53-1002934-02 09 September 2013 Web Tools Administrator’s Guide Supporting Fabric OS v7.2.
Copyright © 1999-2013 Brocade Communications Systems, Inc. All Rights Reserved. ADX, AnyIO, Brocade, Brocade Assurance, the B-wing symbol, DCX, Fabric OS, ICX, MLX, MyBrocade, OpenScript, VCS, VDX, and Vyatta are registered trademarks, and HyperEdge, The Effortless Network, and The On-Demand Data Center are trademarks of Brocade Communications Systems, Inc., in the United States and/or in other countries. Other brands, products, or service names mentioned may be trademarks of their respective owners.
Document Title Publication Number Summary of Changes Publication Date Advanced Web Tools User’s Guide v4.1.2 53-0000522-04 Insistent Domain ID Mode. Port Swapping information. Minor editorial changes. October 2003 Advanced Web Tools Administrator’s Guide, v4.2.0 53-0000522-05 Updates to support new switch types: Brocade 3250, 3850, 24000. Structural changes, support changes, installation changes.
Document Title Publication Number Summary of Changes Publication Date Web Tools Administrator’s Guide 53-1001194-01 Updates to add support for Virtual Fabrics, IPsec, and consistency with Brocade Network Advisor. November 2008 Web Tools Administrator’s Guide 53-1001343-01 Updates to add support for Brocade 7800 Extension Switch, Brocade 8000, FCOE10-24 DCX Blade, and FX8-24 DCX Extension Blade.
Contents About This Document How this document is organized . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxi Supported hardware and software . . . . . . . . . . . . . . . . . . . . . . . . . .xxii What’s new in this document . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxiii Document conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxiv Text formatting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Web Tools system logs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15 Technical SupportSave logs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15 Requirements for IPv6 support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16 Chapter 2 Using the Web Tools Interface Viewing Switch Explorer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17 Persisting GUI preferences . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Switch restart . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40 Performing a fast boot . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40 Performing a reboot. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41 System configuration parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . 41 WWN-based persistent PID assignment. . . . . . . . . . . . . . . . . . . 41 Configuring fabric settings . . . . . . . . . . . . . . . .
Chapter 5 Managing Administrative Domains Administrative Domain overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65 Requirements for Admin Domains . . . . . . . . . . . . . . . . . . . . . . . 65 User-defined Admin Domains . . . . . . . . . . . . . . . . . . . . . . . . . . . 66 System-defined Admin Domains. . . . . . . . . . . . . . . . . . . . . . . . . 66 Admin Domain membership . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67 Enabling Admin Domains . . . . . . . . . . . . . .
Port swapping index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92 Port swapping. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92 Determining if a port index was swapped with another switch port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93 Configuring port binding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94 Configuring BB credits on an F_Port . . . . . . . . . . . . . . . . . . . . . . . . .
Saving graphs to a canvas . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .120 Adding graphs to an existing canvas . . . . . . . . . . . . . . . . . . . . . . . .121 Printing graphs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .121 Modifying graphs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .121 Chapter 9 Administering Zoning Zoning overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Best practices for zoning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .143 Chapter 10 Working with Diagnostic Features Trace dumps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .145 How a trace dump is used. . . . . . . . . . . . . . . . . . . . . . . . . . . . .146 Setting up automatic trace dump transfers . . . . . . . . . . . . . . .146 Specifying a remote server . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Port configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .164 Creating port groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .164 Editing or viewing port groups. . . . . . . . . . . . . . . . . . . . . . . . . .165 Deleting port groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .166 Defining custom primary F-N port mapping . . . . . . . . . . . . . . .166 Defining custom static F-N port mapping. . . . . . . . . . . . . . . . .
Access control list policy configuration . . . . . . . . . . . . . . . . . . . . . .196 Virtual Fabrics considerations. . . . . . . . . . . . . . . . . . . . . . . . . .197 Admin Domain considerations . . . . . . . . . . . . . . . . . . . . . . . . .197 Creating an SCC, DCC, or FCS policy . . . . . . . . . . . . . . . . . . . .197 Editing an SCC, DCC, or FCS policy. . . . . . . . . . . . . . . . . . . . . .197 Deleting all SCC, DCC, or FCS policies . . . . . . . . . . . . . . . . . . .
IPsec over management ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . .218 Enabling the Ethernet IPsec policies . . . . . . . . . . . . . . . . . . . .218 Establishing an IKE policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . .218 Creating a security association . . . . . . . . . . . . . . . . . . . . . . . . .219 Creating an SA proposal . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .219 Adding an IPsec transform policy . . . . . . . . . . . . . . . . . . . . . . .
LLDP-DCBX configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 241 Configuring global LLDP characteristics. . . . . . . . . . . . . . . . . . 241 Adding an LLDP profile . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .242 Configuring DCB interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .243 Configuring a link aggregation group. . . . . . . . . . . . . . . . . . . . . . . .244 Configuring VLANs. . . . . . . . . . . . . . . . . . . . . . . . . . . .
xvi Web Tools Administrator’s Guide 53-1002934-02
Figures Figure 1 Configuring Internet Explorer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 Figure 2 Default Java for browsers option . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 Figure 3 Virtual Fabric login option . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12 Figure 4 Switch Explorer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
xviii Figure 37 Add User Account dialog box (VF) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 188 Figure 38 Add User Account dialog box (AD) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 188 Figure 39 Switch Admin: Add User Defined Role dialog box . . . . . . . . . . . . . . . . . . . . . . . 195 Figure 40 Switch Admin: Add User Defined Role dialog box . . . . . . . . . . . . . . . . . . . . . . .
Tables Table 1 Basic Web Tools features and EGM licensed features . . . . . . . . . . . . . . . . . . . . . 2 Table 2 Web Tools functionality moved to Brocade Network Advisor . . . . . . . . . . . . . . . . 3 Table 3 Certified and tested platforms. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 Table 4 Supported platforms. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 Table 5 Predefined Web Tools roles . . . . .
xx Web Tools Administrator’s Guide 53-1002934-02
About This Document In this chapter • How this document is organized . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxi • Supported hardware and software. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxii • What’s new in this document . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxiii • Document conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxiv • Notice to the reader . . . . . . . . . . . . . .
• Chapter 11, “Using the FC-FC Routing Service” provides information on using the FC-FC Routing Service to share devices between fabrics without merging those fabrics. • Chapter 12, “Using the Access Gateway” provides information on how to configure and manage the Brocade Access Gateway. • Chapter 13, “Administering Fabric Watch” provides information on how to use the Fabric Watch feature to monitor the performance and status of switches and alert you when problems arise.
• • • • • • • • • Brocade 6520 Brocade 6547 Brocade 7800 Extension Switch Brocade DCX 8510-4 Backbone Brocade DCX 8510-8 Backbone Brocade DCX Backbone Brocade DCX-4S Backbone Brocade Encryption Switch Brocade VA-40FC The following blades are supported by this release: • • • • • • • • • • • • • • • • Brocade CORE 8 blade Brocade CP8 blade Brocade CR16-4 blade Brocade CR16-8 blade Brocade CR4S-8 blade Brocade FC16-32 port blade Brocade FC16-48 port blade Brocade FC8-16 port blade Brocade FC8-32 port blade
Document conventions This section describes text formatting conventions and important notice formats used in this document.
Key terms For definitions specific to Brocade and Fibre Channel, see the Brocade Glossary. For definitions of SAN-specific terms, visit the Storage Networking Industry Association online dictionary at: http://www.snia.org/education/dictionary Notice to the reader This document may contain references to the trademarks of the following corporations. These trademarks are the properties of their respective companies and corporations. These references are made for informational purposes only.
Other industry resources For additional resource information, visit the Technical Committee T11 website. This website provides interface standards for high-performance and mass storage applications for Fibre Channel, storage management, and other applications: http://www.t11.org For information about the Fibre Channel industry, visit the Fibre Channel Industry Association website: http://www.fibrechannel.
• Brocade DCX-4S and DCX 8510-4—On the bottom right on the port side of the chassis, directly above the cable management comb 3. World Wide Name (WWN) Use the licenseIdShow command to display the WWN of the chassis. If you cannot use the licenseIdShow command because the switch is inoperable, you can get the WWN from the same place as the serial number, except for the Brocade DCX.
xxviii Web Tools Administrator’s Guide 53-1002934-02
Chapter Introducing Web Tools 1 In this chapter • Web Tools overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 • Web Tools, the EGM license, and Brocade Network Advisor . . . . . . . . . . . . . 1 • System requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 • Java installation on the workstation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 • Java Plug-in configuration . . . . . . .
1 Web Tools, the EGM license, and Brocade Network Advisor Web Tools features enabled by the EGM license Table 1 describes those Web Tools features that require the EGM license.
Web Tools, the EGM license, and Brocade Network Advisor TABLE 1 1 Basic Web Tools features and EGM licensed features (Continued) Feature Basic Web Tools Web Tools with EGM License Port Administration yes yes Print zone database summary no no RBAC yes yes Routing and DLS Configuration no yes Security Policies Tab (like ACL) yes yes Switch Info tab yes yes Switch Status yes yes Switch View right-click options yes yes Trace dump yes yes USB Management yes yes User Managemen
1 System requirements TABLE 2 Web Tools functionality moved to Brocade Network Advisor (Continued) Function Web Tools 6.1.0 Brocade Network Advisor Comments Device Accessibility Matrix Zone Admin Configure > Zoning The Compare dialog box provides the Storage-Host and Host-Storage view in a tree representation that is comparable to the Device Accessibility Matrix when all devices are selected.
System requirements TABLE 3 1 Certified and tested platforms Operating System Browser Windows Server 2008 (SP2) Standard (32-bit) Internet Explorer 9.0, Firefox 19.0 Windows 8 Enterprise (32-bit) Internet Explorer 10.0, Chrome SUSE Linux Enterprise Server 11 (SP2) (32-bit) Firefox 19.0 Windows Server 2008 R2 (SP1) Enterprise (64-bit) Internet Explorer 9.0/10.0, Firefox 19.0 Windows Server 2012 Standard (64-bit) Internet Explorer 10.0, Firefox 19.0 Red Hat Enterprise Linux 6.
1 System requirements To set the Internet Explorer options, perform the following steps. 1. Open your web browser and select Tools > Internet Options. 2. Select General > Browsing History > Settings. 3. Choose Every time I visit the webpage under Check for newer versions of stored pages: as shown in Figure 1.
Java installation on the workstation 1 5. Click OK. 6. On the Java Control Panel, click View to review the files that are in the Java cache. If you have deleted all the temporary files, the list is empty. Java installation on the workstation Java Plug-in must be installed on the workstation. If you attempt to open Web Tools without any Java Plug-in installed: • Internet Explorer automatically prompts and downloads the proper Java Plug-in. • Firefox downloads the most recently released Java Plug-in.
1 Java Plug-in configuration Installing the Java Plug-in on Windows To Install the Java Plug-in on Windows, perform the following steps. 1. From the Start menu, select Control Panel and select the Java Plug-in Control Panel. 2. Select the About tab. 3. Determine whether the correct Java Plug-in version is installed: • If the correct version is installed, Web Tools is ready to use. • If no Java Plug-in is installed, point the browser to a switch running Fabric OS 5.2.0 or later to install JRE 1.6.0.
Value line licenses 1 1. From the Start menu, select Control Panel. 2. Click the Advanced tab and expand the Default Java for browsers option, as shown in Figure 2 on page 9. FIGURE 2 Default Java for browsers option 3. Select Mozilla family and click Apply. 4. Click OK to apply your settings and close the Java Control Panel.
1 Opening Web Tools Opening Web Tools You can open Web Tools on any workstation with a compatible Web browser installed. For a list of Web browsers compatible with Fabric OS v7.2.0, refer to Table 3. Web Tools supports both HTTP and HTTPS. To open Web Tools, perform the following steps. 1. Open the Web browser and enter the IP address of the device in the Address field, such as: http://10.77.77.77 or https://10.77.77.77 2. Press Enter. The Web Tools login dialog box displays.
Opening Web Tools 1 1. Click Run on the signed certificate applet. A warning dialog box may display. If you select the check box Always trust content from this publisher, the warning dialog box is not displayed when you open Web Tools again. 2. Click OK in the security banner window, if one displays. 3. In the login dialog box, enter your user name and password. If your current password has expired, you must provide a new password and confirm the new password.
1 Opening Web Tools FIGURE 3 Virtual Fabric login option 2. Log in to a logical fabric. • To log in to the home logical fabric, select Home Logical Fabric and click OK. • To log in to a logical fabric other than the home logical fabric, select User Specified Logical Fabric, enter the fabric ID number or the context name, and click OK. On providing the context name, a dialog box displays with the available list of VF ID-Context Name (role of the context).
