HP Brocade BladeSystem 4/12 HP StorageWorks Fabric OS 6.1.1 administrator guid
HP Brocade BladeSystem 4/12 Manual
View all HP Brocade BladeSystem 4/12 manuals
Add to My Manuals
Save this manual to your list of manuals |
HP Brocade BladeSystem 4/12 manual content summary:
- HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 1
HP StorageWorks Fabric OS 6.1.1 administrator guide Part number: 5697-0235 edition: November 2009 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 2
Company, L.P. © Copyright 2008 Brocade Communications Systems, Incorporated. Hewlett-Packard HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP guide - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 3
guide 19 Supported Fabric OS 6.1.x HP StorageWorks hardware 19 Intended audience 20 Related documentation 20 Document conventions and symbols 20 Rack stability 21 HP technical support 21 Customer self repair 21 Product warranties 21 Subscription service 22 HP Customizing switch Firmware - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 4
lockout policy 67 Denial of service implications 69 Authentication model 69 support with Windows 2000 76 RSA RADIUS server 77 Setting up the RSA RADIUS server 77 LDAP configuration and Microsoft's Active Directory 78 Adding the adlist 80 Configuring authentication servers on the switch - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 5
recovery string 86 4/256 SAN Director and DC SAN Backbone Director (short name, setup overview 91 Deleting keys on the switch 93 Configuring the Telnet protocol 93 Blocking Configuring for the SSL protocol 94 Browser and Java support 94 Summary of SSL procedures 95 Choosing a guide 5 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 6
131 Setting the consistency policy fabric-wide 132 Notes on joining a switch to the fabric 134 Matching fabric-wide consistency policies 134 Non-matching fabric-wide consistency policies 135 FIPS support 136 Zeroization functions 136 Power-up self tests 137 Conditional tests 137 FIPS - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 7
firmware 179 Firmware download on switches 180 Overview of the firmware download process on switches 180 Downloading firmware to a Director 181 Overview of the firmware download process on directors 182 4/256 SAN the 6.1.1 image using the absolute path 186 Fabric OS 6.1.1 administrator guide 7 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 8
186 FIPS Support 186 Public and private key management 186 Updating the firmwarekey 187 The firmwareDownload command 188 Configuring the switch for signed firmware 188 Power-on firmware checksum test 188 Testing and restoring firmware on switches 189 Testing a different firmware version on - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 9
slot information 234 Inter-chassis Link behavior between two HP StorageWorks DC Directors 235 10Routing traffic 237 Data routing Supported iSCSI initiators 259 Checklist for configuring iSCSI 259 FC4-16IP Blade Configuration 261 FC4-16IP port numbering 261 Enabling the iSCSI gateway service - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 10
FC target 267 Manual iSCSI VT creation service configuration 281 Displaying iSNS client service status 281 Enabling the iSNS client service 282 Disabling the iSNS client service routers 297 General rules for TI zones 297 Supported configurations for Traffic Isolation 297 Trunking with - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 11
routing service 311 FC-FC routing service overview 311 Supported platforms 311 License requirements for Fibre Channel routing 311 Supported configurations configuration 339 Interoperability with legacy FCR switches 340 Backward compatibility support 340 Front domain consolidation 340 Using - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 12
Trunking 371 Setting port speeds 372 Setting the same speed for all ports on the switch 373 Displaying trunking information 373 Trunking over Extended Fabrics 374 Trunking distances 374 F_Port F_Port trunking 381 Enabling the DCC policy on trunk 383 Disabling F_Port trunking 383 12 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 13
services license 386 Platforms that support SAN extension over IP 387 QoS concepts and implementation over FCIP 387 DSCP quality of service 387 L2CoS quality of service on a blade or switch 400 Disabling FC Fastwrite on a port 401 FCIP services configuration guidelines 401 Setting guide 13 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 14
439 22Configuring and monitoring FICON Extension Services 441 FICON extension products licensing 441 Platforms that support FICON extension over IP 441 FCIP Configuration requirements for FICON extension 441 Configuration requirements for switches and directors 441 Configuration of sufficient - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 15
PID format 459 HP-UX procedure 460 migration during firmware changes 467 Switch 475 About Remote Switch 475 Remote Switch capabilities 475 Using Remote Switch with a gateway 475 F Zone merging scenarios 477 Index 481 Figures 1 Windows 2000 VSA configuration 73 2 Example of a Brocade - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 16
22 IQN example 256 23 Discovery domain set configuration example 257 24 FC4-16IP ports 261 25 iSCSI gateway service in an iSCSI FC zone 276 26 iSCSI network with F_Port masterless trunking 376 49 Trunk group configuration for the SAN Switch 8/40 380 50 Network using FCIP 386 51 Single tunnel - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 17
105 23 Security database size restrictions 107 24 Valid methods for specifying policy members 108 25 FCS policy states 109 26 Switch operations 110 27 Distribution policy states 113 28 DCC policy states 113 29 SCC policy states 116 30 Supported services 126 31 Implicit IP Filter rules 127 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 18
support for SAN Switch 4/32, 4/32B and 4/64 SAN Switch (Condor ASIC 374 80 Trunking support for 4/256 SAN Director and DC Directors with supported blades switches 454 97 Account/password characteristics matrix 465 98 Password prompting matrix 466 99 Password migration behavior during firmware - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 19
Director 48 Port 8Gb FC blade HP StorageWorks 8/8 SAN Switch or HP StorageWorks 8/24 SAN Switch HP StorageWorks 8/40 SAN Switch HP StorageWorks 8/80 SAN Switch HP StorageWorksEVA4400 Embedded Switch Module, 8Gb Brocade 8Gb SAN Switch for HP BladeSystem c-Class Fabric OS 6.1.1 administrator guide 19 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 20
SAN switches Related documentation The following documents provide related information: • HP StorageWorks Fabric OS 6.1.x release notes • Web Tools administrator's guide You can find these documents from the Manuals page of the HP Business Support Center website: http://www.hp.com/support/manuals - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 21
. HP technical support For worldwide technical support information, see the HP support website: http://www.hp.com/support/ Before contacting HP, , HP ships the part directly to you so that you can install it at your convenience. Some parts do not qualify for CSR. Your HP-authorized service provider - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 22
enhancements, new driver versions, firmware updates, and other product resources. HP websites For additional product information, see the following HP websites: • http://www.hp.com • http://www.hp.com/go/storage • http://www.hp.com/support/manuals Documentation feedback HP welcomes your feedback. To - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 23
1 Standard features This chapter describes how to configure your HP StorageWorks SAN using the Fabric OS Command Line Interface (CLI). Before you can configure a Storage Area Network (SAN), you must power-up the Director or switch and blades, and then set the IP addresses of those devices. Although - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 24
SAN -enabled switch, plug the switch into switch comes up, the Telnet quota is cleared. (For instructions on performing a fast boot with Web Tools, see the Web Tools Administrator's Guide per switch to Switches in the fabric that are not connected through the Ethernet can be managed through switches - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 25
switch in the network 5. Enter the account ID at the login prompt. See "Changing passwords" on page 25 for instructions The prompt displays the switch name and user ID port of the primary FCS switch. • 4/256 SAN Director and DC Director: Changing passwords The switch automatically prompts you to change - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 26
account Password HP StorageWorks 4/8 SAN Switch, 4/16 SAN Switch, Brocade 4Gb SAN Switch for HP p-Class BladeSystem, Brocade 4Gb SAN Switch for HP c-Class BladeSystem, SAN Switch 4/32, 4/64 SAN Switch, SAN Switch 4/32B, 8/8 SAN Switch, 8/24 SAN Switch, 8/40 SAN Switch, 8/80 SAN Switch, 400 Multi - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 27
Password saved to stable storage successfully. switch:admin> Configuring the Ethernet interface You tools, such as Web Tools, to interact with the switch. You can continue to use a static Ethernet addressing 1. Connect to the switch and log in using an account assigned to the admin role. Fabric - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 28
addresses on HP StorageWorks 2/128, 4/256 SAN Director, DC Director models, and in environments where DHCP service is not available for your switch Ethernet interface, you can do so by entering none or 0.0.0.0 in the Ethernet IP address field. IMPORTANT: IP address 0.0.0.0 is not supported in Fabric - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 29
HP switches have DHCP enabled. The 4/256 SAN Director and DC SAN Backbone Director (short name, DC Director) do not support DHCP. The Fabric OS DHCP client supports addresses" on page 28 for instructions on setting the FC IP address. To enable DHCP: 1. Connect to the switch and log in using an - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 30
properly. However, because the date and time are used for logging, error detection, and troubleshooting, you should set them correctly. Authorization access to set or change the date and time for a switch is role-based. For an understanding of role-based access, see "Role-Based Access Control - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 31
's Guide for detailed information about setting time zones using the offset format. See "Firmware download process overview" on page 175 for time zone downgrading considerations. When you set the time zone for a switch, you can perform the following tasks: • Display all of the time zones supported - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 32
SAN current, it is recommended that the principal or primary-FCS switch has its time synchronized with at least one external NTP server. The other switches in the fabric will not be possible to switches earlier than Fabric OS 5.3.0 because IPv6 is supported for Fabric OS version 5.3.0 and later. The - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 33
switch is enabled, you can reset them manually so that you can control the ID number or resolve a Domain ID conflict when you merge fabrics. If a switch default Domain ID for HP switches is 1. NOTE: Do not use Domain ID 0. The use of this Domain ID can cause the switch to reboot continuously. Avoid - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 34
your switch software; if not, you can purchase licenses separately from HP. License keys are provided on a per-product and per-feature basis. Each switch Fabric OS 5.2.0. Upgrading is allowed, but downgrading is not supported. If a license is not version-based, it is valid for all versions - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 35
HP StorageWorks Software License Key instruction page opens: 3. Enter the information in the required fields. 4. Follow the onscreen instructions using the licenseAdd command. switch:admin> licenseadd "key marks are optional. For 4/256 SAN Director and DC SAN Backbone Director (short name, DC guide 35 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 36
assigned to the admin role. 2. Issue the licenseShow command to display the active licenses. Remove the license key by issuing the licenseRemove command: switch:admin> licenseremove "key" The license key is case-sensitive and must be entered exactly as given. The quotation marks are optional. After - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 37
Services or High Performance Extension over FCIP/FC Local and attached switches. Local and attached switches. FCIP FICON FICON-CUP FIPS Firmware download Full fabric FC-IP Services to a select set of switches. n/a Local switch Local switch Local switch Fabric OS 6.1.1 administrator guide 37 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 38
. 8-Gbps licensing IMPORTANT: This license is installed by default. Do not remove it under any circumstances. The 8-Gbps licensing applies to the 8-Gbps SAN Switches. The following are the basic rules for using, adding, or removing 8-Gbps licenses. • Without an 8-Gbps license, even if there is an - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 39
your switch for the specific POD licensing available. POD licensing is ready to be unlocked in the switch firmware. Its license key may be part of the licensed paperpack supplied with switch software, or you can purchase the license key separately from HP. You may Fabric OS 6.1.1 administrator guide - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 40
key, insert the transceivers in ports 24 through 31. For details on inserting transceivers, see the switch's Hardware Reference Manual. NOTE: If you enable or Ports on Demand The Brocade 4Gb SAN Switch for HP c-Class BladeSystem supports blade modules. This switch supports the Dynamic Ports on - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 41
, you can customize the POD license associations. IMPORTANT: The Dynamic POD feature is supported on the Brocade 4Gb SAN Switch for HP c-Class BladeSystem only. To enable Dynamic Ports on Demand: 1. Connect to the switch and log in on an account assigned to the admin role. 2. Issue the licensePort - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 42
assignments are provisioned for use in this switch: 12 port assignments are provisioned by the base switch license 12 port assignments are provisioned by a full POD license 24 ports are assigned to installed licenses: 12 ports are assigned to the base switch license 12 ports are assigned to the full - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 43
24 port assignments are provisioned for use in this switch: 12 port assignments are provisioned by the base switch license 12 11, 12, 13, 14, 15, 16, 17, 18, 19, 20 7. Issue the switchEnable command to bring the switch back online. switch:admin> switchenable Fabric OS 6.1.1 administrator guide 43 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 44
port is assigned to a POD set, the port is licensed until it is manually removed from the POD port set using the licensePort --release command. When a port use 24 port assignments are provisioned for use in this switch: 12 port assignments are provisioned by the base switch license 12 port - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 45
switch. The switch SAN Director and DC Director: Issue the following command: switch connected to another switch, the fabric may switch switches. Before connecting a switch to a fabric that contains switches running different firmware versions, you must first set the same PID format on all switches - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 46
for your hardware model: 4/8 SAN Switch and 4/16 SAN Switch, 8/8 SAN Switch, 8/24 SAN Switch, 8/40 SAN Switch, 8/80 SAN Switch, Brocade 4Gb SAN Switch for HP p-Class BladeSystem, Brocade 4Gb SAN Switch for HP c-Class BladeSystem, SAN Switch 4/32, 4/64 SAN Switch, SAN Switch 4/32B, 400 Multi-protocol - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 47
0 to disable it. In the following example, slot 2, port 3 is enabled for a gateway link: switch:admin> portcfgislmode 2/3, 1 Committing configuration...done. ISL R_RDY Mode is enabled for port 3. Please make sure the current status of each slot in the system. Fabric OS 6.1.1 administrator guide 47 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 48
to the admin role. 2. Issue the agShow command. switch:admin> agshow Worldwide Name Ports Enet IP Addr Firmware Local/Remote Name 10:00:00:05:1e:02:1d:b0 16 10.32.53.4 v5.2.1 local ag_01 10:00:00:05:1e:03:4b:e7 24 10.32.60.95 v5.2.1 local ag_02 10 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 49
MARGINAL or DOWN threshold to change the overall status of the switch. For more information about setting policy parameters, see the Fabric Watch Administrator Guide. To view the switch status policy threshold values: 1. Connect to the switch and log in using an account assigned to the admin role - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 50
threshold parameter. By setting the DOWN and MARGINAL values for a parameter to 0,0 that parameter is no longer used in setting the overall status for the switch. 3. Verify the threshold settings you have configured for each parameter. 4. Issue the switchStatusPolicyShow command to view your current - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 51
HP StorageWorks 4/8 SAN Switch and 4/16 SAN Switch, 8/8 SAN Switch, 8/24 SAN Switch, 8/40 SAN Switch, 8/80 SAN Switch, Brocade 4Gb SAN Switch for HP p-Class BladeSystem, Brocade 4Gb SAN Switch for HP c-Class BladeSystem, SAN Switch 4/32, 4/64 SAN Switch, SAN Switch 4/32B, 400 Multi-protocol Router: - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 52
depends on the system message log facility and IP network to send messages from the switch to a remote host. Because the audit event log configuration has no control over these Firmware Audit firmware download start, firmware complete, and any other errors encountered during a firmware download - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 53
syslogdipaddrAdd command. 3. Ensure the network is configured with a network connection between the switch and the remote host. 4. Check the host SYSLOG configuration. If all error ). switch:admin> auditcfg --show Audit filter is enabled. 2-SECURITY 4-FIRMWARE Fabric OS 6.1.1 administrator guide 53 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 54
INFO, FIRMWARE, root/root HP recommends that you perform graceful shutdowns of switches and Directors. The following procedure describes how to gracefully shut down a switch. To power off a switch: 1. Connect to the switch 12:09 2006... The system is going down for system halt NOW !! INIT: Switching - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 55
of daemon processes Fabric OS 6.x supports automatic restart of non-critical daemons. Event Monitor Daemon (used by port and switch SCNs, firmwareDownload, and configDownload) Remote Access Service Log Daemon logs error detection, reporting, httpd as well). Fabric OS 6.1.1 administrator guide 55 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 56
56 Standard features - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 57
supports up to 252 additional user-defined accounts in each logical switch RADIUS services, remote LDAP service, and the local switch user manually synchronized using the distribute command to push a copy of the switch's local user database to all other Fabric OS 5.3.0 and later switches guide 57 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 58
RBAC to determine which commands a user can issue. When you log in to a switch, your user account is associated with a pre-defined role. The role that your them are inactive, the user will not be allowed to log in to any switch in the fabric. If no Home Domain is specified for a user, the system - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 59
-a to show all users on a switch. M Modify The user can run Operator Switch Zone Fabric Basic Admin Security admin admin admin switch admin N N N OM N OM OM Fabric Routing O Fabric Watch O FICON O Firmware Management O FRU Management O O O O OM O OM N OM OM N OM - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 60
N OM OM N OM OM N OM OM N OM OM N OM OM O OM OM N OM OM N OM OM O OM O N OM N N N OM N OM O OM OM Basic switch admin O O O N OM O O Admin OM OM OM OM OM OM OM Security admin O N O OM OM OM N O OM N O OM N O OM N O O O O OM OM N OM N OM OM - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 61
supports up to 252 user-defined accounts in each logical switch switch • userConfig --show username to show account information for the specified account • userConfig --showad -a admindomain_ID to show all accounts permitted to select the specified admindomain_ID Fabric OS 6.1.1 administrator guide - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 62
