53-1002756-01 14 December 2012 Web Tools Administrator’s Guide Supporting Fabric OS v7.1.
Copyright © 2006-2012 Brocade Communications Systems, Inc. All Rights Reserved. Brocade, Brocade Assurance, the B-wing symbol, BigIron, DCX, Fabric OS, FastIron, MLX, NetIron, SAN Health, ServerIron, TurboIron, VCS, and VDX are registered trademarks, and AnyIO, Brocade One, CloudPlex, Effortless Networking, ICX, NET Health, OpenScript, and The Effortless Network are trademarks of Brocade Communications Systems, Inc., in the United States and/or in other countries.
Document Title Publication Number Summary of Changes Publication Date Advanced Web Tools User’s Guide v4.1.2 53-0000522-04 Insistent Domain ID Mode. Port Swapping information. Minor editorial changes. October 2003 Advanced Web Tools Administrator’s Guide, v4.2.0 53-0000522-05 Updates to support new switch types: Brocade 3250, 3850, 24000. Structural changes, support changes, installation changes.
Document Title Publication Number Summary of Changes Publication Date Web Tools Administrator’s Guide 53-1001194-01 Updates to add support for Virtual Fabrics, IPsec, and consistency with Brocade Network Advisor. November 2008 Web Tools Administrator’s Guide 53-1001343-01 Updates to add support for Brocade 7800 Extension Switch, Brocade 8000, FCOE10-24 DCX Blade, and FX8-24 DCX Extension Blade.
Contents Figures Tables About This Document How this document is organized . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxi Supported hardware and software . . . . . . . . . . . . . . . . . . . . . . . . . .xxii What’s new in this document . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxiii Document conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxiv Text formatting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Opening Web Tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10 Logging in . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 Logging out . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13 Role-Based Access Control. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13 Session management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Switch configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35 Enabling and disabling a switch . . . . . . . . . . . . . . . . . . . . . . . . . 35 Enabling and disabling switch persistent. . . . . . . . . . . . . . . . . . 36 Changing the switch name . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36 Changing the switch domain ID . . . . . . . . . . . . . . . . . . . . . . . . . 37 Viewing and printing a switch report . . . . . . . . . . . . . . . . . . . . .
Performing a firmware download . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57 Chapter 5 Managing Ports Port management overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59 Opening the Port Admin tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60 Port Admin tab components . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60 Controllable ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63 Configuring FC ports . . . . . . . . .
F_Port trunk groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87 Creating and maintaining F_Port trunk groups . . . . . . . . . . . . . 87 Chapter 7 Monitoring Performance Performance Monitor overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89 Basic monitoring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89 Advanced monitoring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 90 Performance graphs . . . . .
Zoning management. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .105 Refreshing fabric information . . . . . . . . . . . . . . . . . . . . . . . . . . 107 Refreshing Zone Administration window information . . . . . . .108 Saving local zoning changes . . . . . . . . . . . . . . . . . . . . . . . . . . .108 Selecting a zoning view . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .109 Creating and populating zone aliases . . . . . . . . . . . . . . . . . . .
Port LED interpretation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .130 Port icon colors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .130 Chapter 10 Using the FC-FC Routing Service Fibre Channel Routing overview. . . . . . . . . . . . . . . . . . . . . . . . . . . .131 Supported switches for Fibre Channel Routing. . . . . . . . . . . . . . . .132 Setting up FC-FC routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Chapter 13 Administering Extended Fabrics Extended link buffer allocation overview. . . . . . . . . . . . . . . . . . . . .151 Configuring a port for long distance . . . . . . . . . . . . . . . . . . . . . . . .154 Chapter 14 Routing Traffic Routing overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .157 Viewing fabric shortest path first routing . . . . . . . . . . . . . . . . . . . .158 Configuring dynamic load sharing . . . . . . . . . . . . . . . . . . . . . . . .
SNMP configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .180 Setting SNMP trap levels. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .180 Changing the systemGroup configuration parameters . . . . . .181 Setting SNMPv1 configuration parameters . . . . . . . . . . . . . . .181 Setting SNMPv3 configuration parameters . . . . . . . . . . . . . . .181 Changing the access control configuration . . . . . . . . . . . . . . .182 RADIUS management . . . . . . . . . . . . .
Allow / Prohibit Matrix configuration . . . . . . . . . . . . . . . . . . . . . . . .206 Viewing Allow / Prohibit Matrix configurations. . . . . . . . . . . . .207 Modifying Allow / Prohibit Matrix configurations . . . . . . . . . . .207 Activating an Allow / Prohibit Matrix configuration . . . . . . . . .209 Copying an Allow / Prohibit Matrix configuration. . . . . . . . . . .209 Deleting an Allow / Prohibit Matrix configuration . . . . . . . . . .210 CUP logical path configuration . . . . . . . . . . . .
Enabling and disabling QoS priority-based flow control . . . . . . . . .227 Enabling and disabling FCoE ports . . . . . . . . . . . . . . . . . . . . . . . . .227 Chapter 18 Limitations General Web Tools limitations . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
xvi Web Tools Administrator’s Guide 53-1002756-01
Figures Figure 1 Configuring Internet Explorer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 Figure 2 Default Java for browsers option . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 Figure 3 Web Tools interface. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 Figure 4 Virtual Fabric login option . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
xviii Figure 37 User tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 165 Figure 38 Add User Account dialog box (VF) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 166 Figure 39 Switch Admin:Add User Defined Role dialog . . . . . . . . . . . . . . . . . . . . . . . . . . . 172 Figure 40 Switch Admin:Add User Defined Role dialog . . . . . . . . . . . . . . . . . . . . . . . . . . .
Tables Table 1 Basic Web Tools features and EGM licensed features . . . . . . . . . . . . . . . . . . . . . 2 Table 2 Web Tools functionality moved to Brocade Network Advisor . . . . . . . . . . . . . . . . 3 Table 3 Certified and tested platforms. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 Table 4 Supported platforms. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 Table 5 Predefined Web Tools roles . . . . .
xx Web Tools Administrator’s Guide 53-1002756-01
About This Document In this chapter • How this document is organized . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxi • Supported hardware and software. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxii • What’s new in this document . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxiii • Document conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxiv • Notice to the reader . . . . . . . . . . . . . .
• Chapter 11, “Using the Access Gateway” provides information on how to configure and manage the Brocade Access Gateway. • Chapter 12, “Administering Fabric Watch” provides information on how to use the Fabric Watch feature to monitor the performance and status of switches and alert you when problems arise. • Chapter 13, “Administering Extended Fabrics” provides information on how to configure a port for long distance. • Chapter 14, “Routing Traffic” provides information on how to configure routes.
• • • • • • Brocade DCX 8510-4 Brocade DCX 8510-8 Backbone Brocade DCX Backbone Brocade DCX-4S Backbone Brocade Encryption Switch Brocade VA-40FC The following blades are supported by this release: • • • • • • • • • • • • • • • • Brocade CORE 8 blade Brocade CP8 blade Brocade CR16-4 blade Brocade CR16-8 blade Brocade CR4S-8 blade Brocade FC16-32 port blade Brocade FC16-48 port blade Brocade FC8-16 port blade Brocade FC8-32 port blade Brocade FC8-32E port blade Brocade FC8-48 port blade Brocade FC8-48E p
• • • • • • • • • • Switching between virtual fabrics TACACS+ management Setting a principal switch Switch Status Policy changes Forward Error Correction Port Admin button grouping Updated 'Setting a shared secret key pair' section to include HBA Removed support for admin domain Addition of PCS block error to the Advanced tab of Port Statistics Drop of Interopmode 1: Open mode, Interopmode 2: McData Fabric mode, and Interopmode 3: McData Fabric legacy mode for Ex-Ports • User configured table column align
Notes, cautions, and warnings The following notices and statements are used in this manual. They are listed below in order of increasing severity of potential hazards. NOTE A note provides a tip, guidance, or advice, emphasizes important information, or provides a reference to related information. ATTENTION An Attention statement indicates potential damage to hardware or data.
Additional information This section lists additional Brocade and industry-specific documentation that you might find helpful. Brocade resources To get up-to-the-minute information, go to http://my.brocade.com to register at no cost for a user ID and password. White papers, online demonstrations, and data sheets are available through the Brocade website at: http://www.brocade.com/products-solutions/products/index.page For additional Brocade documentation, visit the Brocade website: http://www.brocade.
• Serial console and Telnet session logs • syslog message logs 2. Switch Serial Number The switch serial number and corresponding bar code are provided on the serial number label, as illustrated below: *FT00X0054E9* FT00X0054E9 The serial number label is located as follows: • Brocade 300, 5100, 5200, 5300, 6505, 6510, 6520, 7800, 8000, VA-40FC, and Brocade Encryption Switch—On the switch ID pull-out tab located inside the chassis on the port side on the left.
xxviii Web Tools Administrator’s Guide 53-1002756-01
Chapter Introducing Web Tools 1 In this chapter • Web Tools overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 • Web Tools, the EGM license, and Brocade Network Advisor . . . . . . . . . . . . . 1 • System requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 • Java installation on the workstation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 • Java plug-in configuration . . . . . . .
1 Web Tools, the EGM license, and Brocade Network Advisor Web Tools features enabled by the EGM license Table 1 describes those Web Tools features that require the EGM license.
Web Tools, the EGM license, and Brocade Network Advisor TABLE 1 1 Basic Web Tools features and EGM licensed features (Continued) Feature Basic Web Tools Web Tools with EGM License Routing and DLS Configuration no yes Security Policies Tab (like ACL) yes yes Switch Info tab yes yes Switch Status yes yes Switch View right-click options yes yes Trace dump yes yes USB Management yes yes User Management yes yes Verify and troubleshoot accessibility between devices yes yes Web To
1 System requirements TABLE 2 Web Tools functionality moved to Brocade Network Advisor (Continued) Function Web Tools 6.1.0 Brocade Network Advisor Comments FCIP Tunnel Configuration Port Admin Module > GigE tab Configure > FCIP Tunnel Viewing FCIP tunnels is still supported in Web Tools 6.1.1, but New, Edit Config, and delete are only available in Brocade Network Advisor.
System requirements 1 Brocade supports the platforms shown in Table 4. TABLE 4 Supported platforms Operating System Browser Red Hat AS 4.0 (x86 32-bit) RedHat Enterprise Linux 6.1 Adv (32-bit) SUSE Linux Enterprise Server 10 (32-bit) SUSE Linux Enterprise Server 11 (x86 32-bit) Firefox 12.0 Windows 2000 Firefox 12.0, Internet Explorer 9.0 Windows 2003 Server, SP2 Firefox 12.0, Internet Explorer 8.0/9.0 Windows XP Pro SP3 (x86 32-bit) Firefox 12.0, Internet Explorer 8.0/9.
1 System requirements FIGURE 1 Configuring Internet Explorer Deleting temporary internet files used by Java applications For Web Tools to operate correctly, you must delete the temporary internet files used by Java applications. To delete these files, perform the following steps. 1. From the Control Panel, open Java. 2. Select the General tab and click Settings. 3. Click Delete Files to remove the temporary files used by Java applications. 4. Click OK on the confirmation dialog box.
Java installation on the workstation 1 Java installation on the workstation Java Plug-in must be installed on the workstation. If you attempt to open Web Tools without any Java Plug-in installed: • Internet Explorer automatically prompts and downloads the proper Java Plug-in. • Firefox downloads the most recently released Java Plug-in.
1 Java plug-in configuration Installing the Java plug-in on Windows To Install the Java plug-in on Windows, perform the following steps. 1. From the Start menu, select Control Panel and select the Java Plug-in Control Panel. 2. Select the About tab. 3. Determine whether the correct Java Plug-in version is installed: • If the correct version is installed, Web Tools is ready to use. • If no Java Plug-in is installed, point the browser to a switch running Fabric OS 5.2.0 or later to install JRE 1.6.0.
Value line licenses 1 1. From the Start menu, select Control Panel. 2. Click the Advanced tab and expand the Default Java for browsers option, as shown in Figure 2 on page 9. FIGURE 2 Default Java for browsers option 3. Select Mozilla family and click Apply. 4. Click OK to apply your settings and close the Java Control Panel.
