide to fix the problem. 114 Fabric OS Administrator's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 115
switch. Flow control in Fibre Channel uses buffer-to-buffer credits, which are distributed by the switch switch, depending on the device type, driver version, and configuration channel is channels Virtual channels 7. Quality of Service (QoS) is 7. The seven data virtual channels (VC8 through VC14) are - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 116
4 Inter-switch links FIGURE 7 Virtual channels on a QoS-enabled ISL 116 Fabric OS Administrator's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 117
a single fabric by establishing point-to-point E_Port connectivity between two Fibre Channel switches that are separated by a network with a protocol such as IP or SONET. Except for link initialization, gateways are transparent to switches; the gateway simply provides E_Port connectivity from one - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 118
Brocade DCX and DCX 8510 Backbone families, routing is handled by the FSPF protocol and either the port-based or exchange-based routing policy. • Each switch can have its own routing policy and different policies can exist in the same fabric. ATTENTION For most configurations, the default routing - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 119
switch:admin> aptpolicy Current Policy: 3 3 : Default Policy 1: Port Based Routing Policy 2: Device Based Routing Policy (FICON support only policy a switch is using applies to the VE_Ports as well. For more information on VE_Ports, refer to the Fibre Channel over IP Administrator's Guide. Exchange- - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 120
on the overall switch performance. It is recommended that the default AP Shared Link Fabrics Virtual Fabrics support DPS on all partitions configured on a per-logical switch basis. In-order delivery (IOD) and DLS settings are set per logical switch as well. IOD and DLS settings for the base switch - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 121
and log in as admin. 2. Enter the switchDisable command to disable the switch. 3. Take the appropriate following action based on the AP route policy you choose to implement: • If the AP Shared Link policy (default) is required, enter the aptPolicy -ap 0 command. • If the AP Dedicated Link policy - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 122
enabled by default and cannot switches. DLS recomputes load sharing when any of the following occurs: • A switch Connect to the switch and log in default with current routing by default. switch:admin> dlsshow DLS is not set switch:admin> dlsset switch:admin> dlsshow DLS is set switch:admin> dlsreset switch - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 123
switch guaranteed to exit the switch in the same to exit the switch in the same order of the policy configured on other switches in the fabric. when the traffic between switches is shared among multiple do not. By default, out-of-order Connect to the switch and log in switch and log - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 124
switch and log in using an account with admin permissions. 2. Type frameLog --show. Example output of framelog --show EDCX16_114064:root option requires an argument; currently only timeout is supported, this specifies that only timeout discards be shown OS Administrator's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 125
• Brocade FC8-16, FC8-32, FC8-48, and FC8-64 port blades • Brocade DCX 8510 Backbone family and supported blades • Brocade FC16-32 and FC16-48 port blades • Brocade FC8-32E and FC8-48E port blades • Brocade FX8-24 application blades in the Brocade DCX and DCX-4S Backbones On the Brocade 7800 switch - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 126
configuration of the Brocade DCX 8510-8 and DCX 8510-4 hardware to prevent frame loss during a core blade removal and insertion. This feature is on by default and cannot be disabled. Lossless core has the following limitations: • Only supported with IOD disabled, which means Lossless core cannot - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 127
disruption. Traffic flow limitations FA4-18 AP blades, which are supported on the Brocade DCX and DCX-4S devices, may continue to experience frame drops the FA4-18 blades do not support this feature. Configuring Lossless Dynamic Load Sharing You configure Lossless DLS switch- or chassis-wide by using - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 128
of this feature: • FEC is configurable only on 16 Gbps-capable switches (Brocade 6505, 6510, 6520, and the Brocade DCX 8510 Backbone family). • FEC is supported only on 1860 and 1867 Fabric Adapter ports operating in HBA mode connected to 16 Gbps Brocade switches running Fabric OS 7.1 and later - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 129
port 1 already has FEC enabled, and so it remains enabled. switch:admin> portcfgfec --enable 0-8 Same configuration for port 1 Disabling forward error correction To disable the FEC portCfgFec --show to display the current FEC configuration. Fabric OS Administrator's Guide 129 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 130
out to all other Fabric OS switches in the fabric that support Frame Redirection. Redirection zones exist only in the defined configuration and cannot be added to the effective configuration. NOTE Fabric OS v7.1.0 is not supported on the Brocade 7600 or Brocade SAS blade. However, this hardware can - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 131
target (40:40:40:40:40:40:40:40): switch:admin>zone --rdcreate 10:10:10:10:10:10:10 delete a frame redirect zone: 1. Connect to the switch and log in using an account with admin permissions. configuration. Example of deleting a frame redirect zone switch 1. Connect to the switch and log in using - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 132
4 Frame Redirection 132 Fabric OS Administrator's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 133
Password policies 141 •The boot PROM password 145 •Remote authentication 149 User accounts overview In addition to the default permissions assigned to the roles of root, factory, admin, and user, Fabric OS supports Chassis role - Similar to switch-level roles, but applies Guide 133 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 134
• Remote TACACS+ service. Users are managed in a remote TACACS+ server. All switches in the fabric can be configured to authenticate against database is manually synchronized by means of the distribute command to push a copy of the switch's local user database to all other switches in the fabric - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 135
switch in the fabric. If no Home Domain is specified for a user, the system provides a default home domain. The default home domain for the predefined account is AD0. For user-defined accounts, the default all users on a switch. M Modify The Factory Root Security - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 136
channel The management channel is the communication established between the management workstation and the switch the same as any of the Fabric OS default roles, any other user-defined role, or minimum of 4 letters and can be up to 16 letters long. • The maximum number of user- Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 137
'security' are: Role Name --------User Admin Factory Root SwitchAdmin FabricAdmin BasicSwitchAdmin SecurityAdmin mysecurityrole Permissions ----------- O OM addition to the default administrative and user accounts, Fabric OS supports up to 252 user-defined accounts in each switch (domain). These - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 138
password for all default accounts should be changed during the initial installation and configuration of each switch. TABLE 15 Default local user accounts Account name Role Admin Domain Logical Fabric Description admin factory root to the switch and switch Connect to the switch and log in - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 139
password. • You cannot change passwords by using SNMP. Changing the password for the current login account 1. Connect to the switch and log in using an account with admin permissions. 2. Enter the passwd command. 3. Enter the requested information at the prompts. Fabric OS Administrator's Guide - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 140
. NOTE If Virtual Fabrics mode is enabled and there are logical switches defined other than the default logical switch, then distributing the password database to switches is not supported. Distributing the password database to switches is not allowed if there are users associated with user defined - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 141
switch user database only. Configured password policies (and all user account attribute and password state information) are synchronized across CPs and remain unchanged after an HA failover. Password policies can also be manually that must appear in the password. The default value is zero. The - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 142
and 24. If the value is set to 0, it means that the new password cannot be set to the current password, but can be set to the most recent password. The default value is 1, which means the current and one previous password cannot be reused. The value 2 indicates that the current and the two previous - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 143
default value is 0 days. NOTE When MaxPasswordAge is set to a nonzero value, MinPasswordAge and Warning must be set to a value that is less than or equal to MaxPasswordAge. Example password expiration policies The following example configures a password accounts. You can configure this policy to keep - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 144
Password policies A failed login attempt counter is maintained for each user on each switch is disabled by default and uses the is manually unlocked an incorrect password before the , and the default value is and the default value is 30 to the switch using an the switch using the switch using - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 145
from a denial of service attack. However, these privileged accounts may then become the target of password guessing attacks. Audit logs 8510 switches, as well as the Brocade Encryption Switch and VA-40FC. If your switch is not listed, please contact your switch support provider for instructions. 1. - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 146
security. The firmware prompts for this password only once. password for future use. The new password is automatically saved. 7. Reboot the switch by typing the reset command at the prompt. Setting the boot PROM password for a Backbone with a recovery string This procedure applies to the Brocade - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 147
for higher security. The firmware only prompts for this password once. It is not switch models. The password recovery instructions provided within this section are only for the switches listed in the Preface. If your switch is not listed, contact your switch support provider for instructions - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 148
password. 8. Reboot the switch by entering the reset command. Setting the boot PROM password for a Backbone without a recovery string This procedure applies to the Brocade CP blade by sliding the On/Off switch on the ejector handle of the standby system. 2 Recovery password. 3 Enter command shell - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 149
high availability. NOTE To recover lost passwords refer to the Fabric OS Troubleshooting and Diagnostics Guide. Remote authentication Fabric OS supports user authentication through the local user database or one of the following external authentication services: • Remote authentication dial-in user - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 150
server. By default, the LDAP service does not require certificates. The configuration applies to all switches. On a Backbone, the configuration replicates itself on a standby CP blade if one is present. It is saved in a configuration upload and applied in a configuration download. Brocade recommends - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 151
and Brocade support for each. TABLE 16 Protocol LDAP options Description Channel type Default port URL Brocade supported? password does not match or the user is not defined, the login fails. Authenticates management connections On Off against any RADIUS databases only. If the RADIUS service - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 152
supported Prevents users from being logged out when n/a n/a you change authentication. Default behavior is to log users out when you change authentication. 1. Fabric OS v5.1.0 and earlier aaaConfig --switchdb setting. Setting the switch authentication mode 1. Connect to the switch - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 153
, or TACACS+ account name and password when logging in to a switch that has been configured with remote authentication. After the remote authentication (RADIUS, LDAP, or TACACS+) server authenticates a user, it responds with the assigned switch role in a Brocade Vendor-Specific Attribute (VSA). If - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 154
and passwords remain functional when the switch is configured to use RADIUS. Changes made to the local switch database do not propagate to the RADIUS server, nor do the changes affect any account on the RADIUS server. Windows 2000 IAS To configure a Windows 2000 internet authentication service (IAS - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 155
Brocade-Passwd-ExpiryDate = "11/10/2011", Brocade-Passwd-WarnPeriod = "30" RADIUS configuration with Admin Domains or Virtual Fabrics When configuring key-value pair is accepted by the switch, additional HomeLF key-value pairs are ignored include the default roles and any Guide 155 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 156
-Type := Local, User-Password == "password" Brocade-Auth-Role = "ZoneAdmin", Brocade-AVPairs1 = "ADList=1,2,6," Brocade-AVPairs2 = "ADList=4-8;ADList=7,9, switch access permissions. To manage a fabric, one can set these permissions to user, admin, and securityAdmin. Configuring RADIUS server support - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 157
the switch and authenticating through RADIUS. The user logs in using the permissions specified with Brocade-Auth-Role. The valid permissions include root, admin, switchAdmin, zoneAdmin, securityAdmin, basicSwitchAdmin, fabricAdmin, operator, and user. You must use quotation marks around "password - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 158
"Adding an authentication server to the switch configuration" on page 175). 2. Save the file $PREFIX/etc/raddb/client.config, and then start the RADIUS server as follows: $PREFIX/sbin/radiusd Configuring RADIUS server support with Windows 2000 The instructions for setting up RADIUS on a Windows - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 159
you want to associate to the appropriate group. 4. Configuring the server For more information and instructions on configuring the server, refer to the Microsoft website. Below is the information you will need to configure the RADIUS server for a Brocade switch. A client is the device that uses the - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 160
Authentication Service window, add additional policies for all Brocade login types for which you want to use the RADIUS server. After this is done, you can configure the switch. NOTE Windows 2008 RADIUS (NPS) support is also available. RSA RADIUS server Traditional password-based authentication - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 161
=%s%] ATTRIBUTE Brocade-Auth-Role ATTRIBUTE Brocade-Passwd-ExpiryDate ATTRIBUTE Brocade-Passwd-WarnPeriod Brocade-VSA(1,string) r Brocade-VSA(6,string) r Brocade-VSA(7,integer) r brocade.dct -- Brocade Dictionary FIGURE 11 Example of a Brocade DCT file Fabric OS Administrator's Guide 161 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 162
LDAP in non-FIPS mode: • There is no password change through Active Directory. • There is no automatic migration of newly created users from the local switch database to Active Directory. This is a manual process explained later. • Only IPv4 is supported for LDAP on Windows 2000 and LDAP on Windows - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 163
your network environment may have. Configuring Microsoft Active Directory LDAP service The following is an overview of the process used to set up LDAP. 1. If your Windows Active Directory server for LDAP needs to be verified by the LDAP client (that is, the Brocade switch), then you must install - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 164
group. For instructions on how set to the group corresponding to the switch role. You can choose any other root, admin, switchAdmin, user, and so on) that the user must use to log in to the switch the default roles available on a switch. Service Pack 1 or you can download this utility from the - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 165
the adlist attribute, then the homeAD '0' will be the default administrative domain for the user. • If you are configuration and OpenLDAP Fabric OS provides user authentication and authorization by means of OpenLDAP or the Microsoft Active Directory service in conjunction with LDAP on the switch - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 166
OpenLDAP server needs to be verified by the LDAP client (that is, the Brocade switch), then you must install a Certificate Authority (CA) certificate on the OpenLDAP server. Follow OpenLDAP instructions for generating and installing CA certificates on an OpenLDAP server. 2. Enable group membership - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 167
schema/local.schema TLSCACertificateFile /root/sachin/ldapcert/cacert.pem TLSCertificateFile /root/sachin/ldapcert/serverCert.pem TLSCertificateKeyFile /root/sachin/ldapcert/serverKey.pem cn=Manager,dc=mybrocade,dc=com -x -w secret -f test.ldif Fabric OS Administrator's Guide 167 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 168
--maprole ldap_role_name switch_role command to map LDAP server permissions to one of the default roles available on a switch. Modifying an entry To modify a directory entry, perform the following steps: =mybrocade,dc=com -x -w secret -f test.ldif 168 Fabric OS Administrator's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 169
sample schema file defines a new objectClass named "user" with optional attributes "brcdAdVfData" and "description". #New attr brcdAdVfData attributetype ( 1.3.6.1.4.1.8412.100 NAME ( 'brcdAdVfData' ) Fabric OS Administrator's Guide 169 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 170
( 1.3.6.1.4.1.8412.110 NAME 'user' DESC 'Brocade switch specific person' SUP top AUXILIARY MAY ( brcdAdVfData adding Virtual Fabrics In the following example, the logical switch that would be logged into by default is 10. If 10 is not available then the Fabric OS Administrator's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 171
=com -x -w secret -f test4.ldif TACACS+ service FabricOS can authenticate users with a remote server using configured to use TACACS+, a Brocade switch becomes a Network Access Server (NAS). The following authentication protocols are supported by the TACACS+ server for user authentication: • Password - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 172
Cisco documentation for installation instructions. 2. Configure the TACACS+ server by editing the tac_plus.cfg file. Refer to "The tac_plus.cfg file" (below) for details. 3. Run the tac_plus daemon to start and enable the TACACS+ service on the server. Example > tac_plus -d 16 /usr/local/etc/mavis - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 173
Configuring by the switch, and password" chap = clear "password" password = clear "password" service = shell { set brcd-role = securityAdmin set brcd-AV-Pair1 = "homeAD=255;ADList=1,2,3"; set brcd-AV-Pair2 = "ADList=200-255"; } } Configuring by the switch. Additional clear "password" service = shell - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 174
five RADIUS, LDAP, or TACACS+ servers. You must be logged in as admin or switchAdmin to configure the RADIUS service. NOTE On dual-CP Backbones (Brocade DCX, DCX-4S, DCX 8510-4, and DCX 8510-8 devices), the switch sends its RADIUS, LDAP, or TACACS+ request using the IP address of the active CP. When - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 175
servers are contacted for service 1. Connect to the switch and log in using an account with admin permissions. 2. Enter the aaaConfig --move command. When the command succeeds, the event log indicates that a server configuration is changed. Fabric OS Administrator's Guide 175 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 176
local authentication is enabled and the authentication servers fail to respond, you can log in to the default switch accounts (admin and user) or any user-defined account. You must know the passwords of these accounts. When the aaaConfig command succeeds, the event log indicates that local database - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 177
you are authenticated to the switch while the switch remains unauthenticated to you. LDAPS) uses a certificate authority (CA). By default, LDAP traffic is transmitted unsecured. You can make the Secure Shell (SSH) protocol. Configuration upload and download support the use of SCP. Simple Network - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 178
OS versions can be part of the secure fabric, but they do not support secure management. Secure management protocols must be configured for each participating switch. Nonsecure protocols may be disabled on nonparticipating switches. If SSL is used, then certificates must be installed. For more - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 179
prompt. Example of setting up SCP for configUpload/download switch:admin# configure Not all options will be available on an enabled switch. To disable the switch, use the "switchDisable" command. Configure... System services (yes, y, no, n): [no] n ssl attributes (yes, y, no, n): [no] n http - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 180
firmware download. Both password and public key authentication can coexist on the switch. Allowed-user For outgoing authentication, the default admin user must set up the allowed-user with admin permissions. By default, the admin is the configured switch by logging in to the switch switch switch: - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 181
be completed by the allowed-user. Use the following procedure to configure outgoing SSH authentication: 1. Log in to the switch as the default admin. 2. Change the allowed-user's permissions to admin, if applicable. switch:admin> userconfig --change username -r admin where the username variable is - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 182
Tools. SSL support is a standard Fabric OS feature. Switches configured for SSL grant default. You can display the encryption support (called "cipher strength") using the Internet Explorer Help:About menu option. If you are running an earlier version of Internet Explorer, you may be able to download - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 183
