53-1001775-01 13 April 2010 DCFM Enterprise User Manual Supporting DCFM 10.4.
Copyright © 2007-2010 Brocade Communications Systems, Inc. All Rights Reserved. Brocade, the B-wing symbol, BigIron, DCX, Fabric OS, FastIron, IronPoint, IronShield, IronView, IronWare, JetCore, NetIron, SecureIron, ServerIron, StorageX, and TurboIron are registered trademarks, and DCFM, Extraordinary Networks, and SAN Health are trademarks of Brocade Communications Systems, Inc., in the United States and/or in other countries.
Contents About This Document In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .xxvii How this document is organized . . . . . . . . . . . . . . . . . . . . . . . . . . .xxvii Supported hardware and software . . . . . . . . . . . . . . . . . . . . . . . . xxviii Supported open source software products. . . . . . . . . . . . . . . . . . . xxxi What’s new in this document . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxxii Document conventions . .
Contents Management server and client . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14 Logging into a server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17 Launching a remote client. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17 Clearing previous versions of the remote client . . . . . . . . . . . 18 Launching the Configuration Wizard . . . . . . . . . . . . . . . . . . . . 18 Changing your password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Contents Seed switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53 Seed switch requirements. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54 Seed switch failover. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55 Changing the seed switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56 Chapter 3 Application Configuration In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Contents Editing names . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Exporting names . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Importing Names . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Searching for a device by name . . . . . . . . . . . . . . . . . . . . . . . . Searching for a device by WWN . . . . . . . . . . . . . . . . . . . . . . . . 81 81 82 82 83 Security . . . . . . . . . . . . . . . . . . . . . . . . . . .
Contents Defining an event filter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .119 Call Home for virtual switches . . . . . . . . . . . . . . . . . . . . . . . . 119 Assigning an event filter to a call home center . . . . . . . . . . . . . . . .120 Assigning an event filter to a device . . . . . . . . . . . . . . . . . . . . . . . .120 Overwriting an assigned event filter . . . . . . . . . . . . . . . . . . . . . . . .121 Removing an event filter from a call home center . . . . . .
Contents Chapter 6 Third-party tools In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141 About third-party tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141 Starting third-party tools from the application . . . . . . . . . . . . . . . .142 Launching a Telnet session . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .142 Launching an Element Manager . . . . . . . . . . . . . . . . . . . . . . . . . . .
Contents Configuring NIS authentication. . . . . . . . . . . . . . . . . . . . . . . . Configuring UNIX password file authentication . . . . . . . . . . . Configuring local database authentication . . . . . . . . . . . . . . Displaying the client authentication audit trail . . . . . . . . . . . 164 164 164 165 Restoring the database . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .165 Capturing technical support information. . . . . . . . . . . . . . . . . . . . .
Contents Host port mapping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .201 Creating a new Host. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 201 Renaming an HBA Host . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 202 Deleting an HBA Host . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 202 Viewing Host properties. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 202 Associating an HBA with a Host . . . . . . . . . . . . .
Contents Upload Failure data capture. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .234 Enabling upload failure data capture . . . . . . . . . . . . . . . . . . . 234 Disabling upload failure data capture . . . . . . . . . . . . . . . . . . 235 Purging upload failure data capture files . . . . . . . . . . . . . . . . 235 Configuring the upload failure data capture FTP server . . . . 236 Viewing the upload failure data capture repository. . . . . . . .
Contents Defining the broadcast message action. . . . . . . . . . . . . . . . . Defining the launch script action . . . . . . . . . . . . . . . . . . . . . . Defining the send e-mail action . . . . . . . . . . . . . . . . . . . . . . . Configuring support data capture action . . . . . . . . . . . . . . . Activating a policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Deactivating a policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Deleting a policy. . . . . . .
Contents Exporting real-time performance data . . . . . . . . . . . . . . . . . 296 Clearing port counters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 296 Historical performance data. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .297 Enabling historical performance collection SAN wide. . . . . . 297 Enabling historical performance collection for selected fabrics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Contents Chapter 13 Port Fencing In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .325 About port fencing. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .325 Port Fencing requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . 325 Thresholds . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .326 C3 Discard Frames threshold . . . . . . . . . . . . . . . . . . . . . . . . .
Contents Roles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .355 Creating a user role . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 355 Editing a user role . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 356 Removing a user role . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 357 Resource groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Contents FCIP trunking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .379 Design for redundancy and fault tolerance . . . . . . . . . . . . . . 379 FCIP tunnel restrictions for FCP and FICON emulation features. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 379 FCIP Trunk configuration considerations . . . . . . . . . . . . . . . . 380 FCIP circuit failover capabilities . . . . . . . . . . . . . . . . . . . . . . .
Contents Enabling FCIP circuits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .408 Deleting FCIP Circuits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .408 Displaying FCIP performance graphs. . . . . . . . . . . . . . . . . . . . . . . .409 Displaying performance graphs for FC ports . . . . . . . . . . . . . 409 Displaying FCIP performance graphs for Ethernet ports. . . . 409 Displaying tunnel properties from the FCIP tunnels dialog box . . .
Contents CEE Performance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .435 Real Time Performance Graph . . . . . . . . . . . . . . . . . . . . . . . . 435 Historical Performance Graph. . . . . . . . . . . . . . . . . . . . . . . . . 436 Historical Performance Report . . . . . . . . . . . . . . . . . . . . . . . . 436 QoS configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .437 Enhanced Transmission Selection . . . . . . . . . . . . . . .
Contents Saving or Copying a PDCM configuration to another device . . . . . 471 Copying a PDCM configuration . . . . . . . . . . . . . . . . . . . . . . . . 471 Saving a PDCM configuration to another device . . . . . . . . . . 473 Activating a PDCM configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . 474 Deleting a PDCM configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . .475 Changing the PDCM matrix display . . . . . . . . . . . . . . . . . . . . . . . . .
Contents Supported encryption key manager appliances . . . . . . . . . . . . . . .504 Steps for connecting to an RKM appliance . . . . . . . . . . . . . . . . . . .504 Exporting the KAC certificate signing request (CSR) . . . . . . . 505 Submitting the CSR to a certificate authority . . . . . . . . . . . . 505 Importing the signed KAC certificate . . . . . . . . . . . . . . . . . . . 505 Uploading the KAC and CA certificates onto the RKM appliance. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Contents Adding target disk LUNs for encryption . . . . . . . . . . . . . . . . . . . . . .552 Remote replication LUNs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 554 SRDF pairs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 554 Metadata requirements and remote replication . . . . . . . . . . 555 Adding Target Tape LUNs for encryption . . . . . . . . . . . . . . . . . . . . .556 Configuring encrypted tape storage in a multi-path environment . . . . . . . . . .
Contents Chapter 21 Virtual Fabrics In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .589 Virtual Fabrics overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .589 Terminology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 590 Virtual Fabrics requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .590 Configuring Virtual Fabrics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Contents Adding zones to a zone configuration . . . . . . . . . . . . . . . . . . Activating a zone configuration. . . . . . . . . . . . . . . . . . . . . . . . Deactivating a zone configuration . . . . . . . . . . . . . . . . . . . . . Creating an offline zone database . . . . . . . . . . . . . . . . . . . . . Refreshing a zone database . . . . . . . . . . . . . . . . . . . . . . . . . . Merging two zone databases . . . . . . . . . . . . . . . . . . . . . . . . . Saving a zone database to a switch . . . .
Contents Chapter 23 Troubleshooting In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .655 FC troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .655 Tracing FC routes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 656 Troubleshooting device connectivity. . . . . . . . . . . . . . . . . . . . 657 Confirming fabric device sharing . . . . . . . . . . . . . . . . . . . . . . 658 IP troubleshooting .
Contents Appendix D Sybase and Derby Database Fields In this appendix . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 719 Database tables and fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .720 Advanced Call Home . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 720 Capability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 721 Client_view . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Contents xxvi DCFM Enterprise User Manual 53-1001775-01
About This Document In this chapter • How this document is organized . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxvii • Supported hardware and software. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxviii • Supported open source software products . . . . . . . . . . . . . . . . . . . . . . . . . xxxi • What’s new in this document . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxxii • Document conventions . . . . . . . . . . . . . . . . . . . .
About This Document • • • • • Chapter 15, “Host management,” provides information on how to configure an HBA. Chapter 16, “Fibre Channel over IP,” provides information on how to configure an FCIP. Chapter 17, “Fibre Channel over Ethernet,”provides information on how to configure an FCoE. Chapter 18, “FICON Environments,” provides information on how to manage FICON. Chapter 19, “FC-FC Routing Service Management,” provides information on how to manage Fibre Channel Routing.
About This Document TABLE 1 Supported Hardware Device Name Terminology used in documentation Brocade 200E switch 16-port, 4 Gbps FC Switch 6 Brocade 300 switch 24-port, 8 Gbps FC Switch Brocade 4012 switch Embedded 12-port, 4 Gbps FC Switch Brocade 4016 switch Embedded 16-port, 4 Gbps FC Switch Brocade 4018 switch Embedded 18-port, 4 Gbps FC Switch Brocade 4020 switch Embedded 20-port, 4 Gbps FC Switch 5 Brocade 4024 switch Embedded 24-port, 4 Gbps FC Switch Brocade 4100 switch 32-port
About This Document TABLE 1 Supported Hardware (Continued) Device Name Terminology used in documentation Brocade DCX7 384-port Backbone Chassis Brocade DCX7 with FC8-16, FC8-32, and FC8-48 Blades Brocade DCX7 with FR4-18i Blades 384-port Backbone Chassis with 4 Gbps Router, Extension blade 9 384-port Backbone Chassis with FC 10 - 6 ISL Blade 8 384-port Backbone Chassis with Encryption Blade Brocade DCX with FC10-6 Blades Brocade DCX with FS8-18 Blades Brocade DCX 384-port Backbone Chassis w
About This Document TABLE 1 Supported Hardware (Continued) Device Name Terminology used in documentation Mi10K Director 256-Port Director 1 Platform requires Fabric OS v5.1.0 or later 2 Platform requires Fabric OS v5.2.0 or later 3 Platform requires Fabric OS v5.2.1 or later 4 Platform requires Fabric OS v5.3.0 or later 5 Platform requires Fabric OS v5.3.1 or later 6 Platform requires Fabric OS v6.1.0 or later 7 Platform requires Fabric OS v6.0.
About This Document TABLE 2 Supported Open Source Software Third-party Software Products (Continued) Open Source Software Product License Type JRE 1.6 Sun License Log4j 1.2 Apache QuartzEnterpriseJobScheduler 1.6.0 Open Source TheJavaCIFSClientLibrary 1.2.17 LGPL TrileadSSHforJava 2.0.2 Trilead AG VIJava2 2.0 BSD License XMLRPC 1.2-B1 Open Source ApachecommonsPool 1.5.4 Open Source ApachecommonsDBCP 1.2.
About This Document • Information that was changed: • Changed View tab to SAN tab • Moved Menu bar table to Appendix • Changed AG icons • Moved Management server and client section to Chapter 1 Getting Started • Changed procedure - Discovering a fabric • Changed topic - Fabric Monitoring • Changed topic - seed switch failover • Moved Call Home to new chapter • Moved View Management and Topology to new chapter • Moved Third party tools to new chapter • Changed topic - Fabric tracking • Changed SAN menu to S
About This Document Document conventions This section describes text formatting conventions and important notice formats used in this document.
About This Document Notice to the reader This document may contain references to the trademarks of the following corporations. These trademarks are the properties of their respective companies and corporations. These references are made for informational purposes only. Corporation Referenced Trademarks and Products Linus Torvalds Linux Microsoft Corporation Windows, Windows NT, Internet Explorer Netscape Communications Corporation Netscape Red Hat, Inc.
About This Document Other industry resources For additional resource information, visit the Technical Committee T11 website. This website provides interface standards for high-performance and mass storage applications for Fibre Channel, storage management, and other applications: http://www.t11.org For information about the Fibre Channel industry, visit the Fibre Channel Industry Association website: http://www.fibrechannel.
About This Document • Brocade 7600—On the bottom of the chassis • Brocade 48000—Inside the chassis next to the power supply bays • Brocade DCX and DCX-4S—On the bottom right on the port side of the chassis 4. World Wide Name (WWN) Use the wwn command to display the switch WWN. If you cannot use the wwn command because the switch is inoperable, you can get the WWN from the same place as the serial number, except for the Brocade DCX.
About This Document xxxviii DCFM Enterprise User Manual 53-1001775-01
Chapter Getting Started 1 In this chapter • User interface components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 • Icon legend. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 • Management server and client. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14 • License . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
1 User interface components 5 1 8 2 3 6 4 7 10 11 9 12 FIGURE 1 Main Window 1. Menu Bar. Lists commands you can perform on the SAN. 2. Toolbar. Provides buttons that enable quick access to dialog boxes and functions. 3. SAN tab. Displays the Master Log, Minimap, Connectivity Map (topology), and Product List. For more information, refer to the “SAN tab”. 4. View All list.
Menu bar 1 8. Toolbox. Provides tools for viewing the Connectivity Map as well as exporting the Connectivity Map as an image. Does not display until you discover a fabric. 9. Master Log. Displays all events that have occurred on the SAN. 10. Utilization Legend. (Enterprise edition only) Indicates the percentage ranges represented by the colored, dashed lines on the Connectivity Map. Only displays when you select Monitor > Performance > View Utilization or click the Utilization icon on the toolbar. 11.
1 SAN tab 11. Port Label. Use to set the port label for the devices in the Connectivity Map. 12. Product List Search. Use to search for a device in the product list. 13. Help. Displays the Online Help. SAN tab The SAN tab displays the Master Log, Utilization Legend, Minimap, Connectivity Map (topology), and Product List. To open all areas of the View window, select View > Show Panels > All Panels or press F12.
Port Display buttons 1 Port Display buttons The Port Display buttons (Figure 4) are located at the top right of the Product List and enable you to configure how ports display. You have the option of viewing connected (or occupied) product ports, unoccupied product ports, or attached ports. Does not display until you discover a fabric. NOTE Occupied/connected ports are those that originate from a device, such as a switch.
1 Connectivity Map • Domain ID. Displays the Domain ID for the product in the format xx(yy), where xx is the normalized value and yy is the actual value on the wire. • • • • • • FC Address. Displays the Fibre Channel address of the port. • • • • • • • • • • • • Port #. Displays the number of the port. Firmware. Displays the firmware version of the product. IP Address. Displays the IP address (IPv4 or IPv6 format) of the product. Location. Displays the physical location of the product.
Toolbox 1 Toolbox The toolbox (Figure 5) is located at the top right side of the View window and provides tools to export the topology, to zoom in and out of the Connectivity Map, collapse and expand groups, and fit the topology to the window. Does not display until you discover a fabric. 1 FIGURE 5 2 3 4 5 6 The Toolbox 1. Export. Use to export the topology to a PNG file. 2. Zoom In. Use to zoom in on the Connectivity Map 3. Zoom Out. Use to zoom out on the Connectivity Map. 4. Fit in View.
1 Utilization Legend • • • • • • Count. The number of times the event occurred. Module Name. The name of the module on which the event occurred. Message ID. The message ID of the event. Contributor. The name of the contributor on which the event occurred. Node WWN. The world wide name of the node on which the event occurred. Fabric Name. The name of the fabric on which the event occurred.
Minimap 1 Minimap The Minimap, which displays in the lower right corner of the main window, is useful for getting a bird’s-eye view of the SAN, or to quickly jump to a specific place on the Connectivity Map. To jump to a specific location on the Connectivity Map, click that area on the Minimap. A close-up view of the selected location displays on the Connectivity Map. Use the Minimap to view the entire SAN and to navigate more detailed map views. This feature is especially useful if you have a large SAN.
1 Status bar Status bar The status bar (Figure 8) displays at the bottom of the main window. The status bar provides a variety of information about the SAN and the application. The icons on the status bar change to reflect different information, such as the current status of products, fabrics, and backup. 1 2 3 FIGURE 8 4 5 6 7 8 9 Status Bar The icons on your status bar will vary based on the licensed features on your system. 1. Connection Status. Displays the Server-Client connection status.
Icon legend 1 Icon legend Various icons are used to illustrate devices and connections in a SAN. The following tables list icons that display on the Connectivity Map and Product List. Product icons The following table lists the manageable SAN product icons that display on the topology. Fabric OS manageable devices display with blue icons and M-EOS manageable devices display with green icons. If a device is unmanageable it displays with gray icons.
1 Port icons Group icons The following table lists the manageable SAN product group icons that display on the topology. Icon Description Icon Description Switch Group Host Group Storage Group Unknown Fabric Group Unmanaged Fabric Group Chassis Group Port icons The following table lists the port status icons that display in the Product List.
Product status icons 1 Product status icons The following table lists the product status icons that display on the topology. Icon Status No icon Healthy/Operational Attention Degraded/Marginal Device Added Device Removed/Missing Down/Failed Routed In Routed Out Unknown/Link Down Event icons The following table lists the event icons that display on the topology and Master Log. For more information about events, refer to “Fault Management” on page 247.
1 Management server and client Management server and client The Management application has two parts: the Server and the Client. The Server is installed on one machine and stores SAN-related information; it does not have a user interface. To view SAN information through a user interface, you must log in to the Server through a Client. The Server and Clients may reside on the same machine, or on separate machines.
Management server and client TABLE 3 1 Ports (Continued) Port Number Ports Transport Description Communication Path Open in Firewall 26388 Database port (Enforced during install) TCP Port used by database Server–Database Remote ODBC– Database Yes 44301, 5, 7 MPI TCP XML-RCP port for SSL Server–Switch Yes MPI TCP XML-RCP port/HTTP port Server–Switch Yes 24600 jboss.naming.jnp.port - port 0 TCP Bootstrap JNP service port Client–Server Yes 24601 jboss.connector.ejb3.
1 Management server and client TABLE 3 Ports (Continued) Port Number Ports Transport Description Communication Path Open in Firewall 55556 Launch in Context (LIC) client hand shaking port TCP Client port used to check if a Management application client opened using LIC is running on the same host Client No NOTE: If this port is in use, the application uses the next available port. 1 Port is not configurable (either in the switch or the Management server).
Logging into a server 1 Logging into a server You must log into a Server to monitor a SAN. NOTE You must have an established user account on the Server to log in. To log into a server, complete the following steps. 1. Double-click the desktop icon or open the application from the Start menu. The Log In dialog box displays (Figure 9). FIGURE 9 Log In dialog box 2. Enter your user name and password. The defaults are Administrator and password, respectively.
1 Clearing previous versions of the remote client 4. Select or clear the Save password check box to choose whether you want the application to remember your password the next time you log in. 5. Click Login. 6. Click OK on the Login Banner dialog box. The Management application displays. Clearing previous versions of the remote client The remote client link in the Start menu does not automatically upgrade when you upgrade the Management application.
Launching the Configuration Wizard 1 4. Select Internal FTP Server or External FTP Server on the FTP Server screen and click Next. If port 21 is busy, a message displays. Click OK to close the message and continue. Once the Management application is configured make sure port 21 is free and restart the Server to start the FTP service. NOTE If you use an FTP Server which is not configured on the same machine as the Management application, the Firmware Repository feature will not be available.
1 Launching the Configuration Wizard b. Select an address from the Switch - Server IP Configuration Preferred Address list. If DNS is not configured for your network, do not select the ‘hostname’ option from either the Server IP Configuration or Switch - Server IP Configuration Preferred Address list. Selecting the ‘hostname’ option prevents clients and devices from communicating with the Server.
Launching the Configuration Wizard f. 1 Click Next. If you enter a syslog port number already in use, a message displays. Click No on the message to remain on the Server Configuration screen and edit the syslog port number (return to step 6a). Click Yes to close the message and continue with step 7. If you enter a port number already in use, a Warning displays next to the associated port number field. Edit that port number and click Next. 7.
1 Changing your password 12. Click Login. 13. Click OK on the Login Banner. Changing your password To change your password, complete the following steps. 1. Double-click the desktop icon or open from the Start menu. The Log In dialog box displays. FIGURE 14 Log In dialog box 2. Enter your user name and password. The defaults are Administrator and password, respectively. If you migrated from a previous release, your username and password do not change. 3. Click Change.
Viewing active sessions 1 If the current password and new password are the same, the following message displays: Old and New passwords cannot be same. Use different password and try again. Press any key to continue. If the new password and confirm password do not match, the following message displays: New password and confirm password do not match. Please try again. Press any key to continue. Viewing active sessions To view the Management application active sessions, complete the following steps. 1.
1 Viewing server properties Viewing server properties To view the Management application server properties, complete the following steps. 1. Select Server > Server Properties. The Server Properties dialog box displays (Figure 16). FIGURE 16 Server Properties dialog box 2. Click Close. Viewing port status You can view the port status for the following ports: SNMP, Syslog, FTP, and Web Server. To view the port status, complete the following steps. 1. Click the port status icon ().
License 1 License NOTE If your installation does not require a license key, the License dialog box does not display. License keys are unique strings of alphanumeric characters that verify ownership of the Management application software as well as determine the maximum port count allowed or any additional features (such as Event Management) that you receive as part of the license. NOTE Enterprise edition can manage up to 9000 ports.
1 Entering the license key Entering the license key A license key is required to run the application. The key specifies the expiration date of a trial license, as well as the number of ports allowed. NOTE You are not required to enter a license key for a trial license. If you do not enter the license key during installation of Professional Plus or Enterprise editions, you can use the application, including all of its features, for a trial period of 75 days.
Installing a patch 1 2. Enter the license key (on the Key Certificate) in the License Key field and click Update. 3. Click OK on the message. The Client closes after updating the license successfully. Restart the Server, Client and Server Management Console for the changes to take effect. 4. Open the application (double-click the desktop icon or open from the Start menu). The Log In dialog box displays. 5. Enter your user name and password. The defaults are Administrator and password, respectively.
1 Uninstalling a patch 5. Click Upgrade. If the patch process is interrupted (for example, loss of power), you must restart the patch process. The patch installer performs the following functions: • Extracts patch files to the Install_Home folder. • Creates a back up (zip) of the original files to be updated and copies the zip file to the Install_Home\patch-backup directory. For example, Install_Home\patch-backup\Management_Application_Name-10-4-0-patch-a.zip. • Generates a patch log.
Feature-to-firmware requirements 1 8. Go to the Install_Home/conf directory. 9. Open the version.properties file in a text editor. 10. Change the patch version (patch.version) value to the reverted patch (for example, if you are reverting from patch F to patch C then patch.version = c). If the previous version is the initial version (no patches), change the patch version value to none (for example, patch.version = None). 11. Go to the Install_Home/patch-backup/conf directory. 12. Copy the patch.
1 Feature-to-firmware requirements Feature Fabric OS M-EOS FICON Requires Fabric OS 5.2 or later for cascaded FICON. Requires Fabric OS 6.0 or later for advanced FICON. Requires Fabric OS 6.1.1 or later to configure multiple Prohibit Dynamic Connectivity Mask (PDCM) matrices. Requires FICON CUP license to allow CUP management features. Only supports cascaded FICON configuration for mixed fabrics. Firmware Management Requires Fabric OS 5.0 or later. Requires Fabric OS 6.1.1 or later on 8G devices.
Accessibility features for the Management application 1 Feature Fabric OS M-EOS Virtual Fabrics Requires at least one Virtual Fabrics-enabled physical chassis running Fabric OS 6.2 or later. Virtual Fabric configuration is only available through the Element Manager. Zoning Requires Fabric OS 5.0 or later for pure Fabric OS fabrics. Requires Fabric OS 6.0 or later for McDATA Fabric Mode. Requires Adaptive Networking license for Quality of Service zones. Requires M-EOS and M-EOSn 9.6.
1 Look and Feel Menu Item or Function Keyboard Shortcut Properties Alt-Enter Select All CTRL + A Show Ports F4 SSH Shift-F5 View Utilization CTRL + U Zoom In CTRL + NumPad+ Zoom Out CTRL + NumPad- Look and Feel You can configure the Management application to mimic your system settings as well as define the size of the font. ‘Look’ refers to the appearance of graphical user interface widgets and ‘feel’ refers to the way the widgets behave.
Look and Feel 1 3. Choose from one of the following options: • Select Default to configure the look and feel back to the Management application defaults. • Select System to configure the Management application to have the look and feel of your system. This changes the look and feel for the components that use ‘Java Metal Look and Feel’. For example, if you have your system display color scheme set to ‘High Contrast #1’, then the Management application will be set to ‘High Contrast #1’.
1 34 Look and Feel DCFM Enterprise User Manual 53-1001775-01
Chapter 2 Discovery In this chapter • Fabric discovery overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Host discovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Viewing the discovery state. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Fabric monitoring. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Seed switch . . . . . . . .
2 Discovering fabrics FCS policy and seed switches The Management application requires that the seed switch is the primary Fabric Content Service (FCS) switch at the time of discovery. Setting time on the fabric will set the time on the primary FCS switch, which will then distribute the changes to other switches.
Discovering fabrics 2 2. Click Add Fabric to specify the IP addresses of the devices you want to discover. The Address Properties dialog box displays. FIGURE 19 Address Properties dialog box (IP Address tab) 3. Enter a name for the fabric in the Fabric Name field. 4. Enter an IP address for a device in the IP Address field. For seed switch requirements, refer to “Seed switch requirements” on page 54. NOTE The Backbone Chassis cannot be used as a seed switch.
2 Discovering fabrics 6. Click the SNMP tab (Figure 20). FIGURE 20 7. Address Properties dialog box (SNMP - v1 tab) Enter the duration (in seconds) after which the application times out in the Time-out (sec) field. 8. Enter the number of times to retry the process in the Retries field. 9. Select the SNMP version from the SNMP Version list. • If you selected v1, continue with step 10. • If you select v3, the SNMP tab displays the v3 required parameters. Go to step 14.
Configuring SNMP credentials 2 14. If you are configuring a 256-port director, select the Configure for 256-Port_Director_Name check box. • If you selected Configure for 256-Port_Director_Name, go to step 18. • If you did not select Configure for 256-Port_Director_Name, continue with step 15. FIGURE 21 Address Properties dialog box (SNMP Tab - v3) 15. Enter a user name in the User Name field. 16. Enter a context name In the Context Name field. 17.
2 Configuring SNMP credentials 5. Select the SNMP version from the SNMP Version list. • If you selected v1, continue with step 6. • If you select v3, the SNMP tab displays the v3 required parameters. Go to step 10. To discover a Virtual Fabric device, you must configure SNMP v3 and your SNMP v3 user account must be defined as a Fabric OS switch user. 6. Specify the Read option by selecting Default ‘public’ or Custom. 7.
Reverting to a default SNMP community string 2 a. Select the Select check box for each undiscovered seed switch to discover their fabrics. b. Click OK on the Undiscovered Seed Switches dialog box. 18. Click OK on the Discover Setup dialog box. Reverting to a default SNMP community string 1. Select Discover > Setup. The Discover Setup dialog box displays. 2. Select an IP address from the Available Addresses table. 3. Click Edit. The Address Properties dialog box displays. 4. Click the SNMP tab. 5.
2 Host discovery Host discovery The Management application enables you to discover individual hosts, import a group of Host from a comma separated values (CSV) file, or import all hosts from discovered fabrics. NOTE Host discovery requires HCM Agent 2.0 or later. NOTE SMI and WMI discovery are not supported. Discovering Hosts by IP address or hostname To discover a Host by IP address or hostname, complete the following steps. 1. Select Discover > Setup. The Discover Setup dialog box displays. 2.
Importing Hosts from a CSV file 2 9. Click OK on the Add Host Discovery dialog box. If an error occurs, a message displays. Click OK to close the error message and fix the problem. A Host Group displays in Discovered Addresses table with pending status. To update the status from pending you must close and reopen the Discover Setup dialog box. 10. Click Close on the Discover Setup dialog box. Importing Hosts from a CSV file To discover Hosts by importing a CSV file, complete the following steps. 1.
2 Importing Hosts from a Fabric 7. Configure Host credentials, if necessary. To configure host credentials, refer to “Configuring Brocade HBA credentials” on page 45 or “Configuring virtual machine credentials” on page 46. 8. Click OK on the Add Host Discovery dialog box. If an error occurs, a message displays. Click OK to close the error message and fix the problem. A Host Group displays in Discovered Addresses table with pending status.
Configuring Brocade HBA credentials 2 8. Click OK on the Add Host Discovery dialog box. If an error occurs, a message displays. Click OK to close the error message and fix the problem. A Host Group displays in Discovered Addresses table with pending status. To update the status from pending you must close and reopen the Discover Setup dialog box. 9. Click Close on the Discover Setup dialog box. Configuring Brocade HBA credentials To configure credentials for a Brocade HBA, complete the following steps.
2 Configuring virtual machine credentials Configuring virtual machine credentials To configure credentials for a virtual machine, complete the following steps. 1. Select Discover > Setup. The Discover Setup dialog box displays. 2. Click Add Host. The Add Host Discovery dialog box displays. 3. Discover a host. To discover a host, refer to “Discovering Hosts by IP address or hostname” on page 42, “Importing Hosts from a CSV file” on page 43, or “Importing Hosts from a Fabric” on page 44. 4.
Editing Host credentials 2 Editing Host credentials To edit Host credentials, complete the following steps. 1. Select Discover > Setup. The Discover Setup dialog box displays. 2. Select the Host and click Edit. The Edit Host Discovery dialog box displays. FIGURE 28 Edit Host Discovery dialog box 3. To edit Brocade HBA credentials, select the Discover Brocade HBAs in the hosts check box, if necessary, and complete the following steps. a.
2 Removing a Host from Discovery Removing a Host from Discovery To remove a Host from discovery, complete the following steps. 1. Select Discover > Setup. The Discover Setup dialog box displays. 2. Select the Host you want to remove from discovery. 3. Click Delete. 4. Click OK on the confirmation message. The deleted host displays in the Previously Discovered Addresses table. 5. Click Close on the Discover Setup dialog box.
Troubleshooting discovery • • • • 2 New Discovery Pending Created host structure differs from discovered host; Discovery ignored Brocade HBA Discovery Failed: HCM Agent connection failed HCM Agent collection failed Troubleshooting discovery If you encounter discovery problems, complete the following checklist to ensure that discovery was set up correctly. 1. Verify IP connectivity by issuing a ping command to the switch. a. Open the command prompt. b. From the Server, type ping Switch_IP_Address. 2.
2 M-EOSn discovery troubleshooting M-EOSn discovery troubleshooting The following section states a possible issue and the recommended solution for M-EOSn discovery errors. Problem Resolution M-EOS seed switch discovery is not supported using SNMPv3 on the following devices: • 32-Port, 2 Gbps Switch • 16-Port, 4 Gbps Fabric Switch • 24-Port Fabric Switch • 32-Port, 4 Gbps Switch • 140-Port Director Discover the device using SNMP v1.
Virtual Fabric discovery troubleshooting 2 Virtual Fabric discovery troubleshooting The following section state possible issues and the recommended solutions for Virtual Fabric discovery errors. Problem Resolution At the time of discovery, the seed switch is Virtual Fabric-enabled; however, the user does not have Chassis Admin role for the seed switch. At the time of discovery, the user does not have the Chassis Admin role for all other switches in the fabric.
2 Fabric monitoring Fabric monitoring NOTE Monitoring is not supported on Hosts. The upper limit to the number of HBA and CNA ports that can be monitored at the same time is 32. The same upper limit applies if switch ports and HBA ports are combined. You can select switch ports and adapter ports from a maximum of ten devices. Fabric monitoring enables discovery of and data collection for the specified fabric and all associated devices.
Stop monitoring of a discovered fabric 2 3. Click Monitor. The monitor function fails if the fabric has user-defined Admin Domains created or if the fabric is merged with another fabric already in the monitored state. 4. Click OK. Stop monitoring of a discovered fabric NOTE Monitoring is not supported on Hosts. When you stop monitoring of a fabric, you stop discovery of and data collection for the specified fabric and all associated devices.
2 Seed switch You can change the seed switch as long as the following conditions are met: • The new seed switch is HTTP-reachable from the Management application. • The new seed switch is a primary FCS. • The new seed switch is running the latest Fabric OS or M-EOS version in the fabric. This operation preserves historical and configuration data, such as performance monitoring and user-customized data for the selected fabric. ATTENTION If the seed switch firmware is downgraded from Fabric OS 5.2.
Seed switch failover 2 • 140-Port Director • 256-Port Director The following M-EOS devices are seed switch-capable; however, they do not obtain fabric member information: • • • • 16-Port, 1 Gbps and 2 Gbps Switch 32-Port, 1 Gbps and 2 Gbps Switch 24-Port, 2 Gbps Switch 64-Port Director Seed switch failover The Management application collects fabric-wide data (such as, fabric membership, connectivity, name server information, zoning, and so on) using the seed switch.
2 Changing the seed switch • Updates to Fabric OS switches (such as, Virtual Fabrics, FCR, Admin Domain, Switch Name and so on) do not occur. • If the M-EOS switch is not seed switch capable and a switch joins the fabric, the IP address displays as ‘0.0.0.0’. You must manually edit the IP Address from the Discover Setup dialog box to manage the switch. • Updates to firmware version and IP address of existing members do not occur.
Changing the seed switch 2 4. Select a switch to be the new seed switch from the Change Seed Switch dialog box. You can select only one switch. Only switches that are running the latest Fabric OS version in the fabric are displayed. The current seed switch is not displayed in this list. 5. Click OK. If you are not already logged in to the seed switch, the Fabric Login dialog box displays.
2 58 Changing the seed switch DCFM Enterprise User Manual 53-1001775-01
Chapter 3 Application Configuration In this chapter • Data backup. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Data restore . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Display . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • End node display . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
3 Management server backup Management server backup There are three options for backing up data to the management server: • Configuring backup to a writable CD • Configuring backup to a hard drive • Configuring backup to a network drive The Management Server is backed up to a rewritable (CD-RW) compact disk by default. Make sure you have a CD-RW disk in the CD recorder drive to ensure that backup can occur.
Configuring backup to a writable CD 3 Configuring backup to a writable CD NOTE This is not recommended on a permanent basis. CDs have a limited life, and may only last a month. An error message occurs if your Management application can no longer back up to the disc. To configure the backup function to a writable CD, complete the following steps. 1. Select Server > Options. The Options dialog box displays (Figure 29). FIGURE 29 Options dialog box (Backup option) 2. Select Backup in the Category list.
3 Configuring backup to a hard drive 6. Select an interval from the Backup Interval drop-down list to set how often backup occurs. 7. Verify that the CD backup directory is correct (default directory is D:\Backup). It is assumed that drive D is a CD-RW drive. You can change the directory or use the Browse button to select another directory. 8. Install the formatted disc into the CD drive. To back up to a writable CD, you must have CD-writing software installed.
Configuring backup to a network drive 7. 3 Browse to the hard drive and directory to which you want to back up your data. 8. Click Apply or OK. The application verifies that the backup device exists and that the server can write to it. If the device does not exist or is not writable, an error message displays that states you have entered an invalid device. Click OK to go back to the Options dialog box and fix the error. Backup occurs, if needed, at the interval you specified.
3 Enabling backup 7. Click Browse to choose the network share and directory to which you want to back up your data, or enter the network share and directory path. NOTE You must specify the directory in a network share format (for example, \\network-name\share-name\directory). Do not use the drive letter format (C:\directory). 8. If you want to configure backup to a network drive on a Windows system, complete the following steps. a.
Viewing the backup status 3 Viewing the backup status The Management application enables you to view the backup status at a glance by providing a backup status icon on the Status Bar. The following table illustrates and describes the icons that indicate the current status of the backup function. Icon Description Backup in Progress—displays the following tooltip: “Backup started at hh:mm:ss, in progress... XX directories are backed up.
3 Starting immediate backup Starting immediate backup NOTE You must have backup privileges to use the Backup Now function. To start the backup process immediately, complete one of the following procedures: Using the Backup Icon, right-click the Backup icon and select Backup Now. OR 1. Select Server > Options. The Options dialog box displays. 2. Select Backup in the Category list. 3. Click Backup Now. The backup process begins immediately. There is no confirmation message. 4. Click Apply or OK.
Data restore 3 Data restore NOTE You cannot restore data from a previous version of the Management application. NOTE You cannot restore data from a different edition of the Management application. The Management application helps you to protect your data by backing it up automatically. The data can then be restored, as necessary. The data in the following directories is automatically backed up to disk. The data includes the following items: • Backup\databases — contains database and log files.
3 Restoring data to a new server Restoring data to a new server If your Management application server fails and you must recover information to a new server, restore the data (Refer to “Restoring data” on page 67 for complete instructions). Display You can configure the display for FICON and reset the display to the default settings.
Display 3 Resetting your display You can reset your system to display the default display settings. Note that returning to current settings after a reset may require configuring each global fabric or group setting individually. The following table (Table 7) details the settings that change with reset and the associated default state. TABLE 7 Default Display Settings Settings Default State Show port Disabled. Show connected end device Set to Hide All. Map Layout Set to default for Groups.
3 End node display End node display The connectivity map can be configured to display or not display end nodes. This option enables you to set the end node display for all newly discovered fabrics. Note that disabling end node display limits the connectivity map to emphasize switch members only. Displaying end nodes To display end nodes when discovering a new fabric, complete the following steps. 1. Select Server > Options. The Options dialog box displays (Figure 31).
Ethernet events 3 Ethernet events An Ethernet event occurs when the Ethernet link between the Management Server and the managed device is lost. You can configure the application to enable events when the Ethernet connection is lost. Enabling Ethernet events The Options dialog box enables you to configure the Management application to generate an Ethernet event after a device is offline for a specific period of time. To enable Ethernet events, complete the following steps. 1. Select Server > Options.
3 Disabling Ethernet events Disabling Ethernet events To disable Ethernet events, complete the following steps. 1. Select Server > Options. The Options dialog box displays. 2. Select Ethernet Event in the Category list. 3. Clear the Enable Ethernet Event check box. 4. Click Apply or OK to save your work. Event storage You can configure the number of historical events in the repository as well as how long the events will be retained.
Flyovers 3 3. Select the Purge Events check box. Events are purged at midnight (12:00 AM). For example, when the maximum number of events allowed limit is reached at 3:00 PM, the system purges the older events at midnight that day. 4. Enter the number of events (1 through 50000) in the repository in the Maximum Historical Event field. Older events are purged at midnight on the date the maximum event limit is reached regardless of the retention days. 5.
3 Flyovers 5. Select the Product tab (Figure 35) and complete the following steps to select the product properties you want to display on flyover. FIGURE 34 a. Options dialog box (Flyovers option, Product tab) Select each property you want to display in the product flyover from the Available Properties table.
Flyovers 3 6. Select the Connection tab (Figure 35) and complete the following steps to select the information you want to display on flyover. FIGURE 35 a. Options dialog box (Flyovers option, Connection tab) Select the protocol from the Protocol list. The default protocol is Fibre Channel. Depending on which protocol you select, some properties may not be available for all protocols. b. Select each property you want to display in the connection flyover from the Available Properties table.
3 Turning flyovers on or off FCoE • • • Name Node WWN MAC • • • Port# Port Type FCoE Index # c. Click the right arrow to move the selected properties to the Selected Properties table. d. Use the Move Up and Move Down buttons to reorder the properties in the Selected Properties table. The properties displayed in the Selected Properties table appear in the flyover display. 7. Click Apply or OK to save your work. Turning flyovers on or off Flyovers display when you place the cursor on a product.
Setting names to be non-unique FIGURE 36 3 Options dialog box (Names option) 2. Select Names in the Category list. 3. Select Set names to be unique to require that names be unique on your system. 4. Click OK on the Options dialog box. 5. Click OK on the “duplicate names may exist” message. To fix duplicated names, refer to “Fixing duplicate names” on page 78. Setting names to be non-unique You can choose to allow duplicate names in your fabric.
3 Fixing duplicate names Fixing duplicate names To fix duplicated names, complete the following steps. 1. Select Configure > Names. The Configure Names dialog box displays (Figure 37). FIGURE 37 Configure Names dialog box 2. Click Fix Duplicates. The Duplicated Names dialog box displays. 3. Select one of the following options. • If you select Append Incremental numbers for all repetitive names, the names are edited automatically using incremental numbering.
Viewing names 3 Viewing names To view names associated with devices by name, complete the following steps. 1. Select Configure > Names. The Configure Names dialog box displays. 2. Select All Names from the Display list. Only devices with a name display. The table displays the Name, WWN, Operational Status, Type, and a Description of the device. 3. Click OK to close the Configure Names dialog box. Adding a name to an existing device To add a name to an existing device, complete the following steps. 1.
