Brocade Communications Systems 53-1002745-02 User Manual

Download

53-1002745-02

25 March 2013

Fabric OS

Administrator’s Guide

Supporting Fabric OS 7.1.0

ADX, AnyIO, Brocade, Brocade Assurance, the B-wing symbol, DCX, Fabric OS, ICX, MLX, MyBrocade, OpenScript, VCS, VDX, and Vyatta are registered trademarks, and HyperEdge, The Effortless Network, and The On-Demand Data Center are trademarks of Brocade Communications Systems, Inc., in the United States and/or in other countries. Other brands, products, or service names mentioned may be trademarks of their respective owners.

Notice: This document is for informational purposes only and does not set forth any warranty, expressed or implied, concerning any equipment, equipment feature, or service offered or to be offered by Brocade. Brocade reserves the right to make changes to this document at any time, without notice, and assumes no responsibility for its use. This informational document describes features that may not be currently available. Contact a Brocade sales office for information on feature and product availability. Export of technical data contained in this document may require an export license from the United States government.

The authors and Brocade Communications Systems, Inc. shall have no liability or responsibility to any person or entity with respect to any loss, cost, liability, or damages arising from the information contained in this book or the computer programs that accompany it.

The product described by this document may contain “open source” software covered by the GNU General Public License or other open source license agreements. To find out which open source software is included in Brocade products, view the licensing terms applicable to the open source software, and obtain a copy of the programming source code, please visit

http://www.brocade.com/support/oscd.

Brocade Communications Systems, Incorporated

Corporate and Latin American Headquarters Brocade Communications Systems, Inc. 130 Holger Way San Jose, CA 95134 Tel: 1-408-333-8000 Fax: 1-408-333-8101 E-mail: info@brocade.com

European Headquarters Brocade Communications Switzerland Sàrl Centre Swissair Tour B - 4ème étage 29, Route de l'Aéroport Case Postale 105 CH-1215 Genève 15 Switzerland Tel: +41 22 799 5640 Fax: +41 22 799 5641 E-mail: emea-info@brocade.com

Asia-Pacific Headquarters Brocade Communications Systems China HK, Ltd. No. 1 Guanghua Road Chao Yang District Units 2718 and 2818 Beijing 100020, China Tel: +8610 6588 8888 Fax: +8610 6588 9999 E-mail: china-info@brocade.com

Asia-Pacific Headquarters Brocade Communications Systems Co., Ltd. (Shenzhen WFOE) Citic Plaza No. 233 Tian He Road North Unit 1308 – 13th Floor Guangzhou, China Tel: +8620 3891 2000 Fax: +8620 3891 2111 E-mail: china-info@brocade.com

Document History

Title Publication number Summary of changes Date

Fabric OS Administrator’s Guide 53-1002745-01 Added Fabric OS v7.1.0 software features

and support for new hardware platforms: Brocade 5430 and 6520.

Fabric OS Administrator’s Guide 53-1002745-02 Corrected errors and omissions in the guide. March 2013

December 2012

Contents (High Level)

Section I Standard Features

Chapter 1 Understanding Fibre Channel Services . . . . . . . . . . . . . . . . . . . . . . . . .43

Chapter 2 Performing Basic Configuration Tasks . . . . . . . . . . . . . . . . . . . . . . . . . .55

Chapter 3 Performing Advanced Configuration Tasks . . . . . . . . . . . . . . . . . . . . . .79

Chapter 4 Routing Traffic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .111

Chapter 5 Managing User Accounts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .133

Chapter 6 Configuring Protocols. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .177

Chapter 7 Configuring Security Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .195

Chapter 8 Maintaining the Switch Configuration File . . . . . . . . . . . . . . . . . . . . . .241

Chapter 9 Installing and Maintaining Firmware . . . . . . . . . . . . . . . . . . . . . . . . . .255

Chapter 10 Managing Virtual Fabrics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .275

Chapter 11 Administering Advanced Zoning. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .303

Chapter 12 Traffic Isolation Zoning. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .345

Chapter 13 Bottleneck Detection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .375

Chapter 14 In-flight Encryption and Compression . . . . . . . . . . . . . . . . . . . . . . . . .393

Chapter 15 NPIV . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .419

Chapter 16 Dynamic Fabric Provisioning: Fabric-Assigned PWWN. . . . . . . . . . . . .425

Chapter 17 Managing Administrative Domains . . . . . . . . . . . . . . . . . . . . . . . . . . .433

Section II Licensed Features

Chapter 18 Administering Licensing. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .463

Chapter 19 Inter-chassis Links . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .491

Chapter 20 Monitoring Fabric Performance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .499

Chapter 21 Optimizing Fabric Behavior . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .517

Chapter 22 Managing Trunking Connections . . . . . . . . . . . . . . . . . . . . . . . . . . . . .533

Chapter 23 Managing Long-Distance Fabrics . . . . . . . . . . . . . . . . . . . . . . . . . . . .551

Chapter 24 Using FC-FC Routing to Connect Fabrics . . . . . . . . . . . . . . . . . . . . . . .569

Fabric OS Administrator’s Guide 3 53-1002745-02

Appendix A Port Indexing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .611

Appendix B FIPS Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .615

Appendix C Hexadecimal Conversion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .627

4 Fabric OS Administrator’s Guide

53-1002745-02

About This Document

How this document is organized . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33

Supported hardware and software . . . . . . . . . . . . . . . . . . . . . . . . . . 34

What’s new in this document. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35

Document conventions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36

Notice to the reader . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37

Additional information. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38

Getting technical help. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38

Document feedback . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40

Section I Standard Features

Chapter 1 Understanding Fibre Channel Services

Fibre Channel services overview . . . . . . . . . . . . . . . . . . . . . . . . . . . .43

Management server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .44

Platform services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .44

Platform services and Virtual Fabrics. . . . . . . . . . . . . . . . . . . . .45

Enabling platform services . . . . . . . . . . . . . . . . . . . . . . . . . . . . .45

Disabling platform services. . . . . . . . . . . . . . . . . . . . . . . . . . . . .45

Management server database. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .45

Displaying the management server ACL. . . . . . . . . . . . . . . . . . .46

Adding a member to the ACL. . . . . . . . . . . . . . . . . . . . . . . . . . . .46

Deleting a member from the ACL . . . . . . . . . . . . . . . . . . . . . . . .47

Viewing the contents of the management server database . . . 48

Clearing the management server database . . . . . . . . . . . . . . .49

Topology discovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .49

Displaying topology discovery status . . . . . . . . . . . . . . . . . . . . .49

Enabling topology discovery . . . . . . . . . . . . . . . . . . . . . . . . . . . .49

Disabling topology discovery. . . . . . . . . . . . . . . . . . . . . . . . . . . .50

Device login . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .51

Principal switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51

E_Port login process . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51

Fabric login process. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .52

Port login process . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .52

RSCNs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .52

Duplicate Port World Wide Name . . . . . . . . . . . . . . . . . . . . . . . .53

High availability of daemon processes . . . . . . . . . . . . . . . . . . . . . . .53

Fabric OS Administrator’s Guide 5 53-1002745-02

Chapter 2 Performing Basic Configuration Tasks

Fabric OS overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .55

Fabric OS command line interface. . . . . . . . . . . . . . . . . . . . . . . . . . .56

Console sessions using the serial port. . . . . . . . . . . . . . . . . . . .56

Telnet or SSH sessions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .57

Getting help on a command . . . . . . . . . . . . . . . . . . . . . . . . . . . .58

Viewing a history of command line entries . . . . . . . . . . . . . . . .59

Password modification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .61

Default account passwords. . . . . . . . . . . . . . . . . . . . . . . . . . . . .61

The switch Ethernet interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .62

Virtual Fabrics and the Ethernet interface. . . . . . . . . . . . . . . . .63

Displaying the network interface settings . . . . . . . . . . . . . . . . .63

Static Ethernet addresses. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .64

DHCP activation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .66

IPv6 autoconfiguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .68

Date and time settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .69

Setting the date and time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .69

Time zone settings. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .69

Network time protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71

Domain IDs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .72

Displaying the domain IDs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .73

Setting the domain ID . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74

Switch names . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74

Customizing the switch name . . . . . . . . . . . . . . . . . . . . . . . . . . . 74

Chassis names . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .75

Customizing chassis names . . . . . . . . . . . . . . . . . . . . . . . . . . . .75

Fabric name. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .75

Configuring the fabric name . . . . . . . . . . . . . . . . . . . . . . . . . . . .75

High availability considerations for fabric names . . . . . . . . . . . 76

Upgrade and downgrade considerations for fabric names. . . . 76

Config file upload and download considerations for fabric

names. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 76

Switch activation and deactivation . . . . . . . . . . . . . . . . . . . . . . . . . . 76

Disabling a switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 76

Enabling a switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .76

Switch and Backbone shutdown . . . . . . . . . . . . . . . . . . . . . . . . . . . . 76

Powering off a Brocade switch . . . . . . . . . . . . . . . . . . . . . . . . . . 77

Powering off a Brocade Backbone . . . . . . . . . . . . . . . . . . . . . . .77

Basic connections . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .78

Device connection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .78

Switch connection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .78

6 Fabric OS Administrator’s Guide

53-1002745-02

Chapter 3 Performing Advanced Configuration Tasks

Port Identifiers (PIDs) and PID binding overview . . . . . . . . . . . . . . .79

Core PID addressing mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . .80

Fixed addressing mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .80

10-bit addressing mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .80

256-area addressing mode. . . . . . . . . . . . . . . . . . . . . . . . . . . . .81

WWN-based PID assignment . . . . . . . . . . . . . . . . . . . . . . . . . . .82

Ports. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .84

Port Types. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .84

Backbone port blades . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .84

Configuring two Ethernet ports on one CP8 blade . . . . . . . . . .85

Setting port names . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .86

Port identification by slot and port number . . . . . . . . . . . . . . . .87

Port identification by port area ID. . . . . . . . . . . . . . . . . . . . . . . .87

Port identification by index . . . . . . . . . . . . . . . . . . . . . . . . . . . . .87

Configuring a device-switch connection. . . . . . . . . . . . . . . . . . .88

Swapping port area IDs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .88

Port activation and deactivation. . . . . . . . . . . . . . . . . . . . . . . . .89

Port decommissioning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .90

Setting port modes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .90

Setting port speeds . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .92

Setting all ports on a switch to the same speed . . . . . . . . . . . .92

Setting port speed for a port octet . . . . . . . . . . . . . . . . . . . . . . .93

Blade terminology and compatibility . . . . . . . . . . . . . . . . . . . . . . . . .93

CP blades . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .95

Core blades . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .95

Port and application blade compatibility . . . . . . . . . . . . . . . . . .96

FX8-24 compatibility notes . . . . . . . . . . . . . . . . . . . . . . . . . . . . .96

Enabling and disabling blades . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .96

Enabling blades . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97

Disabling blades. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97

Blade swapping. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97

How blades are swapped . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .98

Swapping blades . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .100

Enabling and disabling switches . . . . . . . . . . . . . . . . . . . . . . . . . . .100

Power management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .101

Powering off a port blade . . . . . . . . . . . . . . . . . . . . . . . . . . . . .102

Powering on a port blade . . . . . . . . . . . . . . . . . . . . . . . . . . . . .102

Equipment status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .102

Checking switch operation . . . . . . . . . . . . . . . . . . . . . . . . . . . .102

Verifying High Availability features (Backbones only) . . . . . . .103

Verifying fabric connectivity. . . . . . . . . . . . . . . . . . . . . . . . . . . .103

Verifying device connectivity . . . . . . . . . . . . . . . . . . . . . . . . . . .104

Track and control switch changes . . . . . . . . . . . . . . . . . . . . . . . . . .104

Enabling the track changes feature . . . . . . . . . . . . . . . . . . . . .104

Displaying the status of the track changes feature. . . . . . . . .105

Viewing the switch status policy threshold values. . . . . . . . . .105

Setting the switch status policy threshold values . . . . . . . . . .106

Fabric OS Administrator’s Guide 7 53-1002745-02

Audit log configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .107

Verifying host syslog prior to configuring the audit log . . . . . .108

Configuring an audit log for specific event classes . . . . . . . . .108

Duplicate PWWN handling during device login . . . . . . . . . . . . . . . .109

Setting the behavior for handling duplicate PWWNs. . . . . . . .110

Chapter 4 Routing Traffic

Routing overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .111

Paths and route selection . . . . . . . . . . . . . . . . . . . . . . . . . . . . .112

FSPF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .112

Fibre Channel NAT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .113

Inter-switch links . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .114

Buffer credits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .115

Congestions versus over-subscription . . . . . . . . . . . . . . . . . . .115

Virtual channels . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .115

Gateway links. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .117

Configuring a link through a gateway . . . . . . . . . . . . . . . . . . . .118

Routing policies. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .118

Displaying the current routing policy . . . . . . . . . . . . . . . . . . . .119

Port-based routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .119

Exchange-based routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .119

Device-based routing. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .120

AP route policies. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .120

Route selection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .122

Dynamic Load Sharing. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .122

Frame order delivery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .123

Forcing in-order frame delivery across topology changes. . . .123

Restoring out-of-order frame delivery across topology

changes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .123

Using Frame Viewer to understand why frames are dropped.124

Lossless Dynamic Load Sharing on ports . . . . . . . . . . . . . . . . . . . .125

Lossless core . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .126

Configuring Lossless Dynamic Load Sharing. . . . . . . . . . . . . .127

Lossless Dynamic Load Sharing in Virtual Fabrics . . . . . . . . .127

Enabling forward error correction (FEC) . . . . . . . . . . . . . . . . . . . . .128

Limitations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .128

Frame Redirection. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .130

Creating a frame redirect zone . . . . . . . . . . . . . . . . . . . . . . . . .130

Deleting a frame redirect zone . . . . . . . . . . . . . . . . . . . . . . . . .131

Viewing frame redirect zones . . . . . . . . . . . . . . . . . . . . . . . . . .131

Chapter 5 Managing User Accounts

User accounts overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .133

Role-Based Access Control . . . . . . . . . . . . . . . . . . . . . . . . . . . .134

The management channel . . . . . . . . . . . . . . . . . . . . . . . . . . . .136

Managing user-defined roles . . . . . . . . . . . . . . . . . . . . . . . . . .136

8 Fabric OS Administrator’s Guide

53-1002745-02

Local database user accounts . . . . . . . . . . . . . . . . . . . . . . . . . . . . .137

Default accounts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .138

Local account passwords . . . . . . . . . . . . . . . . . . . . . . . . . . . . .139

Local user account database distribution. . . . . . . . . . . . . . . . . . . .140

Distributing the local user database . . . . . . . . . . . . . . . . . . . .140

Accepting distributed user databases on the local switch . . .140 Rejecting distributed user databases on the local switch . . . 141

Password policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .141

Password strength policy. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .141

Password history policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .142

Password expiration policy . . . . . . . . . . . . . . . . . . . . . . . . . . . .143

Account lockout policy. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .143

The boot PROM password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .145

Setting the boot PROM password for a switch with a

recovery string . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .145

Setting the boot PROM password for a Backbone with a

recovery string . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .146

Setting the boot PROM password for a switch without a

recovery string . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .147

Setting the boot PROM password for a Backbone without

a recovery string. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .148

Remote authentication. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .149

Remote Authentication Configuration . . . . . . . . . . . . . . . . . . .149

Setting the switch authentication mode . . . . . . . . . . . . . . . . .152

Fabric OS user accounts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .152

Fabric OS users on the RADIUS server. . . . . . . . . . . . . . . . . . .154

Setting up a RADIUS server. . . . . . . . . . . . . . . . . . . . . . . . . . . .156

LDAP configuration and Microsoft Active Directory . . . . . . . . .162

LDAP configuration and OpenLDAP . . . . . . . . . . . . . . . . . . . . .165

TACACS+ service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 171

Remote authentication configuration on the switch . . . . . . . . 174

Configuring local authentication as backup. . . . . . . . . . . . . . .176

Chapter 6 Configuring Protocols

Security protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .177

Secure Copy. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .178

Setting up SCP for configuration uploads and downloads . . .179

Secure Shell protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .179

SSH public key authentication . . . . . . . . . . . . . . . . . . . . . . . . .180

Secure Sockets Layer protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . .182

Browser and Java support . . . . . . . . . . . . . . . . . . . . . . . . . . . . .182

SSL configuration overview. . . . . . . . . . . . . . . . . . . . . . . . . . . .183

The browser . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .186

Root certificates for the Java plugin . . . . . . . . . . . . . . . . . . . . .187

Simple Network Management Protocol . . . . . . . . . . . . . . . . . . . . . .188

SNMP and Virtual Fabrics . . . . . . . . . . . . . . . . . . . . . . . . . . . . .189

SNMP security levels . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .190

SNMP configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .190

Fabric OS Administrator’s Guide 9 53-1002745-02

Telnet protocol. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .190

Blocking Telnet. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .190

Unblocking Telnet. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .191

Listener applications. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .192

Ports and applications used by switches . . . . . . . . . . . . . . . . . . . .192

Port configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .193

Chapter 7 Configuring Security Policies

ACL policies overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .195

How the ACL policies are stored . . . . . . . . . . . . . . . . . . . . . . . .195

Policy members . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .196

ACL policy management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .196

Displaying ACL policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .197

Saving changes without activating the policies . . . . . . . . . . . .197

Activating ACL policy changes . . . . . . . . . . . . . . . . . . . . . . . . . .197

Deleting an ACL policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .197

Adding a member to an existing ACL policy . . . . . . . . . . . . . . .198

Removing a member from an ACL policy . . . . . . . . . . . . . . . . .198

Abandoning unsaved ACL policy changes . . . . . . . . . . . . . . . .198

FCS policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .199

FCS policy restrictions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .199

Ensuring fabric domains share policies . . . . . . . . . . . . . . . . . .200

Creating an FCS policy. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .201

Modifying the order of FCS switches . . . . . . . . . . . . . . . . . . . .201

FCS policy distribution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .202

Device Connection Control policies . . . . . . . . . . . . . . . . . . . . . . . . .203

DCC policy restrictions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .203

Creating a DCC policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .204

Deleting a DCC policy. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .205

DCC policy behavior with Fabric-Assigned PWWNs . . . . . . . . .205

SCC Policies. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .206

Creating an SCC policy. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .207

Authentication policy for fabric elements . . . . . . . . . . . . . . . . . . . .207

E_Port authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .208

Device authentication policy . . . . . . . . . . . . . . . . . . . . . . . . . . .210

AUTH policy restrictions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .211

Authentication protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .212

Secret key pairs for DH-CHAP . . . . . . . . . . . . . . . . . . . . . . . . . .213

FCAP configuration overview. . . . . . . . . . . . . . . . . . . . . . . . . . .215