and Java support, refer to the Web Tools Administrator's Guide. SSL configuration overview You configure SSL access for a switch by obtaining, switches, consider using one certificate authority (CA) to sign all management certificates for a fabric. If you use different CAs, management services - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 184
pair Done. Because CA support for the 2048-bit company name):Brocade Organizational Unit switch on which you generated the CSR. Enter the remote directory name of the FTP server to which the CSR is to be sent. Enter your account name and password on the server. 184 Fabric OS Administrator's Guide - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 185
note of the path name and make sure you have a login name and password on the server. Installing a switch certificate Use the following procedure to install a security certificate on a switch. NOTE You must perform this procedure on each switch. Fabric OS Administrator's Guide 185 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 186
it is already installed, check the certificate store on your browser. The next procedures are guides for installing root certificates to Internet Explorer and Mozilla Firefox browsers. For more detailed instructions, refer to the documentation that came with the certificate. Checking and installing - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 187
select nameRoot.crt. 6. Click Open and follow the instructions to import the certificate. Root certificates for the Java plugin For information on Java requirements, refer to "Browser and Java support" on page 182. This procedure is a guide for installing a root certificate to the Java plugin on the - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 188
password and RootCert is an example root certificate name. Simple Network Management Protocol The Simple Network Management Protocol (SNMP) is a standard method for monitoring and managing network devices. Using SNMP components, you can program tools to view, browse, and manipulate Brocade switch - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 189
Brocade SW traps. For information on Brocade switch switch database. SNMPv3 users whose names do not match with any of the existing Fabric OS local users have a default default switch (.1). switch# Switch-level attributes Attributes that are specific to each logical switch belong to the switch switches - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 190
files, naming conventions, loading instructions, and information about using the Brocade SNMP agent, refer to the Fabric OS MIB Reference. Telnet protocol Telnet is enabled by default. To prevent passing clear text passwords over the network when connecting to the switch, you can block the Telnet - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 191
precede the default rule number by typing the ipfilter --activate command. switch:admin> ipfilter --activate BlockTelnet 9. default_ipv4 policy should be displayed as defined). switch:admin> ipfilter --show Name: BlockTelnet, Telnet access. 1. Connect to the switch through a serial port or SSH - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 192
If you are using the FC-FC Routing Service, be aware that the secModeEnable command is not supported. Table 26 lists the defaults for accessing hosts, devices, switches, and zones. TABLE 26 Access defaults Access default Hosts Any host can access the fabric by SNMP. Any host can Telnet - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 193
default Devices Switch access Zoning All devices can access the management server. Any device can connect to any FC port in the fabric. Any switch can join the fabric. All switches in the fabric can be accessed through a serial port. No zoning is enabled. Port configuration the SNMP service on the - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 194
6 Ports and applications used by switches 194 Fabric OS Administrator's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 195
Each supported Access switches can change the configuration of the fabric. • Device connection control (DCC) policies - Used to restrict which Fibre Channel device ports can connect to which Fibre Channel switch ports. • Switch Fabric OS v6.2.0 and later switches present, the limit for security - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 196
view of the fabric. Virtual Fabric considerations: ACL policies such as DCC, SCC, and FCS can be configured on each logical switch. The limit for security policy database size is set to 1Mb per logical switch. Policy members The FCS, DCC and SCC policy members are specified by device port WWN - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 197
policies are automatically deleted if the you log out without saving them. 1. Connect to the switch and log in using an account with admin permissions, or an account with O permission for the deletion by entering the secPolicyActivate command. Fabric OS Administrator's Guide 197 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 198
switch Connect to the switch and log in using using the switch WWN: switch:admin> secpolicyadd 44:55:66:77:bb): switch:admin> secpolicyadd "DCC_POLICY_abc", " 1. Connect to the switch and log in using 00:40 from the SCC_POLICY: switch:admin> secpolicyremove "SCC_POLICY", Connect to the switch and log - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 199
is allowed to modify and distribute the database within the fabric. Automatic distribution is supported and you can either configure the switches in your fabric to accept the FCS policy or manually distribute the FCS policy. Changes made to the FCS policy are saved to permanent memory only after - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 200
does not affect fabric-wide configuration In Fabric OS v7.1.0 and later, to avoid segmentation of ports due to a member-list order mismatch, security policy members are sorted based on WWN. By default, DCC and SCC policy members are sorted based on WWN. Switches running earlier Fabric OS versions - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 201
not be able to perform any fabric-wide configurations from the primary FCS. Modifying the order of FCS switches 1. Log in to the Primary FCS switch using an account with admin permissions, or command to activate and save the new order. Fabric OS Administrator's Guide 201 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 202
distributed using the fddCfg --fabwideset command or it can be manually distributed to the switches using the distribute -p command. Each switch that receives the FCS policy must be configured to receive the policy. To configure the switch to accept distribution of the FCS policy, refer to "Database - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 203
hubs. By default, all device ports are allowed to connect to all switch ports; no DCC from the switch and are not enforced by the DCC policy. This does not create a security problem because these supported on the CEE ports of the Brocade 8000. Fabric OS Administrator's Guide 203 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 204
Switch ports can be identified by the switch WWN, domain ID, or switch switch domain 1: switch switch domain 2, and all currently connected devices of switch domain 2: switch switch domain 3: switch: switch domain 4, and all devices currently connected to ports 1 through 4 of switch domain 4: switch - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 205
when created using lockdown support Configuration WWN seen on Behavior when DCC policy Behavior on portDisable DCC policy list activates and portEnable • FA-PWWN has logged into the switch • DCC policy will not be allowed to login again. Fabric OS Administrator's Guide 205 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 206
SCC policy can be created. By default, any switch is allowed to join the fabric; the SCC policy does not exist until it is created. When connecting a Fibre Channel router to a fabric or switch that has an active SCC policy, the front domain of the Fibre Channel router must be included in the SCC - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 207
or Fibre Channel Authentication Protocol (FCAP) for authentication. These protocols use shared secrets and digital certificates, based on switch WWN and public key infrastructure (PKI) technology, to authenticate switches. Authentication automatically defaults to FCAP if both switches are configured - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 208
. The AUTH policy is distributed by command; automatic distribution of the AUTH policy is not supported. The default configuration directs the switch to attempt FCAP authentication first, DH-CHAP second. The switch may be configured to negotiate FCAP, DH-CHAP, or both. The DH group is used in the DH - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 209
supported on logical ports ". For more information on Virtual Fabrics, refer to Chapter 10, "Managing Virtual Fabrics". Configuring E_Port authentication 1. Connect to the switch authentication-policy change will not affect online EX_Ports. Fabric OS Administrator's Guide 209 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 210
-CHAP protocol. NOTE Authentication is supported from Brocade fabric switches in native mode to Access Gateway switches and from Access Gateway switches to HBAs. For more information, refer to the Access Gateway Administrator's Guide, Supporting Fabric OS v7.1.0 By default the devicepolicy is in the - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 211
connected to the switch in point-to-point manner and is visible to the entire fabric. The following are not supported: • Public loop devices • Single private devices • Private loop devices • Mixed public and private devices in loop • NPIV devices • FICON channels • Configupload and download will not - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 212
to DH-CHAP or FCAP, have not configured shared secrets or certificates, and authentication is checked (for example, you enable the switch), then switch authentication will fail. If the E_Port Compression," for details about in-flight encryption. 212 Fabric OS Administrator's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 213
configure the switches secure channel (for example, SSH or the serial console) to connect to the switch Access Gateway switches Because Domain ID and name are not supported for Access switch or device on Access Gateway, only the WWN can be used. Fabric OS Administrator's Guide 213 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 214
switch is configured to do DH-CHAP, it is performed whenever a port or a switch is enabled. Warning: Please use a secure channel for setting secrets. Using an insecure channel , or switch name (Leave WWN, Domain, or switch name (Leave blank > Enter WWN, Domain, or switch name (Leave blank when done): - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 215
configuration overview Beginning with Fabric OS release 7.0.0, you must configure the switch to use third-party certificates for authentication with the peer switch switch. 3. Store the CSR from each switch supported and remote switches that will to the switch using an the local switch. switch:admin> - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 216
configuration overview" on page 215. 1. Log in to the switch . switch:admin @10.1.2.3's password: - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 217
policy The AUTH policy can be manually distributed to the fabric by command; there is no support for automatic distribution. To distribute the AUTH policy, see "Distributing the local ACL policies" on page 227 for instructions. Local Switch configuration parameters are needed to control whether - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 218
policies are treated as a chassis-wide configuration and are common for all the logical switches in the chassis. Creating an IP Filter characters. The names default_ipv4 and default_ipv6 are reserved for default IP filter policies. The policy name is case-insensitive and Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 219
configuration and activated at the configuration. The policy to be activated replaces the existing active policy of the same type. Activating the default IP Filter policies returns the IP management interface to its default the switch using : The protocol type. Supported types are TCP or - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 220
to affect the management traffic that is initiated from a switch. A valid port number range is represented by a dash, for example 7-30. Alternatively, service names can also be used instead of port number. Table 37 lists the supported service names and their corresponding port numbers. TABLE 37 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 221
configuration to filter other protocols. Implicitly, ICMP type 0 and type 8 packets are always allowed to support ICMP echo request and reply on commands like ping and traceroute. Action For the action, only "permit" and "deny" are valid. Fabric OS Administrator's Guide 221 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 222
Permit Any 1024-65535 UDP Permit Default policy rules A switch with Fabric OS v6.2.0 or later will have a default IP Filter policy for IPv4 and IPv6. The default IP Filter policy cannot be deleted Permit Permit Permit Permit Permit Permit 222 Fabric OS Administrator's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 223
the default action, which is to deny, is taken. When the IPv4 or IPv6 address for the management interface of a switch is not saved to the persistent configuration until a save or activate subcommand is run. 1. Log in to the switch using an account with admin 's Guide 223 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 224
transaction is aborted. The IPFilter policy can be manually distributed to the fabric by command; there is no support for automatic distribution. To distribute the IPFilter policy, see "Distributing the local ACL policies" on page 227 for instructions. Switches with Fabric OS v6.2.0 or later have - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 225
that database when a policy change is activated. If a fabric-wide consistency policy is not set, then the policies are managed on a per switch basis. For configuration instructions, see "Fabric-wide enforcement" on page 227. Virtual Fabric considerations: Fabric-wide consistency policies are - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 226
Supported policy databases (Continued) Database type Database identifier (ID) FCS policy database IP Filter policy database Password distribution settings switch:admin> fddcfg --showall Local Switch Configuration for all . Disabling local switch protection 1. Connect to the switch and log in - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 227
database cannot be manually distributed. When you 1. Connect to the switch and log in using distributed to other switches in the fabric. target switches. Policy switches in the fabric. NOTE FC routers cannot join a fabric with a strict fabric-wide consistency policy. FC routers do not support - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 228
DCC" switch:admin> fddcfg --showall Local Switch Configuration for all Databases:- DATABASE - Accept/Reject SCC - accept DCC - accept PWD - accept FCS - accept AUTH - accept IPFILTER - accept Fabric Wide Consistency Policy:- "SCC:S;DCC" 228 Fabric OS Administrator's Guide 53 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 229
one side to resolve ACL policy conflict. If neither the fabric nor the joining switch is configured with a fabric-wide consistency policy, there are no ACL merge checks required. do not match, a warning displays and policy commands are disabled1. Fabric OS Administrator's Guide 229 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 230
manually distribute the database you want to use to the switch 230 shows merges that are not supported. TABLE 44 Examples of strict SCC:S;DCC SCC:S DCC:S Ports connecting switches are disabled. Table 45 has a matrix policy_ID" from any switch with the desired configuration to fix the conflict - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 231
. While the tunnel must have a Brocade switch or Backbone at each end, there chassis, nor does it support protection of traffic flows on use of cryptographic security services. The goal of IP select and configure the key management protocol using an automatic or manual key. Guide 231 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 232
inner IP header would contain the IP addresses of the actual endpoints. FIGURE 15 Gateway tunnel configuration Endpoint-to-gateway tunnel In this scenario, a protected endpoint (typically a portable computer) connects gateway and be tunneled back. 232 Fabric OS Administrator's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 233
security 7 FIGURE 16 Endpoint-to-gateway tunnel configuration RoadWarrior configuration In endpoint-to- protection against replay attacks in which an attacker attempts a denial of service attack by replaying an old sequence of packets. IP sec protocols Administrator's Guide 233 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 234
is created. Use the IP secConfig --flush manual-sa command to remove all SA entries from ESP] is the supported combination. Authentication and when configuring the sec policies An IP sec policy determines the security services afforded to a packet and the treatment of Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 235
Key management The IP sec key management supports Internet Key Exchange or Manual key/SA entry. The Internet Key switch populates the security association database (SAD) accordingly. Pre-shared keys A pre-shared key has the .psk extension and is one of the available methods IKE can be configured - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 236
an associated IP sec policy in the local policy database. Manual SA entries are persistent across system reboots. Creating the tunnel Each side of the tunnel must be configured in order for the tunnel to come up. Once you are logged into the switch, do not log off as each step requires that - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 237
to use AH01 as SA. switch:admin> IP secconfig --add policy ips sa-proposal -t IP sec-AH -sa AH01 6. Import the pre-shared key file. Refer to Chapter 6, "Configuring Protocols" for information on how and destination addresses than outbound packets. Fabric OS Administrator's Guide 237 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 238
Use the IP secConfig --flush manual-sa command with the specified operands and configure IKE with pre-shared keys. The two systems are a switch, switch as Admin. 2. Enable IP sec. a. Connect to the switch and switch. 3. Create an IP sec SA policy named AH01, which uses AH protection with MD5. switch: - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 239
switch certificate" on page 185. 7. Configure an IKE policy for the remote peer. switch and 2000 do not support IKEv2. 8. Create an manual-sa -a command. 11. Perform the equivalent steps on the remote peer to complete the IP sec configuration. Refer to your server administration guide for instructions - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 240
the specified operands to display IKE policies. • Use the IP secConfig --flush manual-sa command with the specified operands to flush the created SAs in the kernel • As of Fabric OS 7.0.0, IP sec no longer supports null encryption (null_enc) for IKE policies. • IPv6 policies cannot tunnel IMCP - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 241
Managing Administrative Domains". For more information about troubleshooting configuration file uploads and downloads, refer to the Fabric OS Troubleshooting and Diagnostics Guide. There are two ways to view configuration settings for a switch in a Brocade fabric: • Issue the configShow -all command - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 242
the following options when uploading or downloading a configuration file: -fid -all -chassis To upload the specified FID configuration. To upload all of the system configuration, including the chassis section and all switch sections for all logical switches. NOTE: Use this parameter when obtaining - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 243
logical switch. The chassis section is included in non-Virtual Fabric modes only if you use the configUpload -all command. The chassis section specifies characteristics for the following software components: • FC Routing - Fibre Channel Routing • Chassis configuration - Chassis configuration - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 244
Configuration file backup Brocade recommends keeping a backup configuration file. You should keep individual backup files for all switches in the fabric and avoid copying configurations from one switch to another. The configUpload command, by default, only uploads the switch context configuration - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 245
). SFTP can be used for the configupload/download, supportsave, and auto FFDC/trace upload (supportftp) commands. Uploading a configuration file in interactive mode 1. Verify that the FTP, SFTP, or SCP service is running on the host computer. 2. Connect to the switch and log in using an account with - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 246
in both the downloaded configuration file and the current system. NOTE Brocade recommends you disable a switch before downloading a configuration file. If you plan to download a configuration file while the switch is enabled, refer to "Configuration download without disabling a switch" on page 248 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 247
configuration files downloaded to a Virtual Fabric system have a configuration applied only to the default switch. If there are multiple logical switches created in a Virtual Fabric-enabled system, there may be problems if there are ports that belong to the default switch address. Configuration state - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 248
Watch, or ACL, then you must disable the switch. When you use the configDownload command, you are prompted to disable the switch only when necessary. Configuration download without disabling a switch is independent of the hardware platform and supported on all hardware platforms running Fabric OS v6 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 249
" command. Downloading configuration to an online switch may result in some configuration not being downloaded to that switch. configDownload operation may take several minutes to complete for large files. Do you want to continue [y/n]:y Password: Fabric OS Administrator's Guide 249 53 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 250
.txt,password Configurations across a fabric To save time when configuring fabric parameters and software features, you can save a configuration file from one switch and download it to other switches of the same model type. Do not download a configuration file from one switch to another switch that - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 251
