Administrator Guide

ManualsBrandsDell ManualsComputer AccessoriesPOWEREDGE M1000E

271

272

273

274

275

276

277

278

279

280

Table Of Contents

Contents
Figures
Tables
About This Document
- In this chapter
- How this document is organized
- Supported hardware and software
- What’s new in this document
- Document conventions
- Notice to the reader
- Additional information
  - Brocade resources
  - Other industry resources
- Getting technical help
- Document feedback
Understanding Fibre Channel Services
- In this chapter
- Fibre Channel services overview
- The Management Server
- Platform services
- Management server database
- Topology discovery
- Device login
- High availability of daemon processes
Performing Basic Configuration Tasks
- In this chapter
- Fabric OS overview
- Fabric OS command line interface
- Password modification
  - Default account passwords
- The Ethernet interface on your switch
- Date and time settings
- Domain IDs
  - Displaying the domain IDs
  - Setting the domain ID
- Switch names
  - Customizing the switch name
- Chassis names
  - Customizing chassis names
- Switch activation and deactivation
  - Disabling a switch
  - Enabling a switch
- Switch and enterprise-class platform shutdown
  - Powering off a Brocade switch
  - Powering off a Brocade enterprise-class platform
- Basic connections
  - Device connection
  - Switch connection
Performing Advanced Configuration Tasks
- In this chapter
- PIDs and PID binding overview
- Ports
- Blade terminology and compatibility
- Enabling and disabling blades
  - Enabling blades
  - Disabling blades
- Blade swapping
  - Swapping blades
  - Swapping blades
- Power management
  - Powering off a port blade
  - Powering on a port blade
- Equipment status
- Track and control switch changes
- Audit log configuration
Routing Traffic
- About this chapter
- Routing overview
- Inter-switch links
  - Buffer credits
  - Virtual Channels
- Gateway links
  - Configuring a link through a gateway
- Inter-chassis links
  - Supported topologies
- Routing policies
- Route selection
  - Dynamic Load Sharing
  - Static route assignment
- Frame order delivery
  - Forcing in-order frame delivery across topology changes
  - Restoring out-of-order frame delivery across topology changes
- Lossless Dynamic Load Sharing on ports
- Frame Redirection
Managing User Accounts
- In this chapter
- User accounts overview
  - Role-Based Access Control (RBAC)
  - The management channel
- Local database user accounts
  - Default accounts
  - Local account passwords
- Local account database distribution
- Password policies
- The boot PROM password
- The authentication model using RADIUS and LDAP
Configuring Protocols
- In this chapter
- Security protocols
- Secure Copy
  - Setting up SCP for configUploads and downloads
- Secure Shell protocol
  - SSH public key authentication
- Secure Sockets Layer protocol
- Simple Network Management Protocol
- Telnet protocol
  - Blocking Telnet
  - Unblocking Telnet
- Listener applications
- Ports and applications used by switches
  - Port configuration
Configuring Security Policies
- In this chapter
- ACL policies overview
  - How the ACL policies are stored
  - Policy members
- ACL policy management
- FCS policies
- DCC policies
- SCC policies
  - Creating an SCC policy
- Authentication policy for fabric elements
- IP Filter policy
- Policy database distribution
- Management interface security
Maintaining the Switch Configuration File
- In this chapter
- Configuration settings
  - Configuration file format
- Configuration file backup
  - Uploading a configuration file in interactive mode
- Configuration file restoration
  - Restrictions
  - Configuration download without disabling a switch
- Configurations across a fabric
  - Downloading a configuration file from one switch to another same model switch
  - Security considerations
- Configuration management for Virtual Fabrics
- Brocade configuration form
Installing and Maintaining Firmware
- In this chapter
- Firmware download process overview
- Preparing for a firmware download
- Firmware download on switches
  - Switch firmware download process overview
- Firmware download on an enterprise-class platform
  - Enterprise-class platform firmware download process overview
- Firmware download from a USB device
- FIPS Support
- Test and restore firmware on switches
  - Testing a different firmware version on a switch
- Test and restore firmware on enterprise-class platforms
  - Testing different firmware versions on enterprise-class platforms
- Validating a firmware download
Managing Virtual Fabrics
- In this chapter
- Virtual Fabrics overview
- Logical switch overview