3 Adding a name to a new device Adding a name to a new device To add a new device and name it, complete the following steps. 1. Select Configure > Names. The Configure Names dialog box displays. 2. Enter the WWN of the device in the Detached WWN field. 3. Enter a name for the device in the Name field. 4. Click Add. The new device displays in the table. If you set names to be unique on the Options dialog box and the name you entered already exists, a message indicating the name already in use displays.
Editing names 3 5. Click OK to close the Configure Names dialog box. 6. Click OK on the confirmation message. Editing names To edit the name associated with a device, complete the following steps. 1. Select Configure > Names. The Configure Names dialog box displays. 2. Select All Names from the Display list. Only devices with a name display. The table displays the Name, WWN, Operational Status, Type, and a Description of the device. 3. Click the name you want to edit in the Name column. 4.
3 Importing Names Importing Names If the name length exceeds the limitations detailed in the following table, you must edit the name (in the CSV file) before import. Names that exceed these limits will not be imported. If you migrated from a previous version, the .properties file is located in the Install_Home\migration\data folder. Device Character limit Fabric OS switch 6.2 or later 30 (24 character limit when in FICON mode) Fabric OS switch 6.1.
Searching for a device by WWN 3 5. Click Search. All devices with the specified name (or partial name) are highlighted in the Display table. You may need to scroll to see all highlighted names. 6. Click OK to close the Configure Names dialog box. Searching for a device by WWN You can search for objects (switch, fabric, product, ports, or N Ports) by WWN (world wide name). To search for a name in the Connectivity Map, refer to “Searching for a device in the connectivity map” on page 139.
3 Security Security You can configure the Server Name, CHAP secret value, and login banner, and modify whether or not to allow clients to save passwords. When the login banner is enabled, each time a client connects to the server, the login banner displays with a legal notice provided by you. The client's users must acknowledge the login banner to proceed, otherwise they are logged out. Configuring the server name To set the CHAP secret, complete the following steps. 1. Select Server > Options.
Setting the CHAP secret 3 5. Re-enter the password in the Retype Secret field. If the secret does not meet the application requirements or the CHAP Secret and Retype Secret entries do not match, an error message displays. Click OK to re-enter the CHAP Secret and Retype Secret values. You are about to modify the ID/Secret of this server. Check all products that this server is managing and make sure the corresponding Software ID/Secret is updated appropriately.
3 Configuring the login banner display Configuring the login banner display To configure the login banner display, complete the following steps. 1. Select Server > Options. The Options dialog box displays. 2. Select Security Misc in the Category list. 3. Select the Display login banner upon client login check box. 4. Enter the message you want to display every time a user logs into this server in the Banner Message field. This field contains a maximum of 1024 characters. 5.
Software Configuration 3 Software Configuration The Management application allows you to configure the following software settings: • • • • • • • Client export port—A port for communication between the client and server. Discovery—HTTP or HTTP over SSL when connecting to the switch. FTP/SCP overview—Internal or external FTP server settings. IP Configuration—Configure the Ethernet ports with the IP address. Memory allocation—Memory allocation for the client and server. Server port—Server port settings.
3 Discovery 3. Enter the client export port number to set a fixed port number for the client in the Client Export Port field. 4. Click Apply or OK to save your work. NOTE Changes to this option take effect after a client restart. 5. Click OK on the “changes take effect after client restart” message. Discovery You can configure connections between the switch and the Management application server. Configuring Discovery To configure discovery, complete the following steps. 1. Select Server > Options.
FTP/SCP overview 3 3. Choose one of the following options: • If you want to connect using HTTP, complete the following steps. a. Select the Connect using HTTP option. a. Enter the connection port number in the Port # field. Continue with step 4. • If you want to connect using HTTPS (HTTP over SSL), complete the following steps. a. Select the Connect using HTTPS (HTTP over SSL) only option. b. Enter the connection port number in the Port # field. Continue with step 4. 4.
3 FTP/SCP overview Configuring an internal FTP server To configure the internal FTP server settings, complete the following steps. 1. Select Server > Options. The Options dialog box displays (Figure 41). FIGURE 41 Options dialog box (FTP/SCP option) 2. Select FTP/SCP in the Category list. 3. Select the Use built-in FTP Server option to use the default built-in FTP server. All active fields are mandatory. 4. Change your password by entering a new password in the Password and Confirm Password fields. 5.
FTP/SCP overview 3 Configuring an external FTP server To configure the external FTP server settings, complete the following steps. 1. Select Server > Options. The Options dialog box displays. 2. Select FTP/SCP in the Category list. 3. Select the Use External FTP Server and/or SCP Server option. 4. Select the External FTP Server check box to configure the external FTP server. All fields are mandatory. 5. Enter the IP address for the remote host in the Remote Host IP field. 6.
3 FTP/SCP overview 9. Click Test to test the FTP server. A “Server running successfully” or an error message displays. If you receive an error message, make sure your credentials are correct, the server is running, the remote directory path exists, and you have the correct access permission; then try again. 10. Click OK on the message. 11. Click Apply or OK to save your work. Testing the FTP and SCP server To test the FTP and SCP server, complete the following steps. 1. Select Server > Options.
IP Configuration 3 IP Configuration You can configure IP Configuration settings. Configuring IP Configuration settings NOTE The server binds using IPv6 address by default if your Operating System is IPv6-enabled (dual mode or IPv6 only). The server binds using IPv4 address by default if your Operating System is IPv4-enabled. Servers running in dual mode allow the client to communicate from both IPv6 and IPv4 addresses.
3 IP Configuration 3. Choose one of the following options in the Server IP Configuration list. • Select All. Go to step 4. • Select a specific IP address. Continue with step 5. • Select localhost. Continue with step 5. When Server IP Configuration is set to All, you can select any available IP address as the Return Address. If you select a specific IP address, the Return Address list shows the same IP address and you cannot change it. 4.
IP Configuration FIGURE 43 3 Server IP Configuration screen a. Select an address from the Server IP Configuration list. b. Select an address from the Switch - Server IP Configuration Preferred Address list. If DNS is not configured for your network, do not select the “hostname” option from either the Server IP Configuration or Switch - Server IP Configuration Preferred Address list. Selecting the “hostname” option prevents clients and devices from communicating with the server. c. Click Next. 6.
3 IP Configuration Configuring the application to use dual network cards Issues with Client-to-Server connectivity can be due to different reasons. Some examples are: • The computer running the Server has more than one network interface card (NIC) installed. • The computer running the Server is behind a firewall that performs network address translation.
Memory allocation 3 Memory allocation You can configure memory allocation for the client and server to improve performance. You can trigger switch polling when a state changes or you can poll at intervals when no state change occurs. NOTE SAN size is a consideration in selection of polling periods. Configuring memory allocation settings To configure memory allocation settings, complete the following steps. 1. Select Server > Options. The Options dialog box displays (Figure 44). 2.
3 Memory allocation 5. Enter the memory allocation (MB) for the client in the Client Memory Allocation field. If you enter an invalid value, an error message displays with the minimum value allowed. Click OK and edit the value again. Minimum values are as follows: • Small: 512 MB • Medium: 512 MB • Large: 768 MB 6. Enter the memory allocation (MB) for the server in the Server Memory Allocation field. If your server has a minimum of 2 Gb RAM, change the default server memory value to 1024 MB.
Memory allocation 3 Configuring asset polling Asset polling allows you set the length of time between state change polling. To maximize the efficiency of the polling feature (balance the amount of possible information with any possible performance impact), base your settings on the size of the SAN. To configure asset polling, complete the following steps. 1. Select Server > Options. The Options dialog box displays. 2.
3 Server port Server port You can configure the server port settings so that you can assign a web server port number and set the server port to be SSL-enabled. Configuring the server port To configure server settings, complete the following steps. 1. Select Server > Options. The Options dialog box displays (Figure 45). FIGURE 45 Options dialog box (Server Port option) 2. Select Server Port in the Category list. 3. Select the Enable SSL check box to enable this function for the server port. 4.
Support mode 3 6. Click Apply or OK to save your work. NOTE Changes to this option take effect after application restart. 7. Click OK on the “changes take effect after application restart” message. Support mode You can configure support settings to allow enhanced diagnostics. Configuring support mode settings To configure support mode settings, complete the following steps. 1. Select Server > Options. The Options dialog box displays (Figure 46).
3 Fabric tracking 3. Select the Log client support data - Log Level list, and select the type of log data you want to configure. Log level options include: All, Fatal, Error, Warn, Info, Debug, Trace, and Off. Default is Info. The log level options return to the default value (Info) when the client or server is restarted. 4. Select the Log server support data - Log Level list, and select the type of log data you want to configure.
Fabric tracking 3 Enabling fabric tracking 1. Enable fabric tracking by choosing one of the following options: • Select a fabric on the Product List or Connectivity Map and select Monitor > Track Fabric Changes. • Right-click a fabric on the Product List or Connectivity Map and select Track Fabric Changes. The Accept Changes Summary dialog box displays. This dialog box includes the following information: • Fabric Name—Displays the name of the selected fabric.
3 Accepting changes for a device Accepting changes for a fabric 1. Accept the changes to a fabric by choosing one of the following options: • Select a fabric on the Product List or Connectivity Map and select Monitor > Accept Changes. • Right-click a fabric on the Product List or Connectivity Map and select Accept Changes. The Accept Changes Summary dialog box displays. This dialog box includes the following information: • Fabric Name—Displays the name of the selected fabric.
Chapter 4 Call Home In this chapter • About call home . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Showing a call home center . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Hiding a call home center . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Editing a call home center . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Enabling a call home center . . . . . . . . .
4 About call home About call home NOTE Call Home is supported on Windows systems for all modem and E-mail call home centers and is supported on Linux and Solaris for the E-mail call home centers. Call Home notification allows you to configure the Management application Server to automatically send an e-mail or dial-in to a support center to report system problems on specified devices (switches, routers, and directors).
About call home 4 • Adds an entry to the Master Log file and screen display. • Generates a XML report (only available with EMC call centers) with the switch details which is sent with the E-mail. • Generates an HTML report for E-mail-based Call Home centers. For more information about Call Home events, refer to “Call Home Event Tables” on page 695. For more information about Event Management, refer to “Fault Management” on page 247.
4 Showing a call home center Showing a call home center To show a call home center, complete the following steps. 1. Select Monitor > Event Notification > Call Home. The Call Home dialog box displays (Figure 47). FIGURE 47 Call Home dialog box 2. Click Show/Hide Centers (beneath the Call Home Centers table). The Centers dialog box displays with a predefined list of call home centers (Figure 48). FIGURE 48 Centers dialog box 3.
Hiding a call home center 4 Hiding a call home center NOTE Before you can hide a call home center, you must remove all assigned products. To hide a call home center, complete the following steps. 1. Select Monitor > Event Notification > Call Home. The Call Home dialog box displays. 2. Click Show/Hide Centers (beneath the Call Home Centers table). The Centers dialog box displays with a predefined list of call home centers. 3. Clear the check boxes of the call home centers you want to hide and click OK.
4 Editing the Brocade International or IBM call home center FIGURE 49 Configure Call Home Center dialog box (Brocade International or IBM option) 4. Make sure the call home center type you selected displays in the Call Home Centers list. 5. Select Enable to enable this call home center. 6. Set the time interval at which to check the call home center by selecting the Set the heartbeat interval at ___ days (1-28) check box and entering the interval in the field. 7.
Editing the Brocade North America call home center 4 Editing the Brocade North America call home center Modem call home centers are only available for Brocade. To edit this call home center, complete the following steps. 1. Select Monitor > Event Notification > Call Home. The Call Home dialog box displays. 2. Select Brocade North America in the Call Home Centers table. 3. Click Edit Centers (beneath the Call Home Centers table). The Configure Call Home Center dialog box displays(Figure 50).
4 Editing an E-mail call home center Editing an E-mail call home center E-mail call home centers are available for Brocade, IBM, and SUN. To edit one of these call home centers, complete the following steps. 1. Select Monitor > Event Notification > Call Home. The Call Home dialog box displays. 2. Select the call home center you want to edit (Brocade E-mail, IBM E-mail, or SUN E-mail) in the Call Home Centers table. 3. Click Edit Centers (beneath the Call Home Centers table).
Editing the EMC call home center 4 14. Enter a password in the SMTP Server Settings - Password field. This is a required field when the SMTP server authentication is enabled. 15. Enter the e-mail address for replies in the E-mail Notification Settings - Reply Address field. 16. Enter the customer e-mail address in the E-mail Notification Settings - Send To Address field. 17. Click Send Test to test the mail server. The selected call home center must be enabled to test the mail server.
4 Editing the HP LAN call home center 7. Enter the phone number or extension of the local server in the Local Server - Modem # field. 8. Enter the identification number of the local server in the Local Server - Cabinet Serial # field. 9. Enter the site name for the local server in the Local Server - Site Name field. 10. Click Send Test to test the Connect EMC application. The selected call home center must be enabled to test the Connect EMC application.
Enabling a call home center 4 8. Click Send Test to test the address. The selected call home center must be enabled to test the IP address. A faked event is generated and sent to the selected call home center. You must contact the call home center to verify that the event was received and in the correct format. NOTE The HP LAN Call Home alert displays the directory separation characters with a double backslash (\\) instead of a single backslash (\). 9. Click OK.
4 Testing the call home center connection Testing the call home center connection Once you add and enable a call home center, you should verify that call home is functional. To verify call home center functionality, complete the following steps. 1. Select Monitor > Event Notification > Call Home. 2. Click Edit Centers (beneath the Call Home Centers table). The Configure Call Home Center dialog box displays. 3. Select the center you want to check in the Call Home Centers list. 4.
Viewing Call Home status 4 Viewing Call Home status You can view call home status from the main Management application window or from the Call Home Notification dialog box. The Management application enables you to view the call home status at a glance by providing a call home status icon on the Status Bar. The following table illustrates and describes the icons that indicate the current status of the call home function.
4 Assigning a device to the call home center Assigning a device to the call home center Discovered devices (switches, routers, and directors) are not assigned to a corresponding call home center automatically. You must manually assign each device to a call home center before you use call home. To assign a device or multiple devices to a call home center, complete the following steps. 1. Select Monitor > Event Notification > Call Home. The Call Home dialog box displays. 2.
Removing all devices and filters from a call home center 4 Removing all devices and filters from a call home center To remove all devices and filters from a call home center, complete the following steps. 1. Select Monitor > Event Notification > Call Home. The Call Home dialog box displays. 2. Select the call home center from which you want to remove devices and filters in the Call Home Center table. 3. Click the left arrow button. A confirmation message displays. 4. Click OK.
4 Assigning an event filter to a call home center Assigning an event filter to a call home center Event filters allow call home center users to log in to a Management server and assign specific event filters to the devices. This limits the number of unnecessary or ‘acknowledge’ events and improves the performance and effectiveness of the call home center. You can only select one event filter at a time; however, you can assign the same event filter to multiple devices or call home centers.
Overwriting an assigned event filter 4 Overwriting an assigned event filter A device can only have one event filter at a time; therefore, when a new filter is applied to a device that already has a filter, you must confirm the new filter assignment. To overwrite an event filter, complete the following steps. 1. Select Monitor > Event Notification > Call Home. The Call Home dialog box displays. 2. Select the event filter you want to apply in the Call Home Event Filters table.
4 Removing an event filter from a device Removing an event filter from a device To remove an event filter from a device, complete the following steps. 1. Select Monitor > Event Notification > Call Home. The Call Home dialog box displays. 2. Choose one of the following options in the Call Home Centers table: • Right-click an event filter assigned to a device and select Remove Filter. • Right-click a device to which the event filter is assigned and select Remove Filter.
Chapter 5 View management In this chapter • About view management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Creating a customized view . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Editing a customized view. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Deleting a customized view . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Copying a view . . . . . . . . . . . . . . . . . . .
5 Creating a customized view Creating a customized view You may want to customize the Product List and Connectivity Map to simplify management of large SANs by limiting the topology size or Product List columns. For each customized view, you can specify the fabrics and hosts that display on the Connectivity Map as well as the columns and device groupings that display on the Product List. Customized view settings reside on the Server.
Editing a customized view 5 4. Click the Hosts tab and in the Available Host table, select the fabrics you want to include in the view and use the right arrow button to move your selections to the Selected Fabrics and Hosts table. FIGURE 55 Create View dialog box - Hosts Tab 5. Click OK to save the customized view and close the Create View dialog box. The new view displays automatically in the main window of the Management application.
5 Deleting a customized view 2. Use the left arrow button to remove fabrics and hosts from the Selected Fabrics and Hosts table. 3. Click the Fabrics tab, and in the Available Fabrics table, select the fabrics you want to include in the view and use the right arrow button to move your selections to the Selected Fabrics and Hosts table. 4.
Copying a view 5 Copying a view 1. Use one of the following methods to open the Copy View dialog box: • Select View > Manage View > Copy View > View_Name. • Select Copy View from the View All list. Does not display until you discover a fabric. The Copy View dialog box title displays the name of the view you are copying. FIGURE 58 Copy View dialog box 2. Enter a name and description of the view. 3. Click OK to save your changes and close the Copy View dialog box. 4.
5 Customizing the layout of devices on the topology Port Label. Select to configure which port labels display. NOTE Changes apply to the selected fabric or the fabric to which the selected item belongs. Name. Displays the name as the port label. If the port has not been given a name, the port’s WWN displays. Port Number. Displays the port number as the port label. Port Address. Displays the port address as the port label. Port WWN. Displays the port world wide name as the port label. User Port #.
Customizing the layout of connections on the topology 5 • Vertical. Displays the device icons vertically. • Horizontal. Displays the device icons horizontally. • Most Connected at Center. Displays the node that has the most connections at the center of the topology. • Directional. Displays the internal nodes in a position where they mirror the external groups to which they are connected. 2. Select the Set as Default Layout check box to set your selection as the default. 3.
5 Reverting to the default background color 2. Select the Custom option and click Change. The Choose a background color dialog box displays (Figure 60). FIGURE 60 Map Display dialog box 3. Select or specify a color and preview it in the Preview pane. • To pick a color from a swatch, select the Swatches tab. Select a color from the display. • To specify a color based on hue, saturation, and brightness, click the HSB tab.
Changing the product label 5 Changing the product label 1. Select a product in the Connectivity Map or Product List. 2. Select View > Product Label, then select one of the following options: • • • • Name (Product). Displays the product name as the product label. WWN. Displays the world wide name as the product label. IP Address. Displays the IP Address as the product label. Domain ID. Displays the domain ID as the product label.
5 Grouping on the topology Grouping on the topology To simplify management, devices display in groups. Groups are shown with background shading and are labeled appropriately. You can expand and collapse groups to easily view a large topology. Collapsing groups To collapse a single group on the topology, do one of the following: • Click the icon at the top right-hand corner of the group on the topology ( ). • Double-click in the group, but not on a device.
Saving a custom connection configuration 5 4. Click the right arrow to move them to the Selected Zones list. 5. Click OK. Saving a custom connection configuration NOTE Active zones must be available on the fabric. To save a new custom connection configuration, complete the following steps. 1. Choose from one of the following options: • Select a fabric on the topology and select View > Connected End Devices > Custom. • Right-click a fabric on the topology and select Connected End Devices > Custom.
5 Customizing the main window Customizing the main window You can customize the main window to display only the data you need by displaying different levels of detail on the Connectivity Map (topology) or Product List. Zooming in and out of the connectivity map You can zoom in or out of the Connectivity Map to see products and ports. Zooming In To zoom in on the Connectivity Map, use one of the following methods: • Click the zoom-in icon ( ) on the toolbox. • Press CTRL + NumPad+ on the keyboard.
Showing levels of detail on the connectivity map 5 Showing levels of detail on the connectivity map You can configure different levels of detail on the Connectivity Map, making Management easier. View Fabrics To view only fabrics, without seeing groups, products or ports: Select View > Show> Fabrics Only. View Groups To view only groups and fabrics, without seeing products or ports: Select View > Show> Groups Only. View Products To view products, groups, and fabrics: Select View > Show> All Products.
5 Customizing application tables Customizing application tables You can customize any table in the Management application (for example, the Master Log or the Product List) in the following ways: • • • • • • • • • Display only specific columns Display columns in a specific order Resize the columns to fit the contents Sort the table by a specific column or multiple columns Copy information from the table to another application Export information from the table Search for information Expand the table to vi
Customizing application tables 5 2. Choose from the following options: • Select the check box to display a column. OR Select the column name and click Show. • Clear the check box to hide a column. OR Select the column name and click Hide. • Click Select All to select all check boxes. • Click Deselect All to clear all check boxes. • Click Restore Defaults to restore the Product List to the original settings. 3. Click OK.
5 Customizing application tables Copying table information You can copy the entire table or a specific row to another application (such as, Notepad, Excel, Word, and so on). 1. Choose from one of the following options: • Right-click anywhere in the table and select Table > Copy Table. • Select the table row that you want to export and select Table > Copy Row. 2. Open the application to which you want to copy the Product List information. 3. Select Edit > Paste or CTRL + V. 4. Save the file.
Searching for a device in the connectivity map 5 Expanding and collapsing tables You can expand a table to display all information or collapse it to show only the top level. To expand the entire table, right-click anywhere in the table and select Expand All or Table > Expand All. To collapse the entire table, right-click anywhere in the table and select Collapse All or Table > Collapse All.
5 140 Searching for a device in the connectivity map DCFM Enterprise User Manual 53-1001775-01
Chapter 6 Third-party tools In this chapter • About third-party tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Starting third-party tools from the application . . . . . . . . . . . . . . . . . . . . . . • Launching a Telnet session . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Launching an Element Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Launching Web Tools. . . . . . . . . . . . . . . . . . . .
6 Starting third-party tools from the application Starting third-party tools from the application You can open third-party tools from the Tools menu or a device’s shortcut menu. Remember that you cannot open a tool that is not installed on your computer. You must install the tool on your computer and add the tool to the Tools menu or the device’s shortcut menu. To open an application, perform the following steps. 1. Select the device. 2.
Launching an Element Manager 6 Launching an Element Manager Element Managers are used to manage Fibre Channel switches and directors. You can open a device’s Element Manager directly from the application. To launch a device’s Element Manager, complete the following steps. On the Connectivity Map, double-click the device you want to manage. The Element Manager displays. OR On the Connectivity Map, right-click the device you want to manage and select Element Manager > Hardware. The Element Manager displays.
6 Launching FCR configuration 1. Select a Fabric OS device. 2. Select Configure > Element Manager > Hardware. Web Tools displays. OR 1. Select a Fabric OS device. 2. Click the Element Manager icon on the toolbar. Web Tools displays. Launching FCR configuration Use FCR Configuration to launch the FC Routing module, which enables you to share devices between fabrics without merging the fabrics. You can open the FC Routing module directly from the Management application.
Launching HCM Agent 6 Launching HCM Agent Use Brocade HCM Agent to enable and manage Brocade HBAs. You can open HCM Agent directly from the application. For more information about HCM Agent, refer to the Brocade HCM Agent Administrator’s Guide. For more information about Brocade HBAs, refer to the documentation for the specific device. To launch a device’s Element Manager, complete the following steps. NOTE You must have Device Administration privileges for the selected device to launch HCM Agent.
6 Adding a tool Adding a tool You can specify third-party tools so they appear on the Setup Tools dialog box. From there, you can add them to the Tools menu and then open the tools directly from the Management application. To add a tool, complete the following steps. 1. Select Tools > Setup. The Setup Tools dialog box displays. 2. Click the Tools Menu tab. 3. Click Define. The Define Tools dialog box displays (Figure 64). FIGURE 64 Define Tools dialog box 4.
Entering the server IP address of a tool 6 Entering the server IP address of a tool If the third-party tool is a web-based application, you must enter the IP address of the applications server as a parameter to be able to open the application. To enter the server IP address, complete the following steps. 1. Select Tools > Setup. The Setup Tools dialog box displays. 2. Click the Tools Menu tab.
6 Adding an option to the Tools menu FIGURE 65 Setup Tools dialog box (Tools menu tab) 3. Type a label for the option as you want it to appear on the Tools menu in the Menu Text field. 4. Select the application from the Tool list, or click Define if you want to specify a new tool. To specify a new tool, refer to “Adding a tool” on page 146. 5. (Optional) Enter parameters, such as a URL, in the Parameters field. 6. (Optional) Select a keyboard shortcut in the Keystroke list.
Changing an option on the Tools menu 6 Changing an option on the Tools menu You can edit parameters for third-party tools that display on the Tools menu. To edit a option to the tools menu, complete the following steps. 1. Select Tools > Setup. The Setup Tools dialog box displays. 2. Click the Tools Menu tab. The Tool Menu Items table displays all configured tools, including the tool name as it displays on the Tools menu, parameters, and keystroke shortcuts. 3.
6 Adding an option to a device’s shortcut menu Adding an option to a device’s shortcut menu You can add an option to a device’s shortcut menu. To add an option to the device’s shortcut menu, complete the following steps. 1. Select Tools > Setup. The Setup Tools dialog box displays. Click the Product Menu tab (Figure 66). FIGURE 66 Setup Tools dialog box (Product Menu tab) The Product Popup Menu Items table displays all configured shortcut menu options. 2.
Changing an option on a device’s shortcut menu 7. 6 Select the tool that you want to launch from the Tool list, or click Define to add a tool. To specify a new tool, refer to “Adding a tool” on page 146. 8. Select the Append device ID check box to specify the parameter used when opening the tool. - To specify that the device’s IP address should be used when opening the tool, select the IP Address option.
6 Removing an option from a device’s shortcut menu 9. Select the tool from the Tool list that you want to launch, or click Define to add a tool. To specify a new tool, refer to “Adding a tool” on page 146. 10. Select the Append device ID check box to specify the parameter used when opening the tool. - To specify that the device’s IP address should be used when opening the tool, select the IP Address option.
VMware vCenter plug-in 6 VMware vCenter plug-in NOTE You must have host management privileges to access the Plug-in for VMware vCenter dialog box. The VMware vCenter plug-in is a web application hosted on the Management server. This web application sends dynamic HTML content to the vSphere or VI client and the client renders the HTML content.
6 Editing a vCenter server Editing a vCenter server 1. Select Tools > Plug-in for VMware vCenter. The Plug-in for VMware vCenter dialog box displays. 2. Click Edit. The Edit vCenter Server dialog box displays. The Host field is not editable in the Edit vCenter Server dialog box. 3. Change the port number in the Port field. Default is 443. Valid port number are between 1 and 65535. 4. Change your user ID and password. 5. Click OK on the Edit vCenter Server dialog box. 6.
Chapter 7 Server Management Console In this chapter • Server management console overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Changing server port numbers. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Restoring the database. . . . .
7 Services Launching the SMC on Linux and Solaris Perform the following steps to launch the server management console on Linux and Solaris systems. 1. On the Management application server, go to the following directory: Install_Directory/bin 2. Type the following at the command line: ./smc OR sh smc Services You must be logged in at the administrator (Windows systems) or root (UNIX systems) level to stop, start, and restart the Management application services.
Refreshing the server status 7 3. Review the following information for each available service. • • • • Name—The name of the server; for example, FTP Server or Database Server. Process Name—The name of the process; for example, dbsrv10.exe (Database Server). Status—The status of the service; for example, started or stopped. Start Time—The date and time the service started. The Start Time for Service Location Protocol displays as ‘Not Available’. 4. Click Close to close the Server Management Console.
7 Starting all services Starting all services NOTE The Start button restarts running services in addition to starting stopped services which causes client-server disconnect. To start all services, complete the following steps. 1. Launch the Server Management Console. 2. Click the Services tab. 3. Click Start to start all services. NOTE If the server is configured to use an external FTP server, the Server Management Console does not attempt to start the built-in FTP service. 4.
Authentication 7 Authentication The Authentication function enables you to configure an authentication server and establish authentication policies. Authentication is configured to the local database by default. If you configure primary authentication to a Radius server, an LDAP server, or switch authentication, you can also configure secondary authentication to the local server.
7 Configuring a Radius server 1. Select the Authentication tab (Figure 68). FIGURE 68 Authentication tab 2. For Primary Authentication, select Radius Server. 3. Click Add. The Add or Edit Radius Server dialog box displays (Figure 69). FIGURE 69 Add or Edit Radius Server 4. Enter the radius server’s IP address in the IP Address field. 5. Enter the TCP port used by the Radius server in the TCP Port field. 6. Select the authentication policy (PAP or CHAP) from the Authentication Type field. 7.
Configuring an LDAP server 7 10. Click OK to return to the Authentication tab. 11. If you have established an active connection with the Radius server, click Test. Test attempts to contact the Radius server by issuing a ping command. 12. Click Apply to save the configuration. Configuring an LDAP server If you are using an LDAP server for authentication, make the following preparations first: • Have the IP address of the server available. • Know the TCP port you are using.
7 Configuring switch authentication 3. Click Add. The Add or Edit LDAP Server dialog box displays (Figure 71). FIGURE 71 Add or Edit LDAP server 4. Enter the LDAP server’s IP address in the IP Address field. 5. Enter the TCP port used by the Radius server in the TCP Port field. 6. Enter the timeout timer value (in seconds) that specifies the amount of time to wait between retries when the server is busy in the Timeout (Sec) field. 7.
Configuring Windows authentication 7 3. Enter the switch IP address and click Add. Repeat step 3 as needed. You can add up to three switches. 4. Set up the fall back order by completing the following steps. a. Select the IP address of the switch you want to move. b. Click Move Up or Move Down to move the switch where you want it. 5. Select a switch and click Remove to remove a switch from the list. 6. Click Test. The Test Authentication dialog box displays. 7.
7 Configuring NIS authentication Configuring NIS authentication Network Information Services (NIS/NIS+) authentication enables you to authenticate a user account against the NIS user account and the Management application server when running on UNIX platforms. To configure NIS authentication, complete the following steps. 1. Select the Authentication tab. 2. For Primary Authentication, select NIS. 3. Enter the NIS IP address in the NIS Host Name/ IP Address field. 4.
Displaying the client authentication audit trail 7 3. Click Test. The Test Authentication dialog box displays. 4. Enter your user ID and password and click Test. Test verifies your user ID and password for the local database and verifies user privileges on the Management application server. 5. Click Apply to save the configuration. Displaying the client authentication audit trail All responses to authentication requests coming from clients are logged to an audit trail log file.
7 Restoring the database FIGURE 72 Restore tab 4. Click Browse to select the path (defined in the Output Directory field on the Options dialog box - Backup pane) to the database backup location. 5. Click Restore. Upon completion, a message displays the status of the restore operation. Click OK to close the message and the Server Management Console. For the restored data to take effect, re-launch the Configuration Wizard using the instructions in “Launching the Configuration Wizard” on page 18.
Capturing technical support information 7 Capturing technical support information The Technical Support Information tab of the SMC allows you to capture technical support information for the Management application as well as the configuration files for all switches in discovered fabrics. This information is saved in a zip file in a location that you specify. To capture technical support information, complete the following steps. 1. Select the Technical Support Information tab (Figure 73).
7 Upgrading HCM on the Management server Upgrading HCM on the Management server The HCM Upgrade tab enables you to upgrade the Management application to include a new version of HCM. To upgrade HCM, complete the following steps. 1. Select the HCM Upgrade tab (Figure 74). FIGURE 74 HCM Upgrade tab 2. Click Browse to select the HCM installation folder location (for example, C:\Program Files\BROCADE\Adapter on Windows systems and /opt/brocade/adapter on Solaris and Linux systems). 3. Click Upgrade. 4.
SMI Agent configuration 7 SMI Agent configuration The SMIA Configuration Tool enables you to configure SMI Agent settings, such as security, CIMOM, and certificate management. This tool is automatically installed with the Management application as part of the Server Management Console. This SMIA Configuration Tool consists of the following tabs: • Home—enables you to launch the following Management application dialog boxes: Discovery, Users, Options, Server, and About.
7 SMI Agent configuration 4. Select or clear the Save password check box to choose whether you want the application to remember your password the next time you log in. 5. Click Login. The SMIA Configuration Tool dialog box displays (Figure 76). FIGURE 76 SMIA Configuration Tool dialog box Launching the SMIA configuration tool on Linux and Solaris NOTE All Management application services must be running before you can log into the SMIA Configuration Tool.
Launching a remote SMIA configuration tool 7 Launching a remote SMIA configuration tool To launch a remote SMIA configuration tool, complete the following steps. 1. Open a web browser and enter the IP address of the Management application server in the Address bar. If the web server port number does not use the default (443 if is SSL Enabled; otherwise, the default is 80), you must enter the web server port number in addition to the IP address. For example, IP_Address:Web_Server_Port_Number.
7 Authentication Accessing Management application features To access Management application features such as, discovery, role-based access control, application configuration and display options, server properties, as well as the application name, build, and copyright, complete the following steps. 1. Click the Home tab, if necessary. 2. Select from the following to access the feature or dialog box. • • • • • Discovery Users Options Server About 3.
Authentication 7 1. Click the Authentication tab. FIGURE 77 Authentication tab 2. Select the Enable Client Mutual Authentication check box, as needed. If the check box is checked, CIM client mutual authentication is enabled. If the check box is clear (default), client mutual authentication is disabled. 3. Select the Enable Indication Mutual Authentication check box, as needed. If the check box is checked, indication mutual authentication is enabled.
7 Authentication Configuring CIMOM server authentication CIMOM server authentication is the authentication mechanism between the CIM client and the CIMOM Server. You can configure the CIMOM server to allow the CIM client to query the CIMOM server without providing credentials; however, the CIMOM server requires the Management application credentials to connect to the Management application server to retrieve the required data.
CIMOM configuration 7 CIMOM configuration NOTE You must have Security Read and Write privileges to make changes on the CIMOM tab. The CIMOM tab enables you to configure the CIMOM server port, the Bind Network Address, and the CIMOM log. Configuring the SMI Agent port number To configure the SMI Agent port number, complete the following steps. 1. Click the CIMOM tab. FIGURE 78 CIMOM tab 2. Select or clear the Enable SSL check box, to enable or disable SSL for the SMI Agent.
7 CIMOM configuration 4. Click Apply. NOTE Changes on this tab take effect after the next CIMOM server restart. If you disabled SSL, a confirmation message displays. Click Yes to continue. 5. Click Close to close the SMIA Configuration Tool dialog box. Configuring the Bind Network Address NOTE You must have Security Read and Write privileges to make changes on the CIMOM tab. To configure the network bind address, complete the following steps. 1. Click the CIMOM tab. 2.
Certificate management 7 • Finer—select to only log message data used to provide detailed trace information. • Finest—select to only log message data used to provide highly detailed trace information. • All—select to log support data for all messages. 3. Click Apply. NOTE Changes on this tab take effect after the next CIMOM server restart. 4. Click Close to close the SMIA Configuration Tool dialog box.
7 Certificate management 2. Select the Client or Indication from the Authentication list. The appropriate certificates display in the Certificates list. 3. Enter the full path or browse to the certificate you want to import (for example, C:\Certificates\cimom-indication-auth2.cer). You can only import certificate files with the CER extension (.cer). 4. Enter a name for the certificate in the Certificate Name field. 5. Click Import. The new certificate displays in the Certificates list and text box.
Certificate management 7 5. Browse to the directory where you want to export the certificate. 6. Edit the certificate name in the File Name field, if necessary. 7. Click Save. 8. Click Close to close the SMIA Configuration Tool dialog box. Deleting a certificate NOTE You must have Security Read and Write privileges to view or make changes to the Certificate Management tab. To delete a certificate, complete the following steps. 1. Click the Certificate Management tab. 2.
7 Viewing the configuration summary Viewing the configuration summary To view summary information about the Server configuration and the current configuration, complete the following steps. 1. Click the Summary tab. FIGURE 80 Summary tab 2. Review the summary. NOTE When the CIMOM server is stopped, the server configuration information does not display on the Summary tab. The following information is included in the summary.
Viewing the configuration summary 7 Field/Component Description Bind Network Address Displays the Bind Network address for the Server Configuration and the Current Configuration. Log Level Displays the log level for the Server Configuration and the Current Configuration. Options include the following: • 10000—Off • 1000—Severe • 900—Warning • 800—Info (default) • 700—Config • 500—Fine • 400—Finer • 300—Finest • 0—All Managed Ports Displays the number of managed ports.
7 182 Viewing the configuration summary DCFM Enterprise User Manual 53-1001775-01
Chapter 8 Device Configuration In this chapter • Configuration repository management . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Device properties. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Enhanced group management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Firmware management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Host port mapping. . . . . . . . . . . . . . . . . .
8 Saving switch configurations Saving switch configurations NOTE Save switch configuration is only supported on Fabric OS switches. NOTE To save switch configuration on more than one switch at a time, you must have the Enhanced Group Management license. Configuration files are uploaded from the selected switches and stored in individual files. Files are named with the convention cfg_fabricName_switchName_domainID. 1. Select Configure > Switch > Save.
Restoring a switch configuration for a selected device 8 Restoring a switch configuration for a selected device The Restore Switch Configuration dialog box enables you to download a previously saved switch configuration to a selected device. To restore a switch configuration, complete the following steps. 1. Right-click a device in the Product List or the Connectivity Map, and select Configuration > Restore. The Restore Switch Configuration dialog box displays (Figure 81).
8 Backing up a switch configuration Backing up a switch configuration NOTE The Enhanced Group Management (EGM) license must be activated on a switch to perform this procedure and to use the supportSave module. If a periodic backup is scheduled at the SAN level, that backup will apply to all switches from all fabrics discovered. Any new fabrics being discovered are automatically added to the list of fabrics to be backed up.
Backing up a switch configuration 8 3. Set the Schedule parameters. These include the following: - The desired Frequency for backup operations (daily, weekly, monthly). The Day you want back up to run. If Frequency is Daily, the Day list is grayed out. If Frequency is Weekly, choices are days of the week (Sunday through Saturday). If Frequency is Monthly, choices are days of the month (1 through 31). - The Time (hour, minute) you want back up to run. The maximum age allowed before you Purge Backups.
8 Restoring a configuration from the repository Restoring a configuration from the repository 1. Right-click a device in the Product List or the Connectivity Map, and select Configuration > Configuration Repository. The Switch Configuration Repository dialog box displays (Figure 84). FIGURE 84 Switch Configuration Repository 2. Select the configuration you want to restore, and click Restore. The configuration is downloaded to the device.
Viewing configuration file content 8 Viewing configuration file content You can view switch configuration file content in a text file. 1. Right-click a device in the Product List or the Connectivity Map, and select Configuration > Configuration Repository. The Switch Configuration Repository dialog box displays. 2. Click View. The configuration details display.
8 Searching the configuration file content Searching the configuration file content To search the configuration file content, complete the following steps. 1. Right-click a device in the Product List or the Connectivity Map, and select Configuration > Configuration Repository. The Switch Configuration Repository dialog box displays. 2. Click View. The configuration details display. 3. Enter the information you want to search for in the field and click Search.
Exporting a configuration 8 Exporting a configuration 1. Right-click a device in the Product List or the Connectivity Map, and select Configuration > Configuration Repository. The Switch Configuration Repository dialog box displays. 2. Select the configuration you want to export, and click Export. The file chooser appropriate to your operating system displays. 3. Use the file chooser to select the location into which you want to export the configuration. 4. Click Export.
8 Replicating security configurations Replicating security configurations You can replicate an AD/LDAP Server, DCC, IP, RADIUS Server, or SCC security policy. Right-click a device in the Product List or the Connectivity Map, and select Configuration > Replicate > Security. A wizard is launched to guide you through the process. Device properties You can customize the device Properties dialog boxes to display only the data you need by adding, editing, and deleting property labels.
Device properties TABLE 10 8 Device properties (Continued) Field/Component Description Contributors The device contributors. Device Type Whether the device is an initiator or target. Description A description of the customer site. Destination IP Address The IP address of the of the FCIP tunnel destination device. Discovery Status The discovery status of the switch. Examples include ‘Discovered: Seed Switch’ and ‘Discovered: Not Reachable’.
8 Device properties TABLE 10 194 Device properties (Continued) Field/Component Description Member Ports The member ports of the trunk. Model The model number of the device. Name The user-defined name of the switch. Node Name The name of the node. Node WWN The world wide name of the node. Physical/Logical Whether the device is a physical device or a logical device. Port Count The number of ports. Port Type The port type.
