HP StorageWorks Fabric OS 5.3.x administrator guide (5697-0244, November 2009)

ManualsBrandsHP ManualsComputer AccessoriesHP 8/40 SAN Switch 8-port Upgrade E-LTU

251

252

253

254

255

256

257

258

259

260

270 Administering FICON fabrics

• Some 1-Gbit/sec storage devices cannot auto-negotiate speed with the 4/256 SAN Director, SAN

Switch 4/32 or SAN Switch 4/32B ports. For these types of devices, configure ports that are

connected to 1-Gbit/sec storage devices for fixed 1-Gbit/sec speed.

Preparing a switch

To verify and prepare a switch for use in a FICON environment, complete the following steps:

1. Connect to the switch and log in as admin.

2. If not in a cascaded environment, proceed to step 3.

If in a FICON cascaded environment, enter the following commands:

• licenseShow to verify that required licenses (Secure Fabric OS and Zoning) are activated

• secModeShow to determine if Secure Fabric OS is enabled; if it is disabled, enable it

• secPolicyShow to verify that the SCC_POLICY is active

• pkiShow to determine the existence of PKI objects, such as switch private key, private key

passphrase, CSR, root certificate, and switch certificate. If none of these objects exists, refer to the

Secure Fabric OS Administrator’s Guide for information about creating the PKI objects and

obtaining the digital certificate file.

3. Enter the switchShow command to verify that the switch and devices are online.

4. Change the routing policy on the switch from the default exchange-based policy to the required

port-based policy for those switches with FICON devices directly attached. For the SAN Switch 4/32

and SAN Switch 4/32B, refer to the Fabric OS Command Reference Manual for details about the

aptPolicy command. For the 4/256 SAN Director, refer to the Web Tools Administrator’s Guide.

5. Enter the ficonshow rnid command to verify that the FICON

devices are registered with the switch.

6. Enter the ficonshow lirr command to verify that the FICON

host channels are registered to listen

for link incidents.

7. Optionally, refer to ”Using FICON CUP” on page 274 for details about using FICON CUP.

Configuring a single switch

Single-switch configuration does not require IDID or fabric binding, provided that connected channels are

configured for single-byte addressing. However, you should configure IDID to ensure that domain IDs are

maintained.

Configuring a high-integrity fabric

To configure a high-integrity fabric (cascaded configuration):

1. Disable each switch in the fabric.

2. For each switch:

a. Enable the IDID flag.

b. Set the domain ID.

c. Install security certificates and keys.

3. Enable the switches; this builds the fabric.

4. Set up security on the primary FCS switch.

Use the secModeEnable command. The security policies are distributed to each switch in the fabric.

(For details on the Quickmode procedure, refer to the Secure Fabric OS Administrator’s Guide.