Password: configUpload complete: All selected config parameters are uploaded Example of configUpload on a logical switch configuration configuration download file is downloaded instead of the regular configuration. After the Virtual Fabrics configuration file is downloaded, the switch - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 252
the prompts. Wait for the configuration file to download to the switch. 6. Verify the LISL ports are set up correctly. Example of a non-interactive download from a switch with FID = 8 and SFID =10 configdownload -fid 8 -sfid 10 -ftp 10.1.2.3,UserFoo,config.txt,password Example of configDownload on - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 253
Table 48 as a hard copy reference for your configuration information. In the hardware reference manuals for the Brocade DCX and DCX-4S Backbones, there is a guide for FC port-setting. TABLE 48 Brocade configuration and connection form Brocade configuration settings IP address Gateway address Chassis - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 254
8 Brocade configuration form 254 Fabric OS Administrator's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 255
download process overview Fabric OS v7.1.0 provides nondisruptive firmware installation. This chapter refers to the following specific types of blades inserted into the Brocade DCX and DCX 8510 Backbone families: • FC blades or port blades that contain only Fibre Channel ports; the Brocade FC8-16 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 256
the secondary partition. ATTENTION The Brocade 8000 does not support a nondisruptive firmware download. The switch reboots once the firmware upgrade or downgrade is complete. In dual-CP systems, the firmware download process, by default, sequentially upgrades the firmware image on both CPs using HA - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 257
testing and restoring firmware, refer to "Testing and restoring firmware on Backbones" on page 270. Passwordless firmware download You can download firmware without a password using the sshutil command for public key authentication when SSH is selected. The switch must be configured to install the - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 258
enable you to provide your switch support provider the information required to troubleshoot the firmware download. It is recommended that you use the configUpload command to back up the current configuration before you download firmware to a switch. Refer to "Configuration file backup" on page 244 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 259
helps to troubleshoot the firmware download process if a problem is encountered. 6. Optional: Enter the errClear command to erase all existing messages in addition to internal messages. Obtaining and decompressing firmware Firmware upgrades are available for customers with support service contracts - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 260
Firmware download on switches Brocade fixed-port switches maintain primary and secondary partitions for firmware. The firmwareDownload command defaults to an autocommit option that automatically copies the firmware from one partition to the other. NOTE This section only applies when upgrading - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 261
Firmware download on switches 9 Upgrading firmware for Brocade fixed-port switches 1. Take the following appropriate action based on what service you are using: • If you are using FTP, SFTP, or SCP, verify that the FTP or SSH server is running on the host server and - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 262
. If the CPs are still not in sync, refer to the Fabric OS Troubleshooting and Diagnostics Guide. If the troubleshooting information fails to help resolve the issue, contact your switch service provider. During the upgrade process, the Backbone fails over to its standby CP blade and the IP address - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 263
contact your switch service provider. For further troubleshooting, refer to the Fabric OS Troubleshooting and Diagnostics Guide. 8. Enter the firmwareDownload command and respond to the interactive prompts. 9. At the "Do you want to continue [y/n]" prompt, enter y. The firmware is downloaded to one - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 264
can occur at different rates. Autoleveling takes place in parallel with the firmware download being performed on the CPs, but does not impact performance. Fibre Channel traffic is not disrupted during autoleveling, but GbE traffic on AP blades may be affected. If there is an active FCIP tunnel - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 265
300, 5100, 5300, 6505, 6510, 6520, 7800, 8000, and VA-40FC switches and the Brocade DCX, DCX-4S, or DCX 8510 Backbones support a firmware download from a Brocade branded USB device attached to the switch or active CP. Before the USB device can be accessed by the firmwareDownload command, it must - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 266
OpenSSL utility to provide FIPS support. To use the digitally signed software, you must configure the switch to enable signed firmware download. If it is not enabled, the firmware download process ignores the firmware signature and performs as before. If signed firmware download is enabled, and if - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 267
images are not signed. Configuring a switch for signed firmware 1. Connect to the switch and log in using an account with admin permissions. 2. Enter the configure command. 3. Respond to the prompts as follows: System Service Press Enter to select default setting; default is no. ssl attributes - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 268
server is running on the host server and that you have a user ID on that server. 2. Obtain the firmware file from the Brocade website at http://www.brocade.com or the switch support provider and store the file on the FTP or SSH server. 3. Unpack the compressed files preserving directory structures - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 269
File Name: /home/userfoo/v7.0.0 Password: Do Auto-Commit after Reboot [Y]: n Reboot system after download [N]: y Firmware is being downloaded to the switch. This step may take up to 30 minutes. Checking system settings for firmwaredownload... The switch performs a reboot and comes up with - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 270
firmware download. This command cannot be used to restore SAS and SA images. NOTE Brocade recommends that, under normal operating conditions, you maintain the same firmware firmware downloads to the standby CP only. When it has completed the download CP contains the new firmware. d. Enter the - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 271
firmware is now running on the active CP by entering the firmwareShow command. 9. Update firmware this point the firmware downloads to the firmware on both CPs, which completes the firmware download firmware. b. Enter the firmwareCommit command to update the secondary partition with the new firmware - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 272
storage devices. If you want to upgrade a Backbone with only one CP in it, follow the procedures in "Testing and restoring firmware on switches" on page 268. Be aware that upgrading a Backbone with only one CP is disruptive to switch traffic. 272 Fabric OS Administrator's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 273
discrepancy, it is possible that a device or switch cannot connect to the fabric and further troubleshooting is necessary. firmwareShow Displays the current firmware level on the switch. For Brocade Backbones, this command displays the firmware loaded on both partitions (primary and secondary) for - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 274
9 Validating a firmware download 274 Fabric OS Administrator's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 275
286 •Supported platforms for Virtual Fabrics 286 •Limitations and restrictions of Virtual Fabrics 288 •Enabling Virtual Fabrics mode 290 •Disabling Virtual Fabrics mode 290 •Configuring logical switches to use basic configuration values 291 •Creating a logical switch or base switch 292 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 276
page 606. For information about supported switches and port types, refer to "Supported platforms for Virtual Fabrics" on switch overview Traditionally, each switch and all the ports in the switch act as a single Fibre Channel switch (FC switch) that participates in a single fabric. The logical switch - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 277
FID 15 in the chassis. The default logical switch is initially assigned FID 128. You can change this value later. NOTE Each logical switch is assigned one and only one FID. The FID identifies the logical fabric to which the logical switch belongs. Fabric OS Administrator's Guide 277 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 278
P1 P3 P5 P7 P9 Logical switch 2 Logical switch 1 (Default logical switch) P0 P1 P7 P8 P2 Logical switch 2 P3 Logical switch 3 P4 P9 Logical switch 3 P5 Logical switch 4 P6 Logical switch 4 FIGURE 20 Assigning ports to logical switches 278 Fabric OS Administrator's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 279
and E_Ports from one logical switch to another. If you want to configure a different type of port, such as a VE_Port or EX_Port, you must configure them after you move them. Some types of ports cannot be moved from the default logical switch. Refer to "Supported platforms for Virtual Fabrics" on - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 280
chassis Logical switch 1 P1 (Default logical switch) Fabric ID 128 H1 Logical switch 2 P2 Fabric ID 1 P3 D1 P4 Logical switch 3 Fabric ID 15 P5 D2 Logical switch 4 P6 ISL Fabric ID 8 Switch FIGURE 21 Logical switches connected to devices and non-Virtual Fabrics switch Figure 22 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 281
as: - Logical switch configuration (creating, deleting, or modifying logical switches) - Account management (determining which accounts can access which logical switches) - Field-replaceable unit (FRU) management (slot commands, such as slotShow) - Firmware management (firmware upgrade, HA failover - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 282
1 P4 P5 P7 Logical switch 7 P6 Fabric ID 15 Logical switch 4 P6 Fabric ID 8 Switch P8 Logical switch 8 P9 Fabric ID 8 FIGURE 23 Logical switches connected to other logical switches through physical ISLs Figure 24 shows a logical representation of the configuration in Figure 23. Fabric 128 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 283
logical switches. • Base switches do not support direct device connectivity. A base switch can have only E_Ports, VE_Ports, EX_Ports, or VEX_Ports, but no F_Ports. • The base switch provides a common address space for communication between different logical fabrics. • A base switch can be configured - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 284
. FIGURE 26 Logical ISLs connecting logical switches To use the XISL, the logical switches must be configured to allow XISL use. By default, they are configured to do so; you can change this setting, however, using the procedure described in "Configuring a logical switch to use XISLs" on page 299 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 285
10 By default, the physical ISL path is favored over the logical path (over the XISL) because the physical path has a lower cost. This behavior can be changed by configuring the cost of the dedicated physical ISL to match the cost of the logical ISL. ATTENTION If you disable a base switch, all of - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 286
. • The default logical switch can also be a base switch. Restrictions on fixed-port switches Brocade 7800- Although it can be divided into four logical switches, you cannot use an XISL on this switch because a base switch is not supported on this device. 286 Fabric OS Administrator's Guide 53 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 287
the blades and ports that are supported on each type of logical switch. TABLE 50 Blade and port types supported on logical switches Blade type Default logical switch User-defined logical switch Base switch FC8-16 FC8-32 FC8-32E FC8-48 FC8-48E FC16-32 FC16-48 FC8-64 Yes (F, E) Yes (F, E)1 Yes - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 288
platforms and the maximum number of logical switches (including the default logical switch) supported on each. TABLE 52 Platform Maximum number of logical switches per chassis Maximum number of logical switches Brocade DCX 8 Brocade DCX-4S 8 288 Fabric OS Administrator's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 289
number of logical switches Brocade DCX 8510 family 8 Brocade 5300 4 Brocade 5100 3 Brocade 6510 4 Brocade 6520 4 Brocade 7800 4 Brocade VA-40FC 3 Refer to "Supported port configurations in Brocade Backbones" on page 287 for restrictions on the default logical switch. Restrictions on - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 290
service: iSCSI service: iSNS client service: Virtual Fabric: Ethernet Switch Service: disabled Service not supported on this Platform Service not supported on this Platform disabled Service not supported on this Platform switch enabled on ports in the default switch, the F_Port trunking information - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 291
your switch service provider to determine if you need to use this procedure. You need to run this procedure only once on each chassis, after you enable Virtual Fabrics but before you create logical switches. The configuration settings are then preserved across reboots and firmware upgrades and - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 292
. switchdisable 5. Configure the switch attributes, including assigning a unique domain ID. configure 6. Enable the logical switch. switchenable 7. Assign ports to the logical switch, as described in "Adding and moving ports on a logical switch" on page 295. 292 Fabric OS Administrator's Guide 53 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 293
:admin> lscfg --create 4 About to create switch with fid=4. Please wait... Logical Switch with FID (4) has been successfully created. Logical Switch has been created with default configurations. Please configure the Logical Switch with appropriate switch and protocol settings before activating the - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 294
FID: 4, Base Switch: No, Default Switch: No, Address switches sw0:FID128:admin> fosexec --fid all -cmd "fabricshow fabricshow" on FID 128: Switch "fabricshow" on FID 4: Switch ID Worldwide Name Enet IP switch from the one you are deleting. Use the following procedure to delete a logical switch - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 295
currently configured. If the -port option is omitted, all ports on the specified slot are assigned to the logical switch. NOTE On the Brocade DCX and DCX 8510-8, the lscfg command does not allow you to add ports 48- 63 of the FC8-64 blade to the base switch. These ports are not supported on - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 296
switch configuration Displaying logical switch configuration Use the following procedure to display the configuration for a logical switch own logical switch context. NOTE If you are in the context of the logical switch with context of a different logical switch from the one with the fabric ID you - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 297
ON LS Attributes: [FID: 7, Base Switch: No, Default Switch: No, Address Mode 0] (output truncated) switch_25:FID7:admin> configure Not all options will be available on an enabled switch. To disable the switch, use the "switchDisable" command. Fabric OS Administrator's Guide 297 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 298
Configure... Fabric parameters (yes, y, no, n): [no] y WWN Based persistent PID (yes, y, no, n): [no] Allow XISL Use (yes, y, no, n): [yes] n WARNING!! Disabling this parameter will cause removal of LISLs to other logical switches. Do you want to continue? (yes, y, no, n): [no] y System services - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 299
to use XISLs 10 Configuring a logical switch to use XISLs When you create a logical switch, it is configured to use XISLs by default. Use the following procedure to allow or disallow the logical switch to use XISLs in the base fabric. XISL use is not supported in some cases. See "Limitations - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 300
multiple chassis and XISLs and refers to the configuration shown in Figure 28 as an example. FIGURE instructions. Enabling Virtual Fabrics automatically creates the default logical switch, with FID 128. All ports in the chassis are assigned to the default logical switch. c. Create a base switch - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 301
to these ports on the logical switch. e. (Optional) Configure the logical switch to use XISLs, if it is not already XISL-capable. See "Configuring a logical switch to use XISLs" on page 299 for instructions. By default, newly created logical switches are configured to allow XISL use. f. Repeat step - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 302
10 Creating a logical fabric using XISLs 302 Fabric OS Administrator's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 303
maintenance 316 •Default zoning mode 326 •Zone database size 327 •Zone configurations 328 •Zone object maintenance 333 •Zone configuration management 336 • merging the fabrics. See "LSAN zone configuration" on page 590 for more information. Fabric OS Administrator's Guide 303 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 304
service configured switch with the highest Fabric OS level to perform zoning tasks. To list the commands associated with zoning, use the zoneHelp command. For detailed information on the zoning commands used in the procedures, see the Fabric OS Command Reference. 304 Fabric OS Administrator's Guide - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 305
affect the smallest possible number of devices, minimizing the impact of an incorrect zone change. This zoning philosophy is the preferred method. Fabric OS Administrator's Guide 305 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 306
a zone, such as: • Physical port number or port index on the switch • Node World Wide Name (N-WWN) • Port World Wide Name (P-WWN) Zone port are in the zone. • World Wide Names are specified as 8-byte (16-digit) hexadecimal numbers, separated by colons (:) for example, 10:00:00:90 Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 307
can reside on a switch at once, and you can quickly alternate between them. For example, you might want to have one configuration enabled during the business hours and another enabled overnight. However, only one zone configuration can be enabled at a time. Fabric OS Administrator's Guide 307 53 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 308
Default zoning mode" on page 326). This does not mean that the zone database is deleted, however, only that there is no configuration active in the fabric. On power-up, the switch automatically reloads the saved configuration. If a configuration . 308 Fabric OS Administrator's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 309
procedure to identify zones and zone types: 1. Connect to the switch and log in using an account with admin permissions. 2. isolate any possible problems. This is especially useful as fabrics increase in size. Confirming operation After changing or enabling a zone configuration, you should confirm - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 310
the core switch versus an edge switch. • Zone using a Backbone rather than a switch. A Backbone has more resources to handle zoning changes and implementations. Broadcast zones Fibre Channel allows sending ) with the sender of the broadcast frame. 310 Fabric OS Administrator's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 311
because of its membership in the AD2 broadcast zone. When a switch receives a broadcast packet it forwards the packet only to those devices Refer to "Validating a zone" on page 323 for complete instructions. Broadcast zones and FC-FC routing If you create broadcast zones Guide 311 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 312
a switch has broadcast zone-capable firmware on the active CP (Fabric OS v5.3.x or later) and broadcast zone-incapable firmware on is not implemented or if there is no effective zone configuration. The default zoning mode has two options: • All Access-All devices Administrator's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 313
aliadd "array1", "1,2" switch:admin> aliadd "array2", "21:00:00:20:37:0c:72:51" switch:admin> aliadd "loop1", "5,6" switch:admin> cfgsave WARNING!!! The changes you are attempting to save will render the Effective configuration and the Defined configuration Fabric OS Administrator's Guide 313 53 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 314
an alias: 1. Connect to the switch and log in using an account with admin permissions. 2. Enter the aliDelete command, using the following syntax. alidelete "aliasname" 3. Enter the cfgSave command to save the change to the defined configuration. 314 Fabric OS Administrator's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 315
configuration and the Defined configuration inconsistent. The inconsistency will result in different Effective Zoning configurations for switches the defined and effective configuration) is displayed. Example The following example shows all zone aliases beginning with "arr". switch:admin> alishow " - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 316
Example Displaying existing zones switch:admin> cfgshow Defined configuration: zone: matt 30 supports partial pattern matching ("wildcards") of zone member aliases. This allows you to add multiple aliases that match the "aliasname_pattern" in the command line. 316 Fabric OS Administrator's Guide - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 317
transaction was aborted. 4. Enter the cfgShow command to view the changes. Example Creating a new zone switch:admin> zonecreate sloth, "b*; 10:00:00:00:01:1e:20:20" switch:admin> cfgsave switch:admin> cfgshow Defined configuration: zone: matt 30:06:00:07:1e:a2:10:20; 3,2 zone: sloth bawn; bolt; bond - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 318
to indicate that the transaction was aborted. 4. Enter the cfgShow command to view the changes. Example Removing members from a zone switch:admin> cfgshow Defined configuration: zone: matt zeus; bond; jake; jeff; jones; 3,2; 30:06:00:07:1e:a2:10:20 zone: sloth bawn; bolt; bond; brain; 10 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 319
support partial pattern matching ("wildcards") of zone member aliases. 3. Enter the cfgSave command to save the change to the defined configuration view the changes. Example Replacing zone members switch:admin> cfgshow Defined configuration: zone: matt zeus; bond; jeff; Guide 319 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 320