_ ). It must be different than all other account names on the logical switch. The account name cannot be the same as a role name. Specifies the enter it on the command line. To delete an account: 1. Connect to the switch and log in using an admin account. 2. Issue the following command: userConfig - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 63
the system message log, indicating that accounts have been recovered. To recover an account: 1. Connect to the switch and log in using an admin account. 2. If a backup database exists, issue the following command. • Users can change their own passwords. Fabric OS 6.1.1 administrator guide 63 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 64
account names. For information on password behavior when you upgrade (or downgrade) firmware, see "Upgrading and downgrading firmware" on page 176. To change the password for the current login account: 1. Connect to the switch and log in using an admin account. 2. Issue the following command: passwd - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 65
. To accept distribution of user databases on the local switch: 1. Connect to the switch and log in using an admin account. 2. Issue unchanged after an HA failover. Password policies can also be manually distributed across the fabric (see "Distributing the local user 6.1.1 administrator guide 65 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 66
current password cannot be reused. The value 2 indicates that the current and the two previous passwords cannot be used (and so on, up to 24 passwords). This policy does not verify whether a new password meets a minimal standard of difference from prior passwords; it determines only whether a newly - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 67
to the upgrade. TIP: You cannot upgrade your switch from Fabric OS 5.3.0 directly to 6.1.0. You first counter is maintained for each user on each switch instance. The counters for all user accounts are the lockout duration passes or when it is manually unlocked by either a user account that has - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 68
NOTE: Note that the account-locked state is distinct from the account-disabled state. Use the following attributes to set the account lockout policy: • LockoutThreshold Specifies the number of times a user can attempt to log in using an incorrect password before the account is locked. The number of - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 69
service requests to the RADIUS or LDAP server. The RADIUS or LDAP server receives the request, validates the request, and sends its response back to the switch. The supported switch authentication. For systems such as the HP 4/256 SAN Director and DC SAN Backbone Director (DC Director), the switch - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 70
problems, the switch uses local authentication. Consider the following effects of the use of RADIUS or LDAP service on other Fabric OS features: • When RADIUS or LDAP service contains a mix of switches with and without RADIUS or LDAP support, the way a switch authenticates users depends on whether a - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 71
Table 12 any LDAP database(s) only. If LDAP service is not available or the credentials do role to one of the default roles available on a switch. RADIUS and LDAP support all the defined RBAC roles described in Table 8 on Brocade's SMI Private Enterprise Code Fabric OS 6.1.1 administrator guide 71 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 72
supported attribute values such as Admin Domain member list. Managing Fabric OS users on the RADIUS server All existing Fabric OS mechanisms for managing local switch user accounts and passwords remain functional when the switch is configured to use the remote authentication dial-in user service - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 73
brocade. Include the values outlined in Table 14. Table 14 dictionary.brocade file entries Include Key Value VENDOR ATTRIBUTE STRING Brocade Brocade jspassword" Brocade-Auth Note that a switch always parses these switch, and any additional HomeAD key-value pairs are ignored. Fabric - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 74
homeAD 2. user-opr Auth-Type := Local, User-Password == "password" Brocade-Auth-Role = "operator", Brocade-AVPairs1 = "ADList=1,2;HomeAD=2", Brocade-AVPairs2 = "ADList=-4-8,20;ADList=7,9,12" Configuring the RADIUS server You must know the switch IP address, in either IPv4 or IPv6 notation, or name - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 75
authenticate users. JohnDoe Auth-Type := System, Brocade-Auth-Role = "admin" When you use Network Information Service (NIS) for authentication, the only way switches that will use the RADIUS server; each client must be defined. By default, all IP addresses are blocked. 4/256 SAN Director and DC SAN - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 76
: $PREFIX/sbin/radiusd Configuring RADIUS server support with Windows 2000 The instructions for setting up RADIUS on a Windows 2000 instructions on configuring the server, see the Microsoft website. Below is the information you will need to configure the RADIUS server for a HP StorageWorks switch - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 77
switch does not communicate directly with switch Brocade dictionary = brocade ignore-ports = no port-number-usage = per-port-type help-id = 2000 b. Create a brocade Service Figure 2 shows what the brocade.dct file should look like. Figure 3 shows what needs to be modified in the brocade Add Brocade-VSA macro - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 78
role on the switch. d. Add the Brocade profile. 4. In RSA Authentication Manager, edit the user records that will be authenticating using RSA SecurID. LDAP configuration and Microsoft's Active Directory LDAP provides user authentication and authorization using Microsoft's Active Directory service in - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 79
switch database to Active Directory. This is a manual process explained later. • LDAP authentication is used on the local switch multiple groups like Switch Admin and switch. 4. Associate the user to the group by adding the user to the group. For instructions to log in to the switch, or • If you have - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 80
to five RADIUS or LDAP servers. You must be logged in as admin or switchadmin to configure the RADIUS service. NOTE: On dual-CP switches (the 4/256 SAN Director and the DC Director), the switch sends its RADIUS or LDAP request using the IP address of the active CP. When adding clients, add both - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 81
command: switch:admin> aaaConfig --add [-p port] [-t timeout] [-d domain_name] server Enter either a server name or IPv4 address. Microsoft's Active Directory does not support IPv6 addresses before you can enable the RADIUS or LDAP service. Fabric OS 6.1.1 administrator guide 81 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 82
;local, you cannot downgrade the Fabric OS to any version earlier than 6.x. Previous versions do not support the ldap;local mode. To enable and disable a RADIUS or LDAP server: 1. Connect to the switch and log in using an admin account. 2. Issue the following command to enable RADIUS or LDAP using - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 83
service: 1. Connect to the switch and log in using an admin account. 2. Issue the following command: switch switch can take over authentication locally if the RADIUS or LDAP servers fail to respond because of power outage or network problems PROM password by contacting HP. Without the recovery string - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 84
HP StorageWorks 4/8 or 4/16, 8/8 SAN Switch, 8/24 SAN Switch, 8/40 SAN Switch, 8/80 SAN Switch, Brocade 4Gb SAN Switch for HP p-Class BladeSystem, Brocade 4Gb SAN Switch for HP c-Class BladeSystem, SAN Switch 4/32, 4/64 SAN Switch, SAN Switch 4/32B, 400 Multi-protocol (MP) Router The instructions - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 85
each CP blade on the 4/256 SAN Director or DC Director. To set the standby CP blade by sliding the On/Off switch on the ejector handle of the standby CP string to Customer Support for password recovery: is recommended for higher security. The firmware only prompts for this password once. guide 85 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 86
, 8/8 SAN Switch, 8/24 SAN Switch, 8/40 SAN Switch, 8/80 SAN Switch, Brocade 4Gb SAN Switch for HP p-Class BladeSystem, Brocade 4Gb SAN Switch for HP c-Class BladeSystem, SAN Switch 4/32, 4/64 SAN Switch, SAN Switch 4/32B, 400 Multi-protocal (MP) Router The password recovery instructions contained - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 87
rebooting. 12. Connect switch, if one exists in your fabric. 2. Log in as root. 3. Issue the command for the type of password that was lost: passwd user passwd admin passwd factory 4. Enter the requested information at the prompts. To recover a lost root password or boot PROM password, contact HP - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 88
88 Managing user accounts - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 89
by default. Fabric OS uses secure socket layer (SSL) to support HTTPS. A certificate must be generated and installed on each switch to enable SSL. Simple Network Management Protocol (SNMP) is a enhanced management security in the storage area network. Fabric OS 6.1.1 administrator guide 89 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 90
, loading instructions, and information about using Brocade's SNMP agent, see the Fabric OS MIB Reference. Table 16 describes additional software or certificates that you must obtain to deploy secure protocols. Table 16 Items needed to deploy secure protocols Protocol Host side Switch side SSHv2 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 91
will be rejected. Fabric OS 6.1.x and later supports SSH protocol version 2.0 (ssh2). For more Secure Shell: The Definitive Guide by Daniel J. Barrett, secure connections without having to manually enter a password. RSA Generate a key pair for host-to-switch (incoming) authentication by logging in to - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 92
sshUtil importpubkey Respond to the prompts as follows: IP Address Remote directory Public key name Login name Password Enter the IP address of the switch. IPv6 is supported by sshUtil. Enter the path to the remote directory where the public key is stored. Enter the name of the public key. Enter - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 93
default. To prevent users from passing clear text passwords over the network when they connect to the switch, you can block the Telnet protocol using an IP Filter policy. NOTE: Before blocking Telnet, make policyname] is the name of the policy and is optional. Fabric OS 6.1.1 administrator guide 93 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 94
through Web-based management tools like Web Tools. SSL support is a standard Fabric OS feature. Switches configured for SSL grant access to management tools through hypertext on levels of browser and Java support, see the Web Tools Administrator's Guide. 94 Configuring standard security features - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 95
, and activating digital certificates for SSL support. Certificates are required on all switches that are to be accessed through SSL switches, consider using one CA to sign all management certificates for a fabric. If you use different CAs, management services . Fabric OS 6.1.1 administrator guide 95 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 96
IMPORTANT: HP recommends selecting 1024 in most cases. CA support for the 2048-bit key size is limited. Generating and storing a CSR After generating a public/private key, perform this procedure on each switch. 1. Connect to the switch and log in as admin. 2. Issue the following command: switch: - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 97
form; then, follow the instructions to complete and send switch certificate is saved, and enter your login name and password: Select protocol [ftp or scp]: ftp Enter IP address: 192.10.11.12 Enter yes. Enter yes. For example: Configure... System services (yes, y, no, n): [no] ssl attributes guide 97 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 98
.crt.) 6. Click Open and follow the instructions to import the certificate. Installing a root certificate to the Java plug-in For information on Java requirements, see "For more details on levels of browser and Java support, see the Web Tools Administrator's Guide." on page 94. This procedure is - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 99
information to management stations. SNMPv3 and SNMPv1 are supported. The configuration process involves configuring the SNMP agent Brocade-specific MIB trap Associated with the Brocade-specific MIB (SW-MIB), this MIB monitors Brocade (HP) switches specifically. Fabric OS 6.1.1 administrator guide - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 100
the FibreAlliance MIB (FA-MIB), this MIB manages SAN switches and devices from any company that complies with FibreAlliance EXTTRAP Includes the swSsn (Software Serial Number) as a part of Brocade SW traps. For information on Brocade MIBs, see the Fabric OS MIB Reference. For information on the - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 101
Sample SNMPv3 configuration switch:admin> snmpconfig --set snmpv3 SNMPv3 user configuration: User (rw): [snmpadmin1] adminuser Auth Protocol [MD5(1)/SHA(2)/noAuth [0.0.0.0] Trap Recipient's IP address in dot notation: [0.0.0.0] Committing configuration...done. Fabric OS 6.1.1 administrator guide 101 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 102
Sample accessControl configuration switch:admin> snmpconfig --set accessControl SNMP access list configuration: Access host subnet area in dot notation: [0.0.0.0] 192.168.0.0 Read/Write? (true, t, false, f): [true] Access host subnet - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 103
***** This command will reset the agent's system group configuration back to factory default ***** sysDescr = Fibre Channel Switch sysLocation = End User Premise sysContact = Field Support authTraps = 0 (OFF) ***** Are you sure? (yes, y, no, n): [no] y Secure file copy You can use the configure - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 104
Director and DC Director HP StorageWorks 4/8 or 4/16, 8/8 SAN Switch, 8/24 SAN Switch, 8/40 SAN Switch, 8/80 SAN Switch, Brocade 4Gb SAN Switch for HP p-Class BladeSystem, Brocade 4Gb SAN Switch for HP c-Class BladeSystem, SAN Switch 4/32, 4/64 SAN Switch, SAN Switch 4/32B, 400 Multi-protocol (MP - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 105
Service, be aware that the secModeEnable command is not supported in Fabric OS 6.1.0. Table 21 lists the defaults for accessing hosts, devices, switches, and zones. Table 21 Access defaults Access default Hosts Devices Switch switch can join the fabric. All switches the SNMP service on the remote - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 106
106 Configuring standard security features - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 107
for HP's Fibre Channel switches. ACL policies overview Each supported Access Control switch has the following two sets: • Active policy set-Contains ACL policies being enforced by the switch. • Defined policy set-Contains a copy of all ACL policies on the switch. Fabric OS 6.1.1 administrator guide - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 108
24. Table 24 Valid methods for specifying policy members Policy name Device port WWN Switch WWN Domain ID Switch instructions relating to a specific policy, see the appropriate section: • "Displaying ACL policies" on page 109 Displays a list of all active and defined ACL policies on the switch - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 109
policy is closed to access by all devices and switches that are not listed in that policy. • " switch basis and may be performed on any switch in the fabric with Fabric OS 6.0.0 or later. Any switch supported and you can either configure the switches in your fabric to accept the FCS policy or manually - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 110
FCS enforcement applies only for user-initiated fabric-widefabric-wide operations. Internal fabric data propagation because of a fabric merge is not blocked. Consequently, a new switch which joins the FCS enabled fabric could still propagate the AD and zone database. Table 26 shows the commands for - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 111
pre-5.3.0 switches; switch WWN cannot be deleted from the FCS policy. 1. Set the pre-5.3.0 switches If your switches are set switches. To fail over to a new Primary switch, use the secPolicyFCSMove command to change the order in which switches FCS switches: 1. Log in to the primary FCS switch using - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 112
distributed across the fabric using the distribute -p command if there is no support for automatic distribution in a mixed environment with 5.3.0 and pre-5.3.0 switches. Since this policy is distributed manually, the command fddcfg --fabwideset is used to distribute a fabric-wide consistency policy - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 113
state change occurs. 5.2.0 switch (not configured as it does not support this) Pre-5.2.0 Target switch receives distribution but ignores Guide. Each device port can be bound to one or more switch ports; the same device ports and switch ports may be listed in multiple DCC policies. After a switch - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 114
apply when using DCC policies: • Some older private-loop HBAs do not respond to port login from the switch and are not enforced by the DCC policy. This does not create a security problem because these HBAs cannot contact any device outside of their immediate loop. • DCC policies cannot manage or - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 115
switch WWN, Domain ID, or switch on the switch. (1-6) on the switch. 3. switch domain 1: switch switch domain 2, and all currently connected devices of switch domain 2: switch switch domain 3: switch: switch domain 4, and all devices currently connected to ports 1 through 4 of switch domain 4: switch - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 116
allowed to join the fabric; the SCC policy does not exist until it is created. When connecting a Fibre Channel router to a fabric or switch that has an active SCC policy, the front domain of the Fibre Channel router must be included in the SCC policy. SCC policy states are - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 117
1. Connect to the switch and log in using switch Domain ID, device or switch WWN, or switch name switch WWN: switch:admin> secpolicyadd "SCC_POLICY", "12:24: policy: 1. Connect to the switch and log in using an 12:24:45:10:0a:67:00:40 from SCC_POLICY: switch:admin> secpolicyremove "SCC_POLICY", "12:24 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 118
are not compatible with the SLAP protocol that was the only protocol supported in earlier Fabric OS releases 4.2, 4.1, 3.1, 2.6.x. Fabric OS 6.1.0 and later switch-to-switch authentication implementation is fully backward compatible with 3.2.0, 4.2.0, 4.4.0, 5.0.0, 5.1.0, 5.2.0, and 5.3.0. Use the - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 119
it continues E_Port initialization if the connecting switch does not support authentication. The switches with firmware pre-3.2.0 do not support FCAP/DH-CHAP authentication, so an E_Port initializes without authentication. The switches with firmware version 3.2.0 and later respond to authentication - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 120
policy. Fabric-wide distribution of the device authentication policy is not supported since the device authentication requires manual interaction in setting the HBA shared secrets and switch shared secrets, and most of the HBAs do not support the defined DH groups for use in the DH-CHAP protocol - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 121
HBAs The following HBAs support authentication: • Emulex LP11000 (Tested with Storport Miniport is set to dhchap. When using DH-CHAP, make sure that you configure the switches at both ends of a link. NOTE: If you set the authentication protocol to DH . Fabric OS 6.1.1 administrator guide 121 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 122
in PASSIVE mode. This command is used to restart authentication after changing the DH-CHAP group, hash type, and shared secret between a pair of switches. WARNING! This command may bring down the E_Ports if the DH-CHAP shared secrets are not installed correctly. To re-authenticate E_Ports: 1. Log - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 123