  - Default logical switch
  - Logical switches and fabric IDs
  - Port assignment in logical switches
  - Logical switches and connected devices
- Logical fabric overview
  - Logical fabric and ISLs
  - Logical fabric and ISL sharing
- Management model for logical switches
- Account management and Virtual Fabrics
- Supported platforms for Virtual Fabrics
  - Supported port configurations in the Brocade 5100, 5300, and VA-40FC
  - Supported port configurations in the Brocade DCX and DCX-4S
  - Virtual Fabrics interaction with other Fabric OS features
- Limitations and restrictions of Virtual Fabrics
  - Restrictions on moving ports
- Enabling Virtual Fabrics mode
- Disabling Virtual Fabrics mode
- Configuring logical switches to use basic configuration values
- Creating a logical switch or base switch
- Executing a command in a different logical fabric context
- Deleting a logical switch
- Adding and removing ports on a logical switch
- Displaying logical switch configuration
- Changing the fabric ID of a logical switch
- Changing a logical switch to a base switch
- Setting up IP addresses for a Virtual Fabric
- Removing an IP address for a Virtual Fabric
- Configuring a logical switch to use XISLs
- Changing the context to a different logical fabric
- Creating a logical fabric using XISLs
Administering Advanced Zoning
- In this chapter
- Special zones
- Zoning overview
- Broadcast zones
- Zone aliases
- Zone creation and maintenance
- Default zoning mode
  - Setting the default zoning mode
  - Viewing the current default zone access mode
- Zoning database size
- Zoning configurations
- Zone object maintenance
- Zoning configuration management
  - New switch or fabric additions
  - Fabric segmentation and zoning
- Security and zoning
- Zone merging scenarios
Traffic Isolation Zoning
- In this chapter
- Traffic Isolation Zoning overview
  - TI zone failover
  - FSPF routing rules and traffic isolation
- Enhanced TI zones
- Traffic Isolation Zoning over FC routers
- General rules for TI zones
- Supported configurations for Traffic Isolation Zoning
  - Additional configuration rules for enhanced TI zones
  - Trunking with TI zones
- Limitations and restrictions of Traffic Isolation Zoning
- Admin Domain considerations for Traffic Isolation Zoning
- Virtual Fabric considerations for Traffic Isolation Zoning
- Traffic Isolation Zoning over FC routers with Virtual Fabrics
- Creating a TI zone
  - Creating a TI zone in a base fabric
- Modifying TI zones
- Changing the state of a TI zone
- Deleting a TI zone
- Displaying TI zones
- Setting up TI over FCR (sample procedure)
Administering NPIV
- In this chapter
- NPIV overview
- Configuring NPIV
- Enabling and disabling NPIV
- Viewing NPIV port configuration information
  - Viewing virtual PID login information
Interoperability for Merged SANs
- In this chapter
- Interoperability overview
- Connectivity solutions
- Domain ID offset modes
  - Configuring the Domain_ID offset
- McDATA Fabric mode configuration restrictions
- McDATA Open Fabric mode configuration restrictions
- Interoperability support for logical switches
- Switch configurations for interoperability
  - Enabling McDATA Open Fabric mode
  - Enabling McDATA Fabric mode
  - Enabling Brocade Native mode
- Zone management in interoperable fabrics
  - Zoning restrictions
  - Zone name restrictions
  - Zoning modes
  - Setting the safe zone mode on a stand-alone switch
  - Setting the safe zone mode fabric-wide
  - Disabling safe zone mode
  - Effective zone configuration
  - Saving the effective zone configuration to the Defined Database
- Frame Redirection in interoperable fabrics
- Traffic Isolation zones in interoperable fabrics
- Brocade SANtegrity implementation in mixed fabric SANS
  - Fabric OS Layer 2 Fabric Binding
- E_Port authentication between Fabric OS and M-EOS switches
  - Switch authentication policy
  - Dumb switch authentication
  - Authentication of EX_Port, VE_Port, and VEX_Port connections
  - Authentication of VE_Port-to-VE_Port connections
  - Authentication of VEX_Port-to-VE_Port connections
  - Authentication of VEX_Port-to-VEX_Port connections
- FCR SANtegrity
  - Fabric Binding behavior in a mixed fabric
  - Translate domains do not have Preferred or Insistent Domain ID behavior.
  - Configuring the preferred domain ID and the insistent domain ID
- FICON implementation in a mixed fabric
- Fabric OS version change restrictions in an interoperable environment
- Coordinated Hot Code Load
  - Bypassing the Coordinated HCL check on firmware download
  - Coordinated HCL on switches firmware downloads
  - Upgrade and downgrade considerations for HCL for interoperability
