R Simplify SANbox 5000 Series Fibre Channel Switch Installation Guide Firmware Version 6.
S SANbox 5000 Series Fibre Channel Switch Installation Guide Information furnished in this manual is believed to be accurate and reliable. However, QLogic Corporation assumes no responsibility for its use, nor for any infringements of patents or other rights of third parties which may result from its use. QLogic Corporation reserves the right to change product specifications at any time without notice. Applications described in this document for any of these products are for illustrative purposes only.
Table of Contents Section 1 Introduction 1.1 1.2 1.3 1.4 1.5 1.6 1.7 1.7.1 1.7.2 Intended Audience . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Related Materials . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . New in this Release . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Safety Notices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
SANbox 5000 Series Fibre Channel Switch Installation Guide S 2.1.2 2.1.2.1 2.1.2.2 2.1.2.3 2.2 2.2.1 2.2.1.1 2.2.1.2 2.2.2 2.2.3 2.3 2.4 2.5 2.6 2.6.1 2.6.2 2.6.3 2.6.4 2.6.5 2.6.6 2.6.7 Chassis LEDs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Input Power LED (Green) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Heartbeat LED (Green) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . System Fault LED (Amber). . . . . . . . . . . . . . . .
A SANbox 5000 Series Fibre Channel Switch Installation Guide 3.7.1 3.7.2 3.7.3 3.7.4 3.7.4.1 3.7.4.2 3.7.4.3 3.8 Connection Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . User Account Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Port Binding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Device Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
SANbox 5000 Series Fibre Channel Switch Installation Guide S 5.2.1 5.2.1.1 5.2.1.2 5.2.1.3 5.2.1.4 5.2.2 5.2.2.1 5.2.2.2 5.3 5.4 5.5 5.5.1 5.5.2 5.5.3 5.5.4 5.5.5 5.5.6 5.5.7 5.5.8 5.5.9 Heartbeat LED Blink Patterns . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Internal Firmware Failure Blink Pattern . . . . . . . . . . . . . . . . . . . Fatal POST Error Blink Pattern. . . . . . . . . . . . . . . . . . . . . . . . . . Configuration File System Error Blink Pattern . . . . . . . . . . . . .
A SANbox 5000 Series Fibre Channel Switch Installation Guide List of Figures Figure Page 2-1 SANbox 5000 Series Fibre Channel Switch. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-1 2-2 Chassis Controls and LEDS. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-2 2-3 Chassis LEDs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-3 2-4 Fibre Channel Ports . . . . . . . . . . . . . . . . . . . . .
SANbox 5000 Series Fibre Channel Switch Installation Guide S Notes Page viii 59096-04 A
Section 1 Introduction This manual describes the features and installation of the SANbox® 5000 Series Fibre Channel switch, firmware version 6.7. Table 1-1 describes the SANbox 5000 Series switch models and their distinguishing features. Table 1-1.
S 1 – Introduction Intended Audience 1.1 Intended Audience This manual introduces users to the switch and explains its installation and service. It is intended for users who are responsible for installing and servicing network equipment. 1.2 Related Materials The following manuals and materials are referenced in the text and/or provide additional information. SANbox 5000 Series Enterprise Fabric Suite 2007 User Guide, publication number 59097-04.
A 1 – Introduction New in this Release 1.3 New in this Release The following items are new in the current release: 59096-04 A The switch is equipped with the QuickTools embedded graphical user interface. QuickTools is a web applet that provides basic switch management tools. Enterprise Fabric Suite 2007 is a workstation-based Java® application that provides a graphical user interface for fabric management.
S 1 – Introduction Safety Notices 1.4 Safety Notices A Warning notice indicates the presence of a hazard that has the potential of causing personal injury. 4-4, 4-5, 4-11 4-4, 4-5, 4-11, 6-1 A Caution notice indicates the presence of a hazard that has the potential of causing damage to the equipment. 5-16 5-16, 6-2 1.5 Sicherheitshinweise Ein Warnhinweis weist auf das Vorhandensein einer Gefahr hin, die möglicherweise Verletzungen zur Folge hat.
A 1 – Introduction Communications Statements 1.7 Communications Statements The following statements apply to this product. The statements for other products intended for use with this product appear in their accompanying manuals. 1.7.1 Federal Communications Commission (FCC) Class A Statement This equipment has been tested and found to comply with the limits for a Class A digital device, pursuant to Part 15 of the FCC Rules.
1 – Introduction Communications Statements S 1.7.3 Avis de conformité aux normes du ministère des Communications du Canada Cet équipement ne dépasse pas les limites de Classe A d'émission de bruits radioélectriques por les appareils numériques, telles que prescrites par le Réglement sur le brouillage radioélectrique établi par le ministère des Communications du Canada.
A 1 – Introduction Communications Statements EN 61000-3-3: 1995, A1:2001 – “Limitation Of Voltage Fluctuations And Flicker In Low-Voltage Supply Systems For Equipment With Rated Current Less Than Or Equal To 16 A” 1.7.5 VCCI Class A Statement This is a Class A product based on the standard of the Voluntary Control Council For Interference by Information Technology Equipment (VCCI). If this equipment is used in a domestic environment, radio disturbance may arise.
S 1 – Introduction Laser Safety Information 1.8 Laser Safety Information This product uses Class 1 laser optical transceivers to communicate over the fiber optic conductors. The U.S. Department of Health and Human Services (DHHS) does not consider Class 1 lasers to be hazardous. The International Electrotechnical Commission (IEC) 825 Laser Safety Standard requires labeling in English, German, Finnish, and French stating that the product uses Class 1 lasers.
A 1 – Introduction Accessible Parts 1.10 Accessible Parts The Field Replaceable Units (FRUs) for the SANbox 5000 Series switch are the following: Power supplies (models 5202 and 5602) Small Form-Factor Pluggable (SFP) optical transceivers XPAK optical transceivers 1.
1 – Introduction General Public License S 1.13 General Public License QLogic® Fibre Channel switches are powered by the Linux operating system. A machine-readable copy of the Linux source code is available upon written request to the following address. A nominal fee will be charged for reproduction, shipping, and handling costs in accordance with the General Public License.