1 Opening Web Tools Opening Web Tools You can open Web Tools on any workstation with a compatible Web browser installed. For a list of Web browsers compatible with Fabric OS v7.1.0, refer to Table 3. Web Tools supports both HTTP and HTTPS protocol. To open Web Tools, perform the following steps. 1. Open the Web browser and enter the IP address of the device in the Address field, such as: http://10.77.77.77 or https://10.77.77.77 2. Press Enter. The Web Tools login dialog box displays.
Opening Web Tools FIGURE 3 1 Web Tools interface Logging in When you use Web Tools, you must log in before you can view or modify any switch information. This section describes the login process. Prior to displaying the login window, Web Tools displays a security banner (if one is configured for your switch), that you must accept before logging in. The security banner displays every time you access the switch. When you are presented with the login screen you must provide a user name and a password.
1 Opening Web Tools 1. Click Run on the signed certificate applet. A warning dialog box may display. If you select the check box Always trust content from this publisher, the warning dialog box is not displayed when you open Web Tools again. 2. Click OK in the security banner window, if one displays. 3. In the login dialog box, enter your user name and password. If your current password has expired, you must provide a new password and confirm the new password.
Role-Based Access Control 1 2. Log in to a logical fabric. • To log in to the home logical fabric, select Home Logical Fabric and click OK. • To log in to a logical fabric other than the home logical fabric, select User Specified Logical Fabric, enter the fabric ID number or the context name, and click OK. On providing the context name, a dialog box displays with the available list of VF ID-Context Name (role of the context). You can select the role from the list and login.
1 Session management TABLE 5 Predefined Web Tools roles (Continued) Role Description securityadmin You can perform actions that do not affect the stored configuration. switchadmin You can perform all actions on the switch, except the following: • You cannot modify zoning configurations. • You cannot create new accounts. • You cannot view or change account information for any accounts. You can only view your own account and change your account password.
Web Tools system logs 1 Web Tools system logs Web Tools uses the log4j framework to write the logs into a file When you launch Web Tools for the first time, it automatically creates the following directories. These directories are created under Web Tools directory if they are not available: • A directory under the user home directory. • The Web Tools Switch Support Save directory with the name format .
1 Requirements for IPv6 support The default path for Windows is C:\Documents and Settings\<>\Webtools\. The default path for Linux is /root/WebTools/. 3. Click Capture to start collecting the SupportSave logs. A zipped-up SupportSave folder is saved in the defined location. SupportSave zip file name format is “WT-SS-switchIP-dd-mm-yy-hh-mm-ss.zip”. The SupportSave file name will show the VF ID if VF is enabled on the switch.
Chapter 2 Using the Web Tools Interface In this chapter • Viewing Switch Explorer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Displaying tool tips. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Right-click options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Refresh rates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
2 Viewing Switch Explorer NOTE To perform monitoring tasks such as performance monitoring the EGM license must be installed on the switch; otherwise, access to this feature is denied and an error message displays. - Reporting tasks, such as viewing the status of a switch. Tools tasks, such as opening the Telnet or SSH client window, beaconing a switch or chassis, and access to technical SupportSave.
2 Viewing Switch Explorer 2 3 1 7 4 5 6 1 2 3 4 5 6 7 FIGURE 5 Tabs and Fabric Tree Menu bar Switch View buttons Switch Events and Switch Information Indicator bar Professional Management Tool offering Switch View Switch Explorer Persisting GUI preferences Web Tools persists your GUI preferences across sessions for the Switch Explorer, Port Admin, Switch Admin, Name Server, and Zone Admin dialog boxes on all web-browser platforms. Persistence is performed on a per host basis.
2 Viewing Switch Explorer • • • • Basic or Advance mode Last selected tab by the user Table column sorting Table column positions The Switch Admin GUI preferences that persist are: • • • • Basic or Advance modes Last selected tab Table column sorting Table column positions The Switch Explorer GUI preferences that persists are: • Last selected tab The Name Server GUI preferences that persist are: • Table column sorting • Table column positions The Zone Admin GUI preferences that persist are: • • •
Viewing Switch Explorer 2 Although Fabric Tree displays all the switches in the fabric, you can manage switches that support Fabric OS v6.1 and later versions because it does not requires Web Tools license. If a switch is launched from Fabric Tree, preference will be given to IPv4, even though both IPv4 and IPv6 are configured for that particular switch. The versions earlier than Fabric OS v6.1 require a Web Tools license and, if applicable, an EGM license installed.
2 Viewing Switch Explorer When you mouse over a port, a yellow color toggling effect is available to identify the selected port. The port LEDs in the Switch View match the LEDs on the physical switch. However, the blink rate of the LEDs in the Switch View does not necessarily match the blink rate of the LEDs on the physical switch. Refer to “Port LED interpretation” on page 130 for more information.
Viewing Switch Explorer 2 Switch Events and Switch Information Switch Events and Switch Information display as tab forms under Switch View. The information in the Switch Information tab is polled every 60 seconds. NOTE You can click the column head to sort the events by a particular column, and drag the column divider to resize a column. You can also right-click a column heading to resize one or all columns, sort the information in ascending or descending order, or select which columns are displayed.
2 Displaying tool tips • RNID - Type Model Tag Sequence number Insistent Domain ID Mode Manufacturer Manufacturer Plant Type of the switch. Model of the switch. Tag of the switch. Sequence number of the switch. Current status of the Insistent Domain ID mode of the switch. Manufacturer of the switch. Plant where the switch was manufactured. For more information, refer to “Displaying switch information” on page 125.
Right-click options 2 Right-click options You can right-click a port to quickly perform some basic port administration tasks, as shown in Figure 7. FIGURE 7 Right-click menu for ports (from Switch Explorer) The tasks are: • The Port Admin option displays the Port Admin tab. • The Port Details option displays read-only information about a port, without opening the Port Admin tab. You can right-click on the table content to export or copy the information from the Port Details window.
2 Displaying switches in the fabric For these reasons, the time displayed in the port statistics tab might not be refreshed as expected. The counter time indicates only that “this statistics data is retrieved from the switch in this time period.” To ensure the correct information, the time field is updated along with the port statistics data after every refresh. The refresh rates are different for each module. Table 6 lists polling rates by module.
Opening a Telnet or SSH client window 2 • If you receive an error when saving changes in the Switch Administration window, note the error messages, refresh the window, and make your changes again. Do not continue making changes without refreshing the window and determining which changes were saved correctly. • In a fabric containing switches and directors running different versions of firmware, use the switches or directors with the latest firmware versions to control the fabric.
2 Collecting logs for troubleshooting 7. To close the session, enter exit at the prompt and press the Enter key. Collecting logs for troubleshooting If you encounter problems using the Web Tools interface, collect Java logs for use in troubleshooting. From Microsoft Windows, perform this procedure. 1. Open Control Panel and select Java. 2. Click on the Advanced tab. 3. Expand Java console. 4. Select Show console. 5. Restart Web Tools. The Java console displays, along with the Web Tools opening page. 6.
Chapter 3 Managing Fabrics and Switches In this chapter • Fabric and switch management overview . . . . . . . . . . . . . . . . . . . . . . . . . . . • Configuring IP and subnet mask information . . . . . . . . . . . . . . . . . . . . . . . . • Configuring Netstat Auto Refresh . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Configuring a syslog IP address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Removing a syslog IP address . . . . . . . . . . . . . .
3 Fabric and switch management overview FIGURE 8 Switch Administration window, Switch tab, Basic mode With the exception of switch time, information displayed in the Switch Administration window is not updated automatically by Web Tools. To update the information displayed in the Switch Administration window, click the Refresh button. ATTENTION Most changes you make in the Switch Administration window are buffered, and are not applied to the switch until you save the changes.
Configuring IP and subnet mask information 3 Opening the Switch Administration window Most of the management procedures in this chapter are performed from the Switch Administration window. To open the Switch Administration window, perform the following steps. 1. Click Configure > Switch Admin. The Switch Administration dialog box displays in basic mode, as shown in Figure 8 on page 30. The basic mode displays the “basic” tabs and options. 2.
3 Configuring Netstat Auto Refresh Configuring Netstat Auto Refresh The Netstat Performance window displays the details about Ethernet management port statistics like the Interface, MTU, Met, RX-OK, RX-ERR, RX-DRP, RX-OVR, TX-OK, TX-ERR, TX-DRP, TX-OVR, and Flag. To configure Auto Refresh, perform the following steps. 1. Open the Switch Administration window as described in “Opening the Switch Administration window” on page 31. 2. Select the Network tab. 3. Click Netstat Performance. 4.
Configuring IP Filtering 3 You can click Clear All to remove all of the syslog IP addresses from the table. 4. Click Apply. Configuring IP Filtering Web Tools provides the ability to control what client IP addresses may connect to a switch or fabric. To set up IP Filtering, perform the following steps. 1. Open the Switch Administration window (in Basic mode) as described in “Opening the Switch Administration window” on page 31. 2. Click Show Advanced Mode. 3. Select the Security Policies tab. 4.
3 Blade management Enabling or disabling a blade The Firmware Version columns display the firmware loaded onto each blade. A blade can have more than one firmware image loaded onto it. The Blade State column in the Blade tab pane indicates whether the blade is enabled. NOTE The blade state is always shown as enabled, even if you perform a blade disable operation. When a blade is set to a disable state, only the ports on the balde are disabled. The blade remains active.
Switch configuration 3 1. Open the Switch Administration window as described in “Opening the Switch Administration window” on page 31. 2. Select the Blade tab. 3. Click Set IP address. 4. Select a slot number from the list. 5. Enter the IP address, subnet mask, and Gateway IP address. 6. Select a type from the list. 7. Click Add to add the new entry to the table. When you click Add, the values remain in the fields. The Clear Gateway and Clear IP buttons are available for clearing fields in the table.
3 Switch configuration 1. Open the Switch Administration window as described in “Opening the Switch Administration window” on page 31. 2. Select the Switch tab. 3. In the Switch Status section, click Enable to enable the switch or Disable to disable the switch. 4. Click Apply. The system displays a confirmation window that asks if you want to save the changes to the switch. You must click Yes to save the changes.
Switch configuration 3 Changing the switch domain ID Although domain IDs are assigned dynamically when a switch is enabled, you can request a specific ID to resolve a domain ID conflict when you merge fabrics. To change the switch domain ID, perform the following steps. 1. Open the Switch Administration window as described in “Opening the Switch Administration window” on page 31. 2. Disable the switch, as described in “Enabling and disabling a switch” on page 35. 3. Select the Switch tab. 4.
3 Switch restart 3. In the Principal Switch section, perform one of the following to set the switch as a principal switch. • Select Set as preferred Principal Switch - The switch is set as principal switch in the next fabric rebuild. • Select Set as preferred Principal Switch and then select Rebuild Fabric after setting preferred principal switch - The switch is set as preferred principal switch with rebuild triggered forcefully.
System configuration parameters 3 4. Click Apply. Performing a reboot To reboot the CP and execute the normal power-on booting sequence, perform the following steps. 1. Open the Switch Administration window as described in “Opening the Switch Administration window” on page 31. 2. Click Reboot. 3. On the Reboot Confirmation window, click Yes to continue. 4. Click Apply. System configuration parameters You must disable the switch before you can configure fabric parameters.
3 System configuration parameters TABLE 7 Switches that support WWN-based Persistent PID on Web Tools Platform DCX/DCX-4S DCX 8510-4 DCX 8510-8 VF Enabled Default switch Yes, if dynamic area addressing is enabled in the default switch.
System configuration parameters 3 Datafield size The largest possible data field size (in bytes). The range of valid values is from 256 through 2112. Address mode Displays the addressing mode present in the switch. Sequence Level Switching Select this box to enable frames of the same sequence from a particular group to be transmitted together. When this option is not selected, frames are transmitted interleaved among multiple sequences.
3 System configuration parameters 1. Open the Switch Administration window as described in “Opening the Switch Administration window” on page 31. 2. Disable the switch as described in “Enabling and disabling a switch” on page 35. 3. Select the Configure tab. 4. Select the Virtual Channel subtab. 5. Enter a value in the VC Priority field you want to change. The only valid numeric values for all fields are either “2” or “3”. 6. Click Apply. 7.