Fabric-wide distribution of the authorization policy. . . . . . . . .217

10 Fabric OS Administrator’s Guide

53-1002745-02

IP Filter policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .217

Creating an IP Filter policy. . . . . . . . . . . . . . . . . . . . . . . . . . . . .218

Cloning an IP Filter policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . .218

Displaying an IP Filter policy . . . . . . . . . . . . . . . . . . . . . . . . . . .218

Saving an IP Filter policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .218

Activating an IP Filter policy. . . . . . . . . . . . . . . . . . . . . . . . . . . .219

Deleting an IP Filter policy. . . . . . . . . . . . . . . . . . . . . . . . . . . . .219

IP Filter policy rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .219

IP Filter policy enforcement. . . . . . . . . . . . . . . . . . . . . . . . . . . .223

Adding a rule to an IP Filter policy. . . . . . . . . . . . . . . . . . . . . . .223

Deleting a rule from an IP Filter policy . . . . . . . . . . . . . . . . . . .223

Aborting an IP Filter transaction . . . . . . . . . . . . . . . . . . . . . . . .223

IP Filter policy distribution . . . . . . . . . . . . . . . . . . . . . . . . . . . . .224

Managing filter thresholds . . . . . . . . . . . . . . . . . . . . . . . . . . . .224

Policy database distribution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .224

Database distribution settings . . . . . . . . . . . . . . . . . . . . . . . . .225

ACL policy distribution to other switches . . . . . . . . . . . . . . . . .227

Fabric-wide enforcement. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .227

Notes on joining a switch to the fabric . . . . . . . . . . . . . . . . . . .229

Management interface security . . . . . . . . . . . . . . . . . . . . . . . . . . . .231

Configuration examples. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .231

IP sec protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .233

Security associations. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .233

Authentication and encryption algorithms . . . . . . . . . . . . . . . .234

IP sec policies. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .234

IKE policies. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .235

Creating the tunnel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .236

Example of an end-to-end transport tunnel mode. . . . . . . . . .238

Chapter 8 Maintaining the Switch Configuration File

Configuration settings. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .241

Configuration file format . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .242

Configuration file backup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .244

Uploading a configuration file in interactive mode . . . . . . . . .245

Configuration file restoration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .246

Restrictions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .246

Configuration download without disabling a switch . . . . . . . .248

Configurations across a fabric . . . . . . . . . . . . . . . . . . . . . . . . . . . . .250

Downloading a configuration file from one switch to

another switch of the same model . . . . . . . . . . . . . . . . . . . . . .250

Security considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .250

Configuration management for Virtual Fabrics. . . . . . . . . . . . . . . .250

Uploading a configuration file from a switch with

Virtual Fabrics enabled . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .251

Restoring a logical switch configuration using

configDownload . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .251

Restrictions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .252

Brocade configuration form . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .253

Fabric OS Administrator’s Guide 11 53-1002745-02

Chapter 9 Installing and Maintaining Firmware

Firmware download process overview. . . . . . . . . . . . . . . . . . . . . . .255

Upgrading and downgrading firmware . . . . . . . . . . . . . . . . . . .257

Considerations for FICON CUP environments . . . . . . . . . . . . .257

HA sync state . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .257

Preparing for a firmware download . . . . . . . . . . . . . . . . . . . . . . . . .258

Obtaining and decompressing firmware . . . . . . . . . . . . . . . . .259

Connected switches. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .259

Finding the switch firmware version. . . . . . . . . . . . . . . . . . . . .259

Firmware download on switches . . . . . . . . . . . . . . . . . . . . . . . . . . .260

Switch firmware download process overview. . . . . . . . . . . . . .260

Firmware download on a Backbone. . . . . . . . . . . . . . . . . . . . . . . . .262

Backbone firmware download process overview. . . . . . . . . . .262

Firmware download from a USB device. . . . . . . . . . . . . . . . . . . . . .265

Enabling the USB device . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .265

Viewing the USB file system . . . . . . . . . . . . . . . . . . . . . . . . . . .265

Downloading from the USB device using the relative path. . .266 Downloading from the USB device using the absolute path. .266

FIPS support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .266

Public and private key management . . . . . . . . . . . . . . . . . . . .266

The firmwareDownload command . . . . . . . . . . . . . . . . . . . . . .267

Power-on firmware checksum test . . . . . . . . . . . . . . . . . . . . . .268

Testing and restoring firmware on switches . . . . . . . . . . . . . . . . . .268

Testing a different firmware version on a switch. . . . . . . . . . .268

Testing and restoring firmware on Backbones . . . . . . . . . . . . . . . .270

Testing different firmware versions on Backbones . . . . . . . . .270

Validating a firmware download. . . . . . . . . . . . . . . . . . . . . . . . . . . .273

Chapter 10 Managing Virtual Fabrics

Virtual Fabrics overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .275

Logical switch overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .276

Default logical switch. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .276

Logical switches and fabric IDs. . . . . . . . . . . . . . . . . . . . . . . . .277

Port assignment in logical switches . . . . . . . . . . . . . . . . . . . . .278

Logical switches and connected devices . . . . . . . . . . . . . . . . .279

Management model for logical switches. . . . . . . . . . . . . . . . . . . . .281

Logical fabric overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .281

Logical fabric and ISLs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .282

Base switch and extended ISLs . . . . . . . . . . . . . . . . . . . . . . . .283

Account management and Virtual Fabrics . . . . . . . . . . . . . . . . . . .286

Supported platforms for Virtual Fabrics . . . . . . . . . . . . . . . . . . . . .286

Supported port configurations in the fixed-port switches. . . .286

Supported port configurations in Brocade Backbones . . . . . .287

Virtual Fabrics interaction with other Fabric OS features . . . .288

12 Fabric OS Administrator’s Guide

53-1002745-02

Limitations and restrictions of Virtual Fabrics . . . . . . . . . . . . . . . .288

Restrictions on XISLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .289

Restrictions on moving ports . . . . . . . . . . . . . . . . . . . . . . . . . .289

Enabling Virtual Fabrics mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . .290

Disabling Virtual Fabrics mode . . . . . . . . . . . . . . . . . . . . . . . . . . . .290

Configuring logical switches to use basic configuration values. . .291

Creating a logical switch or base switch . . . . . . . . . . . . . . . . . . . . .292

Executing a command in a different logical switch context . . . . . .293

Deleting a logical switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .294

Adding and moving ports on a logical switch . . . . . . . . . . . . . . . . .295

Displaying logical switch configuration . . . . . . . . . . . . . . . . . . . . . .296

Changing the fabric ID of a logical switch . . . . . . . . . . . . . . . . . . . .296

Changing a logical switch to a base switch. . . . . . . . . . . . . . . . . . .297

Setting up IP addresses for a Virtual Fabric . . . . . . . . . . . . . . . . . .298

Removing an IP address for a Virtual Fabric . . . . . . . . . . . . . . . . . .298

Configuring a logical switch to use XISLs . . . . . . . . . . . . . . . . . . . .299

Changing the context to a different logical fabric . . . . . . . . . . . . . .299

Creating a logical fabric using XISLs . . . . . . . . . . . . . . . . . . . . . . . .300

Chapter 11 Administering Advanced Zoning

Zone types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .303

Zoning overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .304

Approaches to zoning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .305

Zone objects. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .306

Zone aliases . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .307

Zone configurations. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .307

Zoning enforcement. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .308

Considerations for zoning architecture . . . . . . . . . . . . . . . . . .309

Best practices for zoning. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .310

Broadcast zones . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .310

Broadcast zones and Admin Domains . . . . . . . . . . . . . . . . . . .310

Broadcast zones and FC-FC routing . . . . . . . . . . . . . . . . . . . . .311

High availability considerations with broadcast zones . . . . . .312

Loop devices and broadcast zones . . . . . . . . . . . . . . . . . . . . .312

Broadcast zones and default zoning mode . . . . . . . . . . . . . . .312

Zone aliases . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .312

Creating an alias . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .313

Adding members to an alias . . . . . . . . . . . . . . . . . . . . . . . . . . .313

Removing members from an alias . . . . . . . . . . . . . . . . . . . . . .314

Deleting an alias . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .314

Viewing an alias in the defined configuration . . . . . . . . . . . . .315

Fabric OS Administrator’s Guide 13 53-1002745-02

Zone creation and maintenance . . . . . . . . . . . . . . . . . . . . . . . . . . .316

Displaying existing zones . . . . . . . . . . . . . . . . . . . . . . . . . . . . .316

Creating a zone . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .316

Adding devices (members) to a zone . . . . . . . . . . . . . . . . . . . .317

Removing devices (members) from a zone . . . . . . . . . . . . . . .318

Replacing zone members . . . . . . . . . . . . . . . . . . . . . . . . . . . . .319

Deleting a zone . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .320

Viewing a zone in the defined configuration . . . . . . . . . . . . . .322

Validating a zone . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .323

Default zoning mode. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .326

Setting the default zoning mode. . . . . . . . . . . . . . . . . . . . . . . .326

Viewing the current default zone access mode. . . . . . . . . . . .327

Zone database size. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .327

Zone configurations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .328

Creating a zone configuration. . . . . . . . . . . . . . . . . . . . . . . . . .328

Adding zones (members) to a zone configuration . . . . . . . . . .329

Removing zones (members) from a zone configuration . . . . .329

Enabling a zone configuration . . . . . . . . . . . . . . . . . . . . . . . . .330

Disabling a zone configuration . . . . . . . . . . . . . . . . . . . . . . . . .330

Deleting a zone configuration . . . . . . . . . . . . . . . . . . . . . . . . . .331

Abandoning zone configuration changes. . . . . . . . . . . . . . . . .331

Viewing all zone configuration information . . . . . . . . . . . . . . .331

Viewing selected zone configuration information . . . . . . . . . .332

Viewing the configuration in the effective zone database . . .332

Clearing all zone configurations . . . . . . . . . . . . . . . . . . . . . . . .333

Zone object maintenance. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .333

Copying a zone object . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .333

Deleting a zone object . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .334

Renaming a zone object . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .335

Zone configuration management. . . . . . . . . . . . . . . . . . . . . . . . . . .336

Security and zoning. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .336

Zone merging. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .336

Fabric segmentation and zoning. . . . . . . . . . . . . . . . . . . . . . . .338

Zone merging scenarios . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .339

Concurrent zone transactions . . . . . . . . . . . . . . . . . . . . . . . . . . . . .342

Chapter 12 Traffic Isolation Zoning

Traffic Isolation Zoning overview . . . . . . . . . . . . . . . . . . . . . . . . . . .345

TI zone failover. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .346

FSPF routing rules and traffic isolation . . . . . . . . . . . . . . . . . .349

Enhanced TI zones . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .350

Illegal configurations with enhanced TI zones. . . . . . . . . . . . .351

Traffic Isolation Zoning over FC routers . . . . . . . . . . . . . . . . . . . . . .352

TI zones within an edge fabric . . . . . . . . . . . . . . . . . . . . . . . . .354

TI zones within a backbone fabric . . . . . . . . . . . . . . . . . . . . . .355

Limitations of TI zones over FC routers . . . . . . . . . . . . . . . . . .356

14 Fabric OS Administrator’s Guide

53-1002745-02

General rules for TI zones. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .356

Traffic Isolation Zone violation handling for trunk ports . . . . .357

Supported configurations for Traffic Isolation Zoning . . . . . . . . . .358

Additional configuration rules for enhanced TI zones. . . . . . .358

Trunking with TI zones . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .359

Limitations and restrictions of Traffic Isolation Zoning . . . . . . . . .359

Admin Domain considerations for Traffic Isolation Zoning . . . . . .360

Virtual Fabrics considerations for Traffic Isolation Zoning . . . . . . .361

Traffic Isolation Zoning over FC routers with Virtual Fabrics . . . . .363

Creating a TI zone . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .364

Creating a TI zone in a base fabric . . . . . . . . . . . . . . . . . . . . . .366

Modifying TI zones. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .367

Changing the state of a TI zone . . . . . . . . . . . . . . . . . . . . . . . . . . . .368

Deleting a TI zone . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .369

Displaying TI zones . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .369

Troubleshooting TI zone routing problems . . . . . . . . . . . . . . . . . . .370

Setting up TI over FCR (sample procedure). . . . . . . . . . . . . . . . . . . 371

Chapter 13 Bottleneck Detection

Bottleneck detection overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . .375

Types of bottlenecks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .376

How bottlenecks are reported. . . . . . . . . . . . . . . . . . . . . . . . . .376

Supported configurations for bottleneck detection . . . . . . . . . . . .377

Limitations of bottleneck detection . . . . . . . . . . . . . . . . . . . . .377

High availability considerations for bottleneck detection . . . .378

Upgrade and downgrade considerations for bottleneck

detection. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .378

Trunking considerations for bottleneck detection . . . . . . . . . . 378

Virtual Fabrics considerations for bottleneck detection . . . . .378

Access Gateway considerations for bottleneck detection. . . .378

Credit Loss. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .379

Back-end credit loss detection and recovery support on

Brocade 5300 switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .379

Back-end credit loss detection and recovery support on

Brocade 6520 switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .379

Enabling back-end credit loss detection and recovery . . . . . .380

Enabling bottleneck detection on a switch . . . . . . . . . . . . . . . . . . .380

Displaying bottleneck detection configuration details . . . . . . . . . .381

Setting bottleneck detection alerts . . . . . . . . . . . . . . . . . . . . . . . . .382

Setting both a congestion alert and a latency alert . . . . . . . .383

Setting a congestion alert only . . . . . . . . . . . . . . . . . . . . . . . . .384

Setting a latency alert only . . . . . . . . . . . . . . . . . . . . . . . . . . . .384

Fabric OS Administrator’s Guide 15 53-1002745-02

Changing bottleneck detection parameters . . . . . . . . . . . . . . . . . .384

Examples of applying and changing bottleneck detection

parameters. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .385

Advanced bottleneck detection settings . . . . . . . . . . . . . . . . . . . . .388

Excluding a port from bottleneck detection . . . . . . . . . . . . . . . . . .389

Displaying bottleneck statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . .391

Disabling bottleneck detection on a switch . . . . . . . . . . . . . . . . . .392

Chapter 14 In-flight Encryption and Compression

In-flight encryption and compression overview. . . . . . . . . . . . . . . .393

Encryption and compression restrictions. . . . . . . . . . . . . . . . .394

How encryption and compression are enabled . . . . . . . . . . . .396

Authentication and key generation. . . . . . . . . . . . . . . . . . . . . .398

Availability considerations. . . . . . . . . . . . . . . . . . . . . . . . . . . . .398

Virtual Fabrics considerations. . . . . . . . . . . . . . . . . . . . . . . . . .399

Recommendation for compression. . . . . . . . . . . . . . . . . . . . . .399

Configuring encryption and compression . . . . . . . . . . . . . . . . . . . .399

Viewing the encryption and compression configuration . . . . .401

Port speed and encryption/compression enabled ports . . . .401

Changing port speed on encryption/compression enabled

ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .402

Compression ratios and encryption/compression enabled

ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .402

Configuring and enabling authentication. . . . . . . . . . . . . . . . .403

Configuring encryption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .404

Configuring compression. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .404

Disabling encryption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .405

Disabling compression . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .405

Encryption and compression examples. . . . . . . . . . . . . . . . . . . . . .406

Example of enabling encryption and compression on an

E_Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .407

Examples of disabling encryption and compression . . . . . . . .410

Working with EX_Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .411

In-flight encryption/compression on EX_Ports . . . . . . . . . . . .411

Example of enabling encryption and compression on an

EX_Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .412

Chapter 15 NPIV

NPIV overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .419

Upgrade considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .420

Fixed addressing mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .420

10-bit addressing mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .420

Configuring NPIV . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .421

Enabling and disabling NPIV . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .422

Viewing NPIV port configuration information . . . . . . . . . . . . . . . . .423

Viewing virtual PID login information . . . . . . . . . . . . . . . . . . . .424

16 Fabric OS Administrator’s Guide

53-1002745-02

Chapter 16 Dynamic Fabric Provisioning: Fabric-Assigned PWWN

Introduction to Dynamic Fabric Provisioning using FA-PWWN . . . .425

User- and auto-assigned FA-PWWN behavior . . . . . . . . . . . . . . . . .426

Checking for duplicate FA-PWWNs . . . . . . . . . . . . . . . . . . . . . .426

Configuring FA-PWWNs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .426

Configuring an FA-PWWN for an HBA connected to an

Access Gateway . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .427

Configuring an FA-PWWN for an HBA connected to an

edge switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .428

Supported switches and configurations for FA-PWWN. . . . . . . . . .429

Configuration upload and download considerations for FA-PWWN430

Firmware upgrade and downgrade considerations for FA-PWWN .430

Security considerations for FA-PWWN . . . . . . . . . . . . . . . . . . . . . . .430

Restrictions of FA-PWWN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .431

Access Gateway N_Port failover with FA-PWWN . . . . . . . . . . . . . . .431

Chapter 17 Managing Administrative Domains

Administrative Domains overview . . . . . . . . . . . . . . . . . . . . . . . . . .433

Admin Domain features. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .435

Requirements for Admin Domains . . . . . . . . . . . . . . . . . . . . . .435

Admin Domain access levels. . . . . . . . . . . . . . . . . . . . . . . . . . .435

User-defined Admin Domains . . . . . . . . . . . . . . . . . . . . . . . . . .436

System-defined Admin Domains. . . . . . . . . . . . . . . . . . . . . . . .436

Home Admin Domains and login . . . . . . . . . . . . . . . . . . . . . . .438

Admin Domain member types. . . . . . . . . . . . . . . . . . . . . . . . . .439

Admin Domains and switch WWNs. . . . . . . . . . . . . . . . . . . . . .440

Admin Domain compatibility, availability, and merging. . . . . .442

Admin Domain management for physical fabric administrators . .442

Setting the default zoning mode for Admin Domains . . . . . . .443

Creating an Admin Domain . . . . . . . . . . . . . . . . . . . . . . . . . . . .443

User assignments to Admin Domains . . . . . . . . . . . . . . . . . . .444

Removing an Admin Domain from a user account . . . . . . . . .446

Activating an Admin Domain. . . . . . . . . . . . . . . . . . . . . . . . . . .446

Deactivating an Admin Domain . . . . . . . . . . . . . . . . . . . . . . . .447

Adding members to an existing Admin Domain. . . . . . . . . . . .447

Removing members from an Admin Domain . . . . . . . . . . . . . .448

Renaming an Admin Domain . . . . . . . . . . . . . . . . . . . . . . . . . .448

Deleting an Admin Domain . . . . . . . . . . . . . . . . . . . . . . . . . . . .449