- McDATA-aware features
- McDATA-unaware features
  - M-EOS feature limitations in mixed fabrics
- Supported hardware in an interoperable environment
- Supported features in an interoperable environment
- Unsupported features in an interoperable environment
Managing Administrative Domains
- In this chapter
- Administrative Domains overview
- Admin Domain management for physical fabric administrators
- SAN management with Admin Domains
Administering Licensing
- In this chapter
- Licensing overview
- The Brocade 7800 Upgrade license
- ICL licensing
  - ICL 16-link license
  - ICL 8-link license
- 8G licensing
- Slot-based licensing
- Time-based licenses
  - Configupload and download considerations
  - Expired licenses
- Universal Time-based licenses
- Viewing installed licenses
- Activating a license
- Adding a licensed feature
- Removing a licensed feature
- Ports on Demand
Monitoring Fabric Performance
- In this chapter
- Advanced Performance Monitoring overview
  - Types of monitors
  - Virtual Fabrics considerations for Advanced Performance Monitoring
- End-to-end performance monitoring
- Frame monitoring
- ISL performance monitoring
- Top Talker monitors
- Trunk monitoring
- Displaying end-to-end and ISL monitor counters
- Clearing end-to-end and ISL monitor counters
- Saving and restoring monitor configurations
- Performance data collection
Optimizing Fabric Behavior
- In this chapter
- Adaptive Networking overview
- Ingress Rate Limiting
  - Limiting traffic from a particular device
  - Disabling ingress rate limiting
- QoS: SID/DID traffic prioritization
  - License requirements for traffic prioritization
- QoS zones
- Setting traffic prioritization
- Setting traffic prioritization over FC routers
- Disabling QoS
- Bottleneck detection
- Enabling bottleneck detection on a switch
- Excluding a port from bottleneck detection
- Displaying bottleneck detection configuration details
- Changing bottleneck alert parameters
- Displaying bottleneck statistics
- Disabling bottleneck detection on a switch
Managing Trunking Connections
- In this chapter
- Trunking overview
  - Criteria for managing trunking connections
- Supported hardware
- Recommendations for trunking groups
- Basic trunk group configuration
- Trunking over long distance fabrics
- F_Port trunking
- F_Port masterless trunking
Managing Long Distance Fabrics
- In this chapter
- Long distance fabrics overview
- Extended Fabrics device limitations
- Long distance link modes
- Configuring an extended ISL
  - Enabling long distance when connecting to TDM devices
- Buffer credit management
- Buffer credit recovery
Using the FC-FC Routing Service
- In this chapter
- FC-FC routing service overview
  - Supported platforms for Fibre Channel routing
  - Supported configurations
- Integrated Routing
- Fibre Channel routing concepts
- Setting up the FC-FC routing service
  - Verifying the setup for FC-FC routing
- Backbone fabric IDs
  - Assigning backbone fabric IDs
- FCIP tunnel configuration
- Inter-fabric link configuration
  - Configuring an IFL for both edge and backbone connections
- FC Router port cost configuration
  - Port cost considerations
  - Setting router port cost for an EX_Port
- EX_Port frame trunking configuration
- LSAN zone configuration
- Proxy PID configuration
- Fabric parameter considerations
- Inter-fabric broadcast frames
- Resource monitoring
- FC-FC Routing and Virtual Fabrics
  - Logical switch configuration for FC routing
  - Backbone-to-edge routing with Virtual Fabrics
- Upgrade and downgrade considerations for FC-FC routing
  - How replacing port blades affects EX_Port configuration
- Displaying the range of output ports connected to xlate domains
M-EOS Migration Path to Fabric OS
- In this appendix
- M-EOS fabrics overview
- McDATA Mi10K interoperability
- Fabric configurations for interconnectivity
Inband Management
- In this appendix
- Inband Management overview
- Internal Ethernet devices
- IP address and routing management
- Examples of supported configurations
  - Configuring a Management Station on the same subnet
  - Configuring a Management Station on different subnets
Port Indexing
- In this appendix
- Port indexing on the Brocade 48000 director
- Port indexing on the Brocade DCX backbone
- Port indexing on the Brocade DCX-4S backbone
FIPS Support
- In this appendix
- FIPS overview
- Zeroization functions
  - Power-up self tests
  - Conditional tests
- FIPS mode configuration
  - LDAP in FIPS mode
  - LDAP certificates for FIPS mode
- Preparing the switch for FIPS
Hexadecimal
- Hexadecimal overview
  - Example conversion of the hexadecimal triplet Ox616000
Index