Role-Based Access Control 1 2. Log in to an Admin Domain. • To log in to the home domain, select Home Domain and click OK. • To log in to an Admin Domain other than the home domain, select User Specified Domain, enter the Admin Domain name or number, and click OK. If the user name or password is incorrect, a dialog box displays indicating an authentication failure.
1 Session management TABLE 5 Predefined Web Tools roles (Continued) Role Description switchadmin You can perform all actions on the switch, except the following: • You cannot modify zoning configurations. • You cannot create new accounts. • You cannot view or change account information for any accounts. You can only view your own account and change your account password. zoneadmin You can only create and modify zones.
Web Tools system logs 1 Web Tools system logs Web Tools uses the log4j framework to write the logs into a file When you launch Web Tools for the first time, it automatically creates the following directories. These directories are created under Web Tools directory if they are not available: • A directory under the user home directory. • The Web Tools Switch Support Save directory with the name format .
1 Requirements for IPv6 support 2. Click Browse to select the location where the SupportSave output must be saved. The default path for Windows is C:\Documents and Settings\<>\Webtools\. The default path for Linux is /root/WebTools/. 3. Click Capture to start collecting the SupportSave logs. A zipped-up SupportSave folder is saved in the defined location. SupportSave zip file name format is “WT-SS-switchIP-FID-dd-mm-yy-hh-mm-ss”.
Chapter 2 Using the Web Tools Interface In this chapter • Viewing Switch Explorer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Displaying tool tips. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Right-click options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Refresh rates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
2 Viewing Switch Explorer NOTE To perform monitoring tasks such as performance monitoring the EGM license must be installed on the switch; otherwise, access to this feature is denied and an error message displays. - Reporting tasks, such as viewing the status of a switch. Tools tasks, such as opening the Telnet or SSH client window, beaconing a switch or chassis, and access to technical SupportSave.
Viewing Switch Explorer 1 2 3 4 5 6 7 8 9 FIGURE 4 2 Menu bar Switch View buttons Tabs and Fabric Tree Zoom In and Zoom Out buttons Switch View Switch Events and Switch Information Indicator bar Professional Management Tool offering Last polling refresh time - The host time in which Web Tools is launched Switch Explorer Persisting GUI preferences Web Tools persists your GUI preferences across sessions for Switch Explorer, and the Port Admin, Switch Admin, Name Server, and Zone Admin dialog boxes on all
2 Viewing Switch Explorer • Table column positions The Switch Admin GUI preferences that persist are: • • • • Basic or Advance modes Last selected tab Table column sorting Table column positions The Switch Explorer GUI preferences that persist are: • Last selected tab The Name Server GUI preferences that persist are: • Table column sorting • Table column positions The Zone Admin GUI preferences that persist are: • • • • • Basic Zones Traffic Isolation Zones Last selected tab Table column sorting Ta
Viewing Switch Explorer 2 Although Fabric Tree displays all the switches in the fabric, you can manage switches that support Fabric OS v6.1 and later versions because it does not requires Web Tools license. If a switch is launched from Fabric Tree, preference will be given to IPv4, even though both IPv4 and IPv6 are configured for that particular switch. The versions earlier than Fabric OS v6.1 require a Web Tools license and, if applicable, an EGM license installed.
2 Viewing Switch Explorer Switch View You can click the small right arrow towards the left of the Switch Event tab to display the Switch View. The Switch View displays a graphical representation of the switch, including a real-time view of switch and port status. Refer to area 7 in Figure 4 on page 19. NOTE: With the upgrade license installed: • For 7800, all FC ports and 6 GbE ports are enabled. Without the upgrade license installed: • For 7800, 4 FC ports and 2 GbE ports are enabled.
Viewing Switch Explorer FIGURE 5 2 USB port storage management NOTE Click the USB port on the Switch View to launch the USB Storage Management window. Zoom in and zoom out You can use the zoom buttons ( ) above the graphical Switch View to magnify the hardware image. Click the zoom in button (+) to see an enlarged view of the switch and click the zoom out button (-) to see the default view of the switch.
2 Viewing Switch Explorer • Switch - Name Status Fabric OS Version Domain ID WWN Type Role Name of the switch. Status of the switch. Fabric OS version of the switch. Domain ID of the switch. World Wide Name of the switch. Type of the switch. Role of the switch. The following information is specific to Virtual Fabrics: Base Switch Indicates whether or not the logical switch can act as a base switch. - Default Switch Indicates whether or not the logical switch is the default logical switch.
Displaying tool tips 2 For more information, refer to “Displaying switch information” on page 147. Free Professional Management tool You can use the Professional Management tool with Web Tools to view connectivity for each fabric, to back up and restore last-known configurations, and more. You can also use it with the Enhanced Group Management license to manage groups of switches, download firmware, manage security settings, and deploy configurations across groups of switches.
2 Refresh rates FIGURE 6 Right-click menu for ports (from Switch Explorer) The tasks are: • The Port Admin option displays the Port Admin tab. • The Port Details option displays read-only information about a port, without opening the Port Admin tab. You can right-click on the table content to export or copy the information from the Port Details window.
Displaying switches in the fabric 2 The refresh rates are different for each module. Table 6 lists polling rates by module. Though these rates are sample rates, they correctly illustrate variance in the refresh rates throughout Web Tools. TABLE 6 Polling rates Module Polling rate Name Server User-defined; 45 sec minimum Zoning Database 60 sec Fabric Watch 45 sec Performance Monitor (This feature requires the EGM license.
2 Opening a Telnet or SSH client window • In a fabric containing switches and directors running different versions of firmware, use the switches or directors with the latest firmware versions to control the fabric. • If switches are accessed simultaneously from different connections (for example, Web Tools, CLI, and API), changes from one connection might not be updated to the other, and some modifications might be lost.
Collecting logs for troubleshooting 2 Collecting logs for troubleshooting If you encounter problems using the Web Tools interface, collect Java logs for use in troubleshooting. From Microsoft Windows, perform this procedure. 1. Open the Control Panel and select Java. 2. Click on the Advanced tab. 3. Expand the Java console. 4. Select Show console. 5. Restart Web Tools. The Java console displays, along with the Web Tools opening page. 6. Perform the Web Tools operation that caused the problem. 7.
2 30 Collecting logs for troubleshooting Web Tools Administrator’s Guide 53-1002934-02
Chapter 3 Managing Fabrics and Switches In this chapter • Fabric and switch management overview . . . . . . . . . . . . . . . . . . . . . . . . . . . • Configuring IP and subnet mask information . . . . . . . . . . . . . . . . . . . . . . . . • Configuring Netstat Auto Refresh . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Configuring a syslog IP address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Removing a syslog IP address . . . . . . . . . . . . . .
3 Fabric and switch management overview FIGURE 7 Switch Administration window, Switch tab, Basic mode With the exception of switch time, information displayed in the Switch Administration window is not updated automatically by Web Tools. To update the information displayed in the Switch Administration window, click the Refresh button. ATTENTION Most changes you make in the Switch Administration window are buffered, and are not applied to the switch until you save the changes.
Configuring IP and subnet mask information 3 Opening the Switch Administration window Most of the management procedures in this chapter are performed from the Switch Administration window. To open the Switch Administration window, perform the following steps. 1. Click Configure > Switch Admin. The Switch Administration dialog box displays in basic mode, as shown in Figure 7 on page 32. The basic mode displays the “basic” tabs and options. 2.
3 Configuring Netstat Auto Refresh Configuring Netstat Auto Refresh The Netstat Performance window displays the details about Ethernet management port statistics like the Interface, MTU, Met, RX-OK, RX-ERR, RX-DRP, RX-OVR, TX-OK, TX-ERR, TX-DRP, TX-OVR, and Flag. To configure Auto Refresh, perform the following steps. 1. Open the Switch Administration window as described in “Opening the Switch Administration window” on page 33. 2. Select the Network tab. 3. Click Netstat Performance. 4.
Configuring IP filtering 3 You can click Clear All to remove all of the syslog IP addresses from the table. 4. Click Apply. Configuring IP filtering Web Tools provides the ability to control what client IP addresses may connect to a switch or fabric. To set up IP filtering, perform the following steps. 1. Open the Switch Administration window (in Basic mode) as described in “Opening the Switch Administration window” on page 33. 2. Click Show Advanced Mode. 3. Select the Security Policies tab. 4.
3 Blade management Enabling or disabling a blade The Firmware Version columns display the firmware loaded onto each blade. A blade can have more than one firmware image loaded onto it. The Blade State column in the Blade tab pane indicates whether the blade is enabled. NOTE The blade state is always shown as enabled, even if you perform a blade disable operation. When a blade is set to a disable state, only the ports on the blade are disabled. The blade remains active.
Switch configuration 3 4. Select a slot number from the list. 5. Enter the IP address, subnet mask, and Gateway IP address. 6. Select a type from the list. 7. Click Add to add the new entry to the table. When you click Add, the values remain in the fields. The Clear Gateway and Clear IP buttons are available for clearing fields in the table. NOTE To remove a configuration, select a row in the table and click Delete. 8.
3 Switch configuration 4. Click Apply. The system displays a confirmation window that asks if you want to save the changes to the switch. You must click Yes to save the changes. Enabling and disabling switch persistent Use this procedure to enable or disable switch persistent. By default, switch persistent is disabled. 1. Open the Switch Administration window as described in “Opening the Switch Administration window” on page 33. 2. Select the Switch tab. 3.
Switch configuration 3 1. Open the Switch Administration window as described in “Opening the Switch Administration window” on page 33. 2. Disable the switch, as described in “Enabling and disabling a switch” on page 37. 3. Select the Switch tab. 4. Enter a new domain ID in the Domain ID field. For IM0, the range of valid values is from 1 through 239. 5. Click Apply. 6. Enable the switch, as described in “Enabling and disabling a switch” on page 37.
3 Switch restart • Select Set as preferred Principal Switch and then select Rebuild Fabric after setting preferred principal switch - The switch is set as preferred principal switch with rebuild triggered forcefully. • Select Set as preferred Principal Switch and enter the priority value in a range from 1 through FF in the Priority field. You can change the priority value and select the Rebuild Fabric after setting preferred principal switch option from a principal or a subordinate switch.
System configuration parameters 3 Performing a reboot To reboot the CP and execute the normal power-on booting sequence, perform the following steps. 1. Open the Switch Administration window as described in “Opening the Switch Administration window” on page 33. 2. Click Reboot. 3. On the Reboot Confirmation window, click Yes to continue. 4. Click Apply. System configuration parameters You must disable the switch before you can configure fabric parameters.
3 System configuration parameters TABLE 7 Switches that support WWN-based persistent PID on Web Tools Platform DCX/DCX-4S DCX 8510-4 DCX 8510-8 VF Enabled Default switch Yes, if dynamic area addressing is enabled in the default switch.
System configuration parameters 3 Datafield size The largest possible data field size (in bytes). The range of valid values is from 256 through 2112. Address mode Displays the addressing mode present in the switch. Sequence Level Switching Select this box to enable frames of the same sequence from a particular group to be transmitted together. When this option is not selected, frames are transmitted interleaved among multiple sequences.
3 System configuration parameters 1. Open the Switch Administration window as described in “Opening the Switch Administration window” on page 33. 2. Disable the switch as described in “Enabling and disabling a switch” on page 37. 3. Select the Configure tab. 4. Select the Virtual Channel subtab. 5. Enter a value in the VC Priority field you want to change. The only valid numeric values for all fields are either “2” or “3”. 6. Click Apply. 7.
System configuration parameters 3 1. Open the Switch Administration window as described in “Opening the Switch Administration window” on page 33. 2. Disable the switch as described in “Enabling and disabling a switch” on page 37. 3. Select the Configure tab. 4. Select the System subtab. 5. Select the Disable RLS Probing check box to disable RLS probing. or Clear the check box to enable RLS probing. 6. Click Apply. 7. Enable the switch as described in “Enabling and disabling a switch” on page 37.
3 Licensed feature management 4. Select the Enable Signed Firmware Download check box. 5. Click Apply. Licensed feature management The licensed features currently installed on the switch are listed in the License tab of the Switch Administration window. If the feature is listed, such as the EGM license, it is installed and immediately available. When you enable some licenses, such as ISL Trunking, you might need to change the state of the port to enable the feature on the link.
Licensed feature management 3 The Assign Slots window displays. 5. Select the slots you want to assign. 6. Click OK. Removing a license from a switch To remove a license from a switch in the Switch Administration window, perform the following steps. ATTENTION Use care when removing licenses. If you remove a license for a feature, that feature no longer works. 1. Open the Switch Administration window as described in “Opening the Switch Administration window” on page 33. 2. Select the License tab. 3.