Deleting all user-defined Admin Domains . . . . . . . . . . . . . . . .450

Deleting all user-defined Admin Domains non-disruptively . .450

Validating an Admin Domain member list . . . . . . . . . . . . . . . .454

Fabric OS Administrator’s Guide 17 53-1002745-02

SAN management with Admin Domains . . . . . . . . . . . . . . . . . . . . .454

CLI commands in an AD context. . . . . . . . . . . . . . . . . . . . . . . .455

Executing a command in a different AD context . . . . . . . . . . .455

Displaying an Admin Domain configuration . . . . . . . . . . . . . . .456

Switching to a different Admin Domain context. . . . . . . . . . . .456

Admin Domain interactions with other Fabric OS features. . .457

Admin Domains, zones, and zone databases . . . . . . . . . . . . .458

Admin Domains and LSAN zones . . . . . . . . . . . . . . . . . . . . . . .459

Configuration upload and download in an AD context . . . . . .460

Section II Licensed Features

Chapter 18 Administering Licensing

Licensing overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .463

Brocade 7800 Upgrade license . . . . . . . . . . . . . . . . . . . . . . . . . . . .470

ICL licensing. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 471

ICL 1st POD license . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 471

ICL 2nd POD license . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 471

ICL 8-link license . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .472

ICL 16-link license . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .472

Enterprise ICL license . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .472

8G licensing. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .473

Slot-based licensing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 474

Upgrade and downgrade considerations . . . . . . . . . . . . . . . . . 474

Assigning a license to a slot . . . . . . . . . . . . . . . . . . . . . . . . . . .475

Removing a license from a slot. . . . . . . . . . . . . . . . . . . . . . . . .475

10G licensing. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .475

Enabling 10 Gbps operation on an FC port . . . . . . . . . . . . . . .476

Enabling the 10-GbE ports on an FX8-24 blade . . . . . . . . . . . 477

Temporary licenses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .478

Restrictions on upgrading temporary slot-based licenses . . . 479

Date change restriction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .479

Configupload and download considerations . . . . . . . . . . . . . .479

Expired licenses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .480

Universal temporary licenses . . . . . . . . . . . . . . . . . . . . . . . . . .480

Extending a universal temporary license . . . . . . . . . . . . . . . . .480

Universal temporary license shelf life. . . . . . . . . . . . . . . . . . . .480

Viewing installed licenses. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .481

Activating a license . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .481

Adding a licensed feature. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .481

Removing a licensed feature . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .482

18 Fabric OS Administrator’s Guide

53-1002745-02

Ports on Demand . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .483

Displaying installed licenses . . . . . . . . . . . . . . . . . . . . . . . . . . .484

Activating Ports on Demand . . . . . . . . . . . . . . . . . . . . . . . . . . .485

Dynamic Ports on Demand . . . . . . . . . . . . . . . . . . . . . . . . . . . .485

Displaying the port license assignments . . . . . . . . . . . . . . . . .486

Enabling Dynamic Ports on Demand . . . . . . . . . . . . . . . . . . . .486

Disabling Dynamic Ports on Demand. . . . . . . . . . . . . . . . . . . .487

Reserving a port license . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .488

Releasing a port from a POD set. . . . . . . . . . . . . . . . . . . . . . . .488

Chapter 19 Inter-chassis Links

Inter-chassis links . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .491

ICLs for the Brocade DCX 8510 Backbone family. . . . . . . . . . . . . .492

ICL trunking on the Brocade DCX 8510-8 and DCX 8510-4 . .493

ICLs for the Brocade DCX Backbone family. . . . . . . . . . . . . . . . . . .493

ICL trunking on the Brocade DCX and DCX-4S. . . . . . . . . . . . .494

Virtual Fabrics considerations for ICLs . . . . . . . . . . . . . . . . . . . . . .494

Supported topologies for ICL connections . . . . . . . . . . . . . . . . . . .495

Mesh topology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .495

Core-edge topology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .496

Chapter 20 Monitoring Fabric Performance

Advanced Performance Monitoring overview . . . . . . . . . . . . . . . . .499

Types of monitors. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .499

Restrictions for installing monitors. . . . . . . . . . . . . . . . . . . . . .500

Virtual Fabrics considerations for Advanced Performance

Monitoring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .500

Access Gateway considerations for Advanced Performance

Monitoring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .501

End-to-end performance monitoring . . . . . . . . . . . . . . . . . . . . . . . .501

Maximum number of EE monitors . . . . . . . . . . . . . . . . . . . . . .501

Supported port configurations for EE monitors . . . . . . . . . . . .502

Adding EE monitors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .502

Setting a mask for an EE monitor. . . . . . . . . . . . . . . . . . . . . . .503

Deleting EE monitors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .504

Displaying EE monitor counters . . . . . . . . . . . . . . . . . . . . . . . .504

Clearing EE monitor counters . . . . . . . . . . . . . . . . . . . . . . . . . .505

Frame monitoring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .505

Creating frame types to be monitored . . . . . . . . . . . . . . . . . . .506

Creating a frame monitor . . . . . . . . . . . . . . . . . . . . . . . . . . . . .507

Deleting frame types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .507

Adding frame monitors to a port. . . . . . . . . . . . . . . . . . . . . . . .508

Removing frame monitors from a port . . . . . . . . . . . . . . . . . . .508

Saving a frame monitor configuration . . . . . . . . . . . . . . . . . . .508

Displaying frame monitors . . . . . . . . . . . . . . . . . . . . . . . . . . . .508

Clearing frame monitor counters . . . . . . . . . . . . . . . . . . . . . . .509

Fabric OS Administrator’s Guide 19 53-1002745-02

Top Talker monitors. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .510

Top Talker monitors and FC-FC routing. . . . . . . . . . . . . . . . . . .511

Limitations of Top Talker monitors . . . . . . . . . . . . . . . . . . . . . .512

Adding a Top Talker monitor to a port (port mode) . . . . . . . . .513

Adding Top Talker monitors on all switches in the fabric

(fabric mode) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .513

Displaying the top n bandwidth-using flows on a port

(port mode). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .513

Displaying top talking flows for a given domain ID

(fabric mode) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .514

Deleting a Top Talker monitor on a port (port mode) . . . . . . .514

Deleting all fabric mode Top Talker monitors. . . . . . . . . . . . . .515

Trunk monitoring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .515

Saving and restoring monitor configurations . . . . . . . . . . . . . . . . .515

Performance data collection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .516

Chapter 21 Optimizing Fabric Behavior

Adaptive Networking overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . .517

Ingress Rate Limiting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .518

Virtual Fabrics considerations. . . . . . . . . . . . . . . . . . . . . . . . . .519

Limiting traffic from a particular device . . . . . . . . . . . . . . . . . .519

Disabling Ingress Rate Limiting . . . . . . . . . . . . . . . . . . . . . . . .519

QoS: SID/DID traffic prioritization . . . . . . . . . . . . . . . . . . . . . . . . . .519

License requirements for SID/DID prioritization . . . . . . . . . . .520

CS_CTL-based frame prioritization. . . . . . . . . . . . . . . . . . . . . . . . . .521

QoS zone-based traffic prioritization . . . . . . . . . . . . . . . . . . . . . . . .523

Trunking considerations before you install the

Adaptive Networking license. . . . . . . . . . . . . . . . . . . . . . . . . . .523

Manually disabling QoS on trunked ports . . . . . . . . . . . . . . . .524

QoS zones . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .525

QoS on E_Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .526

QoS over FC routers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .527

Virtual Fabrics considerations for QoS zone-based traffic

prioritization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .528

High-availability considerations for QoS zone-based traffic

prioritization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .528

Supported configurations for QoS zone-based traffic

prioritization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .529

Limitations and restrictions for QoS zone-based traffic

prioritization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .529

Setting QoS zone-based traffic prioritization. . . . . . . . . . . . . . . . . .530

Setting QoS zone-based traffic prioritization over FC routers . . . .532

Disabling QoS zone-based traffic prioritization. . . . . . . . . . . . . . . .532

20 Fabric OS Administrator’s Guide

53-1002745-02

Chapter 22 Managing Trunking Connections

Trunking overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .533

Types of trunking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .534

Masterless trunking. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .534

License requirements for trunking . . . . . . . . . . . . . . . . . . . . . .535

Port groups for trunking. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .535

Supported configurations for trunking . . . . . . . . . . . . . . . . . . . . . .535

High Availability support for trunking . . . . . . . . . . . . . . . . . . . .536

Supported platforms for trunking. . . . . . . . . . . . . . . . . . . . . . . . . . .536

Requirements for trunk groups . . . . . . . . . . . . . . . . . . . . . . . . . . . .536

Recommendations for trunk groups . . . . . . . . . . . . . . . . . . . . . . . .537

Configuring trunk groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .538

Enabling trunking on a port or switch . . . . . . . . . . . . . . . . . . . . . . .538

Disabling trunking on a port or switch. . . . . . . . . . . . . . . . . . . . . . .538

Displaying trunking information . . . . . . . . . . . . . . . . . . . . . . . . . . . .539

Trunk Area and Admin Domains. . . . . . . . . . . . . . . . . . . . . . . . . . . .540

ISL trunking over long-distance fabrics . . . . . . . . . . . . . . . . . . . . . .540

EX_Port trunking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .541

Masterless EX_Port trunking. . . . . . . . . . . . . . . . . . . . . . . . . . .542

Supported configurations and platforms for EX_Port

trunking. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .542

Configuring EX_Port trunking . . . . . . . . . . . . . . . . . . . . . . . . . .542

Displaying EX_Port trunking information . . . . . . . . . . . . . . . . .542

F_Port trunking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .543

F_Port trunking for Access Gateway . . . . . . . . . . . . . . . . . . . . .543

F_Port trunking for Brocade adapters . . . . . . . . . . . . . . . . . . .545

F_Port trunking considerations. . . . . . . . . . . . . . . . . . . . . . . . .546

F_Port trunking in Virtual Fabrics . . . . . . . . . . . . . . . . . . . . . . .548

Displaying F_Port trunking information . . . . . . . . . . . . . . . . . . . . . .549

Disabling F_Port trunking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .549

Enabling the DCC policy on a trunk area. . . . . . . . . . . . . . . . . . . . .550

Trunking with TI zones . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .550

Chapter 23 Managing Long-Distance Fabrics

Long-distance fabrics overview . . . . . . . . . . . . . . . . . . . . . . . . . . . .551

Extended Fabrics device limitations . . . . . . . . . . . . . . . . . . . . . . . .552

Long -distance link modes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .552

Configuring an extended ISL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .553

Enabling long distance when connecting to TDM devices . . .554

Fabric OS Administrator’s Guide 21 53-1002745-02

Buffer credit management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .555

Buffer-to-buffer flow control . . . . . . . . . . . . . . . . . . . . . . . . . . .555

Optimal buffer credit allocation . . . . . . . . . . . . . . . . . . . . . . . .556

Fibre Channel gigabit values reference definition. . . . . . . . . .557

Buffer credit allocation based on full-size frames. . . . . . . . . .557

Allocating buffer credits based on average-size frames . . . . .560

Configuring buffers for a single port directly . . . . . . . . . . . . . .561

Configuring buffers using frame size . . . . . . . . . . . . . . . . . . . .561

Calculating the number of buffers required given the

distance, speed, and frame size. . . . . . . . . . . . . . . . . . . . . . . .561

Allocating buffer credits for F_Ports . . . . . . . . . . . . . . . . . . . . .562

Monitoring buffers in a port group . . . . . . . . . . . . . . . . . . . . . .562

Buffer credits switch or blade model . . . . . . . . . . . . . . . . . . . .563

Maximum configurable distances for Extended Fabrics . . . . .564

Downgrade considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . .565

Buffer credit recovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .566

Buffer credit recovery over an E_Port. . . . . . . . . . . . . . . . . . . .566

Buffer credit recovery over an F_Port. . . . . . . . . . . . . . . . . . . .566

Buffer credit recovery over an EX_Port. . . . . . . . . . . . . . . . . . .567

Enabling and disabling buffer credit recovery . . . . . . . . . . . . .567

Forward error correction on long-distance links . . . . . . . . . . . . . . .568

Enabling FEC on a long-distance link . . . . . . . . . . . . . . . . . . . .568

Disabling FEC on a long-distance link . . . . . . . . . . . . . . . . . . .568

Chapter 24 Using FC-FC Routing to Connect Fabrics

FC-FC routing overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .569

License requirements for FC-FC routing. . . . . . . . . . . . . . . . . .570

Supported platforms for FC-FC routing. . . . . . . . . . . . . . . . . . .570

Supported configurations for FC-FC routing. . . . . . . . . . . . . . .571

Network OS connectivity limitations . . . . . . . . . . . . . . . . . . . . .571

Fibre Channel routing concepts . . . . . . . . . . . . . . . . . . . . . . . . . . . .572

Proxy devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .575

FC-FC routing topologies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .576

Phantom domains . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .577

FCR authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .579

Setting up FC-FC routing. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .579

Verifying the setup for FC-FC routing . . . . . . . . . . . . . . . . . . . .580

Backbone fabric IDs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .581

Assigning backbone fabric IDs . . . . . . . . . . . . . . . . . . . . . . . . .582

FCIP tunnel configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .582

Inter-fabric link configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .583

Configuring an IFL for both edge and backbone connections583

FC router port cost configuration. . . . . . . . . . . . . . . . . . . . . . . . . . .587

Port cost considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .588

Setting router port cost for an EX_Port. . . . . . . . . . . . . . . . . . .588

EX_Port frame trunking configuration . . . . . . . . . . . . . . . . . . . . . . .589

22 Fabric OS Administrator’s Guide

53-1002745-02

LSAN zone configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .590

Use of Admin Domains with LSAN zones and FC-FC routing .590

Zone definition and naming . . . . . . . . . . . . . . . . . . . . . . . . . . .590

LSAN zones and fabric-to-fabric communications. . . . . . . . . .591

Controlling device communication with the LSAN . . . . . . . . . .591

Configuring backbone fabrics for interconnectivity . . . . . . . . .593

Setting the maximum LSAN count . . . . . . . . . . . . . . . . . . . . . .594

HA and downgrade considerations for LSAN zones . . . . . . . .594

LSAN zone policies using LSAN tagging . . . . . . . . . . . . . . . . . .594

LSAN zone binding. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .598

Proxy PID configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .603

Fabric parameter considerations. . . . . . . . . . . . . . . . . . . . . . . . . . .603

Inter-fabric broadcast frames. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .604

Displaying the current broadcast configuration. . . . . . . . . . . .604

Enabling broadcast frame forwarding . . . . . . . . . . . . . . . . . . .604

Disabling broadcast frame forwarding . . . . . . . . . . . . . . . . . . .604

Resource monitoring. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .604

FC-FC routing and Virtual Fabrics. . . . . . . . . . . . . . . . . . . . . . . . . . .606

Logical switch configuration for FC routing . . . . . . . . . . . . . . .607

Backbone-to-edge routing with Virtual Fabrics . . . . . . . . . . . .608

Upgrade and downgrade considerations for FC-FC routing . . . . . .609

How replacing port blades affects EX_Port configuration. . . .609

Displaying the range of output ports connected to xlate domains609

Appendix A Port Indexing

Appendix B FIPS Support

FIPS overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .615

Zeroization functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .615

Power-on self tests. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .617

Conditional tests . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .617

FIPS mode configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .617

LDAP in FIPS mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .618

LDAP certificates for FIPS mode . . . . . . . . . . . . . . . . . . . . . . . .620

Preparing a switch for FIPS. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .621

Overview of steps. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .622

Enabling FIPS mode. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .622

Zeroizing for FIPS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .624

Displaying FIPS configuration . . . . . . . . . . . . . . . . . . . . . . . . . .625

Appendix C Hexadecimal Conversion

Example conversion of the hexadecimal triplet Ox616000 . .627

Decimal-to-hexadecimal conversion table . . . . . . . . . . . . . . . .628

Index

Fabric OS Administrator’s Guide 23 53-1002745-02

24 Fabric OS Administrator’s Guide

53-1002745-02

Figures

Figure 1 Well-known addresses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43

Figure 2 Identifying the blades . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98

Figure 3 Blade swap with Virtual Fabrics during the swap. . . . . . . . . . . . . . . . . . . . . . . . . 99

Figure 4 Blade swap with Virtual Fabrics after the swap . . . . . . . . . . . . . . . . . . . . . . . . . 100

Figure 5 Principal ISLs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 112

Figure 6 New switch added to existing fabric . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 114

Figure 7 Virtual channels on a QoS-enabled ISL. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 116

Figure 8 Gateway link merging SANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 117

Figure 9 Single host and target . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 130

Figure 10 Windows 2000 VSA configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 154

Figure 11 Example of a Brocade DCT file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 161

Figure 12 Example of the dictiona.dcm file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 162

Figure 13 DH-CHAP authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 208

Figure 14 Protected endpoints configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 232

Figure 15 Gateway tunnel configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 232

Figure 16 Endpoint-to-gateway tunnel configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 233

Figure 17 Switch before and after enabling Virtual Fabrics . . . . . . . . . . . . . . . . . . . . . . . . 276

Figure 18 Switch before and after creating logical switches . . . . . . . . . . . . . . . . . . . . . . . 277

Figure 19 Fabric IDs assigned to logical switches. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 278

Figure 20 Assigning ports to logical switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 278

Figure 21 Logical switches connected to devices and non-Virtual Fabrics switch . . . . . . 280

Figure 22 Logical switches in a single chassis belong to separate fabrics . . . . . . . . . . . . 280

Figure 23 Logical switches connected to other logical switches through physical ISLs. . 282

Figure 24 Logical switches connected to form logical fabrics . . . . . . . . . . . . . . . . . . . . . . 282

Figure 25 Base switches connected by an XISL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 283

Figure 26 Logical ISLs connecting logical switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 284

Figure 27 Logical fabric using ISLs and XISLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 284

Figure 28 Example of logical fabrics in multiple chassis and XISLs . . . . . . . . . . . . . . . . . 300

Figure 29 Zoning example. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 305

Figure 30 Broadcast zones and Admin Domains . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 311

Figure 31 Traffic Isolation zone creating a dedicated path through the fabric. . . . . . . . . 346

Figure 32 Fabric incorrectly configured for TI zone with failover disabled . . . . . . . . . . . . 348

Figure 33 Dedicated path is the only shortest path . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 349

Figure 34 Dedicated path is not the shortest path . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 350

Figure 35 Enhanced TI zones . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 350

Fabric OS Administrator’s Guide 25 53-1002745-02

Figure 36 Illegal ETIZ configuration: two paths from one port to two devices on the same remote

domain 351

Figure 37 Illegal ETIZ configuration: two paths from one port . . . . . . . . . . . . . . . . . . . . . . 352

Figure 38 Traffic Isolation Zoning over FCR. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 353

Figure 39 TI zone in an edge fabric . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 354