240 Fabric OS Administrator’s Guide

53-1001763-02

Zoning overview

Zone objects

A zone object is any device in a zone, such as:

• Physical port number or port index on the switch

• Node World Wide Name (N-WWN)

• Port World Wide Name (P-WWN)

Zone objects identified by port number or index number are specified as a pair of decimal numbers

in the form D,I, where D is the domain ID of the switch and I is the index number on that switch in

relation to the port you want to specify.

TABLE 49 Approaches to fabric-based zoning

Zoning approach Description

Recommended approach

Single HBA Zoning by single HBA most closely re-creates the original SCSI bus. Each zone created has only

one HBA (initiator) in the zone; each of the target devices is added to the zone. Typically, a zone

is created for the HBA and the disk storage ports are added. If the HBA also accesses tape

devices, a second zone is created with the HBA and associated tape devices in it. In the case of

clustered systems, it could be appropriate to have an HBA from each of the cluster members

included in the zone; this is equivalent to having a shared SCSI bus between the cluster

members and assumes that the clustering software can manage access to the shared devices.

In a large fabric, zoning by single HBA requires the creation of possibly hundreds of zones;

however, each zone contains only a few members. Zone changes affect the smallest possible

number of devices, minimizing the impact of an incorrect zone change. This zoning philosophy

is the preferred method.

Alternative approaches

Application Zoning by application typically requires zoning multiple, perhaps incompatible, operating

systems into the same zones. This method of zoning creates the possibility that a minor server

in the application suite could disrupt a major server (such as a Web server disrupting a data

warehouse server). Zoning by application can also result in a zone with a large number of

members, meaning that more notifications, such as registered state change notifications

(RSCNs), or errors, go out to a larger group than necessary.

Operating

system

Zoning by operating system has issues similar to zoning by application. In a large site, this type

of zone can become very large and complex. When zone changes are made, they typically

involve applications rather than a particular server type. If members of different operating

system clusters can see storage assigned to another cluster, they might attempt to own the

other cluster’s storage and compromise the stability of the clusters.

Port allocation Avoid zoning by port allocation unless the administration team has very rigidly enforced

processes for port and device allocation in the fabric. It does, however, provide some positive

features. For instance, when a storage port, server HBA, or tape drive is replaced, the change of

WWN for the new device is of no consequence. As long as the new device is connected to the

original port, it continues to have the same access rights. The ports on the edge switches can

be pre-associated to storage ports, and control of the fan-in ratio (the ratio of the input port to

output port) can be established. With this pre-assigning technique, the administrative team

cannot overload any one storage port by associating too many servers with it.

Not recommended

No fabric zoning Using no fabric zoning is the least desirable zoning option because it allows devices to have

unrestricted access on the fabric. Additionally, any device attached to the fabric, intentionally or

maliciously, likewise has unrestricted access to the fabric. This form of zoning should be utilized

only in a small and tightly controlled environment, such as when host-based zoning or LUN

masking is deployed.