Adding a property label TABLE 10 8 Device properties (Continued) Field/Component Description VLAN Class of Service for Data Connection The VLAN class of service for the data connection of the FCIP tunnel. VLAN ID The VLAN identification number. WWN The world wide name of the device. Adding a property label You can add a new field to any of the tabs on the Properties dialog box. To add a new field, complete the following steps. 1. Right-click any product icon and select Properties.
8 Deleting a property label Deleting a property label You can delete any label that you created on any of the tabs from the Properties dialog box. To delete a label, complete the following steps. 1. Right-click any product icon and select Properties. The Properties dialog box displays. 2. Select the tab on which you want to delete a property. 3. Right-click the label for the property you want to delete. 4. Select Delete. 5. Click Yes on the confirmation message. The property you selected is deleted.
Firmware management 8 Firmware management A firmware file repository (Windows systems only) is maintained on the server in the following location: C:\Program Files\Install_Directory\data\ftproot\6.1.1\n.n.n\n.n.n\ The firmware repository is used by the internal FTP server that is delivered with the Management application software, and may be used by an external FTP server if it is installed on the same platform as the Management application software.
8 Importing a firmware file and release notes FIGURE 87 Firmware repository 3. View information about a specific firmware file by selecting the firmware file in the Firmware Repository. The Firmware Name, Release Date, and Import Date are displayed. You may also view the Release Notes, if the release notes were imported. Importing a firmware file and release notes Firmware files and release notes can be imported into the Firmware Repository. 1. Select Configure > Firmware Management.
Deleting a firmware file 8 4. Type in the location of the firmware file and release notes, or use Browse to select the location. The Management application supports .zip and .gz compression file types for firmware files. 5. Click OK. You return to the Repository tab. The file is listed in the Firmware Repository when the import is complete and successful. Deleting a firmware file Firmware files can be deleted from the Firmware Repository. 1. Select Configure > Firmware Management.
8 Download firmware FIGURE 89 Firmware download 3. Select one or more switches from Available Switches. 4. Click the right arrow to move the switches to Selected Switches. 5. Select a specific version from the Firmware to Download column, or use Select Latest to automatically select the latest version. If you have your FTP or SCP Server configured to use an external FTP or SCP Server, the Firmware to Download column is empty. 6.
Host port mapping 8 Host port mapping HBAs and Hosts discovered through a fabric can be easily identified in the topology by their product icons. For a list of products and their icons, refer to “Product icons” on page 11. Once identified in the topology, you can create Hosts and assign the HBAs to them and import an externally created Host port mapping file (.CSV) to the Management application.
8 Renaming an HBA Host Renaming an HBA Host To rename a Host, complete the following steps. 1. Right-click an HBA icon and select Host Port Mapping. The Host Port Mapping dialog box displays. 2. Click the Host you want to rename in the Hosts table, wait a moment, and then click it again. The Host displays in edit mode. 3. Type a new name for the Host. The name of the Host appears in the Hosts table in alphabetical order with the new name.
Associating an HBA with a Host 8 Associating an HBA with a Host ATTENTION Discovered information overwrites your user settings. To associate an HBA with a Host, complete the following steps. 1. Right-click an HBA icon and select Host Port Mapping. The Host Port Mapping dialog box displays. 2. Select the Host to which you want to assign HBAs in the Hosts table or click New Host to create a new Host. 3. Select the HBA from the HBAs table on the left and click the right arrow.
8 Removing an HBA from a Host To import Host port mapping, complete the following steps. 1. Right-click an HBA icon and select Host Port Mapping. The Host Port Mapping dialog box displays. 2. Click Import. The Import dialog box displays. 3. Browse to the file (CSV format only) you want to import. 4. Click Open on the Import dialog box.
Exporting Host port mapping 8 Exporting Host port mapping The Host Port Mapping dialog box enables you to export a Host port. The export file uses the CSV format. The first row contains the headers (HBA/Ports WWN, Host Name) and the switch to which the port is connected. Example HBA World Wide Name, Host Name 5005076717011E7D, Server1 50050767170A5AAF, Server1 To export a Host port, complete the following steps. 1.
8 Ports Ports You can enable and disable ports, as well as view port details, properties, type, status, and connectivity. Viewing port connectivity The connected switch and switch port information displays for all ports. To view port connectivity, choose one of the following steps: • Right-click a product icon and select Port Connectivity. • Select a product icon and select Monitor > Port Connectivity. The Port Connectivity View dialog box displays (Figure 91).
Ports TABLE 12 8 Port connectivity properties (Continued) Field Description Buffer Limited Whether buffers are limited. Buffers Needed/Allocated The ratio of buffers needed relative to the number of buffers allocated. Calculated Status The operational status. There are four possible operation status values: • Up - Operation is normal. • Down - The port is down or the route to the remote destination is disabled. • Disabled - The connection has been manually disabled.
8 Ports TABLE 12 208 Port connectivity properties (Continued) Field Description Device Type The device type; for example, target or initiator. FC4 Type The active FC4 type; for example, SCSI. FC Address The Fibre Channel address. Each FC port has both an address identifier and a world wide name (WWN). Flag Whether a flag is on or off. Hard Address The hard address of the device. Host Name The name of the Host.
Refreshing the port connectivity view TABLE 12 8 Port connectivity properties (Continued) Field Description Switch Routing Policy Whether a routing policy, for example, port-based routing policy, is enabled. Switch Secure Mode Whether switch secure mode is enabled. Switch Status The operational status. There are four possible operation status values: • Up - Operation is normal. • Down - The port is down or the route to the remote destination is disabled.
8 Filtering port connectivity Filtering port connectivity To filter results from the port connectivity view, complete the following steps. 1. Click the Filter link from the Port Connectivity View dialog box The Filter dialog box displays (Figure 92). FIGURE 92 Filter dialog box 2. Click a blank cell in the Field column to select the property from which to filter the results. 3. Click a blank cell in the Relation column to select an action operation.
Viewing port details 8 Resetting the filter Reset immediately clears all existing definitions. You cannot cancel the reset. To reset the Filter dialog box, complete the following steps. 1. Click the Filter link from the Port Connectivity View dialog box. The Filter dialog box displays. 2. Click Reset. All existing definitions are cleared automatically. You cannot cancel the reset. Enabling the filter To enable the filter, select the Filter check box.
8 Viewing ports and port properties Viewing ports and port properties To view ports on the Connectivity Map, right-click a product icon and select Show Ports. NOTE Show Ports is not applicable when the map display layout is set to Free Form (default). NOTE This feature is only available for connected products. On bridges and CNT products, only utilized Fibre Channel ports display; IP ports do not display.
Viewing ports and port properties 8 Depending on the port type, some of the following properties (Table 13) may not be available for all products. TABLE 13 Port properties Field Description # Virtual Session Ports The number of virtual session ports associated with the GE port. Additional Port Info Additional error information relating to the selected port. Address The address of the port. Active FC4 Types The active FC4 types. Active Tunnels The number of active tunnels.
8 Viewing ports and port properties TABLE 13 214 Port properties (Continued) Field Description MAC Address The Media Access Control address assigned to a network adapters or network interface cards (NICs). Manufacturer Plant The name of the manufacturer plant. Modify button Click to launch the Element Manager. Model The model number of the device. Name The name of the switch.
Port types TABLE 13 8 Port properties (Continued) Field Description Vendor The product vendor. Virtual FCoE Port Count The number of FC ports on the device. Port types On the Connectivity Map, right-click a switch icon and select Show Ports. The port types display showing which ports are connected to which products. NOTE Show Ports is not applicable when the map display layout is set to Free Form (default). NOTE This feature is only available for connected products.
8 Viewing port connection properties Viewing port connection properties You can view the information about products and ports on both sides of the connection. 1. Right-click the connection between two end devices on the Connectivity Map and select Properties. OR Double-click the connection between two devices on the Connectivity Map. The Connection Properties dialog box displays.
Viewing port connection properties TABLE 15 Port connection properties (Continued) Field Description 2-IP Address The IP address of the second switch. 2-Trunk Whether there is a trunk on the second switch. 2-Speed (Gbps) The speed of the second switch. Selected Connection Properties table DCFM Enterprise User Manual 53-1001775-01 8 The connected device port information. Area ID (hex)/Port Index (hex) The area identifier, in hexadecimal, of the switch-to-product connection.
8 Determining inactive iSCSI devices TABLE 15 Port connection properties (Continued) Field Description Protocol The network protocol, for example, Fibre Channel. RA TOV The resource allocation time out value, in milliseconds, of the connected switch. This variable works with the E D TOV variable to determine switch actions when presented with an error condition. Sequence # The sequence number of the switch. Serial # The serial number of the switch. Slot # The slot number of the switch.
Viewing port optics 8 Viewing port optics To view port optics, complete the following steps. 1. Right-click the switch for which you want to view port optic information on the Connectivity Map and select Port Optics (SFP). The Port Optics (SFP) dialog box displays(Figure 95). FIGURE 95 Port Optics dialog box 2. Review the port optics information. • Slot/Port #—The slot and port number of the selected fabric. • FC Address—The Fibre Channel address of the port.
8 Viewing port optics • • • • • • • • • Vendor PN—The part number of the SFP. Vendor Rev—The revision number of the SFP. Serial #—The serial number of the SFP. Data Code—The data code. Media Form Factor—The type of media for the transceiver; for example, single mode. Connector—The type of port connector. Wave Length—The wave length. Encoding—Displays how the fiber optic cable is encoded. Voltage (mVolts)—The voltage across the port in mVolts. 3. Sort the results by clicking on the column header. 4.
Port Auto Disable 8 Port Auto Disable The Port Auto Disable dialog box allows you to enable and disable the port auto disable flag on individual FC_ports or on all ports on a selected device, as well as unblock currently blocked ports. NOTE The device must be running Fabric OS 6.3 or later. Viewing the port auto disable status NOTE The device must be running Fabric OS 6.3 or later. 1. Select Configure > Port Auto Disable. The Port Auto Disable dialog box displays.
8 Enabling port auto disable on individual ports • • • • • • • • • Port Type—Displays the port type. Port Number—Displays the port number. Port WWN—Displays the port world wide name. Port Name—Displays the port name. User Port #—Displays the user port number. PID—Displays the port identifier. Connected Port #—Displays the connected port number. Connected Port WWN—Displays the connected port world wide name. Connected Port Name—Displays the connected port name. 3.
Disabling port auto disable on individual ports 8 Disabling port auto disable on individual ports NOTE The device must be running Fabric OS 6.3 or later. 1. Select Configure > Port Auto Disable. The Port Auto Disable dialog box displays. 2. Select the fabric on which you want to disable port auto disable (PAD) from the Fabric list. 3. Choose one of the following options from the Show list to filter the port list: • All Ports (default)—Displays all ports in the fabric.
8 Storage port mapping configuration Storage port mapping configuration The Management application enables you to see multiple ports on your storage devices in a SAN. It also displays the relationship between multiple ports and represents them as attached to a storage array (device) in the Device Tree, Topology, and Fabric views. Occasionally, there are cases where the Management application cannot see the relationship between ports attached to the same storage device.
Adding storage ports to a storage array 8 Adding storage ports to a storage array To add storage ports to a storage array, complete the following steps. 1. Open the Storage Port Mapping dialog box by performing one of the following actions: - Select a storage port icon in the topology view, then select Discover > Storage Port Mapping. - Right-click any storage port icon in the topology view and select Storage Port Mapping.
8 Editing storage array properties 2. Select the storage port you want to unassign from the Storage Array list. 3. Click the left arrow button. The selected storage port is removed from the Storage Array list and added to the Storage Ports table. 4. Make sure the storage port you want to reassign is still selected. 5. Select the storage array to which you want to reassign the storage port in the Storage Array list. 6. Click the right arrow button.
Viewing storage port properties 8 3. Click Delete. The selected storage array and all storage ports assigned to the array are removed from Storage Array list. All Storage Ports assigned to the device are moved to the Storage Ports table. 4. Click OK to save your work and close the Storage Port Mapping dialog box. Viewing storage port properties 1.
8 Importing storage port mapping Importing storage port mapping The Storage Port Mapping dialog box enables you to import externally created storage port mapping information into the application. The imported file must be in CSV format. The first row must contain the headers (wwn, name) for the file, which is ignored during the import.
Exporting storage port mapping 8 When import is complete a result summary displays with the following information (“Import Results” on page 229). TABLE 16 Import Results Value Definition Total Valid Input Records Number of lines identified in the CSV file without any errors (excluding the Header). Unique storage port WWN’s Recognized Number of unique storage ports identified in the CSV file.
8 Device Technical Support 4. Browse to the location where you want to save the export file. Depending on your operating system, the default export location are as follows: • Desktop\My documents (Windows) • \root (Linux) • \ (Solaris) 5. Enter a name for the files and click Save. 6. Click OK to close the Storage Port Mapping dialog box. Device Technical Support You can use Technical Support to collect supportSave data (such as, RASLOG, TRACE and so on) and switch events from Fabric OS devices.
Starting immediate technical support information collection 8 10. Click OK on the Technical SupportSave dialog box. 11. Click OK on the confirmation message. Technical supportSave data is saved to the following directory: Install_Home\data\ftproot\technicalsupport\ Technical supportSave uses the following naming convention for the files: Supportinfo-Day-mm-dd-yyyy-hh-mm-ss\Switch_Type-Switch_IP_AddressSwitch_WWN. Data collection may take 20-30 minutes for each selected switch.
8 Viewing technical support information Viewing technical support information To view technical support information, complete the following steps. 1. Select Monitor > Technical Support > View Repository. The Repository dialog box displays. 2. Choose from one of the following options: • Select the Switches tab to view technical support information on switches. • Select the Hosts tab to view technical support information on Hosts. 3. Click View to view the repository in an Internet browser window.
Copying technical support information to an external FTP server 8 Copying technical support information to an external FTP server To copy the Support Save data located in the built-in FTP server to an external FTP server, complete the following steps. 1. Select Monitor > Technical Support > View Repository. The Repository dialog box displays. 2. Choose from one of the following options: • Select the Switches tab to copy technical support information on switches.
8 Upload Failure data capture Upload Failure data capture You can use Upload Failure Data Capture to enable, disable, and purge failure data capture files as well as configure the FTP Host for the switch. NOTE Upload Failure Data Capture is only supported on Fabric OS devices. Enabling upload failure data capture 1. Select Monitor > Technical Support > Upload Failure Data Capture. The Upload Failure Data Capture dialog box displays. FIGURE 97 Upload Failure Data Capture dialog box 2.
Disabling upload failure data capture 8 Disabling upload failure data capture NOTE Upload Failure Data Capture is only supported on Fabric OS devices. 1. Select Monitor > Technical Support > Upload Failure Data Capture. The Upload Failure Data Capture dialog box displays. 2. Select one or more devices on which you want to disable automatic trace dump from the Available Switches with Upload Failure Data Capture Enabled table. 3. Click the left arrow button.
8 Configuring the upload failure data capture FTP server Configuring the upload failure data capture FTP server NOTE Upload Failure Data Capture is only supported on Fabric OS devices. NOTE Some external FTP software (such as, Filezilla and Xlight) are not supported. 1. Select Monitor > Technical Support > Upload Failure Data Capture. The Upload Failure Data Capture dialog box displays. 2. Select a device from the Available Switches with Upload Failure Data Capture Enabled table. 3.
Viewing the upload failure data capture repository 8 Viewing the upload failure data capture repository NOTE Upload Failure Data Capture is only supported on Fabric OS devices. 1. Select Monitor > Technical Support > View Repository. The Repository dialog box displays. 2. Select the trace dump file you want to view from the Available Support and Upload Failure Data Capture Files table. 3. Click View. The Upload Failure Data Capture repository displays.
8 238 Viewing the upload failure data capture repository DCFM Enterprise User Manual 53-1001775-01
Chapter 9 Fabric Binding In this chapter • Fabric binding overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Enabling fabric binding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Disabling fabric binding. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Adding switches to the fabric binding membership list . . . . . . . . . . . . . . .
9 Enabling fabric binding Enabling fabric binding Fabric Binding is enabled through the Fabric Binding dialog box. After you have enabled Fabric Binding, use the Fabric Membership List/Add Detached Switch to add switches that you want to allow into the fabric. NOTE In a pure Fabric OS environment, Fabric Binding is only supported on Fabric OS 5.2 or later. In a mixed Fabric OS and M-EOS environment, Fabric Binding is only supported on Fabric OS 6.0 or later and M-EOS manageable switches and fabrics. 1.
Disabling fabric binding 9 Disabling fabric binding Fabric Binding cannot be disabled while High Integrity Fabric is active if the switch is offline. This disables fabric binding and High Integrity Fabric on the switch, but not the rest of the fabric. Disabled switches segment from the fabric. Fabric Binding is disabled through the Fabric Binding dialog box. NOTE In a pure Fabric OS environment, Fabric Binding is only supported on Fabric OS 5.2 or later.
9 Adding detached devices to the fabric binding membership list Adding detached devices to the fabric binding membership list To add a switch that does not have a physical connection and is not discovered to the fabric, complete the following steps. 1. Select Configure > Fabric Binding. The Fabric Binding dialog box displays. 2. Click Add Detached Switch. The Add Detached Switch dialog box displays. 3. Enter the domain ID of the switch in the Domain ID field. 4.
High integrity fabrics 9 High integrity fabrics The High Integrity Fabric (HIF) mode option automatically enables features and operating parameters that are necessary in multiswitch Enterprise Fabric environments. When HIF is enabled, each switch in the fabric automatically enforces a number of security-related features including Fabric Binding, Switch Binding, Insistent Domain IDs, and Domain Register for State Change Notifications (RSCNs).
9 Activating high integrity fabrics High integrity fabric requirements The term high integrity fabric (HIF) refers to a set of strict, consistent, fabric-wide policies. There are several specific configuration requirements for high integrity fabrics: • Insistent domain ID (IDID) must be enabled in the participating switches. • Port-based routing must be used on the participating switches. • A policy must be set that limits connectivity to only the switches within the same fabric.
Deactivating high integrity fabrics 9 2. Select the fabric on which you want to activate HIF from the Fabric Name list. The HIF status displays in the High Integrity Fabric field. 3. Click Activate. For Pure Fabric OS fabrics, HIF activates the Switch Connection Control (SCC) policy, sets Insistent Domain ID, and sets the Fabric Wide Consistency Policy (FWCP) for SCC in strict mode.
9 246 Deactivating high integrity fabrics DCFM Enterprise User Manual 53-1001775-01
Chapter 10 Fault Management In this chapter • Fault management overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Event logs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Event policies. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Event notification. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
10 Event logs Event logs The Management application provides a variety of logs through which you can monitor the SAN. You can view all events that take place in the SAN through the Master Log at the bottom of the main window. You can also view a specific log by selecting an option from the Monitor menu’s Logs submenu. The logs are described in the following list: • Audit Log.
Copying part of a log entry 10 Copying part of a log entry You can copy data from logs to other applications. Use this to analyze or store the data using another tool. To copy part of a log, complete the following steps. 1. Select Monitor > Logs > Log_Type. The Log_Type Logs dialog box displays the kind of log you selected. 2. Select the rows you want to copy. • To select contiguous rows, select the first row you want to copy, press Shift, and click the contiguous row or rows you want to copy.
10 Exporting the entire log Exporting the entire log You can export the log data to a tab delimited text file. To export a log, complete the following steps. 1. Select Monitor > Logs > Log_Type. The Log_Type Log dialog box displays the kind of log you selected. 2. Right-click a row and select Export Table. The Save table to a tab delimited file dialog box displays. 3. Browse to the location where you want to export the data. 4. Enter a name for the file in the File Name field. 5. Click Save.
Displaying event details from the Master Log 10 5. Enter your e-mail address in the From field. 6. Click OK. E-mailing a range of event details from the Master Log NOTE You must configure e-mail notification before you can e-mail event details from the Master Log. To configure e-mail notification, refer to “Configuring e-mail notification” on page 274. To e-mail event details from the Master Log, complete the following steps. 1. Right-click an entry in the Master Log. 2. Select E-mail > Date.
10 Copying part of the Master Log TABLE 17 Event details (Continued) Event Field Description Virtual Fabric ID The virtual fabric identifier. Message ID The message text. Recommended Action The recommended action. Contributors The contributor to this event. Time (Host) The time this event occurred and the host on which it occurred. 4. Click Close to close the Event Details dialog box. Copying part of the Master Log You can copy data from logs to other applications.
Exporting the Master Log 10 Exporting the Master Log You can export the Master Log to a tab delimited text file. Use this to analyze or store the data using another tool. To export the Master Log, complete the following steps. 1. Right-click an entry in the Master Log. 2. Select Table > Export Table. The Save table to a tab delimited file dialog box displays. 3. Browse to the location where you want to export the data. 4. Enter a name for the file in the File Name field. 5. Click Save.
10 Setting up advanced event filtering for the Master Log 2. Select from the following to include or exclude event types. • To include an event type in the filter, select the event from the Available Events table and click the right arrow. • To exclude an event type from the filter, select the event from the Selected Events table and click the left arrow. 3. Click OK. 4. Select one of the following to determine what view to filter events.
Setting up advanced event filtering for the Master Log b. 10 Select the event column for the event from the Event Column list. All event columns are listed in alphabetical order. c. Enter all or part of the event type value in the Value Contains text box. d. Click the right arrow button to move the event type to the Additional Filters - Include these Events table. To add additional filters, repeat steps a through d. NOTE You can configure a maximum of 10 filters to be included.
10 Removing an advanced event filter c. Click the right arrow button to move the event type to the Additional Filters - Filter out these Events table. NOTE You can configure a maximum of 10 filters to be excluded. 6. Click OK. The Define Filter dialog box displays. 7. Click OK to close Define Filter dialog box. Removing an advanced event filter To remove an advanced event filter, complete the following steps. 1. Click the Filter hyper link in the Master Log. The Define Filter dialog box displays. 2.
Event policies 10 Event policies You can create policies for events you want to monitor. A policy is the mechanism defined by you that identifies the response to specific event types. You can customize the event management policy using triggers and actions, which are explained in this section. You can create a maximum of 10 policies at a time.
10 Adding an event policy Policy triggers A trigger is a logical filter that determines which conditions will initiate a set of predefined actions. You can set multiple triggers. The Management application enables you to set the following triggers: • IP Address — Initiates the defined action when the IP address of a device is encountered. • Node WWN — Initiates the defined action when the Node WWN of a device is encountered.
Adding an Port offline policy 10 9. Enter all or part of the message ID associated with SNMP traps and Syslog messages in the Message ID field. If the entry matches or is part of the message ID, the policy is triggered. 10. Define the trigger in the IP Address, Node WWN, and Name list. The trigger is limited to 1024 characters. Multiple values must be separated by a semi-colon.
10 Adding a PM threshold crossed policy 6. Define the trigger in the IP Address, Node WWN, and Name list. The trigger is limited to 1024 characters. Multiple values must be separated by a semi-colon. When multiple values are entered, as long as at least one value matches the IP address, Node WWN, or Name in the event and all other conditions are met, an action is triggered. IP addresses can either be in IPv4 or IPv6 format and must be complete. A Node WWN is accepted with or without the colon. 7.
Adding a security violation policy 10 9. Select the duration type (Seconds or Minutes) from the Duration list. The maximum duration is 30 minutes. 10. Select the check box in the Actions list for each action you want to occur when this policy is triggered. For a list of the available actions, refer to “Policy actions” on page 258.
10 Defining the broadcast message action 11. Click OK on the Add Event Policy dialog box. 12. Select the Active check box for the policy you want to activate. 13. Click OK on the Event Policies dialog box. Defining the broadcast message action You can define the content of the broadcast message that occurs when a policy is triggered. You can only edit actions from the Add Event Policy, Duplicate Event Policy, or Edit Event Policy dialog boxes.
Defining the launch script action 10 Defining the launch script action NOTE Launch scripts with a user interface are not supported. You can define the path to the script that is launched when a policy is triggered. When the script launches, the Management application does not verify the existence of the script. The script must have the following characteristics: • It must reside on the Management application server.
10 Defining the send e-mail action Defining the send e-mail action You can define the content of the e-mail message that occurs when a policy is triggered. You can only edit actions from the Add Event Policy, Duplicate Event Policy, or Edit Event Policy dialog boxes.
Configuring support data capture action 10 Configuring support data capture action You can configure the Management application to start supportSave capture on Fabric OS devices when a policy is triggered. You can only edit actions from the Add Event Policy, Duplicate Event Policy, or Edit Event Policy dialog boxes.
10 Deleting a policy Deleting a policy 1. Select Monitor > Event Policies. The Event Policies dialog box displays. 2. Select the policy you want to delete. Press Ctrl and then click to select more than one policy. 3. Click Delete. 4. Click OK on the Event Policies dialog box. Duplicating an event policy To duplicate an event policy, complete the following steps. 1. Select Monitor > Event Policies. The Event Policies dialog box displays. 2. Select the policy you want to duplicate in the Policies table. 3.
Duplicating an Port offline policy 10 10. Edit the trigger in the IP Address, Node WWN, and Name list. The trigger is limited to 1024 characters. Multiple values must be separated by a semi-colon. When multiple values are entered, as long as at least one value matches the IP address, Node WWN, or Name in the event and all other conditions are met, an action is triggered. IP addresses can either be in IPv4 or IPv6 format and must be complete. A Node WWN is accepted with or without the colon. 11.
10 Duplicating a PM threshold crossed policy 8. Select the duration type (Seconds or Minutes) from the Duration list. The maximum duration is 30 minutes. 9. Select the check box in the Actions list for each action you want to occur when this policy is triggered. For a list of the available actions, refer to “Policy actions” on page 258.
Duplicating a security violation policy 10 11. Select the Active check box to activate the duplicated policy. 12. Click OK on the Event Policies dialog box. Duplicating a security violation policy To duplicate a security violation policy, complete the following steps. 1. Select Monitor > Event Policies. The Event Policies dialog box displays. 2. Select the policy you want to duplicate in the Policies table. 3. Click Duplicate. The Duplicate Event Policy dialog box displays. 4.
10 Editing an event policy Editing an event policy To edit an event policy, complete the following steps. 1. Select Monitor > Event Policies. The Event Policies dialog box displays. 2. Select the policy you want to edit in the Policies table. 3. Click Edit. The Edit Event Policy dialog box displays. NOTE You cannot edit the event policy name. 4. Edit the description (255 characters maximum) for the policy in the Description field. 5.
Editing an Port offline policy 10 Editing an Port offline policy To edit an Port offline policy, complete the following steps. 1. Select Monitor > Event Policies. The Event Policies dialog box displays. 2. Select the policy you want to edit in the Policies table. 3. Click Edit. The Edit Event Policy dialog box displays. 4. Edit the trigger in the IP Address, Node WWN, and Name list. The trigger is limited to 1024 characters. Multiple values must be separated by a semi-colon.
10 Editing a PM threshold crossed policy Editing a PM threshold crossed policy To edit a PM threshold crossed policy, complete the following steps. 1. Select Monitor > Event Policies. The Event Policies dialog box displays. 2. Select the policy you want to edit in the Policies table. 3. Click Edit. The Edit Event Policy dialog box displays. 4. Edit the trigger in the IP Address, Node WWN, and Name list. The trigger is limited to 1024 characters. Multiple values must be separated by a semi-colon.
Editing a security violation policy 10 Editing a security violation policy To edit a security violation policy, complete the following steps. 1. Select Monitor > Event Policies. The Event Policies dialog box displays. 2. Select the policy you want to edit in the Policies table. 3. Click Edit. The Edit Event Policy dialog box displays. 4. Define the trigger in the IP Address, Node WWN, and Name list. The trigger is limited to 1024 characters. Multiple values must be separated by a semi-colon.
10 Event notification Event notification The Management application records the SAN events in the Master Log. You can configure the application to send event notifications to e-mail addresses at certain time intervals. This is a convenient way to keep track of events that occur on the SAN. You can also configure products to “call home” for certain events, notifying the service center of product problems. For instructions about configuring call home for events, refer to “Call Home” on page 105.
Setting up advanced event filtering for a user 10 8. Enter the length of time the application should wait between notifications in the Summary Interval field and list. Notifications are combined into a single e-mail and sent at each interval setting. An interval setting of zero causes notifications to be sent immediately. ATTENTION Setting too short an interval can cause the recipient’s e-mail inbox to fill very quickly. 9.
10 Setting up advanced event filtering for a user 5. Click the Include Events tab. FIGURE 105 Advanced Event Filtering dialog box - Include Events tab a. Select the event type you want to include from the Event Type list. All event types are listed in alphabetical order. b. Select the event column for the event from the Event Column list. All event columns are listed in alphabetical order. c. Enter all or part of the event type value in the Value Contains text box. d.
Setting up advanced event filtering for a user 7. 10 Click the Exclude Events tab. FIGURE 106 Advanced Event Filtering dialog box - Include Events tab a. Select the event type you want to remove from the Event Type list. All event types are listed in alphabetical order. b. Enter all or part of the event type description text in the Description Contains text box (up to 40 characters).
10 SNMP trap and informs registration and forwarding SNMP trap and informs registration and forwarding You can configure the application to send SNMP traps and informs to other computers. To correctly configure trap forwarding, you must configure the target computer’s IP address and SNMP ports. To correctly configure informs, you must enable informs on the switch.
Removing a host server 10 5. Select a fabric from the Targeted Fabric list. 6. Select a severity (None, Critical, Error, Warning, Info, or Debug) from the Severity list. 7. Click OK on the SNMP Setup dialog box. Removing a host server You can remove any host server as the trap recipient on managed Fabric OS devices. To remove a host server, complete the following steps. 1. Select Monitor > SNMP Setup. The SNMP Setup dialog box displays. 2. Click the Other Recipients tab. 3.
10 Adding an SNMPv3 destination 4. Click Add. The Add/Edit Trap Recipient dialog box displays. a. (Optional) In the Description field, enter a description of the trap recipient. b. In the IP Address field, enter the trap recipient’s IP address. The Management application accepts IP addresses in IPv4 or IPv6 formats. c. Enter the trap recipient’s UDP port number, in the port field. d. Click OK on the Add/Edit Trap Recipient dialog box. 5. Click OK on the SNMP Setup dialog box.
Editing a destination 10 Editing a destination To edit a destination, complete the following steps. 1. Select Monitor > SNMP Setup. The SNMP Setup dialog box displays. 2. Click the Trap Forwarding tab. 3. Select the destination you want to edit in the Destinations table and click Edit. The Add/Edit Trap Recipient dialog box displays. a. (Optional) In the Description field, edit the description of the trap recipient. b. In the IP Address field, edit the trap recipient’s IP address.
10 Enabling SNMP informs Enabling SNMP informs NOTE SNMP Informs is only supported on Fabric OS 6.3 or later switches discovered through SNMP v3. For information about discovery through SNMP v3, refer to “Discovering fabrics” on page 36. You can enable SNMP informs on all Informs-capable Fabric OS switches. To enable Informs, complete the following steps. 1. Select Monitor > SNMP Setup. The SNMP Setup dialog box displays. 2. Click the Informs tab. 3. Select the Enable informs option. 4.
Syslog forwarding 10 Syslog forwarding NOTE Syslog messages are only available on Fabric OS devices and Brocade HBAs (managed using HCM Agent). Syslog forwarding is the process by which you can configure the Management application to send Syslog messages to other computers. Switches only send the Syslog information through port 514; therefore, if port 514 is being used by another application, you must configure the Management application to listen on a different port.
10 Registering a host server Registering a host server You can register any host server as the Syslog destination on managed Fabric OS devices. You can register different destinations for different fabrics. To register a host server, complete the following steps. 1. Select Monitor > Syslog Configuration. The Syslog Registration and Forwarding dialog box displays. 2. Click the Other Destination tab. 3. Select Add from the Action list. 4.
Editing a destination 10 Editing a destination To edit a destination, complete the following steps. 1. Select Monitor > Syslog Configuration. The Syslog Registration and Forwarding dialog box displays. 2. Click the Syslog Forwarding tab. 3. Select the destination you want to edit in the Destinations table and click Edit. The Add/Edit Syslog Recipient dialog box displays. a. (Optional) In the Description field, edit the description of the Syslog recipient. b.
10 Disabling Syslog forwarding Disabling Syslog forwarding You can disable Syslog forwarding on all defined destinations. To disable Syslog forwarding, complete the following steps. 1. Select Monitor > Syslog Configuration. The Syslog Registration and Forwarding dialog box displays. 2. Click the Syslog Forwarding tab. 3. Clear the Enable Syslog forwarding check box. 4. Click OK on the Syslog Registration and Forwarding dialog box.
Chapter 11 Performance Data In this chapter • Performance overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Real-time performance data. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Historical performance data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • End-to-end monitoring. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Top Talker monitoring . . . . . . . . . . .
11 Performance overview Performance measures Performance measures enable you to select one or more measures to define the graph or report. The measures available to you depend on the object type from which you want to gather performance data. • Tx % Utilization — available for FC, GE, Managed HBA ports, Managed CNA ports, 10GE ports, and FCIP tunnels. • Rx % Utilization — available for FC, GE, Managed HBA ports, Managed CNA ports, 10GE ports, and FCIP tunnels.
Performance management requirements 11 • Under Sized Frames — available for Managed HBA ports and Managed CNA ports. • Over Sized Frames — available for Managed HBA ports and Managed CNA ports. • Primitive Sequence Protocol Errors — available for Managed HBA ports and Managed CNA ports. • • • • Dropped Frames — available for Managed HBA ports and Managed CNA ports. Bad EOF Frames — available for Managed HBA ports and Managed CNA ports.
11 Performance management requirements Trap recipient: 10.191.12.240 Trap port: 162 Trap recipient Severity level: 4 Community 3: private (rw) Trap recipient: 10.103.5.105 Trap port: 162 Trap recipient Severity level: 4 Community 4: public (ro) Trap recipient: 192.168.102.41 Trap port: 162 Trap recipient Severity level: 4 Community 5: common (ro) Trap recipient: 10.32.150.
Performance management requirements Priv User Auth Priv User Auth Priv User Auth Priv User Auth Priv - 11 Protocol: noPriv 3 (rw): snmpadmin3 Protocol: noAuth Protocol: noPriv 4 (ro): snmpuser1 Protocol: noAuth Protocol: noPriv 5 (ro): snmpuser2 Protocol: noAuth Protocol: noPriv 6 (ro): admin Protocol: noAuth Protocol: noPriv To set the SNMP v3 credentials on the device, use the snmpconfig --set snmpv3 command.
11 Performance management requirements Trap Recipient's IP address : [0.0.0.0] Trap Recipient's IP address : [0.0.0.0] Trap Recipient's IP address : [0.0.0.0] - To check SNMP credentials in the Management application, complete the following steps. 1. Select Discover > Setup. The Discover Setup dialog box displays. 2. Select an IP address from the Available Addresses table. 3. Click Edit. The Address Properties dialog box displays. 4. Click the SNMP tab. 5. Select the v1 or v3 from the SNMP Version list.
Real-time performance data 11 HA-MIB (yes, y, no, n): [yes] FCIP-MIB (yes, y, no, n): [yes] ISCSI-MIB (yes, y, no, n): [yes] • To collect performance on a Virtual Fabric enabled device, use the admin> userconfig --show command to make sure the Fabric OS user has access to all the Virtual Fabrics. Make sure that the SNMPv3 user name is same as the Fabric OS user name. Otherwise, the data is not collected for virtual switches with a non-default VF ID.
11 Generating a real-time performance graph Generating a real-time performance graph You can monitor a device’s performance through a performance graph that displays transmit and receive data. The graphs can be sorted by the column headers. You can create multiple real-time performance graph instances. NOTE To make sure that statistic collection for a switch does not fail, you must configure SNMP credentials for the switch.
Filtering real-time performance data 11 Filtering real-time performance data To filter real-time performance data from the Real Time Performance Graphs dialog box, complete the following steps. 1. Open the Real Time Performance Graphs dialog box. For step-by-step instructions, refer to “Generating a real-time performance graph” on page 294. The Real Time Performance Graphs dialog box displays. FIGURE 108 Real Time Performance Graphs dialog box 2. Click Select to change the object type. 3.
11 Exporting real-time performance data 10. Select the granularity at which you want to gather performance data from the Granularity list. 11. Select the Interpolate check box to use interpolation to fill existing gaps, if necessary. 12. (Optional) Click Other Options and select the Use Same Y-axis check box to make the Y-axis range the same for object. The Use Same Y-axis check box is only available when you select Rx MB/sec and Tx MB/sec from the Measures list.
Historical performance data 11 Historical performance data Performance should be enabled constantly to receive the necessary historical data required for a meaningful report. The following options and features are available for obtaining historical performance data: • Collect historical performance data from the entire SAN or from a selected device. NOTE Virtual Fabric logical ISL ports are not included in performance collection. • Persist data on every polling cycle (5 minutes).
11 Disabling historical performance collection 2. Select the fabrics for which you want to collect historical performance data in the Available table. 3. Click the right arrow to move the selected fabrics to the Selected table. 4. Select the Include newly discovered fabrics check box to automatically add all newly discovered fabrics to the Selected table. 5. Click OK. Historical performance data collection is enabled for all selected fabrics.
Generating a historical performance graph 11 3. Select a default from the Favorites list or filter the historical data by completing the following steps. a. Select the number of results to display from the Display list. b. Select the ports from which you want to gather performance data from the From list. If you select Custom, refer to “Filtering data by ports” on page 299. c. Select the historical period for which you want to gather performance data from the For list.
11 Saving a historical performance graph configuration 2. Right-click a device in the Available table and select Expand All. 3. Select the ports (press Ctrl or Shift and then click to select multiple ports) from which you want to gather performance data from the Available table and click the right arrow button. The selected ports move to the Select Ports table. 4. Click OK. Filtering data by time To filter data for a historical performance graph by time, complete the following steps. 1.
Exporting historical performance data 11 9. Enter a reference line value percentage for Tx% or Rx % Utilization. This field is only enabled when Tx% or Rx % Utilization is selected from the Measures list. 10. Move the Row Height slider to the left to make the row height smaller or to the right to make it bigger. 11. Select the Display tabular data only check box to only show text with no graphs or icons. The Source and Destination icons and the Graph column do not display 12.
11 End-to-end monitoring 4. Click Delete. 5. Click Yes on the confirmation message. 6. Click the close button (X) to close the Historical Performance Graph dialog box. End-to-end monitoring NOTE End-to-end monitoring requires a Fabric OS device. Performance enables you to provision end-to-end monitors of selected target and initiator pairs. These monitors are persisted in the database and are enabled on one of the F_ports on the connected device (the Management application server determines the port).
Displaying end-to-end monitor pairs in a real-time graph 11 2. Select the fabric for which you want to configure end-to-end monitoring from the Fabric list. 3. Select an initiator port from the Select an initiator port table. 4. Select a target port from the Select a target port table. 5. Click the right arrow to move the selected initiator and target ports to the Monitored Pairs table.
11 Refreshing end-to-end monitor pairs Refreshing end-to-end monitor pairs The Management application enables you to rewrite the end-to-end monitors (deleted through CLI or an Element Manager) back to a device. To refresh all end-to-end monitor pairs, complete the following steps. 1. Select Monitor > Performance > End-to-End Monitors. The Set End-to-End Monitor dialog box displays. 2. Click Refresh.
Configuring a fabric mode Top Talker monitor 11 Configuring a fabric mode Top Talker monitor NOTE A fabric mode Top Talker and an end-to-end monitor cannot be configured on the same fabric. You must delete the end-to-end monitor before you configure the fabric mode Top Talker. NOTE A fabric mode Top Talker and an F_port mode Top Talker cannot be configured on the same fabric. You must delete the F_port mode Top Talker before you configure the fabric mode Top Talker.
11 Configuring a fabric mode Top Talker monitor FIGURE 115 Top Talkers dialog box 5. Select the number of Top Talkers (1 through 20) to display from the Display list. 6. Select how often you want the Top Talker to refresh (10, 20, 30, 40, or 50 seconds, or 1 minute) from the Refresh Interval list. 7. Click Apply. The top 20 conversations display in the Current Top Talkers table.
Configuring an F_port mode Top Talker monitor 11 Configuring an F_port mode Top Talker monitor NOTE An F_port mode Top Talker and an end-to-end monitor cannot be configured on the same F_port. You must delete the end-to-end monitor before you configure the F_port mode Top Talker. NOTE An F_port mode Top Talker and a fabric mode Top Talker cannot be configured on the same fabric. You must delete the fabric mode Top Talker before you configure the F_port mode Top Talker.
