Cisco Nexus 5000 Series Switch Fabric Manager Software Configuration Guide, NX-OS 4.0 (OL-16598-01, June 2008)

ManualsBrandsHP ManualsStorageHP SN6000C 8Gb 32-port Fibre Channel Switch

331

332

333

334

335

336

337

338

339

340

Send comments to nx5000-docfeedback@cisco.com

24-17

Nexus 5000 Series Switch Fabric Manager Software Configuration Guide

OL-16598-01

Chapter 24 Configuring Port Security

Port Security Configuration Distribution

Committing the Changes

If you commit the changes made to the configurations, the configurations in the pending database are

distributed to other switches. On a successful commit, the configuration change is applied throughout

the fabric and the lock is released.

Activation and Auto-Learning Configuration Distribution

Activation and auto-learning configurations in distributed mode are remembered as actions to be

performed when you commit the changes in the pending database.

Learned entries are temporary and do not have any role in determining if a login is authorized or not. As

such, learned entries do not participate in distribution. When you disable learning and commit the

changes in the pending database, the learned entries become static entries in the active database and are

distributed to all switches in the fabric. After the commit, the active database on all switches are identical

and learning can be disabled.

If the pending database contains more than one activation and auto-learning configuration when you

commit the changes, the activation and auto-learning changes are consolidated and the resulting

operation may change (see Table 24-3).

Table 24-3 Scenarios for Activation and Auto-learning Configurations in Distributed Mode

Scenario Actions Distribution = OFF Distribution = ON

A and B exist in the

configuration

database,

activation is not

done and devices

C,D are logged in.

1. You activate the port

security database and

enable auto-learning.

configuration database = {A,B}

active database = {A,B, C

, D*}

configuration database = {A,B}

active database = {null}

pending database = {A,B + activation to

be enabled}

2. A new entry E is

added to the

configuration

database.

configuration database = {A,B,

active database = {A,B, C*, D*}

configuration database = {A,B}

active database = {null}

pending database = {A,B, E + activation

to be enabled}

3. You issue a commit. Not applicable configuration database = {A,B, E}

active database = {A,B, E, C*, D*}

pending database = empty