3 High Availability overview High Availability overview High Availability (HA) features provide maximum reliability and nondisruptive replacement of key hardware and software modules. High Availability is available only on the Brocade DCX, DCX-4S, DCX 8510-4 and DCX 8510-8 platforms. Refer to the Fabric OS Administrator’s Guide for additional information about High Availability.
High Availability overview FIGURE 9 3 High Availability window, CP tab The High Availability window gets refreshed automatically. You can also click Refresh to update the information displayed in the High Availability window. Admin Domain considerations To open the High Availability window, the switch must be a member of your current Admin Domain. If the switch is not a member of the current Admin Domain, the Synchronized Services and Initiate Failover buttons are unavailable.
3 Event monitoring 5. Click Refresh to update the HA Status field. When the HA Status field displays HA enabled, Heartbeat Up, HA State synchronized, a failover can be initiated without disrupting frame traffic on the fabric. Initiating a CP failover A nondisruptive failover might take about 30 seconds to complete. During the failover, all of the Web Tools windows and all associated child-windows are invalidated. You must close all Web Tools windows and open Web Tools again.
Event monitoring 3 • Information • Debug Table 8 lists the event message severity levels displayed on the Switch Events tab and explains what qualifies event messages to be certain levels. On the Switch Events tab, you can click Filter to launch the Event Filter dialog box. The Event Filter dialog box allows you to define which events should be displayed on the Switch Events tab. For more information on filtering events, refer to “Filtering switch events” on page 52.
3 Event monitoring 1. Select the switch from the Fabric Tree. The Switch View displays. 2. Select the Switch Events tab, if necessary. Filtering switch events You can filter the fabric and switch events by time, severity, message ID, and service. You can apply either one type of filter at a time or multiple types of filters at the same time.
Displaying the Name Server entries 3 1. Open the Switch Events tab as described in “Displaying switch events” on page 51. 2. Click Filter. The Event Filter dialog box displays. 3. Select Message ID. 4. Enter the message IDs in the associated field. NOTE You can enter multiple message IDs as long as you separate them by commas. You can enter either the full message ID (moduleID-messageType) or a partial ID (moduleID only). The message ID filtering is case-sensitive. 5. Click OK.
3 Displaying the Name Server entries 1. In the Switch Explorer window, select Name Server. The Name Server tab displays. 2. To set an autorefresh rate for the Name Server entries, select the Auto Refresh check box in the Name Server window, and enter an auto-refresh interval (in seconds). The minimum interval is 45 seconds and the default interval is 60 seconds. Printing the Name Server entries To set up printing preferences, perform the following steps. 1.
Physically locating a switch using beaconing 3 Physically locating a switch using beaconing Use the Beacon button to physically locate a switch in a fabric. The beaconing function helps to physically locate a switch by sending a signal to the specified switch, resulting in an LED light pattern that cycles through all ports for each switch (from left to right). NOTE You must have an RBAC role of admin to initiate switch beaconing. The LED light pattern is initiated on the actual switch or chassis.
3 Virtual Fabrics overview • Brocade 7800 • Brocade DCX 8510-4 • Brocade DCX 8510-8 Virtual Fabrics cannot be configured or managed from Web Tools. Configuration and management is done from either the Brocade Network Advisor, or the Fabric OS command line interface.
Virtual Fabrics overview 3 1. Select Port Admin tab. The Port Admin tab displays. Logical ports are displayed in the FC Ports Explorer tree structure. 2. To view logical port properties, expand the Logical Ports branch, and select a port. The General properties are displayed.
3 58 Virtual Fabrics overview Web Tools Administrator’s Guide 53-1002934-02
Chapter 4 Maintaining Configurations and Firmware In this chapter • Creating a configuration backup file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Restoring a configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Admin Domain configuration maintenance . . . . . . . . . . . . . . . . . . . . . . . . . . • Uploading and downloading from USB storage . . . . . . . . . . . . . . . . . . . . . . . • Performing a firmware download . . . . . . . . .
4 Restoring a configuration The default path for Windows is Folder Name\FileName.txt or FileName.txt The default path for Linux is Directory Name\FileName.txt or FileName.txt. If you select USB as the configuration file source, the network parameters are not needed and are not displayed. You can skip to step 6. 6. Use the Fabric ID selector to select the fabric ID of the logical switch from which the configuration file is to uploaded.
Admin Domain configuration maintenance 4 If you select USB as the configuration file source, the network parameters are not needed and are not displayed, and you can skip to step 7. An info link is enabled when USB is chosen as the source of the configuration file. If you click info, an information message displays. 6. Enter the configuration file with a fully-qualified path, or select the configuration file in the Configuration File Name field. 7.
4 Uploading and downloading from USB storage The filtering depends on the Admin Domain switch ownership, with additional access if you are in AD255. Access to the command itself is limited by Role-Based Access Control (RBAC), and not by whether the current user is a Physical Fabric Administrator or an admin user with enumerated access to the relevant domains. The ability to change Admin Domain context requires installing the EGM license.
Performing a firmware download 4 The download source can be located on the Network or a USB device. NOTE When you select the USB button, you can specify only a firmware path or directory name. The default path for Windows and Linux is /usb/usbstorage/brocade/firmware/. No other fields on the tab are available. The USB button is available if the USB is present on the switch. 4. Enter the host name or IP address, user name, password, and fully-qualified path to the file release.plist.
4 64 Performing a firmware download Web Tools Administrator’s Guide 53-1002934-02
Chapter 5 Managing Administrative Domains In this chapter • Administrative Domain overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Enabling Admin Domains . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Admin Domain window . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Creating and populating domains . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Modifying Admin Domain members . . .
5 Administrative Domain overview User-defined Admin Domains AD1 through AD254 are user-defined Admin Domains. These user-defined Admin Domains can be created only by a physical fabric administrator in AD255. System-defined Admin Domains AD0 and AD255 are special Admin Domains and are present in every AD-capable fabric.
Enabling Admin Domains 5 • Manage ACL and distribution (this can be managed in AD0 if no other Admin Domains are present). • Manage Advanced Performance Monitoring (this can be managed in AD0 if no other Admin Domains are present, but only if you are using Web Tools with the EGM license).
5 Admin Domain window 1. Change the Admin Domain context to AD0. Refer to “Changing the Admin Domain context” on page 21. NOTE Changing the Admin Domain context requires using Web Tools with the EGM license; otherwise, access to this feature is denied and an error message displays. Change the Default Zone mode to No Access. Refer to “Setting the default zoning mode” on page 125 for more information. 2. Navigate to AD255 or the physical fabric and begin managing the Admin Domains.
Admin Domain window 5 NOTE The tree only displays launched switches and their ports. It also displays all the devices in the fabric. Slot and port information of other switches are not displayed in the tree. The Admin Domain window has the following buttons in a task bar at the top of the window: • • • • • • New allows you to create a new Admin Domain. Print allows you to print the current or effective configuration.
5 Admin Domain window The Admin Domain window displays. Refreshing fabric information When you refresh, the system updates the display of fabric elements only (switches, ports, and devices). It does not update Admin Domain changes in the Admin Domain window. This option allows you to refresh the fabric element information displayed at any time. To refresh the fabric information open the Admin Domain window and click Refresh. The status for the fabric, including switches, ports, and devices is refreshed.
Creating and populating domains 5 This action updates the entire contents of the Admin Domain window, not just the selected Admin Domain. You can save your changes at any time during the Admin Domain configuration session. Closing the Admin Domain window It is important to remember that any changes you make in the Admin Domain window are not saved automatically. To close the Admin Domain window, perform the following steps. 1. In the Admin Domain window, select File > Close.
5 Creating and populating domains NOTE Clear the Active check box if you want the Admin Domain deactivated when you finish creating it. 6. Click Next. 7. In the Membership area, assign members to the Admin Domain by selecting them in the Available Members section and clicking Add, Add Ports, or Add Devices: • Select a switch, port, or device in the Available Members tree and click Add to add the selected element. Alternatively, you can press the Insert key to add your selections.
Modifying Admin Domain members 5 4. Select Actions > Save AD Configuration to save the new Admin Domain configuration to persistent storage. 5. Select Actions > Apply AD Configuration to enforce the new Admin Domain configuration as the effective configuration. ATTENTION When you deactivate an Admin Domain, the members or devices assigned to the domain can no longer access its hosts or storage unless those devices are part of another Admin Domain.
5 Modifying Admin Domain members Renaming Admin Domains You can change the name of an Admin Domain, including an auto-assigned ID name. The Admin Domain name cannot exceed 63 characters and can contain alphabetic and numeric characters. The only special character allowed is an underscore ( _ ). NOTE You cannot rename AD0 or AD255. To rename an Admin Domain, perform the following steps. 1. Open the Admin Domain window. 2. From the tree on the left, select the Admin Domain. 3. Click Rename. 4.
Modifying Admin Domain members 5 3. In the confirmation dialog box, click Yes to clear the Admin Domain configuration.
5 76 Modifying Admin Domain members Web Tools Administrator’s Guide 53-1002934-02
Chapter Managing Ports 6 In this chapter • Port management overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77 • Configuring FC ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82 • Assigning a name to a port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85 • Port beaconing. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
6 Port management overview Opening the Port Admin tab Select Port Admin tab in the Switch Explorer window. The Port Admin tab displays information about the ports on the switch. Refer to “Switch View” on page 22 for information about accessible ports. The Port Admin tab displays in Basic mode. To view more port management options, select View > Advanced. NOTE You can drag the column divider to resize a column, or drag columns to re-arrange them in a custom order.
Port management overview 6 On selecting an FCIP tunnel, the following circuit details with the circuit properties are displayed: • • • • • • • • • • • • • • • • • • • • • • • Circuit Number Tunnel ID Administrator Status Operational Status GigEPort Source IP Gateway VLAN ID MTU Size Compression Mode Data L2COS Value DSCP Data IKE Policy Number IPsec Policy Enabled Keep Alive Timeout MaximumCommunicationRate MinimumCommunicationRate MaxRetransmitRate MinRetransmitRate Metric Pre-Shared key QOS Mapping Se
6 Port management overview Subtabs You can view either Basic Mode or Advanced Mode, and view the subtabs that contain additional information about the port. The available subtabs depend on the type of port selected. To view basic mode, select View > Basic.
Port management overview 6 • General—Under this tab, the Actions list provides the following options: - Edit - Rename - BB Credit - Re-Authenticate - Swap - Reserve License - Release License - F-Port Trunking - Enable/Disable - Persistent Enable/Disable - Binding—Bind PID/Un-Bind PID - CSCTL—Enable/Disable - Beacon—Enable/Disable - Compression—Enable/Disable - Encryption—Enable/Disable - Forward Error Correction—Enable/Disable - NPIV—Enable/Disable/Max Login - Trunking—Enable/Disable - QoS—Enable/Disable
6 Configuring FC ports Controllable ports All ports have a Controllable attribute visible from the Advanced Mode, which represents the RBAC permission. The Controllable attribute is No when non-owned E_Ports and indirect member ports on non-owned switches are accessible in read-only mode and are not controllable, regardless of RBAC permissions. Additionally, if you are logged in with read-only permission, the Controllable attribute displays No for all ports.
Configuring FC ports 6 NOTE Long distance is not displayed from the Edit Configuration window. You can view long distance from the View tab when you display the port details. 6. Follow the steps in the wizard. NOTE If you configure a disabled port as an EX-Port, the wizard displays the Enable Port after configuration check box. If you select the check box, the disabled port is automatically enabled after configuration; otherwise, the port remains in the same state after configuration.
6 Configuring FC ports Long distance mode Port long distance configurations can be performed in the Switch Admin Extended Fabric tab if the link is used over long distances. To configure the long-distance settings, the EGM license must be enabled on the switch. Otherwise, access to this feature is denied and an error message displays. For information about long-distance mode settings, refer to Chapter 14, “Administering Extended Fabrics”.
Assigning a name to a port • • • • • 6 Brocade 5480 Brocade 6510 Brocade 6520 Brocade 7800 Brocade VA-40FC To configure the ingress rate limit feature, perform the following steps. 1. Select View > Advanced. 2. In the Port Admin tab, select a port to configure. 3. Select QoS > Enable from the Actions list. This enables the QoS on the selected port. The QoS status is displayed in the port table. 4. Select Edit from the Actions list. The Port Configuration wizard displays. 5.
6 Port beaconing Port beaconing Individual FC ports can be set to beacon using the Port Admin tab. Port beaconing status displays in the Port Beaconing column. The Switch View reflects the port beaconing status by flashing the port amber and green for 2.5 seconds each, in an alternating pattern. To configure beaconing for an FC port, perform the following steps. 1. Select the Port Admin tab. 2. Click View > Advanced, if the Port Admin tab is in Basic mode. 3.