A 1 – Introduction General Public License For example, if you distribute copies of such a program, whether gratis or for a fee, you must give the recipients all the rights that you have. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights. We protect your rights with two steps: (1) copyright the software, and (2) offer you this license which gives you legal permission to copy, distribute and/or modify the software.
1 – Introduction General Public License S You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. 3. You may modify your copy or copies of the Program or any portion of it, thus forming a work based on the Program, and copy and distribute such modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions: a.
A 1 – Introduction General Public License b. c.
1 – Introduction General Public License S 7. Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties to this License. 8.
A 1 – Introduction General Public License 11. Each version is given a distinguishing version number. If the Program specifies a version number of this License which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of this License, you may choose any version ever published by the Free Software Foundation. 12.
S 1 – Introduction General Public License 1.13.3 How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms. To do so, attach the following notices to the program.
A 1 – Introduction Technical Support Yoyodyne, Inc., hereby disclaims all copyright interest in the program `Gnomovision' (which makes passes at compilers) written by James Hacker. signature of Ty Coon, 1 April 1989 Ty Coon, President of Vice This General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the library.
S 1 – Introduction Technical Support 1.14.3 Contact Information Support Headquarters QLogic Corporation 12984 Valley View Road Eden Prairie, MN 55344-3657 USA QLogic Web Site www.qlogic.com Technical Support Web Ste support@qlogic.com Technical Support Email support@qlogic.com Technical Training Email tech.training@qlogic.com North American Region Email support@qlogic.com Phone +1-952-932-4040 Fax +1 952-974-4910 Europe, Middle East, and Africa Region Email emeasupport@qlogic.
Section 2 General Description This section describes the features and capabilities of the SANbox 5000 Series Fibre Channel switches. This includes models 5200 and 5600 and the dual power supply models 5202 and 5602 as shown in Figure 2-1. The following topics are described: Chassis Controls and LEDs Fibre Channel Ports Ethernet Port Switch Management Fabrics are managed with the Command Line Interface (CLI), the QuickTools web applet, or Enterprise Fabric Suite 2007™ (version 6.07).
S 2 – General Description Chassis Controls and LEDs 2.1 Chassis Controls and LEDs The Maintenance button shown in Figure 2-2 is the only chassis control and is used to reset a switch or to recover a disabled switch. The chassis LEDs provide information about the switch’s operational status. These LEDS include the Input Power LED, Heartbeat LED, and the System Fault LED. To apply power to the switch, plug the power cord into the switch AC power receptacle and into a 100– 240 VAC power source.
A 2 – General Description Chassis Controls and LEDs 2.1.1.2 Placing the Switch in Maintenance Mode To place the switch in maintenance mode, do the following: 1. Isolate the switch from the fabric. 2. Press and hold the Maintenance button with a pointed tool for a few seconds until the Heartbeat LED alone is illuminated. Continue holding the maintenance button until the Heartbeat LED extinguishes, then release the button.
2 – General Description Chassis Controls and LEDs S 2.1.2.1 Input Power LED (Green) The Input Power LED indicates the voltage status at the switch logic circuitry. During normal operation, this LED illuminates to indicate that the switch logic circuitry is receiving the proper DC voltages. When the switch is in maintenance mode, this LED is extinguished. 2.1.2.2 Heartbeat LED (Green) The Heartbeat LED indicates the status of the internal switch processor and the results of the POST.
A 2 – General Description Fibre Channel Ports 2.2 Fibre Channel Ports NOTE: This document refers to ports 0–15 as 1/2/4-Gbps ports for convenience though SANbox 5200 Series switches do not support 4-Gbps transmission. The SANbox 5000 Series switch has sixteen 1/2/4-Gbps Fibre Channel ports and four 10-Gbps Fibre Channel ports. Ports are numbered 0–19 as shown in Figure 2-4.
S 2 – General Description Fibre Channel Ports 2.2.1 Port LEDs Each port has its own Logged-In LED (L) and Activity LED (A) as shown in Figure 2-5. Logged-In LED (Green) Activity LED (Green) Logged-In LED (Green) Activity LED (Green) 16 A L 6 A L 7 A L 8 A L 9 A L 10 A L 11 A L 12 A L 13 A 1/2/4-Gbps Ports L 14 A L 15 L L A A A 17 L L A A 10-Gbps Ports Figure 2-5. Port LEDs 2.2.1.
A 2 – General Description Fibre Channel Ports 2.2.2 Transceivers The SANbox 5000 Series switch supports SFP optical transceivers for the 1/2/4-Gbps ports and XPAK optical transceivers for the 10-Gbps ports. A transceiver converts electrical signals to and from optical laser signals to transmit and receive data. Duplex fiber optic cables plug into the transceivers which then connect to the devices.
S 2 – General Description Ethernet Port 2.3 Ethernet Port The Ethernet port is an RJ-45 connector that provides a connection to a management workstation through a 10/100 Base-T Ethernet cable. Figure 2-6 shows the Ethernet port on a model 5200/5600; the model 5202/5602 is similar. A management workstation can be a Windows®, Solaris™, or a Linux® workstation that is used to configure and manage the switch fabric.
A 2 – General Description Serial Port 2.4 Serial Port The SANbox 5000 Series switch is equipped with an RS-232 serial port for maintenance purposes. Figure 2-7 shows the serial port on a model 5200/5600 switch; the model 5202/5602 is similar. You can manage the switch through the serial port using the CLI. Serial Port L 0 A L 1 A L 2 A L 3 A L 4 A L 5 Figure 2-7. Serial Port and Pin Identification The serial port connector requires a null-modem F/F DB9 cable.
S 2 – General Description Power Supplies and Fans 2.5 Power Supplies and Fans The model 5200/5600 switch has a single power supply that converts 100–240 VAC to DC voltages for the various switch circuits. Four internal fans provide cooling. The switch monitors internal air temperature, and therefore does not monitor or report fan operational status. Air flow is front-to-back. To energize the switch, plug the power cord into the switch AC receptacle and into a 100–240 VAC power source.