11 Deleting a Top Talker monitor Deleting a Top Talker monitor To delete a Top Talker monitor, complete the following steps. 1. Select the dialog box of the Top Talker monitor you want to delete. 2. Click Close. 3. Click Yes on the ‘do you want to delete this monitor’ message. Pausing a Top Talker monitor To pause a Top Talker monitor, complete the following steps. 1. Select the dialog box of the Top Talker monitor you want to pause. 2. Click Pause.
Thresholds and event notification 11 Thresholds and event notification Performance allows you to apply thresholds and event notification to real-time performance data. A performance monitor process (thread) monitors the performance data against the threshold setting for each port and issues an appropriate alert to notify you when the threshold is exceeded. For information about configuring event notification, refer to Event Notification.
11 Creating a threshold policy FIGURE 117 Set Threshold Policies dialog box 2. Click Add. The New Threshold Policy dialog box displays. FIGURE 118 New Threshold Policy dialog box 3. Enter a name for the policy (100 characters maximum) in the Name field. 4. Select a policy type from the Policy Type list. You can only define policies for E and F/FL ports. 5. Select a measure from the Measure list. You can only define policies for the Tx and Rx % Utilization measures.
Editing a threshold policy 7. 11 (Fabric OS only) Enter a percentage for the low boundary in the Low Boundary field. When the counter value goes below the low boundary an event is raised. 8. (Fabric OS only) Enter a percentage for the buffer in the Buffer Size field. Counters may fluctuate around the upper or lower boundary of a range threshold, and as a result cause numerous events in a short period of time.
11 Editing a threshold policy FIGURE 119 Edit Threshold Policy dialog box 4. Change the policy type from the Policy Type list. 5. Select a measure from the Measure list. You cannot add the same measure more than once. If you try to add another threshold with the same measure, the new values overwrite the older threshold values in the Selected Thresholds table. 6. Enter a percentage for the high boundary in the High Boundary field. 7.
Duplicating a threshold policy 11 13. Make the threshold changes by selecting one of the following options: • To only add new thresholds, select the Keep currently set thresholds and only add new thresholds check box. • To overwrite all existing thresholds on all fabrics and devices, select the Overwrite all thresholds currently set on all switches check box. 14. Click OK on the Confirm Threshold Changes dialog box.
11 Deleting a threshold policy 3. Select one or more fabrics or devices to which you want to assign the policy in the Available Threshold Policies table. If you choose to assign the policy to a fabric and a M-EOS logical switch is present in the fabric, the policy is not assigned to the M-EOS logical switch. You must directly assign a policy to a M-EOS physical chassis. When you directly assign a policy to a M-EOS physical chassis, the policy is assigned to all logical switches in the physical chassis.
Connection utilization 11 6. Make the threshold changes by selecting one of the following options: • To only add new thresholds, select the Keep currently set thresholds and only add new thresholds check box. • To overwrite all existing thresholds on all fabrics and devices, select the Overwrite all thresholds currently set on all switches check box. 7. Click OK on the Confirm Threshold Changes dialog box.
11 Enabling connection utilization Enabling connection utilization NOTE Fabrics where performance data collection is not enabled display connections as thin black lines. To display the connection utilization, complete the following steps. 1. Choose from one of the following options: • Select Monitor > Performance > View Utilization • Press CTRL + U. • Click the Utilization icon ( ). If you have already enabled historical data collection, the Utilization Legend displays in the main interface window.
Changing connection utilization 11 Changing connection utilization You can change the utilization percentages. To change the utilization percentages, complete the following steps. 1. Click the change link in the utilization legend. FIGURE 123 Utilization Legend in edit mode 2. Enter or select the end percentage you want for the blue line.
11 318 Changing connection utilization DCFM Enterprise User Manual 53-1001775-01
Chapter 12 Reports In this chapter • Report types. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Generating reports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Viewing reports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Exporting reports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Printing reports . . . .
12 Generating reports Generating reports To generate reports, complete the following steps. 1. Select Reports > Generate. The Generate Reports dialog box displays. 2. Select the types of reports you want to generate. • Fabric Ports • Fabric Summary 3. Select the fabrics for which you want to generate reports. 4. Click OK. The generated reports display in the View Reports dialog box. NOTE Hyperlinks in reports are active only as long as the source data is available. 5.
Exporting reports Icon 12 Description Actual Size—Click to display the report at its actual size. Fit to Page—Click to resize the report to display entirely in the view. Fit to Width—Click to resize the report to fit in the view by width. Zoom In—Click to zoom in on the report. Zoom Out—Click to zoom out on the report. 4. Click Show in Browser to view the selected report in your default browser window. 5. Click Close to close the View Reports dialog box. 6.
12 Printing reports Printing reports You can print reports through an internet browser. 1. Select Reports > View. The View Reports dialog box displays. 2. Select the report you want to print in the left pane of the dialog box. If you do not see the report you want to view, generate it first by following the instructions in “Generating reports” on page 320. NOTE Hyperlinks in reports are active only as long as the source data is available. 3. Click Show in Browser.
Generating performance reports 12 Generating performance reports To generate a historical performance report for a device, complete the following steps. 1. Select the device for which you want to generate a performance report. 2. Choose one of the following options: • Select Monitor > Performance > Historical Report. OR • Right-click the device and select Performance > Historical Report. The HIstorical Performance Table dialog box displays. 3.
12 Generating zoning reports g. Click Apply. The selected report automatically displays in the View Reports dialog box. NOTE Hyperlinks in reports are active only as long as the source data is available. To print the selected report, refer to “Printing reports” on page 322. To export the selected report, refer to “Exporting reports” on page 321. To delete the selected report, refer to “Deleting reports” on page 322. 4. Click the close button (X) to close the View Reports dialog box. 5.
Chapter 13 Port Fencing In this chapter • About port fencing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Thresholds . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Adding thresholds . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Removing thresholds. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
13 Thresholds Thresholds You can create thresholds, which you can then assign to available objects in the tree. Port Fencing threshold types include the following: • • • • • • • • C3 Discard Frames (Fabric OS only) Invalid CRCs (Fabric OS only) Invalid Words (Fabric OS only) Link (M-EOS only) Link Reset (Fabric OS only) Protocol Errors (M-EOS and Fabric OS) Security (M-EOS) State Change (Fabric OS only) NOTE You can create up to 16 thresholds for M-EOS devices.
Invalid CRCs threshold • • • • • • • • • • 13 8 Gbps 16-port Embedded Switch 8 Gbps 24-port Embedded Switch 24 - 8 Gbps FC Port, 8 - 10 Gbps CEE Port Switch 384-port Backbone Chassis 192-port Backbone Chassis 8 Gbps Encryption Switch Encryption Blade FC 8 GB 16-port Blade FC 8 GB 32-port Blade FC 8 GB 48-port Blade Invalid CRCs threshold NOTE This threshold is only available for Fabric OS devices.
13 State Change threshold Protocol error threshold Use Protocol Error thresholds to block a port when one of the following protocol errors meet the threshold: • ISL Bouncing–ISL has repeatedly become unavailable due to link down events. • ISL Segmentation (M-EOS only)–ISL has repeatedly become segmented. • ISL Protocol Mismatch–ISL has been repeatedly put into the Invalid Attachment state due to a protocol error.
Adding thresholds 13 Adding thresholds The Management application allows you to create Invalid CRCs, Invalid words, Link, Link Reset, Protocol Error, Security, and Sync Loss thresholds. Adding a C3 Discard Frames threshold NOTE This threshold is only available for Fabric OS devices running 6.3 or later. To add an C3 Discard Frames threshold, complete the following steps. 1. Select Configure > Port Fencing. The Port Fencing dialog box displays (Figure 124). FIGURE 124 Port Fencing dialog box 2.
13 Adding thresholds 4. Enter a name for the threshold in the Name field. 5. Select one of the following options: • Default—Uses device defaults. Go to step 8. • Custom—Uses your selections. Continue with step 6. 6. Enter the number of C3 discarded frames allowed for the threshold in the Threshold errors field. 7. Select the time period for the threshold from the errors per list.
Adding an Invalid CRCs threshold 13 Adding an Invalid CRCs threshold NOTE This threshold is only available for Fabric OS devices. To add an Invalid CRCs threshold, complete the following steps. 1. Select Configure > Port Fencing. The Port Fencing dialog box displays. 2. Select Invalid CRCs (Fabric OS only) from the Violation Type list. 3. Click Add. The Add Invalid CRCs Threshold dialog box displays. FIGURE 126 Add Invalid CRCs Threshold dialog box 4. Enter a name for the threshold in the Name field. 5.
13 Adding an Invalid Words threshold Adding an Invalid Words threshold NOTE This threshold is only available for Fabric OS devices. To add an Invalid Words threshold, complete the following steps. 1. Select Configure > Port Fencing. The Port Fencing dialog box displays. 2. Select Invalid Words (Fabric OS only) from the Violation Type list. 3. Click Add. The Add Invalid Words Threshold dialog box displays. FIGURE 127 Add Invalid Words Threshold dialog box 4.
Adding a Link threshold 13 Adding a Link threshold NOTE This threshold is only available for M-EOS devices. To add Link thresholds, complete the following steps. 1. Select Configure > Port Fencing. The Port Fencing dialog box displays. 2. Select Link from the Violation Type list. 3. Click Add. The Add Link Threshold dialog box displays (Figure 128). FIGURE 128 Add Link Threshold dialog box 4. Enter a name for the threshold in the Name field. 5.
13 Adding a Link Reset threshold Adding a Link Reset threshold NOTE This threshold is only available for Fabric OS devices. Use this threshold to block a port when a Link Reset violation meets the Fabric OS switch threshold. To add a Link Reset threshold, complete the following steps. 1. Select Configure > Port Fencing. The Port Fencing dialog box displays. 2. Select Link Reset (Fabric OS only) from the Violation Type list. 3. Click Add. The Add Link Reset Threshold dialog box displays.
Adding a Protocol Error threshold 13 8. Click OK to add the Link Resets threshold to the table and close the Add Link Reset Threshold dialog box. To assign this threshold to fabrics, switches, or switch ports, refer to “Assigning thresholds” on page 339. 9. Click OK on the Port Fencing dialog box. Adding a Protocol Error threshold To add a Protocol Error threshold, complete the following steps. 1. Select Configure > Port Fencing. The Port Fencing dialog box displays. 2.
13 Adding a State Change threshold c. Select the time period for the threshold from the errors per list. The following choices are available: • None—the port is blocked as soon as the specified number of protocol errors allowed is met. • Second—the port is blocked as soon as the specified number of protocol errors allowed is reached within a second. • Minute—the port is blocked as soon as the specified number of protocol errors allowed is reached within a minute.
Adding a State Change threshold 13 2. Select State Change (Fabric OS only) from the Violation Type list. 3. Click Add. The Add State Change Threshold dialog box displays. 4. Enter a name for the threshold in the Name field. 5. Select one of the following options: • Default—Uses device defaults. Go to step 8. • Custom—Uses your selections. Continue with step 6. 6. Enter the number of state changes allowed for the threshold in the Threshold errors field. 7.
13 Adding a Security threshold Adding a Security threshold NOTE This threshold is only available for M-EOS devices. To add a Security threshold, complete the following steps. 1. Select Configure > Port Fencing. The Port Fencing dialog box displays. 2. Select Security from the Violation Type list. 3. Click Add. The Add Security Threshold dialog box displays (Figure 126). FIGURE 132 Add Security Threshold dialog box 4. Enter a name for the threshold in the Name field. 5.
Assigning thresholds 13 Assigning thresholds You can assign thresholds to any active object in the Ports table. You can only assign one threshold to an object at a time. If you assign a threshold to a switch, director, or fabric object, or to the All Fabrics object, the threshold is assigned to all subordinate objects (which do not have a directly assigned threshold) in the tree.
13 Avoiding port fencing inheritance Avoiding port fencing inheritance When you directly assign a threshold to an object, the threshold is inherited by all subordinate objects in the tree (unless they already have directly assigned thresholds). You cannot remove an inherited threshold from a subordinate object. However, the Management application allows you to effectively avoid inheritance for individual subordinate objects while maintaining inheritance for other subordinate objects.
Editing an Invalid CRCs threshold 13 FIGURE 133 Edit C3 Discard Frames Threshold dialog box 4. Change the name for the threshold in the Name field, if necessary. 5. Select one of the following options: • Default—Uses device defaults. Go to step 8. • Custom—Uses your selections. Continue with step 6. 6. Change the number of discarded frames allowed for the threshold in the Threshold field, if necessary. 7. Change the time period for the threshold from the errors per list, if necessary. 8.
13 Editing an Invalid Words threshold 4. Change the name for the threshold in the Name field, if necessary. 5. Select one of the following options: • Default—Uses device defaults. Go to step 8. • Custom—Uses your selections. Continue with step 6. 6. Change the number of port events allowed for the threshold in the Threshold field, if necessary. 7. Change the time period for the threshold from the errors per list, if necessary. 8. Click OK on the Edit Invalid CRCs Threshold dialog box.
Editing a Link threshold 13 8. Click OK on the Edit Invalid Words Threshold dialog box. If the threshold has already been assigned to ports, an “Are you sure you want to make the requested changes to this threshold on “X” ports?” message displays. Click OK to close. To assign this threshold to fabrics, switches, or switch ports, refer to “Assigning thresholds” on page 339. 9. Click OK on the Port Fencing dialog box. Editing a Link threshold NOTE This threshold is only available for M-EOS devices.
13 Editing a Link Reset threshold Editing a Link Reset threshold NOTE This threshold is only available for Fabric OS devices. To edit a Link Reset threshold, complete the following steps. 1. Select Configure > Port Fencing. The Port Fencing dialog box displays. 2. Select Link Reset (Fabric OS only) from the Violation Type list. 3. Select the threshold you want to change and click Edit. The Edit Link Reset Threshold dialog box displays. FIGURE 137 Edit Link Reset Threshold dialog box 4.
Editing a Protocol Error threshold 13 Editing a Protocol Error threshold To edit a Protocol Error threshold, complete the following steps. 1. Select Configure > Port Fencing. The Port Fencing dialog box displays. 2. Select Protocol Error from the Violation Type list. 3. Select the threshold you want to change and click Edit. The Edit Protocol Error Threshold dialog box displays. FIGURE 138 Edit Protocol Error Threshold dialog box 4. Change the name for the threshold in the Name field, if necessary. 5.
13 Editing a State Change threshold Editing a State Change threshold NOTE This threshold is only available for Fabric OS devices running 6.3 or later. To edit an State Change threshold, complete the following steps. 1. Select Configure > Port Fencing. The Port Fencing dialog box displays (Figure 124). FIGURE 139 Port Fencing dialog box 2. Select State Change (Fabric OS only) from the Violation Type list. 3. Select the threshold you want to change and click Edit.
Editing a Security threshold 13 6. Edit the number of state changes allowed for the threshold in the Threshold errors field, if necessary. 7. Change the time period for the threshold from the errors per list, if necessary. The following choices are available: • None—the port is blocked as soon as the specified number of invalid CRCs allowed is met. • Second—the port is blocked as soon as the specified number of invalid CRCs allowed is reached within a second.
13 Finding assigned thresholds 5. Change the number of port events allowed for the threshold from the Threshold errors list, if necessary. 6. Change the time period for the threshold from the violations per list, if necessary. 7. Click OK on the Edit Security Threshold dialog box. If the threshold has already been assigned to ports, an “Are you sure you want to make the requested changes to this threshold on “X” ports?” message displays. Click OK to close.
Viewing all thresholds on a specific device 13 Viewing all thresholds on a specific device To view all thresholds assigned to a specific switch, complete the following steps. 1. Select Configure > Port Fencing. The Port Fencing dialog box displays. 2. Right-click anywhere in the Ports table and select Expand. 3. Right-click the device for which you want to view threshold information and select Switch Thresholds.
13 Removing thresholds from the thresholds table A directly assigned icon ( ) displays next to each object with an assigned threshold which does not inherit a threshold from higher in the tree. NOTE If you remove a threshold from All Fabrics, it removes the threshold from individual Fabrics, switches, and switch ports in all Fabrics except for a Chassis group. You must remove repeat the procedure for the Chassis group. 5. Click OK on the Port Fencing dialog box.
Chapter Role-Based Access Control 14 In this chapter • Users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 351 • Roles. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 355 • Resource groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 358 Users The Management application enables you to create users, roles, and resource groups.
14 Adding a user account Adding a user account NOTE You must have the User Management privilege to perform this task. To add a user, complete the following steps. 1. Select Server > Users. The Server Users dialog box displays. 2. Click Add. The New User dialog box displays (Figure 143). FIGURE 143 New User dialog box 3. Type the description of the user in the Description field. 4. Type a unique user name (127-character limit) for the user in the User ID field. 5.
Editing a user account 14 Editing a user account NOTE You must have the User Management privilege to perform this task. To edit a user, complete the following steps. 1. Select Server > Users. The Server Users dialog box displays. 2. Select the user whose information you want to edit in the Users table. 3. Click Edit. The Edit User dialog box displays. 4. Edit the information as necessary. 5. Click OK to save your changes and close the Edit User dialog box. 6. Click OK on the message.
14 Removing a user account FIGURE 144 Define Filter dialog box 4. Move events between the tables by selecting the event and clicking the appropriate arrow. 5. Set up advanced event filtering by clicking Advanced Filtering. For more information about advanced event filtering, refer to “Setting up advanced event filtering for a user” on page 275. 6. Click OK. The Server Users dialog box displays. 7.
Roles 14 4. Click OK on the confirmation message. The selected user is removed from the Server Users dialog box. 5. Click OK to close the Server Users dialog box. Roles The Management application enables you to set privileges for individual users, which enhances the security of your SAN. Creating a user role NOTE You must have the User Management privilege to perform this task.
14 Editing a user role 3. Enter a name for the role in the Name field. 4. (Optional) Enter a description for the role in the Description field. 5. Add Read and Write access by completing the following steps. a. In the Available Privileges list, select features to which you want to allow read and write access. Press CTRL and click to select multiple features. b. Click the right arrow next to the Read & Write Privileges list. The features are moved to the Read & Write Privileges list. 6.
Removing a user role 14 5. Remove Read and Write access by completing the following steps. a. In the Read & Write Privileges list, on the left, select features to which you want to remove read and write access. Press CTRL and click to select multiple features. b. Click the left arrow next to the Available Privileges list. The features are moved to the Available Privileges list. 6. Add Read Only access by completing the following steps. a.
14 Resource groups 5. Click OK on the “role removed” message. 6. Click OK to close the Server Users dialog box. Resource groups The Management application enables you to create resource groups and assign users to the selected role within that group. This enables you to configure user access by both role and fabric when you assign users to a role within the resource group. Creating a resource group NOTE You must have the User Management privilege to perform this task.
Editing a resource group 14 5. Click the Hosts tab and complete the following steps to add hosts to the resource group. FIGURE 147 Add/Edit Resource Group dialog box - Hosts tab a. Select the hosts you want to include in this group in the Available Hosts table. b. Click the right arrow button. The selected fabrics are moved to the Selected Fabrics and Hosts table. 6. Click OK to save the new resource group and close the Add/Edit Resource Group dialog box.
14 Removing a resource group 5. Remove fabrics from the resource group by completing the following steps. a. Click the Fabrics tab. a. In the Selected Fabrics and Hosts table, select the fabrics you want to remove from this group. b. Click the left arrow button. The selected fabrics are moved to the Available Fabrics table. 6. Add hosts to the resource group by completing the following steps. a. Click the Hosts tab. a.
Assigning a user to a resource group 14 4. Click Yes on the message. A message box displays indicating the group was removed successfully. 5. Click OK on the message. The Server Users dialog box displays and the resource group no longer displays in the Resource Groups list. 6. Click OK to close the Server Users dialog box. Assigning a user to a resource group NOTE You must have the User Management privilege to perform this task.
14 Removing a user from a resource group Removing a user from a resource group NOTE You must have the User Management privilege to perform this task. NOTE You cannot remove the default resource group 'All Fabrics'. You can remove users from a resource group to take away permissions for features and topology views. NOTE If users are logged in when you reassign their group, they are immediately logged out. To remove a user from a resource group, complete the following steps. 1. Select Server > Users.
Chapter 15 Host management In this chapter • About host management. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • HCM software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Host discovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Connectivity map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • View management. . . . . .
15 HCM software HCM software The Host Connectivity Manager (HCM) is a management software application for configuring, monitoring, and troubleshooting Brocade host bus adapters (HBAs), converged network adapters (CNAs), and FC mezzanine cards in a storage area network (SAN) environment. HCM features Common HBA and CNA management software features include the following: • Discovery using the agent software running on the servers attached to the SAN, which enables you to contact the devices in your SAN.
HCM features 15 Host bus adapters Brocade offers five models of Fibre Channel Host Bus Adapters (HBAs). These models provide reliable, high-performance host connectivity for mission-critical SAN environments. The Brocade HBAs are listed in Table 18. TABLE 18 Brocade Fibre Channel HBA models Model Number Description Brocade 804 Dual-port mezzanine HBA with a per-port maximum of 8 Gbps. This HBA installs in server blades that install in supported blade system enclosures.
15 Converged network adapters Converged network adapters Table 19 describes available Brocade Converged Network Adapters (CNAs) for PCIe x 8 host bus interfaces, hereafter referred to as Brocade CNAs. These adapters provide reliable, high-performance host connectivity for mission-critical SAN environments.
Host discovery 15 Host discovery The Management application enables you to discover individual hosts, import a group of hosts from a CSV file, or import host names from discovered fabrics. The maximum number of host discovery requests that can be accepted is 1000. Host discovery requires HCM Agent 2.0 or later. SMI and WMI discovery are not supported. NOTE Pure Fabric discovery alone shows adapters behind Access Gateway and all adapter ports as virtual.
15 View management View management You can customize the topology by creating views at the managed host level in addition to the fabric level views. If you discover or import a Fabric with more than approximately 2000 devices, the devices display on the Product List, but not on the Connectivity Map. Instead, the topology area shows a message stating that the topology cannot be displayed. To resolve this issue, create a new view to filter the number of devices being discovered.
Role-based access control 15 Role-based access control The Management application enables you to create resource groups and assign users to the selected role within that group. This enables you to assign users to a role within the resource group. The Management application provides one pre-configured resource group (All Fabrics). When you create a resource group, all available roles are automatically assigned to the resource group.
15 Host performance management Host performance management Real-time performance enables you to collect data from managed HBA and CNA ports. You can use real-time performance to configure the following options: • Select the polling rate from 20 seconds up to 1 minute. • Select up to 32 ports total from a maximum of 10 devices for graphing performance. • Choose to display the same Y-axis range for both the Tx MB/Sec and Rx MB/Sec measure types for easier comparison of graphs.
Host fault management TABLE 20 15 Counters (Continued) FC port measures HBA port measures CNA port measures Received length error frames Received code error frames Instructions for generating real-time performance data are detailed in “Generating a real-time performance graph” on page 294. Host fault management Fault management enables you to monitor your SAN using the following methods: • Monitor logs for specified conditions and notify you or run a script when the specified condition is met.
15 Filtering event notifications Filtering event notifications The application provides notification of many different types of SAN events. If a user wants to receive notification of certain events, you can filter the events specifically for that user. NOTE The e-mail filter in the Management application is overridden by the firmware e-mail filter.
Host security authentication 15 Host security authentication Fibre Channel Security Protocol (FC-SP) is a mechanism used to secure communication between two switches or between a switch and a device such as an HBA port. You can use either the Management application or the HCM GUI to display the authentication settings and status.
15 supportSave on adapters 3. Configure the following parameters on the FCSP Authentication dialog box: a. Select the Enable Authentication check box to enable or disable the authentication policy. If authentication is enabled, the port attempts to negotiate with the switch. If the switch does not participate in the authentication process, the port skips the authentication process. The Hash type list shows the following options, but only one option, DHNULL, is supported.
Chapter 16 Fibre Channel over IP In this chapter • FCIP services licensing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • FCIP Concepts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • IP network considerations. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • FCIP platforms and supported features. . . . . . . . . . . . . . . . . . . . . . . . . . . . • FCIP trunking . . . . . . . . . . . .
16 FCIP services licensing FCIP services licensing Most of the FCIP extension services described in this chapter require the High Performance Extension over FCIP/FC license. FICON emulation features require additional licenses. Use the licenseShow command to verify the needed licenses are present on the hardware used on both ends the FCIP tunnel. FCIP Concepts Fibre Channel over IP (FCIP) is a tunneling protocol that enables you to connect Fibre Channel SANs over IP-based networks.
FCIP platforms and supported features 16 FCIP platforms and supported features There are five Fabric OS platforms that support FCIP: • The 8 Gbps 16-FC ports, 6-Gbps ports extension switch. • The 8 Gbps 12-FC port, 10 GbE ports, 2-10 GbE ports blade (384-port Backbone Chassis, 192-port Backbone Chassis). • The 4 Gbps Extension Switch. • The 4 Gbps Router, Extension switch. • The 4 Gbps Router, Extension blade (384-port Backbone Chassis, 192-port Backbone Chassis, Director Chassis).
16 FCIP platforms and supported features The way FCIP tunnels and virtual ports map to the physical GbE ports depends on the switch or blade model. The 8 Gbps 16-FC ports, 6-Gbps ports extension switch and 8 Gbps 12-FC port, 10 GbE ports, 2-10 GbE ports blade tunnels are not tied to a specific GbE port, and may be assigned to any virtual port within the allowed range.
FCIP trunking 16 FCIP trunking FCIP Trunking is a method for managing the use of WAN bandwidth and providing redundant paths over the WAN to protect against transmission loss. This feature is available only on the 8 Gbps extension switches and 8 Gbps extension blades. Trunking is enabled by creating logical circuits within an FCIP tunnel. A tunnel may have multiple circuits.
16 FCIP Trunk configuration considerations FCIP Trunk configuration considerations There are several points to consider when configuring an FCIP trunk: • Each FCIP circuit is assigned a pair of IP addresses, one source IP address, and one destination IP address. • The source IP address is used to determine which GbE interface to use. The GbE IP address must be on the same IP subnet as the source IP address. IP subnets cannot span across the GbE interfaces.
Bandwidth calculation during failover 16 In Figure 151, circuit 1 is assigned a metric of 0, and circuit 2 is assigned a metric of 1. In this case, circuit 2 is a standby that is not used unless there are no lowest metric circuits available.
16 Adaptive Rate Limiting Adaptive Rate Limiting Adaptive Rate Limiting (ARL) is performed on FCIP tunnel connections to change the rate in which the FCIP tunnel transmits data through the TCP connections. This feature is available only on the 8 Gbps extension switches and 8 Gbps extension blades. ARL uses information from the TCP connections to determine and adjust the rate limit for the FCIP tunnel dynamically.
QoS SID/DID priorities over an FCIP trunk 16 QoS SID/DID priorities over an FCIP trunk QoS SID/DID traffic prioritization is a capability of Brocade Fabric OS Adaptive Networking licensed feature. This feature allows you to prioritize FC traffic flows between hosts and targets. Four internal TCP connections provide internal circuits for managing QoS SID/DID priorities over an FCIP tunnel, as illustrated in Figure 152.
16 IPsec and IKE implementation over FCIP IPsec and IKE implementation over FCIP Internet Protocol security (IPsec) uses cryptographic security to ensure private, secure communications over Internet Protocol networks. IPsec supports network-level data integrity, data confidentiality, data origin authentication, and replay protection.
IPSec for the 8 Gbps platforms 16 The following limitations apply to using IPsec: • • • • • • • IPsec is not supported on 10GbE ports. IPsec-specific statistics are not supported. To change the configuration of a secure tunnel, you must delete the tunnel and recreate it. There is no RAS message support for IPsec. IPsec can only be configured on IPv4 based tunnels. Secure Tunnels cannot be defined with VLAN Tagged connections.
16 QOS, DSCP, and VLANs QOS, DSCP, and VLANs Quality of Service (QoS) refers to policies for handling differences in data traffic. These policies are based on data characteristics and delivery requirements. For example, ordinary data traffic is tolerant of delays and dropped packets, but voice and video data are not. QoS policies provide a framework for accommodating these differences in data as it passes through a network. QoS for Fibre Channel traffic is provided through internal QoS priorities.
When both DSCP and L2CoS are used 16 When both DSCP and L2CoS are used If an FCIP tunnel or circuit is VLAN tagged, both DSCP and L2CoS are relevant, unless the VLAN is end-to-end, with no intermediate hops in the IP network. The following table shows the default mapping of DSCP priorities to L2Cos priorities. This may be helpful when consulting with the WAN administrator. These values may be modified per FCIP tunnel.
16 Open systems tape pipelining Open systems tape pipelining Open Systems Tape Pipelining (OSTP) can be used to enhance open systems SCSI tape write I/O performance. To implement OSTP over FCIP, you must enable the following two features: • FCIP Fastwrite and Tape Acceleration. • FC Fastwrite. FCIP Fastwrite and Tape Acceleration When the FCIP link is the slowest part of the network, consider using FCIP Fastwrite and Tape Read and Write Pipelining.
FICON emulation features 16 FICON emulation features FICON emulation supports FICON traffic over IP WANs using FCIP as the underlying protocol. FICON emulation features support performance enhancements for specific applications. If you are using FCIP for distance extension in a FICON environment, evaluate the need for these features before you run the FCIP configuration wizard. FICON emulation may be configured by selecting Advanced Settings on the Add Tunnel or Edit Tunnel dialogs.
16 FCIP configuration guidelines FCIP configuration guidelines FCIP configuration always involves two or more extension switches. The following should take place first before you configure a working FCIP connection from the Management application: • • • • • The WAN link should be provisioned and tested for integrity. Cabling within the data center should be completed. Equipment should be physically installed and powered on.
Configuring an FCIP tunnel 16 Configuring an FCIP tunnel When you configure an FCIP extension connection, you create FCIP tunnels and FCIP circuits, between two extension switches. 1. Select Configure > FCIP Tunnels. The FCIP Tunnels dialog box is displayed (Figure 153). All discovered fabrics with extension switches are listed under devices. FIGURE 153 FCIP Tunnels dialog box 2. Select the switch you want to configure under Devices.
16 Configuring an FCIP tunnel 3. Click the Add Tunnel button, or right-click on the switch and select Add Tunnel. The Add FCIP Tunnel dialog is displayed (Figure 154). The name of the switch you selected is displayed in the Switch field under Switch One Settings. This dialog allows you to configure settings for both switches on either end of the tunnel. FIGURE 154 Add FCIP Tunnel dialog box 4.
Adding an FCIP circuit 16 Adding an FCIP circuit When adding a new FCIP tunnel, you can add an FCIP circuit by selecting the Add Circuit button on the Add FCIP Tunnel dialog box. Additional FCIP circuits can be added to existing FCIP tunnels by clicking Add Circuit from the Circuit tab, or by right-clicking on an existing tunnel and selecting Add Circuit. FIGURE 155 Add FCIP Circuit dialog box 1. Select the GiGE Port used for the Ethernet connection on each switch.
16 Adding an FCIP circuit 4. For IPv4 addresses, specify the Subnet Mask. For IPv6 addresses, specify the prefix length. The default is created from the IP address and Subnet Mask. If you want to create a route through a gateway router, click Create Non-Default Route, and select a Gateway address. 5. Enter the MTU Size. For SAN traffic, the largest possible MTU (Maximum Transmission Unit) size is generally the most efficient.
Adding an FCIP circuit 16 FIGURE 156 FCIP Circuit Advanced Settings - Select the Selective Ack Off check box to disable or enable selective acknowledgement. Selective acknowledgement allows a receiver to acknowledge multiple lost packets with a single ACK response. This results in better performance and faster recovery time. Normally, selective acknowledgement should not be disabled. Do not disable selective acknowledgement unless you have a specific need to do so in your operating environment.
16 Configuring FCIP tunnel advanced settings Configuring FCIP tunnel advanced settings Compression, FCIP fast write and tape pipelining, IPSec and IKE policies, and FICON emulation features are configured as advanced settings. 1. Click Advanced Settings on the Add FCIP Tunnel dialog box. The Advanced Settings dialog box is displayed. This dialog box has a Transmission tab, Security tab, and FICON Emulation tab. 2.
Enabling Open Systems Tape Pipelining (OSTP) 16 2. Select the desired compression mode. A Hardware compression option is available on all platforms. The 8 Gbps 16-FC ports, 6-Gbps ports extension switch and the 8 Gbps 12-FC port, 10 GbE ports, 2-10 GbE ports Extension blade provide two additional, more aggressive options for compression. The Software Moderate option enables a combination of hardware and software compression that provides more compression that hardware compression alone.
16 Configuring IPSec and IKE policies Configuring IPSec and IKE policies IPSec and IKE policies are configured from the Security tab. The screens and procedures are platform-dependent. Figure 158 shows the screen for the 4 Gbps Router, Extension Switch. Figure 158 shows the screen for the 8 Gbps 16-FC ports, 6-Gbit ports Extension Switch and 8 Gbps 12-FC port, 10 GbE ports, 2-10 GbE ports Extension blade. 1. Optionally, ensure that the peer switches on either end of the connection have known WWNs.
Configuring FICON emulation 16 FIGURE 159 Advanced Settings Security Tab for the 8 Gbps extension switch and blade NOTE IPSec settings cannot be edited. If you want to change settings, you will need to delete the tunnel and then create a new tunnel with the new settings. Configuring FICON emulation FICON emulation and acceleration features and operating parameters are configured from the FICON Emulation tab (Figure 160).
16 Configuring FICON emulation 1. Select the check boxes for the FICON emulation features you want to implement. NOTE The primary FICON emulation features are XRC emulation, tape write pipelining, and tape read pipelining. TIN/TUR emulation and device level ACK emulation provide support for the three primary features. If you select any of the primary features, you must also select TIN/TUR emulation and device level ACK emulation. 2. Select the operational parameters for FICON emulation.
Viewing FCIP connection properties 16 Viewing FCIP connection properties The FCIP connection properties show properties of the blades or switches on both sides of a connection. To view FCIP connection properties, right-click the connection between two extension blades or switches (Figure 161).
16 Viewing General FCIP properties Viewing General FCIP properties Take the following steps to view general FCIP properties. 1. Select an extension blade or switch from the Fabric Tree structure, or right-click an extension blade or switch on the Connectivity Map, and select Properties. 2. Select the Properties tab (Figure 162).
Viewing FCIP FC port properties 16 Viewing FCIP FC port properties Take the following steps to view FCIP FC port properties. 1. Select an extension blade or switch from the Fabric Tree structure, or right-click an extension blade or switch on the Connectivity Map, and select Properties. 2. Select the FC Ports tab (Figure 163).
16 Viewing FCIP Ethernet port properties Viewing FCIP Ethernet port properties Take the following steps to view Ethernet port properties. 1. Select an extension blade or switch from the Fabric Tree structure, or right-click an extension blade or switch on the Connectivity Map, and select Properties. 2. Select the GigE Ports tab (Figure 164).
Editing FCIP tunnels 16 Editing FCIP tunnels NOTE You cannot edit an active tunnel; disable the tunnel before making changes. 1. From the FCIP Tunnels dialog box, select the tunnel you want to edit. 2. Select Edit Tunnel. The Edit FCIP Tunnel dialog box displays (Figure 165). FIGURE 165 Edit FCIP Tunnel dialog box 3. Fields and parameters are as described in “Configuring an FCIP tunnel”. You can edit all editable fields and parameters.
16 Editing FCIP circuits Editing FCIP circuits FCIP circuit settings may be edited from the Edit FCIP Circuit dialog box. The procedure for launching this dialog box for the 4 Gbps Router, Extension Switch and Blade is different than the procedure for the 8 Gbps 16-FC ports, 6-Gbit ports Extension Switch and the 8 Gbps 12-FC port, 10 GbE ports, 2-10 GbE ports Extension blade. The 4 Gbps Router, Extension Switch and Blade have only one circuit per tunnel, and the circuit is edited as part of the tunnel.
Disabling FCIP tunnels 16 FIGURE 166 Edit FCIP Circuits dialog box 5. Fields and parameters are as described in “Adding an FCIP circuit”. You can edit all editable fields and parameters. Disabling FCIP tunnels 1. From the FCIP Tunnels dialog box, select the tunnel you want to disable. 2. Select Disable Tunnel. A confirmation dialog box displays, warning you that when you delete a tunnel, you delete all associated FCIP circuits. 3. Click OK to disable the tunnel. Enabling FCIP tunnels 1.
16 Deleting FCIP tunnels Deleting FCIP tunnels 1. From the FCIP Tunnels dialog box, right-click the tunnel you want to delete. 2. Select the Delete Tunnel button. A confirmation dialog box displays, warning you of the consequences of deleting a tunnel. 3. Click OK to delete the tunnel. Disabling FCIP circuits 1. From the FCIP Tunnels dialog box, right-click the tunnel that contains the circuit. 2. Select the Circuit tab. 3. Select the circuit from the circuit properties table. 4. Select Disable Circuit.
Displaying FCIP performance graphs 16 Displaying FCIP performance graphs You can display performance graphs by clicking the Performance button on the FCIP Tunnels dialog box. You can also display performance graphs from Properties, as described in the following sections. Displaying performance graphs for FC ports 1. Select an extension blade or switch from the Fabric Tree structure, or right-click an extension blade or switch on the Connectivity Map, and select Properties. 2. Select the FC Ports tab. 3.
16 Displaying tunnel properties from the FCIP tunnels dialog box Displaying tunnel properties from the FCIP tunnels dialog box Tunnel properties can be displayed from the FCIP Tunnels dialog box. 1. Select a tunnel from the FCIP tunnels dialog box. 2. Select the Tunnel tab. Tunnel properties are displayed (Figure 167).
Displaying FCIP circuit properties from the FCIP tunnels dialog box 16 Displaying FCIP circuit properties from the FCIP tunnels dialog box Tunnel properties can be displayed from the FCIP Tunnels dialog box using the following procedure. 1. Select a tunnel from the FCIP tunnels dialog box. 2. Select the Circuit tab. Circuit properties are displayed (Figure 168).
16 Displaying switch properties from the FCIP Tunnels dialog box Displaying switch properties from the FCIP Tunnels dialog box Switch properties are displayed on the FCIP Tunnels dialog box when you select a switch (Figure 169).
Displaying fabric properties from the FCIP Tunnels dialog box 16 Displaying fabric properties from the FCIP Tunnels dialog box Fabric properties are displayed on the FCIP Tunnels dialog box when you select a fabric. (Figure 170).
16 Troubleshooting FCIP Ethernet connections Troubleshooting FCIP Ethernet connections 1. Select an extension blade or switch from the Fabric Tree structure, or right-click an extension blade or switch on the Connectivity Map, and select Properties. 2. Select the GigE Ports tab. 3. Select the Ethernet port. 4. Click Troubleshooting. The following options are presented: 414 - IP Ping—Tests connections between a local Ethernet port (ge0 or ge1) and a destination IP address.
Chapter 17 Fibre Channel over Ethernet In this chapter • FCoE overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • QoS configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • LLDP-DCBX configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Access Control List configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
17 Enhanced Ethernet features Enhanced Ethernet features Converged Enhanced Ethernet (CEE) is a set of IEEE 802 standard Ethernet enhancements that enable Fibre Channel convergence with Ethernet. The two basic requirements in a lossless Ethernet environment are Enhanced Transmission Selection (ETS) and priority-based flow control. These capabilities allow the Fibre Channel frames to run directly over 10 Gbps Ethernet segments without adversely affecting performance.
FCoE protocols supported 17 FCoE protocols supported The Brocade FCoE converged network adapter supports two layers of protocols: Ethernet link layer and FCoE layer. They are listed in the following sections. Ethernet link layer protocols supported The following protocols support the Ethernet link layer. • • • • • • • • • • • • • 802.1q (VLAN) 802.1Qaz (enhanced transmission selection) 802.1Qbb (priority flow control) 802.3ad (link aggregation) 802.3ae (10 Gb Ethernet) 802.
17 FCoE Licensing FCoE Licensing The FCoE license enables Fibre Channel over Ethernet (FCoE) functionality on the Brocade 8000. Without the FCoE license, the Brocade 8000 is a pure L2 Ethernet switch and will not allow FCoE bridging capabilities. With the FCoE license, the FCoE Configuration dialog displays virtual FCoE port information and enables you to manage the virtual port information.