Persistent enabling and disabling ports 7. 6 Click Yes in the confirmation window. Considerations for enabling or disabling a port You should understand the following limitations and conditions when enabling or disabling a port: • On FR4-18i and FC4-16IP port blades, all ports are disabled by default. You can disable and re-enable them as needed.
6 Configuring NPIV ports 6. Optional: If you are accessing a Brocade 7800 switch, you can set the media type for the GE0 and GE1 gigabit Ethernet ports to either copper or optical. 7. a. Select the GigE Ports tab. b. Select either the GE0 or GE1 port. c. Select either Copper or Optical from the Media Type selection list. Click Yes in the confirmation window. Configuring NPIV ports The NPIV license must be installed on a switch before NPIV functionality can be enabled on any port.
Port activation 6 Ports on Demand is ready to be unlocked in the switch firmware. The license might be part of the licensed Paper Pack supplied with the switch software, or you can purchase the license separately from your switch vendor, who will provide you with a key to unlock it. You can install up to two Ports on Demand licenses on each switch.
6 Port activation After the license keys are installed, you must enable the ports. You can do so without disrupting switch operation, as described in “Enabling and disabling a port” on page 86. Alternatively, you can disable and re-enable the switch to activate all ports as described in “Enabling and disabling a switch” on page 37. To unlock a Ports on Demand license, you can use the supplied license key or generate a license key.
Port activation 6 • Available Licenses indicate the number of free licenses. These can be allocated for any port. • Total Licenses indicate the total number of licenses. Disabling Dynamic Ports on Demand NOTE Disabling DPODs causes traffic disruption. Any prior port associations and assignments are lost the next time the switch is restarted. To disable the Dynamic POD feature, log in and perform the following steps. 1. Select a port in the Switch View to open the Port Admin tab. 2.
6 Port swapping index 1. Click a port in the Switch View to open the Port Admin tab. 2. Click the FC Ports tab. 3. From the tree on the left, click the switch or the slot that contains the port. The Licensed column identifies the port license status: • If the port has a license allocated, the Licensed field contains the value Yes. • If the port does not have a license allocated and there are no free licenses that can be allocated, the Licensed field contains the value No.
Port swapping index FIGURE 13 6 Port swapped label To swap ports, perform the following steps. 1. Select a port in the Switch View to open the Port Admin tab. 2. Select the FC Ports tab. 3. Select View > Advanced. 4. From the tree on the left, select the port you want to swap. 5. Select Enable/Disable > Disable from the Actions list. You must disable the ports used for port swapping. If the port is not in the disable state, the port swap operation internally disables and re-enables the port. 6.
6 Configuring port binding 5. Click the General tab. NOTE The Port Index attribute on the General tab indicates whether a port was swapped. For ports that were swapped, the attribute name displays as Port Index value (Swapped), as shown in Figure 14. The value indicates with which port index the port was swapped. FIGURE 14 Port swapping index Configuring port binding To bind a port or ports, perform the following steps. 1. Select a port in the Switch View to open the Port Admin tab. 2.
Configuring BB credits on an F_Port 6 For the selected ports, the middle bytes are assigned sequentially. FIGURE 15 Port address binding 8. Click OK. In the port list table, for the bound ports, the Port ID column displays as Port ID value (Bound). You can also check the Bound Status attribute on the General tab to know if a port is bound or not. To unbind a port or ports, perform the following steps. 1. Select a port in the Switch View to open the Port Admin tab. 2. Select the FC Ports tab. 3.
6 Configuring ALPA 6. Enter the BB credit value in the Enter BB Credit field (the default value is 8). NOTE BB credit is not applicable for VE and ICL ports. 7. Select a port or ports under Selected Ports. 8. Click the right arrow to set the BB credit value for the selected ports and click OK. The value displays in the table of the Port Admin tab. If no value is configured, the F-Port BB Credit column displays the default value.
Configuring port octet speed combination 7. 6 Select an F_Port or U_Port from the device tree or Port List table. 8. Select ALPA Map from the Actions list. The Port WWN Map dialog box launches listing the Port WWN to ALPA Map with the host. The Port WWN map automatically populates. FIGURE 16 ALPA Map dialog box 9. Optional: Click Remove All to clear all of the Port WWN maps. Configuring port octet speed combination The Port Admin tab provides an option to set the port octet speed combination.
6 Configuring CSCTL NOTE Changing from one combination to another is a disruptive operation. It may cause connected ports to become No_Sync. The 10 GE license is required in order to set a port to 10 Gbps speed. To configure the port octet speed combination, perform the following steps. 1. Select the Port Admin tab. 2. Select View > Advanced mode. 3. Select the FC Ports tab. 4. In the FC Ports Explorer dialog box, select a port to configure. FIGURE 17 FC Ports Explorer dialog box 5.
Configuring compression and encryption 6 With the CSCTL method of prioritization, there is no need to have explicit traffic segregation, such as QOS_H, QOS_M and QOS_L. The classification is entirely based upon CSCTL database programmed into the ASIC. As the name suggests, CSCTL bits in each frame are used to define the VC number on the transmit port. In order to achieve this kind of classification, Fabric OS v7.0.0 and later provides a CSCTL database table on each chip, capable of storing 256 entries.
6 Configuring compression and encryption NOTE This feature is supported only on 16 Gbps-capable FC platforms and it is not supported in Access Gateway mode. Enabling or disabling encryption To configure encryption for an FC port, perform the following steps. 1. Click Configure > Switch Admin. 2. Select Security Policies tab and then Authentication from the left panel. 3. Select Active or On from the Switch Authentication Policy Mode list.
Forward Error Correction 6 Displaying compression ratio 16 Gbps capable FC platforms that support compression and encryption, also provide the compression ratio. Under Port Admin tab, the FC Ports tab and the General tab of a port display one of the following values for the Compression Ratio: <> Compression is enabled for a port. -- Compression is supported but not configured. N/A Compression is not supported.
6 GigE port modes To provide redundancy, there is one In-Band Management interface per gigabit Ethernet port. This allows the management station on the WAN side of the network to have multiple addresses with which to reach that switch, and allow redundancy in the event one of the gigabit Ethernet ports becomes unreachable for any reason. Communication is handled through external addresses that are configured independently for each In-Band Management interface.
GigE port modes 6 NOTE You must install the FX8-24 DCX Extension Blade in a slot containing 10GE license to configure the mode. 1. Select Port Admin > GigE Ports. 2. Select View > Advanced. 3. Select a slot from the GigE Ports Explorer panel. 4. Select one of the following modes from Mode under the Actions list. - 1G - To enable ge0 through ge9 ports. 10G - To enable xge0 and xge1 ports. Dual - To enable ge0 through ge09 and xge0 ports. 5. Click Yes on the confirmation dialog box.
6 104 GigE port modes Web Tools Administrator’s Guide 53-1002934-02
Chapter 7 Enabling ISL Trunking In this chapter • ISL Trunking overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Disabling or enabling ISL Trunking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Viewing trunk group information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • F_Port trunk groups. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
7 Viewing trunk group information 1. Select a port in the Switch View to open the Port Admin tab. 2. Select the FC Ports tab. 3. From the tree on the left, select the switch name or slot name. 4. From the table, select the port that you want to trunk. You can select multiple ports from the table. You cannot select multiple ports from the tree. 5. Select View > Advanced. 6. Select Trunking > Enable or Disable from the Actions list.
F_Port trunk groups 7 • Utilization (shown only for E_Port, EX-Port, F_Port, and N_Port). Additionally, the following trunking attributes can also be displayed from the Port Admin tab in Advanced mode: • • • • Trunk port state, either master or slave. Master Port Trunk Index (applies only to F_Port trunking). Trunking Enabled F_Port trunk groups F_Port trunking provides extra bandwidth and robust connectivity for hosts and targets connected by switches in Access Gateway mode.
7 F_Port trunk groups The F-Port Trunking dialog box displays. 5. Select one or more ports in the Ports for trunking pane. 6. Click Create Trunk Group. The Select Trunk Index dialog box displays asking you to select a trunk index. 7. Select the trunk index from the list populated with the index for all the ports. A trunk group is created, identified by the trunk index, and containing the ports you selected. 8. Select the trunk group you just created. 9.
Chapter 8 Monitoring Performance In this chapter • Performance Monitor overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Opening the Performance Monitor window . . . . . . . . . . . . . . . . . . . . . . . . . • Creating basic performance monitor graphs. . . . . . . . . . . . . . . . . . . . . . . . • Customizing basic monitoring graphs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Advanced performance monitoring graphs . . . . . . . . . . . . . . . . . . . . .
8 Performance Monitor overview Advanced monitoring The Advanced Monitoring menu is an optionally licensed feature. To utilize the Advanced Monitoring feature, you must have either the Advanced Performance Monitor license or the Fabric Vision license installed and you must log in using an account with an admin, switchadmin, or fabricadmin role, and properly configured user-defined roles.
Performance Monitor overview 8 Predefined performance graphs Web Tools predefines basic graph types to simplify performance monitoring. A wide range of end-to-end fabric, LUN, device, and port metrics graphs are included. Table 11 lists the basic monitoring graphs available. Table 12 lists the advanced monitoring graphs. The advanced monitoring graphs give more detailed performance information to help you manage your fabric.
8 Performance Monitor overview Table 13 lists each graph and indicates the supported port types for each graph. The port selection columns for each graph displays the supported ports.
Performance Monitor overview FIGURE 20 8 Accessing performance graphs User-defined graphs You can modify the predefined graphs to create your own customized graphs (refer to “Customizing basic monitoring graphs” on page 115 for more information). These user-defined graphs can be added and saved to canvas configurations. Canvas configurations A canvas is a saved configuration of graphs. The graphs can be either the Web Tools predefined graphs or user-defined graphs.
8 Opening the Performance Monitor window FIGURE 21 Canvas of six performance monitoring graphs Opening the Performance Monitor window To perform performance monitoring, you must use Web Tools with the EGM license; otherwise, access to this feature is denied and an error messages displays. To open the Performance Monitor window, perform the following steps. 1. Select a switch from the Fabric Tree and log in when prompted. 2. Click Monitor > Performance Monitor. The Performance Monitor window displays.
Customizing basic monitoring graphs 8 3. If prompted, drag the port into the Enter/drag slot,port field, or manually enter the slot and port information in the field, in the format slot,port. NOTE For the Brocade 300, 5100, 5300, 6510, 6520, VA-40FC, 7800 Extension, and the Encryption Switch, enter only a port number. 4. Click OK. The graph is displayed in a window in the Performance Monitor window.
8 Customizing basic monitoring graphs FIGURE 22 Select Ports for customizing the Switch Throughput Utilization graph You can perform the following in the dialog box: a. Double-click the domain to expand the slot or port list. NOTE For the Brocade DCX 8510-8, Brocade DCX 8510-4, and Brocade DCX and Brocade DCX-4S enterprise-class platforms, click the plus signs (+) to expand the ports under each slot, as shown in Figure 22. b.
Advanced performance monitoring graphs 8 Advanced performance monitoring graphs This section describes how to create the advanced performance monitor graphs listed in Table 12 on page 111. Because the procedure for creating these graphs differs depending on the type of graph, each type is described separately in the sections that follow. The advanced monitoring graphs are not supported for GbE ports.
8 Advanced performance monitoring graphs If you selected multiple EE monitors, SIDs, or PIDs, a confirmation dialog box displays, reminding you that one graph is opened for each selection. 7. Click Yes to display the graphs. 8. When you close a graph, a dialog box asks if you want to save the monitor. If you click OK, the monitor is saved, and persists if the switch is restarted. Creating the SCSI vs. IP Traffic graph The SCSI vs. IP Traffic graph displays the SCSI versus IP traffic for selected ports.
Tunnel and TCP performance monitoring graphs 8 The applicable setup dialog box displays. 3. Navigate to a switch > slot > port in the Port Selection List. 4. Click the port from the Port Selection List and drag it into the Enter/drag port field. 5. Optional: For the LUN per port graphs, enter a LUN number, in hexadecimal notation.
8 Saving graphs to a canvas 4. In the Tunnel and TCP area at the bottom of the window, select the required check boxes for the statistic you want to graph. Note that each column represents a different graph. 5. Click Options to set the display options for the graphs. • Range: The range is from 3 through 30 seconds. The X axis is limited to 30 minutes. The graph scale starts with 0 minutes and auto scales to draw the statistics.
Adding graphs to an existing canvas 8 The graphs display in the Performance Monitor window. 3. Select File > Save Current Canvas Configuration. The Save Canvas Configuration dialog box displays. 4. Enter a name and description for the configuration and click Save Canvas. A message displays, confirming that the configuration was successfully saved to the switch. Adding graphs to an existing canvas The following procedure assumes that a canvas is already created.