Figure 40 TI zone in a backbone fabric . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 355

Figure 41 TI zone misconfiguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 357

Figure 42 Dedicated path with Virtual Fabrics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 361

Figure 43 Creating a TI zone in a logical fabric . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 362

Figure 44 Creating a TI zone in a base fabric . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 362

Figure 45 Example configuration for TI zones over FC routers in logical fabrics . . . . . . . 363

Figure 46 Logical representation of TI zones over FC routers in logical fabrics . . . . . . . . 363

Figure 47 TI over FCR example. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 371

Figure 48 Affected seconds for bottleneck detection. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 383

Figure 49 Encryption and compression on 16 Gbps ISLs. . . . . . . . . . . . . . . . . . . . . . . . . . 394

Figure 50 EX_Ports, E_Ports, IFLs, and ISLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 411

Figure 51 Fabric-assigned port world wide name provisioning scenarios . . . . . . . . . . . . . 427

Figure 52 Fabric with two Admin Domains . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 434

Figure 53 Filtered fabric views when using Admin Domains . . . . . . . . . . . . . . . . . . . . . . . 434

Figure 54 Fabric with AD0 and AD255. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 438

Figure 55 Fabric showing switch and device WWNs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 441

Figure 56 Filtered fabric views showing converted switch WWNs . . . . . . . . . . . . . . . . . . . 441

Figure 57 AD0 and two user-defined Admin Domains, AD1 and AD2 . . . . . . . . . . . . . . . . 452

Figure 58 AD0 with three zones . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 452

Figure 59 Minimum configuration for 64 Gbps ICLs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 492

Figure 60 DCX-4S allowed ICL connections. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 494

Figure 61 ICL triangular topology with Brocade DCX 8510-8 chassis . . . . . . . . . . . . . . . . 495

Figure 62 Full nine-mesh topology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 496

Figure 63 64 Gbps ICL core-edge topology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 497

Figure 64 Setting end-to-end monitors on a port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 502

Figure 65 Mask positions for end-to-end monitors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 504

Figure 66 Fabric mode Top Talker monitors on FC router do not monitor any flows . . . . 512

Figure 67 Fabric mode Top Talker monitors on FC router monitor flows over the E_Port 512

Figure 68 QoS traffic prioritization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 526

Figure 69 QoS with E_Ports enabled . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 527

Figure 70 Traffic prioritization in a logical fabric . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 529

Figure 71 Trunk group configuration for the Brocade 5100 . . . . . . . . . . . . . . . . . . . . . . . 535

Figure 72 Switch in Access Gateway mode without F_Port masterless trunking . . . . . . . 544

Figure 73 Switch in Access Gateway mode with F_Port masterless trunking. . . . . . . . . . 544

Figure 74 A metaSAN with inter-fabric links . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 572

Figure 75 A metaSAN with edge-to-edge and backbone fabrics and LSAN zones . . . . . . 573

Figure 76 Edge SANs connected through a backbone fabric. . . . . . . . . . . . . . . . . . . . . . . 575

26 Fabric OS Administrator’s Guide

53-1002745-02

Figure 77 MetaSAN with imported devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 576

Figure 78 Sample topology (physical topology) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 577

Figure 79 EX_Port phantom switch topology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 578

Figure 80 Example of setting up Speed LSAN tag. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 596

Figure 81 LSAN zone binding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 599

Figure 82 EX_Ports in a base switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 607

Figure 83 Logical representation of EX_Ports in a base switch . . . . . . . . . . . . . . . . . . . . . 608

Figure 84 Backbone-to-edge routing across base switch using FC router in legacy mode 609

Fabric OS Administrator’s Guide 27 53-1002745-02

28 Fabric OS Administrator’s Guide

53-1002745-02

Tables

Tab le 1 Daemons that are automatically restarted. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53

Tab le 2 Terminal port parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57

Tab le 3 Help topic contents. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59

Tab le 4 fabricShow fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73

Tab le 5 Core and CP blade terminology and platform support. . . . . . . . . . . . . . . . . . . . . 93

Tab le 6 Port blade terminology, numbering, and platform support . . . . . . . . . . . . . . . . . 94

Tab le 7 Blade compatibility within Brocade Backbone families. . . . . . . . . . . . . . . . . . . . 96

Tab le 8 Duplicate PWWN behavior: First login takes precedence over second login. . 109

Tab le 9 Duplicate PWWN behavior: Second login overrides first login . . . . . . . . . . . . . 110

Tab le 10 Duplicate PWWN behavior: Port type determines which login takes precedence 110

Tab le 11 Combinations of routing policy and IOD with Lossless DLS enabled . . . . . . . . 126

Tab le 12 Default Fabric OS roles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 134

Tab le 13 Permission types. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 135

Tab le 14 Maximum number of simultaneous sessions. . . . . . . . . . . . . . . . . . . . . . . . . . . 136

Tab le 15 Default local user accounts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 138

Tab le 16 LDAP options. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 151

Table 17 Authentication configuration options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 151

Tab le 18 Syntax for VSA-based account roles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 153

Tab le 19 Entries in dictionary.brocade file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 154

Tab le 20 Brocade custom TACACS+ attributes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 172

Tab le 21 Secure protocol support. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 177

Tab le 22 Items needed to deploy secure protocols. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 178

Tab le 23 Main security scenarios . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 178

Tab le 24 SSL certificate files. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 185

Tab le 25 Blocked listener applications. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 192

Tab le 26 Access defaults. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 192

Tab le 27 Port information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 193

Tab le 28 Valid methods for specifying policy members . . . . . . . . . . . . . . . . . . . . . . . . . . 196

Tab le 29 FCS policy states. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 199

Tab le 30 FCS switch operations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 200

Tab le 31 Distribution policy states . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 202

Tab le 32 DCC policy states . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 203

Tab le 33 DCC policy behavior with FA-PWWN when created using lockdown support . . 205

Tab le 34 DCC policy behavior when created manually with PWWN . . . . . . . . . . . . . . . . . 206

Tab le 35 SCC policy states . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 206

Tab le 36 FCAP certificate files. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 215

Fabric OS Administrator’s Guide 29 53-1002745-02

Tab le 37 Supported services. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 220

Tab le 38 Implicit IP Filter rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 222

Tab le 39 Default IP policy rules. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 222

Tab le 40 Interaction between fabric-wide consistency policy and distribution settings . 225

Tab le 41 Supported policy databases . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 225

Tab le 42 Fabric-wide consistency policy settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 228

Tab le 43 Merging fabrics with matching fabric-wide consistency policies. . . . . . . . . . . . 229

Tab le 4 4 Examples of strict fabric merges . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 230

Tab le 45 Fabric merges with tolerant and absent combinations . . . . . . . . . . . . . . . . . . . 230

Tab le 46 Algorithms and associated authentication policies . . . . . . . . . . . . . . . . . . . . . . 234

Tab le 47 CLI commands to display or modify switch configuration information . . . . . . . 247

Tab le 48 Brocade configuration and connection form . . . . . . . . . . . . . . . . . . . . . . . . . . . 253

Tab le 49 Backbone HA sync states. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 258

Tab le 50 Blade and port types supported on logical switches . . . . . . . . . . . . . . . . . . . . . 287

Tab le 51 Virtual Fabrics interaction with Fabric OS features . . . . . . . . . . . . . . . . . . . . . . 288

Tab le 52 Maximum number of logical switches per chassis. . . . . . . . . . . . . . . . . . . . . . . 288

Tab le 53 Approaches to fabric-based zoning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 305

Tab le 54 Considerations for zoning architecture . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 309

Tab le 55 Zone merging scenarios: Defined and effective configurations . . . . . . . . . . . . 339

Tab le 56 Zone merging scenarios: Different content . . . . . . . . . . . . . . . . . . . . . . . . . . . . 340

Tab le 57 Zone merging scenarios: Different names . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 340

Tab le 58 Zone merging scenarios: TI zones . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 341

Tab le 59 Zone merging scenarios: Default access mode . . . . . . . . . . . . . . . . . . . . . . . . . 341

Tab le 60 Zone merging scenarios: Mixed Fabric OS versions. . . . . . . . . . . . . . . . . . . . . . 342

Tab le 61 Traffic behavior when failover is enabled or disabled in TI zones . . . . . . . . . . 347

Tab le 62 Number of ports supported per chip or per trunk . . . . . . . . . . . . . . . . . . . . . . . 395

Tab le 63 Example ISL connections . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 406

Tab le 6 4 Number of supported NPIV devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 420

Tab le 65 AD user types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 436

Tab le 66 Ports and devices in CLI output. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 455

Tab le 67 Admin Domain interaction with Fabric OS features . . . . . . . . . . . . . . . . . . . . . . 457

Tab le 68 Configuration upload and download scenarios in an AD context . . . . . . . . . . . 460

Tab le 69 Available Brocade licenses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 464

Tab le 70 License requirements and location name by feature . . . . . . . . . . . . . . . . . . . . 467

Tab le 71 Base to Upgrade license comparison . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 470

Tab le 72 List of available ports when implementing PODs . . . . . . . . . . . . . . . . . . . . . . . 484

Tab le 73 Number of logical switches that support performance monitors . . . . . . . . . . . 500

Tab le 74 Maximum number of frame monitors and offsets per port. . . . . . . . . . . . . . . . 506

Tab le 75 Predefined values at offset 0. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 507

Table 76 Comparison between CS_CTL-based and QoS zone-based prioritization. . . . . 520

Tab le 77 Fabric resources assigned to QoS priority for frame prioritization in CS_CTL default

mode 521

30 Fabric OS Administrator’s Guide

53-1002745-02

Tab le 78 VCs assigned to QoS priority for frame prioritization in CS_CTL auto mode . . 521

Tab le 79 Trunking over long-distance for the Backbones and blades . . . . . . . . . . . . . . . 541

Tab le 80 F_Port masterless trunking considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . 546

Tab le 81 PWWN format for F_Port and N_Port trunk ports. . . . . . . . . . . . . . . . . . . . . . . . 548

Tab le 82 Fibre Channel data frames . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 558

Tab le 83 Total FC ports, ports per port group, and unreserved buffer credits per port group 563

Tab le 8 4 Configurable distances for Extended Fabrics. . . . . . . . . . . . . . . . . . . . . . . . . . . 564

Tab le 85 LSAN information stored in FC routers, with and without LSAN zone binding . 600

Tab le 86 Zeroization behavior. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 615

Tab le 87 FIPS mode restrictions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 617

Tab le 88 FIPS and non-FIPS modes of operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 618

Tab le 89 Active Directory keys to modify . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 620

Tab le 90 Decimal-to-hexadecimal conversion table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 628

Fabric OS Administrator’s Guide 31 53-1002745-02

32 Fabric OS Administrator’s Guide

53-1002745-02

About This Document

In this chapter

•How this document is organized . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33

•Supported hardware and software. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34

•What’s new in this document . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35

•Document conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36

•Notice to the reader . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37

•Additional information. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38

•Getting technical help . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38

•Document feedback . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40

How this document is organized

The document is divided into two sections; the first, “Standard Features,” contains the following topics:

• Chapter 1, “Understanding Fibre Channel Services,” provides information on the Fibre Channel

services on Brocade switches.

• Chapter 2, “Performing Basic Configuration Tasks,” gives a brief overview of Fabric OS,

explains the Fabric OS CLI Help feature, and provides typical connection and configuration procedures.

• Chapter 3, “Performing Advanced Configuration Tasks,” provides advanced connection and

configuration procedures.

• Chapter 4, “Routing Traffic,” provides information and procedures for using switch routing

features.

• Chapter 5, “Managing User Accounts,” provides information and procedures on managing

authentication and user accounts for the switch management channel.

• Chapter 6, “Configuring Protocols,” provides procedures for basic password and user account

management.

• Chapter 7, “Configuring Security Policies,” provides information and procedures for configuring

ACL policies for FC port and switch binding and managing the fabric-wide consistency policy.

• Chapter 8, “Maintaining the Switch Configuration File,” provides procedures for maintaining

and backing up your switch configurations.

• Chapter 9, “Installing and Maintaining Firmware,” provides preparations and procedures for

performing firmware downloads.

• Chapter 10, “Managing Virtual Fabrics,” describes the concepts and provides procedures for

using Virtual Fabrics.

Fabric OS Administrator’s Guide 33 53-1002745-02

• Chapter 11, “Administering Advanced Zoning,” provides procedures for use of the Brocade

Advanced Zoning feature.

• Chapter 12, “Traffic Isolation Zoning,” provides concepts and procedures for use of Traffic

Isolation Zones within a fabric.

• Chapter 13, “Bottleneck Detection,” describes how you can detect and configure alert

thresholds for latency and congestion bottlenecks in the fabric.

• Chapter 14, “In-flight Encryption and Compression,” describes concepts and provide

procedures for configuring encryption and compression on 16 Gbps ports that connect to other switches using ISLs.

• Chapter 15, “NPIV,” provides procedures for enabling and configuring N-Port ID Virtualization

(NPIV).

• Chapter 16, “Dynamic Fabric Provisioning: Fabric-Assigned PWWN,” describes the Dynamic

Fabric Provisioning feature using the fabric-assigned port World Wide Name (FA-PWWN).

• Chapter 17, “Managing Administrative Domains,” describes the concepts and provides

procedures for using administrative domains.

The second section, “Licensed Features,” contains the following topics:

• Chapter 18, “Administering Licensing,” provides information about Brocade licenses and their

implementation on SAN switches.

• Chapter 19, “Inter-chassis Links,” describes the two different types of ICLs between Brocade

Backbones.

• Chapter 20, “Monitoring Fabric Performance,” provides procedures for use of the Brocade

Advanced Performance Monitoring licensed feature.

• Chapter 21, “Optimizing Fabric Behavior,” provides procedures for use of the Brocade Adaptive

Networking suite of tools, including Traffic Isolation, QoS Ingress Rate Limiting, and QoS SID/DID Traffic Prioritization.

• Chapter 22, “Managing Trunking Connections,” provides procedures for use of the Brocade ISL

Trunking licensed feature.

• Chapter 23, “Managing Long-Distance Fabrics,” provides procedures for use of the Brocade

Extended Fabrics licensed feature.

• Chapter 24, “Using FC-FC Routing to Connect Fabrics,” provides information for setting up and

using the FC-FC Routing Service.

• The appendices provide special procedures or information for Fabric OS.

Supported hardware and software

In those instances in which procedures or parts of procedures documented here apply to some switches but not to others, this guide identifies exactly which switches are supported and which are not.

Although many different software and hardware configurations are tested and supported by Brocade Communications Systems, Inc. for Fabric OS v7.1.0, documenting all possible configurations and scenarios is beyond the scope of this document.

34 Fabric OS Administrator’s Guide

53-1002745-02

The following hardware platforms are supported by this release of Fabric OS:

• Fixed-port switches:

- Brocade 300 switch

- Brocade 5100 switch

- Brocade 5300 switch

- Brocade 5410 embedded switch

- Brocade 5424 embedded switch

- Brocade 5430 embedded switch

- Brocade 5450 embedded switch

- Brocade 5460 embedded switch

- Brocade 5470 embedded switch

- Brocade 5480 embedded switch

- Brocade 6505 switch

- Brocade 6510 switch

- Brocade 6520 switch

- Brocade 7800 extension switch

- Brocade 8000 FCoE switch

- Brocade VA-40FC

- Brocade Encryption Switch

• Brocade DCX Backbone family:

- Brocade DCX

- Brocade DCX-4S

• Brocade DCX 8510 Backbone family:

- Brocade DCX 8510-4

- Brocade DCX 8510-8

What’s new in this document

Information that was modified:

• Added a high-level Table of Contents.

• In “Switch and Backbone shutdown” on page 76, changed the advice about performing

graceful shutdowns from a recommendation to a “must”.

• In “Duplicate PWWN handling during device login” on page 109, added a third option for

configuring the behavior. The third option takes the port type into account when determining which login to use.

• Added section “Supported LDAP options” on page 151.

• In “RADIUS configuration with Admin Domains or Virtual Fabrics” on page 155, added

ChassisRole to the list of accepted keys.

• In “Installing a switch certificate” on page 185, added an example of installing a certificate in

noninteractive mode.

Fabric OS Administrator’s Guide 35 53-1002745-02

• Updated the Note in “In-flight encryption and compression overview” on page 393.

• In “Encryption and compression restrictions” on page 394, clarified the restriction about the

number of ports supported.

• Corrected the “Example of enabling encryption and compression on an E_Port” on page 407

so that you activate authentication after setting up the DH-CHAP secret.

• In “Frame monitoring” on page 505, added information about static offsets.

• In “License requirements for trunking” on page 535, removed the note that said the Brocade

6520 did not require a Trunking license. The Brocade 6520 does require the Trunking license.

• In “Buffer credit recovery over an E_Port” on page 566, clarified that for an ISL between a

device that supports 16 Gbps and a device that supports only 8 Gbps, buffer credit recovery is disabled.

Document conventions

This section describes text formatting conventions and important notice formats used in this document.

Text formatting

The narrative-text formatting conventions that are used are as follows:

bold text Identifies command names

Identifies the names of user-manipulated GUI elements Identifies keywords and operands Identifies text to enter at the GUI or CLI

italic text Provides emphasis

Identifies variables Identifies paths and Internet addresses Identifies document titles

code text Identifies CLI output

Identifies command syntax examples

For readability, command names in the narrative portions of this guide are presented in mixed lettercase: for example, switchShow. In actual examples, command lettercase is often all lowercase. Otherwise, this manual specifically notes those cases in which a command is case sensitive.

Command syntax conventions

Command syntax in this manual follows these conventions:

command Commands are printed in bold.

--option, option Command options are printed in bold.

-argument, arg Arguments.

[ ] Optional element.

36 Fabric OS Administrator’s Guide

53-1002745-02

NOTE

ATTENTION

CAUTION

DANGER

variable Variables are printed in italics. In the help pages, values are underlined

enclosed in angled brackets < >.

... Repeat the previous element, for example “member[;member...]”

value Fixed values following arguments are printed in plain font. For example,

--show WWN

| Boolean. Elements are exclusive. Example:

--show -mode egress | ingress

Notes, cautions, and warnings

The following notices and statements are used in this manual. They are listed below in order of increasing severity of potential hazards.

A note provides a tip, guidance or advice, emphasizes important information, or provides a reference to related information.

An Attention statement indicates potential damage to hardware or data.

A Caution statement alerts you to situations that can be potentially hazardous to you or cause damage to hardware, firmware, software, or data.

A Danger statement indicates conditions or situations that can be potentially lethal or extremely hazardous to you. Safety labels are also attached directly to products to warn of these conditions or situations.

Key terms

For definitions specific to Brocade and Fibre Channel, see the Brocade Glossary.