CEE configuration 17 2. Highlight a discovered CEE switch from the Available Switches table, and click the right arrow button to move the switch to the Selected Switches Table. 3. Highlight the selected switch and click OK to start the configuration. The running configuration is saved to the selected switch, effective on the next system startup.
17 Opening the CEE Configuration dialog box Opening the CEE Configuration dialog box 1. Launch the CEE Configuration dialog box using one of the following methods: • Select Configure > Switch > CEE from the menu bar. • Right-click the CEE switch from the device tree, and select Configure > CEE. • Right-click the CEE switch from the topology map and select Configure > CEE. The CEE Configuration dialog box displays, showing the status of all CEE-related hardware and functions.
CEE configuration tasks 17 CEE configuration tasks The CEE Configuration dialog box enables you to perform the following tasks: • Edit CEE ports for a selected switch. You can also add a link aggregation group (LAG) if a single switch is selected. • Edit a switch or port and configure the following CEE policies: NOTE Access Control List and Spanning Tree Protocol can also be set at the LAG level. • • • • • QoS LLDP-DCBX Access Control List Spanning Tree Protocol 802.
17 Minimum CEE configuration for FCoE traffic Minimum CEE configuration for FCoE traffic You must complete the following procedures to create the basic configuration of CEE for FCoE traffic. NOTE The first two procedures in this section can be completed as a single procedure. They were broken into two separate procedures for clarity. Creating a CEE map to carry the LAN and SAN traffic To create a CEE map to carry the LAN and SAN traffic, complete the following steps. 1. Select Configure > Switch > CEE.
Minimum CEE configuration for FCoE traffic 17 Configuring LLDP for FCoE To configure LLDP for FCoE, complete the following steps. 1. Select Configure > Switch > CEE. The CEE Configuration dialog box displays. 2. Select the switch to edit in the CEE Ports and LAGs table and click Edit. The CEE Edit Switch dialog box displays. 3. Click the LLDP-DCBX tab. 4. The CEE Edit Switch - LLDP-DCBX tab dialog box displays. FIGURE 174 CEE Edit Switch dialog box - LLDP-DCBX tab 5.
17 Minimum CEE configuration for FCoE traffic Configuring the CEE interface with the CEE Map and Global LLDP profile To configure the CEE interface, complete the following steps. 1. Select Configure > Switch > CEE. The CEE Configuration dialog box displays. 2. Select the Te port connected to the CNA in the CEE Ports and LAGs table and click Edit. 3. Select the Port tab, if necessary, and select the Enable check box. 4. Select L2 from the Interface Mode list. 5.
Minimum CEE configuration for FCoE traffic 17 9. Select the FCoE check box. 10. Select the CEE interface to carry the FCoE traffic from the Selection List and click Add to add it to the Selected List. 11. Click OK on the VLAN Configuration dialog box to save your changes. 12. Close Web Tools. Creating VLAN classifiers and activating on the CEE interface NOTE This procedure is completed using the CLI. For more information, see “CEE switch management using Telnet” on page 464.
17 Switch policies Switch policies You can configure and enable a number of CEE policies on a switch, port, or link aggregation group (LAG). The following switch policy configurations apply to all ports in a LAG: • CEE map and Traffic Class map • Link Layer Discovery Protocol (LLDP) The following switch policy configurations apply to the LAG itself: • Access Control Lists (ACL) • Spanning Tree Protocol (STP) The switch policies are described in the following sections.
Spanning Tree Protocol policy 17 Spanning Tree Protocol policy The Spanning Tree Protocol (STP) is a Layer 2 protocol that ensures a loop-free topology for any bridged LAN (Layer-2 bridges are typically Ethernet switches). Spanning tree allows a network design to include spare (redundant) links to provide automatic backup paths if an active link fails, without the danger of bridge loops or the need to manually enable or disable these backup links. NOTE STP is not supported on internal ports.
17 Link aggregation groups 3. Click Add LAG. The Add LAG dialog box displays. FIGURE 175 Add LAG dialog box 4. Configure the following LAG parameters: NOTE Ports with 802.1x authentication or ports that are L2 or L3 mode-enabled are not supported in a LAG. • Status - Enabled or Disabled. You must enable the LAG to use the CEE functionality. • LAG ID - Enter the LAG identifier, using a value between 1-63. Duplicate LAG IDs are not allowed. • Interface mode - none or L2.
Link aggregation groups 17 5. Select at least one available CEE port from the Available Members table and click the right arrow button to move them to the LAG Members table. The CEE ports are now part of the link aggregation group. 6. Continue to configure the following LAG parameters. These parameters are always enabled. • Mode - Sets all ports added to the LAG members table in either Static or Dynamic mode.
17 Editing a CEE switch Editing a CEE switch 1. Select Configure > Switch > CEE from the menu bar. The CEE Configuration dialog box displays, showing the status of all CEE-related hardware and functions. 2. Select the CEE switch from the Products/Ports table. 3. Click Edit. The Edit Switch dialog box displays (Figure 176). FIGURE 176 Edit Switch dialog box 4.
Editing a CEE port 17 Editing a CEE port 1. Select Configure > Switch > CEE from the menu bar. The CEE Configuration dialog box displays, showing the status of all CEE-related hardware and functions. 2. Select a CEE port from the Products/Ports table. 3. Click Edit. The Edit Port dialog box displays. FIGURE 177 Edit Port dialog box 4. Modify the following CEE Port parameters as required: • Status - Enable or Disable. You must enable the LAG to use the CEE functionality. • Interface Mode - None or L2.
17 Editing a LAG 5. When you have finished configuring the policies, apply the settings to the CEE port. NOTE Clicking Cancel when there are pending changes launches a pop-up dialog. 6. Click OK when you have finished modifying the CEE port parameters. The CEE Confirmation and Status dialog box displays. 7. Review the changes carefully before you accept them. 8. Click Start to apply the changes, or click Close to abort the operation.
Editing a LAG 17 5. Configure the following LAG parameters: NOTE Ports with 802.1x authentication or ports that are L2/L3 mode enabled are not supported in a LAG. • Status - Enabled or Disabled. You must enable the LAG to use the CEE functionality. • LAG ID - The LAG identifier, which is not an editable field. • Interface Mode - L2 or none. For external ports, the L3 interface mode displays, in addition to None or L2.
17 Enabling a CEE port or LAG Enabling a CEE port or LAG If you select multiple switches or multiple ports and LAGs from two or more switches, both the Enable button and the Disable button are disabled. 1. Select Configure > Switch > CEE from the menu bar. The CEE Configuration dialog box displays, showing the status of all CEE-related hardware and functions. 2. Select one or more CEE ports or LAGs (which can span multiple switches) that you want to enable.
CEE Performance 17 CEE Performance Performance monitoring provides details about the quantity of traffic and errors a specific port or device generates on the fabric over a specific time frame. You can also use performance to indicate the devices that create the most traffic and to identify the ports that are most congested. Real Time Performance Graph You can monitor a device’s performance through a performance graph that displays transmit and receive data.
17 Historical Performance Graph Historical Performance Graph The Historical Performance Graph dialog box enables you to customize how you want the historical performance information to display. Generating a historical performance graph 1. Select a CEE port from the CEE Configuration dialog box, and select Historical Graph from the Performance list. A message displays, prompting you to close the CEE Configuration dialog. 2.
QoS configuration 17 QoS configuration QoS configuration involves configuring packet classification, mapping the priority and traffic class, controlling congestion, and scheduling. The configuration of these QoS entities consist of CEE Map and Traffic Class Map configuration. In a Converged Enhanced Ethernet (CEE) configuration, Enhanced Transmission Selection (ETS) and Priority-based flow control (PFC) are configured by utilizing a priority table, a priority group table, and a priority traffic table.
17 Creating a CEE map Creating a CEE map When you create a CEE map, each of the Class of Service (CoS) options (0-7) must be mapped to at least one of the Priority Group IDs (0-7) and the total bandwidth must equal 100. All QoS, CEE map, and Traffic map configurations apply to all ports in a LAG. There can be, at the most, 16 entries in the Priority Group table. Eight of the entries are Strict Priority entries with a Priority Group ID of 15.0 to 15.
Editing a CEE map 17 5. Configure the following CEE Map parameters in the CEE Map table: • Name - Enter a name to identify the CEE map. If the switch is a 10 Gbps CEE/FC switch module, you cannot change the name. • Precedence - Enter a value between 1 - 100. This number determines the map’s priority. • Priority Flow Control check box - Check to enable priority flow control on individual priority groups. • CoS - Enter a Class of Service value to correspond to the Priority Group ID rows.
17 Deleting a CEE map 5. Keep the same CEE Map name and modify the following values, as required. See Table for an example of priority group configuration. • Name - Enter a name to identify the CEE map. If the switch is a 10 Gbps CEE/FC switch module, you cannot change the name. • Precedence - Enter a value between 1 - 100. This number determines the map’s priority. • % Bandwidth - Enter a bandwidth value for priority group IDs 0-7. The total of all priority groups must equal 100%.
Assigning a CEE map to a port or link aggregation group 17 8. Review the changes carefully before you accept them. 9. Click Start to apply the changes, or click Close to abort the operation. If a CEE map is assigned to a port or LAG and you delete the CEE map, an error message displays in the Status area (applicable for the Traffic class map and ACL). Assigning a CEE map to a port or link aggregation group A port can have either a CEE map or a Traffic Class map assigned to it, but it cannot have both. 1.
17 Creating a traffic class map Creating a traffic class map 1. Select Configure > Switch > CEE from the menu bar. The CEE Configuration dialog box displays, showing the status of all CEE-related hardware and functions. 2. Select a switch, and click Edit. 3. Click the QoS tab on the Edit Switch dialog box. The QoS dialog box displays. 4. Select Traffic Class from the Map Type list. 5. Name the Traffic Class map. 6. Click the Traffic Class cell in a CoS row and directly enter a value from 0-7.
Deleting a traffic class map 17 Deleting a traffic class map 1. Select Configure > Switch > CEE from the menu bar. The CEE Configuration dialog box displays, showing the status of all CEE-related hardware and functions. 2. Select a switch, and click Edit. 3. Click the QoS tab on the Edit Switch dialog box. The QoS dialog box displays. 4. Select a Traffic Class Map that you want to delete from the Traffic Class Maps table. 5. Click Delete. The Delete confirmation dialog displays. 6. Click Yes to confirm.
17 Assigning a traffic class map to a port or link aggregation group FIGURE 183 QoS, assign a traffic class map to a port dialog box 4. Click the Assign a map to check box. 5. Select Traffic Class in the Map Type list. 6. Select a Traffic Class Map in the Traffic Class Map list. 7. Click OK to commit the map assignment. The CEE Confirmation and Status dialog box displays. 8. Review the changes carefully before you accept them. 9.
LLDP-DCBX configuration 17 LLDP-DCBX configuration Link Layer Discovery Protocol (LLDP) provides a solution for the configuration issues caused by increasing numbers and types of network devices in a LAN environment, because, with LLDP, you can statically monitor and configure each device on a network.
17 Adding an LLDP profile 4. Select the Global Configuration LLDP profile in the LLDP Profiles table. 5. Click the left arrow button to edit. 6. Select the FCoE Application and FCoE Logical Link check boxes in the Advertise table to advertise them on the network. 7. Click OK. The CEE Confirmation and Status dialog box displays. 8. Click Start on the CEE Confirmation and Status dialog box to save the changes to the switch. 9. Click Close on the CEE Configuration dialog box.
Editing an LLDP profile 17 • DCBX - The DCBX profiles. • FCoE application - The FCoE application feature. • FCoE logical link - The logical link level for the SAN network. 6. Click the right arrow button to move the newly created profile into the DBCX Profiles table. 7. Click OK. The CEE Confirmation and Status dialog box displays. 8. Review the changes carefully before you accept them. 9. Click Start to apply the changes, or click Close to abort the operation. Editing an LLDP profile 1.
17 Assigning an LLDP profile to a port or ports in a LAG 4. Select an existing LLDP Profile from the LLDP Profiles table in the upper right pane. NOTE You cannot delete . You can, however, edit global configurations. For more information, see “Editing an LLDP profile” on page 447 5. Click Delete. A confirmation dialog displays. 6. Click Yes to confirm you want to delete the LLDP profile. The LLDP Profile table row is removed. 7. Click OK.
Assigning an LLDP profile to a port or ports in a LAG 17 FIGURE 185 Assign an LLDP profile dialog box 4. Click Assign an LLDP profile to button to enable the feature. NOTE Assign the Global Configuration is the default. The Available Profiles list is disabled if global configuration is selected. In addition, the Assign an LLDP profile button is disabled if no LLDP profiles exist on the switch. 5. Select an LLDP profile from the Available Profiles list. 6. Click OK.
17 Access Control List configuration Access Control List configuration Access control lists (ACL) are sequential lists consisting of permit and deny rules. They are either Layer 3 (IP)- or Layer 2 (MAC)-specific. You can configure multiple access lists and rules and store them in the configuration. Some of the benefits of ACLs include the following: • • • • ACLs provide a measure of security. ACLs save network resources by reducing traffic. ACLs block unwanted traffic and users.
Adding an ACL to a switch 17 4. Click Add and select Standard or Extended from the Add list. The Add Extended Access Control List includes all the Standard ACL features plus two additional features: Destination and Ether Type. The ACL parameters are described below. FIGURE 187 Add Extended Access Control List dialog box 5. Configure the following Access Control List parameters. NOTE You cannot duplicate Action and Source parameters in an existing Standard ACL.
17 Editing the parameters of an ACL • Count - Instructs the system to maintain a counter. • Ether Type - Specifies the Ethernet protocol being transferred in the Ethernet frame. Only one of the following Ether types is supported at a time. Address Resolution Protocol (ARP) - Ether Type 0x0806 Fibre Channel over Ethernet (FCoE) - Ether Type 0x8906 Internet Protocol, version 4 (IPv4) - Ether Type 0x0800 Custom - Ether type values must be greater than or equal to 1536 (0x0600).
Deleting an ACL 17 Deleting an ACL When you delete an ACL from the ACLs table, you are given the option to also remove the profile from the entities where it is currently associated. 1. Select Configure > Switch > CEE from the menu bar. The CEE Configuration dialog box displays, showing the status of all CEE-related hardware and functions. 2. Select a switch, and click Edit. 3. Click the Access Control List tab on the Edit Switch dialog box. The Access Control List dialog box displays. 4.
17 Assigning an ACL to a port or link aggregation group FIGURE 188 Assign ACL to port dialog box 5. Select an ACL from the Available ACLs list. The ACL name is suffixed with its type (standard or extended) in parentheses; for example, Human Resources (Extended). The details of the selected ACL are displayed in the Assigned ACL Details table, shown in Figure 188. 6. Click OK to commit the assign the ACL to the port or LAG. The CEE Confirmation and Status dialog box displays. 7.
Spanning Tree Protocol configuration 17 Spanning Tree Protocol configuration You can configure Spanning Tree Protocol (STP) when editing a LAG, but not when you are adding a LAG. The 8 Gbps 16-FC-ports, 10 GbE 8-Ethernet Port, and the 10 Gbps CEE/FC switch module support the following types of STP: • Spanning Tree Protocol (STP) • Rapid Spanning Tree Protocol (RSTP) - Provides for faster spanning tree convergence after a topology change.
17 Setting Spanning Tree parameters for a switch Setting Spanning Tree parameters for a switch You cannot configure Spanning Tree Protocol (STP) when adding a new LAG. STP can be configured only after the LAG has been added to the switch. NOTE The ports and the ports in a link aggregation group (LAG) for the selected switch must be in Layer 2 (L2) mode.
Setting Spanning Tree parameters for a switch 17 5. Configure the following Spanning Tree Protocol parameters: • Priority - The bridge priority. The value range is 0-61440 and the default value is 32768. The value must be in increments of 4096. • Mode - The spanning tree protocol mode. Options include Spanning Tree Protocol (STP), Rapid Spanning Tree Protocol (RSTP), and Multiple Spanning Tree Protocol (MSTP). • Forward Delay (sec) - The forward delay for the bridge.
17 Setting Spanning Tree parameters for a switch FIGURE 190 Spanning Tree Protocol dialog box, MSTP 6. Click OK. The CEE Confirmation and Status dialog box displays. 7. Review the changes carefully before you accept them. 8. Click Start to apply the changes, or click Close to abort the operation.
STP configurable parameters at the port or LAG level 17 STP configurable parameters at the port or LAG level You cannot configure Spanning Tree Protocol (STP) when adding a new LAG. STP can be configured only after the LAG has been added to the switch. Figure 191 shows the Spanning Tree Protocol (STP) parameters that are configurable at the port or LAG level. The ports and the ports in a link aggregation group (LAG) for the selected switch must be in Layer 2 (L2) mode.
17 802.1x authentication 802.1x authentication 802.1x is a standard authentication protocol that defines a client-server-based access control and authentication protocol. 802.1x restricts unknown or unauthorized clients from connecting to a LAN through publicly accessible ports. NOTE 802.1x is not supported for internal ports. A switch must be enabled for 802.1x authentication before you configure its parameters. See “Setting 802.1x parameters for a switch” for more information. Enabling 802.
Disabling 802.1x 17 Disabling 802.1x 1. Select Configure > Switch > CEE from the menu bar. The CEE Configuration dialog box displays, showing the status of all CEE-related hardware and functions. 2. Select a switch and click Edit. 3. Click the 802.1x tab on the Edit Switch dialog box. The 802.1x dialog box displays. 4. Clear the Enable 802.1x check box to disable 802.1x authentication. 5. Click OK. The CEE Confirmation and Status dialog box displays. 6. Review the changes carefully before you accept them.
17 Setting 802.1x parameters for a switch 4. Click the Enable 802.1x check box to enable 802.1x authentication, and click OK. The 802.1x dialog box displays. 5. FIGURE 192 802.1x dialog box 6. Configure the following 802.1x parameters: • Wait Period - The number of seconds the switch waits before sending an EAP request. The value range is 15 to 65535 seconds. The default value is 30.
CEE switch management using Web Tools 17 CEE switch management using Web Tools You can open Web Tools directly from the CEE Configuration dialog box and use the Element Manager to enable and manage the CEE switch. To launch a CEE switch’s Element Manager, complete the following steps. 1. Launch the CEE Configuration dialog box using one of the following methods: • Select Configure > Switch > CEE from the menu bar. • Right-click the CEE switch from the device tree, and select Configure > CEE.
17 CEE switch management using Telnet CEE switch management using Telnet You can use Telnet to log in and issue command line-based commands to a CEE switch. To launch a Telnet session, complete the following steps: 1. Launch the CEE Configuration dialog box using one of the following methods: • Select Configure > Switch > CEE from the menu bar. • Right-click the CEE switch from the device tree, and select Configure > CEE. • Right-click the CEE switch from the topology map and select Configure > CEE.
Viewing virtual FCoE ports 17 Viewing virtual FCoE ports Configuration of virtual FCoE ports requires installation of the FCoE license on the switch. 1. Select Configure > Switch > FCoE from the menu bar. The FCoE Configuration dialog box displays. 2. Select the Virtual FCoE Ports tab. The Virtual FCoE Ports tab displays. FIGURE 194 Virtual FCoE Ports dialog box 3. Select one or more virtual ports from the Products/Ports list. 4.
17 Clearing a stale entry Clearing a stale entry A stale entry is a device that logged in and logged off but, because a port went down after an FLOGI was received, the device failed to receive the message. The entry in the FCoE Connected Devices table becomes stale and you must clear it manually. 1. Select a virtual FCoE port from the FCoE Configuration dialog box and click Connected Devices. The Connected Devices dialog box displays. 2.
Chapter 18 FICON Environments In this chapter • FICON Configurations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Configuring a PDCM Allow/Prohibit Matrix . . . . . . . . . . . . . . . . . . . . . . . . . • Copying a PDCM configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Activating a PDCM configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Deleting a PDCM configuration . . . . . . . . . . . . . . .
18 Configuring a PDCM Allow/Prohibit Matrix FIGURE 196 Cascaded configuration, three domains, but only two in a path Configuring a PDCM Allow/Prohibit Matrix The Prohibit Dynamic Connectivity Mask (PDCM) is a FICON port attribute that can be used to prohibit communication between specific ports. Prohibits are not recommended on E_Ports (inter switch links).
Configuring a PDCM Allow/Prohibit Matrix 18 2. Select a switch from Available Switches. Two default configurations (Active and IPL) are displayed in a tree structure below the switch. Existing configurations are also displayed. 3. Choose one of the following options: • Double-click a configuration file. • Select a configuration file and click the right arrow. A matrix displays. The switch ports are displayed on both the vertical axis and horizontal axis.
18 Configuring an Allow/Prohibit manually Configuring an Allow/Prohibit manually NOTE If you receive a 'FICON not supported on switch' error, refer to FICON troubleshooting for a list of possible causes. To configure to allow or prohibit communication between specific ports manually, complete the following steps. 1. Select Configure > Allow/Prohibit Matrix. The Configure Allow/Prohibit Matrix dialog box displays. 2. Select a switch from Available Switches.
Saving or Copying a PDCM configuration to another device 18 8. Click Add. The information displays in the Selected Ports for Modification table. To delete any of these manual configurations, select the configuration you want to delete in the Selected Ports for Modification table and click Remove. 9. Repeat steps step 5 through step 8 for each Allow/Prohibit configuration. 10. Click OK on the Manual Allow/Prohibit dialog box. 11.
18 Copying a PDCM configuration 3. Click Copy. The Save As/Copy dialog box displays. FIGURE 200 Save As/Copy dialog box 4. Enter a name for the configuration. 5. Enter a description for the configuration. 6. Select the check box for the switch to which you want to save the configuration in the Select Switch table. 7. Click OK.
Saving a PDCM configuration to another device 18 Saving a PDCM configuration to another device NOTE If you receive a 'FICON not supported on switch' error, refer to FICON troubleshooting for a list of possible causes. To save an existing PDCM configuration to another device, complete the following steps. 1. Select Configure > Allow/Prohibit Matrix. The Configure Allow/Prohibit Matrix dialog box displays. 2. Select the PDCM configuration you want to copy.
18 Activating a PDCM configuration Activating a PDCM configuration NOTE If you receive a 'FICON not supported on switch' error, refer to FICON troubleshooting for a list of possible causes. You must have an active zone configuration before you can activate a PDCM configuration. 1. Select Configure > Allow/Prohibit Matrix. The Configure Allow/Prohibit Matrix dialog box displays. 2. Select the PDCM configuration you want to activate.
Deleting a PDCM configuration 18 Deleting a PDCM configuration NOTE If you receive a 'FICON not supported on switch' error, refer to FICON troubleshooting for a list of possible causes. You cannot delete the active configuration, the IPL configuration, or a configuration that is marked as having uncommitted changes. 1. Select Configure > Allow/Prohibit Matrix. The Configure Allow/Prohibit Matrix dialog box displays. 2. Select the PDCM configuration you want to delete.
18 Cascaded FICON fabric Cascaded FICON fabric NOTE You must have FICON Management privileges to configure a fabric for cascaded FICON. The Management application enables you to easily configure a fabric for cascaded FICON. Note that configuring a fabric for cascaded FICON may be disruptive to current I/O operations in the fabric, as it needs to disable and enable the switches in the fabric.
Configuring a cascaded FICON fabric 18 Configuring a cascaded FICON fabric NOTE If you receive a 'FICON not supported on switch' error, refer to FICON troubleshooting for a list of possible causes. The FICON wizard automatically creates high integrity fabric configuration settings that support a cascaded FICON fabric. 1. Select Configure > FICON > Configure Fabric. The Configure Cascaded FICON Fabric screen of the FICON Configuration dialog displays (Figure 203).
18 Configuring a cascaded FICON fabric 4. Select the DLS check box to enable dynamic load sharing (DLS) or Lossless DLS on all switches in the fabric. NOTE DLS requires DLS support on the switch. Lossless DLS requires Lossless DLS support on the switch. DLS is only supported on the 40-port, 8 Gbps FC Switch, 80-port, 8 Gbps FC Switch, 384-port Backbone Chassis, and 192-port Backbone Chassis. Enabling DLS may result in dropped frames when paths fail over.
Cascaded FICON fabric merge 18 Cascaded FICON fabric merge The Management application provides a wizard to help you merge two fabrics for cascaded FICON. Note that merging two cascaded FICON fabrics may be disruptive to current I/O operations in both fabrics, as it needs to disable and enable the switches in both fabrics. NOTE It is recommended that you run a configuration backup on all switches before performing the fabric merge. This helps you to revert back the switch configurations later.
18 Merging two cascaded FICON fabrics Merging two cascaded FICON fabrics NOTE If you receive a 'FICON not supported on switch' error, refer to FICON troubleshooting for a list of possible causes. If you want to join two cascaded FICON fabrics, they must be merged. If the distance between fabrics is 10 km or more, an Extended Fabrics license is required, and an extra step is required to configure the connection as a long distance connection.
Merging two cascaded FICON fabrics 18 8. Select which fabric’s Administrative domains, zone database, and ACL database you want to preserve and use after the fabrics are merged. 9. Read the bulleted list of actions so you understand the actions that are taken to avoid conflicts when the fabrics are merged. 10. Click Next. The Check merge screen displays. A Status details table shows progress through merge check points. A rotating arrow under Status indicates a Merge check step is in progress.
18 Resolving merge conflicts Resolving merge conflicts You can resolve the following types of switch configuration conflicts: • • • • • • • • • • Domain ID TOV Buffer To Buffer Credit Disable Device Probe Route Priority Per Frame Sequence Level Switching Suppress Class F Long Distance Setting Data Field Size VC Priority Note that not all tests support resolution. If a test supports resolution, the Description column contains the text 'Resolvable'.
Port Groups 18 Port Groups A port group is a group of FC ports from one or more switches within the same fabric. Port groups are user-specific, you can only view and manage port groups that you create. The ports display in the order in which you add them to the port group. The order in which you add ports to a port group is persisted in both the port group and the Allow/Prohibit Matrix.
18 Viewing port groups 2. Click New. 3. Enter a name for the port group in the Name field. 4. Enter a description for the port group in the Description field. 5. Select one or more ports to add to the group in the Group Type - FC Ports table. A port group must have at least one port in the Membership List. All ports must be from switches in the same fabric. 6. Click the right arrow button. The selected ports display in the Membership List. 7. Click Update.
Editing a port group 18 Editing a port group To edit a port group, complete the following steps. 1. Select Configure > Port Groups. The Port Groups dialog box displays. 2. Select the port group you want to edit in the Port Groups table. The information for the selected port group displays in the update information area. 3. Change the name for the port group in the Name field, if necessary. NOTE If you change the port group name, it is the same as copying the existing port group with a new name. 4.
18 Swapping blades Swapping blades NOTE Blade-based port swap is mainly used for FICON and is only applicable for port blades. However, the Management application does not block blade-based port swap for other application blades, including the 8 Gbps 24-port blade. You can swap all of the ports from one blade to another blade. During this operation all ports in the selected blades are swapped. This operation disrupts the traffic on all ports for the selected blades.
Chapter 19 FC-FC Routing Service Management In this chapter • Devices that support Fibre Channel routing . . . . . . . . . . . . . . . . . . . . . . . . • Fibre Channel routing overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Guidelines for setting up FC-FC routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Connecting edge fabrics to a backbone fabric . . . . . . . . . . . . . . . . . . . . . . • Configuring routing domain IDs . . . . . . . . . . . . . . . . .
19 Fibre Channel routing overview Fibre Channel routing overview Fibre Channel routing provides connectivity to devices in different fabrics without merging the fabrics. Using Fibre Channel routing, you can share tape drives across multiple fabrics without the administrative overhead, such as change management and network management, and scalability issues that might result from merging the fabrics. Fibre Channel routing allows you to create logical storage area networks (LSANs) that can span fabrics.
Guidelines for setting up FC-FC routing 19 VE_Port Edge fabric 2 IP cloud Edge fabric 1 Edge fabric 3 E_Port E_Port IFL IFL IFL VEX_Port FC router EX_Port (2) = LSAN Backbone fabric FIGURE 205 A metaSAN with edge-to-edge and backbone fabrics Guidelines for setting up FC-FC routing The following are some general guidelines for setting up FC-FC routing: • Ensure that the backbone fabric ID of the FC router is the same as that of other FC routers in the backbone fabric.
19 Connecting edge fabrics to a backbone fabric Connecting edge fabrics to a backbone fabric The following procedure explains how to set up FC-FC routing on two edge fabrics connected through an FC router using E_Ports and EX_Ports. If you are connecting Fibre Channel SANs through an IP-based network, see “Configuring an FCIP tunnel” on page 391 for instructions on setting up an FCIP tunnel between a VE_Port and a VEX_Port.
Connecting edge fabrics to a backbone fabric 19 3. Select the FC router from the Available Routers table. 4. Click the right arrow to move the FC router you selected to the Selected Router table. 5. Select a valid fabric ID (1–128) from the Fabric ID list. You can choose any unique fabric ID as long as it is consistent for all EX_Ports that connect to the same edge fabric.
19 Configuring routing domain IDs Configuring routing domain IDs Logical (phantom) domains are created to enable routed fabrics. A logical domain called a front domain is created in edge fabrics for every IFL. A logical domain called a translate (Xlate) domain is created in routed fabrics that share devices. Use the following procedure to change the domain IDs of these logical domains. 1. Right-click the fabric for which you want to configure phantom domains, and select Routing Domain IDs.
Chapter 20 Encryption configuration In this chapter • Encryption Center features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Encryption user privileges. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Smart card usage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Network connections. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
20 Encryption Center features Encryption Center features The Encryption Center dialog box (Figure 208) is the single launching point for all encryption-related configuration in the Management application. It also provides a table that shows the general status of all encryption-related hardware and functions at a glance. FIGURE 208 Encryption Center dialog box Beginning with Fabric OS version 6.
Encryption user privileges 20 Encryption user privileges In the Management application, resource groups are assigned privileges, roles, and fabrics. Privileges are not directly assigned to users; users get privileges because they belong to a role in a resource group. A user can only belong to one resource group at a time. The Management application provides three pre-configured roles: • Storage encryption configuration. • Storage encryption key operations. • Storage encryption security.
20 Smart card usage Smart card usage Smart Cards are credit card-sized cards that contain a CPU and persistent memory. Smart cards can be used as security devices. You must have Storage Encryption Security user privileges to activate, register, and configure smart cards. Smart cards can be used to do the following: • Control user access to the Management application security administrator roles. • Control activation of encryption engines. • Securely store backup copies of master keys.
Registering authentication cards from the database 20 3. Select the Quorum Size. The quorum size is the minimum number of cards necessary to enable the card holders to perform the security sensitive operations listed above. The maximum quorum size is five cards. The actual number of authentication cards registered is always more than the quorum size, so if you set the quorum size to five, for example, you will need to register at least six cards in the subsequent steps.
20 De-registering an authentication card De-registering an authentication card Authentication cards can be removed from the database and the switch by de-registering them. Use the following procedure to de-register an authentication card. 1. Select the authentication card on the Authentication Card table. 2. Click Deregister. 3. A confirmation dialog box is displayed. Click OK to confirm de-registration. The Encryption Group dialog box displays. 4. Click OK on the Encryption Group dialog box.
Enabling or disabling the system card requirement 20 Enabling or disabling the system card requirement If you want to use a system card to control activation of an encryption engine on a switch, you must enable the system card requirement. You can use the following procedure to enable or disable the system card requirement. 1. From the Encryption Center select an encryption group, and select the Security menu. The Select Security Settings dialog is displayed. 2.
20 De-registering a system card De-registering a system card System cards can be removed from the database by de-registering them. Use the following procedure to de-register a system card. 1. From the Register System Card dialog box, select the system card you want to de-register. 2. Click Deregister. 3. A confirmation dialog box is displayed. Click OK to confirm de-registration. The card is removed to the Registered System Cards table.
Editing smart cards 20 Editing smart cards Use the Edit Smart Card dialog box to edit smart card details. 1. From the Encryption Center, select Smart Card > Edit Smart Card. The Edit Smart Card dialog box displays(Figure 210). FIGURE 210 Edit Smart Card dialog box 2. Insert the smart card into the card reader. 3. After the card’s ID is displayed in the Card ID field, enter the Card Password and click Login. 4. Edit the card assignment user information as needed. 5. Click OK.
20 Network connections Network connections Before you use the encryption setup wizard for the first time, you must have the following required network connections: • The management ports on all encryption switches and 384-port Backbone Chassis CPs that have encryption blades installed must have a LAN connection to the SAN management program, and must be available for discovery.
Encryption node initialization and certificate generation 20 Encryption node initialization and certificate generation When an encryption node is initialized, the following security parameters and certificates are generated: • • • • • FIPS crypto officer FIPS user Node CP certificate A self-signed Key authentication center (KAC) certificate A Key authentication center (KAC) signing request (CSR) From the standpoint of external SAN management application operations, the FIPS crypto officer, FIPS user, a
20 Supported encryption key manager appliances Supported encryption key manager appliances As stated under “Network connections”, a supported key management appliance must be connected on the same LAN as the management port of the encryption switches or of the Backbone Chassis Control Processors (CPs) in the case of the encryption blade.
Exporting the KAC certificate signing request (CSR) 20 Exporting the KAC certificate signing request (CSR) You need to export the KAC CSR to a temporary location prior to submitting the KAC CSR to a Certificate Authority (CA) for signing. 1. Synchronize the time on the switch and the key manager appliance. They should be within one minute of each other. Differences in time can invalidate certificates and cause key vault operations to fail. 2.
20 Uploading the KAC and CA certificates onto the RKM appliance Uploading the KAC and CA certificates onto the RKM appliance After an encryption group is created, you need to install the switch public key certificate (KAC certificate) and signing authority certificate (CA certificate) on the RKM appliance. 1. Start a web browser, and connect to the RKM appliance setup page. You will need the URL, and have the proper authority level, a user name, and a password. 2. Select the Operations tab. 3.
RKM key vault high availability deployment i. Repeat a. through h. for each key class. j. Click Finish. 20 9. For each encryption node, create an identity as follows. a. Select the Identities tab. b. Click Create. c. Enter a label for the node in the Name field. This is a user-defined identifier. d. Select the Hardware Retail Group in the Identity Groups field. e. Select the Operational User role in the Authorization field. f.
20 The NetApp DataFort Management Console The NetApp DataFort Management Console The NetApp DataFort Management Console (DMC) must be installed on your PC or workstation to complete certain procedures described in this appendix. Refer to the appropriate DMC product documentation for DMC installation instructions. After you install DMC, do the following. 1. Launch the DMC. 2. Click the Appliance tab on the top panel. 3. Add the NetApp LKM appliance IP address or hostname. 4.
Obtaining and importing the LKM certificate 20 Obtaining and importing the LKM certificate Certificates must be exchanged between LKM and the encryption switch to enable mutual authentication. You must obtain a certificate from LKM, and import it into the encryption group leader. The encryption group leader exports the certificate to other encryption group members. To obtain and import an LKM certificate, do the following. 1. Open an SSH connection to the NetApp LKM appliance and log in.
20 Exporting and registering the switch KAC certificates on LKM Exporting and registering the switch KAC certificates on LKM The encryption switch self-signed KAC certificates must exported and then registered on the LKM appliance. 1. From the Encryption Center, select Switch > Export Certificate. The Export Switch Certificate dialog box displays. 2. Select Self-signed switch certificate (X.509) and click OK.
Tape LUN and DF -compatible tape pool support 20 Tape LUN and DF -compatible tape pool support • DEK Creation - The DEK is created and archived to the primary LKM only. Upon successful archival of the DEK to the primary LKM, the DEK can be used for encryption of a Tape LUN or DF-Compatible tape pool. The DEK is synchronized to a secondary LKM through LKM clustering. If DEK archival to the primary LKM fails, DEK archival is retried to the clustered secondary LKM.
20 Configuring a Brocade group on SKM • • • • • • Download the CA certificate. Create and install an SKM server certificate. Enable an SSL connection. Configure a cluster of SKM appliances for high availability. Export and sign the encryption node certificate signing requests. Import the signed certificates into the encryption node. These steps are described in more detail in the following sections.
Registering the SKM Brocade group user name and password 20 Registering the SKM Brocade group user name and password The Brocade group user name and password you created when configuring a Brocade group on SKM must also be registered on each Brocade encryption node. 1. From the Encryption Center, select Key Vault Credentials. 2. Enter the Brocade group user name and password.
20 Setting up the local Certificate Authority (CA) on SKM Setting up the local Certificate Authority (CA) on SKM To create and install a local CA, perform the following steps: 1. Login to the SKM management web console using the admin password. 2. Select the Security tab. 3. Under Certificates & CAs, click Local CAs. 4. Enter information required by the Create Local Certificate Authority section of the window to create your local CA. - Enter a Certificate Authority Name and Common Name.
Downloading the local CA certificate from SKM 7. 20 In the Trusted Certificate Authority List, click Edit. 8. From the list of Available CAs in the right panel, select the CA you just created. Repeat these steps any time another local CA is needed. Downloading the local CA certificate from SKM The local CA certificate you created using the procedure for “Setting up the local Certificate Authority (CA) on SKM” on page 514 must be saved to your local system.
20 Enabling SSL on the Key Management System (KMS) Server 11. Enter the required data in the Sign Certificate Request section of the window. - Select the CA name from the Sign with Certificate Authority drop down box. Select Server as the Certificate Purpose. Enter the number of days before the certificate must be renewed based on your site's security policies. The default value is 3649 or 10 years. 12. Paste the copied certificate request data into the Certificate Request box. 13. Click Sign Request.
Creating an SKM High Availability cluster 20 Creating an SKM High Availability cluster The HP SKM key vault supports clustering of HP SKM appliances for high availability. If two SKM key vaults are configured, they must be clustered. If only a single SKM appliance is configured, it may be clustered for backup purposes, but the backup appliance will not be directly used by the switch.
20 Adding SKM appliances to the cluster Adding SKM appliances to the cluster If you are adding an appliance to an existing cluster, select the Cluster Settings section of the window, click Download Cluster Key and save the key to a convenient location, such as your computer's desktop.
Signing the Brocade encryption node KAC certificates 20 Signing the Brocade encryption node KAC certificates The KAC certificate signing request generated when the encryption node is initialized must be exported for each encryption node and signed by the Brocade local CA on SKM. The signed certificate must then be imported back into the encryption node. 1. From the Encryption Center, select Switch > Export Certificate. The Export Switch Certificate dialog box displays. 2.
20 Steps for connecting to a TEMS appliance Steps for connecting to a TEMS appliance TEMS provides a web user interface for management of clients, keys, admins, and configuration parameters. A Thales officer creates domains, groups, and managers (a type of administrator), assigns groups to domains and assigns managers to manage groups. Managers are responsible for creating clients and passwords for the groups they manage.
Creating a client on TEMS 20 3. Enter the client IP address information under KM Server Interface. 4. Enter a host name for the appliance, internet or intranet domain, and, if used, the primary and secondary DNS IP address under Common Settings. 5. Set Service Settings as shown in Figure 212. - HTTPS Port 433 SSH Port 22 Enable SSH KM Server Port 9000 Enable KM Server Creating a client on TEMS This step assumes that the group brocade has been created by an administrator.
20 Establishing TEMS key vault credentials on the switch FIGURE 214 TEMS Clients tab 7. Click the Add Client tab. 8. Paste or type in the user name from step 4 in the Name field. 9. Enter a password in the Password and Verify Password fields. 10. Select the group brocade from the group pull down menu. 11. Click on Add Client. A TEMS client user is created and is listed in the table.
Gathering information 20 2. Copy exactly the user name and password used when creating the TEMS client. You may create different credentials, but if you do, you also need to change the TEMS client credentials to match the new credentials. 3. Click OK. Gathering information Before you use the encryption setup wizard for the first time, you should also have a detailed configuration plan in place and available for reference.
20 Creating a new encryption group Creating a new encryption group The following steps describe how to start and run the encryption setup wizard, and then create a new encryption group. NOTE When a new encryption group is created, any existing tape pools in the switch are removed. 1. Select Configure > Encryption from the menu bar. The Encryption Center dialog box displays. FIGURE 216 Encryption Center - No Group Defined dialog box 2. Select a switch from the encryption group.
Creating a new encryption group 20 4. Click Next. Create a new encryption Group is pre-selected. This is the correct selection for creating a new group. FIGURE 217 Designate Switch Membership dialog box 5. Enter an Encryption Group Name for the encryption group (the maximum length of the group name is 15 characters; letters, digits, and underscores are allowed) and select the Automatic failback mode. NOTE If the name you enter for the encryption group already exists, a pop-up warning message displays.