Licensed feature management 3 1. Open the Switch Administration window as described in “Opening the Switch Administration window” on page 31. 2. Disable the switch as described in “Enabling and disabling a switch” on page 35. 3. Select the Configure tab. 4. Select the System subtab. 5. Select the Disable RLS Probing check box to disable RLS probing. -orClear the check box to enable RLS probing. 6. Click Apply. 7. Enable the switch as described in “Enabling and disabling a switch” on page 35.
3 Licensed feature management To activate a license, perform the following steps. 1. Open the Switch Administration window as described in “Opening the Switch Administration window” on page 31. 2. Select the License tab and click Add. The Add License dialog box displays. 3. Paste or enter a license key in the field. 4. Click Add License. 5. Click Refresh to display the new licenses in the License tab.
High Availability overview 3 Universal time-based licensing After v6.3.0, Web Tools supports universal time-based licensing. Each universal key is for a single feature, and can be used on any product that supports the feature, for a defined trial period. At the end of the trial period, the feature gets disabled. You can extend the universal key license. For time-based licenses, the Expiry Date displays in the License Administration table.
3 High Availability overview 1. Select a Brocade DCX, DCX-4S, DCX 8510-4 or DCX 8510-8 platforms from the Fabric Tree. The Switch View displays. 2. Click the HA button in the Switch View. The High Availability dialog box displays. The High Availability window contains the following two tabs: • The Service tab displays information about the switch. When the hardware is configured as a dual switch, the Service tab displays information about both switches. • The CP tab displays information about slots.
Event monitoring 3 If the HA Status field displays HA enabled, Heartbeat Up, HA State not in sync, continue with step 3. 3. Click Synchronize Services. The Warning dialog box displays. 4. Click Yes and wait for the CPs to complete a synchronization of services, so that a nondisruptive failover is ready. 5. Click Refresh to update the HA Status field.
3 Event monitoring • • • • • • • • Alert Critical Error Warning Marginal Notice Information Debug Table 8 lists the event message severity levels displayed on the Switch Events tab and explains what qualifies event messages to be certain levels. On the Switch Events tab, you can click Filter to launch the Event Filter dialog box. The Event Filter dialog box allows you to define which events should be displayed on the Switch Events tab.
Event monitoring 3 Displaying Switch Events The Switch Events tab displays a running log of events for the selected switch. Switch events are polled and updated every 15 seconds; there is no refresh-on-demand option for switch events. For two-switch configurations, all chassis-related events are displayed in the event list of each logical switch for convenience. To display Switch Events, perform the following steps. 1. Select the switch from the Fabric Tree. The Switch View displays. 2.
3 Displaying the Name Server entries The filter is enabled and the window is refreshed to show the filtered information. Filtering events by message ID To filter events by message ID, perform the following steps. 1. Open the Switch Events tab as described in “Displaying Switch Events” on page 49. 2. Click Filter. The Event Filter dialog box displays. 3. Select Message ID. 4. Enter the message IDs in the associated field. NOTE You can enter multiple message IDs as long as you separate them by commas.
Displaying the Name Server entries 3 1. In the Switch Explorer window, select Name Server. The Name Server tab displays. 2. To set an autorefresh rate for the Name Server entries, select the Auto Refresh check box in the Name Server window, and enter an auto-refresh interval (in seconds). The minimum interval is 45 seconds and the default interval is 60 seconds. Printing the Name Server entries To set up printing preferences, perform the following steps. 1.
3 Physically locating a switch using beaconing Physically locating a switch using beaconing Use the Beacon button to physically locate a switch in a fabric. The beaconing function helps to physically locate a switch by sending a signal to the specified switch, resulting in an LED light pattern that cycles through all ports for each switch (from left to right). NOTE You must have an RBAC role of admin to initiate switch beaconing. The LED light pattern is initiated on the actual switch or chassis.
Virtual Fabrics overview 3 • Brocade DCX 8510-4 • Brocade DCX 8510-8 Virtual Fabrics cannot be configured or managed from Web Tools. Configuration and management is done from either the Brocade Network Advisor, or the Fabric OS command line interface. For information about configuring and managing Virtual Fabrics, refer to the Brocade Network Advisor User Manual if you are using Brocade Network Advisor, or Fabric OS Administrator’s Guide if you are using the Fabric OS command line interface.
3 Virtual Fabrics overview 1. Select Port Admin tab. The Port Admin tab displays. Logical ports are displayed in the FC Ports Explorer tree structure. 2. To view logical port properties, expand the Logical Ports branch, and select a port. The General properties are displayed.
Chapter 4 Maintaining Configurations and Firmware In this chapter • Creating a configuration backup file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Restoring a configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Uploading and downloading from USB storage . . . . . . . . . . . . . . . . . . . . . . . • Performing a firmware download . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
4 Restoring a configuration If you select USB as the configuration file source, the network parameters are not needed and are not displayed. You can skip to step 6. 6. Use the Fabric ID selector to select the fabric ID of the logical switch from which the configuration file is to uploaded. The selector displays all the virtual fabric IDs that have been defined, the default of 128 for the physical switch, chassis level configuration, and all chassis and switches.
Uploading and downloading from USB storage 4 An info link is enabled when USB is chosen as the source of the configuration file. If you click info, an information message displays. 6. Enter the configuration file with a fully-qualified path, or select the configuration file in the Configuration File Name field. 7. Use the Fabric ID selector to select the fabric ID of the logical switch to which the configuration file is to downloaded.
4 Performing a firmware download The download source can be located on the Network or a USB device. NOTE When you select the USB button, you can specify only a firmware path or directory name. No other fields on the tab are available. The USB button is available if the USB is present on the switch. 4. Enter the host name or IP address, user name, password, and fully-qualified path to the file release.plist. You can enter the IP address in either IPv4 or IPv6 format.
Chapter 5 Managing Ports In this chapter • Port management overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Configuring FC ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Assigning a name to a port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Port beaconing. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Enabling and disabling a port.
5 Port management overview Opening the Port Admin tab Select Port Admin tab in the Switch Explorer window. The Port Admin tab displays information about the ports on the switch. Refer to “Switch View” on page 21 for information about accessible ports. The Port Admin tab displays in Basic mode. To view more port management options, select View > Advanced. NOTE You can drag the column divider to resize a column, or drag columns to re-arrange them in a custom order.
Port management overview • • • • • • • • • • • • • • • 5 MTU Size Compression Mode Data L2COS Value DSCP Data IKE Policy Number IPsec Policy Enabled Keep Alive Timeout MaximumCommunicationRate MinimumCommunicationRate MaxRetransmitRate MinRetransmitRate Metric Pre-Shared key QOS Mapping Selective Ack Ports Explorer tree The Ports Explorer tree displays on the left side of the window.
5 Port management overview • General—All ports - View Details - Rename - Edit Configuration - Enable/Disable (port) - Persistent Enable/Persistent Disable (port) • SFP—Physical ports only (FC, CEE, and GbE) - Basic information about the port equipment • QSFP—Quad Small Form-factor Pluggable ports - Basic Information about the port.
Port management overview 5 • General—All ports - Rename - Edit Configuration - Re-Authenticate - Port—Enable/Disable/Swap - PID—Bind/Un-Bind - Persistent—Enable/Disable - F-Port—BB Credit/Trunking - Trunking—Enable/Disable - NPIV—Enable/Disable/Max Login - QoS—Enable/Disable (requires Adaptive Networking License) - CSCTL—Enable/Disable (requires Adaptive Networking License) - Beacon—Enable/Disable - Speed combination (applicable only to the Brocade 6520, Brocade 6510 and Brocade DCX 8510-4,8510-8 with the
5 Configuring FC ports The Controllable attribute is Yes, if your role gives you Modify permission for ports. If a port is controllable, all configuration functionality is enabled. Configuring FC ports With the FC Port Configuration wizard, you can configure allowed port types, port speed, and long distance mode for physical ports. You must use Web Tools with the EGM license enabled on the switch to configure long distance; otherwise, access to this feature is denied and an error message displays.
Configuring FC ports 5 NOTE If you configure a disabled port as an EX-Port, the wizard displays the Enable Port after configuration check box. If you select the check box, the disabled port is automatically enabled after configuration; otherwise, the port remains in the same state after configuration. Allowed port types For FC ports, the Port Admin tab displays the following values relating to port type: Port Type This is the actual or current port type.
5 Configuring FC ports • • • • 300, 5300, and 5100 switches Brocade VA-40FC Brocade 8000 Brocade 7800 For non-8 Gbps platforms, all functionality is available without EGM license. Ingress rate limit Ingress rate limiting is a licensed feature that requires the Adaptive Networking license. NOTE For Brocade 6520, ingress rate limit can be configured without Adaptive Networking (AN) and Server Application Optimization (SAO) licenses. For other platforms, these licenses are required.
Assigning a name to a port 5 • Brocade VA-40FC • Brocade 8000 To configure the ingress rate limit feature, perform the following steps. 1. Select View > Advanced. 2. In the Port Admin tab, select a port, or multiple ports, to configure. 3. Select QoS > Enable option. This enables the QoS on the selected ports. The selected port QoS status will be displayed in port table. 4. Click the Edit Configuration button. The Edit Configuration dialog box displays.
5 Port beaconing Port beaconing Individual FC ports can be set to beacon using the Port Admin tab. Port beaconing status displays in the Port Beaconing column. The Switch View reflects the port beaconing status by flashing the port amber and green for 2.5 seconds each, in an alternating pattern. To configure beaconing for an FC port, perform the following steps. 1. Select the Port Admin tab. 2. Click View > Advanced, if the Port Admin tab is in Basic mode. 3.
Persistent enabling and disabling ports 5 NOTE If the Enable or Disable option is gray (unavailable), the port is already in the enabled or disabled state. For example, if the Enable option is unavailable, the port is already enabled. If you select multiple ports in both enabled and disabled states, both options are active. When you click either option, the action is applied to all selected ports. 6.
5 Configuring NPIV ports 5. Select either Enable or Disable from the Persistent drop-down button. NOTE Persistent Enable or Disable is not supported in FMS mode. NOTE If the Enable or Disable option is gray (unavailable), the port is already in that state or FMS mode is enabled on the switch, the port is already in the enabled or disabled state. For example, if the Enable option is unavailable, the port is already enabled.
Port activation 5 6. Set the number of logins to allow on the selected port and click OK. 7. Click Enable to bring the port back online. Port activation Brocade switches come with a preset number of ports enabled. Additional ports can be enabled using the Ports on Demand (POD) licenses and the Dynamic Ports on Demand (DPOD) feature (for supported switches only). Ports on Demand is ready to be unlocked in the switch firmware.
5 Port activation TABLE 9 Ports enabled with POD licenses and DPOD feature (Continued) Switch name Enabled by default Enabled with Ports on Demand licenses Enabled with the Dynamic Ports on Demand feature Brocade 4016 0-7, 10-13 8, 9, 14, 15 Any available ports Brocade 300 0-7 8-15, 16-23 Not supported When using the Brocade 4016, 4018, 4020, 4024, 4424, 5424, 5450, 5460, 5470, 5480, 6505, 6510, 6520, and NC-5480 switches, you can enable the Dynamic Ports on Demand (DPOD) feature, which allo
Port activation 5 4. Click Enable DPOD to enable the licensing mechanism to be dynamic. If the button is labeled Disable DPOD, the licensing mechanism is already set to dynamic. The existing POD associations and assignments are set as the initial Dynamic POD associations. Two fields are displayed: • Available Licenses indicate the number of free licenses. These can be allocated for any port. • Total Licenses indicate the total number of licenses.
5 Port swapping index Reserving and releasing licenses on a port basis NOTE The Dynamic PODs feature is supported on the Brocade 4018, 4020, and 4024 switches only. To reserve and release licenses on a port basis, perform the following steps. 1. Click a port in the Switch View to open the Port Admin tab. 2. Click the FC Ports tab. 3. From the tree on the left, click the switch or the slot that contains the port.
Port swapping index 5 Port swapping In the Port Admin list view and detailed view, swapped ports are indicated with the “(Swapped)” label appended to the Port Index column and field (Figure 14). FIGURE 14 Port swapped label To swap ports, perform the following steps. 1. Select a port in the Switch View to open the Port Admin tab. 2. Select the FC Ports tab. 3. Select View > Advanced. 4. From the tree on the left, select the port you want to swap. 5. Select Disable from the Port drop-down button.