a zone: 1. Connect to the switch and log in using an account with admin permissions. 2. Enter the zoneDelete command, using the following syntax: zonedelete "zonename" 3. Enter the cfgSave command to save the change to the defined configuration. 320 Fabric OS Administrator's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 321
4,7; 6,8; 9,2 Effective configuration: No Effective configuration: (No Access) switch:admin> switch:admin> zonedelete sloth switch:admin> cfgsave WARNING!!! zeus 4,7; 6,8; 9,2 Effective configuration: No Effective configuration: (No Access) Fabric OS Administrator's Guide 321 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 322
configuration Use the following procedure to view a zone in the configuration: 1. Connect to the switch zone configuration, alias or any other zone name or a configuration) indicates that it is well as deleted in a zone configuration, then "+-" will be displayed switch:admin> cfgshow Defined configuration - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 323
permissions. 2. Enter the cfgShow command to view the zone configuration objects you want to validate. switch:admin> cfgShow Defined configuration: cfg: USA_cfg Purple_zone; White_zone; Blue_zone zone: Blue_zone 1,1; :22; 21:00:00:20:37:0c:76:28 Fabric OS Administrator's Guide 323 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 324
in the zone database in the defined configuration. switch:admin> zone --validate -m 1 Defined configuration: cfg: cfg1 zone1 cfg: cfg2 :1e:35:81:88* Invalid configuration * - Member does not exist The mode flag -m can be used to specify the zone database location. Supported mode flag values are: • - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 325
'Inconsistent Defined and Effective Zone Database' warning to user switch: admin> zoneShow Defined configuration: cfg: cfg1 zone1; zone2 zone: zone1 10:00: configuration: cfg: cfg1 zone: zone1 10:00:00:00:00:00:00:01; 10:00:00:00:00:00:00:02 zone: zone2 1,1; 1,2 Fabric OS Administrator's Guide - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 326
is no effective zone configuration. The default zoning mode has two options configuration disable operation, set the default zoning mode to No Access. NOTE For switches in large fabrics, the default default zoning mode to No Access prior to setting up the Admin Domains. You cannot change the default - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 327
following procedure to view the current default zone access mode: 1. Connect to the switch and log in using an account with admin permissions. 2. Enter the defZone --show command. NOTE If you perform a firmware download of an older release, then the current default zone access state will appear as - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 328
fabric, but cannot exceed 64 bytes for each item. When enabling a new zone configuration, ensure that the size of the defined configuration does not exceed the maximum configuration size supported by all switches in the fabric. This is particularly important if you downgrade to a Fabric OS version - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 329
switches in the fabric if a zone merge or HA failover happens. To avoid inconsistency it is recommended to commit the configurations using the 'cfgenable' command. Do you still want to proceed with saving the Defined zoning configuration only? (yes, y, no, n): [no] y Fabric OS Administrator's Guide - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 330
because this would enable All Access mode and cause a large number of requests to the switch. In this situation, set the default zoning mode to No Access prior to disabling the zone configuration. See "Default zoning mode" on page 326 for information about setting this mode to No Access. The - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 331
switch:admin> zoneremove "zone1","3,5" switch:admin> cfgtransabort Viewing all zone configuration configuration displays. Use the following procedure to view all zone configuration information: 1. Connect to the switch no operands. Example switch:admin> cfgshow Defined configuration: cfg: USA1 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 332
:00:20:37:0c:71:df Viewing selected zone configuration information Use the following procedure to view the selected zone configuration information: 1. Connect to the switch and log in using an account with admin permissions. 00:00:20:37:0c:71:df 332 Fabric OS Administrator's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 333
zone objects you want to copy along with the new object name. NOTE Zone configuration names are case-sensitive, blank spaces are ignored, and the zone --copy command works in any Admin Domain except AD255. switch:admin> zone --copy Test1 US_Test1 Fabric OS Administrator's Guide 333 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 334
switch:admin> cfgshow "Test*" cfg: Test1 Blue_zone cfg: Test_cfg Purple_zone; Blue_zone switch configuration objects you want to delete. switch:admin> cfgShow Defined configuration :37:0c:71:df Effective configuration: cfg: USA_cfg zone: Blue_zone configuration names are case-sensitive, blank spaces - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 335
object is present. 5. If you want the change preserved when the switch reboots, enter the cfgSave command to save it to nonvolatile (flash) memory. 6. Enter the cfgEnable command for the appropriate zone configuration to make the change effective. Fabric OS Administrator's Guide 335 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 336
database" on page 332. If you are adding a switch that is already configured for zoning, clear the zone configuration on that switch before connecting it to the zoned fabric. See "Clearing all zone configurations" on page 333 for instructions. 336 Fabric OS Administrator's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 337
To facilitate merging, check the following before merging switches or fabrics: - Default Zone: The switches must adhere to the default zone merge rules, as described in "Zone merging scenarios" on page 339. - Effective and defined zone configuration match: Ensure that the effective and defined zone - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 338
the default zone mode. The two fabrics will join to make one larger fabric with the same zone configuration across the newly created fabric. If the two fabrics have different zone configurations, they will not be merged. If the two fabrics cannot join, the ISL between the switches will segment - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 339
59 on page 341: Default access mode • Table 60 on page 342: Mixed Fabric OS versions Zone merging scenarios: Defined and effective configurations Switch A Switch B Expected results Switch A has a defined configuration. Switch B does not have a defined configuration. defined: cfg1: zone1: ali1 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 340
Switch A Switch B Expected results Switch A and Switch B have different defined: cfg2 defined configurations. Switch B has an zone2: ali3; ali4 effective configuration. effective: none Switch A does not have a defined configuration. Switch B has a defined configuration 's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 341
scenarios: Default access mode Description Switch A Different default zone access mode settings. defzone: allaccess Same default zone access mode settings. Same default zone access mode settings. Effective zone configuration. Effective zone configuration. Effective zone configuration Effective - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 342
versions of Fabric OS where both sides have default zone mode No Access set, the merge results vary depending on which switch initiates the merge. Concurrent zone transactions While Do you want to enable 'cfg' configuration (yes, y, no, n): [no] 342 Fabric OS Administrator's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 343
configuration. This action will only save the changes on Defined configuration. transactions Do you want to save the Defined zoning configuration only? (yes, y, no, n): [no switch:admin> cfgtransshow Current transaction token is 0x571010459 It is abortable switch help : Help switch:admin> cfgtransshow - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 344
11 Concurrent zone transactions 344 Fabric OS Administrator's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 345
for TI zones 356 •Supported configurations for Traffic Isolation Zoning zone 369 •Displaying TI zones 369 •Troubleshooting TI zone routing problems 370 •Setting up TI over FCR zone is activated, the fabric attempts to isolate all inter-switch traffic entering from a member of the zone to only - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 346
347 for additional information about using this feature. Table 61 compares the behavior of traffic when failover is enabled and disabled. 346 Fabric OS Administrator's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 347
considerations: • This feature is intended for use in simple linear fabric configurations, such as that shown in Figure 31 on page 346. • the path between devices in a TI zone is broken, no inter-switch RSCNs are generated. Each switch that is part of the TI zone generates RSCNs to locally attached - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 348
switches enable the zone configuration, if you any path between switches. Disabling failover does configured for TI zone with failover disabled • It is recommended that the insistent Domain ID feature be enabled; if a switch changes its active domain ID, the route is broken. See the configure - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 349
is not the shortest path. Domain 1 8 1 9 3 Domain 3 9 14 12 15 = Dedicated Path 16 = Ports in the TI zone Domain 2 FIGURE 33 Dedicated path is the only shortest path 7 6 5 the dedicated path is configured to be the shortest path. Fabric OS Administrator's Guide 349 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 350
zones Domain 1 8 1 9 3 Domain 3 9 14 12 15 16 FIGURE 34 = Dedicated Path = Ports in the TI zone Domain 2 useful in FICON fabrics. See the FICON Administrator's Guide for example topologies using enhanced TI zones. See "Additional configuration rules for enhanced TI zones" on page 358 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 351
configuration. You can also display a report of existing and potential problems with TI zone configurations, as described in "Troubleshooting TI zone routing problems" on page 370. Illegal ETIZ configuration (2,1), (2,2), (1,4), (1,3), (3,7), (3,8) Fabric OS Administrator's Guide 351 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 352
ETIZ configuration: two paths from one port = ETIZ 1 = ETIZ 2 Traffic Isolation Zoning over FC routers This section describes how TI zones work with Fibre Channel routing (TI over FCR). See Chapter 24, "Using FC-FC Routing to Connect Fabrics," for information about FC routers, phantom switches - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 353
path is used. If failover is disabled and the TI path is not available, then devices are not imported. NOTE For TI over FCR, all switches in the backbone fabric and in the edge fabrics must be running Fabric OS v6.1.0 or later. Fabric OS Administrator - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 354
the TI zone, when you designate E_Ports between the front and xlate phantom switches, you must use -1 in place of the "I" in the D,I domain) • 4,-1 (E_Port for the xlate phantom domain) NOTE In this configuration the traffic between the front and xlate domains can go through any path between - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 355
:00:00:00:02:00:00 (Port WWN for target 1) • 10:00:00:00:00:03:00:00 (Port WWN for target 2) Fabric OS Administrator's Guide 355 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 356
FC Fast Write. • For the FC8-16, FC8-32, FC8-48, FC8-64, and FX8-24 blades only: If Virtual Fabrics is disabled, two or more shared area EX_Ports connected to the same edge fabric should not be configured in different TI zones. This configuration is not supported. General rules for TI zones The - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 357
General rules for TI zones 12 For example, in Figure 41, the TI zone was configured incorrectly and E_Port "3,9" was erroneously omitted from the zone. The domain 3 switch assumes that traffic coming from E_Port 9 is not part of the TI zone and so that traffic is routed to E_Port 11 instead of - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 358
in TI zone: 9 10 E-Port Trunks Trunk members in TI zone: 16 Trunk members not in TI zone: 17 18 Supported configurations for Traffic Isolation Zoning The following configuration rules apply to TI zones: • Ports in a TI zone must belong to switches that run Fabric OS v6.0.0 or later. For TI over FCR - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 359
not present, and displayed per TI Zone basis. Sample output switch:admin> zone --showTItrunkerrors TI Zone Name: brackets E-Port Trunks Trunk members in TI zone: 16 18 Trunk members not in TI zone: 17 F-Port about TI zones in a backbone fabric. Fabric OS Administrator's Guide 359 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 360
supported with Fabric OS versions earlier than v6.4.0. If such a TI zone and Fabric OS version combination is detected, a warning is issued. These configurations are not prevented, but their behavior is unpredictable. • When you merge two switches 360 Fabric OS Administrator's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 361
a TI zone with failover disabled, this is not a supported configuration. Base switches do not allow the creation of a TI zone with failover 15 XISL XISL 8 7 LS1, FID1 Domain 5 LS2, FID3 16 Domain 6 Base switch Domain 2 17 Chassis 2 = Dedicated Path = Ports in the TI Guide 361 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 362
and 16. You must also include ports 3 and 8, because they belong to logical switches participating switch with domain 1 does not have a port 3 in the switch. This number refers to the port in the chassis with port index 3, which actually belongs to LS3 in FID 1. 362 Fabric OS Administrator's Guide - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 363
3 over the EX_Ports in the base switches. 1 F 2 E LS3, FID1 3 E Domain 3 4 EX 5 EX Base switch Domain 1 6 E 7 E 10 F LS2, FID3 Domain 6 11 E 12 E 15 E 16 E 13 EX Base switch Domain 2 14 EX FIGURE 45 = Dedicated Path = Ports in the TI zones Example configuration for TI zones over FC - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 364
default configuration configuration. To activate a TI zone in a base fabric, you should create a "dummy" configuration , as described in "Creating a TI zone in a base fabric" on page 366. When you create a TI zone, you can enable or disable failover mode. By default the switch configuration - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 365
(default settings): switch:admin default settings): switch:admin> zone --create -t ti backbonezone -p "10:00:00:04:1f:03:16 switch:admin> cfgenable "USA_cfg" You are about to enable a new zoning configuration. This action will replace the old zoning configuration with the current configuration - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 366
a base fabric 1. Connect to the switch and log in using an account with admin permissions. 2. Create a "dummy" zone configuration in the base fabric. For example: -o f "ti_zone2" -p "1,3; 1,10; 7,12; 7,14; 2,16; 2,8" BS_D1> cfgenable "base_config" 366 Fabric OS Administrator's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 367
failover type, and finally re-add the overlapping members. 1. Connect to the switch and log in using an account with admin permissions. 2. Enter one of current effective configuration and enforce the TI zones. cfgenable "current_effective_configuration" Fabric OS Administrator's Guide 367 53- - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 368
switch:admin> zone --add backbonezone -p "3,4; 3,6; 10:00:00:04:1f:03:16:f2;" To disable failover on the existing TI zone bluezone: switch configuration to enforce the change. The TI zone must exist before you can change its state. 1. Connect to the switch configuration and switch:admin> zone - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 369
about the TI zone purplezone switch:admin> zone --show purplezone Defined TI zone configuration: TI Zone Name: redzone: Port List: 1,2; 1,3; 3,3; 4,5 Configured Status: Activated / Failover-Enabled Enabled Status: Activated / Failover-Enabled Fabric OS Administrator's Guide 369 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 370
12 Troubleshooting TI zone routing problems Example displaying information about all TI zones in the defined configuration in ascending order switch:admin> zone --show -ascending Defined TI zone configuration: TI Zone Name: bluezone: Port List: 8,3; 8,5; 9,2; 9,3; Configured Status: Deactivated - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 371
Switch ID Worldwide Name Enet IP Addr FC IP Addr Name 1: fffc01 50:00:51:e3:95:36:7e:04 0.0.0.0 0.0.0.0 "fcr_fd_1" 4: fffc04 10:00:00:60:69:80:1d:bc 10.32.72.4 0.0.0.0 >"E1switch" 6: fffc06 50:00:51:e3:95:48:9f:a0 0.0.0.0 0.0.0.0 "fcr_xd_6_9" Fabric OS Administrator's Guide - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 372
Setting up TI over FCR (sample procedure) The Fabric has 3 switches b. Enter the following commands to create and display a TI zone: E1switch:admin> zone --create -t ti TI_Zone1 -p "4,8; 4,5, 1,-1; 6,-1" E1switch:admin> zone --show Defined TI zone configuration: TI Zone Name: TI_Zone1 Port List - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 373
configuration. This action will replace the old zoning configuration with the current configuration enable 'cfg_TI' configuration (yes, y, --show Defined TI zone configuration: TI Zone Name: TI_Zone1 configuration. This action will replace the old zoning configuration with the current configuration - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 374
12 Setting up TI over FCR (sample procedure) 374 Fabric OS Administrator's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 375
Supported configurations for bottleneck detection 377 •Credit Loss 379 •Enabling bottleneck detection on a switch 380 •Displaying bottleneck detection configuration . • Reduce the time it takes to troubleshoot network problems. If you notice one or more applications Guide 375 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 376
configured on a per-switch basis, with optional per-port exclusions. • Bottleneck detection is disabled by default. Best practice is to enable bottleneck detection on all switches at 8 Gbps over a 4 Gbps ISL. You can use the bottleneckMon command to configure separate alert Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 377
the Fabric OS Command Reference. Supported configurations for bottleneck detection The following configuration rules apply to bottleneck detection: • Bottleneck detection is supported only on Fibre Channel ports and FCoE F_Ports. • Bottleneck detection is supported only on the following port types - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 378
configuration is persistent across firmware upgrades and downgrades. The sub-second latency criterion parameter settings are not preserved on downgrade to firmware versions earlier than Fabric OS 7.0.0. If you downgrade and then upgrade back to Fabric OS 7.0.0, the settings revert to their default - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 379
-end ports and core blades as well as on the Brocade 5300 and 6520 switches, although the support is slightly different on each device. See below for details on these switches, and the Fabric OS Troubleshooting and Diagnostics Guide for more general information. Back-end credit loss detection and - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 380
OS Troubleshooting and Diagnostics Guide for more information. • The bottleneck detection commands are supported on F_Ports, FL_Ports, E_Ports, and EX_Ports. • The credit recovery commands are supported only on back-end ports of 4G, 8G, and 16G Capable FC platforms for blades in the Brocade DCX - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 381
Displaying bottleneck detection configuration details 13 3. Repeat step 1 and step 2 on every switch in the fabric. NOTE Best practice is to use the default values for the alerting and sub-second latency criterion parameters. Example of enabling bottleneck detection (Recommended use case) The - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 382
the switch level has been set switch:admin> bottleneckmon --status Bottleneck detection - Enabled Switch-wide then that section is not displayed. Setting bottleneck detection alerts You can configure Fabric OS to log per-port alerts based on the latency and congestion 's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 383
, respectively. This example uses the default values for these parameters, where - both alerts using the default alert values. Example switch:admin> bottleneckmon --enable -alert switch:admin> bottleneckmon --status Bottleneck detection - Enabled Switch - 50.000 Switch-wide alerting parameters: - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 384
300 seconds Changing bottleneck detection parameters When you enable bottleneck detection, you can configure switch-wide or port-specific alerting parameters. The alerting parameters indicate whether alerts are only on the master port. 384 Fabric OS Administrator's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 385
"Notes" on page 388 for information about --config and -alert-related settings. Use the following procedure to configure the bottleneck detection parameters: 1. Connect to the switch and log in using an account with admin permissions. 2. Enter the bottleneckmon --config command to set the alerting - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 386
--status Bottleneck detection - Enabled Switch-wide sub-second latency bottleneck criterion: Time threshold - 0.800 Severity threshold - 50.000 Switch-wide alerting parameters: Alerts - Yes Latency threshold for alert - 0.200 386 Fabric OS Administrator's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 387
only alerts configured in switch:admin> bottleneckmon --config -alert=latency -time 250 47 switch:admin> bottleneckmon --status Bottleneck detection - Enabled Switch Switch switch:admin> bottleneckmon --configclear 46-47 switch:admin> bottleneckmon --status Bottleneck detection - Enabled Switch - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 388
frequency of bottleneck alerts Depending on the circumstances, a problematic switch or port might be triggering alerts more frequently than desired An --enable operation behaves as if there is no preexisting user configuration, so if the --enable command does not include -alert, Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 389
in a second for that second to be considered affected by latency. The default value of 50 means that the observed throughput in a second must be -port basis. You cannot change them on the entire switch, as you can with alerting parameters, unless you disable Administrator's Guide 389 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 390