A 2 – General Description Switch Management 2.6 Switch Management The switch supports the following management tools: QuickTools Web Applet Enterprise Fabric Suite 2007 Command Line Interface Application Programming Interface Simple Network Management Protocol Storage Management Initiative–Specification (SMI-S) File Transfer Protocols 2.6.
2 – General Description Switch Management S 2.6.2 Enterprise Fabric Suite 2007 Enterprise Fabric Suite 2007 is a separately licensed workstation-based Java® application that provides a graphical user interface for full fabric and switch management. Enterprise Fabric Suite 2007 is designed for managing fabrics of four or more switches and comes with a 30-day trial license. Enterprise Fabric Suite 2007 can run on a Windows, Solaris, Linux, or MacOS X workstation.
A 2 – General Description Switch Management 2.6.5 Simple Network Management Protocol SNMP provides monitoring and trap functions for the fabric. SANbox firmware supports SNMP versions 1 and 2, the Fibre Alliance Management Information Base (FA-MIB) version 4.0, and the Fabric Element Management Information Base (FE-MIB) RFC 2837. Traps can be formatted using SNMP version 1 or 2. Refer to the SANbox Simple Network Management Protocol Reference Guide for more information about using SNMP. 2.6.
2 – General Description Switch Management S Notes 2-14 59096-04 A
Section 3 Planning Consider the following when planning a fabric: Devices Device Access Performance Feature Licensing Multiple Chassis Fabrics Switch Services Fabric Security Fabric Management 3.1 Devices NOTE: This document refers to ports 0–15 as 1/2/4-Gbps ports for convenience though SANbox 5200 Series switches do not support 4-Gbps transmission. When planning a fabric, consider the number of devices and the anticipated demand.
S 3 – Planning Device Access 3.2 Device Access Consider device access needs within the fabric. Access is controlled by the use of zoning. Some zoning strategies include the following: Separate devices by operating system. Separate devices that have no need to communicate with other devices in the fabric or have classified data. Separate devices into department, administrative, or other functional group. Reserve a path and its bandwidth from one port to another.
A 3 – Planning Performance A zoning database is maintained on each switch. Table 3-1 describes the zoning database limits, excluding the active zone set. Table 3-1. Zoning Database Limits Limit Description MaxZoneSets Maximum number of zone sets (256). MaxZones Maximum number of zones (2000). MaxAliases Maximum number of aliases (2500). MaxTotalMembers Maximum number of zone and alias members (10000) that can be stored in the zoning database.
S 3 – Planning Performance 3.3.1 Distance Consider the physical distribution of devices and switches in the fabric. Choose SFP transceivers that are compatible with the cable type, distance, Fibre Channel revision level, and the device host bus adapter. Refer to Appendix A for more information about cable types and transceivers. Each Fibre Channel port is supported by a data buffer with a 16 credit capacity; that is, 16 maximum sized frames.
A 3 – Planning Performance 3.3.2 Bandwidth Bandwidth is a measure of the volume of data that can be transmitted at a given transmission rate. A 1/2/4-Gbps port can transmit or receive at nominal rates of 1-, 2-, or 4-Gbps depending on the device to which it is connected. This corresponds to full duplex bandwidth values of 212 MB, 424 MB, and 850 MB respectively. 10-Gbps ports transmit at a nominal rate of 10-Gbps which corresponds to a full duplex bandwidth value of 2550 MB.
S 3 – Planning Feature Licensing 3.4 Feature Licensing NOTE: License keys enable menu selections in Enterprise Fabric Suite 2007 and commands and keywords in the CLI. License keys do not affect the capabilities of the QuickTools web applet. License keys provide a way to expand the capabilities of your switch and fabric as your needs grow. Consider your need for the following features and arrange to purchase license keys from your switch distributor or authorized reseller.
A 3 – Planning Multiple Chassis Fabrics 3.5 Multiple Chassis Fabrics By connecting switches together you can expand the number of available ports for devices. Each switch in the fabric is identified by a unique domain ID, and the fabric can automatically resolve domain ID conflicts. Because the Fibre Channel ports are self-configuring, you can connect SANbox 5000 Series switches together in a wide variety of topologies.
S 3 – Planning Multiple Chassis Fabrics 3.5.2 Domain ID, Principal Priority, and Domain ID Lock The following switch configuration settings affect multiple chassis fabrics: Domain ID Principal priority Domain ID lock The domain ID is a unique number from 1–239 that identifies each switch in a fabric. The principal priority is a number (1–255) that determines the principal switch which manages domain ID assignments for the fabric.
A 3 – Planning Multiple Chassis Fabrics 3.5.3 Stacking You can connect up to six 20-port SANbox 5000 Series switches together through the 10-Gbps ports, thus preserving the user ports for devices. This is called stacking. The following 2-, 3-, 4-, 5-, and 6-switch stacking configurations are recommended for best performance and redundancy. Each 10-Gbps port contributes 1 GB of bandwidth between chassis with one chassis hop between any two ports.
S 3 – Planning Multiple Chassis Fabrics Figure 3-3 shows a four-switch stack of model 5000 switches using three 3-inch and three 9-inch XPAK switch stacking cables. 64 1/2/4-Gbps ports are available for devices. Figure 3-3. Four-Switch Stack Figure 3-4 shows a five-switch stack of model 5000 switches using ten XPAK switch stacking cables. Eighty 1/2/4-Gbps ports are available for devices. Figure 3-4.
A 3 – Planning Multiple Chassis Fabrics Figure 3-5 shows a six-switch stack of model 5000 switches using eight XPAK switch stacking cables. Ninety-six 1/2/4-Gbps ports are available for devices. Figure 3-5. Six Switch Stack 3.5.
S 3 – Planning Multiple Chassis Fabrics 3.5.4.1 Cascade Topology A cascade topology describes a fabric in which the switches are connected in series. If you connect the last switch back to the first switch, you create a cascade-with-a-loop topology as shown in Figure 3-6. The loop reduces latency because any switch can route traffic in the shortest direction to any switch in the loop. The loop also provides failover should a switch fail.