5 Configuring BB credits on an F_Port 1. Select a port in the Switch View to open the Port Admin tab. 2. Select the FC Ports tab. 3. Select View > Advanced. 4. From the tree on the left, select the port you want to swap. 5. Click the General tab. NOTE The Port Index attribute on the General tab indicates whether a port was swapped. For ports that were swapped, the attribute name displays as Port Index (Swapped), as shown in Figure 15. The value indicates with which port index the port was swapped.
Configuring ALPA 5 Configuring ALPA PID is the address assigned to the host when it performs a login with a fabric. The 24 bits of the PID are built from three 1 byte fields. The most significant byte is the Domain ID, the second byte is the Area which that device belongs to, and the least significant byte is the ALPA. Persistent ALPA provides the hosts with the same ALPA which they recieved the first time they logged in.
5 Configuring port octet speed combination FIGURE 16 ALPA Map selection A dialog box launches listing the Port WWN to ALPA Map with the host. The Port WWN map automatically populates. FIGURE 17 ALPA Map dialog 9. Optional: Click Remove All to clear all of the Port WWN maps. Configuring port octet speed combination The Port Admin tab provides an option to set the Port Octet Speed Combination.
Configuring port octet speed combination 5 NOTE For FC8-32E and FC8-48E port blades, the port octet speed combination is Auto or Fixed 8G|4G|2G. You can change the octet combination for the octet associated with first eight ports of a blade or switch. The first eight ports are based on the slot port number (or user port number in case of the Brocade 6510 or Brocade 6520). The octet speed must be set consistently across all members of the port octet.
5 Configuring CSCTL Configuring CSCTL Unlike QoS Zone-based FC flow prioritization method, CSCTL enables the same SID/DID pair exchange frames with different priorities. To be able to prioritize a frame flow between two end nodes, Fabric OS v7.0.0 and later provide support for up to 32 Virtual Channels (VCs) per port. This categorizes the frames entering into a fabric on the basis of preset behavior defined with these VCs, and conserves the frame’s behavior until it is transmitted out of fabric.
Configuring compression and encryption 5 4. Select Disable from the CSCTL drop-down button. Configuring compression and encryption Encryption provides security for the frames while they are in-flight and Compression allows better bandwidth utilization over long distance. Total bandwidth supported per blade for encryption is 32 Gbps and compression is 64 Gbps. For a pizza box switch, total bandwidth for encryption and/or compression is 32 Gbps.
5 Forward Error Correction Either of the following compression status is displayed in the General tab of the port. - Enabled (Active) - Compression is enabled on a port and the configuration is Active. Enabled (Inactive) - Compression is enabled on a port and the configuration is Inactive. Disabled - Compression is not enabled on a port. Displaying compression ratio 16 Gbps capable FC platforms that support compression and encryption, also provide the compression ratio.
Inband Management 5 The Inband Management interface is protocol independent, so any traffic destined for these Inband Management interfaces is passed through the distribution point to the control processor. It is then handled on the control processor, according to the rules set forth for the normal management interface and following any security rules that may be in place on the control processor. To provide redundancy, there is one inband management interface per GigE port.
5 GigE port modes GigE port modes Web Tools allows you to set the GigE port mode for the FX8-24 DCX Extension Blades to 1G, 10G, or dual modes. To configure the GigE port mode, perform the following steps: NOTE You must install the FX8-24 DCX Extension Blade in a slot containing 10GE license to configure the mode. 1. Select Port Admin > GigE Ports. 2. Select View > Advanced. 3. Select a slot from the GigE Ports Explorer panel. The Mode drop-down button gets enabled. 4.
Chapter 6 Enabling ISL Trunking In this chapter • ISL Trunking overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Disabling or enabling ISL Trunking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Viewing trunk group information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • F_Port trunk groups. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
6 Viewing trunk group information 1. Select a port in the Switch View to open the Port Admin tab. 2. Select the FC Ports tab. 3. From the tree on the left, select the switch name or slot name. 4. From the table, select the port that you want to trunk. You can select multiple ports from the table. You cannot select multiple ports from the tree. 5. Select View > Advanced. Click either the Enable or Disable option from the Trunking drop-down button.
F_Port trunk groups 6 • Trunk Index (applies only to F_Port trunking). • Trunking Enabled F_Port trunk groups F_Port trunking provides extra bandwidth and robust connectivity for hosts and targets connected by switches in Access Gateway mode. There are five general criteria for establishing F_Port trunking: • The F_Port trunking feature requires installing the EGM license; otherwise if you attempt to use this feature in Web Tools without the license, an error message displays.
6 F_Port trunk groups A trunk group is created, identified by the trunk index, and containing the port you selected. 7. Select the trunk group you just created. Add Members becomes active. 8. Additional ports can be added by selecting a port from Ports for trunking table and then clicking Add Members. NOTE To remove a port from the trunk group, select the port from Trunk Groups table and then click Remove Members. 9. Click OK to save your changes.
Chapter Monitoring Performance 7 In this chapter • Performance Monitor overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89 • Opening the Performance Monitor window . . . . . . . . . . . . . . . . . . . . . . . . . . 94 • Creating basic performance monitor graphs. . . . . . . . . . . . . . . . . . . . . . . . . 94 • Customizing basic monitoring graphs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95 • Advanced performance monitoring graphs . . . . . . . . . . .
7 Performance Monitor overview Advanced monitoring The Advanced Monitoring menu is an optionally licensed feature. To utilize the Advanced Monitoring feature you must have a Performance Monitor license installed and you must log in using an account with an admin, switchadmin, fabricadmin role, and properly configured user defined roles. The Advanced Monitoring option in the Performance Graphs window displays predefined reports and filter-based performance monitoring.
Performance Monitor overview TABLE 11 7 Basic performance graphs Graph type Display description Port Throughput The performance of a port, in bytes per second, for frames received and transmitted. Switch Aggregate Throughput The aggregate performance of all ports on a switch. Blade Aggregate Throughput The aggregate performance of all ports on a port card. This graph is available only for the Brocade DCX and DCX-4S enterprise-class platforms.
7 Performance Monitor overview TABLE 13 Supported port types for Brocade switches (Continued) Graph type Physical FC ports Logical FC ports GbE ports Switch Percent Utilization P N/A P Port Snapshot Error P P N/A SID/DID Performance P P N/A SCSI Commands P N/A N/A SCSI vs. IP Traffic P N/A N/A 1. The Blade Aggregate Throughput graph is supported only on the Brocade DCX and DCX-4S enterprise-class platforms.
Performance Monitor overview FIGURE 21 7 Accessing performance graphs User-defined graphs You can modify the predefined graphs to create your own customized graphs (refer to “Customizing basic monitoring graphs” on page 95 for more information). These user-defined graphs can be added and saved to canvas configurations. Canvas configurations A canvas is a saved configuration of graphs. The graphs can be either the Web Tools predefined graphs or user-defined graphs.
7 Opening the Performance Monitor window FIGURE 22 Canvas of six performance monitoring graphs Opening the Performance Monitor window To perform performance monitoring, you must use Web Tools with the EGM license; otherwise, access to this feature is denied and an error messages displays. To open the Performance Monitor window, perform the following steps. 1. Select a switch from the Fabric Tree and log in when prompted. 2. Click Monitor > Performance Monitor. The Performance Monitor window displays.
Customizing basic monitoring graphs 7 NOTE For the Brocade 300, 5100, 5300, 6510, 6520, VA-40FC, 7800 Extension, 8000, and the Encryption Switch, enter only a port number. 4. Click OK. The graph is displayed in a window in the Performance Monitor window. Customizing basic monitoring graphs You can customize some of the basic performance monitoring graphs to display information for particular ports.
7 Customizing basic monitoring graphs FIGURE 23 Select Ports for customizing the Switch Throughput Utilization graph You can perform the following in the dialog box: a. Double-click the domain to expand the slot or port list. NOTE For the Brocade 8510-8, Brocade 8510-4, and Brocade DCX and Brocade DCX-4S enterprise-class platforms, click the plus (+) signs to expand the ports under each slot, as shown in Figure 23. b. Click the port you want to monitor in the graph in the Port Selection List.
Advanced performance monitoring graphs 7 Advanced performance monitoring graphs This section describes how to create the advanced performance monitor graphs listed in Table 12 on page 91. Because the procedure for creating these graphs differs depending on the type of graph, each type is described separately in the sections that follow. The advanced monitoring graphs are not supported for GbE ports.
7 Advanced performance monitoring graphs If you selected multiple EE monitors, SIDs, or PIDs, a confirmation dialog box displays, reminding you that one graph is opened for each selection. 7. Click Yes to display the graphs. 8. When you close a graph, a dialog box asks if you want to save the monitor. If you click OK, the monitor is saved, and persists if the switch is restarted. Creating the SCSI vs. IP Traffic graph The SCSI vs. IP Traffic graph displays the SCSI versus IP traffic for selected ports.
Tunnel and TCP performance monitoring graphs 7 3. Navigate to a switch > slot > port in the Port Selection List. 4. Click the port from the Port Selection List and drag it into the Enter/drag port field. 5. Optional: For the LUN per port graphs, enter a LUN number, in hexadecimal notation. For the Brocade Encryption Switch, you can enter up to eight LUN masks For the Brocade 5100, 5300, 300, 7800, and 8000, you can enter up to eight LUN masks For all other switches running Fabric OS 4.x or v5.
7 Saving graphs to a canvas 4. In the Tunnel and TCP area at the bottom of the screen, select the required check boxes for the statistic you want to graph. Note that each column represents a different graph. 5. Click Options to set the display options for the graphs. • Range: The range is from 3 through 30 seconds. The X axis is limited to 30 minutes. The graph scale starts with 0 minutes and auto scales to draw the statistics.
Adding graphs to an existing canvas 7 3. Select File > Save Current Canvas Configuration. The Save Canvas Configuration dialog box displays. 4. Enter a name and description for the configuration and click Save Canvas. A message displays, confirming that the configuration was successfully saved to the switch. Adding graphs to an existing canvas The following procedure assumes that a canvas is already created.
7 Modifying graphs 1. Open the Performance Monitor window. 2. Select File > Display Canvas Configurations. The Canvas Configuration List displays. A message “No Canvas configuration to display” displays if there are no saved canvas configurations. 3. Select a canvas from the list and click Edit. The Performance Monitor Canvas: Canvas Name dialog box displays. 4. Select a graph from the list and click Edit. NOTE The Edit button is enabled only for the graphs that are configurable or editable. 5.
Chapter 8 Administering Zoning In this chapter • Zoning overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Zoning configurations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Zoning management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Zone configuration and zoning database management. . . . . . . . . . . . . . . • Best practices for zoning. . . . . . . . . . . . . .
8 Zoning configurations LSAN zone requirements An LSAN zone enables device connectivity between fabrics connected in Fibre Channel Routing (FCR) configurations without forcing you to merge fabrics. Extension switches provide multiple mechanisms to manage interfabric device connectivity. Zones that contain hosts and targets that are shared between the two fabrics need to be explicitly coordinated.
Zoning management 8 Setting the default zoning mode The default zoning mode has two options: • All Access—All devices within the fabric can communicate with all other devices. • No Access—Devices in the fabric cannot access any other device in the fabric. NOTE You should not change the default zone mode from No Access to All Access if there is no effective zone configuration and more than 120 devices are connected to the fabric. Web Tools supports default zoning on switches running firmware v5.1.
8 Zoning management FIGURE 24 Zone Administration window ATTENTION Any changes you make in the Zone Administration window are held in a buffered environment and are not updated in the zoning database until you save the changes. If you close the Zone Administration window without saving your changes, your changes are lost. To save the buffered changes you make in the Zone Administration window to the zoning database on the switch, refer to “Saving local zoning changes” on page 108.
Zoning management 8 The Member Selection List panel displays only physical FC ports. To verify whether you have any unzoned devices, you must use Brocade Network Advisor to analyze zone configurations. In the Member Selection List, you can diferentiate between node WWN and port WWN with their icons as shown in Figure 25 and Figure 26.