detection: 1. Connect to the switch to which the target port bottleneck detection on a switch" on page 392 switch:admin> bottleneckmon --exclude 7 switch:admin> bottleneckmon --status Bottleneck detection - Enabled Switch 50.000 Switch-wide alerting switch:admin> bottleneckmon --include 7 switch - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 391
of bottlenecked ports is any port that had a bottleneck occur during any second in the corresponding interval. switch:admin> bottleneckmon --show -interval 5 -span 30 Wed Jan 13 18:54:35 UTC 2010 List Jan 13 18:54:30 Jan 13 18:54:35 0 Fabric OS Administrator's Guide 391 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 392
13 Disabling bottleneck detection on a switch Disabling bottleneck detection on a switch When you disable bottleneck detection on a switch, all bottleneck configuration details are discarded, including the list of excluded ports and non-default values of alerting parameters. Use the following - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 393
time for an ISL, or you can enable either encryption or compression selectively. Figure 49 shows an example of 16 Gbps links connecting three Brocade switches. One link is configured with encryption and compression, one with just encryption, and one with just compression. Fabric OS Administrator - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 394
and compression on 16 Gbps ISLs The encryption supported for encryption and compression. • Ports must be 16 Gbps capable, although port speed can be any configurable support encryption or compression. ICL ports do not currently support encryption or compression. • Encryption is not supported - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 395
. TABLE 62 Number of ports supported per chip or per trunk Blades (FC16-32, FC16-48)1 Port speed Encryption only Compression only Encryption and compression 16 Gbps 4 ports 4 ports 4 ports 10 Gbps 6 ports 6 ports 6 ports 8/4/2 Gbps 8 ports 8 ports 8 ports Auto-negotiate - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 396
successfully negotiates a speed other than 16G. See also "Configuring encryption and compression" on page 399 and the Fabric OS Command Reference for more details. Usage: portEncCompShow [slot/]port Example output switch:admin> portStatsShow 16/17 16 16 011000 id N8 Online FC 2" (downstream) 17 17 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 397
No No No No 16 No No Yes Yes configuration on port 2 switch:admin> portcfgcompress --enable 2 Example Disabling the compression configuration on port 2 switch configuration for port 2 switch:admin> portcfgencrypt --enable 2 Example Disabling the encryption configuration for port 2 switch - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 398
on the supported devices: • The Diffie-Hellman - Challenge Handshake Authentication Protocol (DH-CHAP) protocol must be configured along with Brocade 6510 and 6520 switches, if the two ports are not configured for trunking, we recommend that you connect each ISL to different ASICs on the peer switch - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 399
created logical switch, base switch, or default switch; and EX_Ports on base switches can support encryption and compression. You can configure encryption on these commands. Configuring encryption and compression On a given ISL between two 16 Gbps E_Ports or EX_Ports, you can configure each port for - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 400
online without using authentication. After this, the front wwn of any online EX_Port connected to the same switch can be used to configure the secret keys in the edge fabric switch. Summary These steps summarize how to enable encryption or compression on a port: 1. Use the portEncCompShow command to - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 401
configured for either encryption or compression and therefore has any two ports available for this purpose. For bladed switches switch:admin> portenccompshow User Encryption Compression Config Port configured Active configured a device that can support the encryption and compression feature - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 402
No 4G No 8G No 16G No 16G switch> portcfgspeed 1 0 Configuration for port (1) failed as it exceeds current supported capacity. Compression ratios and encryption/compression enabled ports and the tx values are before compression. 402 Fabric OS Administrator's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 403
ratio data, we recommend that you enable ports for compression only. Configuring and enabling authentication To configure authentication for ports that will later be configured for encryption, follow these steps: 1. Log in to the switch using an account with admin permissions, or an account with OM - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 404
port on which you want to configure encryption. 3. Enter the portCfgEncrypt --enable command. The following example enables encryption on port 21 on a Brocade 6510 switch: switch:admin> portcfgencrypt --enable 21 The following example enables encryption on port 15 of an FC16-32 blade in slot 9 of an - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 405
compression on port 15 of an FC16-32 blade in slot 9 of an enterprise class platform: switch:admin> portcfgcompress --disable 9/15 4. Enable the port with the portEnable command. After enabling the port, the new configuration becomes active. Fabric OS Administrator's Guide 405 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 406
configuring and enabling encryption and compression. In this case, encryption and compression are being applied to the E_Ports at either end of an ISL connecting a port on a blade in an enterprise class platform named 'myDCX' to a port on a Brocade 6510 switch OS Administrator's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 407
up secret keys does not initiate DH-CHAP authentication. If switch is configured to do DH-CHAP, it is performed whenever a port or a switch is enabled. Warning: Please use a secure channel for setting secrets. Using an insecure channel is not safe and may compromise secrets. Following inputs should - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 408
--show AUTH TYPE HASH TYPE GROUP TYPE dhchap md5 4 Switch Authentication Policy: ON Device Authentication Policy: OFF myswitch:admin> > portcfgencrypt --enable 0 Please disable port to configure Encryption/Compression. myswitch:admin> portdisable 0 myswitch:admin Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 409
Shooter Port D-Port mode: Compression: Encryption: FEC: myswitch:admin> OFF OFF OFF ON OFF 0(R_A_TOV) 126 OFF OFF OFF ON ON OFF Fabric OS Administrator's Guide 409 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 410
Port D-Port mode: Compression: Encryption: FEC: myswitch:admin> OFF OFF OFF ON OFF 0(R_A_TOV) 126 OFF OFF OFF OFF OFF OFF 410 Fabric OS Administrator's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 411
Fibre Channel router to an edge fabric. From the point of view of a switch in an edge fabric, an EX_Port appears as a normal E_Port; It follows applicable Fibre Channel a switch that does not support encryption/compression, the port will be disabled. • Encryption or compression configuration is - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 412
configures and enables encryption and compression on an EX_Port. The commands in this example are shown entered on a Brocade 6510 named 'myswitch' as Fibre Channel Router (FCR) and an edge switch key database myswitch:admin> secauthsecret --set 412 Fabric OS Administrator's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 413
authentication. If switch is configured to do DH-CHAP, it is performed whenever a port or a switch is enabled. Warning: Please use a secure channel for setting secrets. Using an insecure channel is not safe LOS TOV enable OFF NPIV capability ON Fabric OS Administrator's Guide 413 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 414
Compression: ON Encryption: ON FEC: ON myswitch:admin> Example Setting the secret key for the front phantom wwn projected by the FCR on the 'edge' switch Use portCfgExPort EX_Port# on the remote FCR to learn the front phantom - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 415
Switch: Brocade Native 20 160 50:00:53:31:37:43:ee:14 8 10:00:00:05:33:13:70:3e Auto Negotiate 10000(N) 2000(N) None N/A N/A OFF OFF OFF N/A N/A Example Configuring the 'edge' switch TYPE dhchap md5 4 Switch Authentication Policy: ON Device switch. Use portCfgExPort EX_Port# on that switch - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 416
authentication. If switch is configured to do DH-CHAP, it is performed whenever a port or a switch is enabled. Warning: Please use a secure channel for setting secrets. Using an insecure channel is not safe Buffers OFF Fault Delay: 0(R_A_TOV) 416 Fabric OS Administrator's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 417
is enabled with encryption and compression, you can verify using either the fcrEdgeShow or portCfgExPort commands. See the following section for details. Fabric OS Administrator's Guide 417 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 418
configuration parameters switch:admin> portcfgexport 47 Port 47 info Admin: enabled State: OK Pid format: core(N) Operate mode: Brocade Firmware downgrading is blocked if one or more EX_Ports has the Encryption/Compression feature enabled. 418 Fabric OS Administrator's Guide 53-1002745 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 419
Chapter NPIV 15 In this chapter •NPIV overview 419 •Configuring NPIV 421 •Enabling and disabling NPIV 422 •Viewing NPIV port configuration information 423 NPIV overview N_Port ID Virtualization (NPIV) enables a single Fibre Channel protocol port to appear as multiple, distinct ports, - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 420
Upgrade considerations The maximum logins per switch has decreased with Fabric OS v6.4.0. When upgrading from a release previous to Fabric OS v6.4.0 and later, the configured Brocade DCX and DCX-4S, fixed addressing mode is used only on the default logical switch. The number of NPIV devices supported - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 421
, 113, and higher, are limited to 63 logical devices. 3. Maximum limit of 63 for 10-bit areas connected to third-party (non-Brocade) NPIV HBAs. Configuring NPIV The NPIV feature is enabled by default. You can set the number of virtual N_Port_IDs per port to a value from 1 through 255 per port. The - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 422
, 5430, 5450, 5460, 5470, and 5480 embedded switches, Brocade DCX and DCX 8510 Backbone families, and the FA4-18 blade, NPIV is enabled for every port. NOTE NPIV is a requirement for FCoE. The CEE/FCoE ports on the Brocade 8000 have NPIV enabled by default, but NPIV cannot be enabled or disabled on - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 423
command to view the switch ports information. The following example shows whether a port is configured for NPIV: switch:admin> portcfgshow Ports switch:admin> switchshow switchName:switch Nport + 1 NPIV devices. 20:0e:00:05:1e:0a:16:59 4. Use the portShow command to view the NPIV attributes and - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 424
configuration information switch 16:fc c0:50:76:ff:fb:00:16:f8 ... ... c0:50:76:ff:fb:00:16 0 Link_failure: 16 Frjt: 0 : 16 2_parity_err switch:admin> portloginshow :16:fc 101 2048 c fe 63023f c0:50:76:ff:fb:00:16: 16:80 192 2048 c scr=3 scr=3 scr=3 d_id=FFFFFC d_id= - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 425
-PWWN 425 •User- and auto-assigned FA-PWWN behavior 426 •Configuring FA-PWWNs 426 •Supported switches and configurations for FA-PWWN 429 •Configuration upload and download considerations for FA-PWWN 430 •Firmware upgrade and downgrade considerations for FA-PWWN 430 •Security considerations for - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 426
16 User- and auto-assigned FA-PWWN behavior NOTE For the server to use the FA-PWWN feature, it must be using a Brocade HBA or adapter. Refer to the release notes for the HBA or adapter versions that support this feature. Some configuration of the HBA must be performed to use the FA-PWWN. User - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 427
FA-PWWNs 16 This section includes an FA-PWWN configuration procedure for each of the following two topologies: • An FA-PWWN for an HBA device that is connected to an Access Gateway switch. • An FA-PWWN for an HBA device that is connected directly to an edge switch. These topologies are shown - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 428
as root. b. Enter the following command: bcu port -faa port_id --enable c. Enter the following command: bcu port -faa port_id --query Once the Brocade HBA has . Configuring an FA-PWWN for an HBA connected to an edge switch For this procedure, some of the steps are to be executed on the switch and - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 429
. Supported switches and configurations for FA-PWWN The FA-PWWN feature is supported on the following platforms: • Switch platforms running Fabric OS v7.0.0 or later: - Brocade DCX, DCX-4S, and DCX 8510 family - Brocade 300 - Brocade 5100 - Brocade 5300 - Brocade 6505 - Brocade 6510 - Brocade 6520 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 430
export the FA-PWWN configuration. ATTENTION Brocade recommends you delete all FA-PWWNs from the switch with the configuration being replaced before you upload or download a modified configuration. This is to ensure no duplicate FA-PWWNs in the fabric. Firmware upgrade and downgrade considerations - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 431
trunking on the supported Access Gateway platforms. Access Gateway N_Port failover with FA-PWWN If an FA-PWWN F_Port on an Access Gateway fails over to an N_Port that is connected to a different switch, the FA-PWWN of that Access Gateway F_Port must also be configured on that switch. If not, the - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 432
16 Access Gateway N_Port failover with FA-PWWN 432 Fabric OS Administrator's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 433
fabric elements that defines which switches, ports, and devices you Domains permit access to a configured set of users. Using are not supported at the same time on a switch. Do can manage which devices, hosts, and switches. You can have up to 256 16 active Admin Domains run concurrently. More than 16 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 434
Admin Domain and has a range from 0 through 255. The domain ID identifies a switch in the fabric and has a range from 1 through 239. Figure 52 shows a 53, users can see all switches and E_Ports in the fabric, regardless of their Admin Domain; however, the switch ports and end devices are filtered - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 435
switch supported on the Brocade 8000. The Brocade 8000 can be in AD0 only. • The default zone mode setting must be set to No Access before you create Admin Domains (refer to "Setting the default zoning mode for Admin Domains" on page 443 for instructions Service configuration Guide 435 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 436
other administrators or users to each Admin Domain. The default admin account is the first physical fabric administrator. Only . • The implicit membership list contains all devices, switch ports, and switches that have not been assigned to any other Admin Domain Administrator's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 437
you create Admin Domains because you can see which devices, switch ports, and switches are not yet assigned to any Admin Domains. AD0 owns the root zone database (legacy zone database). AD255 AD255 is a encompasses the entire physical fabric. Fabric OS Administrator's Guide 437 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 438
the Admin Domain list, is a configurable property of a non-default user account. Here is some switch to a different Admin Domain (refer to "Switching to a different Admin Domain context" on page 456 for instructions). • For default accounts such as admin and user, the home Admin Domain defaults - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 439
defaults switch:admin> switch:AD1:admin> switch switch ports, or switches configuration Switch port members Switch port members are defined by switch domain,index and have the following properties: • A switch port member grants port control rights and zoning rights for that switch port. • A switch switch - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 440
list. NOTE If the switch domain ID changes, switch. • A switch member allows switch administrative operations such as disabling and enabling a switch, rebooting, and firmware downloads. • A switch member does not provide zoning rights for the switch switch WWNs. The switch WWN has the following - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 441
56 shows the filtered view of the fabric as seen from AD3 and AD4. The switch WWNs are converted to the NAA=5 syntax; the device WWNs and domain IDs remain the 10:00:00:00:c8:3a:fe:a2 FIGURE 56 Filtered fabric views showing converted switch WWNs Fabric OS Administrator's Guide 441 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 442
Domains maintain continuity of service for Fabric OS features and operate in mixed-release Fabric OS environments. High availability is supported with some backward compatibility. When an E_Port comes online, the adjacent switches merge their AD databases. The receiving switch accepts an AD database - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 443
" on page 290. Admin Domains and Virtual Fabrics cannot co-exist. 3. Set the default zone mode to No Access, if you have not already done so. Refer to "Setting the default zoning mode" on page 326 for instructions. 4. Switch to the AD255 context, if you are not already in that context: Fabric OS - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 444
instructions. Example of creating Admin Domains The following example creates Admin Domain AD1, consisting of two switches, which are designated by domain ID and switch WWN. switch , which is the default Admin Domain context after configurations. 444 Fabric OS Administrator's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 445
it. This example also assigns blue_ad1 as the user's home Admin Domain. switch:admin> userconfig --add ad1admin -r admin -h blue_ad1 -a "blue_ad1" The fabric administrator. switch:admin> userconfig --add pfa_admin1 -r admin -h 255 -a "0-255" Fabric OS Administrator's Guide 445 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 446
remaining list. Example of removing Admin Domain green_ad2 from the user account adm1 switch:admin> userconfig --deletead adm1 -a "green_ad2" Broadcast message from root (pts/0) Wed Jan 27 20:57:14 2010... Security Policy, Password or Account Attribute Change: adm1 will be logged out Ads for account - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 447
switch and log in using an account with admin permissions. 2. Disable the zone configuration under the Admin Domain you want to deactivate. cfgdisable 3. Switch specify device and switch port members and the -s option to specify switch members. ad switch_list is a list of switch WWNs or domain IDs. 4. - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 448
rename operation does not take effect if the Admin Domain you want to rename is part of the effective configuration. 1. Connect to the switch and log in using an account with admin permissions. 2. Switch to the AD255 context, if you are not already in that context. ad --select 255 3. Enter the ad - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 449
name of Admin Domain Eng_AD to Eng_AD2 switch:AD255:admin> ad --rename Eng_AD Eng_AD2 Connect to the switch and log in using an account with admin permissions. 2. Switch to the Admin switch:AD255:admin> ad --delete AD_B3 You are about to delete an AD. This operation will fail if zone configuration - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 450
all zone configurations" on page 333 for instructions. 2. Connect to the switch and log in using an account with admin permissions. 3. Switch to the user-defined ADs: • Create and activate zone configurations in AD0 that are equivalent to the zone configurations in each of the user-defined ADs. • - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 451
newly added zones in AD0 to the zone configuration. cfgadd "cfgName", "member[;member]" 5. Enable the configuration to complete the transaction. cfgenable cfgName 6. Switch to the AD255 context. ad --select 255 device WWN2 is in both AD0 and AD1. Fabric OS Administrator's Guide 451 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 452
Zone CFG Info for AD_ID: 0 (AD Name: AD0, State: Active) : Defined configuration: cfg: AD0_cfg AD0_RedZone zone: AD0_RedZone 10:00:00:00:01:00:00:00; 10:00:00:00:02 :00:00:00 Effective configuration: cfg: AD0_cfg zone: AD0_RedZone 10:00:00:00:01:00:00:00 10:00 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 453
configuration configuration: cfg: AD2_cfg configuration configuration. This action will replace the old zoning configuration with the current configuration configuration ( configuration. This action will trigger AD apply to all switches configuration. This action will trigger AD apply to all switches - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 454
and switch member switches and their devices. 1. Connect to the switch and log in using an account with admin permissions. 2. Switch configuration: AD Number: 2 AD Name: ad2 State: Active Switch Domain looks like a virtual switch or fabric to a user 434). Any devices and switch ports that are not - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 455
to the switch and log in. 2. Enter the ad --exec command, specifying the Admin Domain and the command you want to execute. ad --exec ad_id "command" Example of executing the switchShow command in the AD7 context switch:AD255:admin> ad --exec 7 "switchshow" Fabric OS Administrator's Guide 455 53 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 456
configuration stored in the persistent memory (defined configuration). • 2 to display the currently enforced Admin Domain configuration (effective configuration). Example of displaying membership information about AD1 switch 01; Switching to a different Admin Domain context You can switch between - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 457
Configuration upload and download Refer to "Configuration upload and download in an AD context" on page 460 for details. Fabric Watch Fabric Watch configuration operations are allowed only if the local switch is part of the current Admin Domain. FC-FC Routing Service To support legacy - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 458
support Switch Connection Control (SCC) policies are supported only in AD0 and AD255, because ACL configurations are supported only in AD0 and AD255. iSCSI iSCSI operations are supported switch with Admin Domains to a Virtual Fabrics-enabled switch with the root zone configuration and enforced. - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 459