switch specification, peer secret entry, and local secret entry. To exit the loop, press Enter for the switch switch is configured to do DH-CHAP, it is performed whenever a port or a switch , or switch name ( Domain, or switch name (Leave blank > Enter WWN, Domain, or switch name (Leave blank when done - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 124
AUTH policy can be manually distributed to the fabric using the distribute command; there is no support for automatic distribution. created for both types. To create an IP Filter policy: 1. Log in to the switch using an account assigned to the admin role. 2. Issue in the following command: ipfilter - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 125
for the active policies. Use --activate instead. To save an IP Filter policy: 1. Log in to the switch using an account assigned to the admin role. 2. Issue the following command: ipfilter --save [policyname] where [ deleted. To delete an IP Filter policy: Fabric OS 6.1.1 administrator guide 125 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 126
130.32.0/24 represents a 24-bit IPv4 switch. A valid port number range is represented by a dash, for example 7-30. Alternatively, service names can also be used instead of port number. Table 30 lists the supported service names and their corresponding port number. Table 30 Supported services Service - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 127
management IP traffic initiated from a switch, such as syslog, radius and 1024-65535 UDP Permit A switch with Fabric OS 5.3.0 or Permit 11 Any 123 UDP Permit 12 Any 600-1023 UDP Permit IP management interface of a switch is changed through the . NOTE: If a switch is part of a LAN - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 128
port number, or a range of port numbers, or a service name. -proto protocol Specifies the protocol type, either TCP or switch using an account assigned to the admin role. 2. Issue the following command: ipfilter --transabort IP Filter policy distributions The IP Filter policy is manually - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 129
the database from one switch to another, overwriting the target switch database with the distributed one. To send or receive a database the setting must be accept. For configuration instructions, see "Configuring the database distribution settings" on page 130. • Manually distribute an ACL policy - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 130
. Configure the distribution setting to reject when maintaining the database on a per-switch basis. Table 34 lists the databases supported in Fabric OS 5.3.0 and later switches. Table 34 Supported policy databases Database type Authentication policy database DCC policy database FCS policy database - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 131
to be overwritten with databases received from other switches. Allows local database to be manually or automatically distributed to other switches. database_id A semicolon-separated list of the local distribute command, set the local distribution to accept. Fabric OS 6.1.1 administrator guide 131 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 132
policy set for that policy type (SCC, DCC, or both), to the other switches in the fabric. NOTE: FC routers cannot join a fabric with a strict fabric-wide consistency policy. FC routers do not support the fabric-wide consistency policies. Table 36 describes the fabric-wide consistency settings - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 133
:S;DCC" switch:admin> fddcfg --showall Local Switch Configuration for all Databases:- DATABASE - Accept/Reject SCC - accept DCC - accept PWD - accept FCS - accept AUTH - accept IPFILTER - accept Fabric Wide Consistency Policy:- "SCC:S;DCC" Fabric OS 6.1.1 administrator guide 133 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 134
have a matching tolerant SCC or DCC fabric-wide consistency policy. If the tolerant SCC or DCC fabric-wide consistency policies do not match, the switch can join the fabric, but an error message flags the mismatch. If the tolerant SCC and DCC fabric-wide consistency policies match, the corresponding - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 135
policy conflict, manually distribute the database you want to use to the switch with the are disabled. Table 38 shows merges that are not supported. Table 38 Examples of strict fabric merges Fabric-wide SCC:S DCC:S Expected behavior Ports connecting switches are disabled. Table 39 has a matrix - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 136
SCC Error message logged. Run fddCfg --fabwideset "" from any switch with the desired configuration to fix the conflict. The secPolicyActivate command is blocked until conflict is resolved. FIPS support Federal information processing standards (FIPS) specifies the security standards to - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 137
This includes logging both passing and failing results. See the Fabric OS Troubleshooting and Diagnostics Guide for instructions on how to recover if your system cannot get out of the conditional test mode. FIPS mode By default, the switch comes up in non-FIPS mode. You can run the fipsCfg --enable - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 138
TLS/AES128 cipher suite (SSL will no longer be supported) RPC and secure RPC TLS - AES128 cipher suite MD5 and SHA-1 Mandatory firmware signature validation SCP only Optional firmware signature validation FTP and CA certificate is found on the switch The Microsoft Active Directory server - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 139
Service: LDAP Secondary AAA Service: Switch database 2. Issue the dnsConfig command to configure the DNS on the switch. Example of setting the DNS: switch:admin> dnsconfig Enter option 1 Display Domain Name Service Name Service for the switch to instructions in "LDAP configuration and Microsoft's - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 140
www.microsoft.com for instructions. LDAP certificates for FIPS mode To utilize the LDAP services for FIPS between the switch and the host, you CA certificates. To support server certificate validation, it is essential to have the CA certificate installed on the switch and Active Directory server - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 141
CA certificate: switch:admin> seccertutil switch certificate This option deletes the LDAP CA certificate from the switch. 1. Connect to the switch switch Example of deleting an LDAP CA certificate: switch the switch for the switch by from and to the switch • Configdownload and firmwaredownload using - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 142
the aaaConfig --change or aaaConfig --remove command. • If the switch is set for LDAP, see the instructions in "To set up LDAP for FIPS mode:" on page 139 7. Enable signed firmware by issuing the configure command and responding to the prompts as follows: System services No cfgload attributes - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 143
Press Enter to accept default. Enforce firmware signature validation Yes Example: switch:admin> configure Not all options will be available on an enabled switch. To disable the switch, use the "switchDisable" command. Configure... System services (yes, y, no, n): [no] ... cfgload attributes (yes - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 144
144 Configuring advanced security features - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 145
configuration file uploads and downloads, see the Fabric OS Troubleshooting and Diagnostics Guide. Displaying configuration settings There are two ways to view configuration settings for a switch in an HP StorageWorks fabric: • Issue the configShow command. To display configuration settings - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 146
are logged in as an anonymous user; in such cases, the value may be ignored by the FTP service. The following example shows configUpload run on a switch without Admin Domains: switch:admin> configupload Protocol (scp or ftp) [ftp]: ftp Server Name or IP Address [host]: 192.1.2.3 User Name [user - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 147
, because configuration files from other model switches might cause your switch to fail. If your setup supports anonymous users and you log in as an anonymous user, password is still a required field, even though its value may be ignored by the FTP service. If a configupload command is issued on - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 148
independent of the hardware platform and supported on all hardware platforms running Fabric OS 5.2.0 and later. To restore a configuration: 1. Verify that the FTP service is running on the server where the backup configuration file is located. 2. Connect to the switch and log in as admin. 3. If - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 149
after the reboot. Security considerations Security parameters and the switch's identity cannot be changed by configDownload. Parameters such as the switch's name and IP address (lines in the configuration file file labeled FICON_CUP is in an encoded format. Fabric OS 6.1.1 administrator guide 149 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 150
the FICON_CUP section of the configuration file are overwritten. Files in the FICON section of the configuration file that are not currently present on the switch are saved. The IPL file is not replaced, because active=saved mode is on. A warning message is displayed in the syslog to warn that - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 151
. In the hardware reference manuals for the 4/256 SAN Director and DC SAN Backbone Director (short name, DC Director) there is a guide for FC port setting tables cable tag Ethernet cable tag Configuration information Domain ID Switch name Ethernet IP address Ethernet subnet mask Total number of - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 152
152 Maintaining the switch configuration file - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 153
switches and switches. You a switch. They switch in the fabric and has a range of 1-239. An AD-capable switch is a switch switch) • Has a valid Advanced Zoning license for switches running Fabric OS 5.2.x through 6.0.x. NOTE: Switches switch is a switch switches) and HA state is - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 154
this fabric, depending on which Admin Domain they are in. As shown in Figure 7, users can see all switches and E_Ports in the fabric, regardless of their Admin Domain; however, the switch ports and end devices are filtered, based on Admin Domain membership. Fabric Visible to AD1 User Fabric Visible - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 155
switches running AD-unaware firmware versions (that is, firmware supported within Admin Domains, with some restrictions, as described in "Admin Domain considerations for Traffic Isolation" on page 350. • To use Admin Domains and the FC-FC Routing Service in the same fabric, the switches guide 155 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 156
are reserved for use in creation and management of Admin Domains. AD0 AD0 is a system-defined Admin Domain that contains all online devices, switch ports, and switches that have not been assigned to any user-defined Admin Domain. AD0 also contains members that you explicitly added (similar to user - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 157
see which devices, switch ports, and switches have not yet been the root zone database is exchanged with AD-unaware switches. AD255 AD255 is used for Admin Domain management. Domain at a time. You can later switch to a different Admin Domain (see "Switching to a different Admin Domain context" on - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 158
example: . The index range arguments are expanded and stored in the Admin Domain member list. If a device is a member of an Admin Domain, the switch port to which the device is connected becomes an indirect member of that Admin Domain and the domain,index is removed from the AD0 implicit - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 159
switch. • A switch member allows switch administrative operations such as disabling and enabling a switch, rebooting, and firmware downloads. • A switch member does not provide zoning rights for the switch , if the switch WWN is: 10:00:00:60:69:e4:24:e0 the converted WWN for that switch in AD1 would - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 160
9 Filtered fabric views showing converted switch WWNs Admin Domain compatibility and availability Admin Domains maintain continuity of service for Fabric OS features and operate in mixed-release fabric environments. High Availability is supported with some backward compatibility. The following - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 161
capable fabric AD-capable fabric Figure 10 Isolated subfabrics Firmware upgrade considerations These two subfabrics have different AD databases creation operations will fail and the local switch will show up as a non-AD-capable switch in the fabric). Admin Domain management guide 161 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 162
Setting the default zone mode To begin implementing an Admin Domain structure within your SAN, you must first set the default zone mode to No Access. You must mode. To set the default zone mode: 1. Log in to an AD-aware switch in the fabric with the appropriate RBAC role. 2. Ensure you are in the AD0 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 163
Access, if you have not already done so. See "To set the default zone mode:" on page 162 for instructions. 3. Switch to the AD255 context, if you are not already in that context: ad --select 255 4. Issue the ad is the default Admin Domain context after login. Fabric OS 6.1.1 administrator guide 163 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 164
. When you downgrade to pre-Fabric OS 5.2.0 firmware, the userConfig command records are interpreted using legacy logic. To create a new user account for managing Admin Domains: 1. Connect to the switch and log in as admin. 2. Issue the userconfig --add command using the -r option to set the role - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 165
new admin domain. Do you want to activate 'AD_B5' admin domain (yes, y, no, n): [no]: y switch:AD255:admin> To deactivate an Admin Domain: If you deactivate an Admin Domain, the members assigned to the Admin Domain The deactivate option does not disable ports. Fabric OS 6.1.1 administrator guide 165 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 166
of device WWNs or domain,index members, and switch_list is a list of switch WWNs or domain IDs. 4. Issue the appropriate command, based on whether that Admin Domain is automatically deleted. 1. Connect to the switch and log in as admin. 2. Switch to the AD255 context, if you are not already in that - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 167
have access to the members of the zones with which it was associated. 1. Connect to the switch and log in as admin. 2. Switch to the Admin Domain that you want to delete. ad --select ad_id 3. Clear the zone Domain is in an activated or deactivated state. Fabric OS 6.1.1 administrator guide 167 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 168
the ad --apply command to save the Admin Domain definition and directly apply the definition to the fabric. The following example deletes Admin Domain AD_B3. switch:AD255:admin> ad --delete AD_B3 You are about to delete an AD. This operation will fail if zone configuration exists in the AD Do you - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 169
configuration AD Number: 2 AD Name: ad2 State: Active Switch port members: 1,1; 1,3; 2,5+; 3,6 Member does not exist + - Member is AD Unaware SAN management with Admin Domains This section is for users and administrators conditions listed in Table 48 is met. Fabric OS 6.1.1 administrator guide 169 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 170
to the specified Admin Domain, performs the specified command, and exits the shell. To execute a command in a different Admin Domain context: 1. Connect to the switch and log in. 2. Issue the ad --exec command, specifying the Admin Domain and the command you want to execute: ad --exec ad_id "command - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 171
01; Switching to a different Admin Domain context You can switch between switch:admin> ad --select 12 switch:AD12:admin> logout switch switch can control only the local switch ports as specified in the Admin Domain. When the fabric is in secure mode, the following applies: • There is no support - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 172
(continued) Fabric OS feature Admin Domain interaction FC-FC Routing Service You can create LSAN zones as a physical fabric administrator or as be controlled using the Management Server ACL support provided by the msConfigure command. Note that this is a switch-specific setting and not a fabric- - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 173
offline. • The device is online, but is connected to a non-AD-capable switch. • the device is online, but is not part of the current Admin Domain the sum of all the zone databases for each AD. Admin Domains support the default zone mode of noaccess only. Before configuring any Admin Domain guide 173 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 174
See "Using the FC-FC routing service" on page 311 for additional information about LSAN zones. Configuration upload and download in an AD context The behavior of configUpload and configDownload varies depending on the AD context and whether the switch is a member of the current Admin Domain. In the - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 175
the entire switch; they can be inserted only into slots 5 and 6 on the 4/256 SAN Director, and Troubleshooting and Diagnostics Guide. Firmware download process overview You can download Fabric OS to a Director, which is a chassis; and to a non-chassis-based system, also referred to as a switch - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 176
. Always reference the latest HP StorageWorks Fabric OS release notes for updates that may exist regarding downgrades. Effects of firmware changes on accounts and passwords Table 51 describes what happens to accounts and passwords when you replace the switch firmware with a different version. Table - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 177
and included with any trouble reports. 5. Connect to the switch and log in to the switch as admin. Issue the supportSave command to retrieve all current core files prior to executing the firmware download. This helps to troubleshoot the firmware download process if a problem is encountered. If you - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 178
4Gb Blade (FC4-16),nl HP StorageWorks 32 Port 4Gb Blade (FC4-32),nl HP StorageWorks 400 MP Router,nl HP StorageWorks 4/32 SAN Switch 5.1.1b Brocade 4Gb SAN Switch for HP p-ClassBladeSystem,nl Brocade 4Gb SAN Switch for HP c-Class BladeSystem HP StorageWorks DC SAN Backbone Director (short name, DC - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 179
firmware version. If the 4/8 SAN Switch, 4/16 SAN Switch, 8/8 SAN Switch, 8/24 SAN Switch, 8/40 SAN Switch, 8/80 SAN Switch, SAN Switch 2/8V, SAN Switch 2/16V, SAN Switch 2/32, Brocade 4Gb SAN Switch for HP p-Class BladeSystem, Brocade 4Gb SAN Switch for HP c-Class BladeSystem, SAN Switch - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 180
Firmware download on switches HP StorageWorks 4/8 SAN Switch, 4/16 SAN Switch, Brocade 4Gb SAN Switch for HP p-Class BladeSystem, Brocade 4Gb SAN Switch for HP c-Class BladeSystem, SAN Switch 4/32, 4/64 SAN Switch, SAN Switch 4/32B, 8/8 SAN Switch, 8/24 SAN Switch, 8/40 SAN Switch, 8/80 SAN Switch, - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 181
for SCP, where the firmware file is stored; for example, 192.1.2.3. IP6 and DNS are supported by firmwareDownload in 5.3.0 and Firmware is being downloaded to the switch. This step may take up to 30 minutes. Downloading firmware to a Director You can download firmware to the HP StorageWorks 4/256 SAN - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 182
. The entire firmware download and commit process takes approximately 15 minutes. If there is a problem, wait for the time-out (30 minutes for network problems). Disrupting the process can render the switch inoperable and require you to seek help from HP. Do not disconnect the switch from power - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 183
firmware version on connected switches. Upgrade the firmware, if necessary, before proceeding with upgrading this switch. See "Checking connected switches not synchronized, contact HP. 7. Issue the firmwareDownload firmware file is stored; for example, 192.1.2.3. IP6 and DNS are Address supported - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 184