8 Modifying graphs 1. Open the Performance Monitor window. 2. Select File > Display Canvas Configurations. The Canvas Configuration List displays. A message “No Canvas configuration to display” displays if there are no saved canvas configurations. 3. Select a canvas from the list and click Edit. The Performance Monitor Canvas: Canvas Name dialog box displays. 4. Select a graph from the list and click Edit. NOTE The Edit button is enabled only for the graphs that are configurable or editable. 5.
Chapter 9 Administering Zoning In this chapter • Zoning overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Zoning configurations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Zoning management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Zone configuration and zoning database management. . . . . . . . . . . . . . . • Best practices for zoning. . . . . . . . . . . . . .
9 Zoning configurations LSAN zone requirements An LSAN zone enables device connectivity between fabrics connected in Fibre Channel Routing (FCR) configurations without forcing you to merge fabrics. Extension switches provide multiple mechanisms to manage interfabric device connectivity. Zones that contain hosts and targets that are shared between the two fabrics need to be explicitly coordinated.
Zoning management 9 Setting the default zoning mode The default zoning mode has two options: • All Access—All devices within the fabric can communicate with all other devices. • No Access—Devices in the fabric cannot access any other device in the fabric. NOTE You should not change the default zone mode from No Access to All Access if there is no effective zone configuration and more than 120 devices are connected to the fabric.
9 Zoning management FIGURE 23 Zone Administration window ATTENTION Any changes you make in the Zone Administration window are held in a buffered environment and are not updated in the zoning database until you save the changes. If you close the Zone Administration window without saving your changes, your changes are lost. To save the buffered changes you make in the Zone Administration window to the zoning database on the switch, refer to “Saving local zoning changes” on page 129.
Zoning management 9 The Member Selection List panel displays only physical FC ports. To verify whether you have any unzoned devices, you must use Brocade Network Advisor to analyze zone configurations. In the Member Selection List, you can differentiate between node WWN and port WWN by their icons, as shown in Figure 24 and Figure 25.
9 Zoning management • Ports that are indirect members only because the switch is owned are not displayed. NOTE When no user- defined Admin Domains are present on the switch, AD0 displays the port count. If there are user-defined Admin Domains, AD0 does not show the port count and the user-defined AD displays the port count. Refreshing fabric information This function refreshes the display of fabric elements only (switches, ports, and devices).
Zoning management 9 1. Launch the Zone Administration window as described in “Opening the Zone Admin window” on page 124. 2. Select View > Refresh Zoning or click Refresh. This re-displays the information in the Zone Administration window with the information in the switch’s zoning database. This action also refreshes the fabric information as described in “Refreshing fabric information” on page 128. Any unsaved zoning changes are deleted.
9 Zoning management • Devices Only—Displays a list of the attached and imported physical devices by WWN. You cannot select ports for port-based or mixed zoning schemes, nor can you select virtual initiators for iSCSI FC Zone creation. To define the view of the fabric resource, perform the following steps. 1. Launch the Zone Administration window as described in “Opening the Zone Admin window” on page 124. 2. Select View > Choose Fabric Resources View. 3.
Zoning management 9 Adding and removing members of a zone alias For more information on enabling the configuration, refer to “Enabling zone configurations” on page 138. NOTE When you assign a node WWN to an alias or zone, all of the WWPN’s associated to that Node are also moved. This functionality is supported only for IM0 mode. This behavior is duplicated in Brocade Network Assistant zoning. This functionality is supported only by selecting the node WWN and assigning it to the alias or zone.
9 Zoning management Deleting zone aliases You can remove a zone alias from the Zone Admin buffer. When a zone alias is deleted, it is no longer a member of the zones of which it was once a member. NOTE If you delete the only member zone alias, an error message is issued when you attempt to save the configuration. To delete the zone aliases, perform the following steps. 1. Open the Zone Administration window as described in “Opening the Zone Admin window” on page 124. 2. Select the Alias tab. 3.
Zoning management 9 Note that LSAN zones should contain only port WWN members. The right arrow becomes active. 8. Click the right arrow to add the zone member. The selected member is moved to the Zone Members window. 9. Optional: Repeat steps 7 and 8 to add more elements to your zone. 10. Optional: Click Add Other to include a WWN or port that is not currently a part of the fabric. At this point, you can either save your changes or save and enable your changes. 11.
9 Zoning management 5. In the Rename a Zone dialog box, enter a new zone name and click OK. The zone is renamed in the Zone Admin buffer. 6. Select Zoning Actions > Save Config to save the configuration changes. Cloning zones To perform clone operations for zoning, the EGM license must be installed on the switch; otherwise, access to this feature is denied and an error message displays.
Zone configuration and zoning database management 9 Creating and populating enhanced Traffic Isolation zones An enhanced Traffic Isolation zone (TI zone) is a special zone that creates a dedicated path for a specific traffic flow. When an enhanced TI zone is activated, inter-switch traffic from a zone member is directed to E_Ports that are included in the TI zone. Traffic from outside the TI zone is excluded. A maximum of 255 TI zones can be configured.
9 Zone configuration and zoning database management Zone Configuration: myconfig Zone A Alias 1 Alias 2 WWN 1; WWN 2; WWN 3 WWN 4; Other Elements Zone B Alias 3 Alias 4 WWN 5 WWW 5; WWN 6; WWN7 Other Elements WWW 9 FIGURE 26 Sample zoning database Creating zone configurations To create a zone configuration, perform the following steps. After creating a zone configuration, you must explicitly enable it for it to take effect.
Zone configuration and zoning database management 9 6. Select an element in the Member Selection List that you want to include in your configuration. The right arrow becomes active. 7. Click the right arrow to add configuration members. Selected members are moved to the Config Members window. 8. Repeat steps 6 and 7 to add more elements to your configuration. 9. Select Zoning Actions > Save Config to save the configuration changes.
9 Zone configuration and zoning database management Cloning zone configurations You must use Web Tools with the EGM license to perform cloning operations for zone configurations; otherwise, access to this feature is denied and an error message displays. To clone a zone configuration, perform the following steps. 1. Open the Zone Administration window as described in “Opening the Zone Admin window” on page 124. 2. Select the Zone Config tab. 3.
Zone configuration and zoning database management 9 1. Open the Zone Administration window as described in “Opening the Zone Admin window” on page 124. 2. Select Zoning Actions > Enable Config. 3. On Enable Config, select the configuration to be enabled from the menu. 4. Click OK to save and enable the selected configuration.
9 Zone configuration and zoning database management 2. You can view the current zone configuration name (if one is enabled) in the lower portion of the Switch Events and Switch Information window. If no zone configuration is enabled, the field displays “No configuration in effect”. Viewing detailed information about the enabled zone configuration To view detailed information about the enabled zone configuration, perform the following steps. 1.
Zone configuration and zoning database management 9 3. Enter a WWN value in the WWN field and click OK. The Add WWN dialog box displays all the zoning elements that include the new WWNs. All of the elements are selected by default. 4. Click items in the list to select or clear, and click Add to add the new WWN to all the selected zoning elements. The WWN is added to the Zone Admin buffer and can be used as a member. Different icons are used to differentiate between node WWN and port WWN.
9 Zone configuration and zoning database management Searching for zone members You can search zone member selection lists for specified strings of text. If you know some identifying information about a possible member of a zoning entity, you can select the tab and view for that entity and then search through its member selection list using the Search for Zone Member option.
Best practices for zoning 9 Zone configuration analysis You must use Brocade Network Advisor to analyze the following zone configurations: • • • • Add unzoned devices Remove offline or inaccessible devices Replace offline devices Define device alias Best practices for zoning The following are recommendations for using zoning: • Always zone using the highest Fabric OS-level switch.
9 144 Best practices for zoning Web Tools Administrator’s Guide 53-1002934-02
Chapter 10 Working with Diagnostic Features In this chapter • Trace dumps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Displaying switch information. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Defining switch policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Port LED interpretation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
10 Trace dumps How a trace dump is used The generation of a trace dump causes a CRITICAL message to be logged to the system error log. When a trace dump is detected, issue the supportSave command on the affected switch. This command packages all error logs, the supportShow output, and trace dump, and moves these to your FTP server. You can also configure your switch to automatically copy trace dumps to your FTP server (refer to “Setting up automatic trace dump transfers”).
Displaying switch information 10 1. Open the Switch Administration window. 2. Click Show Advanced Mode, if it is not selected. 3. Select the Trace tab. 4. Select Enable in the Auto FTP Upload section to enable automatic uploading of the trace dump to the FTP host. 5. Click Apply. Disabling automatic trace uploads If automatic uploading of a trace dump is disabled, you must manually upload the trace dump or else the information is overwritten when a subsequent trace dump is generated.
10 Displaying switch information FIGURE 27 Temperature Sensor States window Viewing detailed fan hardware status The icon on the Fan button indicates the overall status of the fans. For more information about the switch fan, refer to the appropriate hardware documentation. You can display status information about the fans, as shown in Figure 28. FIGURE 28 Fan States window The Fan No. column indicates either the fan number or the fan FRU number, depending on the switch model.
Displaying switch information 10 The detailed fan status for the switch displays, as shown in Figure 28. Viewing the temperature status The icon on the Temp button indicates the overall status of the temperature. For more information regarding switch temperature, refer to the appropriate hardware documentation. To view the temperature status, perform the following steps. 1. Select a logical switch from the Logical Switch list in the top-right corner of the Switch Explorer window.
10 Displaying switch information If no data is available from a switch, the most recent background color remains displayed. Any error-based status messages that is based on a per time interval cause the status to show faulty until the entire sample interval has passed. If the switch status is marginal or critical, information on the trigger that caused that status displays in the Switch Information view. Click the Status button to display a detailed, customizable switch status report, shown in Figure 30.
Defining switch policy 10 4. Optional: Hold the pointer on the Action bar and click an action to perform one of the following options: • • • • • Refresh the information displayed in the report Customize the report View the data in raw XML format View the style sheet for the report View the XML schema for the report Defining switch policy The Switch Status Policy dialog box lets you define the values for what you consider a healthy switch.
10 Port LED interpretation FIGURE 31 Switch Status Policy dialog box 3. Configure the numerical and percentage values to conform to your definition of a healthy switch. For the selected row, the corresponding field description is displayed in the panel below. 4. Optional: Right-click a row in the table to access options to copy the values to your clipboard, or to export the values to a file. 5. Click OK.
Chapter 11 Using the FC-FC Routing Service In this chapter • Fibre Channel Routing overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Supported switches for Fibre Channel Routing . . . . . . . . . . . . . . . . . . . . . . • Setting up FC-FC routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • FC-FC routing management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Viewing EX-Ports . . . . . . . . . . . . . . . .
11 Supported switches for Fibre Channel Routing VEX-Port A virtual port that enables routing functionality through an FCIP tunnel. A VEX-Port is similar to an EX-Port.
FC-FC routing management 11 FC-FC routing management You can perform Fibre Channel Routing operations using Web Tools, Web Tools with the EGM license, and Integrated Routing license. You can manage FC-FC Routing through the FC Routing module. The FC Routing module has tabbed panes that display EX-Ports, LSAN fabrics, LSAN zones, LSAN devices, and general FCR information. NOTE From Fabric OS v7.0.1, Integrated Routing (IR) license is not required to configure a port as EX_Port with Brocade NOS mode.
11 Viewing EX-Ports 1. Select a logical switch from the Logical Switch list in the top-right corner of the Switch Explorer window. The selected switch displays in the Switch View. 2. Click Configure > FCR. The FC Routing module displays. If FC-FC Routing is disabled, a message to that effect displays on all the tabs in the module. Viewing and managing LSAN fabrics The LSAN Fabric tab displays all the LSAN fabrics visible to your switch, in both a tabular and tree form.
Configuring an EX-Port 11 • Enable or disable trunking • Configure router port cost ATTENTION During EX-Port configuration, the port is automatically disabled, and then re-enabled when the changes are applied. Be sure that you do not physically connect a port to a remote fabric before configuring it as an EX-Port; otherwise, the two fabrics merge and you lose the benefit of Fibre Channel Routing. You can enable or disable multiple ports at one time.
11 Configuring FCR router port cost NOTE If you decide to configure a disabled port, the wizard provides the Enable Port after configuration check box. If you select this check box, the disabled port is automatically enabled after configuration. If you leave this box cleared, the port remains in the same state after configuration. Configuring FCR router port cost In FCR, EX-Ports can be assigned router port cost. The cost of the link is a positive number.
Configuring the backbone fabric ID 11 Click the Physical Devices or Proxy Devices element in the tree to see a detailed list of the physical or proxy devices. Click the device name in the tree for more detailed information about a specific device. Configuring the backbone fabric ID Web Tools automatically disables FC-FC Routing before setting the fabric ID. You should manually enable FCR after setting backbone FID. However, you must first disable all of the EX-Ports before you begin this operation.