8 Zoning management Refreshing Zone Administration window information The information displayed in the Zone Administration window is initially a snapshot of the contents of the fabric zoning database at the time the window is launched. Any changes you make to this window are saved to a local buffer; but they are not applied to the fabric zoning database until you invoke one of the transactional operations listed in the Zoning Actions menu.
Zoning management 8 To save the local zone changes, perform the following steps. 1. Make the zoning changes in the Zone Administration window. 2. Select Zoning Actions > Save Config. NOTE If you have made changes to a configuration, you must enable the configuration before the changes are effective. To enable the configuration, refer to “Enabling zone configurations” on page 118. Selecting a zoning view You can define how zoning elements are displayed in the Zone Administration window.
8 Zoning management 1. Open the Zone Administration window as described in “Opening the Zone Admin window” on page 104. 2. Select a format to display zoning members in the Member Selection List as described in “Selecting a zoning view” on page 109. 3. Select the Alias tab and click New Alias. The Create New Alias dialog box displays. 4. In the Create New Alias dialog box, enter a name for the new alias and click OK. The new alias displays in the Name list. 5.
Zoning management 8 Renaming zone aliases The new alias name cannot exceed 64 characters and can contain alphabetic, numeric, and underscore characters. For more information on enabling the configuration, refer to “Enabling zone configurations” on page 118. To change the name of a zone alias, perform the following steps. 1. Open the Zone Administration window as described in “Opening the Zone Admin window” on page 104. 2. Select the Alias tab and select the alias you want to rename from the Name list. 3.
8 Zoning management To create a zone, perform the following steps. 1. Open the Zone Administration window as described in “Opening the Zone Admin window” on page 104. 2. Select a format to display zoning members in the Member Selection List as described in “Selecting a zoning view” on page 109. 3. Select the Zone tab. 4. Click New Zone. The Create New Zone dialog box displays. 5. In the Create New Zone dialog box, enter a name for the new zone, and click OK.
Zoning management 8 The zone members for the selected zone are listed in the Zone Members list. 4. Highlight an element in the Member Selection List that you want to include in your zone, or highlight an element in the Zone Members list that you want to delete. 5. Click the right arrow to add a zone member, or click the left arrow to remove a zone member. The zone is modified in the Zone Admin buffer. 6. Select Zoning Actions > Save Config to save the configuration changes.
8 Zoning management 7. Select Zoning Actions > Save Config to save the configuration changes. Because no changes were made to the effective configuration, you do not need to enable the configuration. Deleting zones For information on enabling the configuration, refer to “Enabling zone configurations” on page 118. To delete a zone, perform the following steps. 1. Open the Zone Administration window as described in “Opening the Zone Admin window” on page 104. 2. Click the Zone tab. 3.
Zone configuration and zoning database management 8 NOTE All switches in the fabric must be running Fabric OS v6.4.0 or later and all the ports in the TI zones must be in the same failover mode. 7. Optional: Repeat steps 5 and 6 to add more elements to your TI zone. 8. When you are finished, click OK. The Traffic Isolations Zones window displays. 9. Click Apply to save the TI zone configuration.
8 Zone configuration and zoning database management Creating zone configurations To create a zone configuration, perform the following steps. After creating a zone configuration, you must explicitly enable it for it to take effect. For information on enabling the configuration, refer to “Enabling zone configurations” on page 118. NOTE Any changes made to the currently enabled configuration does not display until you re-enable the configuration. To create zone configurations, perform the following steps.
Zone configuration and zoning database management 8 5. Click the right arrow to add a configuration member or the left arrow to remove a configuration member. 6. Select Zoning Actions > Save Config to save the configuration changes. Renaming zone configurations The new name cannot exceed 64 characters and can contain alphabetic, numeric, and underscore characters. NOTE You cannot rename the currently enabled configuration. To rename the zone configuration, perform the following steps. 1.
8 Zone configuration and zoning database management NOTE You cannot delete a enabled configuration. 1. Open the Zone Administration window as described in “Opening the Zone Admin window” on page 104. 2. Select the Zone Config tab. 3. Select the configuration you want to delete from the Name list and click Delete. 4. On the confirmation dialog box, click Yes. The selected configuration is deleted from the configuration database. 5. Select Zoning Actions > Save Config to save the configuration changes.
Zone configuration and zoning database management 8 The Disable Config warning message displays. 3. Click Yes to save and disable the current configuration. Displaying enabled zone configurations The enabled zone configuration screen displays the actual content of the single zone configuration that is currently enabled on the fabric, whether it matches the configuration that was enabled when the current Zone Admin session was launched or last refreshed.
8 Zone configuration and zoning database management 2. To identify the most recently effective zone configuration without saving or applying any changes you made in the Zone Administration window, select Print > Print Effective Zone Configuration in the Zone Administration window. NOTE If no zone is enabled, a message displays, indicating that there is no active zoning configuration on the switch. 3.
Zone configuration and zoning database management 8 4. Click items in the list to select or unselect, and click Delete to delete the WWN from all the selected zoning elements. The WWN is deleted from the selected items in the Zone Admin buffer. Replacing a WWN in multiple aliases and zones This procedure enables you to replace a WWN throughout the Zone Admin buffer. This is helpful when exchanging devices in your fabric and helps you to maintain your current configuration.
8 Best practices for zoning Clearing the zoning database Use the following procedure to disable the active zoning configuration, if one exists, and delete the entire zoning database. You must disable any active configuration before you can delete the zoning database. ATTENTION This action not only disables zoning on the fabric, but also deletes the entire zoning database. This results in all devices being able to communicate with each other. To clear the zone database, perform the following steps. 1.
Chapter 9 Working with Diagnostic Features In this chapter • Trace dumps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Displaying switch information. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Defining Switch Policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Port LED interpretation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
9 Trace dumps How a trace dump is used The generation of a trace dump causes a CRITICAL message to be logged to the system error log. When a trace dump is detected, issue the supportSave command on the affected switch. This command packages all error logs, the supportShow output, and trace dump, and moves these to your FTP server. You can also configure your switch to automatically copy trace dumps to your FTP server (refer to “Setting up automatic trace dump transfers”).
Displaying switch information 9 5. Click Apply. Disabling automatic trace uploads If automatic uploading of a trace dump is disabled, you must manually upload the trace dump or else the information is overwritten when a subsequent trace dump is generated. To disable automatic trace uploads, perform the following steps. 1. Open the Switch Administration window. 2. Click Show Advanced Mode, if it is not selected. 3. Select the Trace tab. 4.
9 Displaying switch information Viewing detailed fan hardware status The icon on the Fan button indicates the overall status of the fans. For more information about the switch fan, refer to the appropriate hardware documentation. You can display status information about the fans, as shown in Figure 29. FIGURE 29 Fan States window The Fan No. column indicates either the fan number or the fan FRU number, depending on the switch model. A fan FRU can contain one or more fans. The Fan No.
Displaying switch information 9 The detailed temperature sensor states for the switch are displayed, as shown in Figure 28. Viewing the power supply status The icon on the Power button indicates the overall status of the power supply status. For more information regarding switch power modules, refer to the appropriate hardware documentation. FIGURE 30 Power States window To view the power supply status, perform the following steps. 1.
9 Defining Switch Policy FIGURE 31 Switch Report window To check the physical health of the switch, perform the following steps. 1. Select a logical switch from the Logical Switch drop-down list in the top-right corner of the Switch Explorer window. The selected switch displays in the Switch View. The icon on the Status button indicates the overall status of the switch. 2. Click Status on the Switch View. The detailed switch health report displays, as shown in Figure 31. 3.
Defining Switch Policy 9 Use this dialog box to set policy parameters for calculating the overall status of the switch. The policy parameter values determine how many failed or faulty units of each contributor are allowed before triggering a status change in the switch from “Healthy” to “Marginal” or “Down”. The existence of policies such as WWN, CP, and Blade might differ from platform to platform. Numerical and percentage values that are above “Marginal” are considered to be “Healthy.
9 Port LED interpretation Port LED interpretation The Switch View displays port graphics with blinking LEDs, simulating the physical appearance of the ports. One of the LEDs indicates port status; the other indicates port speed. For LED information, refer to the hardware documentation for the switch you are viewing. (The blink rate of the LEDs in the Switch View does not necessarily match the blink rate of the LEDs on the physical switch.
Chapter 10 Using the FC-FC Routing Service In this chapter • Fibre Channel Routing overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Supported switches for Fibre Channel Routing . . . . . . . . . . . . . . . . . . . . . . • Setting up FC-FC routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • FC-FC routing management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Viewing EX-Ports . . . . . . . . . . . . . . . .
10 Supported switches for Fibre Channel Routing VEX-Port A virtual port that enables routing functionality through an FCIP tunnel. A VEX-Port is similar to an EX-Port.
FC-FC routing management 10 FC-FC routing management You can perform Fibre Channel Routing operations using Web Tools, Web Tools with the EGM license, and Integrated Routing license. You can manage FC-FC Routing through the FC Routing module. The FC Routing module has tabbed panes that display EX-Ports, LSAN fabrics, LSAN zones, LSAN devices, and general FCR information. NOTE From Fabric OS v7.0.1, Integrated Routing (IR) license is not required to configure a port as EX_Port with Brocade NOS mode.
10 Viewing EX-Ports 1. Select a logical switch from the Logical Switch drop-down list in the top-right corner of the Switch Explorer window. The selected switch displays in the Switch View. 2. Click Configure > FCR. The FC Routing module displays. If FC-FC Routing is disabled, a message to that effect displays on all the tabs in the module. Viewing and managing LSAN fabrics The LSAN Fabric tab displays all the LSAN fabrics visible to your switch, in both a tabular and tree form.
Configuring an EX-Port 10 • Enable or disable trunking • Configure router port cost ATTENTION During EX-Port configuration, the port is automatically disabled, and then re-enabled when the changes are applied. Be sure that you do not physically connect a port to a remote fabric before configuring it as an EX-Port; otherwise, the two fabrics merge and you lose the benefit of Fibre Channel Routing. You can enable or disable multiple ports at one time.
10 Configuring FCR router port cost NOTE If you decide to configure a disabled port, the wizard provides the Enable Port after configuration check box. If you select this check box, the disabled port is automatically enabled after configuration. If you leave this box cleared, the port remains in the same state after configuration. Configuring FCR router port cost In FCR, EX-Ports can be assigned router port cost. The cost of the link is a positive number.
Configuring the backbone fabric ID 10 Click the Physical Devices or Proxy Devices element in the tree to see a detailed list of the physical or proxy devices. Click the device name in the tree for more detailed information about a specific device. Configuring the backbone fabric ID Web Tools automatically disables FC-FC Routing before setting the fabric ID. You should manually enable FCR after setting backbone FID. However, you must first disable all of the EX-Ports before you begin this operation.
10 138 Configuring the backbone fabric ID Web Tools Administrator’s Guide 53-1002756-01
Chapter 11 Using the Access Gateway In this chapter • Access Gateway overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Viewing Switch Explorer for Access Gateway mode. . . . . . . . . . . . . . . . . . . • Access Gateway mode. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Enabling Access Gateway mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Disabling Access Gateway mode . . . . . . . . . . . . . . .
11 Access Gateway mode FIGURE 33 Switch Explorer view for Access Gateway mode The Access Gateway mode Switch Explorer is divided into the following areas: • • • • • • Menu bar Switch View buttons Switch View, Port Admin, and Access Gateway Devices tabs Switch Events and Access Gateway information Indicator bar Professional Management Tool offering Access Gateway mode The Access Gateway feature on the Brocade Encryption switch and the Brocade 8000 enables interoperability with the Cisco fabrics.
Enabling Access Gateway mode 11 Restricted access in the Port Admin tab When Access Gateway mode is enabled, the following options can be configured in access gateway mode: • Port Configuration Policy — You can select Auto or Advanced mode (default mode). When auto mode is selected, options like Trunking, Configure N-Port Groups, Configure F-N Port Mappings, and N Port configuration are disabled. • Trunking — Enabling and Disabling of N_Port trunking is disabled.