A 3 – Planning Multiple Chassis Fabrics 3.5.4.2 Mesh Topology A mesh topology describes a fabric in which each chassis has at least one port directly connected to each other chassis in the fabric. Using 16-port SANbox 5000 Series switches the mesh fabric shown in Figure 3-7 has the following characteristics: Each link contributes up to 425 MB of bandwidth between switches, 850 MB in full duplex.
S 3 – Planning Multiple Chassis Fabrics 3.5.4.3 MultiStage Topology Each link contributes up to 425 MB of bandwidth between chassis. Competition for this bandwidth is less than that of a cascade topology, but greater than that of the mesh topology. Latency between any two ports is no more than two chassis hops. 52 1/2/4-Gbps Fibre Channel ports are available for devices. Core Switch Edge Switch Edge Switch Edge Switch Figure 3-8.
A 3 – Planning Switch Services 3.6 Switch Services You can configure your switch to suit the demands of your environment by enabling or disabling a variety of switch services. Familiarize yourself with the following switch services and determine which ones you need. Notice that the SSH and SSL services require the Fabric Security license key. 59096-04 A Telnet: Provides for the management of the switch over a Telnet connection. Disabling this service is not recommended. The default is enabled.
S 3 – Planning Fabric Security Common Information Model (CIM): Provides for the management of the switch through third-party applications that use the Storage Management Initiative–Specification (SMI-S). The default is enabled. File Transfer Protocol (FTP): Provides for transferring files rapidly between the workstation and the switch using FTP. The default is enabled.
A 3 – Planning Fabric Security 3.7.1 Connection Security NOTE: You must install the Fabric Security license key to secure connections using SSH and SSL. Connection security provides an encrypted data path for switch management methods. The switch supports the Secure Shell (SSH) protocol for the command line interface and the Secure Socket Layer (SSL) protocol for management applications such as Enterprise Fabric Suite 2007 and SMI-S.
S 3 – Planning Fabric Security Authentication of the user account and password can be performed locally using the switch’s user account database or it can be done remotely using a RADIUS server such as Microsoft® RADIUS. Authenticating user logins on a RADIUS server requires a secure management connection to the switch. Refer to “Connection Security” on page 3-17 for information about securing the management connection.
A 3 – Planning Fabric Security 3.7.4 Device Security NOTE: You must install the Fabric Security license key to configure and activate device security and RADIUS servers. If you are upgrading your switch firmware to version 6.7 from version 5.x, you are granted a 30-day temporary license. Device security provides for the authorization and authentication of devices that you attach to a switch.
S 3 – Planning Fabric Security Consider the devices, switches, and management agents and evaluate the need for authorization and authentication. Also consider whether the security database is to distributed on the switches or centralized on a RADIUS server and how many servers to configure. The following examples illustrate how to configure a security database: Security Example: Switches and HBAs with Authentication Security Example: RADIUS Server Security Example: Host Authentication 3.7.4.
A 3 – Planning Fabric Security 1. Create a security set (Security_Set_1) on Switch_1. a. Create a port group (Group_Port_1) in Security_Set_1 with Switch_1, HBA_1, and JBOD as members.
S 3 – Planning Fabric Security b. Create an ISL group (Group_ISL_1) in Security_Set_1 with Switch_1, Switch_2, HBA1, and JBOD as members. The Switch_1 secret must be shared with the Switch_2 security database. ISL Group on Switch_1: Group_ISL_1 Switch_1 Node WWN: 10:00:00:c0:dd:07:e3:4c Authentication: CHAP Primary Hash: MD5 Primary Secret: 0123456789abcdef Binding: None Switch_2 Node WWN: 10:00:00:c0:dd:07:e3:4e Authentication: CHAP Primary Hash: MD5 Primary Secret: abcdefabcdef012 Binding: None 2.
A 3 – Planning Fabric Security 3.7.4.2 Security Example: RADIUS Server Consider the fabric shown in Figure 3-10. This fabric is similar to the one shown in Figure 3-9 with the addition of Radius_1 acting as a RADIUS server.
S 3 – Planning Fabric Security 1. Configure the Radius_1 host as a RADIUS server on Switch_1 and Switch_2 to authenticate device logins. Specify the server IP address and the secret with which the switches will authenticate with the server. Configure the switches so that devices authenticate through the switches only if the RADIUS server is unavailable.
A 3 – Planning Fabric Security 2. Create a security set (Security_Set_1) on Switch_1. a. Create a port group (Group_Port_1) in Security_Set_1 with Switch_1 and HBA_1 as members.
S 3 – Planning Fabric Security b. Create an ISL group (Group_ISL_1) in Security_Set_1 with Switch_1 and Switch_2 as members. The Switch_1 secret must be shared with the Switch_2 security database. ISL Group on Switch_1: Group_ISL_1 Switch_1 Node WWN: 10:00:00:c0:dd:07:e3:4c Authentication: CHAP Primary Hash: MD5 Primary Secret: 0123456789abcdef Binding: None Switch_2 Node WWN: 10:00:00:c0:dd:07:e3:4e Authentication: CHAP Primary Hash: MD5 Primary Secret: abcdefabcdef012 Binding: None 3.
A 3 – Planning Fabric Security 3.7.4.3 Security Example: Host Authentication Consider the fabric shown in Figure 3-11. In this fabric, only Switch_2 and HBA_2/APP_2 support security, where APP_2 is a host application. The objective is to secure the management server on Switch_2 from unauthorized access by an HBA or an associated host application.
S 3 – Planning Fabric Security 1. Create a security set (Security_Set_2) on Switch_2. 2. Create a Management Server group (Group_1) in Security_Set_2 with Switch_2 and HBA_2 or APP_2 as its member. You must specify HBAs by node worldwide name. Switches can be specified by port or node worldwide name. The type of switch worldwide name you use in the switch security database must be the same as that in the HBA security database.