11 160 Configuring the backbone fabric ID Web Tools Administrator’s Guide 53-1002934-02
Chapter 12 Using the Access Gateway In this chapter • Access Gateway overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Viewing Switch Explorer for Access Gateway mode. . . . . . . . . . . . . . . . . . . • Access Gateway mode. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Enabling Access Gateway mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Disabling Access Gateway mode . . . . . . . . . . . . . . .
12 Access Gateway mode FIGURE 32 Switch Explorer view for Access Gateway mode The Access Gateway mode Switch Explorer is divided into the following areas: • • • • • • Menu bar Switch View buttons Switch View, Port Admin, and Access Gateway Devices tabs Switch Events and Access Gateway information Indicator bar Professional Management Tool offering Access Gateway mode The Access Gateway feature on the Brocade Encryption switch enables interoperability with the Cisco fabrics.
Enabling Access Gateway mode 12 Restricted access in the Port Admin tab When Access Gateway mode is enabled, the following options can be configured in access gateway mode: • Port Configuration Policy — You can select Auto or Advanced mode (default mode). When auto mode is selected, options like Trunking, Configure N-Port Groups, Configure F-N Port Mappings, and N Port configuration are disabled. • Trunking — Enabling and Disabling of N_Port trunking is disabled.
12 Disabling Access Gateway mode Disabling Access Gateway mode To disable Access Gateway mode, perform the following steps. 1. Select a switch. 2. Click Configure > Switch Admin. The Switch Administration dialog box displays. 3. Click Disable in the Access Gateway Mode section. 4. Click Apply. 5. Click Yes to restart the device in native switch mode. Viewing the Access Gateway settings You can view the effective Access Gateway settings for the selected switch. The view can be customized.
Port configuration 12 To create port groups, perform the following steps. 1. Click a port in the Switch View to open the Port Admin tab. 2. Select Advanced from Configure > Port Configuration Policy. 3. Select a port or ports to configure. 4. Select Configure N-Port Groups from the Actions list. NOTE Configure N-Port Groups is unavailable if you select Automatic from the Port Configuration Policy. 5. In the Port Group Configuration dialog box, click Add. The Add Port Group window displays. 6.
12 Port configuration 9. Click Failback Enable. A confirmation dialog box displays. 10. Click Yes to enable failback to all the ports in the port group or click No if you do not want to enable failback. 11. Click Failback Disable. A confirmation dialog box displays. Click Yes to disable failback to all the ports in the port group or click No if you do not want to disable failback. 12.
Port configuration 12 Defining custom static F-N port mapping In Fabric OS v7.0.0 and later, the Static F port mapping and Static N port mapping columns have been added to the Port Admin GUI to display static mapping information. NOTE Static mappings and custom WWN-N port mappings are mutually exclusive. To manually change static F-N port mappings, perform the following steps. 1. Click a port in the Switch View to open the Port Admin tab. 2. Click the FC Ports tab. 3.
12 Access Gateway policy modification Access Gateway policy modification Although you can control a number of policies on switches in Access Gateway mode, Web Tools only provides the ability to enable and disable the policies. For more information on these policies please refer to Access Gateway Administrator’s Guide. Path Failover and Failback policies The Path Failover and Failback policies determine the behavior of the F_Port if the primary mapped N_Port they are mapped to goes offline or is disabled.
Access Gateway policy modification FIGURE 33 12 Access Gateway Auto Rebalancing 5. Click Refresh. 6. Under the Access Gateway Mode section, do the following: • Select the N Port Auto Rebalancing check box to enable N_Port rebalancing. • Select F Port Auto Rebalancing check box to enable F_Port rebalancing. • Click Manual Balancing and a confirmation dialog box displays. Click Yes to change F Port-N Port Mapping or click No to cancel the changes. 7. Click Apply to apply the changes.
12 170 Access Gateway policy modification Web Tools Administrator’s Guide 53-1002934-02
Chapter Administering Fabric Watch 13 In this chapter • Fabric Watch overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 171 Fabric Watch overview Fabric Watch is an optional Brocade licensed feature that monitors the performance and status of switches. Fabric Watch can automatically alert you when problems arise, before they become costly failures. NOTE If you do not own the switch, Fabric Watch is view-only.
13 172 Fabric Watch overview Web Tools Administrator’s Guide 53-1002934-02
Chapter Administering Extended Fabrics 14 In this chapter • Extended link buffer allocation overview . . . . . . . . . . . . . . . . . . . . . . . . . . . 173 • Configuring a port for long distance. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 176 Extended link buffer allocation overview If the link is used over long distances, use the Extended Fabric tab of the Switch Administration window to configure the long-distance setting of a port.
14 Extended link buffer allocation overview • Buffer Needed—The number of buffers needed. You can edit the buffer needed for LD and LS modes. When you change Buffer Needed value, Frame Size and Desired Distance(km) value cannot be changed. • Buffer Allocated—The number of buffers actually allocated. • Frame Size—The size of the frame. When you edit the frame size value, the desired distance value can also be changed for LD and LS modes and vice versa. But the buffer value cannot be changed.
Extended link buffer allocation overview FIGURE 34 14 Extended Fabric tab For the Brocade DCX, DCX-4S, DCX 8510-4, and DCX 8510-8 the slots for CPs are not available. The Brocade Encryption Switch and the FS8-18 Encryption blade support auto-negotiated link speeds of 1, 2, 4, and 8 Gbps. TABLE 15 Long-distance settings and license requirements Value Description Extended Fabrics License Required? L0 No long-distance setting is enabled.
14 Configuring a port for long distance TABLE 15 Long-distance settings and license requirements (Continued) Value Description Extended Fabrics License Required? LD Dynamic setting is enabled. Buffer credits for the given E_Port are dynamically configured based on the actual link distance, as long as this is less than the desired distance. If the actual link distance exceeds the desired distance, the desired distance is used to allocate the buffers.
Configuring a port for long distance • • • • 14 If the port capability is 4 GB, type a number between 10 and 125, inclusive. If the port capability is 2 GB, type a number between 10 and 250, inclusive. If the port capability is 1 GB, type a number between 10 and 500, inclusive. For the Brocade 6510, Brocade 6520, Brocade DCX 8510-8 and Brocade DCX 8510-4, the buffer credits are 10 through X; where X is proportional to the available buffers.
14 178 Configuring a port for long distance Web Tools Administrator’s Guide 53-1002934-02
Chapter 15 Routing Traffic In this chapter • Routing overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Viewing fabric shortest path first routing. . . . . . . . . . . . . . . . . . . . . . . . . . . • Configuring dynamic load sharing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Specifying frame order delivery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Configuring the link cost for a port. . . . . . . . .
15 Viewing fabric shortest path first routing FIGURE 35 Routing tab Viewing fabric shortest path first routing The Routing tab of the Switch Administration window displays information about routing paths. To view the fabric shortest path first routing, perform the following steps. 1. Open the Switch Administration window as described in “Opening the Switch Administration window” on page 33. 2. Select the Routing tab. 3.
Configuring dynamic load sharing 15 Configuring dynamic load sharing The exchange-based routing policy depends on the Fabric OS dynamic load sharing feature (DLS) for dynamic routing path selection. When this policy is in force, DLS is always enabled and cannot be disabled. When the port-based policy is in force, you can enable DLS to optimize routing. When DLS is enabled, it shares traffic among multiple equivalent paths between switches.
15 Specifying frame order delivery You can enable this loss less feature from WT. If you try to enable loss less when DLS is OFF, an error message displays. To enable or disable loss less DLS, perform the following steps. 1. Open the Switch Administration window as described in “Opening the Switch Administration window” on page 33. 2. Select the Routing tab. 3. Select On in the Loss Less area to enable the mode, or select Off to disable dynamic load sharing.
Configuring the link cost for a port 15 Every ISL has a default cost that is inversely proportional to its bandwidth. Use this procedure to set a non-default, “static” cost for any port. 1. Open the Switch Administration window as described in “Opening the Switch Administration window” on page 33. 2. Select the Routing tab. 3. This step is switch-specific: - For the Brocade DCX and DCX-4S enterprise-class platforms, click the slot number of the logical switch under Link Cost in the navigation tree.
15 184 Configuring the link cost for a port Web Tools Administrator’s Guide 53-1002934-02
Chapter 16 Configuring Standard Security Features In this chapter • User-defined accounts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • User-defined roles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Access control list policy configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Fabric-Wide Consistency Policy configuration . . . . . . . . . . . . . . . . . . . . . . .
16 User-defined accounts Access rights for any user session are determined by the user’s role-based access rights. Refer to Chapter 1, “Introducing Web Tools” for additional information about Role-Based Access Control (RBAC). The User tab of the Switch Administration window (Figure 36 on page 187) displays account information. You can create and manage accounts depending on your role. The roles and permissions are listed in Table 16.
User-defined accounts FIGURE 36 16 User tab Viewing user account information To view user account information, perform the following steps. 1. Open the Switch Administration window as described in “Opening the Switch Administration window” on page 33. 2. Select the User tab. A list of the default and user-defined accounts displays. If you are logged in using the switchadmin role, only your account information displays.
16 User-defined accounts FIGURE 37 Add User Account dialog box (VF) FIGURE 38 Add User Account dialog box (AD) 4. Enter the user name.
User-defined accounts 16 The user name must begin with an alphabetic character. The name can be up to 40 characters long. It is case-sensitive and can contain alphabetic and numeric characters, the dot (.) and the underscore (_). It must be different from all other account names on the logical switch. 5. Select a role from the drop-down menu. For VF-enabled switches, the selection is done per logical fabric ID. (Refer to “Role-Based Access Control” on page 13 for information about these roles.) 6.
16 User-defined accounts Deleting user-defined accounts To delete user-defined accounts, perform the following steps. 1. Open the Switch Administration window as described in “Opening the Switch Administration window” on page 33. 2. Select the User tab. 3. Select the account to remove and click Remove. 4. Click Apply to save your changes. You cannot delete the default accounts. An account cannot delete itself. All active command line interface (CLI) sessions for the deleted account are logged out.
User-defined accounts 16 8. Check the available Admin Domains that the user can access. Only Admin Domains that have already been created and are accessible to you display. If all the Admin Domains in the list are inactive then you cannot log in to the switch. NOTE The All option does not mean all of the listed Admin Domains; it means all Admin Domains from AD0 through AD255, regardless of whether they were already created.
16 User-defined accounts 1. Open the Switch Administration window as described in “Opening the Switch Administration window” on page 33. 2. Select the User tab. 3. Select the account to modify. If you are logged in as a switchadmin, you can only change the password of your own account. 4. Click Change Password. The Set User Account Password dialog box displays. 5. Enter the current password of the account. This step is required only if you are changing the password of your own or a peer admin account. 6.
User-defined roles 16 6. Click OK to close the dialog box. 7. Click Apply to save your changes. Setting a password as expired To set a password as expired, perform the following steps. 1. Open the Switch Administration window as described in “Opening the Switch Administration window” on page 33. 2. Select the User tab. 3. Select the account. 4. Click Expire Password. If the button is unavailable, the password is already expired. 5. Click Apply to save your changes.
16 User-defined roles Guidelines and restrictions Follow these guidelines and restrictions when creating and configuring user-defined roles: • In order for the user-defined role to be able to edit the Port Admin and FCR configuration, you must assign the RBAC_SwitchPortManagement and RBAC_SwitchPortConfiguration RBAC classes to the role. • In order for the user-defined role to be able to set the Fabric ID, you must assign the RBAC_FabricRouting and RBAC_SwitchConfiguration RBAC classes to the role.
User-defined roles FIGURE 39 16 Switch Admin: Add User Defined Role dialog box 5. Enter a role name in the Name field. 6. Enter a description of the role in the Description field. 7. To grant the role a read/write privilege, select the privilege and click the right arrow next to the Read & Write Privileges section. You can select multiple privileges. 8. To grant the role a read privilege, select the privilege and click the right arrow next to the Read Privileges section.
16 Access control list policy configuration The Switch Admin: Edit User Defined Role dialog box displays. FIGURE 40 Switch Admin: Add User Defined Role dialog box 6. To grant the role a read/write privilege, select the privilege and click the right arrow next to the Read & Write Privileges section. You can select multiple privileges. 7. To grant the role a read privilege, select the privilege and click the right arrow next to the Read Privileges section. You can select multiple privileges. 8.
Access control list policy configuration 16 Virtual Fabrics considerations ACL policies can be implemented at the logical switch/logical fabric level. Admin Domain considerations ACL management can be done on AD255 and in AD0 only if there are no other user-defined Admin Domains. Both AD0 (when no other user-defined Admin Domains exist) and AD255 provide an unfiltered view of the fabric. If there are user defined Admin Domains, then ACL management can be done on AD255 only.