configuration are enforced. The enforcement policy encompasses zones in the effective zone configuration of the root zone database and the effective zone configurations 323 for instructions on configured and no explicit members are added to AD0), AD0 supports both All Access and No Access default - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 460
all Admin Domains and then issue configDownload to restore them. TABLE 68 Configuration upload and download scenarios in an AD context Configuration file sections AD contexts iSCSI ACL Zone AD headers Switch configuration and other parameters AD255: With ADs Yes Yes Yes1 Yes Yes Without - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 461
Licensed Features Section II This section describes optionally licensed Brocade Fabric OS features and includes the following chapters: • Chapter 18, "Administering Licensing" • Chapter 19 " • Chapter 24, "Using FC-FC Routing to Connect Fabrics" Fabric OS Administrator's Guide 461 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 462
462 Fabric OS Administrator's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 463
chapter •Licensing overview 463 •Brocade 7800 Upgrade license 470 •ICL licensing 471 switch, use the configUpload command before you upgrade or downgrade Fabric OS. Fabric OS includes basic switch and fabric support software, and support switch. Fabric OS Administrator's Guide 463 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 464
7.1. TABLE 69 License Available Brocade licenses Description 10 Gigabit FCIP/Fibre Channel (10G license) 7800 Upgrade • Allows 10 Gbps operation of FC ports on the Brocade 6510or 6520 switches or the FC ports of FC16-32 or FC16-48 port blades installed on a Brocade DCX 8510 Backbone. • Enables - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 465
on those products that support Access Gateway deployment. Brocade Ports on Demand Allows you to instantly scale the fabric by provisioning additional ports using license key upgrades. NOTE: Applies to the Brocade 300, 5100, 5300, 6505, 6510, 6520, and VA-40FC switches. DataFort Compatibility - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 466
than four chassis using ICLs in a fabric, it does not enable the ICL ports on a chassis. NOTE: Applies to the Brocade DCX 8510 Backbone family only. FCoE Included with the Brocade 8000 switch; enables Fibre Channel over Ethernet (FCoE) functions. FICON Management Server Enables host-control of - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 467
(Continued) Description Integrated Routing • Allows any ports in Brocade 5100, 5300, 6510, 6520, and VA-40FC switches, the Brocade Encryption Switch, or the Brocade DCX, DCX-4S, and DCX 8510 family platforms to be configured as an EX_Port supporting FC-FC routing. • Eliminates the need to use - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 468
License Where license should be installed FCIP FCIP Trunking Fibre Channel Routing/EX_Ports FICON FICON-CUP FICON Tape Read and Write Emulation over an FCIP Tunnel FICON XRC Sequence Emulation over an FCIP Tunnel FIPS Firmware download Full fabric connectivity In-flight encryption and compression - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 469
switches only. • 7800 Upgrade license for the 7800 switches to use all ports. • 10 Gigabit FCIP/Fibre Channel license to use 10Gb FC ports on FC16-32 blades, FC16-48 blades, and the Brocade 6510 and 6520. • 10 Gigabit FCIP/Fibre Channel . N/A Fabric OS Administrator's Guide 469 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 470
8 Gbps license needed to support 8 Gbps on the Brocade 300, 5100, 5300, and VA-40FC switches and embedded switches only. NOTE: The 8 Gbps license is installed by default, and you should not remove it. A 10-Gb FCIP/Fibre Channel license is needed to support 10Gb FC ports on FC16-32 blades, FC16-48 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 471
of a DCX can be used only with an ICL 16-link or ICL 8-link license. ICL ports on core upgrade with an additional ICL license to use the full ICL bandwidth later. This license is also useful for environments with ICL connections between a Brocade DCX 8510-8 and a DCX 8510-4, as the latter supports - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 472
upgrade with an additional ICL license to use the full ICL bandwidth later. This license is also useful for environments with ICL connections between a Brocade DCX and a DCX-4S, as the latter cannot support the physical chassis and not on the logical switches. • If the maximum number of ICL-connected - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 473
number of supported chassis is default and you should not remove it. Port operation may become disrupted, and ports may be prevented from operating at 8 Gbps when the license is removed. The 8 Gbps license applies to the Brocade 300, 5100, 5300, and VA-40FC switches and the 8 Gbps embedded switches - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 474
feature on the FX8-24 blade and the 10 Gbps FC feature on the 16 Gbps FC blades are both enabled by the same 10 Gigabit FCIP/Fibre Channel license (10G license). This license can also enable the 10 Gbps FC feature on a Brocade 6510 or 6520 switch as a chassis-based license. Any unassigned slot-based - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 475
-remove command to remove the license from the slot. 10G licensing The 10 Gbps FCIP/Fibre Channel license (10G license) enables the following features: • 10 Gbps access on the 16 Gbps FC ports on Brocade 6510 or 6520 switches, and FC16-32 and FC16-48 port blades. • The two 10-GbE ports on the FX8-24 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 476
an Extended Fabrics license to be used for FC long distance connectivity. FC ports licensed and configured to operate at 10 Gbps on a Brocade 6510 or 6520 switch or 16 Gbps FC port blade cannot interoperate with 10 Gbps FC ports on the Mc-6140 platform. The new FC ports use different protocols and - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 477
10 Gigabit FCIP/Fibre Channel (FTR_10G) license Capacity 1 Consumed 1 Configured Blade Slots 4 8510-8switch:admin> portcfgoctetspeedcombo 4/2 2 8510-8switch:admin> portcfgspeed 4/2 10 8510-8switch:admin> Example of assigning a 10G license on a Brocade 6510 and enabling 10 Gbps operation on a port - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 478
10 Gigabit FCIP/Fibre Channel (FTR_10G) license Capacity 1 Consumed 1 Configured Blade Slots 7 Brocade 6520) • Advanced Performance Monitoring license • Enterprise ICL license • Fabric (E_Port) license • Fabric Watch license 478 Fabric OS Administrator's Guide - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 479
• ISL Trunking license Restrictions on upgrading temporary slot-based licenses If the switches or Backbones, then do not attempt to change the system date and time when a temporary license is installed. Configupload and download considerations The configDownload and configUpload commands download - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 480
. An expired license may become unusable after a reboot, failover, firmware download, or a port or switch disable or enable operation. Removing an expired license CAUTION This procedure is licensed feature can no longer be used on the switch. 480 Fabric OS Administrator's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 481
the software license keys and installation instructions. Adding a licensed feature To enable a feature, go to the feature's appropriate section in this manual. Enabling a feature on a switch may be a separate task from adding the license. For the Brocade Backbones, licenses are effective on both - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 482
installed on the switch are listed. If the feature is not listed, enter the licenseAdd command again. Some features may require additional configuration, or you license - additional 16 port upgrade license 2 Domain Fabric license Integrated Routing license Storage Application Services license FICON - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 483
For example, if you bought a POD license for a Brocade 300, you cannot use that license on a Brocade 5100 or VA-40FC. The licenses are based on the switch License Identifiers and are not interchangeable. Table 72 shows the ports that are enabled by default and the ports that can be enabled after you - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 484
from your switch vendor. You may need to generate a license key from a transaction key supplied with your purchase. If so, launch an Internet browser and go to the Brocade website at http://www.brocade.com. Click Products > Software Products > Software License Keys and follow the instructions to - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 485
or switch installation. The following platforms support Dynamic POD: • Switches: - Brocade 6505 - Brocade 6510 - Brocade 6520 • Embedded switch modules for bladed servers: - Brocade 5410 - Brocade 5424 - Brocade 5450 - Brocade 5460 - Brocade 5470 - Brocade 5480 Fabric OS Administrator's Guide 485 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 486
switches, the dynamic assignment occurs when an attached Fibre Channel If the switch detects more manually assigned POD licenses switch:admin> licenseport --show 24 ports are available in this switch 14, 15, 16, 21, 22, 23 Enabling Dynamic Ports on Demand If the switch is in the static switch and - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 487
to the full POD license Ports assigned to the base switch license: 1, 2, 5, 6, 8*, 21, 22, 23 Ports assigned to the full POD license: None Ports not assigned to a license: 0, 3, 4, 7, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20 16 license reservations are still available for use by unassigned - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 488
: 0, 9, 10, 11, 12, 13, 14, 15, 16, 21, 22, 23 Reserving a port license You can allocate licenses port. switch:admin> licenseport -reserve 0 • If all port reservations are assigned, select a port to release its POD license. Follow the instructions in "Releasing OS Administrator's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 489
to the POD set, the port is licensed until it is manually removed from the POD port set. When a port is 16, 17, 18, 19, 20 6. Enter the switchEnable command to bring the switch back online. 7. Enter the switchShow command to verify the switch state is now online. Fabric OS Administrator's Guide - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 490
18 Ports on Demand 490 Fabric OS Administrator's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 491
Brocade DCX 8510 Backbone family supports optical ICL QSFPs. • The Brocade DCX Backbone family supports proprietary copper ICL connectors. When two Brocade Backbones are interconnected by ICLs, each chassis requires a unique domain and is managed as a separate switch commands on the switch for the - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 492
8510-8 Domain 2 DCX 8510-8 FIGURE 59 Minimum configuration for 64 Gbps ICLs • The maximum number of ICLs between two Brocade DCX 8510-4 chassis or between a Brocade DCX 8510-8 and a Brocade DCX 8510-4 is 16. The maximum number of ICLs between two Brocade DCX 8510-8 chassis is 32. Because the FSPF - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 493
are not supported. This is a topology restriction with 16 Gbps ICLs and any ISLs that are E_Ports or VE_Ports. ICL trunking on the Brocade DCX 8510-8 and DCX 8510-4 ICL trunks form automatically but additional licenses may be required for enabling all ICL ports or for larger ICL configurations. For - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 494
the Brocade DCX-4S, each ICL is managed as one 8-port ISL trunk. Follow the guidelines in the specific hardware reference manuals for connecting the ICL cables. Virtual Fabrics considerations for ICLs In Virtual Fabrics, the ICL ports can be split across the logical switch, base switch, and default - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 495
about maximum topology configurations. Mesh topology You can connect the Brocade Backbones in a mesh topology, in which every chassis is connected to every other chassis. A simple form of the mesh topology is the triangular topology (shown in Figure 61). The triangular topology is supported by three - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 496
19 Supported topologies for ICL connections FIGURE 62 Full nine-mesh topology During of the ISL path being lesser or greater than the ICL path between the two switches. Core-edge topology You can also connect the Brocade DCX 8510 Backbones in a core-edge topology. For example, Figure 63 shows six - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 497
Supported topologies for ICL connections 19 FIGURE 63 64 Gbps ICL core-edge topology Fabric OS Administrator's Guide 497 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 498
19 Supported topologies for ICL connections 498 Fabric OS Administrator's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 499
•Saving and restoring monitor configurations 515 •Performance data collection 516 Brocade Network Advisor. Refer to the Web Tools Administrator's Guide and Brocade Network Advisor User Manual /port syntax required by Backbones. For fixed-port switches, use only the port number where needed in the - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 500
4 Brocade 5100 3 3 Brocade VA-40FC Brocade 5300 4 3 Each logical switch can have its own set of performance monitors. The installation of monitors is restricted to the ports that are present in the respective logical switch. • Top Talker monitors and EE monitors are supported on the default - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 501
in Fibre Channel frames for a specified Source ID (SID) and Destination ID (DID) pair. To enable EE performance monitoring, you must configure an monitors The maximum number of end-to-end monitors supported varies depending on the switch model: • The Brocade DCX 8510, 6505, 6510, and 6520 models - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 502
on one logical switch. Supported port configurations for EE monitors You can configure EE monitors on F_Ports and, depending on the switch model, on E_Ports. The following platforms support EE monitors on E_Ports: • Brocade 6505 • Brocade 6510 • Brocade 6520 • Brocade DCX 8510 family Identical - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 503
is ignored). The default EE mask value is ff:ff:ff. NOTE Only one mask per port can be set. When you set a mask, all existing end-to-end monitors are deleted. ATTENTION End-to-end masks are supported only on the Brocade 8000 and the Brocade Encryption Switch. 1. Connect to the switch and log in - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 504
to-end monitors Deleting EE monitors 1. Connect to the switch and log in using an account with admin permissions. and deletes monitor number 2 on port 0: switch:admin> perfmonitorshow --class EE 0 There are .7.179 switch:admin> 1. Connect to the switch and log in using an account with - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 505
4.5m 53m 4.5m 53m 4.5m 53m 4.5m 53m 0 Example of displaying EE monitors on a port switch:admin> perfMonitorShow --class EE 4/5 There are 7 end-to-end monitor(s) defined on port 53. KEY command description in the Fabric OS Command Reference. Fabric OS Administrator's Guide 505 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 506
configuration. If you do not have a Fabric Watch license, these values are ignored. Refer to the Fabric Watch Administrator's Guide configured on the trunk master. Static offsets are pre-set with offset/value combinations. Brocade also supports transmitted frames, the switch performs the following - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 507
Guide for more information about using this command. Example of creating a user-defined frame type switch: switch:admin> fmmonitor --create myframemonitor -pat "17,0xFF,0x007;7,0x4F,0x01;" -port 3-5 Deleting frame types Deleting a frame type removes the entire configuration, including configured - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 508
on the command. Example The following example removes the user-defined frame monitor, myframemonitor, from all ports. switch:admin> fmmonitor --delmonitor myframemonitor Saving a frame monitor configuration When you assign or remove frame monitors on ports, the list of ports to be monitored is - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 509
the "-" in the Count column indicates that the monitor is configured, but is not installed on the port. switch:admin> fmmonitor --show SCSI Port|Frame Type |Count | monitor from ports 7 through 10. switch:admin> fmmonitor --clear ABTS -port 7-10 Fabric OS Administrator's Guide 509 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 510
the fixed-port switches. Applications can use configure them with certain Quality of Service configure Top Talker monitors on F_Ports and, depending on the switch model, on E_Ports. The following platforms support Top Talker monitors on E_Ports: - Brocade 6505 - Brocade 6510 - Brocade 6520 - Brocade - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 511
on a platform that is configured to be an FC router. Top Talker monitors and FC routers are concurrently supported on the following platforms: • Brocade 6505 • Brocade 6510 • Brocade 6520 • Brocade DCX 8510 Backbone family, with the following blades only: FC16-32, FC16-48. On all other platforms - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 512
are not supported on VE_Ports, EX_Ports, and VEX_Ports. • The maximum number of all port mode Top Talker monitors on an ASIC is 16. If Virtual Fabrics is enabled, the maximum number of all port mode Top Talker monitors on an ASIC is 8. • If the ingress and egress monitor ports are configured on the - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 513
and a raslog message is displayed on those switches. If a new switch joins the fabric, you must run the perfTTmon --add fabricmode command on that switch. The Top Talker monitor configuration information is not automatically propagated to the new switch. Displaying the top n bandwidth-using flows on - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 514
flows on for domain 1 in WWN (default) format: perfttmon --show dom 1 5 The following example display the top flows on domain 2 in PID format: switch:admin> perfttmon --show dom 2 pid on slot 2, port 4 on a Backbone: perfttmon --delete 2/4 514 Fabric OS Administrator's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 515
for trunks, except for the Brocade 300, which supports 8 frame monitors for trunks. • For the Brocade 8000, trunk monitoring is supported only on the FC ports and not on the CEE ports. Saving and restoring monitor configurations To prevent the switch configuration flash from running out of memory - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 516
Performance Monitoring is deleted when the switch is rebooted. Using the Brocade Network Advisor Enterprise Edition, you can store performance data persistently. For details on this feature, refer to the Brocade Network Advisor User Manual. 516 Fabric OS Administrator's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 517
source ports (F_Ports). Traffic Isolation Zoning does not require a license. See Chapter 12, "Traffic Isolation Zoning," for more information about this feature. Fabric OS Administrator's Guide 517 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 518
the switch port. of Service (QoS Brocade 6520 does not require licenses for the Ingress Rate Limiting and QoS SID/DID features. They are enabled by default Gbps and the port is only a 2-Gbps port, then Ingress Rate Limiting is not enforced. The Ingress Rate Limiting configuration Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 519
enabled, the rate limit configuration on a port is on a per-logical switch basis. That is, if a port is configured to have a certain as having a high, medium, or low priority. Fabric OS supports two types of prioritization: • Class Specific Control (CS_CTL)-based 's Guide 519 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 520
be manually enabled switch that is in the path between a configured device pair. NOTE The Brocade 6520 does not require licenses for the Ingress Rate Limiting and QoS SID/DID features. They are enabled by default must manually disable QoS on the 8-Gbps ports - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 521
" on page 523. Supported configurations for CS_CTL-based frame prioritization • CS_CTL-based frame prioritization is supported on all 8-Gbps and 16-Gbps platforms. • All switches in the fabric should be running Fabric OS v6.0.0 or later. Fabric OS Administrator's Guide 521 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 522
the chassis-wide default mode (see Table 77 on page 521), as in the following example. switch:admin> configurechassis Configure... cfgload attributes (yes, y, no, n): [no] y Enforce secure config Upload/Download (yes, y, no, n): [no] Enforce signature validation for firmware (yes, y, no, n): [no - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 523
and 16-Gbps ports that are not long-distance ports. If ports are part of an active trunk group before the Adaptive Networking license is added, ISLs are formed without QoS. When you install the Adaptive Networking license, QoS is automatically enabled on all ports for which you have not manually - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 524
Manually disabling QoS on trunked ports NOTE QoS is disabled by default on long-distance 8-Gbps and 16-Gbps ports. The following procedure does not apply to these ports. 1. Connect to the switch 05:1e:41:42:ad 30 B5300 sp: 8.000G bw: 16.000G TRUNK 524 Fabric OS Administrator's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 525
switch:admin> portcfgshow (output truncated) Ports of Slot 0 16 , switch:admin> portcfgqos --disable 19 QoS zones You assign high or low priority (QoS level) by configuring a id is a flow identifier that designates a specific virtual channel for the traffic flow and xxxxx is the user-defined - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 526
VCs 8 and 9. The id is optional; if it is not specified, the virtual channels are allocated by means of a round-robin scheme. NOTE If a QoS zone name is the default. H1 Domain 1 Domain 3 S1 1 9 H2 14 3 13 12 S2 15 = Low priority 87 = Medium priority S3 = High priority 16 Domain 2 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 527
default, QoS is enabled on 8-Gbps ports, except for long-distance 8-Gbps ports. QoS is disabled by default on all 4-Gbps ports and long-distance 8-Gbps ports. H1 Domain 1 Domain 3 S1 1 9 H2 14 3 13 12 S2 15 87 = Low priority 16 , phantom switches, and the FC-FC Routing Service. To - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 528
interopmode 3. • QoS over FC routers is supported for the following configurations: - Edge-to-edge fabric configuration: supported on all platforms. - Backbone-to-edge fabric configuration: supported on 16-Gbps-capable platforms only (Brocade 6510, 6520, and Brocade DCX 8510 family), and only if no - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 529