A 3 – Planning Fabric Management 3.8 Fabric Management The Enterprise Fabric Suite 2007 application executes on a management workstation and provides for the configuration, control, and maintenance of multiple fabrics. Supported platforms include Windows, Solaris, Linux, and MacOS X. Enterprise Fabric Suite 2007 comes with a 30-day trial license – a permanent license is available for purchase from your authorized reseller.
3 – Planning Fabric Management S Notes 3-30 59096-04 A
Section 4 Installation This section describes how to install and configure the switch. The following topics are covered: Site Requirements Installing a Switch Installing Firmware Adding a Switch to an Existing Fabric Installing Feature License Keys 4.
S 4 – Installation Site Requirements 4.1.1 Fabric Management Workstation The requirements for fabric management workstations are described in Table 4-1: Table 4-1. Management Workstation Requirements Operating System Windows 2003 SP1/SP2, XP Solaris 9, 10, 10 x86 Red Hat® Enterprise Linux® 3, 4 SUSE™ Linux Enterprise Server 9, 10 Mac® OS X 10.
A 4 – Installation Installing a Switch 4.2 Installing a Switch Unpack the switch and accessories.
S 4 – Installation Installing a Switch 4.2.1 Mount the Switch The switch can be placed on a flat surface and stacked or mounted in a 19” EIA rack. Refer to “Dimensions” on page A-4 for weight and dimensional specifications. Adhesive rubber feet are provided for surface mounts. Without the rubber feet, the switch occupies 1U of space in an EIA rack.
A 4 – Installation Installing a Switch WARNING!! If the switch is mounted in a closed or multi-rack assembly, the operating temperature of the rack environment may be greater than the ambient temperature. Be sure to install the chassis in an environment that is compatible with the maximum rated ambient temperature. Refer to “Environmental” on page A-5 for technical specifications. Do not restrict chassis air flow. Allow 16 cm (6.
S 4 – Installation Installing a Switch To mount a model 5200/5600 switch in a rack using the General Devices C-874 rail kit, you must fasten the switch brackets and inner rails to the switch as shown in Figure 4-3. Use the screws that come with the rail kit. Refer to the rail kit instructions for complete information. Figure 4-3.
A 4 – Installation Installing a Switch If you are using the 10-Gbps ports, remove the port covers by the cover tabs using your fingers or pliers as shown in Figure 4-4. A L A L L A L 16 A A L 17 A L 18 A L 19 A Figure 4-4. Removing 10-Gbps Port Covers To install XPAK switch stacking cables, position the cable connectors with the circuit board toward the mid line of the respective switch faceplates as shown in Figure 4-5.
S 4 – Installation Installing a Switch 4.2.3 Configure the Workstation If you plan to use the command line interface to configure and manage the switch, you must configure the workstation. This involves setting the workstation IP address for Ethernet connections, or configuring the workstation serial port.
A 4 – Installation Installing a Switch 4.2.3.2 Configuring the Workstation Serial Port To configure the workstation serial port, do the following: 1. Connect a null modem F/F DB9 cable from a COM port on the management workstation to the RS-232 serial port on the switch. 2. Configure the workstation serial port according to your platform: For Windows: a. Open the HyperTerminal application. Choose the Start button, select Programs, Accessories, HyperTerminal, and HyperTerminal. b.
S 4 – Installation Installing a Switch 4.2.4 Connect the Workstation to the Switch You can manage the switch using the CLI, QuickTools, or Enterprise Fabric Suite 2007. QuickTools and Enterprise Fabric Suite 2007 require an Ethernet connection to the switch. The CLI can use an Ethernet connection or a serial connection.
A 4 – Installation Installing a Switch 4.2.5 Connect the Switch to AC Power WARNING!! This product is supplied with a 3-wire power cable and plug for the user’s safety. Use this power cable in conjunction with a properly grounded outlet to avoid electrical shock. An electrical outlet that is not correctly wired could place hazardous voltage on metal parts of the switch chassis. It is the responsibility of the customer to ensure that the outlet is correctly wired and grounded to prevent electrical shock.
S 4 – Installation Installing a Switch WARNUNG!! Dieses Produkt wird mit einem 3-adrigen Netzkabel mit Stecker geliefert. Dieses Kabel erfüllt die Sicherheitsanforderungen und sollte an einer vorschriftsmäßigen Schukosteckdose angeschlossen werden, um die Gefahr eines elektrischen Schlages zu vermeiden.Elektrosteckdosen, die nicht richtig verdrahtet sind, können gefährliche Hochspannung an den Metallteilen des switch-Gehäuses verursachen.
A 4 – Installation Installing a Switch To power up a SANbox 5000 Series switch, do the following: For a model 5200/5600 switch, connect the power cord to the AC power receptacle on the front of the switch chassis and to a grounded AC outlet. For a model 5202/5602 switch, connect the power cords to the power supply receptacles on the back of the switch chassis and to a grounded AC outlet.
S 4 – Installation Installing a Switch 4.2.6 Configure the Switch You can configure the switch using the CLI, QuickTools, or Enterprise Fabric Suite 2007. Enterprise Fabric Suite 2007 is an optional, full fabric graphical user interface that comes with a 30-day trial license. Refer to the SANbox 5000 Series Enterprise Fabric Suite 2007 User Guide for information about installing Enterprise Fabric Suite 2007. To log in and configure the switch using QuickTools, do the following: 1.
A 4 – Installation Installing a Switch To configure the switch using the command line interface, do the following: 1. Open a command window according to the type of workstation and connection: Ethernet (all platforms): Open a Telnet session with the default switch IP address and log in to the switch with default account name and password (admin/password). telnet 10.0.0.1 Switch Login: admin Password: NOTE: ******* To insure fabric security, you should change the password for the Admin account name.
S 4 – Installation Installing Firmware 4.2.7 Cable Devices to the Switch Connect cables to the SFP transceivers and their corresponding devices, and then energize the devices. Device host bus adapters can have SFP (or SFF) transceivers or GigaBit Interface Converters (GBIC). LC-type duplex fiber optic cable connectors are designed for SFP transceivers, while SC-type connectors are designed for GBICs. Duplex cable connectors are keyed to ensure proper orientation.
