Users Guide
484 Fabric OS Administrator’s Guide
53-1002920-02
Restrictions of FA-PWWN
19
If you are concerned about security for FA-PWWNs, you should configure device authentication. You
can use authentication at the device level to ensure security between the switch and the server.
Refer to “Device authentication policy” on page 246 for information about configuring device
authentication.
You can also use the Device Connection Control (DCC) policy to ensure that only an authorized
physical server can connect to a specific switch port.
NOTE
When creating the DCC policy, use the physical device WWN and not the FA-PWWN.
If you use DCC, a policy check is done on the physical PWWN on the servers. In the case of an HBA,
the FA-PWWN is assigned to the HBA only after the DCC check is successful. Refer to “DCC policy
behavior with Fabric-Assigned PWWNs” on page 241 for additional information.
Restrictions of FA-PWWN
The FA-PWWN feature is not supported with some Fibre Channel fabric features.
FA-PWWN is not supported for the following:
• FCoE devices
• FL_Ports
• Swapped ports (using the portswap command)
• Cascaded Access Gateway topologies
• FICON/FMS mode
• With F_Port trunking on directly attached Brocade HBAs or adapters
NOTE
FA-PWWN is supported with F_Port trunking on the supported Access Gateway platforms.
Access Gateway N_Port failover with FA-PWWN
If an Access Gateway is connected to multiple switches, you should configure the same FA-PWWNs
on both switches to avoid having to reboot the host in case of failover.
If the same FA-PWWNs are not configured on the switches, and if an FA-PWWN F_Port on an Access
Gateway fails over to an N_Port that is connected to a different switch, the FA-PWWN assigned to
the Access Gateway F_Port following the failover will be different than it was before the failover
occurred. This situation may require the host to reboot to bring it back online. Even after the reboot,
the host may potentially go into a different zone because the FA-PWWN is different.