log in again as admin. Using a separate session to connect to the switch, issue the firmwareDownloadStatus command to monitor the firmware download status. sw77:root> firmwareDownloadstatus [1]: Thu Jul 28 00:30:49 2005 Slot 2 : Firmware is being downloaded to the blade. It may take up to 30 minutes - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 185
a USB device NOTE: The USB device ships with the DC Director only. The 8/8 SAN Switch, 8/24 SAN Switch, 8/40 SAN Switch, 8/80 SAN Switch and the DC Director support a firmware download from an HP branded USB device attached to the switch or active CP. Before the USB device can be accessed by the - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 186
switch as admin. 2. Issue the firmwareDownload command with the -U operand: admin>firmwaredownload -U /usb/usbstorage/brocade/firmware/v6.1.1 Director restrictions for downgrading Note the following restrictions: • 4/256 SAN are not supported on this Director. FIPS Support Federal information - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 187
switch. So for easy access, the information regarding firmware versions and their corresponding public key files should be documented in the release notes or stored in a known location in the HP download the firmware from the the switch. the firmware directory, omitted if firmware is accessible - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 188
party application images are not signed. Configuring the switch for signed firmware To configure the switch for signed firmware: 1. Log in to the switch as admin. 2. Issue the configure command. 3. Respond to the prompts as follows: System Service Default is no; press Enter to select default - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 189
, make sure you disabled all features that are not supported by the original firmware before restoring to the original version. Testing a different firmware version on a switch To test a different firmware version on a switch: 1. Verify that the FTP or SSH server is running on the host server - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 190
of each CP. This procedure enables you to evaluate firmware before you commit. As a standard practice, you should not run mixed firmware levels on CPs. To test a different firmware version in a Director: 1. Connect to the HP logical switch IP address. 2. Issue the ipAddrShow command and note the - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 191
. IMPORTANT: Stop! If you want to restore the firmware, stop here and skip ahead to step 12; otherwise, continue to step 10 to commit the firmware on both CPs, which completes the firmware download. 10. Perform a commit on the standby CP: From the current switch session on the standby CP, issue the - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 192
to the fabric and further troubleshooting is necessary. The firmwareShow command displays the current firmware level on the switch. For Directors, this command displays the firmware loaded on both partitions (primary and secondary) for both CPs and AP blades. HP recommends that you maintain the - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 193
attached devices after the firmware download is exactly the same as the number of attached devices prior to the firmware download. The nsAllShow command the firmware download. The fabricShow command displays all switches in a fabric. Make sure the number of switches in the fabric after the firmware - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 194
194 Installing and maintaining firmware - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 195
fabric within its specified zone. For example, you can partition your SAN into two zones, winzone and unixzone, so that your Windows servers on the affected switches should a zoning operation be attempted from a remote switch in the fabric. On the affected switches, an error administrator guide 195 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 196
the specific WWN of the server HBA. It is needed in most SANs. It functions during the probe portion of SCSI initialization. The server probes Host-based zoning can implement WWN or LUN masking. Fabric-based Fabric switches implement fabric-based zoning, in which the zone members are identified by - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 197
objects A zone object is any device in a zone, such as: • Physical port number or port index on the switch • Node World Wide Name (N-WWN) • Port World Wide Name (P-WWN) Zone objects identified by port number or index for example, 10:00:00:90:69:00:00:8a. Fabric OS 6.1.1 administrator guide 197 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 198
zone objects 2,12; 2,14; 10:00:00:80:33:3f:aa:11 contains the devices connected to domain 2, ports 12 and 14, index, and WWN. NOTE: If your fabric has a switch with a Fabric OS version earlier than 5.2.0, you cannot use and provide the most generic services. If other configurations are used - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 199
however, only that there is no configuration active in the fabric. On power-up, the switch automatically reloads the saved configuration. If a configuration was active when it was saved, the same host from accessing a device it is not authorized to access. Fabric OS 6.1.1 administrator guide 199 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 200
models. Table 55 shows various HP switch models, the hardware zoning methodology for each, and tips for best usage. Table 55 Enforcing hardware zoning Fabric type Brocade 2000-series Methodology Best practice Enable hardware-enforced zoning only on domain,port zones; WWN or mixed zones are - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 201
HP StorageWorks 4/8 SAN Switch, 4/16 SAN Switch, Brocade 4Gb SAN Switch for HP p-Class BladeSystem, Brocade 4Gb SAN Switch for HP c-Class BladeSystem, SAN Switch 4/32, 4/64 SAN Switch, SAN Switch 4/32B, 400 MP Router, 8/8 SAN Switch, 8/24 SAN Switch, 8/40 SAN Switch, and 8/80 SAN Switch, 4/256 SAN - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 202
Port_WWN Zone4 Zone Boundaries 22.4b(13.4) Figure 14 Zoning with hardware assist (mixed-port and WWN zones) Port_Zone1 Port_Zone2 WWN_Zone1 Core Switch WWN_Zone2 Zone Boundaries Figure 15 Session-based hard zoning 22.5b(13.5) In Figure 15, only the overlapping ports are software-enforced - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 203
supported. Testing Before implementing a new zone, you should run the Zone Analyzer from Web Tools to isolate any possible problems of a functioning SAN, the pause in switch versus an edge switch. • Zone using an enterprise-class platform rather than a switch. Fabric OS 6.1.1 administrator guide - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 204
Supported switches for broadcast zones Broadcast zoning is enforced only for Fabric OS 5.3.x or later switches. If the fabric contains switches to prevent inter-fabric forwarding of broadcast frames to switches running older versions of firmware. Broadcast zones and Admin Domains Each Admin Domain - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 205
zone objects" on page 219 for complete instructions. Broadcast zones and FC-FC routing If remote fabric. See "Using the FC-FC routing service" on page 311 for information about proxy devices and broadcast" before you upgrade. The firmware download fails if a pre-5.3.x switch has a zone with the name - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 206
is running pre-5.3.0 firmware, the broadcast zone does not have any effect on devices connected to that remote switch. The zone --validate command can flag devices that are part of a broadcast zone and are connected to a pre-5.3.0 switch. HP strongly recommends that you run zone --validate whenever - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 207
add members to an alias: 1. Connect to the switch and log in as admin. 2. Issue the aliAdd switch:admin> aliadd "array1", "1,2" switch:admin> aliadd "array2", "21:00:00:20:37:0c:72:51" switch:admin> aliadd "loop1", "5,6" switch from an alias: 1. Connect to the switch and log in as admin. 2. Issue - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 208
, y, no, n): [no] y To delete an alias: 1. Connect to the switch and log in as admin. 2. Issue the aliDelete command with the following syntax. alidelete value is 0. The following example shows all zone aliases beginning with arr: switch:admin> alishow "arr*" alias: array1 21:00:00:20:37:0c:76 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 209
Creating and maintaining zones Reliable Commit Service (RCS) is a fabric-wide capability and is supported only if all switches in the fabric are running Fabric OS 4.1 and later. RCS guarantees that either all or none of the switches receive the new zone configuration. You should use RCS to secure a - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 210
take effect until it is re-enabled. Do you want to save Defined zoning configuration only? (yes, y, no, n): [no] y To delete a zone: 1. Connect to the switch and log in as admin. 2. Issue the zoneDelete command with the following syntax: zonedelete "zonename" where zonename is the name of zone to be - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 211
, n): [no] y To view a zone in the defined configuration: 1. Connect to the switch and log in as admin. 2. Issue the zoneShow command with the following syntax: zoneshow "pattern sensitive; blank spaces are ignored. switch:admin> zone --validate "White_zone" Fabric OS 6.1.1 administrator guide 211 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 212
exist The mode flag -m can be used to specify the zone database location. Supported mode flag values are: • 0 - zone database from the current transaction buffer in the fabric. Setting the default zoning mode 1. Connect to the switch and log in as admin. 2. Issue the cfgActvShow command to view - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 213
mode: 1. Connect to the switch and log in as admin. 2. Issue the defZone --show command. NOTE: If you performed a firmware download of an older release, preventing the new switch from joining the fabric. NOTE: Fabric OS 5.2.0 and later support a zoning database size of 1 MB. To support a 1 MB - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 214
also causes routing inconsistencies. The best way to avoid either type of segmentation is to know the zone database size limit of adjacent switches. The following tables provide the expected behavior based on different database sizes after a zone merge is specified. Table 58 Resulting database size - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 215
Segment Segment Segment Join Join Segment Segment Join Segment Join Segment Join Segment XPath 7.3 Segment Segment Segment Segment Segment Segment Segment Segment Fabric OS 6.1.1 administrator guide 215 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 216
exceed 64 bytes per item. When enabling a new zone configuration, you must ensure that the size of the configuration does not exceed the minimum size supported by all switches in the fabric. This is particularly important if and when you downgrade to a Fabric OS version that - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 217
. 3. Issue the cfgSave command to save the change to the defined configuration. switch:admin> cfgadd "newcfg", "bluezone" switch:admin> cfgsave You are about to save the Defined zoning configuration. This action will of a member from zone1 was done in error: Fabric OS 6.1.1 administrator guide 217 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 218
1,0 21:00:00:20:37:0c:76:85 21:00:00:20:37:0c:71:df To view selected zone configuration information: 1. Connect to the switch and log in as admin. 2. Issue the cfgShow command and specify a pattern. cfgshow "pattern"[, mode] where: pattern mode A POSIX-style regular expression used to match - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 219
zone configurations: 1. Connect to the switch and log in as admin. 2. Issue the defined configuration. switch:admin> cfgclear memory for all switches in the fabric. a zone object: 1. Connect to the switch and log in as admin. 2. Issue switch:admin> cfgshow "Test*" cfg: Test1 Blue_zone Fabric - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 220
the zone object. Note that zone configuration names are case-sensitive; blank spaces are ignored and it works in any Admin Domain other than AD255. switch:admin> zone --expunge "White_zone" 4. Issue the cfgShow command to verify the deleted zone object is no longer present. 5. If you want the change - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 221
to create an appropriate configuration for your SAN environment. After the changes have been made switches must be in the native operating mode. • Secure Fabric OS: The switch being merged into the existing fabric must not have Secure Fabric OS enabled. Fabric OS 6.1.1 administrator guide - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 222
If Secure Fabric OS is enabled on one switch, it must be enabled on all switches in the fabric; however, Secure Fabric OS is not supported in Fabric OS 6.0.0 or later. • Default Zone: The switch being merged into the existing fabric should be configured with the same default zone mode as the - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 223
be used to administer zoning (depending on the policies; see the Secure Fabric OS Administrator's Guide for information about security policies). You must perform zone management operations from the primary FCS switch using a zone management interface, such as Telnet or Advanced Web Tools. You can - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 224
224 Administering Advanced Zoning - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 225
information see the HP StorageWorks SAN Director hardware reference manual or the HP StorageWorks DC SAN Backbone Director hardware reference manual. Identifying ports Because Directors contain interchangeable port blades, their procedures differ from those for fixed-port switches. For example - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 226
bottom to top on the left set of ports and 24 through 47 from bottom to top on the right external port to give it a unique identifier in a switch. To select a specific port in the 4/256 Director match. On 48-port blades, port swapping is supported only on ports 0-15. To determine the area ID of - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 227
an index value equal to the area_ID assigned to the port. If a switch is using Core PID format, and no port swapping has been done, the those ports' area_ID and index values. NOTE: The portSwap command is not supported for ports above 256. Table 63 shows the area ID and index mapping for guide 227 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 228
with no port swap (continued) Port on blade 30 29 28 27 26 25 24 23 22 21 20 19 18 17 16 15 14 13 12 11 10 9 8 7 6 5 4 3 2 1 0 Slot 1Idx/area 134/134 133/133 132/132 131/131 130/130 129/129 128/128 15/15 14/14 13/13 12/12 11/11 10/10 9/9 8/8 7/7 6/6 5/5 4/4 3/3 2/2 1/1 0/0 Slot 2Idx/area 158/158 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 229
switch, powering a port blade off and on, and disabling and enabling a port blade. Customizing enterprise-class platform names HP by default when the switch chassis is powered on CLI interface. You must manually power off the blades by unseating on: switch:admin> slotpoweron 3 Powering on slot 3 switch:admin - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 230
command with the slot number of the port blade you want to enable: switch:admin> bladeenable 3 Slot 3 is being enabled FR4-18i blade exceptions Note 48 and FC8-48 blades support only F, G and E_Ports. They do not support FL_Ports. Port swapping on an FC4-48 or FC8-48 is supported only on ports 0-15. - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 231
supporting 10 Gbps port speed. Blade provides 10-Gbps ISLs. This port blade is compatible only with the 4/256 Director CP blades (using chassis configuration option 5) and the DC Director CP blades. 24 CP blades (using chassis configuration option 5). Fabric OS 6.1.1 administrator guide 231 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 232
CP blades The 4/256 Director supports the CP4 blade. The DC Director supports the CP8 blade. Mixed CP blades are not supported on a single chassis, except during specific upgrade procedures detailed in the HP StorageWorks SAN Director hardware reference manual. CP4 and CP8 blades cannot be mixed in - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 233
in a single Fibre Channel domain. Table 66 lists the supported configuration options for the 4/256 Director. Table 66 Supported configuration options Option Number Maximum of number of ports domains per switch Supported port blades Supported Notes CP blades 1 1 128 FC2-16, FC4-16 CP2 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 234
display the status of all slots in the chassis: 1. Connect to the switch and log in as user or admin. 2. Issue the slotShow command to was detected. The reason code numbers displayed are used by Support personnel to assist with problem diagnosis. Review the system error logs for more information. - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 235
Link behavior between two HP StorageWorks DC Directors An the ICL ports only when you issue the portDisable or portEnable commands on the switch for the ports. All ICL ports must be disabled, and then re- features are supported: • 8 Gbps speed • Trunking • Credit sharing • QoS Fabric OS - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 236
236 Configuring Directors - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 237
-enable it afterward. To display the current and supported policies: 1. Connect to the switch and log in as admin. 2. Issue the aptPolicy command with no parameters: aptPolicy The current policy is displayed, followed by the supported policies for the switch: Fabric OS 6.1.1 administrator guide 237 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 238
routes are supported only on the 4/8 SAN Switch, 4/16 SAN Switch, SAN Switch 4/32, and SAN Switch 4/32B platforms. Static routes are not supported on the 8/8 SAN Switch, 8/24 SAN Switch, 4/64 SAN Switch, 8/40 SAN Switch, 8/80 SAN Switch, 400 MP Router, 4/256 SAN Director, or DC SAN Backbone Director - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 239
the switch in the switch in one switch in the on other switches in the traffic between switches is HP B-series switches enable IOD by default to ensure frames are delivered in order, as not all HP the switch and switches. DLS recomputes load sharing when any of the following occurs: • A switch - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 240
. 3. Issue the dlsSet command to enable DLS or the dlsReset command to disable it. switch:admin> dlsshow DLS is not set switch:admin> dlsset switch:admin> dlsshow DLS is set switch:admin> dlsreset switch:admin> dlsshow DLS is not set Viewing routing path information The topologyShow and uRouteShow - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 241
the following syntax for the 4/8 SAN Switch, 4/16 SAN Switch, 8/8 SAN Switch, 8/24 SAN Switch, Brocade 4Gb SAN Switch for HP p-Class BladeSystem, Brocade 4Gb SAN Switch for HP c-Class BladeSystem, SAN Switch 4/32, 4/64 SAN Switch, SAN Switch 4/32B, 8/40 SAN Switch, 8/80 SAN Switch, and 400 MP Router - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 242
domain ID. You must specify a value between 1 and 239. Source Port The port number (or area number for enterprise-class platforms) on which the switch receives frames. Destination Port The output port the frames use to reach the next hop on this path. For the last hop, the destination port - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 243
from on this path. For hop 0, the source port. Domain ID The domain ID of the switch. Name The name of the switch. Out Port The output port that the frames use to reach the next hop on this path. by FSPF routing protocol. It applies only to an E_Port. Fabric OS 6.1.1 administrator guide 243 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 244
244 Routing traffic - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 245
on HP supported interop configurations, see the HP StorageWorks Fabric interoperability application notes for merging B-Series fabrics with fabrics based on C-Series and M-Series Fibre Channel switches on the following HP website: http://h18000.www1.hp.com/products/storageworks/san/documentation - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 246
246 Implementing an interoperable fabric - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 247
It is replicated on every HP StorageWorks switch within a fabric. • It that all switches in the fabric support the MS platform service; otherwise, the manual for details. NOTE: The commands msplMgmtActivate and msplMgmtDeactivate are allowed only in AD0 and AD255. Fabric OS 6.1.x administrator guide - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 248