crosses an ISL for a switch running a firmware version earlier than Fabric OS v6.0.0, the frames are dropped. • By default, all devices are assigned medium priority. - To be assigned high or low priority, hosts and targets must be connected to a Brocade 8-Gbps or 16-Gbps switch or port blade. - To - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 530
supported on 10-Gbps ISLs. • Traffic prioritization is not supported on mirrored ports. • Traffic prioritization is not supported 1. Connect to the switch and log in using channels are allocated by means of a round-robin scheme. 3. Enter the cfgAdd command to add the QoS zone to the zone configuration - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 531
the link to pass QoS priority traffic. NOTE QoS is enabled by default on all ports (except long-distance ports). If you use the portCfgQos command to enable QoS on a specific port, the port is toggled to apply this configuration, even though the port already has QoS enabled. The port is toggled - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 532
1. Connect to the switch in the edge fabric for instructions. 3. Create LSAN zones in the " on page 591 for instructions. 4. Enter the portCfgQos command switch and log in using an account with admin permissions. 2. Enter the cfgRemove command to remove the QoS zones from the current zone configuration - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 533
Supported configurations for trunking 535 •Supported platforms for trunking 536 •Requirements for trunk groups 536 •Recommendations for trunk groups 537 •Configuring trunk groups 538 •Enabling trunking on a port or switch and must be installed on each switch that participates in trunking. For - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 534
switch). For more information, see "Configuring F_Port trunking for a Brocade adapter" on page 545, the Access Gateway Administrator's Guide, and the Brocade Adapters Administrators Guide and then come back online. Masterless trunking is supported for most platforms and trunking types: • All F_Port - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 535
manual for your switch for information about which ports can be used in the same port group for trunking. FIGURE 71 Trunk group configuration for the Brocade 5100 Supported configurations for trunking • Trunk links can be 2 Gbps, 4 Gbps, 8 Gbps, 10 Gbps, or 16 Gbps, depending on the Brocade - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 536
of Service (QoS) configuration on configured for the same distance. - They must have the same encryption, compression, QoS, and FEC settings. • Trunk groups must be between Brocade switches (or Brocade adapters, in the case of F_Port trunking). Brocade trunking is proprietary and is not supported - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 537
group to form. • Determine the optimal number of trunk groups between each set of linked switches, depending on traffic patterns and port availability. The goal is to avoid traffic congestion without failures do not disrupt business operations. Fabric OS Administrator's Guide 537 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 538
switch. NOTE F_Port trunking requires additional steps to configure the Trunk Area (TA). See "Configuring F_Port trunking for an Access Gateway" on page 544 or "Configuring F_Port trunking for a Brocade to remove the TA before disabling trunking. 538 Fabric OS Administrator's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 539
bandwidth and throughput for all the trunk groups in a switch. Use the portPerfShow command to monitor problem areas where there are congested paths or dropped links, 05:1e:46:42:01 3 deskew 15 Tx: Bandwidth 16.00Gbps, Throughput 1.67Gbps (12.12%) Fabric OS Administrator's Guide 539 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 540
which is 16 Gbps, is assumed for reserving buffers for the port. If the port is running at only 2 Gbps, this wastes buffers. For long-distance ports you should specify the port speed instead of setting it to autonegotiate. In addition to the criteria listed in "Supported configurations for trunking - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 541
switch) 0 LD 250 km 4 (one 2-port trunk per switch) 0 LD 500 km 0 0 LS Static See note below NOTE The L0 mode supports up to 5 km at 2 Gbps, up to 2 km at 4 Gbps, and up to 1 km at 8 Gbps be enabled only if the entire configuration is running Fabric OS v5.2.0 or Guide 541 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 542
supported only with Brocade edge fabrics. You can use EX_Port frame trunking in the following configurations and cases: • For ports with speeds of 2 Gbps up to a maximum speed of 16 Gbps and trunking over long distance. • In the edge fabric, when the FC router is connected to a switch that supports - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 543
slave EX_Port displayed in switchShow. switch:admin> switchshow Index Slot Port Address Media Speed State 16 2 0 ee1000 id N4 configure F_Port trunking on the switch. See the Access Gateway Administrator's Guide and the Brocade Adapters Administrator's Guide for information about configuring - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 544
73 Switch in Access Gateway mode with F_Port masterless trunking NOTE You do not need to map the host to the master port manually, because the Access Gateway will perform a cold failover to the master port. See "Configuring F_Port trunking for an Access Gateway" on page 544 for instructions on - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 545
the Brocade adapter. Configuring F_Port trunking for a Brocade adapter F_Port trunking for Brocade adapters requires configuration on the FC switch as well as on the Brocade HBAs. This section describes the configuration steps you do on the switch. See the Brocade Adapters Administrator's Guide for - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 546
Brocade Adapters Administrator's Guide. 3. On the switch side, enable the ports by using the portEnable command. switch:admin> portenable 3/40 switch never be restored through configDownload. domain,index (D,I) NOTE: Configurations that are not compatible with F_Port trunking are long distance, - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 547
Default that has its Default Area the a firmware downgrade. to a firmware version earlier switch. HA Sync If you plug in a standby CP with a firmware version earlier than Fabric OS v6.2.0 and a Trunk Area is present on the switch supported on the Brocade Encryption Switch Supported. Routing - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 548
no limitations on upgrading to Fabric OS v7.0.0 and later if the F_Port is present on the switch. Upgrading is not disruptive. configurations are removed from a port in a logical switch, that port returns to the default 10-bit area address model, which supports up to 1024 F_Ports in a logical switch - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 549
ports in the default switch, and you switch to verify the F_Port trunking configuration. • Enter the switchshow command to display the switch bw: 8.000G deskew 15 Tx: Bandwidth 16.00Gbps, Throughput 1.63Gbps (11.84%) Rx: Bandwidth 16.00Gbps, Throughput 1.62Gbps (11.76%) Guide 549 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 550
22 Enabling the DCC policy on a trunk area switch:admin> portdisable 0-2 switch:admin> porttrunkarea --disable 0-2 Trunk index 2 disabled . You can configure authentication on all Brocade trunking configurations. For more information on authentication, see Chapter 7, "Configuring Security Policies". - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 551
configuration for implementing long-distance SAN fabrics is to deploy Fibre Channel switches at each location in the SAN. Each switch handles local interconnectivity and multiplexes traffic across long-distance dark fiber or wave division multiplexing (WDM) links, while the Brocade Extended - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 552
platforms: • Brocade 8000 FCoE switch Extended Fabrics is not supported on this platform. • FC8-64 port blade Brocade recommends that you maximum supported link distance is up to 5 km at 2 Gbps, up to 2 km at 4 Gbps, and up to 1 km at 8, 10, and 16 Gbps. • Extended Mode (LE) - LE configures the - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 553
the distance measured during port initialization. Brocade switches use a proprietary algorithm to estimate distance across an ISL. The estimated distance is used to determine the buffer credits required in LD (dynamic) extended link mode based on a maximum Fibre Channel payload size of 2,112 bytes - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 554
configures slot 1, port 2 to support a 100-km link in LS mode and to use the extended link initialization sequence. This example is for an 8-Gbps platform. switch:admin> portcfgfillword 1/2 3 switch (TDM) devices and your Brocade switch has QoS and buffer credit recovery enabled. 554 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 555
. switch:admin> portcfgcreditrecovery --disable [slot/]port 4. Configure the port to support long-distance links. switch:admin Fibre Channel sequences needing to be retransmitted across the link. Because the number of buffer credits available for use within each port group is limited, configuring - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 556
2 and Class 3 services and rely on the Fibre Channel Receiver-Ready (R_RDY) Channels, the buffer credits are managed for each Virtual Channel, and not for the entire physical link. The Virtual Channels As the distance between switches and the link speed of ports on a switch. The buffer credit can - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 557
allocated to that port. Fibre Channel gigabit values reference definition Use the following Fibre Channel gigabit values to calculate buffer requirements: • 1.0625 for 1 Gbps • 2.125 for 2 Gbps • 4.25 for 4 Gbps • 8.5 for 8 Gbps • 10.625 for 10 Gbps • 17 for 16 Gbps Buffer credit allocation based - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 558
during port initialization versus the desired_distance parameter, which is required when a port is configured as an LD or an LS mode link. It is best practice to use LS over LD. The assumption that Fibre Channel payloads are consistently 2,112 bytes is not realistic in practice. To gain the proper - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 559
492 buffers to a single port, you can calculate the maximum single-port extended distance supported: Maximum Distance X (in km) = (BufferCredits + 6) * 2 / LinkSpeed 498 km = (492 + 6 buffers for Fabric Services) * 2 / 2 Gbps How many 50-km ports can you configure? If you have a distance of 50 km at - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 560
Gbps, then 484 / (31 - 8) = 21 ports Allocating buffer credits based on average-size frames In cases where the frame size is average, for example 1024 bytes, you must allocate twice the buffer credits or configure twice the distance in the long-distance LS configuration mode. Refer to "Fibre Channel - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 561
Configured Buffers + QOS_VC_Credits + Non-data_VC_Credits Seven Virtual Channels , if the configured number of buffers If the configured number of switch:admin> portcfglongdistance 2/35 LS 1 -buffers 400 Reserved Buffers = 420 Configuring buffers using frame size You can configure switch configured - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 562
return to the default buffer allocation, use the --disable option switch:admin> portcfgfportbuffers --disable 2/44 NOTE The configured number of buffers for a given port is stored in the configuration database and is persistent across reboots. The F_Port buffer feature does not support EX_Port, Port - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 563
24 24 484 6505 24 24 7952 6510 48 48 7760 6520 96 48 4256 7800 16 16 408 8000 *** Extended Fabrics is not supported on this switch *** VA-40FC 40 40 1692 Brocade Encryption Switch 32 16 1392 FC8-16 16 16 1292/508 Fabric OS Administrator's Guide 563 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 564
4064 2032 1016 812 508 7800 410 205 102 N/A N/A 8000 *** Extended Fabrics is not supported on this switch *** VA-40FC 1694 847 423 N/A N/A Brocade Encryption Switch 1392 696 348 N/A N/A FC8-16 1294 647 323 N/A N/A 564 Fabric OS Administrator's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 565
distances for Extended Fabrics (Continued) Maximum distances (km) that can be configured (assuming a 2112-byte frame size) Switch/blade model 2 Gbps 4 Gbps 8 Gbps 10 Gbps 16 Gbps FC8-32 FC8-32E FC8-48 FC8-48E FC8-64 FC16-32 FC16-48 FS8-18 FX8-24 1294 647 323 N/A N/A 5190 2595 1297 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 566
support 16 Gbps or between devices that support 8 Gbps. • Devices that support 16 Gbps: - Brocade 6505, 6510, 6520 - FC8-32E, FC8-48E,FC16-32, FC16-48 • Devices that support 8 Gbps: - Brocade 300, 5100, 5300, 5410, 5424, 5450, 5480, VA-40FC - FC8-16, FC8-32, FC8-48 If a device that supports 16 Gbps - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 567
and blades that support 16 Gbps and 8 Gbps. Buffer credit recovery over an EX_Port Buffer credit recovery is supported on a Fibre Channel router (FCR) EX_Port that connects over an inter-fabric link (IFL) to an edge fabric E_Port when the following conditions are met: • The FCR and the switch at the - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 568
FEC has been disabled. Reserved Buffers = 982 Warning: port (132) may be reserving more credits depending on port speed. switch:admin> portcfgfec --show 1/20 Forward Error Correction capable: YES Forward Error Correction configured: OFF 568 Fabric OS Administrator's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 569
604 •FC-FC routing and Virtual Fabrics 606 •Upgrade and downgrade considerations for FC-FC routing 609 •Displaying the range of output ports connected to xlate domains 609 FC-FC routing overview The FC-FC routing service provides Fibre Channel routing between two or more fabrics without merging - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 570
Switch For the Brocade Backbone families, the following restrictions apply: • EX_Ports and VEX_Ports are supported only on the FX8-24 DCX Extension Blade, and the 8-Gbps and 16-Gbps port blades. Ports on the core blade cannot be configured as EX_Ports. 570 Fabric OS Administrator's Guide - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 571
Administrator's Guide for supported Network OS platforms. Supported configurations for FC-FC routing FC-FC routing supports the following configurations: routers (Brocade 7500 switch). In configurations with two backbone fabrics connected to the same edge fabric, routing is not supported between - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 572
You can configure multiple IFLs from an FC router to an edge fabric. Figure 74 shows a metaSAN consisting of three edge fabrics connected through a Brocade DCX with inter-fabric links. Host Edge fabric 1 E_Port Target Edge fabric 2 E_Port Target Edge fabric 3 E_Port Fibre Channel switch IFL IFL - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 573
These LSANs enable Fibre Channel zones to cross device imported into a fabric by a Fibre Channel router, and represents a real device on in a fabric, the real Fibre Channel device is considered to be imported device appears to the fabric as a real Fibre Channel device, has a name server entry, and - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 574
, but the edge fabric IDs must be the same. If you configure the same fabric ID for two backbone fabrics that are connected to the A metaSAN is the collection of all SANs interconnected with Fibre Channel routers. A simple metaSAN can be constructed using an FC Administrator's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 575
Fabric 2 represents the real host in Fabric 1. The host discovers and sends Fibre Channel frames to the proxy target. The FC router receives these frames, translates SAN reached through Fibre Channel routing. Figure 77 illustrates this concept. Fabric OS Administrator's Guide 575 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 576
Fibre Channel routing concepts Host Proxy host (imported device) Proxy target (imported device) Fabric 1 EX_Port Target E_Port IFL Fabric 2 E_Port IFL FC router FIGURE 77 MetaSAN with imported devices FC-FC routing topologies The FC-FC routing service be the principal switch of the backbone - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 577
concepts 24 Phantom domains A phantom domain is a domain created by the Fibre Channel router. The FC router creates two types of phantom domains: front phantom Target 3' are proxy devices for Target 1, Target 2, and Target 3, respectively. Fabric OS Administrator's Guide 577 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 578
Fibre Channel routing concepts Host 1 Fabric 1 Front domain 1 (FC router 1) Xlate domain 1 (Fabric 2) Front domain 2 (FC router 2) Xlate domain 2 (Fabric 3) Target 1' Target 2' Target 3' FIGURE 79 EX_Port phantom switch about this command. 578 Fabric OS Administrator's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 579
switch auth policy mode does not affect online EX_Port, so it is acceptable to leave the default Passive policy configured on Configure FCIP tunnels if you are connecting Fibre Channel SANs over IP-based networks. (Refer to "FCIP tunnel configuration" on page 582.) Fabric OS Administrator's Guide - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 580
BootProm: 1.0.9 2. If you are configuring a Backbone, enter the slotShow command to verify that an FX8-24 blade is present or an 8-Gbps or 16-Gbps port blade is present. The following example shows slots 1, 2, 3, 9, 10, and 12 with 8-Gbps port blades enabled. switch:admin> slotshow -m Slot Blade - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 581
to a Brocade Network OS fabric. 4. Verify that the Fabric-Wide Consistency Policy is not in "strict" mode by issuing the fddCfg --showall command. When it is in strict mode, ACL cannot support Fibre Channel routing in the fabric. switch:admin> fddcfg --showall Local Switch Configuration for all - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 582
--enable fcr FC Router service is enabled switch:admin> switchenable FCIP tunnel configuration The optional Fibre Channel over IP (FCIP) Tunneling Service enables you to use "tunnels" to connect instances of Fibre Channel SANs over IP-based networks to transport all Fibre Channel ISL and IFL traffic - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 583
Inter-fabric link configuration 24 Refer to the Fibre Channel over IP Administrator's Guide for instructions on how to configure FCIP tunnels. Inter-fabric link configuration Before configuring an inter-fabric link (IFL), be aware that you cannot configure both IFLs (EX_Ports, VEX_Ports) and ISLs - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 584
Fibre Channel router to the edge fabric. 7. Enter the portCfgShow command to view ports that are persistently disabled. FC ports on the Brocade 7800 switches and FX8-24 blades are configured as persistently disabled by default FC Fastwrite ON 584 Fabric OS Administrator's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 585
port is configured correctly. switch:admin> portcfgexport 7/10 Port 7/10 info Admin: enabled State: NOT OK Pid format: Not Applicable Operate mode: Brocade Native Edge Fabric Authentication Type: None Hash Algorithm: N/A DH Group: N/A Fabric OS Administrator's Guide 585 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 586
24 Inter-fabric link configuration Edge fabric's primary wwn: N/A Edge fabric's version stamp: N/A portDisableReason: None portCFlags: 0x1 portFlags: .50 1080::8:60F:FE0C:456A/64 "fcr_5300" EX_Port FID Neighbor Switch Info (WWN, enet IP, name) 586 Fabric OS Administrator's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 587
switch:FID128:root> iflshow E-Port EX-Port FCR-WWN FCR-FID FCR-Name Speed BW 1 : 350 --> 12 10:00:08:00:88:04:93:94 39 fcr_sw 4G 8G TRUNK FC router port cost configuration link with a smaller cost. Every IFL has a default cost. The default router port cost values are: • 1000 for a - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 588
24 FC router port cost configuration Port cost considerations The router port cost has the following considerations: • Router port sets are defined as follows: - 0-7 and FCIP Tunnel 16-23 - 8-15 and FCIP Tunnel 24-31 • The router port cost does not help distinguish one IFL (or EX_ and VEX_Port link - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 589
to enable the ports that you disabled in step 1. switch:admin> portenable 7/10 EX_Port frame trunking configuration You can configure EX_Ports to use frame-based trunking just as you do regular E_Ports. EX_Port frame trunking support is designed to provide the best utilization and balance of - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 590
switch management interfaces. You can define and manage LSANs using Brocade Advanced Zoning. NOTE For performance reasons, Brocade recommends that you do not configure can be part of the root zone database or the AD a device import. To support legacy applications, WWNs are Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 591
LSAN zone configuration 24 NOTE The "LSAN_" prefix must a device, the port WWN, and the node WWN; the port WWN must be used for LSANs. switch:admin> nsshow { Type Pid COS PortName NodeName TTL(sec) N 060f00; 2,3; 10:00:00:00 has 1 entry } Fabric OS Administrator's Guide 591 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 592
: no configuration in effect 10. Enter the cfgAdd and cfgEnable commands to create and enable the LSAN configuration. switch:admin> cfgadd "zone_cfg", "lsan_zone_fabric2" switch:admin> cfgenable "zone_cfg" You are about to enable a new zoning configuration. 592 Fabric OS Administrator's Guide 53 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 593
displayed: 3 • fcrProxyDevShow shows the proxy devices in the LSAN. switch:admin> fcrproxydevshow Proxy WWN Proxy Device Physical State Created PID Exists PID of configuring the LSAN in the second edge fabric, configure the LSAN in the backbone fabric. Fabric OS Administrator's Guide 593 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 594
of LSAN zones, or LSAN count, that can be configured on the edge fabrics. By default, the maximum LSAN count is set to 3000. You can increase the maximum LSAN count to 5000 without disabling the switch. The maximum number of LSAN devices supported is 10,000 (this includes both physical and proxy - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 595
, H1, needs fast access to target devices D1 and D2. You could set up the Speed tag as follows: 1. In FC router 1 and FC router 2, configure the Speed tag as "super". 2. In Edge fabric 2, configure two LSANs: Fabric OS Administrator's Guide 595 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 596
In Edge fabric 1, configure the following LSAN: lsan_super_f1_f2 (H1, D1) 4. In Edge fabric 3, configure the following LSAN: configuring LSAN tags: • You configure the tags on the FC router, and not on the edge switches. If Virtual Fabrics is enabled, you configure the tags on the base switch - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 597