A 4 – Installation Installing Firmware NOTE: You can load and activate version 6.7 firmware on an operating switch without disrupting data traffic or having to re-initialize attached devices. If you attempt to perform a non-disruptive activation without satisfying the following conditions, the activation will fail. If the non-disruptive activation fails, you will usually be prompted to try again later. Otherwise, the switch will perform a disruptive activation.
S 4 – Installation Installing Firmware 4.3.1 Using QuickTools to Install Firmware To install firmware using QuickTools, do the following: 1. In the faceplate display, open the Switch menu and select Load Firmware. 2. In the Firmware Upload dialog, click the Browse button to browse and select the firmware file to be uploaded. 3. Click the Start button to begin the firmware load process. You will be shown a message warning you that the switch will be reset in order to activate the firmware. 4.
A 4 – Installation Installing Firmware Refer to the SANbox 5000 Series Fibre Channel Switch Command Line Interface Guide for information about the CLI commands. 1. Enter the following commands to download the firmware from a remote host to the switch, install the firmware, then reset the switch to activate the firmware. SANbox #> admin start SANbox #> firmware install The switch will be reset. This process will cause a disruption to I/O traffic.
S 4 – Installation Installing Firmware 4.3.2.2 Custom Firmware Installation A custom firmware installation downloads the firmware image file from an FTP or TFTP server to the switch, unpacks the image file, and resets the switch in separate steps. This allows you to choose the type of switch reset and whether the activation will be disruptive (Reset Switch command) or nondisruptive (Hotreset command). The following example illustrates a custom firmware installation with a nondisruptive activation. 1.
A 4 – Installation Adding a Switch to an Existing Fabric 4.4 Adding a Switch to an Existing Fabric If there are no special conditions to be configured for the new switch, simply plug in the switch and the switch becomes functional with the default fabric configuration. The default fabric configuration settings are as follows: Fabric zoning is sent to the switch from the fabric All ports will be GL_Ports The default IP address 10.0.0.
4 – Installation Installing Feature License Keys S Notes 4-22 59096-04 A
Section 5 Diagnostics/Troubleshooting Diagnostic information about the switch is available through the chassis LEDs and the port LEDs. Diagnostic information is also available through the CLI, QuickTools, or Enterprise Fabric Suite 2007 event logs and error displays. This section describes the following types of diagnostics: Chassis Diagnostics describes the Input Power LED and System Fault LED indications.
S 5 – Diagnostics/Troubleshooting Chassis Diagnostics 5.1.1 Input Power LED Is Extinguished The Input Power LED illuminates to indicate that the switch logic circuitry is receiving proper voltages. If the Input Power LED is extinguished, do the following: 1. 2. 3. Inspect the power cords and connectors. Is the cord unplugged? Is the cord or connector damaged? Yes - Make necessary corrections or repairs. If the condition remains, continue. No - Continue. Inspect the AC power source.
A 5 – Diagnostics/Troubleshooting Power-On Self Test Diagnostics 5.2 Power-On Self Test Diagnostics The switch performs a series of tests as part of its power-up procedure. The POST diagnostic program performs the following tests: Checksum tests on the boot firmware in PROM and the switch firmware in flash memory Internal data loopback test on all ports Access and integrity test on the ASIC During the POST, the switch logs any errors encountered. Some POST errors are critical, others are not.
S 5 – Diagnostics/Troubleshooting Power-On Self Test Diagnostics 5.2.1.1 Internal Firmware Failure Blink Pattern An internal firmware failure blink pattern is 2 blinks followed by a two second pause. The 2-blink error pattern indicates that the firmware has failed, and that the switch must be reset. Momentarily press and release the Maintenance button to reset the switch. 2 seconds 5.2.1.2 Fatal POST Error Blink Pattern A system error blink pattern is 3 blinks followed by a two second pause.
A 5 – Diagnostics/Troubleshooting Power-On Self Test Diagnostics 5.2.1.3 Configuration File System Error Blink Pattern A configuration file system error blink pattern is 4 blinks followed by a two second pause. The 4-blink error pattern indicates that a configuration file system error has occurred, and that the configuration file must be restored. 2 seconds To restore the switch configuration, do the following: 1. Establish communications with the switch using Telnet.
S 5 – Diagnostics/Troubleshooting Power-On Self Test Diagnostics 5.2.1.4 Over Temperature Blink Pattern An over temperature blink pattern is 5 blinks followed by a two second pause. The 5-blink error pattern indicates that the air temperature inside the switch has exceeded the failure temperature threshold. 2 seconds If the Heartbeat LED shows the over temperature blink pattern, do the following: 1. 2. 3. 4. 5-6 Inspect the chassis vents. Are the intake and exhaust vents clear? Yes - Continue.
A 5 – Diagnostics/Troubleshooting Power-On Self Test Diagnostics 5.2.2 Logged-In LED Indications Port diagnostics are indicated by the Logged-In LED for each port as shown in Figure 5-2. Logged-In LED 16 0 A L 1 A L 2 A L 3 A L 4 A L 5 A L 6 A L 7 A L 8 A L 9 A L 10 A L 11 A L 12 A L 13 A L 14 A L 15 18 L L A A A 17 19 L L A A Figure 5-2.
5 – Diagnostics/Troubleshooting Power-On Self Test Diagnostics S 5.2.2.1 E_Port Isolation A Logged-In LED error indication is often the result of E_Port isolation. E_Port isolation can be caused by the following: Security failure FL_Port is connected to another switch Conflicting domain IDs Conflicting timeout values Conflicting zone membership between active zone sets Review the event browser and do the following to diagnose and correct an isolated E_Port: 1. 2. 3.
A 5 – Diagnostics/Troubleshooting Power-On Self Test Diagnostics 4. 5. Compare the RA_TOV and ED_TOV timeout values for all switches in the fabric using the Show Config Switch command. Is each timeout value the same on every switch? Yes - Continue. No - Correct the timeout values on the offending switches using the Set Config Switch CLI. Reset the port. If the condition remains, continue. Display the active zone set on each switch using the Zoning Active command.