. Would you like to continue this operation? (yes, y, no, n): [no] y Request to deactivate MS Platform Service in progress...... *Completed deactivating MS Platform Service in the fabric! switch:admin> Accessing the Management Server database You can use the msConfigure command to control access to - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 249
Connect to the switch and log Enter to update the nonvolatile memory and end the session. switch:admin> msconfigure 0 Done 1 Display the access list 10:00:00:60:69:04:11:24 10:00:00:60:69:04:11 to the flash. switch:admin> Deleting a member from the ACL 1. Connect to the switch and log in as - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 250
the FLASH? prompt, enter y. 8. Press Enter to update the nonvolatile memory and end the session. switch:admin> msconfigure 0 Done 1 Display the access list 2 Add member based on its Port/Node WWN 20:00:00:20:37:65:ce:33 10:00:00:60:69:04:11:24 10:00:00:60:69:04:11:23 21:00:00:e0:8b:04:70 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 251
fabric: switch:admin> mstdenable Request to enable MS Topology Discovery Service in progress.... *MS Topology Discovery enabled locally. switch:admin> switch and log in as admin. 2. Issue the appropriate following command based on how you want to disable discovery: Fabric OS 6.1.x administrator guide - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 252
This may erase all NID entries. Are you sure? (yes, y, no, n): [no] y Request to disable MS Topology Discovery Service in progress.... *MS Topology Discovery disabled locally. switch:admin> mstddisable all This may erase all NID entries. Are you sure? (yes, y, no, n): [no] y Request to disable - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 253
services to the iSCSI initiators: • Access to the fabric using virtual FC devices (iSCSI virtual initiator) • Supports iSCSI gateway translates iSCSI protocol to Fibre Channel Protocol (FCP), bridging the IP network and FC SAN. Figure 18 shows a basic implementation. iS CS I i n i ti a to guide 253 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 254
. Figure 19 shows the interaction of different layers from the iSCSI initiator stack to the FC target stack, including the iSCSI gateway service used during protocol translation. A pplic a tion SCSI iS C S I T C P /IP iS C S I initiator iS C S I T C P /IP iS C S I virtual target (V T ) FC P (FC - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 255
2 LUN 20 21 22 23 24 25 Figure 21 iSCSI VT advanced LUN service supports IQN only to identify the iSCSI components, such as the iSCSI initiator and iSCSI VT. Every iSCSI initiator and iSCSI VT on the same network and SAN must have a unique IQN. A Brocade-created IQN includes 2002-12.com.brocade - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 256
VT 1 iqn.2002-12.com.brocade:10: 00:00:05:1e:aa:bb:cc IP Network VT 2 iqn.2002-12.c om.broc ade: 10: 00: 00: 05: 1e: c c : bb: aa VT 3 iqn.2002-12.c om.broc ade: 10 change the IQN prefix: switch:admin>iscsiswcfg --modifygw -t iqn.2007-10.com.brocade The operation completed successfully services - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 257
configuration example Switch-to-iSCSI initiator authentication iSCSI sessions are authenticated using CHAP (Challenge Handshake Authentication Protocol). The iSCSI gateway service supports the following parameter. It is independently enabled and disabled. Fabric OS 6.1.x administrator guide 257 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 258
redirection for ports on blades located in slots 3, 4, and 9. switch:admin> iscsiswcfg --enableconn -s 3,4,9 The operation completed successfully • To disable connection redirection, use the iscsiSwCfg --disableconn command. For the 4/256 SAN Director, the -s option can be used to - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 259
supported by the iSCSI gateway service. Table 69 Supported (default initiator) • SUSE 10 (default initiator) HP-UX • 11i v1 - B11.11.03e • HP NC3xx Checklist for configuring iSCSI Configure the iSCSI gateway service after you install the FC4-16IP blade in the 4/256 SAN iSCSI gateway service" on page - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 260
iSCSI virtual target. iscsiCfg --create tgt -t "Manual iSCSI VT creation" on page 268 6 Add LUNs to "Setting the user name and shared secret" on page 273 12 Bind specific user names to iSCSI virtual targets to control access. the iSNS client service" on page 282 260 iSCSI Gateway - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 261
as described in the FC4-16IP hardware reference manual before performing these procedures. NOTE: Only the 4/256 SAN Director with an iSCSI-enabled FC4-16IP blade running Fabric OS 5.2.0 or later supports the iSCSI gateway service. You can also configure an FC4-16IP blade through the Web Tools - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 262
the iSCSI gateway service on the 4/256 SAN Director. 1. Connect and log in to the switch. 2. Issue the fosConfig --show command to show the current Fabric OS configuration: switch:admin> fosconfig --show FC Routing service:disabled iSCSI service:disabled iSNS Client service:disabled 3. Issue the - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 263
the TCP/IP parameters of a GbE port even when iSCSI gateway service is disabled. Address resolution protocol (ARP) entries for the IP switch:admin> portcfg ipif 3/ge0 create 30.0.127.30 255.255.0.0 8256 NOTE: 1500 bytes is the standard maximum packet size in an IP network. If your network supports - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 264
gateway: switch:admin> as follows: switch:admin> portshow connection: switch:admin> arp command to configure additional ARP entries: switch:admin> portcfg arp 3/ge0 add 30.0.30 issuing the portShow command. switch:admin> portshow arp 3/ge0 Guide automatically generated or manually created. After - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 265
Generating iSCSI VTs for every FC target 1. Connect and log in to the switch. 2. Issue the iscsiCfg --easycreate tgt command with no options. The command yes to continue. IQNs are created. The default value of iqn.2002-12.com.brocade is used for the prefix unless it has been changed by issuing the - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 266
23 2f:df:00:06:2b:0d:10:ba iqn.2002-12.com.brocade:2f:df:00:06:2b:0d:10:ba Operation Succeeded Operation Succeeded 24 2f:ff:00:06:2b:0d:12:9a iqn.2002-12.com.brocade:2f:ff:00:06:2b:0d:12:9a Operation Succeeded 4. Issue the iscsiCfg --show tgt command to - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 267
:00:06:2b:0d:10:ba Online/Defined Name: State/Status: iqn.2002-12.com.brocade:2f:ff:00:06:2b:0d:12:9a Online/Defined Generating an iSCSI VT for a specific FC target 1. Connect and log in to the switch. 2. Issue the iscsiCfg --easycreate tgt command with the -w option to create - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 268
switch:admin> iscsicfg --show tgt Number of records found: 1 Name: iqn.2002-10.com.brocade:21:00:00:04:cf:e7:74:cf State/Status:Online/Defined Auth. Method:None Manual iSCSI VT creation Create iSCSI VTs manually example: switch:admin> iscsicfg --create tgt -t iqn.2002-12.com.brocade:example-disk001 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 269
switch 00:06:2b:0d:12:99 Target Port WWN: 2f:ff:00:06:2b:0d:12:99 Target Pid: for the iSCSI VT in the format: iqn.2002-12.com.brocade:. • -w specifies the port WWN of the physical LUNs For example. switch:admin> iscsicfg --add lun -t iqn.2002-12.com.brocade:example-disk001 \ -w - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 270
IQN that identifies the iSCSI VT. For example. switch:admin> iscsicfg --show lun -t iqn.2002-12.com.brocade:example-disk001 Number of targets found: 1 Target: switch:admin>iscsicfg --delete lun -t iqn.2005-10.com.brocade:tgt1 -l 2-4,5 The operation completed successfully 270 iSCSI Gateway services - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 271
switch:admin> iscsicfg --show lun Number of targets found: 2 Target: iqn.2006-10.com.example:disk001 Number of LUN Maps: 2 FC WWN Virtual LUN(s) 21:00:00:04:cf:e7:73:7e 0 2f:ff:00:06:2b:0d:12:99 1-2 Physical LUN(s) 0 0-1 Target: iqn.2002-10.com.brocade not supported if the iSNS service is - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 272
switch:admin> iscsicfg --create dd -d dd-host001 -m \ "iqn.1991-05.com.microsoft:host001.brocade brocade.com iqn.2006-10.com.example:disk001 Creating and enabling a discovery domain sets 1. Connect and log in to the switch . switch:admin .microsoft:host001.brocade.com iqn DDSet: switch:admin> iscsicfg - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 273
supports switch. 2. Issue the iscsiCfg --create auth and shared secret: switch:admin> iscsicfg switch:admin> iscsicfg --modify tgt -t iqn.2006-10.com.brocade: switch:admin> iscsicfg --show tgt -t iqn.2006-10.com.brocade:example-disk001 -v Number of records found: 1 Name: iqn.2006-10.com.brocade - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 274
user name: switch:admin> iscsicfg --deleteusername tgt -t iqn.2002-10.com.brocade:tgt -u isisctgt1 in to the switch. 2. Issue the iscsiCfg --show auth command: switch:admin> iscsicfg -- to the switch. 2. Issue the iscsiCfg --show transaction command to display the pending transactions: switch:admin> - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 275
of the switches will function been resolved: switch:admin> iscsicfg --show fabric Switch IDSwitch WWN the local switch are used LUNs to the switch. You can switch. For: example. switch:admin> iscsicfg --easycreate tgt -s The following WWNs will be used for any easycreate operation from this switch - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 276
of the switch. The following is an example. switch:admin> fclunquery -s The following WWNs will be used for any lun query from this switch: Node WWN SAN L UNs FC Target 2 FC Target 3 L UNs DD2 IP FC iS C S I gateway s ervic e iS C S I zone L UNs FC Target 4 Figure 25 iSCSI gateway service - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 277
gateway service components can be easily differentiated from other devices in SAN fabric 12:99 1-2 Physical LUN(s) 0 0-1 Target: iqn.2002-10.com.brocade:21:00:00:04:cf:e7:74:cf Number of LUN Maps: 1 FC WWN Virtual LUN(s) Physical LUN(s) 21:00:00:04:cf:e7:74:cf 0 0x0000000000000000 switch - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 278
to display the WWN information for the iSCSI virtual initiators: switch:admin> nsshow { Type Pid COS PortName NodeName TTL(sec) 00:60:69:e0:01:56 Permanent Port Name: 2f:ff:00:06:2b:0d:12:99 Port Index: 35 Share Area: No Device Shared in Other AD: No N 63:18 278 iSCSI Gateway services - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 279
To display the FC target WWNs for switches other than the 4/256 SAN Director, telnet into that switch and issue the nsShow command. Record the 00:00:04:cf:e7:73:7e; 2f:ff:00:06:2b:0d:12:99" switch:admin> switch:admin> alicreate ISCSI_VI_SWITCH1_SLOT3, "50:06:06:9e:00:15:63:00; administrator guide 279 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 280
OS Command Reference. 9. Issue the cfgSave command to save the change to the defined configuration. switch:admin> cfgsave You are about to save the Defined zoning configuration. This action will only save configuration only? (yes, y, no, n): [no] y Updating flash ... 280 iSCSI Gateway services - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 281
AN iS C S I gateway s ervic e Figure 26 iSCSI network with iSNS server and clients NOTE: Fabric OS supports only Microsoft iSNS Server 3.0 and later. Displaying iSNS client service status 1. Connect and log in to the switch. 2. Issue the fosConfig command to show the current Fabric OS configuration - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 282
and configure the iSNS server IP address. Fabric OS supports one iSNS server connection. NOTE: If DD and DDSets are configured on the fabric, clear the DD and DDSet configurations before enabling iSNS client services. 1. Connect to the switch and log in. 2. Issue the fosConfig --enable isnsc command - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 283
service is disabled: switch:admin> fosconfig --show FC Routing service:disabled iSCSI service:enabled iSNS Client service: switch. 2. Issue the isnscCfg --clear command to clear the iSNS configuration: switch:admin> isnsccfg --clear Cleared iSNS server IP address Fabric OS 6.1.x administrator guide - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 284
284 iSCSI Gateway services - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 285
of registering with all services of the fabric. Each SAN Switch 4/32, SAN Switch 4/32B, 4/64 SAN Switch, 8/8 SAN Switch, 8/24 SAN Switch, 8/40 SAN Switch, 8/80 SAN Switch, 4/256 Director, and DC SAN Backbone Director have NPIV enabled for every port. NOTE: Director blade FC10-6 does not support - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 286
command. 4. Press Enter, accepting the defaults, until you reach F-Port login parameters. 5. Enter yes or y and the prompt. 6. Select the maximum logins per switch and press Enter to keep the parameter. 7. Select the maximum logins per port and press Enter to keep the parameter. 8. Press Ctrl-C to - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 287
The following example shows whether or not a port is configured for NPIV: switch:admin> portcfgshow Ports of Slot 0 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 Speed AN AN AN AN AN AN AN AN AN AN AN AN AN AN AN 50:05:07:64:01:e0:73:b8 50:05:07:64:01:20:73:b5 Fabric OS 6.1.x administrator guide 287 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 288
virtual) port WWNs that are listed under portWwn of device(s) connected. Following is sample output for the portShow command: switch:admin> portshow 2 portName: 02 portHealth: HEALTHY Authentication: None portDisableReason: None portCFlags: 0x1 portFlags: 0x24b03 PRESENT ACTIVE F_PORT G_PORT NPIV - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 289
login information for the virtual PIDs of a port. Following is sample output from the portLoginShow command: switch:admin> portloginshow 2 Type PID World Wide Name credit df_sz cos fe 630240 c0:50:76:ff:fb c scr=3 scr=3 scr=3 d_id=FFFFFC d_id=FFFFFC Fabric OS 6.1.x administrator guide 289 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 290
290 Administering NPIV - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 291
ensure optimized behavior in the SAN. Even under the worst zone is activated, the fabric attempts to isolate all inter-switch traffic entering from a member of the zone to only "1,7", "1,8", "4,5", and "4,6" • E_Ports: "1,1", "3,9", "3,12", and "4,7". The dotted line indicates the dedicated path - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 292
In Figure 27, all traffic entering Domain 1 from N_Port 8 is routed through E_Port 1. Similarly, traffic entering Domain 3 from E_Port 9 is routed to E_Port 12, and traffic entering Domain 4 from E_Port 7 is routed to the device through N_Port 6. Traffic coming from other ports in Domain 1 would not - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 293
is blocked because the non-dedicated path is not the shortest path. Domain 1 8 1 9 3 Domain 3 9 14 12 15 = Dedicated Path 16 = Ports in the TI zone Domain 2 Figure 28 Dedicated path is the only shortest path. even though the E_Ports are not in Fabric OS 6.1.x administrator guide 293 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 294
configured to be the shortest path. Domain 1 8 1 9 3 Domain 3 9 14 12 15 16 = Dedicated Path = Ports in the TI zone Domain 2 Figure 29 Dedicated path the FC-FC routing service" on page 311 for information about FC routers, phantom switches, and the FC-FC Routing Service. Some VE_Port-based - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 295
not available, devices are not imported. NOTE: For TI over FCR, all switches in the backbone fabric and the edge fabrics must be running Fabric OS 6.1.0 In the TI zone, when you designate E_Ports between the front and xlate phantom switches, you must use -1 in place of the I in the D,I notation. - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 296
Using D,I notation, the members of the TI zone in Figure 31 are: • 1,8 • 1,1 • 3,-1 (E_Port for the front phantom domain) • 4,-1 (E_Port for the xlate phantom domain) Note that in this configuration the traffic between the front and xlate domains can go through any path between these two domains. - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 297
: • Traffic Isolation is supported only on the HP StorageWorks 4/8 SAN Switch, 4/16 SAN Switch, SAN Switch 4/32, 4/64 SAN Switch, SAN Switch 4/32B, 8/8 SAN Switch, 8/24 SAN Swtich, 8/40 SAN Switch, 8/80 SAN Switch, 400 Multi-protocol Router, 4/256 SAN Director, and DC SAN Backbone Director (short - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 298
fabrics configured in Open Fabric Mode (interopmode 3). VE_Ports are supported in TI zones. • Traffic Isolation is not supported in fabrics with switches running firmware versions earlier than Fabric OS 6.0.0b (earliest 6.0x version HP supported). However, the existence of a TI zone in such a fabric - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 299
failover disabled: switch:admin> zone --create -t ti -o dn bluezone -p "1,1; 2,4; 1,8; 2,6" To create a TI zone in the edge fabric with failover enabled and activate it (default settings): switch:admin> zone --create -t ti bluezone -p "1,1; 1,8; 2,-1; 3,-1" Fabric OS 6.1.x administrator guide 299 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 300
changes are not enforced until you issue the cfgEnable command: switch:admin> cfgenable "USA_cfg" You are about to enable a paths through the fabric for all devices that are not in a TI zone. 1. Connect to the switch and log in as admin. 2. Issue the zone --add command to add ports or change the - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 301
remove command, as described in "Modifying TI zones" on page 300. To delete a TI zone: 1. Connect to the switch and log in as admin. 2. Issue the zone --delete command. zone --delete name where name is the name of not appear in the effective zone configuration. Fabric OS 6.1.x administrator guide 301 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 302
To display information about TI zones: 1. Connect to the switch and log in as admin. 2. Issue the zone --show command. zone --show [ name ] where: name is the name of the zone to be displayed. If - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 303
fffc06 50:00:51:e3:95:48:9f:a0 0.0.0.0 0.0.0.0 "fcr_xd_6_9" The Fabric has 3 switches b. Issue the following commands to create and display a TI zone: E1switch:admin> zone -- TI_Zone1 Port List: 4,8; 4,5; 1,-1; 6,-1 Status: Activated Failover: Enabled Fabric OS 6.1.x administrator guide 303 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 304
:95:48:9f:a1 0.0.0.0 0.0.0.0 "fcr_xd_6_9" 9: fffc09 10:00:00:05:1e:40:f0:7d 10.32.72.9 0.0.0.0 >"E2switch" The Fabric has 3 switches b. Issue the following commands to create and display a TI zone: E2switch:admin> zone --create -t ti TI_Zone1 -p "9,2; 9,3; 9,6; 1,-1; 4,-1" E2switch:admin> zone - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 305
you to offer flexible bandwidth limit services based on requirements. • To enable more important devices to use the network bandwidth during specific services, such as network backup. To limit from a particular device: 1. Connect to the switch and log in as admin. Fabric OS 6.1.x administrator - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 306
a licensed feature. An Adaptive Networking license must be installed on every switch that is in the path between a given configured device pair. QoS can contain only WWN members (WWNN or WWPN). Domain,Index zoning is not supported. A QoS zone has a special name to differentiate it from a regular zone - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 307
between H2 and S3 is low priority. • All other traffic is medium priority, which is the default. H1 Domain 1 Domain 3 S1 1 9 H2 14 3 13 12 S2 15 = Low priority 87 = Medium priority = High priority 16 S3 Domain 2 Figure 35 QoS traffic prioritization For this fabric, you could set up - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 308
ISL for a switch running a firmware version earlier than 6.0.0, the frames are dropped. • By default, all devices are assigned medium priority. To be assigned high or low priority, hosts and targets must be connected to: • 8/8 SAN Switch or 8/24 SAN Switch • 8/40 SAN Switch • 8/80 SAN Switch • FC8 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 309
• Traffic prioritization is not supported on 10 Gbps ISLs. • Traffic prioritization is not supported on mirrored ports. • If ports. Setting traffic prioritization 1. Connect to the switch and log in as admin. 2. Issue the zoneCreate SAN Director or DC Director. Fabric OS 6.1.x administrator guide 309 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 310