20 Creating a new encryption group FIGURE 218 Select Key Vault dialog box 7. Select the Key Vault Type. The choices are the following: - RSA Key Manager (RKM) NetApp Link Key Manager (LKM) HP Secure Key Manager (SKM) Thales Encryption Manager for Storage (TEMS) Tivoli Key Lifetime Manager (TKLM) Different options are available depending on which key vault type you choose.
Creating a new encryption group 20 When you select RKM, the options are a shown in Figure 219. a. Enter the IP address or host name for the primary key vault. If you are clustering RKM appliances for high availability, IP load balancers are used to direct traffic to the appliances. Use the IP address of the load balancer. b. Enter the name of the file that holds the primary key vault’s public key certificate or browse to the location by clicking the Browse button. c.
20 Creating a new encryption group When you select LKM, the options are as shown in Figure 220. a. Enter the IP address or host name for the primary key vault. b. Enter the name of the file that holds the primary key vault’s public key certificate or browse to the location by clicking the Browse button. c. If you are using a backup key vault, also enter the IP address or host name, and the name of the file holding the backup key vault’s public key certificate in the fields provided.
Creating a new encryption group 20 When you select SKM, the options are as shown in Figure 221. a. Enter the IP address or host name for the primary key vault. b. Enter the name of the file that holds the primary key vault’s public key certificate or browse to the location by clicking the Browse button. c. Enter the user name and password you established for the Brocade user group. d.
20 Creating a new encryption group When you select TEMS, the options are as shown in Figure 222. a. Enter the IP address or host name for the primary key vault. b. Enter the name of the file that holds the primary key vault’s public key certificate or browse to the location by clicking the Browse button. c. Enter the user name and password you created for the Brocade group TEMS client. d.
Creating a new encryption group 20 When you select TKLM, the options are as shown in Figure 223. a. Enter the IP address or host name for the primary key vault. b. Enter the name of the file that holds the primary key vault’s public key certificate or browse to the location by clicking the Browse button. c. If you are using a backup key vault, also enter the IP address or host name and the name of the file holding the backup key vault’s public key certificate in the fields provided.
20 Creating a new encryption group FIGURE 224 Specify Public Key Certificate filename dialog box 8. Specify the name of the file where you want to store the public key certificate that is used to authenticate connections to the key vault, and click Next. The certificate stored in this file is the switch’s public key certificate. You will need to know this path and file name to install the switch’s public key certificate on the key management appliance. 9. Click Next.
Creating a new encryption group 20 FIGURE 225 Specify Master Key File Name dialog box 10. Enter a file name, or browse to the desired location. 11. Enter the passphrase, which is required for restoring the master key. The passphrase can be between eight and 40 characters, and any character is allowed. 12. Re-type the passphrase for verification.
20 Creating a new encryption group 13. Click Next. The Confirm Configuration panel displays the encryption group name and switch public key certificate file name you specified, shown in Figure 226. FIGURE 226 Confirm Configuration dialog box 14. Click Next to confirm the displayed information. The Configuration Status displays, as shown in Figure 227. The configuration status steps vary slightly depending on the key vault type. • A progress indicator shows that a configuration step is in progress.
Creating a new encryption group 20 FIGURE 227 Configuration Status dialog box The Management application sends API commands to verify the switch configuration. The CLI commands are detailed in the Fabric OS Encryption Administrator’s Guide, “Key vault configuration.” • Initialize the switch If the switch is not already in the initiated state, the Management application performs the cryptocfg --initnode command.
20 Adding a switch to an encryption group • Save the switch’s public key certificate to a file The Management application saves the KAC certificate into the specified file. • Back up the master key to a file The Management application saves the master key into the specified file. Note that a master key is not generated if the key vault type is LKM. LKM manages DEK exchanges through a trusted link, and the LKM appliance uses its own master key to encrypt DEKs. 15. Click Next.
Adding a switch to an encryption group 20 FIGURE 228 Add switch to an encryption group - Designate Switch Membership dialog box a. Select Add this switch to an existing encryption group. b. Click Next. The Add Switch to Existing Encryption Group dialog box displays. FIGURE 229 Add Switch to Existing Encryption Group dialog box 5. Select the group to which you want to add the switch, and click Next. The Specify Public Key Certificate Filename panel displays.
20 Adding a switch to an encryption group FIGURE 230 Add switch to an encryption group - Specify Public Key Certificate filename dialog box 6. Specify the name of the file where you want to store the public key certificate that is used to authenticate connections to the key vault, and click Next. The Confirm Configuration panel displays the encryption group name and switch public key certificate file name you specified.
Adding a switch to an encryption group 7. 20 Click Next to confirm the displayed information. The Configuration Status displays. • A progress indicator shows that a configuration step is in progress. A green check mark indicates successful completion of all steps for that Configuration Item. A red stop sign indicates a failed step. • All Configuration Items have green check marks if the configuration is successful.
20 Replacing an encryption engine in an encryption group FIGURE 233 Add switch to an encryption group - Next Steps dialog box 9. Click Finish to exit the Configure Switch Encryption wizard. Replacing an encryption engine in an encryption group To replace an encryption engine in an encryption group with another encryption engine within the same DEK Cluster, complete the following steps. 1.
Creating high availability (HA) clusters 20 FIGURE 234 Engine Operations tab 2. Select the engine you want to replace in the Engine list. 3. Select the engine you want to use as the replacement in the Replacement list. 4. Click Replace. All containers hosted by the current engine (Engine list) are replaced by the new engine (Replacement list). Creating high availability (HA) clusters A high availability (HA) cluster is a group of exactly two encryption engines.
20 Removing engines from an HA cluster 4. Select an available encryption engine, and a destination HA cluster under High-Availability Clusters. Select New HA Cluster if you are creating a new cluster. 5. Click the right arrow to add the encryption engine to the selected HA cluster. FIGURE 235 HA Clusters tab NOTE If you are creating a new HA cluster, a dialog box displays requesting a name for the new HA cluster. HA Cluster names can have up to 31 characters. Letters, digits, and underscores are allowed.
Swapping engines in an HA cluster 20 Swapping engines in an HA cluster Swapping engines is useful when replacing hardware. Swapping engines is different from removing an engine and adding another because when you swap engines, the configured targets on the former HA cluster member are moved to the new HA cluster member. To swap engines, select one engine from the right tree (see Figure 235) and one unclustered engine from the list on the left, and click the double-arrow button.
20 Adding encryption targets Adding encryption targets Adding an encryption target maps storage devices and hosts to virtual targets and virtual initiators within the encryption switch. NOTE It is recommended that you zone the host and target together before configuring them for encryption. If the host and target are not already zoned, you can still configure them for encryption, but afterward you will need to zone the host and target together, and then click the Commit button to commit the changes.
Adding encryption targets 20 5. Click Next to begin. The Select Encryption Engine dialog box displays. The list of engines depends on the scope being viewed. • If the Targets dialog box is showing all targets in an encryption group, the list includes all engines in the group. • If the Targets dialog box is showing all targets for a switch, the list includes all encryption engines for the switch.
20 Adding encryption targets 6. Select the encryption engine (blade or switch) you want to configure, and click Next. The Select Target panel displays. This panel lists all target ports and target nodes in the same fabric as the encryption engine. The Select Target list does not show targets that are already configured in an encryption group. There are two available methods for selecting targets: select from the list of known targets or manually enter the port and node WWNs.
Adding encryption targets 7. 20 Click Next. The Select Hosts panel displays. This panel lists all hosts in the same fabric as the encryption engine. There are two available methods for selecting hosts: select from a list of known hosts or manually enter the port and node world wide names. FIGURE 239 Select Hosts dialog box a. Select a maximum of 1024 hosts from the Host Ports in Fabric list, and click the right arrow to move the host to the Selected Hosts list.
20 Adding encryption targets FIGURE 240 Name Container dialog box 10. Click Next. The Confirmation panel displays.
Adding encryption targets 20 11. Click Next to confirm the displayed information. The Configuration Status displays the target and host that are configured in the target container, as well as the virtual targets (VT) and virtual initiators (VI). NOTE If you can view the VI/VT Port WWNs and VI/VT Node WWNs, the container has been successfully added to the switch. FIGURE 242 Configuration Status dialog box 12. Review the configuration.
20 Adding encryption targets 13. Click Next to confirm the configuration. The Important Instructions dialog box displays. FIGURE 243 Important Instructions dialog box 14. Review the instructions about post-configuration tasks you must complete after you close the wizard. 15. Click Finish to exit the Configure Storage Encryption wizard.
Configuring hosts for encryption targets 20 Configuring hosts for encryption targets Use the Encryption Target Hosts dialog box to edit (add or remove) hosts for an encrypted target. NOTE Hosts are normally selected as part of the Configure Storage Encryption wizard but you can also edit hosts later using the Encryption Target Hosts dialog box. 1. Select Configure > Encryption from the menu bar. The Encryption Center dialog box displays. 2.
20 Adding target disk LUNs for encryption Adding target disk LUNs for encryption You can add a new path to an existing disk LUN or add a new LUN and path by launching the Add New Path wizard. Take the following steps to launch the Add New Path wizard. 1. Select Configure > Encryption. The Encryption Center dialog box displays. 2. Right-click a group, switch, or encryption engine or select a group, switch, or encryption engine from the Encryption Devices table and select Disk LUNs.
Adding target disk LUNs for encryption 20 5. Click Next. The Select Initiator Port dialog box displays. 6. Select the initiator port from the Initiator Port list. 7. Click Next. LUN discovery is launched, and a progress bar displays. There are four possible outcomes: - A message displays indicating No LUNs are discovered. Click OK to dismiss the message and exit the wizard. - A message displays indicating LUNs are discovered, but are already configured.
20 Remote replication LUNs Remote replication LUNs The Symmetrix Remote Data Facility (SRDF) transmits data that is being written to a local Symmetrix array to a remote symmetrix array. The replicated data facilitates a fast switchover to the remote site for data recovery. SRDF supports the following methods of data replication: • Synchronous Replication provides real-time mirroring of data between the source Symmetrix and the target Symmetrix systems.
Metadata requirements and remote replication 20 FIGURE 248 Basic SRDF configuration with Brocade encryption switches Metadata requirements and remote replication When the metadata and key ID are written, the primary metadata on blocks 1 to 16 is compressed and encrypted. However, there are scenarios where these blocks are not compressible, and the metadata is not written to the media.
20 Adding Target Tape LUNs for encryption • The New LUN option is used only if an RKM key vault is configured for the encryption group. • The New LUN option can be used only if replication is enabled for the encryption group. • If the local LUN contains host data, configuring it with the New LUN option would cause the data on the last 3 blocks of the LUN to be lost. Before using the New LUN option, you must migrate the contents of the LUN to another LUN that is larger by at least 3 blocks.
Configuring encrypted tape storage in a multi-path environment 20 8. Select the desired encryption mode. • If you change a LUN policy from Native Encryption or DF-Compatible Encryption to Clear Text, you disable encryption. • The LUNs of the target which are not enabled for encryption must still be added to the CryptoTarget container with the Clear Text encryption mode option. NOTE The Re-keying interval can only be changed for disk LUNs.
20 Re-balancing the encryption engine 9. Select target port B, click LUNs, then click Add. Select the LUNs to be encrypted and the encryption policies for the LUNs, making sure that the encryption policies match the policies specified in the other path. 10. Click Commit to make the LUN configuration changes effective in both paths simultaneously. The Management application does not automatically commit LUN configuration changes.
Master keys 20 To rebalance an encryption engine, do the following. 1. Select Configure > Encryption from the menu bar. The Encryption Center dialog box displays. 2. Select an encryption engine and select Engine > Re-Balance from the menu bar, or right click on the encryption engine, and select Re-Balance. A warning message displays, cautioning you about the potential disruption of disk and tape I/O, and telling you that the operation may take several minutes. 3. Click Yes to begin re-balancing.
20 Master key actions Master key actions Master key actions are as follows: • Backup master key, which is enabled any time a master key exists. • Restore master key, which is enabled when no master key exists or the previous master key has been backed up. • Create new master key, which is enabled when no master key exists or the previous master key has been backed up. Reasons master keys can be disabled Master key actions are disabled if unavailable.
Saving the master key to a file 20 4. Select Backup Master Key as the Master Key Action. The Master Key Backup dialog box displays, but only if the master key has already been generated. FIGURE 249 Backup Destination (to file) dialog box 5. Select File as the Backup Destination. 6. Enter a file name, or browse to the desired location. 7. Enter the passphrase, which is required for restoring the master key. The passphrase can be between eight and 40 characters, and any character is allowed. 8.
20 Saving a master key to a key vault Saving a master key to a key vault Use the following procedure to save the master key to a key vault. 1. Select Configure > Encryption from the menu bar. The Encryption Center dialog box displays. 2. Select an encryption group from the tree, and click Properties. 3. Select the Security tab. 4. Select Backup Master Key as the Master Key Action. The Backup Master Key for Encryption Group dialog box displays. FIGURE 250 Backup Destination (to key vault) dialog box 5.
Saving a master key to a smart card set 20 Saving a master key to a smart card set A card reader must be attached to the SAN Management application PC to complete this procedure. Recovery cards can only be written once to back up a single master key. Each master key backup operation requires a new set of previously unused smart cards. NOTE Windows operating systems do not require smart card drivers to be installed separately; the driver is bundled with the operating system.
20 Saving a master key to a smart card set FIGURE 251 Backup Destination (to smart cards) dialog box 5. Select A Recovery Set of Smart Cards as the Backup Destination. 6. Enter the recovery card set size. 7. Insert the first blank card and wait for the card serial number to appear. 8. Run the additional cards needed for the set through the reader. As you read each card, the card ID displays in the Card Serial# field. Be sure to wait for the ID to appear. 9.
Restoring a master key from a file 20 Restoring a master key from a file Use the following procedure to restore the master key from a file. 1. Select Configure > Encryption from the menu bar. The Encryption Center dialog box displays. 2. Select an encryption group from the tree, and click Properties. 3. Select the Security tab. 4. Select Restore Master Key as the Master Key Action. The Restore Master Key for Encryption Group dialog box displays.
20 Restoring a master key from a key vault Restoring a master key from a key vault Use the following procedure to restore the master key from a key vault. 1. Select Configure > Encryption from the menu bar. The Encryption Center dialog box displays. 2. Select an encryption group from the tree, and click Properties. 3. Select the Security tab. 4. Select Restore Master Key as the Master Key Action. The Restore Master Key for Encryption Group dialog box displays.
Restoring a master key from a smart card set 20 Restoring a master key from a smart card set A card reader must be attached to the SAN Management application PC to complete this procedure. Use the following procedure to restore the master key from a set of smart cards. 1. Select Configure > Encryption from the menu bar. The Encryption Center dialog box displays. 2. Select an encryption group from the tree, and click Properties. 3. Select the Security tab. 4.
20 Creating a new master key 10. Insert the next card, and repeat step 8 and step 9. 11. Continue until all the cards in the set have been read. 12. Click OK. Creating a new master key Though it is generally not necessary to create a new master key, you may be required to create one due to circumstances such as the following: • The previous master key has been compromised. • Corporate policy might require a new master key every year for security purposes.
Zeroizing an encryption engine 20 Zeroizing an encryption engine Zeroizing is the process of erasing all data encryption keys and other sensitive encryption information in an encryption engine. You can zeroize an encryption engine manually to protect encryption keys. No data is lost because the data encryption keys for the encryption targets are stored in the key vault. Zeroizing has the following effects: • All copies of data encryption keys kept in the encryption switch or encryption blade are erased.
20 Encryption Targets dialog box A confirmation dialog box describing consequences and actions required to recover launches. 4. Click YES to zeroize the encryption engine. Encryption Targets dialog box The Encryption Targets dialog box enables you to send outbound data that you want to store as ciphertext to an encryption device. The encryption target acts as a virtual target when receiving data from a host, and as a virtual initiator when writing the encrypted data to storage.
Encryption Targets dialog box 20 FIGURE 256 Encryption Targets dialog box TABLE 24 Encryption Targets dialog box fields and components Feature Description Add button Launches the Storage Encryption Setup Wizard, which enables you to configure a new target for encryption. It is the first step in configuring encryption for a storage device. It is recommended that you zone the host and target together before you add container information.
20 Redirection zones TABLE 24 Encryption Targets dialog box fields and components (Continued) Feature Description Hosts button Launches the Encryption Target Hosts dialog box, where you can configure hosts to access the selected encryption target. LUNs button Launches the Encryption Target LUNs dialog box, where you can display existing LUNs and add new LUNs. The button is enabled only if there are hosts associated with the targets.
Disk device decommissioning 20 Disk device decommissioning A disk device needs to be decommissioned when any of the following occur: • The storage lease expires for an array, and devices must be returned or exchanged. • Storage is reprovisioned for movement between departments. • An array or device is removed from service. In all cases, all data on the disk media must be rendered inaccessible. Device decommissioning deletes all information that could be used to recover the data.
20 Displaying and deleting decommissioned key IDs Displaying and deleting decommissioned key IDs When disk LUNs are decommissioned, the process includes the disabling of the key record in the key vault and indicating that the key has been decommissioned. These decommissioned keys are still stored on the switch. You can display them, copy them, and delete them as an additional security measure. 1. Select Configure > Encryption from the menu bar. The Encryption Center dialog box displays. 2.
Viewing and editing switch encryption properties 20 FIGURE 257 Encryption Properties dialog box • • • • Switch Properties table - the properties associated with the selected switch. Name - the name of the selected switch. Node WWN - the world wide name of the node. Switch Status - the health status of the switch. Possible values are Healthy, Marginal, Down, Unknown, Unmonitored, and Unreachable.
20 Viewing and editing switch encryption properties • Domain ID - the domain ID of the selected switch. • Firmware Version - the current encryption firmware on the switch. • Primary Key Vault Link Key Status - the possible statuses are as follows: - Not Used – the key vault type is not LKM. - No Link Key – no access request was sent to an LKM yet, or a previous request was not accepted. - Waiting for LKM approval – a request was sent to LKM and is waiting for the LKM administrator’s approval.
Exporting the public key certificate signing request (CSR) from Properties 20 • HA Cluster Name - the name of the HA cluster (for example, Cluster1), if in an HA configuration. The name can have a maximum of 31 characters. Only letters, digits, and underscores are allowed. • Media Type - the media type of the encryption engine. Possible values are Disk and Tape.
20 Enabling the encryption engine state from Properties Enabling the encryption engine state from Properties To enable the encryption engine, complete the following steps. 1. Find the Set State To entry under Encryption Engine Properties. 2. Click the field and select Enabled. 3. Click OK. Disabling the encryption engine state from Properties To disable the encryption engine, complete the following steps. 1. Find the Set State To entry under Encryption Engine Properties. 2.
General tab 20 FIGURE 258 Encryption Group Properties dialog box General tab The properties displayed in the General tab are described below. • Encryption group name - the name of the encryption group. • Group status - the status of the encryption group, which can be OK-Converged or Degraded. Degraded means the group leader cannot contact all of the configured group members. • Deployment mode - the group’s deployment mode, which is transparent.
20 Members tab Members tab The Group Members tab lists group switches, their role, and their connection status with the group leader. The tab displays the configured membership for the group (none of the table columns are editable). The list can be different from the members displayed in the Encryption Center dialog box if some configured members are unmanaged, missing, or in a different group.
Consequences of removing an encryption switch 20 Consequences of removing an encryption switch Table 25 explains the impact of removing switches. TABLE 25 Switch removal impact Switch configuration Impact of removal The switch is the only switch in the encryption group. The encryption group is also removed. The switch has configured encryption targets on encryption engines. • • • The switch is configured to encrypt traffic to one or more encryption targets.
20 Consequences of removing an encryption switch Figure 260 shows the warning message that displays if you click Remove to remove an encryption group.
Security tab 20 Security tab The Security tab (Figure 261) displays the status of the master key for the encryption group. NOTE You must enable encryption engines before you back up or restore master keys. Master key actions are as follows: • Create a new master key, which is enabled when no master key exists or the previous master key has been backed up. • Back up a master key, which is enabled any time a master key exists.
20 HA Clusters tab HA Clusters tab HA clusters are groups of encryption engines that provide high availability features. If one of the engines in the group fails or becomes unreachable, the other cluster member takes over the encryption and decryption tasks of the failed encryption engine. An HA cluster consists of exactly two encryption engines. See “Creating high availability (HA) clusters” on page 541.
Link Keys tab 20 Link Keys tab Connections between a switch and an NetApp LKM key vault require a shared link key. Link keys are used only with LKM key vaults. They are used to protect data encryption keys in transit to and from the key vault. There is a separate link key for each key vault for each switch. The link keys are configured for a switch but are stored in the encryption engines, and all the encryption engines in a group share the same link keys.
20 Tape Pools tab Tape pools overview Tape cartridges and volumes may be organized into a tape pool (a collection of tape media). The same data encryption keys are used for all cartridges and volumes in the pool. Tape pools are used by backup application programs to group all the tape volumes used in a single backup or in a backup plan. The tape pool name or number used must be the same name or number used by the host backup application.
Encryption-related acronyms in log messages 20 FIGURE 265 Add Tape Pool by number dialog box 4. Specify the Tape Pool Label Type. Tape pools can be identified by either a name or a number, shown in Figure 264 and Figure 265. 5. Enter a name for the tape pool. If you selected Number as the Tape Pool Label Type, the name must match the tape pool label or tape ID/number that is configured on the tape backup/restore application. 6. Select the Encryption Mode.
20 588 Encryption-related acronyms in log messages DCFM Enterprise User Manual 53-1001775-01
Chapter 21 Virtual Fabrics In this chapter • Virtual Fabrics overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 589 • Virtual Fabrics requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 590 • Configuring Virtual Fabrics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
21 Virtual Fabrics requirements Terminology Table 27 lists definitions of Virtual Fabrics terms. TABLE 27 Virtual Fabrics terms Term Definition Physical chassis The physical switch or chassis from which you create logical switches and fabrics. Logical switch A collection of zero or more ports that act as a single Fibre Channel (FC) switch. When Virtual Fabrics is enabled on the chassis, there is always at least one logical switch: the default logical switch.
Virtual Fabrics requirements 21 For more information about enabling Virtual Fabrics on a physical chassis, refer to “Enabling Virtual Fabrics on a discovered device” on page 593. Table 28 lists the Virtual Fabric-capable physical chassis and the number of logical switches allowed for each of those physical chassis.
21 Configuring Virtual Fabrics Configuring Virtual Fabrics The Management application allows you to discover, enable, create, and manage Virtual Fabric-capable physical chassis from the same interface. This procedure describes the general steps you take to enable the Virtual Fabrics feature and configure logical fabrics. The logical fabrics in this example span multiple physical chassis, and the logical switches in each fabric communicate using an XISL in the base fabric. 1.
Enabling Virtual Fabrics on a discovered device 21 Enabling Virtual Fabrics on a discovered device ATTENTION Enabling Virtual Fabrics is disruptive. You should disable the physical chassis before you enable Virtual Fabrics. ATTENTION If the physical chassis is participating in a fabric, the affected fabric will be disrupted. 1. Right-click the physical chassis in the topology and select Enable Virtual Fabric.
21 Creating a logical switch or base switch 3. Select one of the following in the Existing Logical Switches table: • A physical chassis in the Discovered Logical Switches node. • A NewFabric logical switch template in the Discovered Logical Switches node. • The Undiscovered Logical Switches node. If you select a logical switch template, the fabric-wide settings for the logical switch are obtained from the settings in the template.
Finding the physical chassis for a logical switch 21 13. Select a domain ID in the Preferred Domain ID list. In a FICON environment, select a domain ID that is not in use by the default or another logical switch in the same chassis. 14. (Optional) Select the Insistent check box to not allow the domain ID to be changed when a duplicate domain ID exists. If you select this check box and a duplicate domain ID exists, the switch will segment from the fabric instead of changing the domain ID. 15.
21 Assigning ports to a logical switch Finding the logical switch from a physical chassis The Management application enables you to locate the logical switch from the physical chassis. To find the logical switch, right-click the physical chassis within the Chassis Group in the Product List and select Logical Switches > Logical_Switch_Name. The logical switch you selected is highlighted in the Product List and Connectivity Map.
Removing ports from a logical switch 21 Removing ports from a logical switch 1. Select a switch on the Product List or Connectivity Map and select Configure > Logical Switches. The Logical Switches dialog box displays. 2. Select the physical chassis to which the ports belong in the Chassis list. 3. Right-click anywhere in the Existing Logical Switches table and select Table > Expand All. 4. Select the ports you want to remove from the logical switches from the Existing Logical Switches table. 5.
21 Deleting a logical switch Deleting a logical switch 1. Select a switch on the Product List or Connectivity Map and select Configure > Logical Switches. The Logical Switches dialog box displays. 2. Right-click anywhere in the Existing Logical Switches table and select Table > Expand All. 3. Select the logical switch you want to delete from the Existing Logical Switches table and click Delete. All ports in the deleted logical switch are reassigned to the default logical switch. 4.
Applying logical fabric settings to all associated logical switches 21 3. Click New Fabric. The New Logical Fabric Template dialog box displays. 4. Enter a new identifier in the Logical Fabric ID field to create a new logical fabric template. This identifier is how you distinguish among multiple logical fabric templates in the Logical Switches dialog box. If you create more than one logical fabric template, give them different fabric IDs. 5.
21 Moving a logical switch to a different fabric 4. Click OK on the Logical Switches dialog box. The Logical Switch Change Confirmation and Status dialog box displays with a list of all changes you made in the Logical Switches dialog box. NOTE Ports are disabled before moving from one logical switch to another. 5. Select the Re-Enable ports after moving them check box. 6. (Optional) Select the Unbind Port Addresses while moving them check box. 7.
Changing a logical switch to a base switch 21 10. Click Start to send these changes to the affected chassis. NOTE Most changes to logical switches will disrupt data traffic in the fabric. The status of each change is displayed in the Status column and Status area in the dialog box. 11. When the changes are complete, click Close. 12. If the newly created switch is not part of a discovered fabric, then you must discover the switch. a. Undiscover the physical chassis.
21 Changing a logical switch to a base switch 11. Click Start to send these changes to the affected chassis. NOTE Most changes to logical switches will disrupt data traffic in the fabric. The status of each change is displayed in the Status column and Status area in the dialog box. 12. When the changes are complete, click Close.
Chapter 22 Zoning In this chapter • Zoning overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Zoning configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • LSAN zoning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Traffic isolation zoning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Zoning administration . . . .
22 Zoning overview • QoS zones Assign high or low priority to designated traffic flows. Quality of Service (QoS) zones are normal zones with additional QoS attributes that you select when you create the zone. • Traffic Isolation zones (TI zones) Isolate inter-switch traffic to a specific, dedicated path through the fabric. See “Traffic isolation zoning” on page 632 for more information.
Accessing zoning 22 Accessing zoning Most of the zoning tasks are performed from the Zoning dialog box. You can access the Zoning dialog box from the main screen of the Management application using any of the following methods: • • • • Select Configure > Zoning > Fabric. Click the Zoning icon on the toolbar. Right-click a port, switch, switch group, or fabric in the device list and select Zoning. Right-click a port, switch, switch group, or fabric in the Connectivity Map and select Zoning.
22 Administrator zoning privileges TABLE 30 .
Zoning configuration 22 Zoning configuration At a minimum, zoning configuration entails creating zones and zone members. However, you can also create zone aliases, zone configurations, and zone databases. You can define multiple zone configurations, deactivating and activating individual configurations as your needs change. Zoning configuration can also involve enabling or disabling safe zoning mode and the default zone. The supported maximum zone database size is 1 MB.
22 Creating a new zone Creating a new zone 1. Select Configure > Zoning > Fabric. The Zoning dialog box displays. 2. Click the Zone DB tab if that tab is not automatically displayed. 3. Select an FC fabric from the Zoning Scope list. This identifies the target entity for all subsequent zoning actions and displays the zoning database for the selected entity. 4. Click New Zone. A new zone displays in the Zones list. 5. Type the desired name for the zone.
Viewing zone properties 22 Viewing zone properties 1. Select Configure > Zoning > Fabric. The Zoning dialog box displays. 2. Click the Zone DB tab if that tab is not automatically displayed. 3. Select an FC fabric from the Zoning Scope list. This identifies the target entity for all subsequent zoning actions and displays the zoning database for the selected entity. 4. Right-click the zone you want to review in the Zones list and select Properties. The Zone Properties dialog box displays. 5.
22 Creating a new member in a zone by WWN 5. Select an option from the Type list. By default, the first time you launch the Zoning dialog box for a Zoning Scope, the Potential Members list displays valid members using the following rules: • If you select the World Wide Name type, the valid members display by the Attached Ports. • If you select the Domain/Port Index type, the valid members display by the ALL Product Ports (both occupied and unoccupied). This option is available for FC fabrics only.
Creating a new member in a zone by WWN 22 5. Click New Member. The Add Zone Member dialog box displays. 6. Select World Wide Name from the Member Type list. 7. Add the new member by port name by completing the following steps. a. Select the Existing End Device Node/Port Name option. b. Select a port name from the list. OR Add the new member by port WWN by completing the following steps. a. Select the End Device Node/Port WWN option. b. Enter a port WWN in the End Device Node/Port WWN field.
22 Creating a new member in a zone by domain, port index Creating a new member in a zone by domain, port index Use this procedure to add a member to a zone when the member is not listed in the Potential Members list of the Zone DB tab. For instructions to add a member to a zone when the member is listed in the Potential Members list, refer to the procedure “Adding members to a zone” on page 609. 1. Select Configure > Zoning > Fabric. The Zoning dialog box displays. 2.
Creating a new member in a zone by alias 22 A message displays informing you that any zones or zone configurations you have changed will be saved in the zone database, and warning you to make sure no other user is making changes to the same areas. Creating a new member in a zone by alias Use this procedure to add a member to a zone when the member is not listed in the Potential Members list of the Zone DB tab.
22 Enabling or disabling the default zone for fabrics 8. Click OK to save your changes and close the Add Zone Member dialog box. OR Click Apply to save your changes and keep the Add Zone Member dialog box open so you can add more new members. Repeat steps 5, 6, and 7 as many times as needed, and proceed to step 8 when appropriate. 9. For offline zone databases only, complete the following steps to save the zone configuration into the switch from the offline zone database: a.
Enabling or disabling safe zoning mode for fabrics 22 Enabling or disabling safe zoning mode for fabrics NOTE Safe Zoning Mode is available only on devices running in McDATA Fabric Mode and, for pure EOS fabrics, in McDATA Open Mode. 1. Select Configure > Zoning > Fabric. The Zoning dialog box displays. 2. Click the Zone DB tab if that tab is not automatically displayed. 3. Select an FC fabric from the Zoning Scope list.
22 Editing a zone alias 5. Click New Alias. The New Alias dialog box displays. 6. Type the desired name for the alias in the Alias Name field. 7. Select WWN or Domain, Port Index to choose how to display the objects in the Potential Members list. 8. Show all discovered fabrics in the Potential Members list by right-clicking in the Potential Members list and selecting Display All. 9. Select one or more members that you want to add to the alias in the Potential Members list.
Removing an object from a zone alias 22 Removing an object from a zone alias 1. Select Configure > Zoning > Fabric. The Zoning dialog box displays. 2. Click the Zone DB tab if that tab is not automatically displayed. 3. Select Alias from the Type list. 4. Show all objects in the Alias list by right-clicking a object and selecting Tree > Expand All. 5. Select one or more objects that you want to remove from the alias in the Alias list.
22 Creating a zone configuration Creating a zone configuration 1. Select Configure > Zoning > Fabric. The Zoning dialog box displays. 2. Click the Zone DB tab if that tab is not automatically displayed. 3. Select an FC fabric from the Zoning Scope list. This identifies the target entity for all subsequent zoning actions and displays the zoning database for the selected entity. 4. Click New Config. A new configuration displays in the Zone Configs list. 5. Enter a name for the zone configuration.
Adding zones to a zone configuration 22 5. Review the zone configuration properties. The following information is included in the zone properties: • Zone Config Name—The name of the selected zone configuration. • Number of Zones—The number of zones in the selected zone configuration. • Total Zone Members—The total number of zone members in the selected zone configuration. • Unique Zone Members—The total number of zone members that are unique in the zone configuration.
22 Activating a zone configuration Activating a zone configuration For FC fabrics and router fabrics, when a zone configuration is active, its members can communicate with one another. Only one zone configuration can be active at any given time. When you initiate activation of a zone configuration, a number of checks are performed on the zone configuration.
22 Activating a zone configuration Activating a zone configuration For FC fabrics and router fabrics, when a zone configuration is active, its members can communicate with one another. Only one zone configuration can be active at any given time. When you initiate activation of a zone configuration, a number of checks are performed on the zone configuration.
22 Activating a zone configuration Activating a zone configuration For FC fabrics and router fabrics, when a zone configuration is active, its members can communicate with one another. Only one zone configuration can be active at any given time. When you initiate activation of a zone configuration, a number of checks are performed on the zone configuration.
22 Activating a zone configuration Activating a zone configuration For FC fabrics and router fabrics, when a zone configuration is active, its members can communicate with one another. Only one zone configuration can be active at any given time. When you initiate activation of a zone configuration, a number of checks are performed on the zone configuration.
22 Activating a zone configuration Activating a zone configuration For FC fabrics and router fabrics, when a zone configuration is active, its members can communicate with one another. Only one zone configuration can be active at any given time. When you initiate activation of a zone configuration, a number of checks are performed on the zone configuration.
22 Activating a zone configuration Activating a zone configuration For FC fabrics and router fabrics, when a zone configuration is active, its members can communicate with one another. Only one zone configuration can be active at any given time. When you initiate activation of a zone configuration, a number of checks are performed on the zone configuration.
22 Activating a zone configuration Activating a zone configuration For FC fabrics and router fabrics, when a zone configuration is active, its members can communicate with one another. Only one zone configuration can be active at any given time. When you initiate activation of a zone configuration, a number of checks are performed on the zone configuration.
22 Activating a zone configuration Activating a zone configuration For FC fabrics and router fabrics, when a zone configuration is active, its members can communicate with one another. Only one zone configuration can be active at any given time. When you initiate activation of a zone configuration, a number of checks are performed on the zone configuration.
22 Activating a zone configuration Activating a zone configuration For FC fabrics and router fabrics, when a zone configuration is active, its members can communicate with one another. Only one zone configuration can be active at any given time. When you initiate activation of a zone configuration, a number of checks are performed on the zone configuration.
22 Activating a zone configuration Activating a zone configuration For FC fabrics and router fabrics, when a zone configuration is active, its members can communicate with one another. Only one zone configuration can be active at any given time. When you initiate activation of a zone configuration, a number of checks are performed on the zone configuration.
22 Activating a zone configuration Activating a zone configuration For FC fabrics and router fabrics, when a zone configuration is active, its members can communicate with one another. Only one zone configuration can be active at any given time. When you initiate activation of a zone configuration, a number of checks are performed on the zone configuration.
22 Activating a zone configuration Activating a zone configuration For FC fabrics and router fabrics, when a zone configuration is active, its members can communicate with one another. Only one zone configuration can be active at any given time. When you initiate activation of a zone configuration, a number of checks are performed on the zone configuration.
22 Activating a zone configuration Activating a zone configuration For FC fabrics and router fabrics, when a zone configuration is active, its members can communicate with one another. Only one zone configuration can be active at any given time. When you initiate activation of a zone configuration, a number of checks are performed on the zone configuration.
22 Activating a zone configuration Activating a zone configuration For FC fabrics and router fabrics, when a zone configuration is active, its members can communicate with one another. Only one zone configuration can be active at any given time. When you initiate activation of a zone configuration, a number of checks are performed on the zone configuration.
22 Activating a zone configuration Activating a zone configuration For FC fabrics and router fabrics, when a zone configuration is active, its members can communicate with one another. Only one zone configuration can be active at any given time. When you initiate activation of a zone configuration, a number of checks are performed on the zone configuration.
22 Activating a zone configuration Activating a zone configuration For FC fabrics and router fabrics, when a zone configuration is active, its members can communicate with one another. Only one zone configuration can be active at any given time. When you initiate activation of a zone configuration, a number of checks are performed on the zone configuration.
22 Activating a zone configuration Activating a zone configuration For FC fabrics and router fabrics, when a zone configuration is active, its members can communicate with one another. Only one zone configuration can be active at any given time. When you initiate activation of a zone configuration, a number of checks are performed on the zone configuration.
22 Activating a zone configuration Activating a zone configuration For FC fabrics and router fabrics, when a zone configuration is active, its members can communicate with one another. Only one zone configuration can be active at any given time. When you initiate activation of a zone configuration, a number of checks are performed on the zone configuration.
22 Activating a zone configuration Activating a zone configuration For FC fabrics and router fabrics, when a zone configuration is active, its members can communicate with one another. Only one zone configuration can be active at any given time. When you initiate activation of a zone configuration, a number of checks are performed on the zone configuration.
22 Activating a zone configuration Activating a zone configuration For FC fabrics and router fabrics, when a zone configuration is active, its members can communicate with one another. Only one zone configuration can be active at any given time. When you initiate activation of a zone configuration, a number of checks are performed on the zone configuration.
22 Activating a zone configuration Activating a zone configuration For FC fabrics and router fabrics, when a zone configuration is active, its members can communicate with one another. Only one zone configuration can be active at any given time. When you initiate activation of a zone configuration, a number of checks are performed on the zone configuration.
22 Activating a zone configuration Activating a zone configuration For FC fabrics and router fabrics, when a zone configuration is active, its members can communicate with one another. Only one zone configuration can be active at any given time. When you initiate activation of a zone configuration, a number of checks are performed on the zone configuration.
22 Activating a zone configuration Activating a zone configuration For FC fabrics and router fabrics, when a zone configuration is active, its members can communicate with one another. Only one zone configuration can be active at any given time. When you initiate activation of a zone configuration, a number of checks are performed on the zone configuration.
22 Activating a zone configuration Activating a zone configuration For FC fabrics and router fabrics, when a zone configuration is active, its members can communicate with one another. Only one zone configuration can be active at any given time. When you initiate activation of a zone configuration, a number of checks are performed on the zone configuration.
22 Activating a zone configuration Activating a zone configuration For FC fabrics and router fabrics, when a zone configuration is active, its members can communicate with one another. Only one zone configuration can be active at any given time. When you initiate activation of a zone configuration, a number of checks are performed on the zone configuration.
22 Activating a zone configuration Activating a zone configuration For FC fabrics and router fabrics, when a zone configuration is active, its members can communicate with one another. Only one zone configuration can be active at any given time. When you initiate activation of a zone configuration, a number of checks are performed on the zone configuration.
22 Activating a zone configuration Activating a zone configuration For FC fabrics and router fabrics, when a zone configuration is active, its members can communicate with one another. Only one zone configuration can be active at any given time. When you initiate activation of a zone configuration, a number of checks are performed on the zone configuration.
22 Activating a zone configuration Activating a zone configuration For FC fabrics and router fabrics, when a zone configuration is active, its members can communicate with one another. Only one zone configuration can be active at any given time. When you initiate activation of a zone configuration, a number of checks are performed on the zone configuration.
22 Activating a zone configuration Activating a zone configuration For FC fabrics and router fabrics, when a zone configuration is active, its members can communicate with one another. Only one zone configuration can be active at any given time. When you initiate activation of a zone configuration, a number of checks are performed on the zone configuration.
22 Activating a zone configuration Activating a zone configuration For FC fabrics and router fabrics, when a zone configuration is active, its members can communicate with one another. Only one zone configuration can be active at any given time. When you initiate activation of a zone configuration, a number of checks are performed on the zone configuration.
22 Activating a zone configuration Activating a zone configuration For FC fabrics and router fabrics, when a zone configuration is active, its members can communicate with one another. Only one zone configuration can be active at any given time. When you initiate activation of a zone configuration, a number of checks are performed on the zone configuration.
22 Activating a zone configuration Activating a zone configuration For FC fabrics and router fabrics, when a zone configuration is active, its members can communicate with one another. Only one zone configuration can be active at any given time. When you initiate activation of a zone configuration, a number of checks are performed on the zone configuration.
22 Activating a zone configuration Activating a zone configuration For FC fabrics and router fabrics, when a zone configuration is active, its members can communicate with one another. Only one zone configuration can be active at any given time. When you initiate activation of a zone configuration, a number of checks are performed on the zone configuration.