5 – Diagnostics/Troubleshooting Power-On Self Test Diagnostics S If the count for any of these errors exceeds the rising trigger for three consecutive sample windows, the switch generates an alarm and disables the affected port, changing its operational state to “down”.
A 5 – Diagnostics/Troubleshooting Transceiver Diagnostics 5.3 Transceiver Diagnostics NOTE: Transceiver diagnostic information is available with purchase of the SANdoctor license key. To purchase a license key, contact your authorized maintenance provider.
S 5 – Diagnostics/Troubleshooting Power Supply Diagnostics 5.4 Power Supply Diagnostics A model 5202/5602 switch power supply has a Status LED (Green) and a Fault LED (Amber) as shown in Figure 5-3. Under normal operating conditions, the Power Supply Status LED is illuminated and the Power Supply Fault LED is extinguished. Power Supply Status LED Power Supply Fault LED Figure 5-3.
A 5 – Diagnostics/Troubleshooting Recovering a Switch Using Maintenance Mode 5.5 Recovering a Switch Using Maintenance Mode A switch can become inoperable or unmanageable for the following reasons: Firmware becomes corrupt IP address is lost Switch configuration becomes corrupt Forgotten password In these specific cases, you can recover the switch using maintenance mode. Maintenance mode temporarily returns the switch IP address to 10.0.0.
5 – Diagnostics/Troubleshooting Recovering a Switch Using Maintenance Mode 4. S The maintenance menu displays several recovery options. To select a switch recovery option, press the corresponding number (displayed in option: field) on the keyboard and press the Enter key.
A 5 – Diagnostics/Troubleshooting Recovering a Switch Using Maintenance Mode 5. Select option 1 from the maintenance menu. When prompted for a file name prompt, enter the firmware image file name. Image filename: filename Unpacking ’filename’, please wait... Unpackage successful. 6. Select option 7 to reset the switch and exit maintenance mode. 5.5.
5 – Diagnostics/Troubleshooting Recovering a Switch Using Maintenance Mode S 5.5.7 Remaking the File System in Maintenance Mode In the event of a loss of power, the switch configuration may become corrupt. The file system on which the configuration is stored must be re-created. This option resets the switch to the factory default values including user accounts and zoning. Refer to the Reset command in the SANbox 5000 Series Fibre Channel Switch Command Line Interface Guide for the factory default values.
Section 6 Removal/Replacement This section describes the removal and replacement procedures for the following field replaceable units (FRU): SFP transceivers Power supplies for model 5202/5602 switches The switch is equipped with a battery that powers the non-volatile memory. This memory stores the switch configuration. The battery is not a field replaceable unit. WARNING!! Danger of explosion if battery is incorrectly replaced.
S 6 – Removal/Replacement Power Supply Removal and Replacement 6.2 Power Supply Removal and Replacement The SANbox 5202/5602 power supplies are hot pluggable. This means you can remove or install one of the power supplies while the switch is operating without disrupting service. The power supplies are also interchangeable; that is, the left and right power supplies are the same unit. CAUTION! Both power supplies must have the same air flow direction to prevent the switch from overheating.
A 6 – Removal/Replacement Power Supply Removal and Replacement 1. Confirm that the Heartbeat LED is showing the normal 1 blink per second. This allows the switch to correctly report power supply status. 2. Confirm that the new power supply is compatible with the switch air flow direction. The part number label on the power supply indicates the air flow direction as shown in Figure 6-2. 3. With the AC receptacle on the right, slide the power supply into the bay until it is firmly seated.
6 – Removal/Replacement Power Supply Removal and Replacement S Notes 6-4 59096-04 A
Appendix A Specifications This appendix contains the specifications for the SANbox 5000 Series Fibre Channel switch. Refer to Section 2 for the location of all connections, switches, controls, and components. A.1 Fabric Specifications Fibre Channel Protocols ................. FC-PH Rev. 4.3 FC-PH-2 FC-PH-3 FC-AL Rev 4.6 FC-AL-2 Rev 7.0 FC-FLA FC-GS FC-GS-2 FC-GS-3 FC-FG FC-Tape FC-VI FC-SW-2 Fibre Channel Element MIB RFC 2837 Fibre Alliance MIB Version 4.0 Fibre Channel Classes of Service ..
S A – Specifications Fabric Specifications Number of Fibre Channel Ports ...... Variable and can be upgraded in the following configurations: (5200 Series models do not support 4-Gbps) Eight 1/2/4-Gbps FC ports Twelve 1/2/4-Gbps FC ports Sixteen 1/2/4-Gbps FC ports Sixteen 1/2/4-Gbps FC ports plus four 10-Gbps FC ports Scalability........................................ Maximum 239 switches depending on configuration Maximum User Ports ......................
A A – Specifications Maintainability Bandwidth Point-to-Point ................................. 212 MB, Full Duplex @ 1-Gbps 224 MB, Full Duplex @ 2-Gbps 850 MB, Full Duplex @ 4-Gbps1 Aggregate (single switch) ............... 2550 MB, Full Duplex @ 10-Gbps Up to 23.80 GB Full Duplex Bandwidth Point-to-Point ................................. 212 MB, Full Duplex @ 1-Gbps 224 MB, Full Duplex @ 2-Gbps 850 MB, Full Duplex @ 4-Gbps1 2550 MB, Full Duplex @ 10-Gbps Aggregate (single switch) ...............
S A – Specifications Fabric Management A.3 Fabric Management Management Methods .................... Enterprise Fabric Suite 2007 graphical user interface QuickTools web applet Command Line Interface Application Programming Interface SMI-S GS-3 Management Server SNMP FTP TFTP Maintenance Connection ................ RS-232 connector; null modem F/F DB9 cable Ethernet Connection ....................... RJ-45 connector; 10/100 BASE-T cable Switch Agent...................................