11 Disabling Access Gateway mode 4. Click Enable in the Access Gateway Mode section. 5. Click Apply. 6. Click Yes to restart the switch in Access Gateway mode. Disabling Access Gateway mode To disable Access Gateway mode, perform the following steps. 1. Select a switch. 2. Click Configure > Switch Admin. The Switch Administration dialog box displays. 3. Click Disable in the Switch Status section. You can disable Access Gateway mode only after the switch is disabled. 4.
Port configuration 11 Creating port groups You can group a number of N_Ports (and its mapped F_Ports) together to connect to multiple independent fabrics or to create performance optimized ports. To group a number of ports, you must create a new port group and assign desired N_Ports to it. The N_Port grouping option is enabled by default, and all N_Ports are members of a default port group 0 (pg0). Access Gateway prevents failover of F_Ports across N_Port groups.
11 Port configuration Upon selecting the Login Balancing check box, the F Port Auto Rebalancing and N-Port Auto Rebalancing check boxes and Manual Balancing button become enabled. 6. Click Failover Enable. A confirmation dialog box displays. 7. Click Yes to enable failover to all the ports in the port group or click No if you do not want to enable failover. 8. Click Failover Disable. A confirmation dialog box displays.
Port configuration 11 4. Select the Primary Mappings subtab on the right side of the dialog. 5. In the Primary Mappings area, select ports and use the Add (right arrow) button to map F_Ports or U_Ports to N_Ports. 6. Optional: Use the Remove (left arrow) button to delete an F_Port mapping from an N_Port. 7. Optional: Define a secondary N_Port in the Secondary Failover Mappings area, by selecting the ports using the Add and Remove buttons to set up the secondary mappings.
11 Access Gateway policy modification 6. Optional: Expand the port in the right page and select the WWN and then use the Remove (left arrow) to remove the mapping. 7. Optional: Define a failover in the Secondary Failover Mappings area, by selecting the ports using the Add and Remove buttons to set up the secondary mappings. The WWN fails over to the secondary mapping if the primary mapped port is offline. If a secondary port is not defined, the failover moves to any online ports. 8.
Access Gateway policy modification 11 NOTE When port configuration is in auto mode, the Configure N port groups, Configure F-N port mapping, and Configure WWN-N port mapping buttons are disabled. To enable auto rebalancing from the Switch Administration window, perform the following steps. 1. Click a port in the Switch View to open the Port Admin tab. 2. Select Automatic from the Port Configuration Policy drop-down list.
11 Access Gateway limitations on the Brocade 8000 • Click Manual Balancing and a confirmation dialog box displays. Click Yes to change F Port-N Port Mapping or click No to cancel the changes. 7. Click Apply to apply the changes. Access Gateway limitations on the Brocade 8000 The following list the is a compilation of the limitations of using Access Gateway with the Brocade 8000 switch: • Only the Port Grouping (PG) policy is supported.
Chapter Administering Fabric Watch 12 In this chapter • Fabric Watch overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 149 Fabric Watch overview Fabric Watch is an optional Brocade licensed feature that monitors the performance and status of switches. Fabric Watch can automatically alert you when problems arise, before they become costly failures. NOTE If you do not own the switch, Fabric Watch is view-only.
12 150 Fabric Watch overview Web Tools Administrator’s Guide 53-1002756-01
Chapter Administering Extended Fabrics 13 In this chapter • Extended link buffer allocation overview . . . . . . . . . . . . . . . . . . . . . . . . . . . 151 • Configuring a port for long distance. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 154 Extended link buffer allocation overview If the link is used over long distances, use the Extended Fabric tab of the Switch Administration window to configure the long-distance setting of a port.
13 Extended link buffer allocation overview • Buffer Needed—The number of buffers needed. You can edit the buffer needed for LD and LS modes. When you change Buffer Needed value, Frame Size and Desired Distance(km) value cannot be changed. • Buffer Allocated—The number of buffers actually allocated. • Frame Size—The size of the frame. When you edit the frame size value, the desired distance value can also be changed for LD and LS modes and vice versa. But the buffer value cannot be changed.
Extended link buffer allocation overview FIGURE 35 13 Extended Fabric tab For the Brocade DCX, DCX-4S, DCX 8510-4, and DCX 8510-8 the slots for CPs are not available. The Brocade Encryption Switch and the FS8-18 Encryption blade support auto-negotiated link speeds of 1, 2, 4, and 8 Gbps. TABLE 15 Long-distance settings and license requirements Value Description Extended Fabrics License Required? L0 No long-distance setting is enabled.
13 Configuring a port for long distance TABLE 15 Long-distance settings and license requirements (Continued) Value Description Extended Fabrics License Required? LD Dynamic setting is enabled. Buffer credits for the given E_Port are dynamically configured based on the actual link distance, as long as this is less than the desired distance. If the actual link distance exceeds the desired distance, the desired distance is used to allocate the buffers.
Configuring a port for long distance • • • • 13 If the port capability is 4 GB, type a number between 10 and 125, inclusive. If the port capability is 2 GB, type a number between 10 and 250, inclusive. If the port capability is 1 GB, type a number between 10 and 500, inclusive. For the Brocade 6510, Brocade 6520, Brocade DCX 8510-8 and Brocade DCX 8510-4, the buffer credits are 10 through X; where X is proportional to the available buffers.
13 156 Configuring a port for long distance Web Tools Administrator’s Guide 53-1002756-01
Chapter 14 Routing Traffic In this chapter • Routing overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Viewing fabric shortest path first routing. . . . . . . . . . . . . . . . . . . . . . . . . . . • Configuring dynamic load sharing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Specifying frame order delivery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Configuring the link cost for a port. . . . . . . . .
14 Viewing fabric shortest path first routing FIGURE 36 Routing tab Viewing fabric shortest path first routing The Routing tab of the Switch Administration window displays information about routing paths. To view the fabric shortest path first routing, perform the following steps. 1. Open the Switch Administration window as described in “Opening the Switch Administration window” on page 31. 2. Select the Routing tab. 3.
Configuring dynamic load sharing 14 Configuring dynamic load sharing The exchange-based routing policy depends on the Fabric OS dynamic load sharing feature (DLS) for dynamic routing path selection. When this policy is in force, DLS is always enabled and cannot be disabled. When the port-based policy is in force, you can enable DLS to optimize routing. When DLS is enabled, it shares traffic among multiple equivalent paths between switches.
14 Specifying frame order delivery You can enable this loss less feature from WT. If you try to enable loss less when DLS is OFF, an error message displays. To enable or disable loss less DLS, perform the following steps. 1. Open the Switch Administration window as described in “Opening the Switch Administration window” on page 31. 2. Select the Routing tab. 3. Select On in the Loss Less area to enable the mode, or select Off to disable dynamic load sharing.
Configuring the link cost for a port 14 Every ISL has a default cost that is inversely proportional to its bandwidth. Use this procedure to set a non-default, “static” cost for any port. 1. Open the Switch Administration window as described in “Opening the Switch Administration window” on page 31. 2. Select the Routing tab. 3. This step is switch-specific: - For the Brocade DCX and DCX-4S enterprise-class platforms, click the slot number of the logical switch under Link Cost in the navigation tree.
14 162 Configuring the link cost for a port Web Tools Administrator’s Guide 53-1002756-01
Chapter 15 Configuring Standard Security Features In this chapter • User-defined accounts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • User-defined roles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Access control list policy configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Fabric-Wide Consistency Policy configuration . . . . . . . . . . . . . . . . . . . . . . .
15 User-defined accounts The User tab of the Switch Administration window (Figure 37 on page 165) displays account information. You can create and manage accounts depending on your role. The roles and permissions are listed in Table 16.
User-defined accounts FIGURE 37 15 User tab Viewing user account information To view user account information, perform the following steps. 1. Open the Switch Administration window as described in “Opening the Switch Administration window” on page 31. 2. Select the User tab. A list of the default and user-defined accounts displays. If you are logged in using the switchadmin role, only your account information displays.
15 User-defined accounts FIGURE 38 Add User Account dialog box (VF) 4. Enter the user name. The user name must begin with an alphabetic character. The name can be up to 40 characters long. It is case-sensitive and can contain alphabetic and numeric characters, the dot (.) and the underscore (_). It must be different from all other account names on the logical switch. 5. Select a role from the drop-down menu. For VF-enabled switches, the selection is done per logical fabric ID.
User-defined accounts 15 Selecting All makes the target user account a physical fabric administrator. 11. Select a home logical fabric ID if Virtual Fabrics are enabled. The default home logical fabric ID is 128. 12. For Virtual Fabrics environments, select a Chassis Role. The chassis role determines the RBAC role and permissions of the user for performing all chassis-level operations in all logical fabrics. 13. Click OK. 14. On the User tab, click Apply to apply your changes.
15 User-defined accounts You can change the description only on user-level accounts. You cannot change the description of the default accounts. You cannot change the description of your own account. 7. Click Enabled or Disabled to enable or disable the account. You can enable and disable user- and admin-level accounts, but not your own account. You cannot enable or disable your own account or the factory account. Only the root account can disable itself.
User-defined accounts 15 The Set User Account Password dialog box displays. 5. Enter the current password of the account. This step is required only if you are changing the password of your own or a peer admin account. 6. Enter the new password of the account. The new password must have at least one character different from the old password. 7. Retype the new password in the Confirm Password field. 8. Click OK. 9. Click Apply to save your changes.
15 User-defined roles 1. Open the Switch Administration window as described in “Opening the Switch Administration window” on page 31. 2. Select the User tab. 3. Select the account. 4. Click Expire Password. If the button is unavailable, the password is already expired. 5. Click Apply to save your changes. Unlocking a password To unlock a password, perform the following steps. 1. Open the Switch Administration window as described in “Opening the Switch Administration window” on page 31. 2.
User-defined roles 15 • In order for the user-defined role to be able to edit the Port Admin and FCR configuration, you must assign the RBAC_SwitchPortManagement and RBAC_SwitchPortConfiguration RBAC classes to the role. • In order for the user-defined role to be able to set the Fabric ID, you must assign the RBAC_FabricRouting and RBAC_SwitchConfiguration RBAC classes to the role.
15 User-defined roles FIGURE 39 Switch Admin:Add User Defined Role dialog 5. Enter a role name in the Name field. 6. Enter a description of the role in the Description field. 7. To grant the role a read/write privilege, select the privilege and click the right-arrow next to the Read & Write Privileges section. You can select multiple privileges. 8. To grant the role a read privilege, select the privilege and click the right-arrow next to the Read Privileges section. You can select multiple privileges.
Access control list policy configuration 15 The Switch Admin:Edit User Defined Role dialog box displays. FIGURE 40 Switch Admin:Add User Defined Role dialog 6. To grant the role a read/write privilege, select the privilege and click the right-arrow next to the Read & Write Privileges section. You can select multiple privileges. 7. To grant the role a read privilege, select the privilege and click the right-arrow next to the Read Privileges section. You can select multiple privileges. 8.
15 Access control list policy configuration Virtual Fabrics considerations ACL policies can be implemented at the logical switch/logical fabric level. Creating an SCC, DCC, or FCS policy You can create the FCS policy only once. To create an SCC, DCC, or FCS policy, perform the following steps. 1. Open the Switch Administration window as described in “Opening the Switch Administration window” on page 31. 2. Select the Security Policies tab. 3. Select the ACL subtab. 4.
Access control list policy configuration 15 8. Select a switch or highlight multiple switches to add to the policy by clicking Add or Add All. 9. Select a switch or highlight multiple switches to remove a policy by clicking Remove. 10. Click Next and click Finish to confirm the changes to the switch. Deleting all SCC, DCC, or FCS policies You cannot delete the FCS policy from non-primary or non-FCS switches. The Delete All button is enabled only when there is at least one policy activated.
15 Access control list policy configuration 4. Click Distribute Policy. 5. Select the switches that will receive the policy. 6. Select OK. If the policy distribution fails, an error dialog box displays. Moving an FCS policy switch position You can move the position of a primary switch in the FCS policy list. To move an FCS policy switch position, perform the following steps. 1. Open the Switch Administration window as described in “Opening the Switch Administration window” on page 31. 2.
Fabric-Wide Consistency Policy configuration 15 3. Select the Security Policies tab to configure the ADS policy in Access Gateway mode. 4. Select the ADS option. 5. Select the Enable ADS Policy option. The Configure Advanced Device Security Port WWN table displays. 6. Optional: Select an F_Port from the table and click the Edit button. The ADS Port WWN Configuration dialog displays.