310 Optimizing fabric behavior - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 311
those fabrics. A Fibre Channel router (FC router) is a switch running the FC-FC routing service. The FC-FC routing service can be used simultaneously as an FC router and as a SAN extension over wide area networks (WANs) using FCIP. FCR supports backbone-to-edge routing, allowing devices in the - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 312
to HP supported platforms by using an EX_Port or VEX_Port. • EX_Port, VEX_Port Special types of ports, called an EX_Port and a VEX_Port, function similarly to an E_Port and VE_Port respectively, but terminate at the switch and do not propagate fabric services SAN Director or DC Director containing an FR4 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 313
Channel switch IFL EX_Ports Long Distance IFL Fibre Channel switch 4/256 SAN Director Fibre channel router A switch running the FC-FC routing service. See "Supported platforms" on page 311 Fibre Channel zones to cross physical SAN boundaries without merging the fabrics while maintaining - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 314
3. • MetaSAN A metaSAN is the collection of all SANs interconnected with Fibre Channel routers. A simple metaSAN can be constructed using a 400 MP Router, the 4/256 SAN Director or DC Director with an FR4-18i to connect two fabric.The translate phantom domain is 314 Using the FC-FC routing service - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 315
SAN 1 Edge SAN 2 E_Port = LSAN Figure 39 Edge SANs connected through a backbone fabric Proxy devices A 400 MP Router, 4/256 SAN Fibre Channel frames to the proxy target. The 400 MP Router, 4/256 SAN Director or DC Director with an FR4-18i receives these frames, translates them appropriately - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 316
phantom domain can never be the principal switch of the backbone fabric. Front domains are NOTE: Management Server Platform services and interopmode are not supported in the backbone fabric. traverse the fabric through a 400 MP Router, 4/256 SAN Director or DC Director with an FR4-18i in the - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 317
fabric; this value persists across switch reboots and fabric reconfigurations. Xlate Setting up the FC-FC routing service To set up the FC-FC Routing Service, perform the following tasks: FCIP tunnels, if you are connecting Fibre Channel SANs over IP-based networks (see "Configuring FCIP guide 317 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 318
11 UNKNOWN VACANT 12 SW BLADE 51 FC8 SAN Director with an FR4-18i blade, issue the chassisConfig command to verify that the director is using configuration option 5. switch:admin> chassisconfig Current Option: 5 All Supported Options Option 5: One 384-port switch Blade ID's 17, 18, 24 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 319
disabled in the backbone fabric. switch:admin_06> msplatshow *MS Platform Management Service is NOT enabled. If the is in strict mode, ACL cannot support Fibre Channel routing in the fabric. switch:admin> fddcfg --showall Local Switch Configuration for all Databases:DATABASE - guide 319 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 320
service is enabled switch:admin> switchenable Configuring FCIP tunnels The optional Fibre Channel over IP (FCIP) Tunneling Service enables you to use "tunnels" to connect instances of Fibre Channel SANs and monitoring FCIP extension services" on page 385 for instructions on how to configure FCIP - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 321
to port 7. switch:admin> portcfgexport 7/10 -a 1 -f 30 switch:admin> portcfgexport 7/10 Port 7/10 info Admin: enabled State: NOT OK Pid format: Not Applicable Operate mode: Brocade Native Edge Fabric EX_Port frame trunking" on page 328. Fabric OS 6.1.x administrator guide 321 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 322
enable the port, and then the portCfgShow command to verify the port is enabled. switch:admin> portcfgpersistentenable 7/10 switch:admin> portcfgshow 7/10 Area Number: 74 Speed Level: AUTO Trunk Port OFF Long Port ON Mirror Port ON FC Fastwrite ON 322 Using the FC-FC routing service - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 323
is configured correctly: switch:admin> portcfgexport 7/10 Port 7/10 info Admin: enabled State: NOT OK Pid format: Not Applicable Operate mode: Brocade Native Edge Fabric 0 Lli: 0 Link_failure: 0 Loss_of_sync: 0 Loss_of_sig: 2 Frjt : 0 Fbsy : 0 Fabric OS 6.1.x administrator guide 323 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 324
7500" FCR WWN: 10:00:00:05:1e:12:e0:00, Dom ID: 100, Info: 10.32.156.50, "fcr_Brocade 7500" EX_Port FID Neighbor Switch Info (WWN, enet IP, name 4 95 "Brocade 7500" 5 95 10:00:00:05:1e:37:00:45 10.32.156.31 "Brocade 7500" 6 95 10:00:00:05:1e:37:00:45 10.32.156.31 "Brocade the FC-FC routing service - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 325
switch:admin> portdisable 7/10 2. Enable EX_Port or VEX_Port mode with the portCfgEXPort or portCfgVEXPort command. switch switch EX_Port. switch:admin EX_Port. switch:admin switch:admin> fcrrouterportcost 7/10 0 7. Issue the portEnable command to enable the ports that you disabled in step 1. switch - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 326
FCIP Tunnel 16-23 • 8-15 and FCIP Tunnel 24-31 More than two router port sets can exist in a 4/256 SAN Director or DC Director with two FR4-18i blades. you would set a proxy PID is when you replace a switch. If you replace the switch and want to continue using the old PID assignments, you can service - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 327
manually. To change the fabric parameters on a switch in the edge fabric, execute the configure command. To change the fabric parameters of an EX_Port on the 400 MP Router or 4/256 SAN those values on other HP switches. Only if you have E_Ports. EX_Port frame trunking support is designed to provide - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 328
. Backward compatibility support For backward compatibility, FCR that supports EX_Port trunking can continue to interoperate with older FCR switches and all previously supported Brocade switches in the Brocade edge fabric. port, master is 10:00:00:60:69:80:1d:bc 328 Using the FC-FC routing service - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 329
existing switch management interfaces triggers a device import. To support legacy applications, WWNs are reported Zones are defined locally on a switch or director. Names and memberships, Edge SAN 1 are defined, you do not need to consider the zones in Edge SAN 2, SANs are under separate - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 330
switches in a fabric, HP recommends that you run the defZone --show command on your Fabric OS 5.1.0 and later switches switch, default zoning configurations are created on each switch in the fabric (2.x, 3.x, 4.x or v.0.1 switches). Fabric OS 5.1.0 and later switches LSANs. switch:admin> switch:admin - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 331
switch:admin> cfgadd "zone_cfg", "lsan_zone_fabric75" switch 00:49:20:b4). switch:admin> nsshow { Type A, and Target B: switch:admin> zonecreate "lsan_zone_fabric2", correct: switch:admin> switch:admin> cfgadd "zone_cfg", "lsan_zone_fabric2" switch 12. Issue the following commands to display - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 332
switch the LSAN. switch:admin> fcrphydevshow in the LSAN. switch:admin> fcrproxydevshow Proxy the 4/256 SAN Director or DC supported only on FC routers with Fabric OS 5.3.0 and later. The FC router matrix feature is supported zone limit supported in the routers and devices supported in the backbone - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 333
• With LSAN zone binding, the metaSAN can import more than 10,000 devices and the backbone fabric can support more FC routers. • With LSAN zone binding, CPU consumption by an FC router is lower. How LSAN zone FC router matrix, and the -lsan option is used for Fabric OS 6.1.x administrator guide 333 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 334
The matrix database is not automatically distributed from this FC router to other FC routers. • You must manually configure the LSAN fabric matrix on these FC routers to match the other FC routers in the backbone other, but cannot access Fabrics 1 through 6. 334 Using the FC-FC routing service - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 335
activated to 6.0.x or 5.3.x firmware that does not support that feature, the firmwareDownload script prompts you to delete the FC router matrix binding entries prior to the firmware :00:00:60:69:c3:12:b2 (2)10:00:00:60:69:c3:12:b3 (unknown) 3. Issue - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 336
is set to 3000. You can increase the maximum LSAN count to 5000 without disabling the switch. The maximum number of LSAN devices supported is 10,000, which includes both physical and proxy devices. If you have 3000 LSAN zones the LSAN in the backbone fabric. 336 Using the FC-FC routing service - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 337
zones.) Broadcast zones are supported only on switches running Fabric OS 5.3.0 or later, so all devices that are connected to switches running earlier firmware versions will receive broadcast frames v5.3.0+ Pre-v5.3.0 Figure 42 Inter-fabric broadcast frames Fabric OS 6.1.x administrator guide 337 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 338
000 LSAN zones configurable up to a maximum of 5,000. On a dual CP switch, both CPs must have v5.3.0 code or later to select 5000. If the count of 5000 LSANs and the standby CP is running an earlier firmware version, HA synchronization will fail. If 5000 is selected before downgrading service - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 339
switch 34 11 | 6 34 12 | 6 34 13 | support FC-FC Routing Services, your FC-FC routing configuration will be lost. HP support EX_Ports on 8-Gbps ports. Downgrades are not allowed on platforms with 8-Gbps EX_Ports. For further instructions on downgrading, see "Installing and maintaining firmware guide 339 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 340
Message Reference. Backward compatibility support For backward compatibility, FCR that supports EX_Port trunking can continue to interoperate with older FCR switches and all previously supported HP switches in the edge fabric in the Fabric OS Command Reference. 340 Using the FC-FC routing service - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 341
Pid format: core(N) Operate mode: Brocade Native Edge Fabric ID: 16 Front Domain ID: 160 Front WWN: 50:06:06:9e:20:9f:ce:10 Principal Switch: 7 principal WWN: 10:00:00 = 10000, costCnt = 0, type = 1 To verify normal operation of front domain consolidation: Fabric OS 6.1.x administrator guide 341 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 342
in to an FC router tat is connected to an edge fabric switch through multiple EX_Ports from the same router. 2. Issue the portCfgShow command on each of the FC routers and edge switches and save the output. The output can be used to troubleshoot the problem. 342 Using the FC-FC routing service - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 343
72 Types of monitors supported on B-Series switch models Monitors: EE Filter ISL Top Talker 4/8 SAN Switch, 4/16 SAN Switch Yes Yes Yes No 8/8 SAN Switch, 8/24 SAN Switch, Yes Yes No Yes 8/80 SAN Switch SAN Switch 4/32, 4/64 SAN Yes Yes Yes Yes Switch, SAN Switch 4/32B, 400 Multi-protocol - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 344
available for end-to-end monitors.) The 4/8 SAN Switch, 4/16 SAN Switch, 8/8 SAN Switch, and 8/24 SAN Switch allow up to eight end-to-end monitors. The FC4-48 blade allows end-to-end monitors on all 48 ports. For the FC4-16IP blade, end-to-end monitors are supported on the FC ports (ports 0 through - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 345
receiving port respective to the SID only. In Figure 43, if you add a monitor to slot 2, port 2 on Switch x, specifying Dev B as the SID and Host A as the DID, no counters (except CRC) will be incremented. Monitoring match the entire SID and DID to trigger the Fabric OS 6.1.x administrator guide 345 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 346
all existing end-to-end monitors are deleted. End-to-end masks are not supported on the DC Director. On FC4-48 port blades, the upper 32 ports command is issued, a message displays similar to that in the following example: switch:admin> perfsetporteemask 1/2, "00:ff:ff" Changing EE mask for this port - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 347
per port, in any combination of standard filters and user-defined filters. For the SAN Switch 4/32, 4/64 SAN Switch, SAN Switch 4/32B, 400 Multi-protocol Router, and DC Director models, the maximum number of filters is 12 per port, in any combination of standard filters and user-defined filters. For - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 348
offsets per port (14 offsets when FICON Management Server mode, or fmsmode, is enabled). • 4/8 SAN Switch, 4/16 SAN Switch, 8/8 SAN Switch, 8/24 SAN Switch, and Brocade 4Gb SAN Switch for HP p-Class BladeSystem models Up to 7 different offsets per port (6 offsets when fmsmode is enabled). You can - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 349
example adds filter-based monitors: switch:admin> perfaddusermonitor 4/2, "12, 0xff, 0x05, 0x08; 9, 0xff, 0x02" "FCP/IP" User monitor #5 added switch:admin> perfaddusermonitor 1/2, "0, 0xff, " on page 356. ISL monitoring is not supported on the DC Director. Fabric OS 6.1.x administrator guide 349 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 350
SAN Switch 4/32, 4/64 SAN Switch, SAN Switch 4/32B, 400 Multi-protocol Router, and 4/256 SAN Director. Top Talker can be installed only on switches that run Fabric OS 6.0.0 or later. Top Talker monitors are not supported on the 4/8 SAN Switch, 4/16 SAN Switch Quality of Service (QoS) attributes - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 351
--show [slotnumber/]port [n] [wwn | pid] where: • slotnumber is the slot number for director-class switches only (4/256 SAN Director and DC Director) • port is the port number • n is the number of top talking flows an F_Port unless you delete fabric mode. Fabric OS 6.1.x administrator guide 351 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 352
and log in as admin. 2. Issue the perfttmon --show dom command: perfttmon --show dom domainid [n] [wwn | pid] where: • domainind is the Domain ID of the switch • n is the number of top talking flows to display (between 1 and 32) • wwn | pid is the format of the output (the default is wwn Fabric - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 353
4/8 SAN Switch, 4/16 SAN Switch, 8/8 SAN Switch, 8/24 SAN Switch models support eight filter-based monitors for trunks. • The SAN Switch 4/32, 4/64 SAN Switch, SAN Switch 4/32B, 8/40 SAN Switch, 8/80 SAN Switch, 400 Multi-protocol Router, 4/256 SAN Director and DC Director switches support 12 filter - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 354
. For 32-port blades, there are 32 ports numbered 0 to 31. • portnumber specifies a port number. Valid values for port number vary, depending on the switch type. This operand is required. • interval specifies an interval in seconds. The interval must be greater than or equal to five seconds. For end - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 355
717 717 717 513 204 The following example displays filter monitor information on a port: switch:admin> perfMonitorShow --class FLT 2/5 There are 7 filter-based monitors defined on port 21 .169.40 6 SCSI_WR WEB_TOOLS 0x000000000000033a 192.168.169.40 Fabric OS 6.1.x administrator guide 355 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 356
one of EE (end-to-end), FLT (filter-based), or ISL (inter-switch link). The --class monitor_class operand is required. • slotnumber is for bladed the port on which the monitor counter is to be cleared. For all other switches, this operand is not required. The slot number must be followed by a slash - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 357
switch:admin> perfMonitorClear --class EE 1/2 5 End-to-End monitor number 5 counters are cleared switch ISL monitor: switch:admin> prevent the switch configuration flash per switch is limited switch exceeds 512. If the total number of monitors per port or switch the switch and switch: switch - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 358
• To clear the previously saved performance monitoring configuration settings from nonvolatile memory, use the perfCfgClear command: switch:admin> perfcfgclear This will clear Performance Monitoring settings in FLASH. The RAM settings won't change. Do you want to continue? (yes, y, no, n): [no] y - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 359
switches to allow formation of the fabric. Information about switch characteristics and capacity in terms of buffers per port group, port speed, and distances supported byte frame alignment. The standard frame header size is 24 bytes. If applications require extensive control information, up guide 359 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 360
Channel data frames Start of frame 4 bytes Standard frame header 24 bytes Data (payload) {0 - 2,112} bytes CRC buffers on a particular port or to support a long-distance link up to 500 km made by this command are persistent across switch reboots and power cycles. Issue the - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 361
2. 6 = the number of buffer credits reserved for Fabric Services, Multicast. and Broadcast traffic. This is a static number. 8 Gbps/ 2) + 6 = 206 buffers For example: Consider the 8/24 SAN Switch, which has 24 ports and 676 total buffers The maximum remaining number of buffer credits after each - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 362
ISLs, all buffers available to a group are used to support one port at up to 120 km. Displaying the 11 U - 8 12 - 8 13 - 8 14 - 8 15 - 8 16 U - 8 17 U - 8 18 U - 8 19 - 8 20 U - 8 21 U - 8 22 U - 8 23 U - 8 switch:admin> Buffer Needed Usage - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 363
BladeSystem 1420/24 *1516/24 272/12 Brocade 4Gb Golden Eye 24 SAN Switch for HP c-Class BladeSystem 272/24 Brocade 8Gb Golden Eye2 24 SAN Switch for HP c-Class BladeSystem 272/24 Reserved buffers for ports 0 8 8 8 8 8 8 8 8 8 8 8 8 N/A 8 8 8 8 8 8 Fabric OS 6.1.x administrator guide - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 364
supported for the L0 and LD extended ISL modes only, and is persistent across reboots, switch 16 FC ports. The two Gigabit Ethernet ports provide SAN extension over IP networks using FCIP. • The FC4 . It is used to implement the iSCSI Gateway Service. The Gigabit Ethernet ports are used to connect - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 365
• Use only qualified HP branded SFPs. • For fabrics that contain B-Series 2Gb switches, contact HP support for details on which parameters to set. • For Fabric OS 3.x or 4.x, contact HP for details on which ISL R_RDY mode; otherwise, it must be reset to 0. Fabric OS 6.1.x administrator guide 365 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 366
ISL modes with the portCfgLongDistance command when the Extended Fabrics license is activated. Table 77 Extended ISL modes: B-Series 2Gb Switches (Bloom and Bloom II ASICs) Mode Buffer allocation Distance @ 1 1 Gbps 2 Gbps Gbps Distance @ 2 Gbps Earliest Fabric OS release Extended Fabrics - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 367
. Connections between the HP StorageWorks SAN Switch 4/32, 4/32B, 4/64 SAN Switch, 400 MP Router, 8/8 SAN Switch, 8/24 SAN Switch, 8/40 SAN Switch, 8/80 SAN Switch, 4 Gb SAN Switch for HP c-Class BladeSystem, 8 Gb SAN Switch for HP BladeSystem c-Class, and the 4/256 SAN Director using the FC4 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 368
where supported. The maximum number of ports per trunk and trunks per switch depends on the HP model. NOTE: Director blade model FC10-6 does not support trunking standard guidelines for SAN design: • Evaluate the traffic patterns within the fabric. • Place trunking-capable switches adjacent to each - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 369
as by adding, removing, or reconfiguring ISLs and trunking groups in problem areas. There are three methods of monitoring fabric traffic: • Advanced on the switch and send alerts when the traffic exceeds or drops below configured thresholds. See the Fabric Watch Administrator's Guide for additional - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 370