16 Access control list policy configuration 3. Select the Security Policies tab. 4. Select a policy by clicking on the appropriate tab. 5. Click Edit. This launches the ACL Policy Configuration wizard. 6. Select the policy type you want to edit. 7. Click Next and click Modify. 8. Select a switch or highlight multiple switches to add to the policy by clicking Add or Add All. 9. Select a switch or highlight multiple switches to remove a policy by clicking Remove. 10.
Access control list policy configuration 16 Distributing an SCC, DCC, or FCS policy Perform this procedure to distribute an SCC, DCC, or FCS policy. NOTE SCC and DCC policy can be distributed only for a primary switch. To distribute an SCC, DCC, or FCS policy, perform the following steps. 1. Open the Switch Administration window as described in “Opening the Switch Administration window” on page 33. 2. Select the Security Policies tab. 3. Select the appropriate tab (SCC, DCC, or FCS). 4.
16 Fabric-Wide Consistency Policy configuration • WWNs—Allows only selected WWNs to log in to the fabric through that F_Port. NPIV-capable device port WWN’s can also be added to the allowed list of device port WWN’s for the particular F_Port. When the ADS policy is enabled first time, all the F_Ports are set to All Access and all the devices are allowed to log in to fabric. This configuration persists for subsequent logins from all devices.
Authentication policy configuration 16 • Tolerant • Strict NOTE You can change the consistency behaviors of SCC, DCC, or FCS policy only for a primary switch. 5. Click Apply. 6. Click Yes to accept the changes. NOTE If the switch is not a primary switch, an error message dialog box displays. 7. Click No to discard the changes and click Refresh in the FWCP Configuration window to manually refresh the window. 8. Click Close.
16 Authentication policy configuration 7. Optional: Set the device authentication policy mode to either off or passive and click Apply. Configuring authentication policies for F_Ports To configure authentication policies for F_Ports, perform the following steps. 1. Open the Switch Administration window and click Show Advanced Mode, if not selected. 2. Select the Security Policies tab. 3. Select Authentication on the Security Policies menu. 4. In the Authentication Type field, select DHCHAP.
Authentication policy configuration 16 Setting a shared secret key pair DH-CHAP requires a shared secret key pair between two entities to authenticate with each other. A key pair consists of a local secret and a peer secret. The local secret identifies the local switch. The peer secret identifies the entity to which the local switch may authenticate. To set a shared secret key pair, perform the following steps. 1.
16 SNMP configuration 3. Select Authentication on the Security Policies menu. 4. Use the Switch Policy Authentication Mode option to select the authentication policy. SNMP configuration This section describes how to manage the configuration of the SNMP agent in the switch. The configuration includes SNMPv1 and SNMPv3 configuration, accessControl, and systemGroup configuration parameters. Access is read-only if you do not have admin or security admin authority.
SNMP configuration 16 1. Open the Switch Administration window as described in “Opening the Switch Administration window” on page 33. 2. Select the SNMP tab. 3. Double-click a community string in the SNMPv1 section and enter a new community string. 4. Double-click a recipient IP address in the SNMPv1 section and enter a new IP address. 5. Click Apply. Setting SNMPv3 configuration parameters NOTE The port number is not included. To set SNMPv3 configuration parameters, perform the following steps. 1.
16 RADIUS management NOTE The list is scrollable. If you do not see your user name, scroll down using the scroll bar or by clicking the Access Host heading. 4. Select a permission for the host from the Access Control List menu. Options are Read Only and Read Write. 5. Click Apply. RADIUS management Fabric OS supports RADIUS authentication, authorization, and accounting service (AAA). When configured for RADIUS, the switch becomes a Network Access Server (NAS) that acts as a RADIUS client.
RADIUS management 16 1. Open the Switch Administration window as described in “Opening the Switch Administration window” on page 33. 2. Select the AAA Service tab. 3. To enable RADIUS, select RADIUS from the Primary AAA Service drop-down menu. 4. Select None, Switch Database when RADIUS Login Failed, or Switch Database when RADIUS Login Timeout from the Secondary AAA Service menu.
16 RADIUS management Modifying the RADIUS server To change the parameters of a RADIUS server that is already configured, perform the following steps. 1. Open the Switch Administration window as described in “Opening the Switch Administration window” on page 33. 2. Select the AAA Service tab. 3. Select a RADIUS server from the RADIUS Configuration list. 4. Click Modify. The RADIUS/ADLDAP/TACACS+ Configuration dialog box displays. 5.
Active Directory service management 16 5. Click Apply in the AAA Services tab. A confirmation displays, warning you that you are about to remove the selected RADIUS server. 6. Click Yes in the confirmation. Active Directory service management Active Directory is the directory server that holds all the user profiles. Active Directory provides user authentication and authorization using LDAP as authentication protocol. Active Directory provides better security while using remote authentication mechanism.
16 TACACS+ management 6. Click OK to return to the AAA Service tab. 7. Click Apply. Removing Active Directory service To remove an Active Directory server, perform the following steps. 1. Open the Switch Administration window as described in “Opening the Switch Administration window” on page 33. 2. Select the AAA Service tab. 3. Select a server from the ADLDAP Configuration list. 4. Click Remove. NOTE The server is not deleted until you apply the changes from the AAA Services tab. 5.
TACACS+ management 16 Configuring TACACS+ To enable TACACS+, perform the following steps. 1. Open the Switch Administration window as described in “Opening the Switch Administration window” on page 33. 2. Select the AAA Service tab. 3. Click Add to configure TACACS+ service. 4. Select TACACS+ from Server Type. 5. Enter the Server, Port, Timeout(s), Secret String details in the appropriate fields. 6. Select CHAP or PAP from the Authentication list. 7. Click OK.
16 IPsec concepts A confirmation dialog box displays, warning you that you are about to remove the selected server. 6. Click Yes in the confirmation dialog box. IPsec concepts Internet Security Protocol (IPsec) is a set of open standards that provide cryptographic security services for IP networks. Several protocols are available for providing authentication and secure transmission of data.
IPsec concepts 16 Transport mode and tunnel mode Transport mode adds an authentication header (AH) before the IP header. Only a single pair of addresses is used (those in the IP header). When transport mode is used, both endpoints implement IPsec. Tunnel mode encapsulates an IP datagram in a new datagram, with a new IP header specifying the addresses of the tunnel end points. IPsec is implemented between tunnel endpoints.
16 IPsec concepts FIGURE 42 AH header in transport mode and tunnel mode Encapsulating Security Payload ESP provides authentication, and also provides privacy by encrypting the IP datagram. The use of an ESP header is similar to the use of the AH header. A hash algorithm is used to calculate an authentication value, the authentication value is sent in an IP datagram, and the same hash algorithm is used by the receiver to verify the authentication value.
IPsec concepts 16 Endpoint to Endpoint In an endpoint to endpoint configuration, both endpoints implement IPsec. Transport mode is commonly used in endpoint to endpoint configurations, and only a single pair of addresses is used. Typically, this kind of configuration would be used for direct communication between hosts. There are two drawbacks to consider: • If network address translation (NAT) is used on the connection, one or both endpoints may be behind a NAT node.
16 IPsec concepts Encryption algorithms An encryption algorithm is used to encrypt messages used in the IKE negotiation. Table 18 lists the available encryption algorithms. A brief description is provided. If you need further information, please refer to the RFC. TABLE 18 Encryption algorithm options Encryption algorithm Description RFC number 3des_cbc 3DES processes each block three times, using a unique 56-bit key each time. RFC 2451 null_enc No encryption is performed.
IPsec concepts 16 SA lifetime The SA lifetime may be defined as the number of bytes transmitted before the SA is rekeyed, or as a time value in seconds, or both. When both are used, the SA lifetime is determined by the threshold that is first reached. Whenever an SA lifetime expires, the security association (SA) is renegotiated and the key is refreshed or regenerated. For example, if a 200 MB file is transferred with a 100 MB lifetime, at least two keys are generated.
16 IPsec over management ports IPsec over management ports IPsec can be applied to the management port on a switch or a CP blade to establish a secure connection between a PC or workstation and Web Tools. The connection can be used as a virtual private network (VPN) interface to Web Tools. At a high level, the steps to take are: • • • • • • • Access the Ethernet IPsec Policies dialog box. Enable IPsec. Create an IKE policy for authentication. Create an security association (SA). Create an SA proposal.
IPsec over management ports 7. 16 Select the Hash Algorithm option. 8. Select the PRF Algorithm option. 9. Select the DH Group Number option. 10. Select the Authentication Method option. 11. If PSK is chosen as the authentication method, enter the name of the file that holds the pre-shared key in the Pre-Shared Key filename field. 12. If you are using an X.
16 IPsec over management ports • • • • • • The IKE hash algorithm. The Diffie-Hellman group number. The IKE SA lifetime. The IP addresses of the endpoints. The IPsec protocol (AH or ESP). The IPsec Transform policy. To create an SA proposal, perform the following steps. 1. Select the SA Proposal tab on the IPsec Policies window. 2. Select Add. The Add-SA Proposal dialog box displays. 3. Enter a name in the SA Proposal Name field. 4. Enter the SAs in the SA(s) to use field. 5.
IPsec over management ports 16 6. Select the IPsec Protection Type option. 7. Select the IKE Policy Name option. IKE policies need to be created before adding a transform policy. If there are no names to select from, you must create an IKE policy. 8. Optional: Enter a local and peer IP address. 9. Click OK. Adding an IPsec selector Selectors are used to apply transform policies to an IP flow. Flows are uni-directional.
16 IPsec over management ports 3. Enter a security parameter index number in the SPI (Hexadecimal) field. The SPI must be manually applied when manually adding an SA. 4. Enter the IP address of the endpoint that sends the SA in the Source IP Address field. 5. Enter the IP address of the endpoint that receives the SA in the Peer IP Address field. 6. Select the protocol used to carry the transmission using the Protocol Name selector. 7. Select the Traffic Flow Direction (in or out).
Establishing authentication policies for HBAs 16 Deleting an IKE or IPsec policy You can delete one or more IKE or IPsec policies. To delete an IKE or IPsec policy, perform the following steps. 1. Open the Switch Administration window. 2. Select Show Advanced Mode. 3. Select the Security Policies tab. 4. Under Security Policies, select Ethernet IPsec or Ethernet IPsec. 5. Select the policy or policies you want to delete. 6. Select Delete.
16 Establishing authentication policies for HBAs 10. Enter the shared secret for switch in the Local Shared Secret and Confirm Local Shared Secret fields. 11. Click Add. An entry is added in the Switch WWN box. 12. Click OK. 13. Add more shared secrets, if needed.
Chapter 17 Administering FICON CUP Fabrics In this chapter • FICON CUP fabrics overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Enabling port-based routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Enabling or disabling FICON Management Server mode . . . . . . . . . . . . . . • FMS parameter configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Displaying code page information . . . . . . . . . . . . .
17 Enabling port-based routing • Enable FICON Management Server (FMS) mode on the FICON director. • Install a FICON CUP license on the Brocade switch. • Configure CUP attributes (FMS parameters) for the FICON director. FMS mode enable failed due to ports with areas 0xFE or 0xFF are connected to devices. You can use Web Tools for all of these tasks.
Enabling or disabling FICON Management Server mode 17 Enabling or disabling FICON Management Server mode FICON Management Server (FMS) is used to support switch management using CUP. To be able to use the CUP functionality, all switches in the fabric must have FICON Management Server mode (FMS mode) enabled. FMS mode is a per-switch setting. After FMS mode is enabled, you can activate a CUP license without restarting the director. You can use Web Tools to install a CUP license.
17 FMS parameter configuration TABLE 20 FMS mode parameter descriptions Parameter Description Programmed Offline State Control Controls whether host programming is allowed to set the switch offline. The parameter is set as enabled by the hardware after system installation, and can be reset by Web Tools. Active=Saved Mode Controls the IPL file update. The IPL file saves port connectivity attributes and port names.
Displaying code page information 17 3. Select the FICON CUP tab. The FICON CUP page displays the FICON Management Server page. All attributes on this page are read-only until FMS mode is enabled. 4. To enable or disable an FMS mode parameter, click the check box next to the parameter. A checked check box indicates that the parameter is enabled. You cannot configure the User Alert Mode parameter in Web Tools, as it is read-only.
17 Allow / Prohibit Matrix configuration • • • • • Mode Register Port Names (also called Port Address Name) Allow/Prohibit Matrix and Port Connectivity Attributes Switch enable/disable Switch name change To access the FICON CUP tab, perform the following steps. 1. Select a FICON-enabled switch from the Fabric Tree. 2. Open the Switch Administration window as described in “Opening the Switch Administration window” on page 33. 3. Select the FICON CUP tab.