For definitions of SAN-specific terms, visit the Storage Networking Industry Association online dictionary at:

http://www.snia.org/education/dictionary

Notice to the reader

This document may contain references to the trademarks of the following corporations. These trademarks are the properties of their respective companies and corporations.

These references are made for informational purposes only.

Fabric OS Administrator’s Guide 37 53-1002745-02

Corporation Referenced Trademarks and Products

Microsoft Corporation Windows, Windows NT, Internet Explorer

Mozilla Corporation Mozilla, Firefox

Netscape Communications Corporation Netscape

Red Hat, Inc. Red Hat, Red Hat Network, Maximum RPM, Linux Undercover

Sun Microsystems, Inc. Sun, Solaris

Additional information

This section lists additional Brocade and industry-specific documentation that you might find helpful.

Brocade resources

To get up-to-the-minute information, go to http://my.brocade.com and register at no cost for a user ID and password.

For practical discussions about SAN design, implementation, and maintenance, you can obtain Building SANs with Brocade Fabric Switches through:

http://www.amazon.com

For additional Brocade documentation, visit the Brocade SAN Info Center and click the Resource Library location:

http://www.brocade.com

Release notes are available on the My Brocade website and are also bundled with the Fabric OS firmware.

Other industry resources

For additional resource information, visit the Technical Committee T11 website. This website provides interface standards for high-performance and mass storage applications for Fibre Channel, storage management, and other applications:

http://www.t11.org

For information about the Fibre Channel industry, visit the Fibre Channel Industry Association website:

http://www.fibrechannel.org

Getting technical help

Contact your switch support supplier for hardware, firmware, and software support, including product repairs and part ordering. To expedite your call, have the following information available:

38 Fabric OS Administrator’s Guide

53-1002745-02

1. General Information

'"!&'

FT00X0054E9

• Switch model

• Switch operating system version

• Error numbers and messages received

• supportSave command output

• Detailed description of the problem, including the switch or fabric behavior immediately

following the problem, and specific questions

• Description of any troubleshooting steps already performed and the results

• Serial console and Telnet session logs

• syslog message logs

2. switch serial number

The switch serial number and corresponding bar code are provided on the serial number label, as illustrated below.:

The serial number label is located as follows:

• Brocade 5424 — On the bottom of the switch module.

• Brocade 300, 5100, and 5300 — On the switch ID pull-out tab located on the bottom of

the port side of the switch.

• Brocade 6510, and 6520 — On the switch ID pull-out tab located inside the chassis on the

port side on the left.

• Brocade 7800 and 8000 — On the bottom of the chassis.

• Brocade DCX-4S and DCX 8510-4 — On the nonport side of the chassis, on the lower left

side.

• Brocade DCX and DCX 8510-8 — On the port side of the chassis, on the lower right side

and directly above the cable management comb.

3. World Wide Name (WWN)

Use the wwn command to display the switch WWN.

If you cannot use the wwn command because the switch is inoperable, you can get the WWN from the same place as the serial number, except for the Brocade DCX enterprise class platform. For the Brocade DCX enterprise class platform, access the numbers on the WWN cards by removing the Brocade logo plate at the top of the nonport side of the chassis.

For the Brocade 5424 embedded switch: Provide the license ID. Use the licenseIdShow command to display the WWN.

Fabric OS Administrator’s Guide 39 53-1002745-02

Document feedback

Quality is our first concern at Brocade and we have made every effort to ensure the accuracy and completeness of this document. However, if you find an error or an omission, or you think that a topic needs further development, we want to hear from you. Forward your feedback to:

documentation@brocade.com

Provide the title and version number of the document and as much detail as possible about your comment, including the topic heading and page number and your suggestions for improvement.

40 Fabric OS Administrator’s Guide

53-1002745-02

Section

Standard Features

This section describes standard Fabric OS features, and includes the following chapters:

•Chapter 1, “Understanding Fibre Channel Services”

•Chapter 2, “Performing Basic Configuration Tasks”

•Chapter 3, “Performing Advanced Configuration Tasks”

•Chapter 4, “Routing Traffic”

•Chapter 5, “Managing User Accounts”

•Chapter 6, “Configuring Protocols”

•Chapter 7, “Configuring Security Policies”

•Chapter 8, “Maintaining the Switch Configuration File”

•Chapter 9, “Installing and Maintaining Firmware”

•Chapter 10, “Managing Virtual Fabrics”

•Chapter 11, “Administering Advanced Zoning”

•Chapter 12, “Traffic Isolation Zoning”

•Chapter 13, “Bottleneck Detection”

•Chapter 14, “In-flight Encryption and Compression”

•Chapter 15, “NPIV”

•Chapter 16, “Dynamic Fabric Provisioning: Fabric-Assigned PWWN”

•Chapter 17, “Managing Administrative Domains”

Fabric OS Administrator’s Guide 41 53-1002745-02

42 Fabric OS Administrator’s Guide

53-1002745-02

Chapter

Understanding Fibre Channel Services

In this chapter

•Fibre Channel services overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43

•Management server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44

•Platform services. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44

•Management server database . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45

•Topology discovery. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49

•Device login . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51

•High availability of daemon processes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53

Fibre Channel services overview

Fibre Channel services define service functions that reside at well-know addresses, as illustrated in

Figure 1. A well-known address is a reserved three-byte address for each service. Services are

provided to either nodes or management applications in the fabric.

FIGURE 1 Well-known addresses

Fabric Login — The Fabric Login server assigns a fabric address to a fabric node, which allows it to communicate with services on the switch or other nodes in the fabric. The fabric address is a 24-bit address (0x000000) containing three 3-byte nodes. Reading from left to right, the first node (0x000000) represents the domain ID, the second node (0x000000) the port area number of the port where the node is attached, and the third node (0x000000) the arbitrated loop physical address (AL_PA), if applicable.

Directory server — The directory server or name server registers fabric and public nodes and conducts queries to discover other devices in the fabric.

Fabric controller — The fabric controller provides State Change Notifications (SCNs) to registered nodes when a change in the fabric topology occurs.

Time server — The time server sends the time to the member switches in the fabric from either the principal switch or, if configured, the primary fabric configuration server (FCS) switch. Refer to Chapter 7, “Configuring Security Policies,” for additional information on FCS policies.

Fabric OS Administrator’s Guide 43 53-1002745-02

Management server

NOTE

Management server — The management server provides a single point for managing the fabric. This is the only service that users can configure. See “Management server” below for more details

Alias server — The alias server keeps a group of nodes registered as one name to handle multicast groups.

Broadcast server — The broadcast server is optional. When frames are transmitted to this address, they are broadcast to all operational N_ and NL_Ports.

When registration and query frames are sent to a well-known address, a different protocol service, Fibre Channel Common Transport (FC-CT), is used. This protocol provides a simple, consistent format and behavior when a service provider is accessed for registration and query purposes.

Management server

The Brocade Fabric OS management server (MS) allows a SAN management application to retrieve information and administer interconnected switches, servers, and storage devices. The management server assists in the autodiscovery of switch-based fabrics and their associated topologies.

A client of the management server can find basic information about the switches in the fabric and use this information to construct topology relationships. The management server also allows you to obtain certain switch attributes and, in some cases, modify them. For example, logical names identifying switches can be registered with the management server.

The management server provides several advantages for managing a Fibre Channel fabric:

• It is accessed by an external Fibre Channel node at the well-known address FFFFFAh, so an

application can access information about the entire fabric management with minimal knowledge of the existing configuration.

• It is replicated on every Brocade switch within a fabric.

• It provides an unzoned view of the overall fabric configuration. This fabric topology view

exposes the internal configuration of a fabric for management purposes; it contains interconnect information about switches and devices connected to the fabric. Under normal circumstances, a device (typically an FCP initiator) queries the name server for storage devices within its member zones. Because this limited view is not always sufficient, the management server provides the application with a list of the entire name server database.

Platform services

By default, all management services except platform services are enabled; the MS platform service and topology discovery are disabled.

You can activate and deactivate the platform services throughout the fabric. Activating the platform services attempts to activate the MS platform service for each switch in the fabric. The change takes effect immediately and is committed to the configuration database of each affected switch. MS activation is persistent across power cycles and reboots.

The commands msplMgmtActivate and msplMgmtDeactivate are allowed only in AD0 and AD255.

44 Fabric OS Administrator’s Guide

53-1002745-02

Management server database

Platform services and Virtual Fabrics

Each logical switch has a separate platform database. All platform registrations done to a logical switch are valid only in that particular logical switch’s Virtual Fabric.

Activating the platform services on a switch activates the platform services on all logical switches in a Virtual Fabric. Similarly, deactivating the platform services deactivates the platform service on all logical switches in a Virtual Fabric. The msPlatShow command displays all platforms registered in a Virtual Fabric.

Enabling platform services

When FCS policy is enabled, the msplMgmtActivate command can be issued only from the primary FCS switch.

The execution of the msplMgmtActivate command is subject to Admin Domain restrictions that may be in place.

Use the following procedure to enable platform services:

1. Connect to the switch and log in using an account assigned to the admin role.

2. Enter the msCapabilityShow command to verify that all switches in the fabric support the MS platform service; otherwise, the next step fails.

3. Enter the msplMgmtActivate command, as in the following example.

switch:admin> msplmgmtactivate

Request to activate MS Platform Service in progress......

*Completed activating MS Platform Service in the fabric!

Disabling platform services

Use the following procedure to disable platform services:

1. Connect to the switch and log in using an account assigned to the admin role.

2. Enter the msplMgmtDeactivate command.

3. Enter y to confirm the deactivation, as in the following example.

switch:admin> msplmgmtdeactivate MS Platform Service is currently enabled. This will erase MS Platform Service configuration information as well as database in the entire fabric. Would you like to continue this operation? (yes, y, no, n): [no] y

Request to deactivate MS Platform Service in progress......

*Completed deactivating MS Platform Service in the fabric!

Management server database

You can control access to the management server database.

An access control list (ACL) of WWN addresses determines which systems have access to the management server database. The ACL typically contains those WWNs of host systems that are running management applications.

Fabric OS Administrator’s Guide 45 53-1002745-02

Management server database

NOTE

If the list is empty (the default), the management server is accessible to all systems connected in-band to the fabric. For more access security, you can specify WWNs in the ACL so that access to the management server is restricted to only those WWNs listed.

The management server is logical switch-capable. All management server features are supported within a logical switch.

Displaying the management server ACL

Use the following procedure to display the management server ACL:

1. Connect to the switch and log in using an account assigned to the admin role.

2. Enter the msConfigure command.

3. At the “select” prompt, enter 1 to display the access list.

Example of an empty access list

The command becomes interactive.

A list of WWNs that have access to the management server is displayed.

switch:admin> msconfigure 0 Done 1 Display the access list 2 Add member based on its Port/Node WWN 3 Delete member based on its Port/Node WWN select : (0..3) [1] 1 MS Access list is empty. 0 Done 1 Display the access list 2 Add member based on its Port/Node WWN 3 Delete member based on its Port/Node WWN select : (0..3) [1] 0 done ...

Adding a member to the ACL

Use the following procedure to add a member to the ACL:

1. Connect to the switch and log in using an account assigned to the admin role.

2. Enter the msConfigure command.

The command becomes interactive.

3. At the “select” prompt, enter 2 to add a member based on its port/node WWN.

4. At the “Port/Node WWN” prompt, enter the WWN of the host to be added to the ACL.

5. At the “select” prompt, enter 1 to display the access list so you can verify that the WWN you entered was added to the ACL.

6. After verifying that the WWN was added correctly, enter 0 at the prompt to end the session.

7. At the “Update the FLASH?” prompt, enter y.

8. Press Enter to update the nonvolatile memory and end the session.

46 Fabric OS Administrator’s Guide

53-1002745-02

Management server database

NOTE

Example of adding a member to the management server ACL

switch:admin> msconfigure 0 Done 1 Display the access list 2 Add member based on its Port/Node WWN 3 Delete member based on its Port/Node WWN select : (0..3) [1] 2 Port/Node WWN (in hex): [00:00:00:00:00:00:00:00] 20:00:00:20:37:65:ce:aa *WWN is successfully added to the MS ACL. 0 Done 1 Display the access list 2 Add member based on its Port/Node WWN 3 Delete member based on its Port/Node WWN select : (0..3) [2] 1 MS Access List consists of (14): { 20:00:00:20:37:65:ce:aa 20:00:00:20:37:65:ce:bb 20:00:00:20:37:65:ce:ff 20:00:00:20:37:65:ce:11 20:00:00:20:37:65:ce:22 20:00:00:20:37:65:ce:33 20:00:00:20:37:65:ce:44 10:00:00:60:69:04:11:24 10:00:00:60:69:04:11:23 21:00:00:e0:8b:04:70:3b 10:00:00:60:69:04:11:33 20:00:00:20:37:65:ce:55 20:00:00:20:37:65:ce:66 00:00:00:00:00:00:00:00 } 0 Done 1 Display the access list 2 Add member based on its Port/Node WWN 3 Delete member based on its Port/Node WWN select : (0..3) [1] 0 done ... Update the FLASH? (yes, y, no, n): [yes] y *Successfully saved the MS ACL to the flash.

Deleting a member from the ACL

When you delete a member from the ACL, that member no longer has access to the management server.

If you delete the last member of the ACL, leaving the ACL list is empty, then the management server will be accessible to all systems connected in-band to the fabric.

Use the following procedure to delete a member from the ACL:

1. Connect to the switch and log in using an account with admin permissions.

2. Enter the msConfigure command.

The command becomes interactive.

3. At the “select” prompt, enter 3 to delete a member based on its port/node WWN.

4. At the “Port/Node WWN” prompt, enter the WWN of the member to be deleted from the ACL.

Fabric OS Administrator’s Guide 47 53-1002745-02

Management server database

5. At the “select” prompt, enter 1 to display the access list so you can verify that the WWN you

6. After verifying that the WWN was deleted correctly, enter 0 at the “select” prompt to end the

7. At the “Update the FLASH?” prompt, enter y.

8. Press Enter to update the nonvolatile memory and end the session.

Example of deleting a member from the management server ACL

entered was deleted from the ACL.

session.

switch:admin> msconfigure

0 Done 1 Display the access list 2 Add member based on its Port/Node WWN 3 Delete member based on its Port/Node WWN select : (0..3) [1] 3

Port/Node WWN (in hex): [00:00:00:00:00:00:00:00] 10:00:00:00:c9:29:b3:84 *WWN is successfully deleted from the MS ACL. 0 Done 1 Display the access list 2 Add member based on its Port/Node WWN 3 Delete member based on its Port/Node WWN select : (0..3) [3] 1

MS Access list is empty

0 Done 1 Display the access list 2 Add member based on its Port/Node WWN 3 Delete member based on its Port/Node WWN select : (0..3) [1] 0

Viewing the contents of the management server database

Use the following procedure to view the contents of the management server database:

1. Connect to the switch and log in using an account assigned to the admin role.

2. Enter the msPlatShow command.

Example of viewing the contents of the management server platform database

switch:admin> msplatshow

----------------------------------------------------------Platform Name: [9] "first obj" Platform Type: 5 : GATEWAY Number of Associated M.A.: 1 [35] "http://java.sun.com/products/plugin" Number of Associated Node Names: 1 Associated Node Names: 10:00:00:60:69:20:15:71

----------------------------------------------------------Platform Name: [10] "second obj" Platform Type: 7 : HOST_BUS_ADAPTER Number of Associated M.A.: 1 Associated Management Addresses: [30] "http://java.sun.com/products/1"

48 Fabric OS Administrator’s Guide

53-1002745-02

Number of Associated Node Names: 1

NOTE

Associated Node Names: 10:00:00:60:69:20:15:75

Clearing the management server database

Use the following procedure to clear the management server database:

The command msPlClearDB is allowed only in AD0 and AD255.

1. Connect to the switch and log in using an account assigned to the admin role.

2. Enter the msplClearDb command.

3. Enter y to confirm the deletion.

The management server platform database is cleared.

Topology discovery

The topology discovery feature can be displayed, enabled, and disabled; it is disabled by default. The commands mstdEnable and mstdDisable are allowed only in AD0 and AD255.

Displaying topology discovery status

Use the following procedure to display the status of the topology discovery:

1. Connect to the switch and log in using an account with admin permissions.

2. Enter the mstdReadConfig command.

switch:admin> mstdreadconfig *MS Topology Discovery is Enabled.

Enabling topology discovery

Use the following procedure to enable topology discovery:

1. Connect to the switch and log in using an account with admin permissions.

2. Enter the appropriate following command based on how you want to enable discovery:

• For the local switch, enter the mstdEnable command.

• For the entire fabric, enter the mstdEnable all command.

Example of enabling discovery

switch:admin> mstdenable

Request to enable MS Topology Discovery Service in progress....

*MS Topology Discovery enabled locally.

switch:admin> mstdenable ALL

Request to enable MS Topology Discovery Service in progress....

Fabric OS Administrator’s Guide 49 53-1002745-02

Topology discovery

NOTE

ATTENTION

*MS Topology Discovery enabled locally. *MS Topology Discovery Enable Operation Complete!!

Disabling topology discovery

Use the following procedure to disable topology discovery:

1. Connect to the switch and log in using an account with admin permissions.

2. Enter the appropriate following command based on how you want to disable discovery:

• For the local switch, enter the mstdDisable command.

• For the entire fabric, enter the mstdDisable all command.

A warning displays stating that all NID entries might be cleared.

3. Enter y to disable the Topology Discovery feature.

Topology discovery is disabled by default.

Disabling discovery of management server topology might erase all node ID entries.

If Admin Domains are enabled, you must be in the AD0 or AD255 context. Refer to Chapter 17,

“Managing Administrative Domains,” for additional information.

Example of disabling discovery

switch:admin> mstddisable This may erase all NID entries. Are you sure? (yes, y, no, n): [no] y

Request to disable MS Topology Discovery Service in progress....

*MS Topology Discovery disabled locally.

switch:admin> mstddisable all This may erase all NID entries. Are you sure? (yes, y, no, n): [no] y

Request to disable MS Topology Discovery Service in progress....

*MS Topology Discovery disabled locally. *MS Topology Discovery Disable Operation Complete!!

50 Fabric OS Administrator’s Guide

53-1002745-02

Device login

A device can be storage, a host, or a switch. When new devices are introduced into the fabric, they must be powered on and, if a host or storage device, connected to a switch. Switch-to-switch logins (using the E_Port) are handled differently than storage and host logins. E_Ports exchange different frames than the ones listed below with the Fabric Controller to access the fabric. Once storage and host devices are powered on and connected, the following logins occur:

1. FLOGI —Fabric Login command establishes a 24-bit address for the device logging in, and establishes buffer-to-buffer credits and the class of service supported.