15 Authentication policy configuration 8. Click Close. Authentication policy configuration You can configure an authentication protocol policy for E_Port and F_Port authentication, and then distribute the authentication policy to other switches in the fabric. You can also set shared secret keys. Configuring authentication policies for E_Ports To configure authentication policies for E_Ports, perform the following steps. 1.
Authentication policy configuration 15 5. Set the switch authentication mode to either off or passive and click Apply. Distributing authentication policies Authentication policies are distributed only if all the selected switches accept the distribution. Only the policy mode is distributed to the selected switches. The switch initiating the distribution must accept distribution. To distribute authentication policies, perform the following steps. 1.
15 SNMP configuration 6. Enter the Switch or HBA WWN, name, or domain ID, or use the Browse button to select a switch. 7. In the Peer Secret and Confirm Peer Secret fields, enter the peer secret value. 8. In the Local Secret and Confirm Local Secret fields, enter the local secret value. 9. Click Add. 10. When you are finished adding secret key pairs for switches, click Apply. Modifying a shared secret key pair You can edit and modify the secret key pairs by switch.
SNMP configuration 15 1. Open the Switch Administration window as described in “Opening the Switch Administration window” on page 31. 2. Select the SNMP tab. 3. Select a trap level for a recipient from the corresponding Trap Level menu in the SNMPv1 and SNMPv3 sections. The level you select identifies the minimum event level that prompts a trap. NOTE Adding or editing the user name can be done only through the CLI and by selecting a user name from the User Name menu in the SNMPv3 section. 4.
15 RADIUS management 3. Select a user name from the User Name menu in the SNMPv3 section. NOTE The list is scrollable. If you do not see your user name, scroll down using the scroll bar or by clicking the User Name heading. 4. Double-click a recipient IP address in the SNMPv3 section and enter a new IP address. 5. Select a trap level from the Trap Level menu. 6. Optional: Select the Enable SNMPv3 Informs for all Trap Recipients check box to enable or disable inform requests for all trap recipients. 7.
RADIUS management 15 The following are the three choices in the drop-down menu when RADIUS is selected as the primary service: • Switch Database when RADIUS Authentication Fails—When selected, the switch user login database is checked whenever RADIUS authentication fails. • Switch Database When RADIUS Times Out—Switch user login database is checked only if the physical connection to the RADIUS server fails. • None—Switch user login database is never checked.
15 RADIUS management You can configure RADIUS even if it is disabled. You can configure up to five RADIUS servers. You must be logged in as admin, switchadmin, or securityadmin to configure RADIUS. To configure RADIUS, perform the following steps.. 1. Open the Switch Administration window as described in “Opening the Switch Administration window” on page 31. 2. Select the AAA Service tab. 3. Click Add. The RADIUS/ADLDAP/TACACS+ Configuration dialog box displays.
Active Directory service management 15 Modifying the RADIUS server order The RADIUS servers are contacted in the order they are listed, starting from the top of the list and moving to the bottom. To modify the RADIUS server order, perform the following steps. 1. Open the Switch Administration window as described in “Opening the Switch Administration window” on page 31. 2. Select the AAA Service tab. 3. Select a RADIUS server from the RADIUS Configuration list. 4.
15 Active Directory service management 1. Open the Switch Administration window as described in “Opening the Switch Administration window” on page 31. 2. Select the AAA Service tab. 3. To enable Active Directory service, select Active Directory from the Primary AAA Service menu. 4. Select None, Switch Database when Active Directory authentication failed, or Switch Database when Active Directory timeout from the Secondary AAA Service menu.
TACACS+ management 15 TACACS+ management TACACS+ provides user authentication and authorization using TACACS as authentication protocol. You can add, remove, and modify settings of TACACS+ Server. Enabling and disabling TACACS+ At least one TACACS+ server must be configured before you can enable TACACS+. To enable or disable TACACS+, perform the following steps. 1. Open the Switch Administration window as described in “Opening the Switch Administration window” on page 31. 2. Select the AAA Service tab.
15 IPsec concepts 1. Open the Switch Administration window as described in “Opening the Switch Administration window” on page 31. 2. Select the AAA Service tab. 3. Select a server from the TACACS+ Configuration list. 4. Click Modify. The RADIUS/ADLDAP/TACACS+ Configuration dialog box displays. 5. Enter new values for the fields you want to modify. 6. Click OK to return to the AAA Service tab. 7. Click Apply. Removing TACACS+ To remove a TACACS+ server, perform the following steps. 1.
IPsec concepts 15 There are several protocols and algorithms that can be applied. Choosing the protocols and algorithms you want to use may be a matter of adapting to an implementation that is already in place in your LAN, or you may need to do a significant amount of research and planning. The supported protocols and algorithms are defined and described in the RFCs listed in Table 17.
15 IPsec concepts FIGURE 41 Transport mode and tunnel mode comparison IPsec header options IPsec adds headers to an IP datagram to enable authentication and privacy. There are two options: • Authentication Header (AH) • Encapsulating Security Payload (ESP) Authentication Header AH can be used to authenticate a data stream, but does not provide encryption needed for privacy. The AH contains a message authentication code (MAC). The MAC is created by a hash algorithm calculation.
IPsec concepts 15 Encapsulating Security Payload ESP provides authentication, and also provides privacy by encrypting the IP datagram. The use of an ESP header is similar to the use of the AH header. A hash algorithm is used to calculate an authentication value, the authentication value is sent in an IP datagram, and the same hash algorithm is used by the receiver to verify the authentication value. ESP can be used in either transport mode or tunnel mode, as shown in Figure 43.
15 IPsec concepts Gateway to Gateway In a gateway to gateway configuration, IPsec protection is implemented between network nodes. Tunnel mode is commonly used in a gateway to gateway configuration. A tunnel endpoint represents a set of IP addresses associated with actual endpoints that use the tunnel. IPsec is transparent to the actual endpoints. Endpoint to Gateway In an endpoint to gateway configuration, a protected endpoint connects through an IPsec protected tunnel.
IPsec concepts 15 Hash algorithms Hash message authentication codes (HMAC) check data integrity through a mathematical calculation on a message using a hash algorithm combined with a shared, secret key. Table 19 lists the available encryption algorithms. The sending computer uses the hash function and shared key to compute a checksum or code for the message, and sends it to the receiving computer.
15 IPsec over management ports DH group choices are 1(modp768), 2(modp1024), 14(modp2048), and 18(modp8192). Each group provides an incrementally more secure key exchange by providing more bits (768, 1024, 2048, 8192). Authentication methods The methods used to authenticate the IKE peer are preshared key (psk), DSS digital signature (dss), and RSA digital signature (rsasig): • A Preshared key (PSK) is a shared secret that is shared between two parties over a secure channel before it is used.
IPsec over management ports 15 1. Open the Switch Administration window. 2. Select Show Advanced Mode. 3. Select the Security Policies tab. 4. Under Security Policies, select Ethernet IPsec. The Ethernet IPsec Policies screen displays. 5. Ethernet IPsec policies can be configured only after enabling IPsec by clicking the Enable button below the Ethernet IPsec policies table.
15 IPsec over management ports To create a security association, perform the following steps. 1. Select the IPsec tab. The IPsec Policies screen displays. 2. Select the SA tab. 3. Select Add. The Add SA dialog box displays. 4. Enter a name for the SA in the SA Name field. 5. Select the IPsec Protocol. option. The choices are ah (for authentication header) and esp (for encapsulated security protocol). 6. Select the Authentication Algorithm option. 7. Select the Encryption Algorithm option. 8.
IPsec over management ports 15 The SA lifetime may be defined as a time value in seconds (LifeTime in seconds), as the number of bytes transmitted before the SA is rekeyed (LifeTime in bytes), or both. When both are used, the SA lifetime is determined by the threshold that is first reached. 6. Click OK. Adding an IPsec transform policy The IPsec transform policy is the combination of protocols and algorithms applied to a flow of IP packets.
15 IPsec over management ports The Add Selector dialog box displays. 3. Enter a name in the Selector Name field. 4. Select the Traffic Flow Direction (in or out). IPsec policies are unidirectional, and must be applied separately to inbound and outbound flows. 5. Enter the IP address of the sender in the Source IP Address field. 6. Enter the IP address of the receiver in the Peer IP Address field. 7. Enter the Transform Name value. 8. The Protocol Name selector allows you to select a specific protocol.
IPsec over management ports 15 The choices are ah (for authentication header) and esp (for encapsulated security protocol). 10. Select the IPsec Protection Type option. 11. Select the Authentication Algorithm option. 12. Enter or copy a generated encryption key in the Encryption Key field. 13. Select the Encryption Algorithm. 14. Enter or copy a generated authentication key in the Authentication Key field. 15. Optional: Enter a local and peer tunnel IP address. 16. Click OK.
15 Establishing authentication policies for HBAs Establishing authentication policies for HBAs To establish and enable authentication policies for HBAs as the log in to a fabric, perform the following steps. 1. Open the Switch Administration window. 2. Click Show Advanced Mode. 3. Select the Security Policies tab. 4. Select Authentication under Security Policies. The Authentication Policy Settings screen displays. 5. Under Configure Authentication Policy, do the following.
Chapter 16 Administering FICON CUP Fabrics In this chapter • FICON CUP fabrics overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Enabling port-based routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Enabling or disabling FICON Management Server mode . . . . . . . . . . . . . . • FMS parameter configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Displaying code page information . . . . . . . . . . . . .
16 Enabling port-based routing • Install a FICON CUP license on the Brocade switch. • Configure CUP attributes (FMS parameters) for the FICON director. FMS mode enable failed due to ports with areas 0xFE or 0xFF are connected to devices. You can use Web Tools for all of these tasks.
Enabling or disabling FICON Management Server mode 16 Enabling or disabling FICON Management Server mode FICON Management Server (FMS) is used to support switch management using CUP. To be able to use the CUP functionality, all switches in the fabric must have FICON Management Server mode (FMS mode) enabled. FMS mode is a per-switch setting. After FMS mode is enabled, you can activate a CUP license without restarting the director. You can use Web Tools to install a CUP license.
16 FMS parameter configuration TABLE 20 FMS mode parameter descriptions Parameter Description Programmed Offline State Control Controls whether host programming is allowed to set the switch offline. The parameter is set as enabled by the hardware after system installation, and can be reset by Web Tools. Active=Saved Mode Controls the IPL file update. The IPL file saves port connectivity attributes and port names.
Displaying code page information 16 3. Select the FICON CUP tab. The FICON CUP page displays the FICON Management Server page. All attributes on this page are read-only until FMS mode is enabled. 4. To enable or disable an FMS mode parameter, click the check box next to the parameter. A checked check box indicates that the parameter is enabled. You cannot configure the User Alert Mode parameter in Web Tools, as it is read-only.
16 Allow / Prohibit Matrix configuration • • • • • Mode Register Port Names (also called Port Address Name) Allow/Prohibit Matrix and Port Connectivity Attributes Switch enable/disable Switch name change To access the FICON CUP tab, perform the following steps. 1. Select a FICON-enabled switch from the Fabric Tree. 2. Open the Switch Administration window as described in “Opening the Switch Administration window” on page 31. 3. Select the FICON CUP tab.
Allow / Prohibit Matrix configuration 16 The Port Connectivity table (shown in Figure 45 on page 209) displays the Port number (in physical-location format), Port Name (port address name), Block attribute, Prohibit attribute, and Area Id (port address, displayed in hexadecimal) in fixed columns. The right side is a port matrix, that lists all ports by Area ID and identifies prohibited ports. Those columns are scrollable and swappable.
16 Allow / Prohibit Matrix configuration The Allow / Prohibit Matrix Configuration dialog box displays all ports and port names on the selected switch (similar to the dialog box shown in Figure 45). The Block column, Prohibit column, and prohibited ports matrix are displayed as empty, for you to configure. • To edit an existing configuration, click the configuration, and then click Edit.
