Technical data

ManualsBrandsBrocade Communications Systems ManualsSwitch4100

221

222

223

224

225

226

227

228

229

230

13-6 Fabric OS Administrator’s Guide

Publication Number: 53-0000518-09

Zoning Concepts

The different types of zone configurations are:

• Defined Configuration. The complete set of all zone objects defined in the fabric.

• Effective Configuration. A single zone configuration that is currently in effect. The effective

configuration is built when an administrator enables a specified zone configuration.

• Saved Configuration. A copy of the defined configuration plus the name of the effective

configuration, which is saved in flash memory by the cfgSave command. (You can also use the

configUpload command to provide a backup of the zoning configuration and the configDownload

command to restore the zoning configuration.) There might be differences between the saved

configuration and the defined configuration if the system administrator has modified any of the

zone definitions and has not saved the configuration.

• Disabled Configuration. The effective configuration is removed from flash memory.

On power-up, the switch automatically reloads the saved configuration. If a configuration was active

when it was saved, the same configuration is reinstated on the local switch with an autorun of the

cfgEnable command.

You can establish a zone by identifying zone objects using one or more of the following zoning

schemes:

• Domain, port number level. All members are specified by domain ID, port number, or domain,

area number pair or aliases, described in “Zone Aliases” on page 13-5.

• World Wide Name (WWN) level. All members are specified only by World Wide Name (WWNs)

or aliases of WWNs. They can be node or port versions of the WWN.

• Mixed zoning. A zone containing members specified by a combination of domain, port number,

and/or domain, area number and WWN.

Zoning Enforcement

Software-enforced and hardware-enforced zoning are supported.

Software-Enforced Zoning

Zoning enables users to restrict access to devices in a fabric. Software-enforced zoning prevents hosts

from discovering unauthorized target devices, while hardware-enforced zoning prevents a host from

accessing a device it is not authorized to access.

Software-enforced zoning:

• Is also called soft zoning, Name Server zoning, fabric-based zoning, session-based zoning, or

hardware-assisted zoning.

• Is available on 1 Gbit/sec, 2 Gbit/sec, and 4 Gbit/sec platforms.

• Prevents hosts from discovering unauthorized target devices.

• Ensures that the name server does not return any information to an unauthorized initiator in

response to a name server query.

• Is always active whenever a zone configuration is in effect.

• Does not prohibit access to the device. If an initiator has knowledge of the network address of a

target device, it does not need to query the Name Server to access it, which could lead to undesired

access to a target device by unauthorized hosts.