2. PLOGI—Port Login command logs the device into the name server to register its information and query for devices that share its zone. During the PLOGI process, information is exchanged between the new device and the fabric. Some of the following types of information exchanges occur:

• SCR—State Change Registration registers the device for State Change Notifications. If a

change in the fabric occurs, such as a zoning change or a change in the state of a device to which this device has access, the device receives a Registered State Change Notification (RSCN).

• Registration—A device exchanges registration information with the name server.

• Query—Devices query the name server for information about the device it can access.

Principal switch

In a fabric with multiple switches, and one inter-switch link (ISL) exists between any two switches, a principal switch is automatically elected. The principal switch provides the following capabilities:

• Maintains time for the entire fabric. Subordinate switches synchronize their time with the

principal switch. Changes to the clock server value on the principal switch are propagated to all switches in the fabric.

• Manages domain ID assignment within the fabric. If a switch requests a domain ID that has

been used before, the principal switch grants the same domain ID unless it is in use by another switch.

E_Port login process

An E_Port does not use a FLOGI to log in to another switch. Instead, the new switch exchanges frames with the principal switch to establish that the new switch is an E_Port and that it has information to exchange. If everything is acceptable to the principal switch, it replies to the new switch with an SW_ACC (accept) frame. The initializing frame is an Exchange Link Parameters (ELP) frame that allows an exchange of parameters between two ports, such as flow control, buffer-to-buffer credits, RA_TOV, and ED_TOV. This is not a negotiation. If one or the other port’s link parameters do not match, a link does not occur. Once an SW_ACC frame is received from the principal switch, the new switch sends an Exchange Switch Capabilities (ESC) frame. The two switches exchange routing protocols and agree on a common routing protocol. An SW_ACC frame is received from the principal switch and the new switch sends an Exchange Fabric Parameters (EFP) frame to the principal switch, requesting principal switch priority and the domain ID list. Buffer-to-buffer credits for the device and switch ports are exchanged in the SW_ACC command sent to the device in response to the FLOGI.

Fabric OS Administrator’s Guide 51 53-1002745-02

NOTE

Device login

Fabric login process

A device performs a fabric login (FLOGI) to determine if a fabric is present. If a fabric is detected then it exchanges service parameters with the fabric controller. A successful FLOGI sends back the 24-bit address for the device in the fabric. The device must issue and successfully complete a FLOGI command before communicating with other devices in the fabric.

Because the device does not know its 24-bit address until after the FLOGI, the source ID (SID) in the frame header of the FLOGI request are zeros (0x000000).

Port login process

The steps in the port initialization process occur as the result of a protocol that functions to discover the type of device connected and establish the port type and negotiate port speed. See

“Port Types” on page 84 for a discussion of available port types.

The Fibre Channel protocol (FCP) auto discovery process enables private storage devices that accept the process login (PRLI) to communicate in a fabric.

If device probing is enabled, the embedded port performs a PLOGI and attempts a PRLI into the device to retrieve information to enter into the name server. This enables private devices that do not perform a FLOGI, but accept a PRLI, to be entered in the name server and receive full fabric access.

A fabric-capable device registers its information with the name server during a FLOGI. These devices typically register information with the name server before querying for a device list. The embedded port still performs a PLOGI and attempts a PRLI with these devices.

If a port decides to end the current session, it initiates a logout. A logout concludes the session and terminates any work in progress associated with that session.

To display the contents of a switch’s name server, use the nsShow or nsAllShow command. For more information about these commands, refer to the Fabric OS Command Reference.

RSCNs

A Registered State Change Notification (RSCN) is a notification frame that is sent to devices that are zoned together and are registered to receive a State Change Notification (SCN). The RSCN is responsible for notifying all devices of fabric changes. The following general list of actions can cause an RSCN to be sent through your fabric:

• A new device has been added to the fabric.

• An existing device has been removed from the fabric.

• A zone has changed.

• A switch name has changed or an IP address has changed.

• Nodes leaving or joining the fabric, such as zoning, powering on or shutting down a device, or

zoning changes.

Fabric reconfigurations with no domain change do not cause an RSCN.

52 Fabric OS Administrator’s Guide

53-1002745-02

Duplicate Port World Wide Name

According to Fibre Channel standards, the Port World Wide Name (PWWN) of a device cannot overlap with that of another device, thus having duplicate PWWNs within the same fabric is an illegal configuration.

If a PWWN conflict occurs with two devices attached to the same domain, Fabric OS handles device login in such a way that only one device may be logged in to the fabric at a time. For more information, refer to “Duplicate PWWN handling during device login” on page 109.

If a PWWN conflict occurs and two duplicate devices are attached to the fabric through different domains, the devices are removed from the Name Server database and a RASlog is generated.

Device recovery

To recover devices that have been removed from the Name Server database due to duplicate PWWNs, the devices must re-login to the fabric. This is true for any device—for example, a device on an F_Port, NPIV devices, or devices attached to a switch in Access Gateway mode.

High availability of daemon processes

Starting non-critical daemons is automatic; you cannot configure the startup process. The following sequence of events occurs when a non-critical daemon fails:

1. A RASlog and AUDIT event message are logged.

2. The daemon is automatically started again.

3. If the restart is successful, then another message is sent to RASlog and AUDIT reporting the successful restart status.

4. If the restart fails, another message is sent to RASlog and no further attempts are made to restart the daemon.

Schedule downtime and reboot the switch at your convenience. Table 1 lists the daemons that are considered non-critical and are automatically restarted on failure.

TABLE 1 Daemons that are automatically restarted

Daemon Description

arrd Asynchronous Response Router, which is used to send management data to hosts when the switch is

accessed through the APIs (FA API or SMI-S).

cald Common Access Layer daemon, which is used by manageability applications.

raslogd Reliability, Availability, and Supportability daemon logs error detection, reporting, handling, and

presentation of data into a format readable by you and management tools.

rpcd Remote Procedure Call daemon, which is used by the API (Fabric Access API and SMI-S).

snmpd Simple Network Management Protocol daemon.

traced Trace daemon provides trace entry date and time translation to Trace Device at startup and when

date/time changed by command. Maintains the trace dump trigger parameters in a Trace Device. Performs the trace Background Dump, trace automatic FTP, and FTP “aliveness check” if auto-FTP is enabled.

trafd Traffic daemon implements Bottleneck detection.

Fabric OS Administrator’s Guide 53 53-1002745-02

High availability of daemon processes

TABLE 1 Daemons that are automatically restarted (Continued)

Daemon Description

webd Webserver daemon used for WebTools (includes httpd as well).

weblinkerd Weblinker daemon provides an HTTP interface to manageability applications for switch management

and fabric discovery.

54 Fabric OS Administrator’s Guide

53-1002745-02

Chapter

Performing Basic Configuration Tasks

In this chapter

•Fabric OS overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55

•Fabric OS command line interface. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56

•Password modification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61

•The switch Ethernet interface. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62

•Date and time settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69

•Domain IDs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72

•Switch names . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74

•Chassis names. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75

•Fabric name . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75

•Switch activation and deactivation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 76

•Switch and Backbone shutdown . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 76

•Basic connections . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 78

Fabric OS overview

This chapter describes how to configure your Brocade SAN using the Fabric OS command line interface (CLI). Before you can configure a storage area network (SAN), you must power up the Backbone platform or switch and blades, and then set the IP addresses of those devices. Although this chapter focuses on configuring a SAN using the CLI, you can also use the following methods to configure a SAN:

• Web Tools

For Web Tools procedures, refer to Web Tools Administrator’s Guide.

• Brocade Network Advisor

For additional information, refer to the Brocade Network Advisor User Manual for the version you have.

• A third-party application using the API

For third-party application procedures, refer to the third-party API documentation.

Because of the differences between fixed-port and variable-port devices, procedures sometimes differ among Brocade models. As new Brocade models are introduced, new features sometimes apply only to those models.

When procedures or parts of procedures apply to some models but not others, this guide identifies the specifics for each model. For example, a number of procedures that apply only to variable-port devices are found in Chapter 3, “Performing Advanced Configuration Tasks”.

Fabric OS Administrator’s Guide 55 53-1002745-02

Fabric OS command line interface

Although many different software and hardware configurations are tested and supported by Brocade Communications Systems, Inc., documenting all possible configurations and scenarios is beyond the scope of this document. In some cases, earlier releases are highlighted to present considerations for interoperating with them.

The hardware reference manuals for Brocade products describe how to power up devices and set their IP addresses. After the IP address is set, you can use the CLI procedures contained in this guide. For additional information about the commands used in the procedures, refer to the Fabric OS Command Reference.

Fabric OS command line interface

Fabric OS uses Role-Based Access Control (RBAC) to control access to all Fabric OS operations. Each feature is associated with an RBAC role and you need to know which role is allowed to run a command, make modifications to the switch, or view the output of the command. To determine which RBAC role you need to run a command, review the section “Role-Based Access Control” on page 134.

Notes

• Commands are shown and can be entered either in all lower case or using Java-style

capitalization. This means that while bannershow and bannerShow will both work, BANNERSHOW and BannerShow will not.

• When command examples in this guide show user input enclosed in quotation marks, the

quotation marks are required. Example: zonecreate "zonename" requires that the value for zonename be in quotation marks.

Console sessions using the serial port

Be aware of the following behaviors for serial connections:

• Some procedures require that you connect through the serial port; for example, setting the IP

address or setting the boot PROM password.

• Brocade DCX and DCX 8510 Backbone families: You can connect to CP0 or CP1 using either of

the two serial ports.

Connecting to Fabric OS through the serial port

Use the following procedure to connect to the Fabric OS using the serial port:

1. Connect the serial cable to the serial port on the switch and to an RS-232 serial port on the workstation.

If the serial port on the workstation is an RJ-45 port, instead of RS-232, remove the adapter on the end of the serial cable and insert the exposed RJ-45 connector into the RJ-45 serial port on the workstation.

2. Open a terminal emulator application (such as HyperTerminal on a PC, TERM, TIP, or Kermit in a UNIX environment), and configure the application as follows:

56 Fabric OS Administrator’s Guide

53-1002745-02

Fabric OS command line interface

NOTE

• In a Windows environment enter the following parameters:

TABLE 2 Terminal port parameters

Parameter Value

Bits per second 9600

Databits 8

Parity None

Stop bits 1

Flow control None

• In a UNIX environment, enter the following string at the prompt:

tip /dev/ttyb -9600

If ttyb is already in use, use ttya instead and enter the following string at the prompt:

tip /dev/ttya -9600

Telnet or SSH sessions

You can connect to the Fabric OS through a Telnet or SSH connection or by using a console session on the serial port. The switch must also be physically connected to the network. If the switch network interface is not configured or the switch has been disconnected from the network, use a console session on the serial port as described in “Console sessions using the serial port” on page 56.

To automatically configure the network interface on a DHCP-enabled switch, plug the switch into the network and power it on. The DHCP client automatically gets the IP and gateway addresses from the DHCP server. The DHCP server must be on the same subnet as the switch. Refer to “DHCP

activation” on page 66.

Rules for Telnet connections

The following rules must be observed when making Telnet connections to your switch:

• Never change the IP address of the switch while two Telnet sessions are active; if you do, your

next attempt to log in fails. To recover, gain access to the switch by one of these methods:

- You can use Web Tools to perform a fast boot. When the switch comes up, the Telnet quota

is cleared. (For instructions on performing a fast boot with Web Tools, see the Web Tools Administrator’s Guide.)

- If you have the required privileges, you can connect through the serial port, log in as

admin, and use the killTelnet command to identify and kill the Telnet processes without disrupting the fabric.

• For accounts with an admin role, Fabric OS limits the number of simultaneous Telnet sessions

per switch to two. For more details on session limits, refer to Chapter 5, “Managing User

Accounts”.

Fabric OS Administrator’s Guide 57 53-1002745-02

Fabric OS command line interface

Connecting to Fabric OS using Telnet

Use the following procedure to connect to the Fabric OS using Telnet:

1. Connect through a serial port to the switch that is appropriate for your fabric:

• If Virtual Fabrics is enabled, log in using an admin account assigned the chassis-role

• If Virtual Fabrics is not enabled, log in using an account assigned to the admin role.

2. Verify the switch’s network interface is configured and that it is connected to the IP network through the RJ-45 Ethernet port.

Switches in the fabric that are not connected through the Ethernet port can be managed through switches that are using IP over Fibre Channel. The embedded port must have an assigned IP address.

3. Log off the switch’s serial port.

4. From a management station, open a Telnet connection using the IP address of the switch to which you want to connect.

The login prompt is displayed when the Telnet connection finds the switch in the network.

5. Enter the account ID at the login prompt.

permission.

6. Enter the password.

If you have not changed the system passwords from the default, you are prompted to change them. Enter the new system passwords, or press Ctrl+C to skip the password prompts. For more information on system passwords, refer to “Default account passwords” on page 61.

7. Verify the login was successful.

The prompt displays the switch name and user ID to which you are connected.

Getting help on a command

You can display a list of all command help topics for a given login level. For example, if you log in as user and enter the help command, a list of all user-level commands that can be executed is displayed. The same rule applies to the admin, securityAdmin, and the switchAdmin roles.

Use the following procedure to get help on a command:

1. Connect to the switch and log in using an account assigned to the admin role.

2. Enter the help [|more] command with no specific command and all commands are displayed.

The optional |more argument displays the commands one page at a time.

For command-specific information, you can enter help command |more, where command is the name of the command for which you need specific information.

58 Fabric OS Administrator’s Guide

53-1002745-02

Fabric OS command line interface

The commands in the following table provides help files for the indicated specific topics.

TABLE 3 Help topic contents

Topic name Help contents description

diagHelp Diagnostic help information

ficonHelp FICON help information

fwHelp Fabric Watch help information

iscsiHelp iSCSI help information

licenseHelp License help information

perfHelp Performance Monitoring help information

routeHelp Routing help information

trackChangesHelp Track Changes help information

zoneHelp Zoning help information

Viewing a history of command line entries

The CLI command history log file saves the last 512 commands from all users on a FIFO basis, and this log is persistent across reboots and firmware downloads. This command is also supported for standby CPs.

The log records the following information whenever a command ins entered in the switch CLI:

• Timestamp

• Username

• IP address of the telnet session

• Options

• Arguments

Use the following procedure to view the CLI command log:

1. Connect to the switch and log in.

2. Enter the cliHistory command with the desired argument (see below for arguments). Entering no specific argument displays only the command line history of the currently logged-in user.

cliHistory

Entering the cliHistory command with no arguments displays the command line history for the currently logged-in user only (even for the root user).

Example cliHistory command output from root login

switch:root> clihistory CLI history Date & Time Message Thu Sep 27 04:58:00 2012 root, 10.70.12.101, firmwareshow -v Thu Sep 27 04:58:19 2012 root, 10.70.12.101, telnet 127.1.10.1 Thu Sep 27 05:25:45 2012 root, 10.70.12.101, ipaddrshow] switch:root>

Fabric OS Administrator’s Guide 59 53-1002745-02

Fabric OS command line interface

Example cliHistory command output from admin login

switch:admin> clihistory CLI history Date & Time Message Thu Sep 27 10:14:41 2012 admin, 10.70.12.101, clihistory Thu Sep 27 10:14:48 2012 admin, 10.70.12.101, clihistory --show switch:admin>

cliHistory --show

Using the “--show” argument displays the same results as entering “cliHistory” without any arguments.

cliHistory --showuser <username>

Using the “--showuser <username>” argument displays the command line history of the named user. This argument is available only to Root, Admin, Factory and Securityadmin RBAC roles.

Example cliHistory command output showing username

switch:root> clihistory --showuser admin CLI history Date & Time Message Thu Sep 27 10:14:41 2012 admin, 10.70.12.101, clihistory Thu Sep 27 10:14:48 2012 admin, 10.70.12.101, clihistory --show Thu Sep 27 10:15:00 2012 admin, 10.70.12.101, clihistory swd77:root>

cliHistory --showall

Using the “--showall” argument displays the command line history for all users. With this option, admin/factory/securityadmin users can see the root user command history. This argument is available only to Root, Admin, Factory and Securityadmin RBAC roles.

Example cliHistory showing history of all users

swd77:admin> clihistory --showall CLI history Date & Time Message Thu Sep 27 04:58:00 2012 root, 10.70.12.101, firmwareshow -v Thu Sep 27 04:58:19 2012 root, 10.70.12.101, telnet 127.1.10.1 Thu Sep 27 05:25:45 2012 root, 10.70.12.101, ipaddrshow] Thu Sep 27 05:25:48 2012 root, 10.70.12.101, ipaddrshow swd77:admin>

cliHistory - -help

Using the “-- help” argument displays a list of the available command arguments.

swd77:admin> clihistory --help clihistory usage: clihistory:

Displays the CLI History of the current user

clihistory --show:

Displays the CLI History of the current user

clihistory --showuser <username>:

Displays the CLI History of the given user

clihistory --showall:

Displays the CLI History of all users

clihistory --help:

Displays the command usage

60 Fabric OS Administrator’s Guide

53-1002745-02

Notes:

NOTE

• SSH login CLI logs are not recorded in the command line history.

• The CLI command log will be collected as part of any “supportsave” operation.

The command long record of such an operation will be the equivalent of running “cliHistory --showall”.

• For CLI commands that require a password (Examples: firmwaredownload,

configupload/download, supportsave, and so on), only the command (no arguments) is stored (see below for an illustration).

sw0:FID128:root> firmwaredownload -s -p scp 10.70.4.109,fvt,/dist,pray4green Server IP: 10.70.4.109, Protocol IPv4 Checking system settings for firmwaredownload... Failed to access scp://fvt:**********@10.70.4.109//dist/release.plist

sw0:FID128:root> clihistory Date & Time Message Wed May 23 03:39:37 2012 root, console, firmwaredownload

Password modification

The switch automatically prompts you to change the default account passwords after logging in for the first time. If you do not change the passwords, the switch prompts you after each subsequent login until all the default passwords have been changed.

The default account passwords can be changed from their original values only when prompted immediately following the login; the passwords cannot be changed using the passwd command later in the session. If you skip the prompt, and then later decide to change the passwords, log out and then back in.

The default accounts on the switch are admin, user, root, and factory. Use the “admin” account to log in to the switch for the first time and to perform the basic configuration tasks. The password for all of these accounts is “password”.

There is only one set of default accounts for the entire chassis. The root and factory default accounts are reserved for development and manufacturing. The user account is primarily used for system monitoring. For more information on default accounts, refer to “Default accounts” on page 138.

Default account passwords

The change default account passwords prompt is a string that begins with the message “Please change your passwords now”. User-defined passwords can have from 8 through 40 characters. They must begin with an alphabetic character and can include numeric characters, the period (.), and the underscore ( _ ). They are case-sensitive, and they are not displayed when you enter them on the command line.

