HP StorageWorks Fabric OS 6.1.1 administrator guide (5697-0235, December 2009)

ManualsBrandsHP ManualsStorageHP StorageWorks 4/32B SAN Switch

421

422

423

424

425

426

427

428

429

430

Fabric OS 6.1.x administrator guide 427

command when working from the command line. For GUI-based procedures, see the Web Tools

Administrator’s Guide for configuring the routing policy using the FICON tab in Web Tools.

4. Issue the ficonshow rnid command to verify that the FICON

devices are registered with the switch.

5. Issue the ficonshow lirr command to verify that the FICON

host channels are registered to listen

for link incidents.

6. For an option, see ”FICON CUP” on page 431 for details about using FICON CUP.

Configuring a single switch

Single-switch configuration does not require IDID or fabric binding, provided that connected channels are

configured for single-byte addressing. However, you should configure IDID to ensure that Domain IDs are

maintained.

Configuring a high-integrity fabric

To configure a high-integrity fabric (cascaded configuration):

1. Disable each switch in the fabric.

2. For each switch:

a. Enable the IDID flag.

b. Set the Domain ID.

3. Enable the switches; this builds the fabric.

4. Set the SCC policy, as described in ”Configuring advanced security features” on page 107.

5. Configure the Switch Connection Control policies on all switches to limit connectivity to only the

switches in the selected fabric using the secPolicyCreate command:

switch:admin> secPolicyCreate SCC_POLICY, member;...;member

where:

member indicates a switch that is permitted to join the fabric. Specify switches by WWN, Domain ID,

or switch name. Enter an asterisk (*) to indicate all the switches in the fabric. To create a policy that

includes all the switches in the fabric, issue the following command:

switch:admin> secPolicyCreate SCC_POLICY ”*”

6. Save or activate the new policy by issuing either the secPolicySave or the secPolicyActivate

command. If neither of these commands is issued, the changes are lost when the session is logged out.

To activate the SCC policy:

switch:admin> secPolicyActivate

7. Enable ACL Fabric Wide Consistency Policy and enforce a strict SCC policy:

switch:admin> fddcfg --fabwideset ”SCC:S”

8. Connect and enable channel and control unit (CU) devices. The Query for Security Attributes (QSA)

response to the channel indicates that the fabric binding and IDID are enabled.

Figure 56 and Figure 57 show two viable cascaded configurations. These configurations require Channel

A to be configured for two-byte addressing and require IDID and fabric binding. It is recommended that