Manualshelf

Fabric OS Administrator's Guide, 7.1.0 (53-1002745-02, March 2013)

ManualsBrandsHP ManualsStorageHP SN6000B 16Gb 48-port/48-port Active Fibre Channel Switch
411412413414415416417418419420
412 Fabric OS Administrator’s Guide
53-1002745-02
Working with EX_Ports
14
NOTE
If trunking is enabled, be aware that the ports creating the bandwidth limitation will form a
trunk group, while the rest of the ports will be segmented.
Example of enabling encryption and compression on an EX_Port
This example configures and enables encryption and compression on an EX_Port. The commands
in this example are shown entered on a Brocade 6510 named ‘myswitch’ as Fibre Channel Router
(FCR) and an edge switch as ‘edge’.
Example Displaying port numbers on the FCR and Edge switches using the fcrEdgeShow command
switch:admin> fcredgeshow
FID EX-port E-port Neighbor Switch (PWWN, SWWN ) Flags
------------------------------------------------------------------------------
20 1 1 20:01:00:05:33:13:70:3e 10:00:00:05:33:13:70:3e
NOTE
Authentication and a secret key must be configured and established before configuring encryption.
Example Setting up authentication in preparation for in-flight encryption
This is for a Fibre Channel Router on which the EX_Port is online; it configures the DH-CHAP
protocol for authentication and sets the DH group to group 4.
myswitch:admin> authutil --show
AUTH TYPE HASH TYPE GROUP TYPE
----------------------------------------
fcap,dhchap sha1,md5 0,1,2,3,4
Switch Authentication Policy: PASSIVE
Device Authentication Policy: OFF
myswitch:admin> authutil --set -a dhchap
myswitch:admin> authutil --set -g "*"
switch:admin> authutil --show
AUTH TYPE HASH TYPE GROUP TYPE
--------------------------------------
dhchap sha1,md5 0,1,2,3,4
Switch Authentication Policy: PASSIVE
Device Authentication Policy: OFF
NOTE
On EX_Port enabled Fibre Channel Router, there is no need to set authentication policy to Active or
On. EX_Port can operate on any switch authentication policy.
Example Setting a secret key
For this you need to get the WWN of the peer Edge fabric switch.
myswitch:admin> secauthsecret
Usage: secAuthSecret <args>
--show: displays the secret key database
--set: sets up (add or modify) secret keys
--remove [wwn | domain | <sw name>]: removes an entry from secret key database
--remove --all: deletes secret key database
myswitch:admin> secauthsecret --set