Record the passwords exactly as entered and store them in a secure place because recovering passwords requires significant effort and fabric downtime. Although the root and factory accounts are not meant for general use, change their passwords if prompted to do so and save the passwords in case they are needed for recovery purposes.

Fabric OS Administrator’s Guide 61 53-1002745-02

The switch Ethernet interface

Changing the default account passwords at login

Use the following procedure to change the default account passwords:

1. Connect to the switch and log in using the default administrative account.

2. At each of the “Enter new password” prompts, either enter a new password or skip the prompt.

Example output of changing passwords

To skip a single prompt, press Enter. To skip all of the remaining prompts, press Ctrl-C.

login: admin Password: Please change your passwords now. Use Control-C to exit or press 'Enter' key to proceed. for user - root Changing password for root Enter new password: <hidden> Password changed. Saving password to stable storage. Password saved to stable storage successfully. (output truncated)

The switch Ethernet interface

The Ethernet (network) interface provides management access, including direct access to the Fabric OS CLI, and allows other tools, such as Web Tools, to interact with the switch. You can use either Dynamic Host Configuration Protocol (DHCP) or static IP addresses for the Ethernet network interface configuration.

Brocade Backbones

On Brocade Backbones, you must set IP addresses for the following components:

• Both Control Processors (CP0 and CP1)

• Chassis management IP

Brocade switches

On Brocade switches, you must set the Ethernet and chassis management IP interfaces.

Setting the chassis management IP address eliminates the need to know which CP is active and automatically connects the requestor to the currently active CP.

You can continue to use a static Ethernet addressing system or allow the DHCP client to automatically acquire Ethernet addresses. Configure the Ethernet interface IP address, subnet mask, and gateway addresses in one of the following manners:

• Using static Ethernet addresses (refer to “Static Ethernet addresses” on page 64)

• Activating DHCP (refer to “DHCP activation” on page 66)

62 Fabric OS Administrator’s Guide

53-1002745-02

The switch Ethernet interface

NOTE

When you change the Ethernet interface settings, open connections such as SSH or Telnet may be dropped. Reconnect using the new Ethernet IP address information or change the Ethernet settings using a console session through the serial port to maintain your session during the change. You must connect through the serial port to set the Ethernet IP address if the Ethernet network interface is not configured already. For details, refer to “Connecting to Fabric OS through the serial port” on page 56.

Virtual Fabrics and the Ethernet interface

On the Brocade DCX and DCX-4S, the single-chassis IP address and subnet mask are assigned to the management Ethernet ports on the front panels of the CPs. These addresses allow access to the chassis—more specifically, the active CP of the chassis—and not individual logical switches. The IP addresses can also be assigned to each CP individually. This allows for direct communication with a CP, including the standby CP. On the Brocade DCX and DCX-4S Backbones, each CP has two management Ethernet ports on its front panel. These two physical ports are bonded together to create a single, logical Ethernet port, and it is the logical Ethernet port to which IP addresses are assigned.

IPv4 addresses assigned to individual Virtual Fabrics are assigned to IP over Fibre Channel (IPFC) network interfaces. In Virtual Fabrics environments, a single chassis can be assigned to multiple fabrics, each of which is logically distinct and separate from one another. Each IPFC point of connection to a given chassis needs a separate IPv4 address and prefix to be accessible to a management host. For more information on how to set up these IPFC interfaces to your Virtual Fabric, refer to Chapter 10, “Managing Virtual Fabrics”.

Displaying the network interface settings

If an IP address has not been assigned to the network interface (Ethernet), you must connect to the Fabric OS CLI using a console session on the serial port. For more information, see “Console

sessions using the serial port” on page 56. Otherwise, connect using SSH.

Use the following procedure to display the network interface settings:

1. Connect to the switch and log in using an account assigned to the admin role.

2. Enter the ipAddrShow command.

ipAddrShow

Example output for a Brocade Backbone

ecp:admin> ipaddrshow SWITCH Ethernet IP Address: 10.1.2.3 Ethernet Subnetmask: 255.255.240.0

CP0 Ethernet IP Address: 10.1.2.3 Ethernet Subnetmask: 255.255.240.0 Host Name: ecp0 Gateway IP Address: 10.1.2.1

CP1 Ethernet IP Address: 10.1.2.4 Ethernet Subnetmask: 255.255.240.0

Fabric OS Administrator’s Guide 63 53-1002745-02

The switch Ethernet interface

NOTE

Host Name: ecp1 Gateway IP Address: 10.1.2.3

IPFC address for virtual fabric ID 123: 11.1.2.3/24 IPFC address for virtual fabric ID 45: 13.1.2.4/20

Slot 7 eth0: 11.1.2.4/24 Gateway: 11.1.2.1

Backplane IP address of CP0 : 10.0.0.5 Backplane IP address of CP1 : 10.0.0.6

IPv6 Autoconfiguration Enabled: Yes Local IPv6 Addresses: sw 0 stateless fd00:60:69bc:70:260:69ff:fe00:2/64 preferred sw 0 stateless fec0:60:69bc:70:260:69ff:fe00:2/64 preferred cp 0 stateless fd00:60:69bc:70:260:69ff:fe00:197/64 preferred cp 0 stateless fec0:60:69bc:70:260:69ff:fe00:197/64 preferred cp 1 stateless fd00:60:69bc:70:260:69ff:fe00:196/64 preferred cp 1 stateless fec0:60:69bc:70:260:69ff:fe00:196/64 preferred IPv6 Gateways: cp 0 fe80:60:69bc:70::3 cp 0 fe80:60:69bc:70::2 cp 0 fe80:60:69bc:70::1 cp 1 fe80:60:69bc:70::3

If the Ethernet IP address, subnet mask, and gateway address are displayed, then the network interface is configured. Verify the information on your switch is correct. If DHCP is enabled, the network interface information was acquired from the DHCP server.

You can use either IPv4 or IPv6 with a classless inter-domain routing (CIDR) block notation (also known as a network prefix length) to set up your IP addresses.

Static Ethernet addresses

Use static Ethernet network interface addresses on Brocade DCX and DCX-4S Backbones, and in environments where DHCP service is not available. To use static addresses for the Ethernet interface, you must first disable DHCP. You can enter static Ethernet information and disable DHCP at the same time. For more information, refer to “DHCP activation” on page 66.

If you choose not to use DHCP or to specify an IP address for your switch Ethernet interface, you can do so by entering “none” or “0.0.0.0” in the Ethernet IP address field.

On an application blade, configure the two external Ethernet interfaces to two different subnets. If two subnets are not present, configure one of the interfaces and leave the other unconfigured. Otherwise, the following message displays and blade status may go into a faulty state after a reboot.

Neighbor table overflow. print: 54 messages suppressed

64 Fabric OS Administrator’s Guide

53-1002745-02

The switch Ethernet interface

Setting the static addresses for the Ethernet network interface

Use the following procedure to set the Ethernet network interface static addresses:

1. Connect to the switch and log in using an account assigned to the admin role.

2. Perform the appropriate action based on whether you have a switch or Backbone:

• If you are setting the IP address for a switch, enter the ipAddrSet command.

• If you are setting the IP address for a Backbone, enter the ipAddrSet command specifying

either CP0 or CP1. You must set the IP address for both CP0 and CP1.

Example of setting an IPv4 address

switch:admin> ipaddrset Ethernet IP Address [10.1.2.3]: Ethernet Subnetmask [255.255.255.0]: Fibre Channel IP Address [220.220.220.2]: Fibre Channel Subnetmask [255.255.0.0]: Gateway IP Address [10.1.2.1]: DHCP [OFF]: off

Example of setting an IPv6 address on a switch

switch:admin> ipaddrset -ipv6 --add 1080::8:800:200C:417A/64 IP address is being changed...Done.

For more information on setting up an IP address for a Virtual Fabric, refer to Chapter 10,

“Managing Virtual Fabrics”.

3. Enter the network information in dotted-decimal notation for the Ethernet IPv4 address or in semicolon-separated notation for IPv6.

4. Enter the Ethernet Subnetmask at the prompt.

5. The Fibre Channel prompts are not relevant; you can skip them by pressing Enter.

The Fibre Channel IP address is used for management.

6. Enter the Gateway Address at the prompt.

7. Disable DHCP by entering off.

Setting the static addresses for the chassis management IP interface

Use the following procedure to set the chassis management IP interface static addresses:

1. Connect to the switch and log in using an account assigned to the admin role.

2. Enter the ipAddrSet -chassis command.

switch:admin> ipaddrset -chassis Ethernet IP Address [192.168.166.148]: Ethernet Subnetmask [255.255.255.0]: Committing configuration...Done.

3. Enter the network information in dotted-decimal notation for the Ethernet IPv4 address or in semicolon-separated notation for IPv6.

4. Enter the Ethernet Subnet mask at the prompt.

Fabric OS Administrator’s Guide 65 53-1002745-02

The switch Ethernet interface

NOTE

DHCP activation

Some Brocade switches have DHCP enabled by default. Fabric OS support for DHCP functionality is only provided for Brocade fixed-port switches. These are listed in the Preface.

The Brocade DCX and Brocade DCX-4S Backbones do not support DHCP.

The Fabric OS DHCP client supports the following parameters:

• External Ethernet port IP addresses and subnet masks

• Default gateway IP address

The DHCP client uses a DHCP vendor-class identifier that allows DHCP servers to determine that the discover/request packet are coming from a Brocade switch. The vendor-class identifier is the string “BROCADE” followed by the SWBD model number of the platform. For example, the vendor-class identifier for a request from a Brocade 5300 is “BROCADESWBD64.”

The client conforms to the latest IETF Draft Standard RFCs for IPv4, IPv6, and DHCP. DHCP can obtain stateful IPv6 addresses.

Enabling DHCP for IPv4

When you connect a DHCP-enabled switch to the network and power on the switch, the switch automatically obtains the Ethernet IP address, Ethernet subnet mask, and default gateway address from the DHCP server.

The DHCP client can only connect to a DHCP server on the same subnet as the switch. Do not enable DHCP if the DHCP server is not on the same subnet as the switch.

Enabling DHCP after the Ethernet information has been configured releases the current Ethernet network interface settings. These include the Ethernet IP address, Ethernet subnet mask, and gateway IP address. The Fibre Channel IP address and subnet mask are static and are not affected by DHCP; for instructions on setting the FC IP address, see “Static Ethernet addresses” on page 64.

Use the following procedure to enable DHCP for IPv4:

1. Connect to the switch and log in using an account assigned to the admin role.

2. Enter the ipAddrSet command.

ipaddrset

Alternatively, you can enable DHCP for IPv4 by entering “ipaddrset –ipv4 -add -dhcp ON“as a single command. If you do so, you do not need to complete the following steps.

3. If already set up, you can skip the Ethernet IP address, Ethernet subnet mask, Fibre Channel IP address, and Fibre Channel subnet mask prompts by pressing Enter. Otherwise, enter the network information in dotted-decimal notation for the IPv4 address.

4. Enable DHCP by entering on.

66 Fabric OS Administrator’s Guide

53-1002745-02

The switch Ethernet interface

NOTE

5. You can confirm that the change has been made using the ipAddrShow command.

Example of enabling DHCP for IPv4 interactively:

Example of enabling DHCP for IPv4 using a single command:

switch:admin> ipaddrset –ipv4 -add -dhcp ON switch:admin> ipaddrshow SWITCH Ethernet IP Address: 10.20.134.219 Ethernet Subnetmask: 255.255.240.0 Gateway IP Address: 10.20.128.1 DHCP: On switch:admin>

Disabling DHCP for IPv4

When you disable DHCP, enter the static Ethernet IP address and subnet mask of the switch and default gateway address. Otherwise, the Ethernet settings may conflict with other addresses assigned by the DHCP server on the network.

Use the following procedure to disable DHCP for IPv4:

1. Connect to the switch and log in using an account assigned to the admin role.

2. Enter the ipAddrSet command.

ipaddrset

Alternatively, you can disable DHCP for IPv4 by entering “ipaddrset –

ipv4 -add -dhcp OFF

following steps.

3. Enter the network information using IPv4 dotted-decimal notation.

If a static Ethernet address is not available when you disable DHCP, enter 0.0.0.0 at the Ethernet IP address prompt.

4. You can skip the Fibre Channel prompts by pressing Enter.

5. When you are prompted for DHCP[On], disable it by entering off.

“as a single command. If you do so, you do not need to complete the

6. You can confirm that the change has been made using the ipAddrShow command.

Example of disabling DHCP for IPv4 interactively:

switch:admin> ipaddrset Ethernet IP Address [10.1.2.3]: Ethernet Subnetmask [255.255.255.0]: Gateway IP Address [10.1.2.1]:

Fabric OS Administrator’s Guide 67 53-1002745-02

The switch Ethernet interface

Example of disabling DHCP for IPv4 using a single command:

IPv6 autoconfiguration

IPv6 can assign multiple IP addresses to each network interface. Each interface is configured with a link local address in almost all cases, but this address is only accessible from other hosts on the same network. To provide for wider accessibility, interfaces are typically configured with at least one additional global scope IPv6 address. IPv6 autoconfiguration allows more IPv6 addresses, the number of which is dependent on the number of routers serving the local network and the number of prefixes they advertise.

DHCP [On]:off switch:admin>

switch:admin> ipaddrset –ipv4 -add -dhcp OFF switch:admin> ipaddrshow SWITCH Ethernet IP Address: 10.20.134.219 Ethernet Subnetmask: 255.255.240.0 Gateway IP Address: 10.20.128.1 DHCP: Off switch:admin>

There are two methods of autoconfiguration for IPv6 addresses: stateless autoconfiguration and stateful autoconfiguration. Stateless allows an IPv6 host to obtain a unique address using the IEEE 802 MAC address; stateful uses a DHCPv6 server, which keeps a record of the IP address and other configuration information for the host. Whether a host engages in autoconfiguration and which method it uses is dictated by the routers serving the local network, not by a configuration of the host. There can be multiple routers serving the network, each potentially advertising multiple network prefixes. Thus, the host is not in full control of the number of IPv6 addresses that it configures, much less the values of those addresses, and the number and values of addresses can change as routers are added to or removed from the network.

When IPv6 autoconfiguration is enabled, the platform engages in stateless IPv6 autoconfiguration. When IPv6 autoconfiguration is disabled, the platform relinquishes usage of any autoconfigured IPv6 addresses that it may have acquired while it was enabled. This same enable or disable state also enables or disables the usage of a link local address for each managed entity, though a link local address continues to be generated for each nonchassis-based platform and for each CP of a chassis-based platform because those link local addresses are required for router discovery. The enabled or disabled state of autoconfiguration is independent of whether any static IPv6 addresses have been configured.

Setting IPv6 autoconfiguration

Use the following procedure to enable IPv6 autoconfiguration:

1. Connect to the switch and log in using an account with admin permissions.

2. Take the appropriate following action based on whether you want to enable or disable IPv6 autoconfiguration:

• Enter the ipAddrSet -ipv6 -auto command to enable IPv6 autoconfiguration for all

managed entities on the target platform.

• Enter the ipAddrSet -ipv6 -noauto command to disable IPv6 autoconfiguration for all

managed entities on the target platform.

68 Fabric OS Administrator’s Guide

53-1002745-02

Date and time settings

Switches maintain the current date and time inside a battery-backed real-time clock (RTC) circuit that receives the date and time from the fabric’s principal switch. Date and time are used for logging events. Switch operation does not depend on the date and time; a switch with an incorrect date and time value functions properly. However, because the date and time are used for logging, error detection, and troubleshooting, you must set them correctly.

In a Virtual Fabric, there can be a maximum of eight logical switches per Backbone. Only the default switch in the chassis can update the hardware clock. When the date command is issued from a non-principal pre-Fabric OS v6.2.0 or earlier switch, the date command request is dropped by a Fabric OS v6.2.0 and later switch and the pre-Fabric OS v6.2.0 switch or earlier does not receive an error.

Authorization access to set or change the date and time for a switch is role-based. For an understanding of role-based access, refer to “Role-Based Access Control” on page 134.

Setting the date and time

Use the following procedure to set the device date and time:

Date and time settings

1. Connect to the switch and log in using an account assigned to the admin role.

2. Enter the date command, using the following syntax:

date "mmddHHMMyy"

The values represent the following:

• mm is the month; valid values are 01 through 12.

• dd is the date; valid values are 01 through 31.

• HH is the hour; valid values are 00 through 23.

• MM is minutes; valid values are 00 through 59.

• yy is the year, valid values are 00 through 37 and 70 through 99 (year values from 70

through 99 are interpreted as 1970 through 1999, year values from 00 through 37 are interpreted as 2000 through 2037).

Example of showing and setting the date

switch:admin> date Fri Sep 29 17:01:48 UTC 2007 Stealth200E:admin> date "0204101008" Mon Feb 4 10:10:00 UTC 2008

Time zone settings

You can set the time zone for a switch by name. You can specify the setting using country and city or time zone parameters. Switch operation does not depend on a date and time setting. However, having an accurate time setting is needed for accurate logging and audit tracking.

If the time zone is not set with new options, the switch retains the offset time zone settings. The tsTimeZone command includes an option to revert to the prior time zone format. For more information about the tsTimeZone command, refer to the Fabric OS Command Reference.

Fabric OS Administrator’s Guide 69 53-1002745-02

Date and time settings

When you set the time zone for a switch, you can perform the following tasks:

• Display all of the time zones supported in the firmware.

• Set the time zone based on a country and city combination or based on a time zone ID,

such as PST.

The time zone setting has the following characteristics:

• Users can view the time zone settings. However, only those with administrative

permissions can set the time zones.

• The setting automatically adjusts for Daylight Savings Time.

• Changing the time zone on a switch updates the local time zone setup and is reflected in

local time calculations.

• By default, all switches are set to Greenwich Mean Time (0,0). If all switches in a fabric are

in one time zone, it is possible for you to keep the time zone setup at the default setting.

• System services that have already started reflect the time zone changes after the next

reboot.

• Time zone settings persist across failover for high availability.

• Setting the time zone on any dual domain Backbone has the following characteristics:

• Updating the time zone on any switch updates the entire Backbone.

• The time zone of the entire Backbone is the time zone of switch 0.

Setting the time zone

The following procedure describes how to set the time zone for a switch. You must perform the procedure on all switches for which the time zone must be set. However, you only need to set the time zone once on each switch because the value is written to nonvolatile memory.

Use the following procedure to set the device time zone:

1. Connect to the switch and log in using an account assigned to the admin role and with the chassis-role permission.

2. Enter the tsTimeZone command.

• Use tsTimeZone with no parameters to display the current time zone setting.

• Use --interactive to list all of the time zones supported by the firmware.

• Use timeZone_fmt to set the time zone by Country/City or by time zone ID, such as Pacific

Standard Time (PST).