router is eight. • Up to 500 Speed LSAN tags are supported. Configuring an Enforce LSAN tag 1. Log in to the FC router enforce enftag1 LSAN tag set successfully sw0:admin> switchenable Configuring a Speed LSAN tag 1. Log in to the FC switch before removing an Enforce LSAN tag. You do not need to disable - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 598
configuration 1. Log in to the FC router as admin. 2. Enter the fcrlsan --remove command to remove an existing LSAN tag. If you remove an Enforce LSAN tag, you must disable the switch is supported only on FC routers with Fabric OS v5.3.0 and later. The FC router matrix feature is supported only - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 599
limit supported in the backbone fabric is not limited by the capability of one FC router. In addition, due to the lower LSAN count, the CPU consumption by the FC router is lower. If you configure the and after LSAN zone binding is in effect. Fabric OS Administrator's Guide 599 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 600
metaSAN can import more than 10,000 devices and the backbone fabric can support more FC routers. • With LSAN zone binding, CPU consumption by an from this FC router to other FC routers. • You must manually configure the LSAN fabric matrix on these FC routers to match the other Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 601
LSAN zone configuration 24 FC router matrix lsan 4 5 fcrlsanmatrix --add -lsan 5 6 Fabrics that are not specified are part of the default binding and can access other edge fabrics that are not specified. Thus, fabrics 7, 8, and 9 binding. Fabric OS Administrator's Guide 601 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 602
24 LSAN zone configuration Setting up LSAN zone binding 1. Log in to the FC router as admin. 2. Enter the following command to add FCR:Admin> fcrlsanmatrix --fabricview -lsan LSAN MATRIX is activated Fabric ID Fabric ID 4 5 4 7 10 19 602 Fabric OS Administrator's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 603
translate domain. Fabric parameter considerations By default, EX_Ports and VEX_Ports detect, autonegotiate, and configure the fabric parameters without user intervention. You can optionally configure these parameters manually. • To change the fabric parameters on a switch in the edge fabric, use the - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 604
FC router to the edge fabrics. NOTE Broadcast frame forwarding is not supported in an FCR fabric with a Brocade 8000. By default, broadcast frame forwarding is disabled on an FC router. If your edge fabric includes a Brocade 8000, do not enable broadcast frame forwarding on the FC router, because - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 605
edge fabrics counts multiple times. The default maximum number of LSAN zones is 3000 resources. switch:admin> fcrresourceshow 11 | 6 34 12 | 6 34 13 | 6 34 14 | 6 34 15 | 6 34 16 | 8 34 17 | 8 34 18 | 8 34 19 | 8 34 Fabric OS Administrator's Guide 605 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 606
, then the EX_Port or VEX_Port is disabled. Refer to "Configuring a logical switch to use XISLs" on page 299 for instructions on disallowing XISL use. Because XISL use is disallowed, dedicated links must be configured to route traffic across switches in the same logical fabric, as shown in Figure 23 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 607
FC-FC routing and Virtual Fabrics 24 • Although the Brocade 6510 and 6520 supports up to four logical switches, if you are using FC-FC routing, they can have a maximum of three logical switches. Logical switch configuration for FC routing Figure 82 shows an example of two chassis partitioned - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 608
not supported in the base switch, unless you use a legacy FC router. A legacy FC router is an FC router configured on a Brocade 7500 switch. Base switches can device C, however, because the base switches do not support backbone-to-edge routing. 608 Fabric OS Administrator's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 609
all FC router operations on the switch. Brocade recommends that you save your FC-FC routing configuration (using the configUpload command) before performing any downgrades. For further instructions on downgrading, refer to Chapter 9, "Installing and Maintaining Firmware". How replacing port blades - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 610
range of output ports connected to xlate domains 1. Log in to a switch in the edge fabric. 2. Enter the lsDbShow command on the edge cost = 10000, costCnt = 0, type = 1 LinkId = 1, out port = 32, rem port = 2, cost = 10000, costCnt = 0, type = 1 610 Fabric OS Administrator's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 611
(PID) on any Brocade Backbone. Enter the switchShow in slot 3 of a Brocade DCX 8510-4 Backbone. The switch:FID128:admin> switchshow -slot 3 -qsfp switchName: switch [FID: 128, Base Switch: No, Default Switch: Yes, Address Mode 0] -- 16G No_Module FC 736 3 16 4 ------ -- 16G No_Module FC - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 612
FC16-32 port blade in slot 1 of a Brocade DCX 8510-8 Backbone. The Address column shows the PID. switch:FID128:admin> switchshow -slot 1 switchName: DCX8510_8 (output truncated) LS Attributes: [FID: 128, Base Switch: No, Default Switch 63 0a0fc0 -- N8 No_Module 16 2 0 0a1040 -- N8 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 613
Brocade DCX-4S Backbone. The Brocade the Brocade DCX-4S. The following example switchShow output is from a Brocade DCX- blade on the Brocade DCX 8510-8 Backbone. The assignment type, and slot number. switch:FID128:admin> switchshow -slot -- Offline VE 208 10 16 50d000 -- -- Offline VE 209 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 614
-18 encryption blade on the Brocade DCX 8510-8 Backbone. The assignment of port type, platform type, and slot number. switch:FID128:admin> switchshow -slot 2 switchName ENABLED Index Slot Port Address Media Speed State Proto 16 2 0 501000 -- N8 No_Module FC 17 2 Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 615
Support Appendix B In this appendix •FIPS overview 615 •Zeroization functions 615 •FIPS mode configuration 617 •Preparing a switch discretion of the security administrator. These functions clear the passwords and the shared secrets. Core files and FFDC data 's Guide 615 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 616
and deleted from the module. The passwdDefault command removes user-defined accounts in addition to default passwords for the root, admin, and user default accounts. However, only the root account has permissions for this command. Users with securityadmin and admin permissions must use fipsCfg - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 617
logging both passing and failing results. Refer to the Fabric OS Troubleshooting and Diagnostics Guide for instructions on how to recover if your system cannot get out of the conditional test mode. FIPS mode configuration By default, the switch comes up in non-FIPS mode. You can run the fipsCfg - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 618
supported HTTPS authentication Radius auth protocols PEAP-MSCHAPv2 Root account Disabled Secure RPC protocols TLS/AES128 cipher suite Signed firmware download Mandatory firmware server certificate must be installed on the switch. the switch. Configure FIPS-compliant TLS ciphers [TDES-168, - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 619
RADIUS CONFIGURATIONS RADIUS configuration does not exist. adldap.local LDAP CONFIGURATIONS Position Server Port Domain Timeout(s) : 1 : GEOFF5.ADLDAP.LOCAL : 389 : adldap.local : 3 Primary AAA Service: LDAP Secondary AAA Service: Switch database Fabric OS Administrator's Guide 619 53 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 620
instructions in "LDAP configuration and Microsoft Active Directory" on page 162, and then perform the following additional Microsoft Active Directory settings a. To support services for FIPS between the switch switch: Password: Success: imported certificate [LDAPTestCa.cer]. - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 621
LDAP certificate name (must have ".pem" suffix): swLdapca.pem Password: Success: exported LDAP certificate Deleting an LDAP switch certificate This procedure deletes the LDAP CA certificate from the switch. 1. Connect to the switch and log in using an account with admin permissions, or an - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 622
are configured. 13. Disable root access. 14. Enable the KATs and the conditional tests. 15. Enable FIPS. 16. supported, only Windows 2000-, Windows 2003, and Windows 2008-based RADIUS servers may be used in a FIPS-compliant configuration. • If the switch is set for LDAP, refer to the instructions - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 623
4. 5. Install the LDAP CA certificate on the switch and Microsoft Active Directory server. Refer to "LDAP root account. It must be entered before disabling the root account. 9. Enter the configure command and respond to the following prompts to enable signed firmware: Fabric OS Administrator's Guide - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 624
secure config Upload/Download: Press Enter to accept the default. • Enforce firmware signature validation: Yes Example switch:admin> configure Not all options will be available on an enabled switch. To disable the switch, use the "switchDisable" command. Configure... System services (yes, y, no - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 625
for FIPS B NOTE Passwords of the default accounts (admin and user) should be changed after every zeroization operation to maintain FIPS 140-2 compliance. 3. Power-cycle the switch. Displaying FIPS configuration 1. Log in to the switch using an account with admin or securityadmin permissions, or - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 626
B Preparing a switch for FIPS 626 Fabric OS Administrator's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 627
a numeral system with a base of 16, usually written by means of symbols is called a hex triplet. Fibre Channel uses hexadecimal notation in hex triplets - bolded) in the nsShow output is in hexadecimal. switch:admin> nsshow { Type Pid COS PortName NodeName TTL(sec Guide 627 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 628
0d 0e 0f 10 11 12 13 14 Decimal 21 22 23 24 25 26 27 28 29 30 Hex 15 16 17 18 19 1a 1b 1c 1d 1e Decimal 31 32 33 34 35 36 37 38 39 40 Hex 1f a9 aa Decimal 171 172 173 174 175 176 177 178 179 180 628 Fabric OS Administrator's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 629
f1 f2 f3 f4 f5 f6 f7 f8 f9 fa Decimal 251 252 253 254 255 Hex fb fc fd fe ff Fabric OS Administrator's Guide 629 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 630
C Hexadecimal Conversion 630 Fabric OS Administrator's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 631
, 192 SNMP access control list, 188 switch defaults, 192 telnet, 192 blocking, 190 unblocking, 191 using SSL, HTTPS, 182 Access Control List. See: ACL. Access Gateway authentication, 211 Fabric OS Administrator's Guide 53-1002745-02 configuring F_Port trunking on, 544 considerations for Advanced - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 632
trunking, 523 overview, 517-518 Quality of Service, 518 SID/DID traffic prioritization, 518 Top configuration, 329 ports to logical switches, 295 public key to switch, 180 rules to an IP Filter policy, 223 switch or fabric to a zone, 336 switches to a zone, 336 Top Talker monitors on all switches - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 633
switches, 192 aptPolicy command, 119, 121 assigning user-defined roles, 137 assigning users to Admin Domains, 444 audit log configuration, 107 configuring , 150 deleting, 175 reordering, 175 authentication service configuring, 149-152 disabling, 175 enabling, 175 local 's Guide 633 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 634
supported, 287 port restrictions, 287 shutdown, 77 upgrading firmware, 263 Backbone fabric, and TI zones, 355 Backbone firmware, 262-265 download, 262 download process overview, 262 version testing, 270 Backbone-to-edge routing, 576, 581 backing up a configuration, 244 base fabric, 285 base switch - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 635
97 Brocade fixed-port switches, upgrading firmware, 261 Brocade FX8-24 compatibility, 96 enabling 10-GbE ports, 477 XISL use and VE_Ports, 287 Brocade Network Advisor, 55 Brocade Vendor-Specific Attribute. See: VSA. browser 128-bit encryption, 182 displaying encryption support, 182 root certificates - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 636
support, 111 classConfig command, 135 classless inter-domain routing. See: CIDR. clearing performance monitor counters, 505 clearing zone configurations, 333 CLI capitalization in, 56 command history, 59 commands to display switch configuration 293 636 Fabric OS Administrator's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 637
, 516 perfCfgSave, 516 perfMonitorClear, 505 perfMonitorShow, 504 perfSetPortEEMask, 503 perfTTmon, 513, 514, 515 portBufferCalc, 399 Fabric OS Administrator's Guide 53-1002745-02 portBufferShow, 402, 562, 399 portCfg, 624 portCfgCompress, 397, 404, 405 portCfgEncrypt, 397, 404, 405, 624 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 638
Fabrics, 250 CP8 blade dual port, 85 FA-PWWN upload and download considerations, 430 format of configuration file, 242 in fabrics, 250 modifying for switches, 247 restoring, 248 saving for frame monitors, 508 security considerations, 250 setup form, 253 supported for FA-PWWN, 429 without disabling - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 639
high availability considerations, 522 supported configurations, 521 CSR defined, 620 exporting for FCAP, 216 generating and storing, 184 generating for FCAP, 215 obtaining certificates, 185 customizing the switch name, 72 cut-through routing, 113 Fabric OS Administrator's Guide 639 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 640
90 default account passwords, 61 accounts, listed, 61 Fabric OS roles, 134 IP Filter policy names, 218 IP Policy Rules, 222 logical switch, 276 device accessing, 192 configuring authentication, 211 connecting, 78 CP8 blade dual port configuration, 85 CP8 blade dual port support, 86 limiting traffic - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 641
computation trigger, 122 effect on other logical switches, 127 Fabric OS Administrator's Guide 53-1002745-02 overview, 122 rebalancing triggers, 72 setting, 74 downgrading firmware, 257 download configuration file, 460 DPS described, 119 device-based routing, 120 support on Virtual Fabrics, 120 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 642
503 supported port configurations for, 502 effective AD configuration, 442 effective zone configuration, defined, 308 ELP mode, 117 enabling 10 Gbps operation , 64 ethernet interface on switch, 62 Virtual Fabrics, 63 ethernet IP address, setting static, 65 ETIZ configuration rules, 358 defined, 350 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 643
on an Access Gateway, 544 F_Port trunking, 543-550 Fabric OS Administrator's Guide 53-1002745-02 and Virtual Fabrics, 548 configuring for Brocade adapters, 545 considerations, 546 for access gateways, 543 for Brocade adapters, 545 fabric access, 192 adding Top Talker monitors, 513 addresses. See - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 644
download considerations, 430 configuring, 426-429 DCC policy behavior, 205 dynamic fabric provisioning, 425-431 firmware upgrade and downgrade considerations, 430 N_Port Access Gateway failover, 431 priority, 426 restrictions, 431 security considerations, 430 supported switches and configurations - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 645
, 187 SSL support, 182 firmware, 255-273 Backbone, 262-265 Backbone download process overview, 262 Backbone version testing, 270 downgrading, 257 download process, 255 downloading without a password, 257 FA-PWWN upgrade and downgrade considerations, 430 finding version, 259 for switches, 260-261 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 646
application, 192 G G_Port, described, 84 gateway links, 117 buffer credits, 552 gateway, configuring a link through, 118 generating DSA or RSA key pairs, 180 key and CSR failover and passwords, 141 failover on RADIUS server, 156 QoS zone-based traffic prioritization considerations, 528 support for - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 647
ports, 87 IE, root certificate installation and verification, 186 IFL about, 572 configuration, 583 configuring, 583 described, 572 ifModeSet command, 91 IKE policies and IP sec, 235 policies, null encryption support, 240 implementing Admin Domains, 443 Fabric OS Administrator's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 648
, 219 policy rules using service names, 220 saving policy, 218 supported actions, 221 supported protocols, 221 supported services and port numbers, 220 IP interface for chassis management, 65 IP sec algorithms, 234 Authentication Header protocol, 233 configuration on the management interface, 231 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 649
IPv4 and IPv6 support, 162 non-FIPS mode restrictions, 162 role mapping and OpenLDAP, 168 role mapping, and Microsoft Active Directory, 163 secure service, 150 LDAP server adding, 175 deleting, 175 reordering, 175 LDAP service configuration, displaying, 176 configuring, 162 configuring for OpenLDAP - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 650
, 140 local user account passwords, 139 LOCL, 72 logging switches, 276-280 about, 276 allowing XISL use, 299 650 basic configuration values, 291 changing to a base switch channel, 136 management interface IP sec configuration, 231 security, 231-240 Fabric OS Administrator's Guide 53- - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 651
Directory service configuring for LDAP, 162 groups, creating, 164 role, assigning, 164 users, adding, 164 vendor attributes, adding to schema, 165 mirror port. See also: M_Port. modifying FCS policy, 199 FCS switch order, 201 TI zones, 367 zoning configurations, 328 monitor configuration, restoring - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 652
, 486 supported devices, 483 Open LDAP See also: LDAP. OpenLDAP configuring, 165-171 password strength policy, 141 652 passwordless firmware download, 257 passwords boot PROM, 145-149 Backbone with recovery string, 146 Backbone without recovery string, 148 switch with recovery string, 145 switch - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 653
203 default IP password strength, 141 rules for IP Filter, 219 saving IP Filter, 218 using service configuration of ports, 193 configurations supported for Backbones, 287 configurations supported for fixed-port switches, 286 configuring E_Port authentication, 209 Fabric OS Administrator's Guide - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 654
enabling for long distance, 129 ICL, 493 ID and Fibre Channel fabrics, 113 identification by index, 87 by port manually disabling QoS on trunked ports, 524 moving, 279 naming, 86 port login command, 51 port login process, 52 port types, 84 ports and applications used by switches Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 655
45 primary FCS modifying, 201 Principal ISLs, 112 principal switch defined, 51 principal switch, capabilities, 51 priority groups, for virtual channels, 115 private key deleting from switch, 182 generation, 183 PRLI, 52 protocol Fibre Channel Common Transport (FC-CT), described, 44 HTTPS, described - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 656
DCX 8510 chassis, 492 Quality of Service. See: QoS. R RADIUS client configuration, 158 enabling, 158 RADIUS server adding, 175 configuration for FIPS, 622 configuration with Admin Domains or Virtual Fabrics, 155 configuring support with Linux, 156 configuring support with Windows 2000, 158 deleting - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 657
136 default, 134 managing user-defined, 136-137 role permissions, 135 root certificates RSA key pair generation, 180 Fabric OS Administrator's Guide 53-1002745-02 RSA RADIUS server, 160 RSA RADIUS 196 SCC policies, 206 SCP configuration for uploads and downloads, 179 described, 178 for certificates - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 658
on switch, 39 serial port connection, 56 serial port, console session, 56 Server Application Optimization. See: SAO. sessions, maximum allowed, 136 setContext command, 121, 299 setting changing passwords, 62 chassis configurations, 93 chassis management IP interface, 65 date, 69 default zone - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 659
, 62 exporting public key, 181 firmware download, 260 firmware version testing, 268 firmware version, finding, 259 host access, 192 joining to fabric, 229 LDAP certificates deleting, 621 exporting, 621 installing, 620 modifying FCS order, 201 modifying switch configuration, 247 name limitations, 74 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 660
supported protocols, 171 timeout, 171 TACACS+ service ADList, 173 Admin Domains, configuring, 173 authentication service, 171 configuration, 171 configuration, displaying, 176 disabling, 175 enabling, 175 home Virtual Fabric, 173 homeAD, 173 LINUX based, 172 modifying, 175 overview, 134 password - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 661
478-480 Top Talker monitors adding on all switches in fabric, 513 adding to aport (port traffic support, 111 traffic, limiting from a device, 519 Fabric OS Administrator's Guide 53 manually disabling QoS on, 524 trunking Adaptive Networking license considerations, 523 configuring F_Port for Brocade - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 662
FCIP required, 582 in Fibre Channel, 572 VF mode Admin Domains and, 290 definition, 290 See also: Virtual Fabrics viewing ACL policies, 197 alias, 315 authentication parameter settings, 212 compression configuration, 401 current default zone access mode, 327 encryption configuration, 401 fabric-wide - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 663
switch creating, 292 default, 276 deleting, 294 displaying configuration, 296 overview, 276 lossless dynamic load sharing, 127 Microsoft Active Directory service, 164 OpenLDAP server, 169 overview, 275 password , 82 X XISL Brocade 7800 restriction, 286 default logical switch restriction, 287 ICL port - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 664
mode, viewing current, 327 accessing, 192 adding a new switch or fabric, 336 adding members, 317 administering security, 336 members, 318 from a configuration, 329 replacing member, 319 saved zone configuration, defined, 308 schemes, 307 setting default zoning mode, 326 special 's Guide 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 665
zoneRemove command, 318 zoneShow command, 322 zoning advanced, 303-342 advanced commands, 304 defined, 304 enforcement, 308 on logical ports, 316 overview, 304 Fabric OS Administrator's Guide 665 53-1002745-02 - Dell PowerConnect Brocade M6505 | Brocade 7.1.0 Fabric OS Administrator's Guide - Page 666
666 Fabric OS Administrator's Guide 53-1002745-02
53-1002745-02
25 March 2013
®
Fabric OS
Administrator’s Guide
Supporting Fabric OS 7.1.0