A A – Specifications Electrical A.5 Electrical Operating voltage ........................... 100 to 240 VAC; 50 to 60 Hz Power source loading (maximum) .. 1 A at 120 VAC 0.5 A at 240 VAC Heat Output (maximum) ................. 100 watts Circuit Protection ............................ Internally fused A.6 Environmental Temperature Operating .................................. 5 to 40°C (41 to 104°F) Non-operating ........................... -40 to 70°C (-40 to 158°F) Humidity Operating .............
S A – Specifications Regulatory Certifications A.7 Regulatory Certifications Safety Standards ............................ UL60950:2000 CSA 22.2 No. 60950-00 (Canada) EN60950 (EC) CB Scheme-IEC 60950 Emissions Standards ...................... FCC Part 15B Class A ICES-03 Issue 3 VCCI Class A ITE CISPR 22, Class A EN 55022, Class A Voltage Fluctuations ....................... EN 61000-3-3 Harmonics....................................... EN 61000-3-2 Immunity .........................................
Glossary Access Control List Zone Access Control List zoning divides the fabric for purposes of controlling discovery and inbound traffic. Arbitrated Loop A Fibre Channel topology where ports use arbitration to establish a point-to-point circuit. Active Zone Set The zone set that defines the current zoning for the fabric. Arbitrated Loop Physical Address (AL_PA) A unique one-byte value assigned during loop initialization to each NL_Port on a loop.
S SANbox 5000 Series Fibre Channel Switch Installation Guide Class 2 Service A service which multiplexes frames at frame boundaries to or from one or more N_Ports wit h acknowledgment provided. Chassis Hop A measure of fabric latency represented by the ISL that any frame crosses when travelling from one switch to another. A frame that travels from one switch to another over an ISL experiences one chassis hop.
A Flash Memory Memory on the switch that contains the chassis control firmware. Frame Data unit consisting of a start-of-frame (SOF) delimiter, header, data payload, CRC, and an end-of-frame (EOF) delimiter. SANbox 5000 Series Fibre Channel Switch Installation Guide Input Power LED A chassis LED that indicates that the switch logic circuitry is receiving proper DC voltages. Inter-Switch Link The connection between two switches using E_Ports.
S SANbox 5000 Series Fibre Channel Switch Installation Guide MIB Management Information Base Multistage Topology A fabric in which two or more edge switches connect to one or more core switches. Network Time Protocol A network protocol that enables a client to synchronize its time with a server. NL_Port Node Loop Port. A Fibre Channel device port that supports arbitrated loop protocol.
A SANbox 5000 Series Fibre Channel Switch Installation Guide Voluntary Control Council for Interference A consortium of Japanese electronics industry associations that have established voluntary standards for controlling electromagnetic interference (EMI). Worldwide Name (WWN) A unique 64-bit address assigned to a device by the device manufacturer. WWN Worldwide Name XPAK A specification authored by a consortium of companies to govern the development of small form factor 10 Gigabit modules.
SANbox 5000 Series Fibre Channel Switch Installation Guide S Notes Glossary-6 59096-04 A
Index Numerics 10/100 Base-T straight cable 4-10 10-Gbps port 2-5 A account name default 4-14 FTP 4-20 maintenance mode 5-13 active zone set 3-2 Activity LED 2-6, 2-8 air flow A-5 altitude A-5 Application Programming Interface 2-12 authorization 3-19 B bandwidth 3-5, A-3 boot loader 5-16 browser 4-2 buffer credit 3-4, A-2 C cable 10/100 Base-T 4-10 10/100 Base-T crossover 4-10 fibre optic 3-1 length 3-4 null modem F/F DB9 4-10 XPAK switch stacking 4-7 cascade topology 3-12 certificate 3-17 59096-04 A c
S SANbox 5000 Series Fibre Channel Switch Installation Guide E E_Port 2-7, 5-8 emissions standards A-6 Enterprise Fabric Suite 2007 2-12 environmental conditions 4-2 specifications A-5 error critical 5-3 fatal POST 5-4 port 5-9 Ethernet direct connection 4-10 indirect connection 4-10 port 2-8 extended credit cable length 3-4 example 3-4 F F_Port 2-7 fabric management 3-29, A-4 management switch 2-8 management workstation 4-2 point-to-point bandwidth A-3 port 2-7 security 3-16 factory defaults 5-15 fiber
A L latency 3-5, A-2 LED Activity 2-6, 2-8 Heartbeat 2-4, 5-3 Input Power 2-4, 5-2 Link Status 2-8 Logged-In 2-6, 5-7 power supply 2-10 System Fault 2-4, 5-2 license key 2-5, 4-21 Link Status LED 2-8 log file 5-15 Logged-In LED 2-6, 5-7 login limit 3-29 M maintainability A-3 maintenance interface A-4 menu 5-14 mode 2-2, 2-3, 5-3, 5-13 Maintenance button 2-2, 2-3, 5-13 Management Server 3-16 management workstation 2-8, 4-10 marking A-6 media type A-2 memory flash 2-2 workstation 4-2 mesh topology 3-13 minic
S SANbox 5000 Series Fibre Channel Switch Installation Guide Power-on Self Test description 5-3 fatal error 5-4 principal priority 3-8 switch 3-8 processor 4-2, A-2 Q QuickTools service 3-15 web applet 2-11 R rack mount 4-4, 4-5, 4-6 RADIUS - See Remote Dial-In User Service.
A Telnet service 3-15 temperature error 5-6 operating range 4-2, A-5 three-switch-stacking 3-9 timeout values 5-9 topology cascade 3-12 mesh 3-13 transceiver 2-7, 4-6, 6-1 transmission rate 3-3, 3-5 two-switch stacking 3-9 SANbox 5000 Series Fibre Channel Switch Installation Guide Z zone conflict 5-9 definition 3-2 zone set active 3-2 definition 3-2 zoning database 3-3 hardware enforced 3-2 limits 3-3 U upgrade 2-5 user account security 3-17 user interface A-3 V vibration A-5 voltage fluctuations A-6 op
SANbox 5000 Series Fibre Channel Switch Installation Guide S Notes Index-6 59096-04 A