Allow / Prohibit Matrix configuration 17 The Port Connectivity table (shown in Figure 45 on page 233) displays the Port number (in physical-location format), Port Name (port address name), Block attribute, Prohibit attribute, and Area Id (port address, displayed in hexadecimal) in fixed columns. The right side is a port matrix, that lists all ports by Area ID and identifies prohibited ports. Those columns are scrollable and swappable.
17 Allow / Prohibit Matrix configuration The Allow / Prohibit Matrix Configuration dialog box displays all ports and port names on the selected switch (similar to the dialog box shown in Figure 45). The Block column, Prohibit column, and prohibited ports matrix are displayed as empty, for you to configure. • To edit an existing configuration, click the configuration, and then click Edit.
Allow / Prohibit Matrix configuration FIGURE 45 17 Allow / Prohibit Matrix Configuration dialog box Activating an Allow / Prohibit Matrix configuration When you activate a saved Allow / Prohibit Matrix configuration on the switch, the preceding configuration (currently activated) is overwritten. To activate an Allow / Prohibit Matrix configuration, perform the following steps. 1. Open the Allow / Prohibit Matrix configuration list. 2. Select the saved configuration from the list. 3. Click Activate.
17 CUP logical path configuration 3. Click Copy. The Allow / Prohibit Matrix Configuration dialog box displays. 4. In the dialog box, enter a name and description for the new configuration and click OK to save the configuration to the target file; click Cancel to cancel copying the configuration. The file name must be in alphanumeric characters and can contain only dashes or underscores as special characters.
Link Incident Registered Recipient configuration 17 The FICON CUP page displays the FICON Management Server page in front. All attributes on this page are read-only until FMS mode is enabled. 5. Click the CUP Logical paths subtab. 6. Select a logical path and click Set Current. Link Incident Registered Recipient configuration The Link Incident Registered Recipient (LIRR) receives Link Incident Reports (RLIR) on the source N_Port. The LIRR database is stored on the switch.
17 Displaying Request Node Identification Data Displaying Request Node Identification Data Web Tools displays Request Node Identification Data (RNID) information for the local switch, and for attached FICON devices and FICON channel paths. RNID information for the switch displays in the Switch Information tab (Figure 46). FIGURE 46 Switch RNID information RNID information for attached FICON devices and channel paths displays on the Name Server view.
Chapter 18 Configuring FCoE with Web Tools In this chapter • Web Tools and FCoE overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Web Tools, the EGM license, and Brocade Network Advisor . . . . . . . . . . . • Switch administration and FCoE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • FCoE configuration tasks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Quality of Service configuration . . . . . . . . . . . . . . . .
18 Web Tools, the EGM license, and Brocade Network Advisor Web Tools, the EGM license, and Brocade Network Advisor Beginning with Fabric OS version 6.1.1, Web Tools functionality is tiered and integrated with Brocade Network Advisor. If you are migrating from a Web Tools release prior to Fabric OS version 6.1.1, this may impact how you use Web Tools. A Web Tools license is not required, and a basic version of Web Tools is available for free.
FCoE configuration tasks 18 • QoS • LLDP-DCBX FIGURE 47 Switch Administration DCB subtabs FCoE configuration tasks There are several tasks related to FCoE configuration. The following list describes the high level tasks in a suggested order: • Quality of Service (QoS) configuration (optional)—If you intend to implement a specific QoS scheme to prioritize data traffic, it is recommended that you finish your QoS configuration before you begin port configuration.
18 Quality of Service configuration Editing the DCB map The DCB map defines priority and priority group tables that support Enhanced Transmission Selection (ETS). ETS allows bandwidth to be allocated based on priority settings through an exchange of priority group tables. To edit the DCB map, perform the following steps. 1. Select the DCB tab on the Switch Administration window. 2. Select the QoS tab. 3. Select the DCB Map tab. 4. Select the default DCB map, and click Edit.
LLDP-DCBX configuration 18 NOTE This dialog box has the same structure as the Priority Group Map in the DCB Configuration dialog box. The default CoS-to-traffic class structure is based on IEEE 802.1Q recommendations, as in the default Priority Group Map. 5. Enter a name for the traffic class map in the Name field. 6. Select the Traffic Class that you want to assign to the CoS priority. 7. Click OK.
18 LLDP-DCBX configuration 10. In the FC0E Priority Bits field, enter a value that indicates the desired user priority. Each bit represents a user priority associated with FCoE traffic. The range of valid values is from 0 through 255. The default is 8. Even though setting multiple bits is allowed (exercising the full range of values), it doesn't make sense to set more than one bit, because adapters don't support multiple priorities for FCoE.
Configuring DCB interfaces 18 The LLDP Configuration dialog box displays. 5. Enter a name for the configuration in the Name field. 6. Optionally, add a description in the Description field. 7. Select the Mode. For Mode, the choices are Tx (transmit), Rx, (receive) or Both. The default is Both. 8. In the Hello field, enter a time value in seconds. The Hello value sets the interval between hello bridge protocol data units sent by the root switch configuration messages. The range is 4 to 180 seconds.
18 Configuring a link aggregation group 1. Select the DCB Interfaces tab on the Port Admin tab. 2. Select the port you want to configure under the DCB Interface Explorer. 3. Select the General tab. 4. Click Edit. The DCB Edit Configuration dialog box displays. 5. Select the Interface Mode. The options are None and L2. The default option is None. If you intend to use this port in a Link Aggregation Group (LAG), select None. L2 mode is applied when you configure the LAG. 6. Select the L2 Mode.
Configuring VLANs 18 3. Click Add. The Add LAG Configuration dialog box displays. NOTE Only ports that you defined with an Interface Mode of None can be a LAG Member. 4. Click the Add arrow button to move the interfaces to the Selected List. 5. Select the Mode. The choices are Static and Dynamic. Static mode does not use Link Aggregation Control Protocol (LACP) to negotiate and manage link aggregation. Link participation in the LAG is determined by the link’s operational status and administrative state.
18 Configuring FCoE login groups 4. Specify a VLAN ID. The format is VLAN. In this Fabric OS release, no bridge instances are supported, so the bridge number is always 0, and the value under Bridge is statically defined as VLAN0. The is an integer from 1 to 3583, that must be entered in the ID field. 5. Select the Native check box to add all the converged interfaces added in the present operation as native to a VLAN.
Displaying FCoE port information 18 • Self — WWN of your current switch • Other Switch WWN If you choose Other Switch WWN, you must enter the WWN of that switch in the provided field. 6. Under Login Member Configuration, select either Allow All Members or Allow Specific Member. • If you select Allow All Members, all devices attached to FCoE ports are allowed to log in to the switch.
18 Displaying LAG information The Connected Devices tab displays information about devices connected to the switch (Figure 48). Six columns of information are displayed: • • • • Device WWN displays the WWN of the connected device. Device MAC displays the MAC address of the connected device. Connected Peer Type displays the port type on the connected device. Is Directly Connected indicates whether or not the device is directly connected to the trunk. • FCoE Port MAC displays the FCoE port MAC address.
Displaying LLDP-DCBX information 18 From the QoS tab, you can select the DCB Map tab to display DCB map information, or select the Traffic Class Map tab to display traffic class maps information. Displaying LLDP-DCBX information To display LLDP-DCBX information, perform the following steps. 1. Select the DCB tab on the Switch Administration window. 2. Select the LLDP-DCBX tab. • To display global settings, select the Global tab. • To display LLDP profile information, select the LLDP Profile tab.
18 Configuring a DCB interface from the Port Admin panel Configuring a DCB interface from the Port Admin panel DCB interfaces can be enabled and disabled from the Port Admin tab. To enable or disable a DCB interface from the Port Admin tab, perform the following steps. 1. Select the DCB Interfaces tab on the Port Admin tab. 2. Under the DCB Interface Explorer, select the port you want to enable or disable. 3. Select the General tab.
Enabling and disabling FCoE ports 18 To enable or disable PFC, perform the following steps. 1. Select the DCB tab on the Switch Administration window. 2. Select the QoS tab. 3. Select the DCB Maps tab. 4. Under the Priority Group area, enable or disable Priority Flow Control Status option for each Priority Group ID. Enabling and disabling FCoE ports You can enable and disable FCoE Ports individually from the Port Admin tab. 1. Select the FCoE Ports tab on the Port Admin tab. 2.
18 252 Enabling and disabling FCoE ports Web Tools Administrator’s Guide 53-1002934-02
Chapter 19 Limitations In this chapter • General Web Tools limitations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 253 General Web Tools limitations Table 21 lists general Web Tools limitations that apply to all browsers and switch platforms. TABLE 21 Web Tools limitations Area Details Blade Failure If a blade fails on the switch, the Web Tools interface can still display slot and ports as healthy.
19 General Web Tools limitations TABLE 21 Web Tools limitations (Continued) Area Details Firmware download There are multiple phases to firmware download and activation. When Web Tools reports that firmware download completed successfully, this indicates that a basic sanity check, package retrieval, package unloading, and verification was successful. Web Tools forces a full package install. A restart is required to activate the newly downloaded firmware.
General Web Tools limitations TABLE 21 19 Web Tools limitations (Continued) Area Details Loss of Connection Occasionally, you might see the following message when you try to retrieve data from the switch or send a request to the switch: Switch Status Checking The switch is not currently accessible. The dialog box title may vary, because it indicates which module is having the problem. This is caused by the loss of HTTP connection with the switch, due to a variety of possible problems.
19 General Web Tools limitations TABLE 21 256 Web Tools limitations (Continued) Area Details Refresh option in browsers If you change the switch name using the Web Tools Switch Administration page or SNMP and then open a Telnet window to verify the name change, the CLI prompt (for example, switch:admin >) displays the previous name. The Telnet prompt cannot pick up the new switch name until the switch is fastbooted.
Index Numerics 2 domain/4 domain fabric licenses, 9 7800 switch, 86, 88 A Access Control List. Refer to ACL access control. Refer to RBAC.
configuration Access Gateway mode, 161 upload, 163 configuration file Admin Domain considerations, 61 backing up, 59 restoring, 60 configuring Allow / Prohibit Matrix, 230 arbitrated loop parameters, 44 backbone fabric ID, 159 default heap size, 8 EX_Ports, 156 fabric parameters, 42 FAN frame notification parameters, 44 FC ports, 82 FCR router cost, 158 FICON Management Server parameters, 227 IOD frames delivery, 182 Java Plug-in, 8 link cost, 182 long-distance settings, 176 port speed, 82 port type, 82 por
edge fabrics, 153 EGM licensed features FICON CUP, 225 Performance Monitoring, 18 enabled zone configuration, displaying, 139 enabling Access Gateway mode, 163 automatic trace dump transfer, 146 beaconing, 55 blades, 35 DLS, 181 FICON Management Server mode, 227 insistent domain ID mode, 43 ports, 86 Ports on Demand, 88 RADIUS, 206 RLS probing, 44 switch, 37 trunking mode, 105 zone configurations, 138 ending sessions, 13 events displaying, 51 filtering, 52 severity levels, 50 EX_Ports, configuring, 156 exch
in-order delivery. Refer to IOD insistent domain ID mode about, 43 enabling, 43 installing Java Plug-in, 7, 8 JRE, 7 JRE patches on Solaris, 7 Solaris patches, 7 Internet Explorer 7.
per-frame routing priority, 43 persistently disable a port, 87 platforms, supported, 4 polling rates, 27 port membership in Admin Domains, 78 port menu, 25 port names, assigning, 85 port speed, configuring, 82 port swapping, 93 port type, configuring, 82 port-based routing, 179 ports buffer-limited, 173 configuring, 77 disabling, 86, 87 enabling, 86 LEDs, 152 long distance parameter, 176 naming, 85 Ports on Demand, enabling, 88 power supply status, 149, 150 preferences persist, 19 printing effective zone co
swapping port index IDs, 93 switch 7800, 86, 88 changing the name of, 38 enabling and disabling, 37 mouse over information, 25 rebooting, 40 Switch Administration window, 31 opening, 33 Switch Events and Switch Information, 23 switch events, displaying, 51 Switch Explorer, Admin Domains, 21 switch name, changing, 38 switch report, 39 switch status report, 150 Switch View, 22 Switch View buttons, 21 syslog IP address configuring, 34 removing, 34 system services, configuring, 44 T Telnet, 28 temperature stat
zones about, 123 adding WWNs, 140 best practices, 143 creating, 132 deleting, 134 description, 132 LSAN, 158 modifying, 133 removing WWNs, 141 renaming, 133 replacing WWNs, 141 selecting a view, 129 zoning all access, 125 default zoning, 125 no access, 125 zoning database clearing, 142 maximum size, 129, 138 zoning views, 129 zoning, disabling, 139 zoning, saving changes, 70, 129 Web Tools Administrator’s Guide 53-1002934-02 263
264 Web Tools Administrator’s Guide 53-1002934-02