to display the overall status of specific ports. See the Fabric Watch Administrator's Guide for additional information. • The Fabric OS CLI portPerfShow command allows you to display throughput information for all ports on the switch. Data displays in 8 or 16 columns, one column per port plus one - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 371
. The format is: switchcfgtrunk mode Mode 1 enables and mode 0 disables ISL Trunking for all ports on the switch. The following example enables trunking all ports in the switch: switch:admin> switchcfgtrunk 1 Committing configuration...done. switch:admin> Fabric OS 6.1.x administrator guide 371 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 372
with the appropriate blades, the 8/8 SAN Switch, 8/24 SAN Switch, 8/40 SAN Switch, 8/80 SAN Switch, 8 Gb SAN Switch for HP BladeSystem c-Class, and the 8 Gbps supported SFPs installed. The 8/8 SAN Switch, 8/24 SAN Switch, 8/40 SAN Switch, and 8/80 SAN Switch support long-distance modes L0, LE, LS - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 373
, Brocade 4Gb SAN Switch for HP c-Class BladeSystem, SAN Switch 4/32, 4/64 SAN Switch, SAN Switch 4/32B, 400 Multi-protocol Router and 4/256 SAN Director only) • 8-eight Gbps mode. Fixes the port at a speed of eight Gbps. (HP StorageWorks 4/256 SAN Director, 8/8 SAN Switch, 8/24 SAN Switch, 8/40 SAN - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 374
must be set to 1; otherwise, it must be reset to 0. Trunking distances Enhanced trunking support for switches with Condor ASICs is summarized in Table 79. Table 79 Trunking support for SAN Switch 4/32, 4/32B and 4/64 SAN Switch (Condor ASIC) Mode LE LD LD LD Distance 10 km 200 km 250 km 500 km - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 375
Port ID when F_Ports go offline and it increases F_Port bandwidth. This feature supports the HP StorageWorks SAN Switch 4/32, 4/32B, 4/64 SAN Switch, 8/8 SAN Switch, 8/24 SAN Switch, 8/40 SAN Switch, 8/80 SAN Switch, 4/256 SAN Director and the DC Director enterprise-class platforms running Fabric OS - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 376
in AG mode with F_Port masterless trunking. Figure 47 Switch in Access Gateway mode without F_Port trunking Figure 48 Switch in Access Gateway mode with F_Port masterless trunking NOTE: You do not need to map the host to the master port manually because Access Gateway performs a cold failover to the - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 377
ELS's are not supported on F-Port trunks. The port must be disabled before assigning a Trunk Area on the edge switch to the port or on switch. Upgrading is not disruptive. If you plug in a standby-CP with a firmware earlier than Fabric OS 6.1.x and a Trunk Area is present on the switch, guide 377 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 378
is fastwrite enabled, the port cannot be assigned a Trunk Area. FICON is not supported on F_Port trunk ports. However, FICON can still run on ports that are not F_Port trunked within the same switch. F_Port masterless trunking is supported on ports 16-43 on the FC8-48 blade. On the FC8-48 and - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 379
a quad is a set of sequential ports, for example ports 0-3 in Figure 49. The HP StorageWorks 8/8 SAN Switch, 8/24 SAN Switch, 8/40 SAN Switch and the 8/80 SAN Switch platforms support a trunk group with up to eight ports. The trunking groups are based on the Fabric OS 6.1.x administrator guide 379 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 380
switch. Figure 49 Trunk group configuration for the SAN Switch 8/40 To set up F_Port trunking: 1. Connect to the switch and log in as admin. 2. Ensure that both modules (edge switch and the switch F_Port trunking will not support shared area ports 16 21 20 19 18 17 16 15 14 13 12 11 10 9 8 7 6 5 4 3 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 381
(ports still disabled): switch:admin> porttrunkarea --show enabled switch:admin> portenable 10/13 switch:admin> portenable 10/14 6. Show the TA port configuration after enabling the ports: switch a stand-alone switch using ports 36 with area number 37: switch:admin> porttrunkarea --enable - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 382
4. Show switch/port information: switch:admin> switchshow switchName: 1 -2 2 -3 3 -4 4 -5 5 -6 6 -7 7 -8 8 id 9 9 -10 10 -11 11 -12 12 -13 13 -14 14 -15 15 -16 16 -17 17 -18 18 -19 19 -20 20 -21 21 -22 22 - 23 23 -24 24 -25 25 -26 26 -27 27 -28 28 -29 29 -30 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 383
switch TA 37 that includes ports 36-39: switch:admin> porttrunkarea --show trunk Trunk Area 37 switch and log in as admin. 2. Issue the portTrunkArea --disable command. switch and then reissue the command: switch:admin> porttrunkarea --disable 36-39 no longer part of the switch. Any Domain,Index (D,I) - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 384
adds the Index back to the switch. For example, the same AD1 and AD2 switch. That means AD1's 3,7 can be seen by AD1 along with 3,8; 4,13 and 4,14. Trunking for Access Gateway On switches links on the AG switch to an adjacent edge switch. Following are the the switching ASICs within a switch in AG - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 385
services FCIP) enables you to connect Fibre Channel SANs over IP-based networks. 400 Multi- ports and 16 virtual ports. Each GbE interface can support up to 8 FCIP tunnels, which are represented as 18 3 19 4 20 5 21 6 22 7 23 ge1 0 24 1 25 2 26 3 27 4 28 5 29 6 30 7 guide 385 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 386
VEX_Port enables FC-FC Routing Service functionality over an FCIP tunnel. Office FC SAN VE_Port Brocade 7500 Brocade 48000 with FR4-18i Blade Office FC SAN Office FC SAN Brocade 48000 with than the WAN can support or your FCIP tunnel may not be stable. 386 Configuring and - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 387
supports SAN extension between 400 Multi-protocol Routers or between FR4-18i blades installed on 4/256 SAN Directors or DC SAN Backbone Directors. The 400 Multi-protocol Router and FR4-18i both have16 physical Fibre Channel ports and two physical GbE ports. NOTE: The FCIP Tunneling Service Service - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 388
100 High QoS 12 51 / 110011 supports network-level data integrity, data confidentiality, data origin authentication, and replay protection. It helps secure your SAN against network-based attacks from untrusted computers, attacks that can result in the denial-of-service of applications, services - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 389
. • To change the configuration of a secure tunnel, you must delete the tunnel and re-create it. • Jumbo frames are not supported for IPSec. • There is no RAS message support for IPSec. • Only a single route is supported on an interface with a secure tunnel. Fabric OS 6.1.x administrator guide 389 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 390
authentication method Preshared key 3DES encryption Key length of 168 bits AES encryption Key length of 128 or 256 390 Configuring and monitoring FCIP extension services - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 391
a new policy: 1. Log in to the switch as admin. 2. Issue the policy command to create is any whole number from 1 through 32. The supported type of encryption. Valid options are 3DES, AES-128 only). SHA-1 is the default. The Diffie-Hellman group. Supported groups are Group 1 and Group 14. Group 1 is - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 392
authentication, and Diffie-Hellman Goup 1: switch:admin06> policy --create ike 10 IPSec policy settings: 1. Connect to the switch and log in using an account assigned to example, there are two IKE policies. switch:admin06> policy --show ike all in to the switch as admin. 2. Issue the following - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 393
an FCIP tunnel: 1. Log in to the switch as admin. 2. Issue the portShow fcipTunnel command: switch:admin06> portshow fciptunnel 8/ge0 3 -ipsec Port: Max Retransmissions 9 Status : Active Uptime 1 day, 23 hours, 24 minutes, 46 seconds IKE Policy 7 Authentication Algorithm: MD5 Encryption: guide 393 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 394
FCIP fastwrite and tape pipelining. Supported only in Fabric OS 5.2.x and Each GbE port supports up to 2048 Each GbE port supports up to 2048 mutually exclusive. Does not support multiple equal-cost path fastwrite. Does not support multiple equal-cost path not support multiple non-equal-cost - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 395
fastwrite/tape pipelining configurations To help understand the supported configurations, consider the configurations shown in the Figure and tape pipelining The configurations shown in Figure 53 are not supported with fastwrite and tape pipelining. These configurations use multiple equal-cost - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 396
basic topology shown in Figure 54. FC Fastwrite provides accelerated speeds for SCSI Write operations over long distance Fibre 396 Configuring and monitoring FCIP extension services - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 397
Service (FRS) rather than FCIP. FC Fastwrite is supported in Fabric OS 5.3.x and later. Figure 54 Typical network topology for FC Fastwrite Platforms and OS requirements for FC Fastwrite Fabric OS supports FC Fastwrite between two 400 Multi-Protocol Routers, two 4/256 SAN administrator guide 397 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 398
the data must be held by the remote switch. FC Fastwrite flow configuration requirements FC Fastwrite with other devices that do not support FC Fastwrite. An FC Fastwrite specific Routers or two 4/256 SAN Directors or DC Director Fibre Channel) Routing Service provides Fibre Channel routing between two or - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 399
case of the 400 Multi-Protocol Router, the router is rebooted. The process takes up to five minutes. switch:admin> fastwritecfg --enable slot where slot is the slot number in which the FR4-18i blade is installed. on the other end of the FC Fastwrite path. Fabric OS 6.1.x administrator guide 399 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 400
: 2 Fbsy: 0 Lli: 12 Loss_of_sig: 4 Proc_rqrd: 13 Protocol_err switch:admin> fastwritecfg --disable slot where slot is the slot in which the FR4-18i is installed. A slot number is not required for the 400 Multi-Protocol Router. 400 Configuring and monitoring FCIP extension services - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 401
using the portcfg fciptunnel command. See "FICON fabrics" on page 423 for specific instructions. 10. If you are implementing FICON emulation, configure FICON emulation using the portcfg ficon command. See "FICON fabrics" on page 423 for specific instructions. Fabric OS 6.1.x administrator guide 401 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 402
on page 423 for specific instructions. 12. Check the configuration using the ports. To configure a VEX_Port: 1. Connect to the switch and log in using an account assigned to the 1|2|3 -t 1|2 The number of a slot in a 4/256 SAN Director or DC Director chassis that contains an FR4-18i blade services - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 403
The number of a slot in a 4/256 SAN Director or DC Director chassis that contains an supports jumbo packets, a value of 2284 can improve performance. By default, the virtual ports automatically become VE_Ports. 2. Define IP routes on a GbE port. After defining the IP interface of the remote switch - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 404
successfully created: switch:admin06> portshow iproute 168.11.0 255.255.255.0 192.168.100.1 1 192.168.12.0 255.255.255.0 192.168.100.1 1 3. If you are service] [-n num-requests] [-q type-of-service] [-t ttl] [-v vlan tag] [-w wait-time] [-z size] where: slot is the number of a slot in a 4/256 SAN - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 405
"" on page 421 for specific information and instructions. NOTE: HP recommends that you run ipperf only when there rates in both directions. 1. Connect to the switch and log in an account assigned to the the number of a slot in a 4/256 SAN Director or DC Director chassis that contains an FR4 guide 405 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 406
values is 12 through of service of 3 for control traffic, and a layer 2 class of service of HP recommends that you verify that the tunnel configuration operation succeeded using the portShow fcipTunnel command (be sure to specify the slot/port numbers and number of tunnels). 1. Connect to the switch - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 407
The following example shows an active tunnel with FCIP fastwrite and tape pipelining enabled: switch:admin06> portshow fciptunnel ge0 all Tunnel ID 1 Remote IP Addr 192.168.1.2 Local IP point, all configured FCIP tunnels now appear in the fabric as VE_Ports. Fabric OS 6.1.x administrator guide 407 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 408
switch:admin06> portenable 8/18 switch:admin06> portenable 8/19 switch:admin06> switchshow switchName:switch enable a persistently disabled port: 1. Connect to the switch and log in using an account assigned to the enabled: switch:admin06> portcfgpersistentenable 8/16 switch:admin06> - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 409
switch:admin06> portcfgpersistentenable 8/18 switch:admin06> portcfgpersistentenable 8/19 switch:admin06> portcfgshow Ports of Slot 8 0 1 2 3 4 5 6 7 8 9 10 11 12 21 22 23 24 25 26 27 ON ON ON EX Port switch:admin06> where AN:AutoNegotiate switch and log in using an account assigned - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 410
time -r retransmissions -q control_dscp -Q data_dscp -p control_L2Cos -P data_L2Cos is the number of a slot in a 4/256 SAN Director or DC Director chassis that contains an FR4-18i blade. This parameter does not apply to 0-7; the default is 0. 410 Configuring and monitoring FCIP extension services - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 411
switch switch Service tagging value. • tunnel_id is in the range 0-7 • --default resets or sets the virtual channel QoS map to default values • --delete deletes the associated QoS map configuration file. Delete QoS mappings before downgrading to pre-6.0.0 firmware versions that do not support switch - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 412
tag table through their own configuration procedures. Manual entries are needed on both the local range 1 - 4094) • L2CoS is the layer 2 class of service (range 0 - 7) • dest_IP_addr is the destination IP address. performance characteristics between a pair of HP FCIP port endpoints. WAN tools include - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 413
active on an FCIP GbE port at any time. Each FCIP port supports a single instance of the WAN tool-embedded client running in only sender tunnel is online. You can, for example, revalidate the service provider Service Level Agreement (SLA) without bringing the FCIP tunnel down, guide 413 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 414
and includes the IP header and payload. There is a limited support for black hole PMTU discovery. If the Jumbo PMTU (anything over 1500) does session can be used for the following functions: • Validate a service provider Service Level Agreement (SLA) throughput, loss, and delay characteristics. - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 415
. This value is measured in bytes and includes the IP header and payload. Note: there is limited support for black hole PMTU detection. If the Jumbo PMTU (anything over 1500) does not work, - -ippert (refresh) interval: 30 seconds • Default size: 1MSS Fabric OS 6.1.x administrator guide 415 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 416
table entry will be dynamically maintained by the ippert application. The Class of Service/Priority as defined by IEEE 802.1p. Values must be in the range between VLAN connection when you do not have an active FCIP tunnel, you must manually add entries to the VLAN tag table on both the local and remote - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 417
L2_Cos The number of a slot in a 4/256 SAN Director or DC Director chassis that contains an FR4- The default size is 64 bytes. Specifies Class of Service/Priority, as defined by IEEE 802.1p. Values not have an active FCIP tunnel, you must manually add entries to the VLAN tag table on both guide 417 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 418
See the portCfg help page for details on creating a VLAN tag table. Specifies Class of Service/Priority, as defined by IEEE 802.1p. Values must be in the range between 0 options. The command syntax is as follows: switch:admin06> portshow fciptunnel [Slot]/ge0|ge1 -perf -params 418 Configuring - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 419
example shows the portCmd fcipTunnel with the -perf option to display performance characteristics of tunnel 0. switch:admin06> portshow fciptunnel 8/ge0 all -perf Slot: 8 Port: ge0 Tunnel ID 0 Remote Bytes 556200 Bps 30s avg, 491394 Bps lifetime avg Fabric OS 6.1.x administrator guide 419 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 420
following example shows the portCmd fcipTunnel with the parameters options to display the parameters of tunnel 0: switch:admin06> portshow fciptunnel 8/ge0 0 -params Slot: 8 Port: ge0 Tunnel ID 0 Remote pkt/s lifetime avg 207859776 input Bytes 420 Configuring and monitoring FCIP extension services - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 421
fciptunnel 10. If you are implementing FICON portcfg ficon emulation, configure FICON emulation. 11. If you are implementing FTRACE, configure FTRACE. portcfg ftrace 12. Verify FCIP tunnels. portshow fciptunnel 13. Enable the ports. portpersistentenable Fabric OS 6.1.x administrator - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 422
422 Configuring and monitoring FCIP extension services - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 423
IBM SAN (SG24-6116-06) and the HP StorageWorks Mainframe connectivity design guide (AA-RWF4E-TE). The following Fabric OS standard features support for FICON hosts and devices connected to a switch. It supplements other MIBs used to manage switches and should be used in conjunction with those other - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 424
FICON FICON protocol is supported on the HP StorageWorks 4/256 SAN Director and DC SAN Backbone Director, short name, DC Director. Contact your HP storage representative for FICON support on switches not listed here. The following port blades can exist in a FICON environment; however, FICON - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 425
for the switch. ficoncupshow modereg Displays the mode register bit settings for the switch. NOTE: The Fabric OS CLI supports only a subset • Web Tools-Web Tools Administrator's Guide • Data Center Fabric Manager-Data Center Fabric Manager Administrator's Guide • SNMP Agent and FICON Management - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 426
command). If DLS is enabled, traffic on existing ISL ports might be affected when one or more new ISLs is added between the same two switches. Specifically, adding the new ISL might result in dropped frames as routes are adjusted to take advantage of the bandwidth provided. By disabling DLS, you - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 427
line. For GUI-based procedures, see the Web Tools Administrator's Guide for configuring the routing policy using the FICON tab in Web Tools. 4. Issue the ficonshow rnid command to verify that the FICON devices are registered with the switch. 5. Issue the ficonshow lirr command to verify that the - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 428
interface to a FICON Control Unit interface. Channel A Switch Domain ID = 21 Switch Domain ID = 22 Figure 56 Cascaded configuration, two switches Channel A Switch Domain ID = 21 Switch Domain ID = 22 Control Unit B Control Unit C Switch Domain ID = 23 Figure 57 Cascaded configuration, three - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 429
switch and log in as admin. 2. Verify that the switch has a unique Domain ID. If it does not, set a unique Domain ID. For instructions switch: switch Switching [no] Switch Operating Mode ( services (yes, y, no, n): [no] Portlog events enable (yes, y, no, n): [no] Committing configuration...done. switch - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 430
is the original port number. • portB is the alternate port number. You can use the portSwapShow command to display information about swapped ports in a switch. You can use the portSwap command to disable the portswap feature. You cannot use the portSwap command after this feature is disabled. The - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 431