22 Activating a zone configuration Activating a zone configuration For FC fabrics and router fabrics, when a zone configuration is active, its members can communicate with one another. Only one zone configuration can be active at any given time. When you initiate activation of a zone configuration, a number of checks are performed on the zone configuration.
22 Activating a zone configuration Activating a zone configuration For FC fabrics and router fabrics, when a zone configuration is active, its members can communicate with one another. Only one zone configuration can be active at any given time. When you initiate activation of a zone configuration, a number of checks are performed on the zone configuration.
22 Activating a zone configuration Activating a zone configuration For FC fabrics and router fabrics, when a zone configuration is active, its members can communicate with one another. Only one zone configuration can be active at any given time. When you initiate activation of a zone configuration, a number of checks are performed on the zone configuration.
22 Activating a zone configuration Activating a zone configuration For FC fabrics and router fabrics, when a zone configuration is active, its members can communicate with one another. Only one zone configuration can be active at any given time. When you initiate activation of a zone configuration, a number of checks are performed on the zone configuration.
22 Activating a zone configuration Activating a zone configuration For FC fabrics and router fabrics, when a zone configuration is active, its members can communicate with one another. Only one zone configuration can be active at any given time. When you initiate activation of a zone configuration, a number of checks are performed on the zone configuration.
22 Activating a zone configuration Activating a zone configuration For FC fabrics and router fabrics, when a zone configuration is active, its members can communicate with one another. Only one zone configuration can be active at any given time. When you initiate activation of a zone configuration, a number of checks are performed on the zone configuration.
22 Activating a zone configuration Activating a zone configuration For FC fabrics and router fabrics, when a zone configuration is active, its members can communicate with one another. Only one zone configuration can be active at any given time. When you initiate activation of a zone configuration, a number of checks are performed on the zone configuration.
23 IP troubleshooting TABLE 32 FCIP IP Ping Response Details Field or Component Description Status Always displays ‘Completed’. If there is a failure, an error message displays instead of the IP Ping Result dialog box. Packets Sent Always displays ‘4. This is not configurable. Packets Received The number of received responses. Packets Lost Equal to the number of packets sent minus the number of packets received.
Tracing IP routes 23 Tracing IP routes The Management application enables you to select an source and a target and displays the detailed routing information from the source port or area on the local switch to the destination port or area on another switch. Trace route cannot be performed on the offline devices or virtual devices. NOTE Trace route is only supported on Fabric OS devices running Fabric OS 5.2 or later. To trace routes, complete the following steps. 1.
23 Viewing FCIP tunnel performance 7. Click Close on the IP Traceroute Result dialog box. 8. Click Cancel on the IP Traceroute dialog box. Viewing FCIP tunnel performance NOTE IP Performance is only supported on the 4 Gbps Router, Extension Switch and Encryption Blade running Fabric OS 5.2 or later. NOTE If you run IP Performance over a link also being used for production traffic, it will impact the production traffic performance. To view FCIP tunnel performance, complete the following steps. 1.
Client browser troubleshooting 7. 23 Field/Component Description DELAY The average round trip time to send a packet of data and receive the acknowledgement. PMTU (Path Maximum Transmission Unit) The largest packet size that can be transmitted over the end-to- end path without fragmentation. This value is measured in bytes and includes the IP header and payload. IP Performance tries the configured Fabric OS Jumbo MTU value (anything over 15000, then 1500, then 1260.
23 FICON troubleshooting FICON troubleshooting The following section states a possible issue and the possible cause for FICON errors. Problem Causes FICON not supported on switch error. FICON Unsupported Configurations: FICON is not supported on base switches. FICON is not supported on a switch which has an XISL configured. FICON is not supported if the PID format is 2. FICON is not supported if 10 bit address is enabled on 384-port Backbone Chassis for non-default switch.
Launch Client troubleshooting 23 Launch Client troubleshooting The following section states a possible issue and the recommended solution if you are unable to launch the client. Problem Resolution Incorrect (down level) remote client short cut displays in Start menu after Management application upgrade. The remote client link in the Start menu does not automatically upgrade when you upgrade the Management application.
23 Launch Client troubleshooting Problem Resolution Unable to log into the Client (the application does not launch when you use a valid user name and password and exceptions are thrown in the client side). Use one the following procedures to configure the IP address in the host file. Windows operating systems 1 Log in using the 'Administrator' privilege. 2 Select Start > Run. 3 Type drivers in the Open field and press Enter. 4 Go to the ‘etc’ folder and open the ‘hosts’ file using a text editor.
Names troubleshooting 23 Names troubleshooting The following section states a possible issue and the recommended solution for names errors. Problem Resolution Duplicate name error. If you configured the Management application to only allow unique names and you try to use a name that already exists in the fabric.
23 Performance troubleshooting Problem Resolution An error message with the following text displays: Real Time statistics collection has failed. Please see master log for details. 2 668 To collect data, the SNMP credentials in the Management application and switch must match. SNMP v1 or v3: The community strings entered in the Address Properties dialog box SNMP tab must match the one entered in the switch.
Performance troubleshooting Problem Resolution An error message with the following text displays: Real Time statistics collection has failed. Please see master log for details. 3 23 To collect GigE port and FCIP statistics, you must enable the FCIP-MIB capability.
23 Performance troubleshooting Problem Resolution An error message with the following text displays: Real Time statistics collection has failed. Please see master log for details. 5 To collect data on Virtual Fabric-enabled switches, the Fabric OS user must have access to all Virtual Fabrics. The SNMPv3 user name must be the same as the Fabric OS user name. If the SNMPv3 and Fabric OS user names do not match, data is not collected for the virtual switches with the non-default VF ID.
Port Fencing troubleshooting 23 Port Fencing troubleshooting The following section states a possible issue and the recommended solution for Port Fencing errors. Problem Resolution In a pure M-EOS fabric, fabric level policy information (for example, Port Fencing Link threshold) is stored in database based on the principle switch WWN.
23 Server Management Console troubleshooting Server Management Console troubleshooting The following section states a possible issue and the recommended solution for server management console. Problem Resolution Unable to launch the SMC on a Windows Vista or Windows 7 system The Windows Vista or Windows 7 system enables the User Access Control (UAC) option by default. When the UAC option is enabled, the SMC cannot launch.
Supportsave troubleshooting 23 Problem Resolution Unable to launch the SMC on a Windows Vista or Windows 7 system continued Disable using the Group Policy by completing the following steps. You can perform this procedure on you local machine using Local Group Policy editor or for many computers at the same time using the Active Directory-based Group Policy Object (GPO) editor. To disable using the Local Group Policy editor, complete the following steps.
23 View All list troubleshooting View All list troubleshooting The following section states a possible issue and the recommended solution for View All list errors. Problem Resolution View All list does not display. The View All list does not display until you discover a fabric. To discover a fabric, refer to “Discovering fabrics” on page 36. View All list does not display and there are discovered fabrics.
Appendix A Application menus In this appendix • Main menus . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 675 • Shortcut menus . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 682 Main menus The menu bar is located at the top of the main window. The following table outlines the many functions available on each menu. Menu Command Command Options Server Menu Users.
A Menu Main menus Command Command Options Manage View. Select to set up the Management application view. Create View. Select to create a new view. Display View. Select to display by View All or by a view you create. Levels. Select to display by All Levels, Products and Ports, Product Only, or Ports Only. Copy View. Select to copy a view. Delete View. Select to delete a view. Edit View. Select to edit a view. Zoom. Select to configure the zoom percentage. Show. Select to determine what products display.
Main menus Menu Command A Command Options Product Label. Select to configure which product labels display. Name. Select to display the product name as the product label. Node WWN. Select to display the node name as the product label. IP Address. Select to display the IP Address (IPv4 or IPv6 format) as the product label. Domain ID. Select to display the domain ID as the product label. Port Label. Select to configure which port labels display. Name. Select to display the name as the port label. Port #.
A Main menus Menu Command Command Options Configure Menu Element Manager. Select to configure a selected device. Hardware. Select to the Element Manager or Web Tools application for the selected device. Ports. Select to launch Web Tools for the selected device. Admin. Select to launch Web Tools for the selected device. Router Admin. Select to launch Web Tools for the selected device. Switch. Select to manage a selected device. Save. Select to save device configurations to the repository.
Main menus Menu Command A Command Options Names. Select to provide familiar simple names to products and ports in your SAN. FCIP Tunnels. Select to connect to remote fabrics. High Integrity Fabric. Select to activate the following on M-EOS and Fabric OS devices: • On M-EOS switches, HIF activates fabric binding, switch binding, insistent domain ID and RSCNs. • On Fabric OS switches, HIF activates SCC policy, sets Insistent Domain ID and sets Fabric Wide Consistency Policy for SCC in tolerant mode.
A Main menus Menu Command Command Options List Zone Members. Select to display all members in a zone. Monitor Menu. Performance. Select to monitor SAN devices. View Utilization. Select to display connection utilization. HIstorical Data Collection. Select how to monitor historical data by choosing one of the following options: • Enable SAN Wide • Enable Selected • Disable All End-to-End Monitors. Select to monitor end-to-end connections. Configure Thresholds. Select to monitor thresholds.
Main menus Menu Command A Command Options Syslog Configuration. Select to configure Syslog for the management server. Logs. Select to display logs. Audit. Select to display a history of user actions performed through the application (except login/logout). Event. Select to display errors related to SNMP traps and Client-Server communications. Fabric. Select to display the events related to the selected fabric. FICON. Select to display the FICON events related to the selected device or fabric.
A Shortcut menus Menu Command Command Options Help Menu Contents. Select to open the Online Help. Find. Select to search the Online Help. License. Select to view or change your License information. About Management_Application_Name. Select to view the application information, such as the company information and release number. Shortcut menus You can use the Management application interface main menu to configure, monitor, and troubleshoot your SAN components.
Shortcut menus Component Menu/Submenu Commands A Comments Trace Route Connected End Devices > Include Virtual Devices check box Hide All Show All Custom MyCustomList Create Meta SAN View Only available for Backbone fabrics. Create View Automatically Automatically creates a view with the selected fabric. View name is same as the current label. Map Display Port Display > Occupied Product Ports UnOccupied Product Ports Attached Ports Switch to Switch Connections Only available from Product List.
A Shortcut menus Component Menu/Submenu Commands Comments Table > Copy 'Device_Name Group' Copy Row Copy Table Export Row Export Table Search Select All Size All Columns To Fit Expand All Collapse All Customize Only available from Product List.
Shortcut menus Component Menu/Submenu Commands Comments Port Display > Occupied Product Ports UnOccupied Product Ports Attached Ports Switch to Switch Connections Only available from Product List. A Port Optics (SFP) Port Fencing Performance > Top Talkers Clear Counters Real-Time Graph Historical Graph Historical Report Events Enable / Disable > Enable Disable Telnet Telnet through Server Configured in Setup Tools. May be more than one item.
A Shortcut menus Component Menu/Submenu Commands Comments Table > Copy 'Device_Name Group' Copy Row Copy Table Export Row Export Table Search Select All Size All Columns To Fit Expand All Collapse All Customize Only available from Product List. Properties M-EOS Switch/Director Zoning Element Manager Performance > Real-Time Graph Historical Graph Historical Report Events Port Connectivity Port Fencing Web Server Configured in Setup Tools. May be more than one item.
Shortcut menus Component Menu/Submenu Commands Comments Table > Copy 'Device_Name Group' Copy Row Copy Table Export Row Export Table Search Select All Size All Columns To Fit Expand All Collapse All Customize Only available from Product List. A Properties Core Switch Element Manager Only available from Product List. Enable/Disable Virtual Fabric (Fabric OS only) Only available from Product List. Logical Switches > List_of_Logical_Switches (Fabric OS only) Only available from Product List.
A Shortcut menus Component Menu/Submenu Commands Comments Table > Copy 'Device_Name Group' Copy Row Copy Table Export Row Export Table Search Select All Size All Columns To Fit Expand All Collapse All Customize Only available from Product List. Properties HBA, iSCSI Host, and HBA Enclosure Element Manager Launches Element Manager for Brocade HBAs discovered using JSON agent. Launches blank window for unmanaged Brocade HBAs. Host Port Mapping Only available for Brocade, Emulex, and Qlogic HBAs.
Shortcut menus Component Menu/Submenu Commands Comments Port Display > Occupied Product Ports UnOccupied Product Ports Attached Ports Switch to Switch Connections Only available from Product List. Expand All Only available from Product List. Collapse All Only available from Product List. A Properties Storage, iSCSI Storage, and Storage Enclosure Storage Port Mapping Disabled for routed device.
A Shortcut menus Component Menu/Submenu Commands Comments Port Display > Occupied Product Ports UnOccupied Product Ports Attached Ports Switch to Switch Connections Only available from Product List. Table > Copy 'Device_Name Group' Copy Row Copy Table Export Row Export Table Search Select All Size All Columns To Fit Expand All Collapse All Customize Only available from Product List.
Shortcut menus Component Menu/Submenu Commands A Comments Properties HBA and iSCSI Initiator Performance > Real Time Graphs Disabled when all ports are offline. FC Security Protocol Only available for Managed JSON HBA Ports. Only available when you have the Security Privilege. Zoning List Zone Members Connected Port Port Display > Occupied Product Ports UnOccupied Product Ports Attached Ports Switch to Switch Connections Only available from Product List.
A Shortcut menus Component Menu/Submenu Commands Comments Collapse All Only available from Product List. Properties Storage Node Show Ports Does not display for routed devices and discovered Hosts. Show Connections Storage FC and iSCSI Storage port Storage Port Mapping Zoning List Zone Members Connected Port Port Display > Occupied Product Ports UnOccupied Product Ports Attached Ports Switch to Switch Connections Only available from Product List.
Shortcut menus Component Menu/Submenu Commands Comments Table > Copy 'Device_Name Group' Copy Row Copy Table Export Row Export Table Search Select All Size All Columns To Fit Expand All Collapse All Customize Only available from Product List. A Properties Connection Properties FCIP Tunnel Properties Trunk Port Display > Occupied Product Ports UnOccupied Product Ports Attached Ports Switch to Switch Connections Only available from Product List.
A Shortcut menus Component Menu/Submenu Commands Comments White Area of the Product List Port Display > Occupied Product Ports UnOccupied Product Ports Attached Ports Switch to Switch Connections Table > Copy 'Component' Copy Row Copy Table Export Row Export Table Search Select All Size All Columns To Fit Expand All Collapse All Customize Product List Table > Copy 'Component' Copy Table Export Table Search Select All Size All Columns To Fit Expand All Collapse All Customize 694 Some form of this shor
Appendix B Call Home Event Tables In this appendix This section provides information about the specific events that display when using Call Home. This information is shown in the following Event Tables. • Call Home Event Table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • # CONSRV Events Table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • # Thermal Event Reason Codes Table . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
B Call Home Event Table Event Reason Code FRU Code / Event Type Description Severity 201 PWR/HW Power supply DC voltage failure. 3 202 PWR/HW Power supply thermal failure. 3 208 PWR/HW Power supply false shutdown. 3 210 PWR/HW Power supply i2c bus failure. 3 300 FAN/HW A cooling fan propeller has failed. 3 301 FAN/HW A cooling fan propeller has failed (two failed propellers). 3 302 FAN/HW A cooling fan propeller has failed. 3 303 FAN/HW A cooling fan propeller has failed.
B # CONSRV Events Table # CONSRV Events Table Event Reason Code FRU Code/Event Type Description Severity 504 DVP/LIM/HW M-EOS: Port module failure. 3 506 DVP/PORT Fibre Channel port failure 3 509 DVP/PORT Fibre Channel path failure. 0 511 LIM/DVP LIM SPP failure. 3 514 DVP/ LIM/PORT SFP/XFP optics failure. 3 517 LIM LIM SPP Offline. 3 530 LIM/DVP LIM Power-up diagnostic failure. 3 536 LIM/DVP Internal Frame Error port anomaly - threshold exceeded.
B # Brocade Events Table # Brocade Events Table Event Reason Code FRU Code/Event Type Description Severity 1009 MS-1009 Error in registered link incident record (RLIR) 4 1402 FW-1402 Flash usage is out of range (Fabric OS version 6.
Appendix User Privileges C In this appendix • About User Privileges. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 699 • About Roles and Access Levels . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 717 About User Privileges The Management application provides the User Administrator with a high level of control over what functions individual users can see and use.
C About User Privileges TABLE 35 Privileges and Application Behavior Privilege Description No Privilege Read-Only Read/Write Active Session Management Allows you view active client sessions and disconnect an unwanted user. Disables the Active Sessions command from the Server menu. Enables the Active Sessions command from the Server menu. Disables all commands and functions on the dialog box except the Close and Help. Enables the Active Sessions command from the Server menu.
About User Privileges TABLE 35 C Privileges and Application Behavior (Continued) Privilege Description No Privilege Read-Only Read/Write CEE Management Allows you to configure CEE devices. Disables the Switch > CEE command from the Configure menu. Enables the Switch > CEE command from the Configure menu. Disables all commands and functions on the dialog box except the Close, Cancel, and Help. Enables the Switch > CEE command from the Configure menu.
C About User Privileges TABLE 35 Privileges and Application Behavior (Continued) Privilege Description No Privilege Read-Only Read/Write E-mail Event Notification Setup Allows you to define the e-mail server used to send e-mail. Disables Event Notification E-mail command on the Monitor menu and the E-mail Event Notification Setup button in the Users dialog box. Disables the E-mail option in the Master Log shortcut menu.
About User Privileges TABLE 35 C Privileges and Application Behavior (Continued) Privilege Description No Privilege Read-Only Read/Write Fault Management Allows you to control access to the SNMP Trap Registration and Forwarding dialog box, the Event Storage option of the Options dialog box, the Syslog Registration and Forwarding dialog box, as well as the Export and Clear functions in the Event Log dialog box and the Show and Hide functions in the Customize Columns dialog box.
C About User Privileges TABLE 35 Privileges and Application Behavior (Continued) Privilege Description No Privilege Read-Only Read/Write FCIP Management Allows you to configure FCIP tunnels and troubleshooting of IP interfaces (IP performance, IP ping and IP trace route). Disables the Configure > FCIP Tunnel and Configure > IP Troubleshooting commands. Disables the FCIP Tunnel command on the Fabric right-click menu. Enables the Configure > FCIP Tunnel and Configure > IP Troubleshooting commands.
About User Privileges TABLE 35 C Privileges and Application Behavior (Continued) Privilege Description No Privilege Read-Only Read/Write High Integrity Fabric For Fabric OS devices, allows you to set Fabric Binding and Insistent Domain IDs. For M-EOS devices, allows you to activate the High Integrity Fabric, which activates Fabric Binding, Switch Binding, Insistent Domain ID, Rerouting Delay, and Domain RSCNs. Disables the High Integrity Fabric command from the Configure menu.
C About User Privileges TABLE 35 Privileges and Application Behavior (Continued) Privilege Description No Privilege Read-Only Read/Write LSAN Zoning Allows you to edit and activate LSAN zones for the LSAN fabrics that are available within the Zoning dialog box. Prerequisite: Both the backbone fabrics as well as all directly connected edge fabrics must be added to a resource group and a user with LSAN Zoning privilege must be assigned to this specific resource group.
About User Privileges TABLE 35 C Privileges and Application Behavior (Continued) Privilege Description No Privilege Read-Only Read/Write Performance Allows you to configure the performance subsystem, the display of performance graphs, and threshold settings. Disables entire Performance submenu of the Monitor menu as well as the right-click Performance Graph(s) command on ports and switch products. Disables the Port Optics command on the right-click menu.
C About User Privileges TABLE 35 Privileges and Application Behavior (Continued) Privilege Description No Privilege Read-Only Read/Write Product Maintenance An Element Manager privilege that enables maintenance functions. Disables the functions described in the Element Manager User Manual for which you do not have rights. Displays the message, “You do not have rights to perform this action.” For Fabric OS devices, the log in dialog box for the switch displays. Same as No Privilege.
About User Privileges TABLE 35 C Privileges and Application Behavior (Continued) Privilege Description No Privilege Read-Only Read/Write Report Allows you to generate and view the following reports: • Fabric Ports • Fabric Summary Disables the View command and the Generate command on the Reports menu.
C About User Privileges TABLE 35 Privileges and Application Behavior (Continued) Privilege Description No Privilege Read-Only Read/Write Setup Tools Allows you to define and place commands on product icons and in the Tools menu. Disables the Setup Tools command on the Tools menu. Any existing Tools and/or right-click commands already defined or defined by others are available for use; however, you cannot configure new items.
About User Privileges TABLE 35 C Privileges and Application Behavior (Continued) Privilege Description No Privilege Read-Only Read/Write Software Configuration Parameters Allows you to configure some of the properties of the client and server of the management application. Disables the Software Configuration Parameters folder and subpages in the Options dialog box. The configuration cannot be viewed.
C About User Privileges TABLE 35 Privileges and Application Behavior (Continued) Privilege Description No Privilege Read-Only Read/Write Storage Encryption Key Operation Allows you to configure storage encryption key operation, including selecting storage devices and LUNs, viewing switch, group, or engine properties, viewing storage device encryption properties, initiating manual LUN re-keying, enabling and disabling an engine, zeroizing an engine, restoring a Master Key, and all smart card operat
About User Privileges TABLE 35 C Privileges and Application Behavior (Continued) Privilege Description No Privilege Read-Only Read/Write Storage Encryption Security Allows you to configure storage encryption security, including creating a new encryption group, adding a switch to an existing group, zeroizing an encryption engine, backing up or restoring a master key, and enabling encryption functions after a power cycle. Disables all functions from the dialog box except view.
C About User Privileges TABLE 35 Privileges and Application Behavior (Continued) Privilege Description No Privilege Read-Only Read/Write User Management Allows you to create and define users and groups, as well as assign privileges and views to groups. Disables the Users command on the main Server menu and the Users button on the main tool bar.
About User Privileges TABLE 35 C Privileges and Application Behavior (Continued) Privilege Description No Privilege Read-Only Read/Write Zoning Offline Allows you to edit the zone database in offline mode and save the zone database to the repository or to the switch. In Zoning dialog box, the Zone DB list includes offline zones; however, if an offline zone is selected, the contents are not loaded into the Zoning dialog box.
C About User Privileges TABLE 35 Privileges and Application Behavior (Continued) Privilege Description No Privilege Read-Only Read/Write Zoning Online Allows you to edit any of the fabric zone databases in the available fabrics within the Zoning dialog box from the client side and then save to the switch. In Zoning dialog box, the Zone DB list includes online and offline zones; however, if an online zone is selected, the contents are not loaded into the Zoning dialog box.
About Roles and Access Levels C About Roles and Access Levels The Management application provides seven pre-configured roles (System Administrator, Security Administrator, Zone Administrator, Operator, Security Officer, Network Administrator, and Host Administrator); however, System Administrators can also create roles manually. Refer to “Creating a user role” on page 355 for instructions. The System Administrator is the only pre-configured role with Read and Write access to all features.
C About Roles and Access Levels TABLE 36 Features and User Groups Access Levels (Continued) Feature Roles with Read/Write Access Roles with Read-Only Access Port Fencing System Administrator Operator Product Administration System Administrator Product Maintenance System Administrator Product Operation System Administrator, Operator Properties Edit System Administrator, Host Administrator Operator Report System Administrator Operator Routing Configuration System Administrator Operator
Appendix D Sybase and Derby Database Fields In this appendix • Advanced Call Home . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Capability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Client_view . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Collector . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
D Database tables and fields • Zoning 1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 809 • Zoning 2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 811 Database tables and fields Advanced Call Home NOTE The primary keys are marked by an asterisk (*). TABLE 37 ACH_CALL_CENTER Field Definition ID * Name of the Call Center.
D Capability TABLE 41 ACH_EVENT_FILTER_MAP Field Definition Format FILTER_ID * ID of the event filter. int EVENT_ID * Event ID which needs to be associated with the filter. int TABLE 42 Size ACH_EVENT Field Definition ID * Format Size int REASON_CODE Reason code of the event. varchar 256 FRU_CODE FRU code of the event. varchar 256 DESCRIPTION Description of the event. varchar 256 SEVERITY Severity of the event. int TYPE Type of the event.
D Client_view TABLE 46 CARD Field Definition Format ID * Size int CORE_SWITCH_ID * Core switch DB ID. int SLOT_NUMBER The number of the physical slot in the chassis where the blade is plugged in. For fixed blades, SlotNumber is zero. smallint TYPE ID of the blade to identify the type. smallint EQUIPEMNT_TYPE The type of the blade. It is either SW BLADE or CP BLADE. varchar 16 STATE State of the blade, such as ENABLED or DISABLED.
D Client_view TABLE 48 USER_ (Continued) Field Definition Format Size PASSWORD User password. varchar 128 EMAIL User e-mail ID. varchar 1024 NOTIFICATION_ENABLED Flag for e-mail notification. smallint TABLE 49 USER_PREFERENCE Field Definition Format Size USER_NAME * User name whose preferences are saved. It corresponds to user_name in USER_table. varchar 128 CATEGORY * The name for a set of related preferences.
D Client_view TABLE 52 CLIENT_VIEW_MEMBER Field Definition Format CLIENT_VIEW_ID * Foreign key to CLIENT_VIEW table. int FABRIC_ID * Foreign key to FABRIC table. int Definition Format TABLE 53 FABRIC Field ID * Size int SAN_ID Foreign key to SAN table; usually 1 since there is only one SAN. int SEED_SWITCH_WWN WWN of the virtual switch used as seed switch to discover the fabric. char 23 NAME User-assigned fabric name.
D Collector Collector TABLE 54 FABRIC_CHECKSUM Field Definition Format FABRIC_ID * Fabric ID, foreign key to the FABRIC table. int CHECKSUM_KEY * Type of checksum, e.g. device data or zone data. varchar 32 CHECKSUM Actual checksum value. varchar 16 Size TABLE 55 Size FABRIC_COLLECTION Field Definition Format FABRIC_ID * Fabric ID, foreign key to the FABRIC table. int COLLECTOR_NAME * Name of the collector, e.g.
D Collector TABLE 57 FABRIC (Continued) Field Definition Format AD_ENVIRONMENT 1 = there are user-defined ADs in this fabric. smallint MANAGED 1 = it is an actively "monitored" fabric; otherwise, it is an "unmonitored" fabric. smallint MANAGEMENT_STATE Bit map to indicate various management indications for the fabric. smallint TRACK_CHANGES 1 = changes (member switches, ISL and devices) in the fabric are tracked.
D Collector TABLE 60 VIRTUAL_SWITCH_CHECKSUM Field Definition Format VIRTUAL_SWITCH_ID * DB ID of virtual switch. int CHECKSUM_KEY * Checksum key. varchar 32 CHECKSUM Checksum value. varchar 16 Size TABLE 61 Size CORE_SWITCH_CHECKSUM Field Definition Format CORE_SWITCH_ID * DB ID. int CHECKSUM_KEY * Checksum type. varchar 32 CHECKSUM Checksum value. varchar 16 Size TABLE 62 CORE_SWITCH_COLLECTION Field Definition Format CORE_SWITCH_ID * Core switch ID.
D Config TABLE 63 SECURITY_POLICY Field Definition Format Size VIRTUAL_SWITCH_ID * DB ID of virtual_switch. int POLICY_NUMBER* IPSec Policy Number. The number can range from 1 to 32. smallint POLICY_TYPE* Type of the Policy. The possible values are IKE or IPSec smallint ENCRYPTION_ALGORITHM Encryption Algorithm for the policy.The following are the possible Encryption: NONE,DES,3DES,AES-128,AES-256,AES-CM-128 or AES-CM-256.
D Config TABLE 65 FIRMWARE_FILE_DETAIL (Continued) Field Definition Format RELEASE_DATE Release date of the firmware file. timestamp IMPORTED_DATE Imported date of the file to the Management application. timestamp FIRMWARE_FILE_SIZE Firmware file size. int FIRMWARE_LOCATION Firmware file location in the Management application repository. varchar 1024 RELEASE_NOTES_ LOCATION Release notes file location in the Management application repository.
D Connected end devices TABLE 69 SWITCH_CONFIG Field Definition Format NAME Name of the switch configurations uploaded from the switch either on demand or through scheduler. int ID* varchar Size 64 SWITCH_ID ID of the switch from which the configuration has been uploaded. int BACKUP_DATE_TIME The date/time stamp at which the configuration has been uploaded. timestamp CONFIG_DATA The actual switch configuration data.
D Device Device TABLE 73 DEVICE_PORT Field Definition ID* Format Size int NODE_ID DB ID of the device node to which this port belongs. int DOMAIN_ID Domain ID of the switch to which this device port is attached. int WWN Device port WWN. char 23 SWITCH_PORT_WWN WWN of the switch port to which this device port is attached. char 23 NUMBER Switch port number to which this device is attached. smallint PORT_ID Device port ID. varchar 6 TYPE Device port type, such as N or NL.
D Device TABLE 74 FICON_DEVICE_PORT (Continued) Field Definition Format Size TAG FICON device property, e.g., 809a or 809b. varchar 16 FLAG FICON device property, e.g., 0x10 (hex). varchar 8 PARAMS FICON device property string, e.g., Valid channel port. varchar 16 Format Size TABLE 75 DEVICE_NODE Field Definition ID* int FABRIC_ID Fabric DB ID to which this device node belongs. int WWN Device node WWN. char 23 TYPE Initiator or target or both or unknown.
D Device TABLE 77 DEVICE_ENCLOSURE Field Definition ID* Format Size int FABRIC_ID ID of the fabric to which the device enclosure belongs. int NAME Name of the Device enclosure. varchar 256 TYPE Type of Device enclosure - Storage Array/Server. varchar 32 ICON Type of Icon. int OS Operating System. varchar 256 APPLICATIONS Application which created device enclosure. varchar 256 DEPARTMENT Department using this device enclosure. varchar 256 CONTACT Contact person details.
D Device TABLE 78 FABRIC (Continued) Field Definition Format SECURE 1 = it is secured fabric. smallint AD_ENVIRONMENT 1 = there are user-defined ADs in this fabric. smallint MANAGED 1 = it is an actively "monitored" fabric; otherwise, it is an "unmonitored" fabric. smallint MANAGEMENT_STATE Bit map to indicate various management indications for the fabric. smallint TRACK_CHANGES 1 = changes (member switches, ISL and devices) in the fabric are tracked.
Device TABLE 79 DEVICE_PORT_INFO Name Source MISSING TIME DEVICE_PORT.MISSING_TIME, NPV PHYSICAL DEVICE_PORT.NPV_PHYSICAL TYPE NUMBER FICON_DEVICE_PORT.TYPE_NUMBER MODEL NUMBER FICON_DEVICE_PORT.MODEL_NUMBER MANUFACTURER FICON_DEVICE_PORT.MANUFACTURER MANUFACTURER PLANT FICON_DEVICE_PORT.MANUFACTURER_PLANT SEQUENCE NUMBER FICON_DEVICE_PORT.SEQUENCE_NUMBER TAG FICON_DEVICE_PORT.TAG FLAG FICON_DEVICE_PORT.FLAG PARAMS FICON_DEVICE_PORT.PARAMS NAME USER_DEFINED_DEVICE_DETAIL.
D Device TABLE 80 736 DEVICE_INFO (Continued) Name Source DEVICE PORT TYPE DEVICE_PORT.TYPE DEVICE PORT SYMBOLICE NAME DEVICE_PORT.SYMBOLIC_NAME FC4_TYPE DEVICE_PORT.FC4_TYPE, IP_PORT DEVICE_PORT.IP_PORT HARDWARE_ADDRESS DEVICE_PORT.HARDWARE_ADDRESS DEVICE PORT TRUSTED DEVICE_PORT.TRUSTED DEVICE PORT MISSING DEVICE_PORT.MISSING COS DEVICE_PORT.COS NPV_PHYSICAL DEVICE_PORT.NPV_PHYSICAL SWITCH PORT ID SWITCH_PORT.ID SWITCH PORT WWN SWITCH_PORT.WWN SWITCH PORT NAME SWITCH_PORT.
D Device TABLE 80 DEVICE_INFO (Continued) Name Source VIRTUAL SWITCH ID SWITCH_INFO.ID VIRTUAL SWITCH NAME SWITCH_INFO.NAME OPERATIONAL STATUS SWITCH_INFO.OPERATIONAL_STATUS SWITCH_MODE SWITCH_INFO.SWITCH_MODE VIRTUAL SWITCH WWN SWITCH_INFO.WWN VIRTUAL SWITCH DOMAIN ID SWITCH_INFO.DOMAIN_ID VIRTUAL_FABRIC_ID SWITCH_INFO.VIRTUAL_FABRIC_ID BASE_SWITCH SWITCH_INFO.BASE_SWITCH VIRTUAL SWITCH STATE SWITCH_INFO.STATE VIRTUAL SWITCH STATUS SWITCH_INFO.STATUS FABRIC ID SWITCH_INFO.
D EE- Monitor TABLE 82 DEVICE_NODE_INFO (Continued) Name Source CAPABILITY DEVICE_NODE.CAPABILITY_ TRUSTED DEVICE_NODE.TRUSTED CREATION TIME DEVICE_NODE.CREATION_TIME MISSING DEVICE_NODE.MISSING MISSING TIME DEVICE_NODE.MISSING_TIME, PROXY DEVICE DEVICE_NODE.PROXY_DEVICE AG DEVICE_NODE.AG, NAME USER_DEFINED_DEVICE_DETAIL.NAME USER DEFINED TYPE USER_DEFINED_DEVICE_DETAIL.TYPE IP ADDRESS USER_DEFINED_DEVICE_DETAIL.IP_ADDRESS CONTACT USER_DEFINED_DEVICE_DETAIL.
D EE- Monitor TABLE 84 EE_MONITOR_STATS_30MIN Field Definition Format ID* int EE_MONITOR_ID int CREATION_TIME timestamp ACTIVE_STATE smallint TX double precision RX double precision CRCERRORS double TABLE 85 EE_MONITOR_STATS_2HOUR Field Definition Format ID* int EE_MONITOR_ID int CREATION_TIME timestamp ACTIVE_STATE smallint TX double precision RX double precision CRCERRORS double TABLE 86 Definition ID* Format Size int MONITOR_ID The Number (Index) given by th
D Event/FM TABLE 87 EE_MONITOR_STATS_1DAY (Continued) Field Definition Format CREATION_TIME timestamp ACTIVE_STATE smallint TX double precision RX double precision CRCERRORS double Size Event/FM TABLE 88 RECIPIENT_TYPE Field Definition ID* Type of the recipient (Syslog or SNMP). varchar 20 Format Size SOURCE_OBJECT_TYPE Field Definition ID* int TYPE_NAME Type of the object to which the event applies, such as Fabric, Switch or Port.
D Event/FM TABLE 92 EVENT_SUB_TYPE Field Definition ID* Format Size int EVENT_TYPE_ID Unique Event Sub type ID int DESCRIPTION Description of Event Sub Type varchar 255 Format Size TABLE 93 SNMP_CREDENTIALS Field Definition ID* int VIRTUAL_SWITCH_ID Virtual switch ID for which this instance of the SNMP credentials apply. int RECIPIENT_ID Refers to recipient in the MESSAGE_RECIPIENT table. int PORT_NUMBER Port number of the SNMP agent on the switch for get and set requests.
D Event/FM TABLE 93 SNMP_CREDENTIALS (Continued) Field Definition Format Size AUTH_PASSWORD The localized secret key used by the authentication protocol for authenticating messages. This is applicable if the agent is configured to operate in SNMPv3. varchar 64 PRIV_PROTOCOL An indication of whether messages sent or received on behalf of this user can be encrypted and if so, which privacy protocol to use.
D Event/FM TABLE 95 EVENT Field Definition ID* Format Size int SWITCH_ID ID of the switch. int PARENT_ID ID of the Parent. int 255 SOURCE_NAME Name of the source from which the event originated. varchar 32 SOURCE_ADDR IP Address of the source from which the event originated. varchar 50 EVENT_SOURCE Source from which the event is generated. varchar 32 SINK_SOURCE Sink Source of the event (Syslog/SNMP Trap/errlog/Application).
D Event/FM TABLE 95 EVENT (Continued) Field Definition Format Size EVENT_CATEGORY Category of the event varchar 64 DISCOVERY_TYPE Discovery type of the product varchar 64 MANAGEMENT_LINK Management link status varchar 255 OPERATIONAL_STATUS Operational Status of the switch from which the event is triggered varchar 255 NODE_WWN WWN of the node from which the event is triggered varchar 23 PORT_WWN WWN of the port from which the event is triggered varchar 23 NODE_NAME Node Name
D Event/FM TABLE 97 EVENT_NOTIFICATION (Continued) Field Definition Format Size USER_NAME User name for authentication. varchar 256 PASSWORD Password for authentication. varchar 256 NOTIFICATION_INTERVAL Time interval between successive event notifications. int NOTIFICATION_UNIT Time interval Unit: 0 = Seconds 1 = Minutes 2 = Hours smallint TEST_OPTION Time interval Unit: 0 = Send test to configured e-mail address. 1 = Send test to all enabled users.
D Fabric TABLE 98 EVENT_RULE (Continued) Field Definition Format LAST_MODIFIED_TIME Rules last edited time. timestamp SELECTED_TIME_UNIT Timestamp unit of the selected rule: 0 = second 1 = Minutes 2 = Hours smallint TABLE 99 Size EVENT_RULE_ACTION Field Definition ID* Format Size int RULE_ID The rule ID present in the Event_Rule Table.
D Fabric TABLE 101 FABRIC Field Definition ID* Format Size int SAN_ID Foreign key to SAN table; usually 1 since there is only one SAN. int SEED_SWITCH_WWN WWN of the virtual switch used as seed switch to discover the fabric. char 23 NAME User-assigned fabric name. varchar 256 CONTACT User-assigned "contact" for the fabric. varchar 256 LOCATION User-assigned "location" for the fabric. varchar 256 DESCRIPTION User-assigned fabric description.
D Fabric TABLE 102 Source MANAGEMENT_STATE FABRIC.MANAGEMENT_STATE LAST_FABRIC_CHANGED FABRIC.LAST_FABRIC_CHANGED SECURE FABRIC.SECURE AD_ENVIRONMENT FABRIC.AD_ENVIRONMENT MANAGED FABRIC.MANAGED CONTACT FABRIC.CONTACT LOCATION FABRIC.LOCATION DESCRIPTION FABRIC.DESCRIPTION CREATION_TIME FABRIC.CREATION_TIME LAST_SCAN_TIME FABRIC.LAST_SCAN_TIME LAST_UPDATE_TIME FABRIC.LAST_UPDATE_TIME TRACK_CHANGES FABRIC.TRACK_CHANGES TYPE FABRIC.TYPE USER_DEFINED_VALUE_1 FABRIC.
D FC Port Stats FC Port Stats TABLE 104 FC_PORT_STATS Field Definition ID* Format int SWITCH_ID References the ID in CORE_SWITCH table. int PORT_ID References the ID in SWITCH_PORT table. int TX Transmission (TX) value in bytes. double RX Receive (RX) value in bytes. double TX_UTILIZATION Transmit utilization value in percentage. double RX_UTILIZATION Receive utilization value in percentage. double‘ CREATION_TIME The polling time.
D FC Port Stats TABLE 105 FC_PORT_STATS_30MIN (Continued) Field Definition SIGNALLOSSES double SEQUENCEERRORS double INVALIDTRANSMISSIONS double CRCERRORS double DATA_GAPS_IN5MIN smallint TABLE 106 Definition Format ID* int SWITCH_ID int PORT_ID int TX double RX double TX_UTILIZATION double RX_UTILIZATION double‘ CREATION_TIME timestamp ACTIVE_STATE smallint LINKFAILURES double TXLINKRESETS double RXLINKRESETS double SYNCLOSSES double SIGNALLOSSES double SEQUEN
D FC Port Stats TABLE 107 FC_PORT_STATS_1DAY (Continued) Field Definition Format RX_UTILIZATION double‘ CREATION_TIME timestamp ACTIVE_STATE smallint LINKFAILURES double TXLINKRESETS double RXLINKRESETS double SYNCLOSSES double SIGNALLOSSES double SEQUENCEERRORS double INVALIDTRANSMISSIONS double CRCERRORS double DATA_GAPS_IN5MIN smallint DATA_GAPS_IN30MIN smallint DATA_GAPS_IN2HOUR smallint DCFM Enterprise User Manual 53-1001775-01 Size 751
D FCIP FCIP TABLE 108 FCIP_TUNNEL Field Definition ID* Size int ETHERNET_PORT_ID GigE Port ID on which the tunnel is created. int TUNNEL_ID Tunnel ID for that GigE Port. smallint VLAN_TAG VLAN Tag on the tunnel (if present). int SOURCE_IP Source IP on which the tunnel is created. char 64 DEST_IP Destination IP on the other end of tunnel. char 64 LOCAL_WWN Local port WWN for the tunnel. char 23 REMOTE_WWN_RESTRICT Remote Port WWN for the tunnel.