Allow / Prohibit Matrix configuration FIGURE 45 16 Allow / Prohibit Matrix Configuration dialog box Activating an Allow / Prohibit Matrix configuration When you activate a saved Allow / Prohibit Matrix configuration on the switch, the preceding configuration (currently activated) is overwritten. To activate an Allow / Prohibit Matrix configuration, perform the following steps. 1. Open theAllow / Prohibit Matrix configuration list. 2. Select the saved configuration from the list. 3. Click Activate.
16 CUP logical path configuration 3. Click Copy. The Allow / Prohibit Matrix Configuration dialog box displays. 4. In the dialog box, enter a name and description for the new configuration and click OK to save the configuration to the target file; click Cancel to cancel copying the configuration. The file name must be in alphanumeric characters and can contain only dashes or underscores as special characters.
Link Incident Registered Recipient configuration 16 The FICON CUP page displays the FICON Management Server page in front. All attributes on this page are read-only until FMS mode is enabled. 5. Click the CUP Logical paths subtab. 6. Select a logical path and click Set Current. Link Incident Registered Recipient configuration The Link Incident Registered Recipient (LIRR) receives Link Incident Reports (RLIR) on the source N_Port. The LIRR database is stored on the switch.
16 Displaying Request Node Identification Data Displaying Request Node Identification Data Web Tools displays Request Node Identification Data (RNID) information for the local switch, and for attached FICON devices and FICON channel paths. RNID information for the switch displays in the Switch Information tab (Figure 46). FIGURE 46 Switch RNID information RNID information for attached FICON devices and channel paths displays on the Name Server view.
Chapter 17 Configuring FCoE with Web Tools In this chapter • Web Tools and FCoE overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Web Tools, the EGM license, and Brocade Network Advisor . . . . . . . . . . . • Switch administration and FCoE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • FC0E configuration tasks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Quality of Service configuration . . . . . . . . . . . . . . . .
17 Web Tools, the EGM license, and Brocade Network Advisor A limited set of features is accessible using Web Tools without a license, and is available free of charge. Additional switch management features are accessible using Web Tools with the Enhanced Group Management (EGM) license. Refer to “Web Tools, the EGM license, and Brocade Network Advisor” for more information.
Switch administration and FCoE 17 Switch administration and FCoE The DCB tab on the Switch Administration window is specific to DCE and DCB configuration and management. The DCB tab has five subtabs (Figure 47) that are used for FCoE switch administration: • • • • • Link Aggregation VLAN FCoE Login Group QoS LLDP-DCBX FIGURE 47 Switch Administration DCB subtabs FC0E configuration tasks There are several tasks related to FC0E configuration.
17 Quality of Service configuration • You can edit the DCB map. The DCB map defines priority and priority group tables that support Enhanced Transmission Selection (ETS). ETS allows allocation of bandwidth to different traffic classes. DCB maps also allow you to enable Priority Flow Control (PFC). • You can create a traffic class map. A traffic class map can be used to map a specific class of traffic to a specific Class of Service (CoS).
LLDP-DCBX configuration 17 1. Select the DCB tab on the Switch Administration window. 2. Select the QoS tab. 3. Select the Traffic Class Map tab. 4. Select Add. The Traffic Class Map Configuration dialog box displays. NOTE This dialog box has the same structure as the Priority Group Map in the DCB Configuration dialog box. The default CoS-to-traffic class structure is based on IEEE 802.1Q recommendations, as in the default Priority Group Map. 5. Enter a name for the traffic class map in the Name field.
17 LLDP-DCBX configuration The Hello value sets the interval between hello bridge protocol data units sent by the root switch configuration messages. The range of valid values is from 4 to 180 seconds. The default is 30 seconds. 9. In the Multiplier field, set the number of consecutive misses allowed before LLDP considers the interface to be down. The range is 2 to 10. The default is 4. The multiplier is related to the Hello time interval.
LLDP-DCBX configuration 17 Adding an LLDP profile The LLDP profile determines LLDP settings per port. To add an LLDP profile, perform the following steps. 1. Select the DCB tab on the Switch Administration window. 2. Select the LLDP-DCBX tab. 3. Select the LLDP Profile tab. 4. Click Add. The LLDP Configuration dialog box displays. 5. Enter a name for the configuration in the Name field. 6. Optionally, add a description in the Description field. 7. Select the Mode.
17 Configuring DCB interfaces • management-address—The IP address of the management port on the 8000 switch. - Advertise dot1-tlv—Advertises to any attached device to send IEEE 802.1 LLDP type, length, and values. - Advertise dot3-tlv—Advertises to any attached device to send IEEE 802.3 LLDP type, length, and values. - Advertise DCBx-tlv—Advertises to any attached device the respective LLDP type, length, and values.
Configuring a link aggregation group 17 8. Enter the profile name in the LLDP-DCBX Profile field for using a specific profile for the interface. 9. In the FC0E Priority Bits field, enter a value that indicates the desired user priority. Each bit represents a user priority that is associated with FCoE traffic. The range is 0-255. The default is 8. 10. Assign a default class of service in the Default CoS field. The default CoS range is 0-7. The default is 0. 11. Click OK. 12.
17 Configuring VLANs The L2 mode setting determines operation within a VLAN: - Access mode allows only one VLAN association, and all frames are untagged. Trunk mode allows more than one VLAN association, and allows tagged frames. 9. Select the operational Status. The choices are Administratively Up and Administratively Down. 10. Click OK. Configuring VLANs The Virtual LAN (VLAN) capability allows multiple virtual LANs within a single physical LAN infrastructure.
Configuring FCoE login groups 17 NOTE The FCoE check box is selected by default for FCoE VLAN. The FCoE check box is read-only, you must use the CLI to make any changes to the FCoE VLAN. 11. Click OK to enable FCoE. Clear the check box to disable FCoE. Configuring FCoE login groups FCoE login groups control which FCoE devices are allowed to log in to a switch or fabric. The FCoE Ports window is used for configuring the FCoE ports on a switch.
17 Displaying LAG information 1. Select the FCoE Ports tab on the Port Admin tab. The initial view displays a summary of all FCoE ports on the switch (Figure 48). FIGURE 48 FCoE Ports tab, Port Administration panel 2. To view information for a specific port, select the trunk in the FC0E Ports Explorer or select the port in the FCoE Port Configuration and Management table and click View Details. Port information displays in three tabs. The General tab is pre-selected.
Displaying VLAN information 17 Displaying VLAN information To display VLAN information, perform the following steps. 1. Select the DCB tab on the Switch Administration window. 2. Select the VLAN tab. The VLAN information displays. Displaying FCoE login groups To display FCoE login group information, perform the following steps. 1. Select the DCB tab on the Switch Administration window. 2. Select the FCoE Login tab. The FC0E login group information displays.
17 Configuring a DCB interface from the Switch View • Toggle between showing Absolute Values or Delta Values (values that have changed since the last data collection). • Use the Clear Counters button to clear the counters in port statistics. • Change the retrieval interval. To view additional information, select View > Advanced Mode. An Advanced tab and an Error Detail tab are added next to Basic Mode.
Enabling and disabling LLDP 17 3. Click Add. The LAG Configuration dialog box displays. 4. Change the Status to Administratively Up or Administratively Down. Enabling and disabling LLDP To enable or disable LLDP on a DCB interface, perform the following steps. 1. Select the DCB Interfaces tab on the Port Admin tab. 2. Under the DCB Interface Explorer, select the port. 3. Select the General tab. 4. Click Edit Configuration. The DCB Edit Configuration dialog box displays. 5.
17 228 Enabling and disabling FCoE ports Web Tools Administrator’s Guide 53-1002756-01
Chapter 18 Limitations In this chapter • General Web Tools limitations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 229 General Web Tools limitations Table 21 lists general Web Tools limitations that apply to all browsers and switch platforms. TABLE 21 Web Tools limitations Area Details Blade Failure If a blade fails on the switch, the Web Tools interface can still display slot and ports as healthy.
18 General Web Tools limitations TABLE 21 Web Tools limitations (Continued) Area Details Firmware download There are multiple phases to firmware download and activation. When Web Tools reports that firmware download completed successfully, this indicates that a basic sanity check, package retrieval, package unloading, and verification was successful. Web Tools forces a full package install. A restart is required to activate the newly downloaded firmware.
General Web Tools limitations TABLE 21 18 Web Tools limitations (Continued) Area Details Loss of Connection Occasionally, you might see the following message when you try to retrieve data from the switch or send a request to the switch: Switch Status Checking The switch is not currently accessible. The dialog box title may vary, because it indicates which module is having the problem. This is caused by the loss of HTTP connection with the switch, due to a variety of possible problems.
18 General Web Tools limitations TABLE 21 232 Web Tools limitations (Continued) Area Details Refresh option in browsers If you change the switch name using the Web Tools Switch Administration page or SNMP and then open a Telnet window to verify the name change, the CLI prompt (for example, switch:admin >) displays the previous name. The Telnet prompt cannot pick up the new switch name until the switch is fastbooted.
Index Numerics B 2 domain/4 domain fabric licenses, 9 7800 switch, 69, 70 backbone fabric ID, configuring, 137 backing up configuration file, 55 basic performance monitoring graphs, 94, 95 BB credit, 40 beaconing, enabling, 52 best practices for zoning, 122 blades, enabling and disabling, 33 browsers limitations, 229, 232 refresh frequency, setting, 5 supported, 4 buffer-limited ports, 151 A Access Control List. Refer to ACL access control. Refer to RBAC.
configuring Allow / Prohibit Matrix, 206 arbitrated loop parameters, 42 backbone fabric ID, 137 default heap size, 8 EX_Ports, 134 fabric parameters, 40 FAN frame notification parameters, 42 FC ports, 64 FCR router cost, 136 FICON Management Server parameters, 203 IOD frames delivery, 160 Java Plug-in, 8 link cost, 160 long-distance settings, 154 port speed, 64 port type, 64 ports, 59 RADIUS server, 183 routes, 157 syslog IP address, 32 system services, 42 virtual channel settings, 41 configuring FCR router
enabling Access Gateway mode, 141 automatic trace dump transfer, 124 beaconing, 52 blades, 33 DLS, 159 FICON Management Server mode, 203 insistent domain ID mode, 41 ports, 68 Ports on Demand, 71 RADIUS, 183 RLS probing, 42 switch, 35 trunking mode, 85 zone configurations, 118 ending sessions, 13 events displaying, 49 filtering, 49 severity levels, 47 EX_Ports, configuring, 134 exchange-based routing, 157, 159 expiring passwords, 169 extended fabrics, 151 F F_Port trunk groups Access Gateway mode, 87 fabri
installing Java Plug-in, 7, 8 JRE, 7 JRE patches on Solaris, 7 Solaris patches, 7 Internet Explorer 7.
polling rates, 26 port menu, 25 port names, assigning, 67 port speed, configuring, 64 port swapping, 75 port type, configuring, 64 port-based routing, 157 ports buffer-limited, 151 configuring, 59 disabling, 68, 69 enabling, 68 LEDs, 130 long distance parameter, 154 naming, 67 Ports on Demand, enabling, 71 power supply status, 127, 128 preferences persist, 19 printing effective zone configuration, 120 performance graphs, 101 protocol options, 231 R R_A_TOV, 40 RADIUS server about, 182, 185, 187 configuring
switch 7800, 69, 70 changing the name of, 36 enabling and disabling, 35 mouse over information, 24 rebooting, 38 Switch Administration window, 29 opening, 31 Switch Events and Switch Information, 23 switch events, displaying, 49 switch name, changing, 36 switch report, 37 switch status report, 128 Switch View, 21 Switch View buttons, 21 syslog IP address configuring, 32 removing, 32 system services, configuring, 42 T Telnet, 27 temperature status, 126 temporary internet files, 6 timeout, session, 14 TLS, 2
zones about, 103 adding WWNs, 120 best practices, 122 creating, 111 deleting, 114 description, 111 LSAN, 136 modifying, 112 removing WWNs, 120 renaming, 113 replacing WWNs, 121 selecting a view, 109 zoning all access, 105 default zoning, 105 no access, 105 zoning database clearing, 122 maximum size, 108, 118 zoning views, 109 zoning, disabling, 118 zoning, saving changes, 108 Web Tools Administrator’s Guide 53-1002756-01 239
240 Web Tools Administrator’s Guide 53-1002756-01