1. Connect to the switch and log in as switches using CUP protocol by sending commands to an emulated control device in the Fabric OS. An HP StorageWorks switch that supports a CUP license on the switch. See "Enter the information switch is offline or online. If fmsmode is changed while the switch - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 432
mode is on. See the procedure "Persistently enabling and disabling ports" on page 435 for instructions. Changing fmsmode from disabled to enabled triggers the following events: • Access to switch parameters is serialized. • The active CUP configuration data is established as follows: • Port and - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 433
the switch: switch:admin> ficoncupshow fmsmode fmsmode for the switch: a SAN with B- and M-Series switches. The default value is 15 seconds. 1. Log in to the switch as admin. 2. Disable the switch. and 600. Example: setting the MIHPTO value switch:admin> ficoncupsetMIHPTO 447 The input value of - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 434
1 (on). User alert mode. When this bit is set on, a warning is issued when an action is attempted that will write CUP parameters on the switch. The default setting is 0 (off). Active=saved mode. When this bit is set on, all CUP configuration parameters are persistent, meaning that they will be - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 435
files that contain nonprintable characters should not be edited manually because many editors replace nonprintable characters with some other characters without warning you first. • CUP has a 24-character unique port name limitation; Fabric OS supports port names up to 32 characters long. When - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 436
maximum of 16 configuration files, including the IPL file, are supported. You can upload the configuration files saved on the switch to a management workstation using the configUpload command. If the switch loses the configuration due to a hardware failure or filesystem error, use the configDownload - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 437
with Active=Saved mode disabled See "Maintaining the switch configuration file" on page 145 for more information switch, which are also present in the FICON_CUP section, are overwritten. The files in the FICON section of the configuration file, which are not currently on the switch, are saved on the switch - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 438
Type: _________ Model: ______ S/N: ________ HCD Defined Switch ID_________(Switch ID) FICON® Switch Domain ID_________(Switch @) Cascaded Directors No _____Yes _____ Corresponding Cascaded Switch Domain ID _____ Fabric Name FICON® Switch F_Ports Attached N_Ports / E_Ports (CU, CPC, or - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 439
switch numbering, see the IBM publication FICON® Implementation Guide (SG24-6497-00) and the HP StorageWorks Mainframe connectivity design guide 22FE,22FE) IODEVICE ADDRESS=(0D9,1),CUNUMBR=0D9,UNIT=2032,STADET=Y,UNITADD=00 Brocade Domain_ID=25 (in hex CNTLUNIT CUNUMBR=0DB,UNITADD=00,UNIT=2032, - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 440
440 FICON fabrics - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 441
and directors There are three configuration issues to consider when a SAN router is connected to a switch in a FICON configuration. • Ensure enough buffer credits are configured to support extending the FICON channel over distance. • If you are creating a cascaded configuration (connecting two - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 442
only one Ethernet connection between the 400 MP Router SAN routers or FR4-18i blades using only one IP Brocade Mi10K or M6140 Director Element Manager User Manual for specific information about implementing the allow/prohibit feature. FICON emulation concepts and features FICON emulation supports - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 443
Remote Copy (XRC) application is a DASD application that implements disk mirroring, as supported by the disk hardware architecture and a host software component called System Data Mover (SDM features are enabled: • XRC emulation. • tape write pipelining. Fabric OS 6.1.x administrator guide 443 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 444
will be withheld from the channel. This limits processing to what the network and device can support. Too small a value limits pipelining performance. Too large a value results in too much data config -x 1 -w 1 -r 1 -t 1 -l 1 oxidbase 0x7000 444 Configuring and monitoring FICON Extension Services - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 445
ge1 all Port: ge1 VE_STATUS TunnelId vePort vePortStatus veFeatureBitMap veHashEntryCount 0 24 UP 1 2 1 ff DOWN 0 0 2 ff DOWN 0 slot is the number of a slot in a 4/256 SAN Director or DC Director chassis that contains an FC4-18i blade disable. Fabric OS 6.1.x administrator guide 445 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 446
chain will be withheld from the channel. This limits processing to what the network and device can support. Too small a value limits pipelining performance. Too large a value results in too much data being are general FICON Controls/Statistics. 446 Configuring and monitoring FICON Extension Services - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 447
support personnel. FICON emulation monitoring The -emul argument can be used to monitor FICON emulation. The following is an example: switch 2463016406050001 breaks down as follows: VE HD HP DD DP LP CU DV 24 63 01 64 06 05 00 01 Size | Fabric OS 6.1.x administrator guide 447 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 448
| 19436| 0| 0| 183111| 32760| |0x10045000|2463046402050102|H| 0x00| N/A|0000|0000| 19456| 0| 0| 183111| 32760| |0x10048000|2463046402050103|H| 0x00| N/A|0000|0000| 19404| 0| 0| 183111| 32760| 448 Configuring and monitoring FICON Extension Services - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 449
| |0x104B5400|24B102B20F1109F9|H| 0x00|0000|000F|0000|05E8| 4185|155| 38116| 22943| |0x104B5C00|24B102B20F1109FD|H| 0x00|0000|000F|0000|07E2| 3755|143| 40929| 24885| Fabric OS 6.1.x administrator guide 449 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 450
450 Configuring and monitoring FICON Extension Services - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 451
SAN Switch, 4/16 SAN Switch, SAN Switch 2/8V, SAN Switch 2/16V, SAN Switch 2/32, SAN Switch 4/32, SAN Switch 4/32B, 4/64 SAN Switch, 8/8 SAN Switch, 8/24 SAN Switch, 8/40 SAN Switch, 8/80 SAN Switch, 400 Multi-protocol Router, Brocade 4Gb SAN Switch for HP p-Class BladeSystem, Brocade 4Gb SAN Switch - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 452
the introduction of the Brocade 4/8 SAN Switch, 4/16 SAN Switch, SAN Switch 2/8V, SAN Switch 2/16V, SAN Switch 2/32, Brocade 4 Gb SAN Switch for p-Class BladeSystem, SAN Switch 4/32, SAN Switch 4/32B, Core Switch 2/64, SAN Director 2/128, 4/256 SAN Director, and DC SAN Backbone Director (short name - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 453
command. Before downgrading firmware, change the PID back to supported PIDs such as Core Switches that are queried using outside calls should be configured using PID 1 (core PID) to ensure that the correct port numbering is used in other management applications. Fabric OS 6.1.x administrator guide - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 454
for new switch. and later Host reboot is not required. 3.1.2 and later/6.0 Change fabric to Core PID. Extended Edge is not supported in Fabric any multipathing software will respond to a fabric service interruption. If current details about the SAN are already available, it might be possible to - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 455
firmware versions • Multipathing software versions • HBA time-out values • Multipathing software timeout values • Kernel timeout values • Configuration of switch 2. Make a list of manually to work with the support providers of these devices PID binding problem with either AIX or HP/UX. It guide 455 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 456
redundant fabric SAN architecture). Schedule a time for the update when the least critical traffic is running. All switches running any the PID format change on these switches. Migrating from manual PID binding (such as persistent binding on an HBA) to manual WWN binding and upgrading drivers to - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 457
any hybrid procedure is extremely customized, it is necessary to work closely with the SAN service provider in these cases. Changing to core PID format In Fabric OS release 4.2.0 and later, Native PID format is not supported; the default format is the Core PID format. In Fabric OS 3.1.2 and later - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 458
Switch PID Address Mode: (0..2) [1] < Set mode number here. Per-frame Route Priority: (0..1) [0] Long Distance Fabric: (0..1) [0] IMPORTANT: Per the example above, not all PID modes are compatible. See "Selecting a PID format" on page 453 for details on the supported the 4/256 SAN Director with - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 459
HP support the addressing mode: • SAN Switch 2/8EL and SAN Switch 2/16-3.1.2 • Brocade 4 Gb SAN Switch for p-Class BladeSystem-5.0.0 • SAN Switch 2/8V, SAN Switch 2/16V, SAN Switch 2/32, Core Switch 2/64, SAN Director 2/128, Brocade 4/8 SAN Switch, 4/16 SAN Switch, 4/256 SAN Director, 4/64 SAN Switch - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 460
HP-UX procedure This procedure is not intended to be comprehensive. It provides a starting point from which a SAN administrator could cfgEnable [effective_zone_configuration]. For example: cfgEnable my_zones 12. Issue the switchEnable command. Enable the core switches first, and then the edges. 13. - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 461
the NO_HW entry is no longer listed: het46 (HP-50001)> ioscan -funC disk Class I H/W Path It provides a starting point from which a SAN administrator can develop a site-specific procedure for all I/O going to all volumes connected through the switch or fabric to be updated. 3. If you are guide 461 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 462
command. Enable the core switches first, and then the edges. 12. Rebuild the device entries HP StorageWorks 4/8, 4/16, 4/32, 4/32B, 4/64, 8/8 SAN Switch, 8/24 SAN Switch, 8/40 SAN Switch, 8/80 SAN Switch, Brocade 4 Gb SAN Switch for p-Class BladeSystem, Brocade 4 Gb SAN Switch for c-Class BladeSystem - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 463
5. Verify that the port area IDs have been swapped: portswapshow A table is shows the physical port numbers and the logical area IDs for any swapped ports. 6. Disable the port swap feature: portswapdisable Fabric OS 6.1.x administrator guide 463 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 464
464 Configuring the PID format - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 465
level? For example, the password for admin for switch 0 can be different from password for admin for switch 1. Yes for Core Switch 2/64. n/a for all other switches. root, factory, admin, user; administrative account is called USERID Supports the userRename command. 8 - 40 characters with printable - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 466
prompted for change. The accounts with non-default password will not be prompted. Is a user forced to answer password prompts before getting access to the firmware? No, users can enter Ctrl-c to get out of password prompting. No, users can enter Ctrl-c to get out of password prompting. Do users - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 467
outcome of password settings when upgrading or downgrading firmware for various Fabric OS versions. Table 99 Password migration behavior during firmware upgrade/downgrade Topic 4.4.0 to 5.0.1 5.0.1 and when one or more types of passwords are lost. Fabric OS 6.1.x administrator guide 467 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 468
command. Use passwd command to set other passwords. Use passwdDefault command to set all passwords to default. How to recover boot PROM n/a password? Contact HP and provide the recovery string. See "Boot PROM password" on page 83 for more information. How do I recover a user, admin, or Contact - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 469
on HP supported interop configurations, see the HP StorageWorks Fabric interoperability application notes for merging B-Series fabrics with fabrics based on C-Series and M-Series Fibre Channel switches on the following HP website: http://h18000.www1.hp.com/products/storageworks/san/documentation - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 470
470 Interoperating with an M-EOS fabric - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 471
pages and steps have been provided to integrate the 400 MP Router in a fabric with the HP StorageWorks Multi-protocol Router. The figures in the following pages demonstrate how the 400 MP Router should old router, before it is introduced in the metaSAN. Fabric OS 6.1.x administrator guide 471 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 472
. Figure 60 Configuration during the upgrade The switch Domain ID and backbone fabric ID of the new FC router can be identical. Once the metaSAN is stable, EX_Ports on the new router are - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 473
Figure 62 Dual backbone fabric configuration Fabric OS 6.1.x administrator guide 473 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 474
the upgrade process, these devices will face disruption unless there is redundancy support provided from the device end. 400 MP Router allows the end devices by issuing the configure command, if they are not default. 7. Manually configure additional values as necessary: • To match the xlate Domain - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 475
normal ISL links including the following: • Coordinated fabric services: The Remote Switch fabric configuration fully supports all fabric services, including distributed name service, registered state change notification, and alias service. • Distributed management: Management tools such as Advanced - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 476
gateway vendor for supported and qualified configurations. suppress class F traffic on a switch: switch:admin> switchdisable switch:admin> configure Configure... Fabric parameters no] Arbitrated Loop parameters (yes, y, no, n): [no] System services (yes, y, no, n): [no] Portlog events enable (yes, - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 477
ali2 effective: cfg1 defined: cfg1 zone1: ali1; ali2 effective: none Switch A and Switch B have different defined configurations. Switch B has an enabled configuration. defined: cfg2 zone2: ali3; ali4 the two, with cfg1 as the effective configuration. Fabric OS 6.1.x administrator guide 477 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 478
types. effective: zone1: MARKETING effective: cfg1: MARKETING Switch A does not have Traffic Isolation (TI) zones. Switch B has TI zones. defined: cfg1 Switch A has TI zones. Switch B has identical TI zones. Switch A has a TI zone. Switch B has a different TI zone. defined: cfg1 TI_zone1 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 479
merging scenarios (continued) Description Switch A Same default zone access mode defzone: allaccess settings. Switch B defzone: allaccess Same configuration from Switch B propagates to fabric. Fabric segments because Switch A has a hidden zone configuration (no access) activated and Switch B has - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 480
480 Zone merging scenarios - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 481
service requests 69 aaaConfig command 71, 82, 83 access browser support 94 changing account parameters 63 control 102 CP blade 74 creating accounts 62 deleting accounts 62 IP address changes 24 log in fails 24 NTP 32 other devices 45 other switches 167, 168 firmware upgrade 161 implementing guide 481 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 482
VT to iSCSI initiator 264 local 83 method 271 mutual 257 one-way 257 switch-to-iSCSI initiator 257 auto-leveling, FR4-18i blade 183, 191 B backbone fabric zones 204 Brocade 48000 262 Brocade Vendor-Specific Attribute 71 browser and Java support 94 browser, configuration 98 browsers support 94 C - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 483
RADIUS servers 83 date and time 30 discovery domain access control, manual 271 discovery domain set access control, manual 271 discovery domain sets 271 discovery domains 271 FC4-16IP blade 261 FibreAlliance MIB 100 FICON environment switches for 426 gigabit Ethernet 263 HTTPS access 94 IAS 76 IAS - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 484
values displaying 374 devices, connecting 45 devices, proxy 315 dictionary.brocade 73 disabled zone configuration 199 disabling 45 port 45 RADIUS configuration 82 switch 44 disabling and enabling a port 45 disabling and enabling a switch 33 disabling and enabling cards 229 discovery domain sets 256 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 485
103 filter-based monitors 347 adding 347 deleting 349 FIPS 186 firmware download 176 fosConfig disable isnsc 283 enable 259, 262 enable isnsc 260, 282 show 262, 281, 282, 283 frame transfer with brocade remote switch 475 FreeRADIUS 74 fru failures 430 fru failures, monitoring in FICON environments - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 486
Explorer 94 internet storage name service. See iSNS interswitch link 46 IP switch address 33 IP address service 276 iSCSI gateway service enabling 262 iSCSI initiators 253 supported 259 from 270 displaying LUN map 271 limiting access to 256 manual creation 268 state and status 271 user-defined 270 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 487
changing password 64 switch 24 with Admin Domains 157 login sessions, maximum allowed 57 LSAN 329 LUN 254, 277 mapping 268 mapping to iSCSI VTs 254 LUN mapping 254 LUNs deleting 270 display map 271 mapped via IQNs 265 mapping 270 virtual target creation 265 LWL ISL Trunking support for 367 M MAC - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 488
465 password migration during firmware changes 467 password policies 65 the update procedure 456 platforms, FC routing supported 311 POD activating 40 enabling ports 45 policy a card 229 powering port cards on and off 229 preparing a switch 426 primary FCS 247 private key 95 PROM password 83, 84 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 489
switch configuration 75 RADIUS server 72 configuration 74 configuring 74 LINUX configuration 74 RADIUS service 97 and tunneling 388 Brocade MIB 99 browsers 94 certificates 96 secure protocols, supported 89, 90 SNMP traps devices 394, 442 serial connection 24, 25 sessions, maximum allowed guide 489 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 490
HP 22 summary of PID formats 451 summary of SSL procedures 95 support FC router 116 Java version 94 SNMPv3 and v1 99 Supported Services 126 swapping port area IDs 462 swapping ports 430 SW-EXTTRAP 100 switch 31 tunneling and security 388 U upgrading Brocade switches 180 USB 185 user databases 65 user - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 491
271 VSA 71 W warning rack stability 21 web sites HP storage 22 HP Subscriber's choice 22 Web Tools access methods 23 Windows zone adding members 209 adding switches 221 administering security 223 aliases splitting a fabric 223 storage-based 196 troubleshooting 223 types 196 viewing 211 viewing - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 492
492 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 493
switch and device WWNs 160 9 Filtered fabric views showing converted switch WWNs 160 10 Isolated subfabrics 161 11 Zoning example 195 12 domain set configuration example 257 24 FC4-16IP ports 261 25 iSCSI gateway service in an iSCSI FC group configuration for the SAN Switch 8/40 380 50 Network - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 494
57 Cascaded configuration, three switches 428 58 Allow/Prohibit example 442 59 Non-redundant router configuration 471 60 Configuration during the upgrade 471 61 Redundant router configuration 472 62 Dual backbone fabric configuration 472 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 495
105 23 Security database size restrictions 107 24 Valid methods for specifying policy members 108 25 FCS policy states 109 26 Switch operations 110 27 Distribution policy states 113 28 DCC policy states 113 29 SCC policy states 116 30 Supported services 126 31 Implicit IP Filter rules 127 - HP Brocade BladeSystem 4/12 | HP StorageWorks Fabric OS 6.1.1 administrator guid - Page 496
support for SAN Switch 4/32, 4/32B and 4/64 SAN Switch (Condor ASIC 374 80 Trunking support for 4/256 SAN Director and DC Directors with supported blades switches 454 97 Account/password characteristics matrix 465 98 Password prompting matrix 466 99 Password migration behavior during firmware
HP StorageWorks
Fabric OS 6.1.1 administrator guide
Part number: 5697-0235
edition: November 2009