FCIP TABLE 109 D FCIP_TUNNEL_INFO (Continued) Name Source WAN_TOV_ENABLED FCIP_TUNNEL.WAN_TOV_ENABLED TUNNEL_STATUS FCIP_TUNNEL.TUNNEL_STATUS COMPRESSION_ENABLED FCIP_TUNNEL_DETAILS.COMPRESSION_ENABLED TURBO_WRITE_ENALBED FCIP_TUNNEL_DETAILS.TURBO_WRITE_ENABLED TAPE_ACCELERATION_ENABLED FCIP_TUNNEL_DETAILS.TAPE_ACCELERATION_ENABLED IKE_POLICY_NUM FCIP_TUNNEL_DETAILS.IKE_POLICY_NUM IPSEC_POLICY_NUM FCIP_TUNNEL_DETAILS.IPSEC_POLICY_NUM PRESHARED_KEY FCIP_TUNNEL_DETAILS.
D FCIP TABLE 109 Source REMOTE PORT WWN FCIP_PORT_TUNNEL_MAP.TUNNEL_ID = FCIP_TUNNEL.ID and FCIP_PORT_TUNNEL_MAP.SWITCHPORT_ID = PORT.ID) REMOTE_PORT_WWN REMOTE NODE WWN FCIP_PORT_TUNNEL_MAP.TUNNEL_ID = FCIP_TUNNEL.ID and FCIP_PORT_TUNNEL_MAP.SWITCHPORT_ID = PORT.ID) REMOTE_NODE_WWN TABLE 110 FCIP_PORT_TUNNEL_MAP Field Definition Format SWITCHPORT_ID* Switch Port ID. int TUNNEL_ID* FCIP Tunnel ID.
D FCIP Tunnel Stats TABLE 111 FCIP_TUNNEL_DETAILS (Continued) Field Definition Format FICON_TAPE_WRITE_ EMULATION_ENABLED Whether this is enabled on that tunnel. smallint FICON_TAPE_READ_ EMULATION_ENABLED Whether this is enabled on that tunnel. smallint FICON_DEBUG__FLAGS FICON_DEBUG_FLAGS for that particular tunnel. double Size FCIP Tunnel Stats TABLE 112 FCIP_TUNNEL_STATS Field Definition ID* Format int TUNNEL_DBID References the ID in FCIP_TUNNEL table.
D FCIP Tunnel Stats TABLE 113 FCIP_TUNNEL_STATS_30MIN (Continued) Field Definition DROPPED PACKETS double precision COMPRESSION double precision LATENCY double precision LINK_RETRANSMITS double precision ACTIVE_STATE smallint TABLE 114 Definition Format ID* int TUNNEL_DBID int SWITCH ID int CREATION TIME timestamp TX double precision RX double precision TX_UTILIZATION double precision RX_UTILIZATION double precision DROPPED PACKETS double precision COMPRESSION double pr
D GigE Port Stats TABLE 115 FCIP_TUNNEL_STATS_1DAY (Continued) Field Definition Format LINK_RETRANSMITS double precision ACTIVE_STATE smallint TABLE 116 Size FCIP_TUNNEL Field Definition ID* Format Size int ETHERNET_PORT_ID GigE Port ID on which the tunnel is created. int TUNNEL_ID Tunnel ID for that GigE Port. smallint VLAN_TAG VLAN Tag on the tunnel (if present). int SOURCE_IP Source IP on which the tunnel is created.
D GigE Port Stats TABLE 117 GIGE_PORT_STATS (Continued) Field Definition Format DROPPED PACKETS Number of dropped packets. double precision COMPRESSION The compression value. double precision LATENCY The latency value. double precision BANDWIDTH The bandwidth value.
D ISL TABLE 120 GIGE_PORT_STATS_1DAY Field Definition Format ID* int SWITCH ID int PORT_ID int CREATION TIME timestamp TX double precision RX double precision TX_UTILIZATION double precision RX_UTILIZATION double precision DROPPED PACKETS double precision COMPRESSION double precision LATENCY double precision BANDWIDTH double precision Size ISL TABLE 121 ISL_INFO Name Source ID ISL.ID FABRIC_ID ISL.FABRIC_ID COST ISL.COST TYPE ISL.TYPE SOURCE_DOAMIN_ID ISL.
D ISL TABLE 122 ISL_TRUNK_INFO Name Source ID ISL_TRUNK_GROUP.ID COST ISL_INFO.COST TYPE ISL_INFO.TYPE SOURCE PORT NUMBER ISL_INFO.SOURCE_PORT_NUMBER SOURCE SWITCH ID ISL_INFO.SOURCE_SWITCH_ID SOURCE SWITCH IP ADDRESS SOURCE_CORE_SWITCH.IP_ADDRESS SOURCE SWITCH WWN SOURCE_VIRTUAL_SWITCH.WWN MASTER PORT ISL_INFO.SOURCE_DOMAIN_ID SOURCE SWITCH NAME ISL_INFO.SOURCE_SWITCH_NAME SOURCE SWITCH PORT ID ISL_INFO.SOURCE_SWITCH_PORT_ID DEST PORT NUMBER ISL_INFO.
D ISL TABLE 124 FABRIC Field Definition ID* Format Size int SAN_ID Foreign key to SAN table; usually 1 since there is only one SAN. int SEED_SWITCH_WWN WWN of the virtual switch used as seed switch to discover the fabric. char 23 NAME User-assigned fabric name. varchar 256 CONTACT User-assigned "contact" for the fabric. varchar 256 LOCATION User-assigned "location" for the fabric. varchar 256 DESCRIPTION User-assigned fabric description.
D License TABLE 126 ISL_TRUNK_GROUP Field Definition ID* Format Size int VIRTUAL_SWITCH_ID Virtual switch DB ID. int MASTER_USER_PORT Port number of master port. smallint License TABLE 127 LICENSE_FEATURE_MAP Field Definition Format LICENSE_ID* Foreign Key (SWITCH_LICENSE.ID) and is part of the primary key. integer FEATURE_ID* Foreign Key (LICENSED_FEATURE.ID) and is part of the primary.
D Encryption Device Encryption Device TABLE 131 KEY VAULT Field Definition ID* Format Size int IP_ADDRESS The IP Address (IPv4, IPv6, or hostname) of the key vault. varchar PORT_NUMBER The TCP port number for the key vault. int PUBLIC_CERTIFICATE The key vault’s public key certificate. Switches use varchar this to establish a secure connection to the key vault. 4096 CRETIFICATE_LABEL A text name to identify the certificate.
D Encryption Device TABLE 132 CRYPTO_SWITCH Field Definition Format Size KAC_CERTIFICATE The public key certificate, in PEM format, of the switch’s Key Archive Client module. This certificate is installed on key vaults to establish secure communication between this switch and the key vault. varchar 4096 PRIMARY_VAULT_ CONNECTIVITY_STATUS The status of the network connection between this switch and the primary key vault. For possible values, see the enum definition in the DTO class.
D Encryption Device TABLE 133 ENCRYPTION GROUP Field Definition Format ACTIVE_MASTER_KEY_STAT US The operational status of the "master key" or "Key Encryption Key (KEK)" used to encrypt Data Encryption Keys in a key vault. Not used for NetApp LKM key vaults. 0 = not used 1 = required but not present 2 = present but not backed up 3 = okay smallint ALT_MASTER_KEY_STATUS The operational status of an alternate "master key" used to access older data encryption keys. Not used for NetApp LKM key vaults.
D Encryption Device TABLE 134 ENCRYPTION_TAPE_POOL Field Definition Format Size TAPE_POOL_NAME User-supplied name or number for the tape pool. This is the same name or number specified in the tape backup application. Numbers are stored in hex. varchar 64 TAPE_POOL_OPERATION_M ODE Specifies which type of encryption should be used by tape volumes in this tape pool. 0 = Native 1 = DF-compatible. smallint TAPE_POOL_POLICY Specifies whether tape volumes in this tape pool should be encrypted.
D Encryption Device TABLE 137 QUORUM_CARD_GROUP_MAPPING Field Definition ID Format int ENCRYPTION_GROUP_ID Foreign key reference to the ENCRYPTION_GROUP for which an authorization card is registered. int SMART_CARD_ID Foreign key reference to the SMART_CARD that is registered as an authorization card for the encryption group. int Definition Format TABLE 138 Size HA CLUSTER Field ID* Size int NAME User-supplied name for the HA Cluster.
D Encryption Device TABLE 139 SMART CARD Field Definition Format Size GROUP_NAME 'The name of the Encryption Group used to initialize the card. For recovery set cards, this identifies which group’s master key is backed up on the card. varchar 64 CREATION_TIME The date and time that the card was initialized. For recovery set cards, this is the date and time the master key was written to the card.
D Encryption Container Encryption Container TABLE 141 CRYPTO HOST Field Definition ID* Format Size int CRYPTO_TARGET_CONTAIN ER_ID Foreign key reference to the int CRYPTO_TARGET_CONTAINER that contains this host. VI_NODE_WWN Node WWN of Virtual Initiator that represents this host. char 23 VI_PORT_WWN Port WWN of Virtual Initiator that represents this host.
D Encryption Container TABLE 143 CRYPTO LUN Field Definition ID* 770 Format Size int CRYPTO_TARGET_ CONTAINER_ID Foreign key reference to the CRYPTO_TARGET_CONTAINER that contains the host for which these LUNs are configured. int SERIAL_NUMBER The LUN serial number, used to identify the physical LUN. varchar ENCRYPTION_STATE Boolean. True (1) if LUN is being encrypted. False (0) if cleartext. smallint STATUS Not currently used but left in for possible future use. Replaced by LUN_STATE.
D Encryption Container TABLE 143 CRYPTO LUN Field Definition Format DECRYPT_EXISTING_DATA Not used. When configuring disk LUN that was previously encrypted and is to become cleartext, this property tells the switch whether or not to start a re-keying operation to decrypt the existing LUN data. This property does not need to be persisted. This feature is no longer supported in Fabric OS. smallint KEY_ID Hex-encoded binary key vault ID for the current data encryption key for this LUN.
D Encryption Container TABLE 144 ENCRYPTION ENGINE Field Definition Format SYSTEM_CARD_STATUS Indicates whether a System Card is currently inserted in the Encryption Engine, and whether the card is valid or not. This feature is not yet supported. smallint WWN_POOLS_AVAILABLE Not used. Previously used to indicate the number of WWN pools remaining for allocation on this encryption engine. This feature is no longer supported.
Encryption Container D TABLE 146 Name Source CRYPTO HOST ID LUN.CRYPTO_HOST_ID CRYPTO LUN ID LUN.ID CRYPTO_LUN_ID LUN NUMBER LUN.LUN_NUMBER CRYPTO TARGET CONTAINER ID LUN.CRYPTO_TARGET_CONTAINER_ID SERIAL NUMBER LUN.SERIAL_NUMBER ENCRYPTION STATE LUN.ENCRYPTION_STATE STATUS LUN.STATUS REKEY_INTERVAL LUN.REKEY_INTERVAL VOLUME_LABEL_PREFIX LUN.VOLUME_LABEL_PREFIX LAST_REKEY_DATE LUN.LAST_REKEY_DATE LAST_REKEY_STATUS LUN.LAST_REKEY_STATUS LAST_REKEY_PROGRESS LUN.
D Meta SAN Meta SAN TABLE 147 LSAN_DEVICE Field Definition ID* Size int BB_FABRIC_ID Backbone fabric DB ID. int FCR_FABRIC_ID FID assigned to edge fabric. int DEVICE_PORT_WWN Device port WWN of physical device. char 23 PHYSICAL_PID PID of physical device.
D Meta SAN TABLE 150 FABRIC (Continued) Field Definition Format TYPE Type of fabric: 0 = legacy fabric 1 = base fabric 2 = logical fabric smallint SECURE 1 = it is a secured fabric. smallint AD_ENVIRONMENT 1 = there are user-defined ADs in this fabric. smallint MANAGED 1 = it is an actively "monitored" fabric; otherwise, it is an "unmonitored" fabric. smallint MANAGEMENT_STATE Bit map to indicate various management indications for the fabric.
D Meta SAN TABLE 150 FABRIC (Continued) Field Definition Format TYPE Type of fabric: 0 = legacy fabric 1 = base fabric 2 = logical fabric smallint SECURE 1 = it is a secured fabric. smallint AD_ENVIRONMENT 1 = there are user-defined ADs in this fabric. smallint MANAGED 1 = it is an actively "monitored" fabric; otherwise, it is an "unmonitored" fabric. smallint MANAGEMENT_STATE Bit map to indicate various management indications for the fabric.
D Meta SAN TABLE 150 FABRIC (Continued) Field Definition Format TYPE Type of fabric: 0 = legacy fabric 1 = base fabric 2 = logical fabric smallint SECURE 1 = it is a secured fabric. smallint AD_ENVIRONMENT 1 = there are user-defined ADs in this fabric. smallint MANAGED 1 = it is an actively "monitored" fabric; otherwise, it is an "unmonitored" fabric. smallint MANAGEMENT_STATE Bit map to indicate various management indications for the fabric.
D Meta SAN TABLE 150 FABRIC (Continued) Field Definition Format TYPE Type of fabric: 0 = legacy fabric 1 = base fabric 2 = logical fabric smallint SECURE 1 = it is a secured fabric. smallint AD_ENVIRONMENT 1 = there are user-defined ADs in this fabric. smallint MANAGED 1 = it is an actively "monitored" fabric; otherwise, it is an "unmonitored" fabric. smallint MANAGEMENT_STATE Bit map to indicate various management indications for the fabric.
D Meta SAN TABLE 150 FABRIC (Continued) Field Definition Format TYPE Type of fabric: 0 = legacy fabric 1 = base fabric 2 = logical fabric smallint SECURE 1 = it is a secured fabric. smallint AD_ENVIRONMENT 1 = there are user-defined ADs in this fabric. smallint MANAGED 1 = it is an actively "monitored" fabric; otherwise, it is an "unmonitored" fabric. smallint MANAGEMENT_STATE Bit map to indicate various management indications for the fabric.
D Meta SAN TABLE 150 FABRIC (Continued) Field Definition Format TYPE Type of fabric: 0 = legacy fabric 1 = base fabric 2 = logical fabric smallint SECURE 1 = it is a secured fabric. smallint AD_ENVIRONMENT 1 = there are user-defined ADs in this fabric. smallint MANAGED 1 = it is an actively "monitored" fabric; otherwise, it is an "unmonitored" fabric. smallint MANAGEMENT_STATE Bit map to indicate various management indications for the fabric.
D Meta SAN TABLE 150 FABRIC (Continued) Field Definition Format TYPE Type of fabric: 0 = legacy fabric 1 = base fabric 2 = logical fabric smallint SECURE 1 = it is a secured fabric. smallint AD_ENVIRONMENT 1 = there are user-defined ADs in this fabric. smallint MANAGED 1 = it is an actively "monitored" fabric; otherwise, it is an "unmonitored" fabric. smallint MANAGEMENT_STATE Bit map to indicate various management indications for the fabric.
D Meta SAN TABLE 150 FABRIC (Continued) Field Definition Format TYPE Type of fabric: 0 = legacy fabric 1 = base fabric 2 = logical fabric smallint SECURE 1 = it is a secured fabric. smallint AD_ENVIRONMENT 1 = there are user-defined ADs in this fabric. smallint MANAGED 1 = it is an actively "monitored" fabric; otherwise, it is an "unmonitored" fabric. smallint MANAGEMENT_STATE Bit map to indicate various management indications for the fabric.
D Meta SAN TABLE 150 FABRIC (Continued) Field Definition Format TYPE Type of fabric: 0 = legacy fabric 1 = base fabric 2 = logical fabric smallint SECURE 1 = it is a secured fabric. smallint AD_ENVIRONMENT 1 = there are user-defined ADs in this fabric. smallint MANAGED 1 = it is an actively "monitored" fabric; otherwise, it is an "unmonitored" fabric. smallint MANAGEMENT_STATE Bit map to indicate various management indications for the fabric.
D Meta SAN TABLE 150 FABRIC (Continued) Field Definition Format TYPE Type of fabric: 0 = legacy fabric 1 = base fabric 2 = logical fabric smallint SECURE 1 = it is a secured fabric. smallint AD_ENVIRONMENT 1 = there are user-defined ADs in this fabric. smallint MANAGED 1 = it is an actively "monitored" fabric; otherwise, it is an "unmonitored" fabric. smallint MANAGEMENT_STATE Bit map to indicate various management indications for the fabric.
D Meta SAN TABLE 150 FABRIC (Continued) Field Definition Format TYPE Type of fabric: 0 = legacy fabric 1 = base fabric 2 = logical fabric smallint SECURE 1 = it is a secured fabric. smallint AD_ENVIRONMENT 1 = there are user-defined ADs in this fabric. smallint MANAGED 1 = it is an actively "monitored" fabric; otherwise, it is an "unmonitored" fabric. smallint MANAGEMENT_STATE Bit map to indicate various management indications for the fabric.
D Meta SAN TABLE 150 FABRIC (Continued) Field Definition Format TYPE Type of fabric: 0 = legacy fabric 1 = base fabric 2 = logical fabric smallint SECURE 1 = it is a secured fabric. smallint AD_ENVIRONMENT 1 = there are user-defined ADs in this fabric. smallint MANAGED 1 = it is an actively "monitored" fabric; otherwise, it is an "unmonitored" fabric. smallint MANAGEMENT_STATE Bit map to indicate various management indications for the fabric.
D Meta SAN TABLE 150 FABRIC (Continued) Field Definition Format TYPE Type of fabric: 0 = legacy fabric 1 = base fabric 2 = logical fabric smallint SECURE 1 = it is a secured fabric. smallint AD_ENVIRONMENT 1 = there are user-defined ADs in this fabric. smallint MANAGED 1 = it is an actively "monitored" fabric; otherwise, it is an "unmonitored" fabric. smallint MANAGEMENT_STATE Bit map to indicate various management indications for the fabric.
D Meta SAN TABLE 150 FABRIC (Continued) Field Definition Format TYPE Type of fabric: 0 = legacy fabric 1 = base fabric 2 = logical fabric smallint SECURE 1 = it is a secured fabric. smallint AD_ENVIRONMENT 1 = there are user-defined ADs in this fabric. smallint MANAGED 1 = it is an actively "monitored" fabric; otherwise, it is an "unmonitored" fabric. smallint MANAGEMENT_STATE Bit map to indicate various management indications for the fabric.
D Meta SAN TABLE 150 FABRIC (Continued) Field Definition Format TYPE Type of fabric: 0 = legacy fabric 1 = base fabric 2 = logical fabric smallint SECURE 1 = it is a secured fabric. smallint AD_ENVIRONMENT 1 = there are user-defined ADs in this fabric. smallint MANAGED 1 = it is an actively "monitored" fabric; otherwise, it is an "unmonitored" fabric. smallint MANAGEMENT_STATE Bit map to indicate various management indications for the fabric.
D Meta SAN TABLE 150 FABRIC (Continued) Field Definition Format TYPE Type of fabric: 0 = legacy fabric 1 = base fabric 2 = logical fabric smallint SECURE 1 = it is a secured fabric. smallint AD_ENVIRONMENT 1 = there are user-defined ADs in this fabric. smallint MANAGED 1 = it is an actively "monitored" fabric; otherwise, it is an "unmonitored" fabric. smallint MANAGEMENT_STATE Bit map to indicate various management indications for the fabric.
D Meta SAN TABLE 150 FABRIC (Continued) Field Definition Format TYPE Type of fabric: 0 = legacy fabric 1 = base fabric 2 = logical fabric smallint SECURE 1 = it is a secured fabric. smallint AD_ENVIRONMENT 1 = there are user-defined ADs in this fabric. smallint MANAGED 1 = it is an actively "monitored" fabric; otherwise, it is an "unmonitored" fabric. smallint MANAGEMENT_STATE Bit map to indicate various management indications for the fabric.
D Meta SAN TABLE 150 FABRIC (Continued) Field Definition Format TYPE Type of fabric: 0 = legacy fabric 1 = base fabric 2 = logical fabric smallint SECURE 1 = it is a secured fabric. smallint AD_ENVIRONMENT 1 = there are user-defined ADs in this fabric. smallint MANAGED 1 = it is an actively "monitored" fabric; otherwise, it is an "unmonitored" fabric. smallint MANAGEMENT_STATE Bit map to indicate various management indications for the fabric.
D Meta SAN TABLE 150 FABRIC (Continued) Field Definition Format TYPE Type of fabric: 0 = legacy fabric 1 = base fabric 2 = logical fabric smallint SECURE 1 = it is a secured fabric. smallint AD_ENVIRONMENT 1 = there are user-defined ADs in this fabric. smallint MANAGED 1 = it is an actively "monitored" fabric; otherwise, it is an "unmonitored" fabric. smallint MANAGEMENT_STATE Bit map to indicate various management indications for the fabric.
D Meta SAN TABLE 150 FABRIC (Continued) Field Definition Format TYPE Type of fabric: 0 = legacy fabric 1 = base fabric 2 = logical fabric smallint SECURE 1 = it is a secured fabric. smallint AD_ENVIRONMENT 1 = there are user-defined ADs in this fabric. smallint MANAGED 1 = it is an actively "monitored" fabric; otherwise, it is an "unmonitored" fabric. smallint MANAGEMENT_STATE Bit map to indicate various management indications for the fabric.
D Meta SAN TABLE 150 FABRIC (Continued) Field Definition Format TYPE Type of fabric: 0 = legacy fabric 1 = base fabric 2 = logical fabric smallint SECURE 1 = it is a secured fabric. smallint AD_ENVIRONMENT 1 = there are user-defined ADs in this fabric. smallint MANAGED 1 = it is an actively "monitored" fabric; otherwise, it is an "unmonitored" fabric. smallint MANAGEMENT_STATE Bit map to indicate various management indications for the fabric.
D Meta SAN TABLE 150 FABRIC (Continued) Field Definition Format TYPE Type of fabric: 0 = legacy fabric 1 = base fabric 2 = logical fabric smallint SECURE 1 = it is a secured fabric. smallint AD_ENVIRONMENT 1 = there are user-defined ADs in this fabric. smallint MANAGED 1 = it is an actively "monitored" fabric; otherwise, it is an "unmonitored" fabric. smallint MANAGEMENT_STATE Bit map to indicate various management indications for the fabric.
D Meta SAN TABLE 150 FABRIC (Continued) Field Definition Format TYPE Type of fabric: 0 = legacy fabric 1 = base fabric 2 = logical fabric smallint SECURE 1 = it is a secured fabric. smallint AD_ENVIRONMENT 1 = there are user-defined ADs in this fabric. smallint MANAGED 1 = it is an actively "monitored" fabric; otherwise, it is an "unmonitored" fabric. smallint MANAGEMENT_STATE Bit map to indicate various management indications for the fabric.
D Meta SAN TABLE 150 FABRIC (Continued) Field Definition Format TYPE Type of fabric: 0 = legacy fabric 1 = base fabric 2 = logical fabric smallint SECURE 1 = it is a secured fabric. smallint AD_ENVIRONMENT 1 = there are user-defined ADs in this fabric. smallint MANAGED 1 = it is an actively "monitored" fabric; otherwise, it is an "unmonitored" fabric. smallint MANAGEMENT_STATE Bit map to indicate various management indications for the fabric.
D Meta SAN TABLE 150 FABRIC (Continued) Field Definition Format TYPE Type of fabric: 0 = legacy fabric 1 = base fabric 2 = logical fabric smallint SECURE 1 = it is a secured fabric. smallint AD_ENVIRONMENT 1 = there are user-defined ADs in this fabric. smallint MANAGED 1 = it is an actively "monitored" fabric; otherwise, it is an "unmonitored" fabric. smallint MANAGEMENT_STATE Bit map to indicate various management indications for the fabric.
D Meta SAN TABLE 150 FABRIC (Continued) Field Definition Format TYPE Type of fabric: 0 = legacy fabric 1 = base fabric 2 = logical fabric smallint SECURE 1 = it is a secured fabric. smallint AD_ENVIRONMENT 1 = there are user-defined ADs in this fabric. smallint MANAGED 1 = it is an actively "monitored" fabric; otherwise, it is an "unmonitored" fabric. smallint MANAGEMENT_STATE Bit map to indicate various management indications for the fabric.
D Meta SAN TABLE 150 FABRIC (Continued) Field Definition Format TYPE Type of fabric: 0 = legacy fabric 1 = base fabric 2 = logical fabric smallint SECURE 1 = it is a secured fabric. smallint AD_ENVIRONMENT 1 = there are user-defined ADs in this fabric. smallint MANAGED 1 = it is an actively "monitored" fabric; otherwise, it is an "unmonitored" fabric. smallint MANAGEMENT_STATE Bit map to indicate various management indications for the fabric.
D Meta SAN TABLE 150 FABRIC (Continued) Field Definition Format TYPE Type of fabric: 0 = legacy fabric 1 = base fabric 2 = logical fabric smallint SECURE 1 = it is a secured fabric. smallint AD_ENVIRONMENT 1 = there are user-defined ADs in this fabric. smallint MANAGED 1 = it is an actively "monitored" fabric; otherwise, it is an "unmonitored" fabric. smallint MANAGEMENT_STATE Bit map to indicate various management indications for the fabric.
D Meta SAN TABLE 150 FABRIC (Continued) Field Definition Format TYPE Type of fabric: 0 = legacy fabric 1 = base fabric 2 = logical fabric smallint SECURE 1 = it is a secured fabric. smallint AD_ENVIRONMENT 1 = there are user-defined ADs in this fabric. smallint MANAGED 1 = it is an actively "monitored" fabric; otherwise, it is an "unmonitored" fabric. smallint MANAGEMENT_STATE Bit map to indicate various management indications for the fabric.
D Meta SAN TABLE 150 FABRIC (Continued) Field Definition Format TYPE Type of fabric: 0 = legacy fabric 1 = base fabric 2 = logical fabric smallint SECURE 1 = it is a secured fabric. smallint AD_ENVIRONMENT 1 = there are user-defined ADs in this fabric. smallint MANAGED 1 = it is an actively "monitored" fabric; otherwise, it is an "unmonitored" fabric. smallint MANAGEMENT_STATE Bit map to indicate various management indications for the fabric.
D Meta SAN TABLE 150 FABRIC (Continued) Field Definition Format TYPE Type of fabric: 0 = legacy fabric 1 = base fabric 2 = logical fabric smallint SECURE 1 = it is a secured fabric. smallint AD_ENVIRONMENT 1 = there are user-defined ADs in this fabric. smallint MANAGED 1 = it is an actively "monitored" fabric; otherwise, it is an "unmonitored" fabric. smallint MANAGEMENT_STATE Bit map to indicate various management indications for the fabric.
D Meta SAN TABLE 150 FABRIC (Continued) Field Definition Format TYPE Type of fabric: 0 = legacy fabric 1 = base fabric 2 = logical fabric smallint SECURE 1 = it is a secured fabric. smallint AD_ENVIRONMENT 1 = there are user-defined ADs in this fabric. smallint MANAGED 1 = it is an actively "monitored" fabric; otherwise, it is an "unmonitored" fabric. smallint MANAGEMENT_STATE Bit map to indicate various management indications for the fabric.
D Meta SAN TABLE 150 FABRIC (Continued) Field Definition Format TYPE Type of fabric: 0 = legacy fabric 1 = base fabric 2 = logical fabric smallint SECURE 1 = it is a secured fabric. smallint AD_ENVIRONMENT 1 = there are user-defined ADs in this fabric. smallint MANAGED 1 = it is an actively "monitored" fabric; otherwise, it is an "unmonitored" fabric. smallint MANAGEMENT_STATE Bit map to indicate various management indications for the fabric.
D Meta SAN TABLE 150 FABRIC (Continued) Field Definition Format TYPE Type of fabric: 0 = legacy fabric 1 = base fabric 2 = logical fabric smallint SECURE 1 = it is a secured fabric. smallint AD_ENVIRONMENT 1 = there are user-defined ADs in this fabric. smallint MANAGED 1 = it is an actively "monitored" fabric; otherwise, it is an "unmonitored" fabric. smallint MANAGEMENT_STATE Bit map to indicate various management indications for the fabric.
D Meta SAN TABLE 150 FABRIC (Continued) Field Definition Format TYPE Type of fabric: 0 = legacy fabric 1 = base fabric 2 = logical fabric smallint SECURE 1 = it is a secured fabric. smallint AD_ENVIRONMENT 1 = there are user-defined ADs in this fabric. smallint MANAGED 1 = it is an actively "monitored" fabric; otherwise, it is an "unmonitored" fabric. smallint MANAGEMENT_STATE Bit map to indicate various management indications for the fabric.
D Meta SAN TABLE 150 FABRIC (Continued) Field Definition Format TYPE Type of fabric: 0 = legacy fabric 1 = base fabric 2 = logical fabric smallint SECURE 1 = it is a secured fabric. smallint AD_ENVIRONMENT 1 = there are user-defined ADs in this fabric. smallint MANAGED 1 = it is an actively "monitored" fabric; otherwise, it is an "unmonitored" fabric. smallint MANAGEMENT_STATE Bit map to indicate various management indications for the fabric.
D Meta SAN TABLE 150 FABRIC (Continued) Field Definition Format TYPE Type of fabric: 0 = legacy fabric 1 = base fabric 2 = logical fabric smallint SECURE 1 = it is a secured fabric. smallint AD_ENVIRONMENT 1 = there are user-defined ADs in this fabric. smallint MANAGED 1 = it is an actively "monitored" fabric; otherwise, it is an "unmonitored" fabric. smallint MANAGEMENT_STATE Bit map to indicate various management indications for the fabric.
D Meta SAN TABLE 150 FABRIC (Continued) Field Definition Format TYPE Type of fabric: 0 = legacy fabric 1 = base fabric 2 = logical fabric smallint SECURE 1 = it is a secured fabric. smallint AD_ENVIRONMENT 1 = there are user-defined ADs in this fabric. smallint MANAGED 1 = it is an actively "monitored" fabric; otherwise, it is an "unmonitored" fabric. smallint MANAGEMENT_STATE Bit map to indicate various management indications for the fabric.
D Meta SAN TABLE 150 FABRIC (Continued) Field Definition Format TYPE Type of fabric: 0 = legacy fabric 1 = base fabric 2 = logical fabric smallint SECURE 1 = it is a secured fabric. smallint AD_ENVIRONMENT 1 = there are user-defined ADs in this fabric. smallint MANAGED 1 = it is an actively "monitored" fabric; otherwise, it is an "unmonitored" fabric. smallint MANAGEMENT_STATE Bit map to indicate various management indications for the fabric.
D Meta SAN TABLE 150 FABRIC (Continued) Field Definition Format TYPE Type of fabric: 0 = legacy fabric 1 = base fabric 2 = logical fabric smallint SECURE 1 = it is a secured fabric. smallint AD_ENVIRONMENT 1 = there are user-defined ADs in this fabric. smallint MANAGED 1 = it is an actively "monitored" fabric; otherwise, it is an "unmonitored" fabric. smallint MANAGEMENT_STATE Bit map to indicate various management indications for the fabric.
D Meta SAN TABLE 150 FABRIC (Continued) Field Definition Format TYPE Type of fabric: 0 = legacy fabric 1 = base fabric 2 = logical fabric smallint SECURE 1 = it is a secured fabric. smallint AD_ENVIRONMENT 1 = there are user-defined ADs in this fabric. smallint MANAGED 1 = it is an actively "monitored" fabric; otherwise, it is an "unmonitored" fabric. smallint MANAGEMENT_STATE Bit map to indicate various management indications for the fabric.
D Meta SAN TABLE 150 FABRIC (Continued) Field Definition Format TYPE Type of fabric: 0 = legacy fabric 1 = base fabric 2 = logical fabric smallint SECURE 1 = it is a secured fabric. smallint AD_ENVIRONMENT 1 = there are user-defined ADs in this fabric. smallint MANAGED 1 = it is an actively "monitored" fabric; otherwise, it is an "unmonitored" fabric. smallint MANAGEMENT_STATE Bit map to indicate various management indications for the fabric.
D Meta SAN TABLE 150 FABRIC (Continued) Field Definition Format TYPE Type of fabric: 0 = legacy fabric 1 = base fabric 2 = logical fabric smallint SECURE 1 = it is a secured fabric. smallint AD_ENVIRONMENT 1 = there are user-defined ADs in this fabric. smallint MANAGED 1 = it is an actively "monitored" fabric; otherwise, it is an "unmonitored" fabric. smallint MANAGEMENT_STATE Bit map to indicate various management indications for the fabric.
D Meta SAN TABLE 150 FABRIC (Continued) Field Definition Format TYPE Type of fabric: 0 = legacy fabric 1 = base fabric 2 = logical fabric smallint SECURE 1 = it is a secured fabric. smallint AD_ENVIRONMENT 1 = there are user-defined ADs in this fabric. smallint MANAGED 1 = it is an actively "monitored" fabric; otherwise, it is an "unmonitored" fabric. smallint MANAGEMENT_STATE Bit map to indicate various management indications for the fabric.
D Meta SAN TABLE 150 FABRIC (Continued) Field Definition Format TYPE Type of fabric: 0 = legacy fabric 1 = base fabric 2 = logical fabric smallint SECURE 1 = it is a secured fabric. smallint AD_ENVIRONMENT 1 = there are user-defined ADs in this fabric. smallint MANAGED 1 = it is an actively "monitored" fabric; otherwise, it is an "unmonitored" fabric. smallint MANAGEMENT_STATE Bit map to indicate various management indications for the fabric.
D Meta SAN TABLE 150 FABRIC (Continued) Field Definition Format TYPE Type of fabric: 0 = legacy fabric 1 = base fabric 2 = logical fabric smallint SECURE 1 = it is a secured fabric. smallint AD_ENVIRONMENT 1 = there are user-defined ADs in this fabric. smallint MANAGED 1 = it is an actively "monitored" fabric; otherwise, it is an "unmonitored" fabric. smallint MANAGEMENT_STATE Bit map to indicate various management indications for the fabric.
D Meta SAN TABLE 150 FABRIC (Continued) Field Definition Format TYPE Type of fabric: 0 = legacy fabric 1 = base fabric 2 = logical fabric smallint SECURE 1 = it is a secured fabric. smallint AD_ENVIRONMENT 1 = there are user-defined ADs in this fabric. smallint MANAGED 1 = it is an actively "monitored" fabric; otherwise, it is an "unmonitored" fabric. smallint MANAGEMENT_STATE Bit map to indicate various management indications for the fabric.
D Meta SAN TABLE 150 FABRIC (Continued) Field Definition Format TYPE Type of fabric: 0 = legacy fabric 1 = base fabric 2 = logical fabric smallint SECURE 1 = it is a secured fabric. smallint AD_ENVIRONMENT 1 = there are user-defined ADs in this fabric. smallint MANAGED 1 = it is an actively "monitored" fabric; otherwise, it is an "unmonitored" fabric. smallint MANAGEMENT_STATE Bit map to indicate various management indications for the fabric.
D Meta SAN TABLE 150 FABRIC (Continued) Field Definition Format TYPE Type of fabric: 0 = legacy fabric 1 = base fabric 2 = logical fabric smallint SECURE 1 = it is a secured fabric. smallint AD_ENVIRONMENT 1 = there are user-defined ADs in this fabric. smallint MANAGED 1 = it is an actively "monitored" fabric; otherwise, it is an "unmonitored" fabric. smallint MANAGEMENT_STATE Bit map to indicate various management indications for the fabric.
D Meta SAN TABLE 150 FABRIC (Continued) Field Definition Format TYPE Type of fabric: 0 = legacy fabric 1 = base fabric 2 = logical fabric smallint SECURE 1 = it is a secured fabric. smallint AD_ENVIRONMENT 1 = there are user-defined ADs in this fabric. smallint MANAGED 1 = it is an actively "monitored" fabric; otherwise, it is an "unmonitored" fabric. smallint MANAGEMENT_STATE Bit map to indicate various management indications for the fabric.
D Meta SAN TABLE 150 FABRIC (Continued) Field Definition Format TYPE Type of fabric: 0 = legacy fabric 1 = base fabric 2 = logical fabric smallint SECURE 1 = it is a secured fabric. smallint AD_ENVIRONMENT 1 = there are user-defined ADs in this fabric. smallint MANAGED 1 = it is an actively "monitored" fabric; otherwise, it is an "unmonitored" fabric. smallint MANAGEMENT_STATE Bit map to indicate various management indications for the fabric.
D Meta SAN TABLE 150 FABRIC (Continued) Field Definition Format TYPE Type of fabric: 0 = legacy fabric 1 = base fabric 2 = logical fabric smallint SECURE 1 = it is a secured fabric. smallint AD_ENVIRONMENT 1 = there are user-defined ADs in this fabric. smallint MANAGED 1 = it is an actively "monitored" fabric; otherwise, it is an "unmonitored" fabric. smallint MANAGEMENT_STATE Bit map to indicate various management indications for the fabric.
D Meta SAN TABLE 150 FABRIC (Continued) Field Definition Format TYPE Type of fabric: 0 = legacy fabric 1 = base fabric 2 = logical fabric smallint SECURE 1 = it is a secured fabric. smallint AD_ENVIRONMENT 1 = there are user-defined ADs in this fabric. smallint MANAGED 1 = it is an actively "monitored" fabric; otherwise, it is an "unmonitored" fabric. smallint MANAGEMENT_STATE Bit map to indicate various management indications for the fabric.
D Meta SAN TABLE 150 FABRIC (Continued) Field Definition Format TYPE Type of fabric: 0 = legacy fabric 1 = base fabric 2 = logical fabric smallint SECURE 1 = it is a secured fabric. smallint AD_ENVIRONMENT 1 = there are user-defined ADs in this fabric. smallint MANAGED 1 = it is an actively "monitored" fabric; otherwise, it is an "unmonitored" fabric. smallint MANAGEMENT_STATE Bit map to indicate various management indications for the fabric.
D Meta SAN TABLE 150 FABRIC (Continued) Field Definition Format TYPE Type of fabric: 0 = legacy fabric 1 = base fabric 2 = logical fabric smallint SECURE 1 = it is a secured fabric. smallint AD_ENVIRONMENT 1 = there are user-defined ADs in this fabric. smallint MANAGED 1 = it is an actively "monitored" fabric; otherwise, it is an "unmonitored" fabric. smallint MANAGEMENT_STATE Bit map to indicate various management indications for the fabric.
D Meta SAN TABLE 150 FABRIC (Continued) Field Definition Format TYPE Type of fabric: 0 = legacy fabric 1 = base fabric 2 = logical fabric smallint SECURE 1 = it is a secured fabric. smallint AD_ENVIRONMENT 1 = there are user-defined ADs in this fabric. smallint MANAGED 1 = it is an actively "monitored" fabric; otherwise, it is an "unmonitored" fabric. smallint MANAGEMENT_STATE Bit map to indicate various management indications for the fabric.
D Meta SAN TABLE 150 FABRIC (Continued) Field Definition Format TYPE Type of fabric: 0 = legacy fabric 1 = base fabric 2 = logical fabric smallint SECURE 1 = it is a secured fabric. smallint AD_ENVIRONMENT 1 = there are user-defined ADs in this fabric. smallint MANAGED 1 = it is an actively "monitored" fabric; otherwise, it is an "unmonitored" fabric. smallint MANAGEMENT_STATE Bit map to indicate various management indications for the fabric.
D Meta SAN TABLE 150 FABRIC (Continued) Field Definition Format TYPE Type of fabric: 0 = legacy fabric 1 = base fabric 2 = logical fabric smallint SECURE 1 = it is a secured fabric. smallint AD_ENVIRONMENT 1 = there are user-defined ADs in this fabric. smallint MANAGED 1 = it is an actively "monitored" fabric; otherwise, it is an "unmonitored" fabric. smallint MANAGEMENT_STATE Bit map to indicate various management indications for the fabric.