Example of displaying and changing the time zone to US/Central

switch:admin> tstimezone Time Zone : US/Pacific switch:admin> tstimezone US/Central switch:admin> tstimezone Time Zone : US/Central

70 Fabric OS Administrator’s Guide

53-1002745-02

Date and time settings

NOTE

Setting the time zone interactively

Use the following procedure to set the current time zone to PST using interactive mode:

1. Connect to the switch and log in using an account assigned to the admin role and with the chassis-role permission.

2. Enter the tsTimeZone --interactive command.

You are prompted to select a general location.

Please identify a location so that time zone rules can be set correctly.

3. Enter the appropriate number or press Ctrl-D to quit.

4. Select a country location at the prompt.

5. Enter the appropriate number at the prompt to specify the time zone region of Ctrl-D to quit.

Network time protocol

You can synchronize the local time of the principal and primary FCS switch to a maximum of eight external Network Time Protocol (NTP) servers. To keep the time in your SAN current, it is recommended that the principal or primary FCS switch has its time synchronized with at least one external NTP server. The other switches in the fabric automatically take their time from the principal or primary FCS switch, as described in “Synchronizing the local time with an external source.”

All switches in the fabric maintain the current clock server value in nonvolatile memory. By default, this value is the local clock server (LOCL) of the principal or primary FCS switch. Changes to the clock server value on the principal or primary FCS switch are propagated to all switches in the fabric.

In a Virtual Fabric, all the switches in the fabric must have the same NTP clock server configured. This includes any Fabric OS v6.2.0 or earlier switches in the fabric. This ensures that time does not go out of sync in the logical fabric. It is not recommended to have LOCL in the server list.

When a new switch enters the fabric, the time server daemon of the principal or primary FCS switch sends out the addresses of all existing clock servers and the time to the new switch. When a switch enters the fabric, it stores the list and the active servers.

In a Virtual Fabric, multiple logical switches can share a single chassis. Therefore, the NTP server list must be the same across all fabrics.

Synchronizing the local time with an external source

The tsClockServer command accepts multiple server addresses in IPv4, IPv6, or Domain Name System (DNS) name formats. When multiple NTP server addresses are passed, tsClockServer sets the first obtainable address as the active NTP server. The rest are stored as backup servers that can take over if the active NTP server fails. The principal or primary FCS switch synchronizes its time with the NTP server every 64 seconds.

Fabric OS Administrator’s Guide 71 53-1002745-02

Domain IDs

Use the following procedure to synchronize the local time with an external source:

1. Connect to the switch and log in using an account assigned to the admin role.

2. Enter the tsClockServer command.

switch:admin> tsclockserver "ntp1;ntp2"

In this syntax, ntp1 is the IP address or DNS name of the first NTP server, which the switch must be able to access. The second variable, ntp2, is the second NTP server and is optional. The operand “ntp1;ntp2” is optional; by default, this value is LOCL, which uses the local clock of the principal or primary FCS switch as the clock server.

Example of setting the NTP server

switch:admin> tsclockserver LOCL switch:admin> tsclockserver "10.1.2.3"

Example of displaying the NTP server

switch:admin> tsclockserver

10.1.2.3

Example of setting up more than one NTP server using a DNS name

switch:admin> tsclockserver "10.1.2.4;10.1.2.5;ntp.localdomain.net" Updating Clock Server configuration...done. Updated with the NTP servers

Domain IDs

Changes to the clock server value on the principal or primary FCS switch are propagated to all switches in the fabric.

Although domain IDs are assigned dynamically when a switch is enabled, you can change them manually so that you can control the ID number or resolve a domain ID conflict when you merge fabrics.

If a switch has a domain ID when it is enabled, and that domain ID conflicts with another switch in the fabric, the conflict is automatically resolved if the other switch’s domain ID is not persistently set. The process can take several seconds, during which time traffic is delayed. If both switches have their domain IDs persistently set, one of them needs to have its domain ID changed to a domain ID not used within the fabric.

The default domain ID for Brocade switches is 1.

Domain ID issues

Keep the following restrictions in mind when working with domain IDs.

• Do not use domain ID 0. Using this domain ID can cause the switch to reboot continuously.

• Avoid changing the domain ID on the FCS switch in secure mode.

• To minimize downtime, change the domain IDs on the other switches in the fabric.

72 Fabric OS Administrator’s Guide

53-1002745-02

Domain IDs

Displaying the domain IDs

Use the following procedure to display device domain IDs:

1. Connect to the switch and log in using an account assigned to the admin role.

2. Enter the fabricShow command.

Example output of fabric information, including the domain ID (D_ID)

The principal switch is determined by the arrow ( > ) next to the name of the switch. In this output, the principal switch appears in blue boldface.

switch:admin> fabricshow Switch ID Worldwide Name Enet IP Addr FC IP Addr Name

-------------------------------------------------------------------------

2: fffc02 10:00:00:60:69:e0:01:46 10.3.220.1 0.0.0.0 "ras001" 3: fffc03 10:00:00:60:69:e0:01:47 10.3.220.2 0.0.0.0 "ras002" 5: fffc05 10:00:00:05:1e:34:01:bd 10.3.220.5 0.0.0.0 "ras005"

fec0:60:69bc:63:205:1eff:fe34:1bd 6: fffc06 10:00:00:05:1e:34:02:3e 10.3.220.6 0.0.0.0 "ras006" 7: fffc07 10:00:00:05:1e:34:02:0c 10.3.220.7 0.0.0.0 "ras007"

10: fffc0a 10:00:00:05:1e:39:e4:5a 10.3.220.10 0.0.0.0 "ras010" 15: fffc0f 10:00:00:60:69:80:47:74 10.3.220.15 0.0.0.0 "ras015" 19: fffc13 10:00:00:05:1e:34:00:ad 10.3.220.19 0.0.0.0 "ras019"

fec0:60:69bc:63:219:1eff:fe34:1bd

20: fffc14 10:00:00:05:1e:40:68:78 10.3.220.20 0.0.0.0 "ras020" 25: fffc19 10:00:00:05:1e:37:23:c6 10.3.220.25 0.0.0.0 "ras025" 30: fffc1e 10:00:00:60:69:90:04:1e 10.3.220.30 0.0.0.0 "ras030" 35: fffc23 10:00:00:05:1e:07:c7:26 10.3.220.35 0.0.0.0 "ras035" 40: fffc28 10:00:00:60:69:50:06:7f 10.3.220.40 0.0.0.0 "ras040" 45: fffc2d 10:00:00:05:1e:35:10:72 10.3.220.45 0.0.0.0 "ras045" 46: fffc2e 10:00:00:05:1e:34:c5:17 10.3.220.46 0.0.0.0 "ras046" 47: fffc2f 10:00:00:05:1e:02:aa:f7 10.3.220.47 0.0.0.0 "ras047" 50: fffc32 10:00:00:60:69:c0:06:64 10.1.220.50 0.0.0.0 "ras050"

(output truncated)

The Fabric has 26 switches

Tab le 4 displays the fabricShow fields.

TABLE 4 fabricShow fields

Field Description

Switch ID The switch domain_ID and embedded port D_ID. The numbers are broken down as follows:

Example 64: fffc40

64 is the switch domain_ID fffc40 is the hexadecimal format of the embedded port D_ID.

World Wide Name The switch WWN.

Enet IP Addr The switch Ethernet IP address for IPv4- and IPv6-configured switches. For IPv6 switches, only

the static IP address displays.

FC IP Addr The switch Fibre Channel IP address.

Name The switch symbolic or user-created name in quotes.

Fabric OS Administrator’s Guide 73 53-1002745-02

Switch names

NOTE

Setting the domain ID

Use the following procedure to set the domain ID:

1. Connect to the switch and log in on an account assigned to the admin role.

2. Enter the switchDisable command to disable the switch.

3. Enter the configure command.

4. Enter y after the Fabric Parameters prompt.

5. Enter a unique domain ID at the Domain prompt. Use a domain ID value from 1 through 239

6. Respond to the remaining prompts, or press Ctrl-D to accept the other settings and exit.

7. E n t e r t h e switchEnable command to re-enable the switch.

Switch names

Fabric parameters (yes, y, no, n): [no] y

for normal operating mode (FCSW-compatible).

Domain: (1..239) [1] 3

Switches can be identified by IP address, domain ID, World Wide Name (WWN), or by customized switch names that are unique and meaningful.

Restrictions

• Switch names can be from 1 through 30 characters long.

• All switch names must begin with a letter, and can contain letters, numbers, or the underscore

character.

• Switch names must be unique across logical switches.

• Changing the switch name causes a domain address format RSCN to be issued and may be

disruptive to the fabric.

Customizing the switch name

1. Connect to the switch and log in using an account assigned to the admin role.

2. Enter the switchName command and enter a new name for the switch.

syntax: admin> switchname newname

dilbert:FID128:# admin> switchname dogbert Committing configuration... Done. Switch name has been changed.Please re-login into the switch for the change to be applied. dilbert:FID128:# admin>

The prompt does not change to the new switch name until AFTER you re-login.

3. Record the new switch name for future reference.

74 Fabric OS Administrator’s Guide

53-1002745-02

Chassis names

Brocade recommends that you customize the chassis name for each platform. Some system logs identify devices by platform names; if you assign meaningful platform names, logs are more useful. All chassis names supported by Fabric OS v7.0.0 allow 31 characters. Chassis names must begin with an alphabetic character and can include alphabetic and numeric characters, and the underscore ( _ ).

Customizing chassis names

Use the following procedure to customize the chassis name:

1. Connect to the switch and log in using an account assigned to the admin role.

2. Enter the chassisName command.

3. Record the new chassis name for future reference.

Fabric name

ecp:admin> chassisname newname

Chassis names

You can assign a alphanumeric name to identify and manage a logical fabric that formerly could only be identified by a fabric ID. The fabric name does not replace the fabric ID or its usage. The fabric continues to have a fabric ID, in addition to the assigned alphanumeric fabric name.

The following considerations apply to fabric naming:

• Each name must be unique for each logical switch within a chassis; duplicate fabric names are

not allowed.

• A fabric name can be from 1 through 128 alphanumeric characters.

• All switches in a logical fabric must be running Fabric OS v7.1.0. Switches running earlier

versions of the firmware can co-exist in the fabric, but do not show the fabric name details.

• You must have admin permissions to configure the fabric name.

Configuring the fabric name

To set and display the fabric name, use the fabricName command as shown here:

switch:user> fabricname --set myfabric@1

Using the fabricName --set command without a fabric name takes the existing fabric name and synchronizes it across the entire fabric. An error message displays if no name is configured.

To set a fabric name that includes spaces, enclose the fabric name in quotes, as shown here:

switch:user> fabricname --set "my new fabric"

To set a fabric name that includes bash special meta-characters or spaces, use the command fabricName as shown in the following example:

switch:user> fabricname --set 'red fabric $$'

To clear the fabric name, use the fabricName --clear command.

Fabric OS Administrator’s Guide 75 53-1002745-02

Switch activation and deactivation

High availability considerations for fabric names

Fabric names locally configured or obtained from a remote switch are saved in the configuration database, and then synchronized to the standby CP on dual-CP-based systems.

Upgrade and downgrade considerations for fabric names

Fabric names are lost during a firmware downgrade. No default fabric name is provided. If a fabric name is needed, it must be configured after the upgrade.

Config file upload and download considerations for fabric names

A new key, “fabric name” is added to store the user configuration. You can only configure fabric names using config download when the switch is offline.

Switch activation and deactivation

By default, the switch is enabled after power is applied and diagnostics and switch initialization routines have finished. You can disable and re-enable the switch as necessary.

Disabling a switch

Use the following procedure to disable a switch:

1. Connect to the switch and log in using an account assigned to the admin role.

2. Enter the switchDisable command.

All Fibre Channel ports on the switch are taken offline. If the switch is part of a fabric, the fabric is reconfigured.

Enabling a switch

Use the following procedure to enable a switch:

1. Connect to the switch and log in using an account assigned to the admin role.

2. Enter the switchEnable command.

All Fibre Channel ports that passed Power On Self Test (POST) are enabled. If the switch has inter-switch links (ISLs) to a fabric, it joins the fabric.

Switch and Backbone shutdown

To avoid corrupting your file system, you must perform graceful shutdowns of Brocade switches and Backbones.

Warm reboot (also known as graceful shutdown) refers to shutting down the switch or platform by way of the following instructions. Cold boot (also known as a hard boot) refers to shutting down the switch or platform by suddenly shutting down power and powering on again.

76 Fabric OS Administrator’s Guide

53-1002745-02

Switch and Backbone shutdown

NOTE

Powering off a Brocade switch

Use the following procedure to gracefully shut down a Brocade switch.

1. Connect to the switch and log in using an account assigned to the admin role.

2. Enter the sysShutdown command.

3. Enter y at the prompt.

switch:admin> sysshutdown This command will shutdown the operating systems on your switch. You are required to power-cycle the switch in order to restore operation. Are you sure you want to shutdown the switch [y/n]?y

4. Wait until the following message displays:

Broadcast message from root (ttyS0) Wed Jan 25 16:12:09 2006...

The system is going down for system halt NOW !! INIT: Switching to runlevel: 0 INIT: Sending processes the TERM signal Unmounting all filesystems. The system is halted flushing ide devices: hda Power down.

5. Power off the switch.

Powering off a Brocade Backbone

Use the following procedure to power off a Brocade Backbone device:

1. From the active CP in a dual-CP platform, enter the sysShutdown command.

When the sysShutdown command is issued on the active CP, the active CP, the standby CP, and any application blades are all shut down.

2. Enter y at the prompt.

3. Wait until the following message displays:

DCX:FID128:admin> sysshutdown This command will shutdown the operating systems on your switch. You are required to power-cycle the switch in order to restore operation. Are you sure you want to shutdown the switch [y/n]?y HA is disabled Stopping blade 10

Shutting down the blade....

Stopping blade 12

Shutting down the blade....

Broadcast message from root (pts/0) Fri Oct 10 08:36:48 2008...

The system is going down for system halt NOW !!

4. Power off the switch.

Fabric OS Administrator’s Guide 77 53-1002745-02

Basic connections

Before connecting a switch to a fabric that contains switches running different firmware versions, you must first set the same port identification (PID) format on all switches. The presence of different PID formats in a fabric causes fabric segmentation.

• For information on PID formats and related procedures, refer to Chapter 3, “Performing

Advanced Configuration Tasks”.

• For information on configuring the routing of connections, refer to Chapter 4, “Routing Traffic”.

• For information on configuring extended inter-switch connections, refer to Chapter 23,

“Managing Long-Distance Fabrics”.

Device connection

To minimize port logins, power off all devices before connecting them to the switch. When powering the devices back on, wait for each device to complete the fabric login before powering on the next one.

For devices that cannot be powered off, first use the portDisable command to disable the port on the switch, connect the device, and then use the portEnable command to enable the port.

Switch connection

See the hardware reference manual of your specific switch for ISL connection and cable management information. The standard or default ISL mode is L0. ISL mode L0 is a static mode, with the following maximum ISL distances:

• 10 km at 1 Gbps

• 5 km at 2 Gbps

• 2.5 km at 4 Gbps

• 1 km at 8 Gbps

• 1 km at 10 Gbps

• 1 km at 16 Gbps

For more information on extended ISL modes, which enable long distance inter-switch links, refer to

Chapter 23, “Managing Long-Distance Fabrics”.

78 Fabric OS Administrator’s Guide

53-1002745-02

Chapter

Performing Advanced Configuration Tasks

In this chapter

•Port Identifiers (PIDs) and PID binding overview. . . . . . . . . . . . . . . . . . . . . . 79

•Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84

•Blade terminology and compatibility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93

•Enabling and disabling blades . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 96

•Blade swapping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97

•Enabling and disabling switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100

•Power management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101

•Equipment status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 102

•Track and control switch changes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104

•Audit log configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107

•Duplicate PWWN handling during device login . . . . . . . . . . . . . . . . . . . . . . 109

Port Identifiers (PIDs) and PID binding overview

Port identifiers (PIDs, also called Fabric Addresses) are used by the routing and zoning services in Fibre Channel fabrics to identify ports in the network. All devices in a fabric must use the same PID format. When you add new equipment to the SAN, you might need to change the PID format on legacy equipment.

Many scenarios cause a device to receive a new PID; for example, unplugging the device from one port and plugging it into a different port as part of fabric maintenance, or changing the domain ID of a switch, which might be necessary when merging fabrics, or changing compatibility mode settings.

Some device drivers use the PID to map logical disk drives to physical Fibre Channel counterparts. Most drivers can either change PID mappings dynamically, also called dynamic PID binding, or use the WWN of the Fibre Channel disk for mapping, also called WWN binding.

Some older device drivers behave as if a PID uniquely identifies a device; they use static PID binding. These device drivers should be updated, if possible, to use WWN binding or dynamic PID binding instead, because static PID binding creates problems in many routine maintenance scenarios. Fortunately, very few device drivers still behave this way. Many current device drivers enable you to select static PID binding as well as WWN binding. You should only select static PID binding if there is a compelling reason, and only after you have evaluated the effect of doing so.

Fabric OS Administrator’s Guide 79 53-1002745-02

Port Identifiers (PIDs) and PID binding overview

NOTE

Core PID addressing mode

Core PID is the default PID format for Brocade platforms. It uses the entire 24-bit address space of the domain, area ID, and AL_PA to determine an object’s address within the fabric.

The Core PID is a 24-bit address built from the following three 8-bit fields:

• Domain ID, written in hex and the numeric range is from 01–ee (1–239)

• Area ID, written in hex and the numeric range is from 01–ff (1–255)

• AL_PA

For example, if a device is assigned an address of 0f1e00, the following would apply:

• 0f is the domain ID.

• 1e is the area ID.

• 00 is the assigned AL_PA.

From this information, you can determine which switch the device resides on from the domain ID, which port the device is attached to from the area ID, and if this device is part of a loop from the AL_PA number.

For more information on reading and converting hexadecimal, refer to Appendix C, “Hexadecimal

Conversion”.

Fixed addressing mode

Fixed addressing mode is the default addressing mode used in all platforms that do not have Virtual Fabrics enabled. When Virtual Fabrics is enabled on the Brocade Backbone, fixed addressing mode is used only on the default logical switch. With fixed addressing mode enabled, each port has a fixed address assigned by the system based on the port number. This address does not change unless you choose to swap the address using the portSwap command.

10-bit addressing mode

The 10-bit addressing mode is the default mode for all the logical switches created in the Brocade Backbones. This addressing scheme is flexible to support a large number of F_Ports. In the regular 10-bit addressing mode, the portAddress --auto command supports addresses from 0x00 to 0x8F.

The default switch in the Brocade Backbones uses the fixed addressing mode.

The 10-bit addressing mode utilizes the 8-bit area ID and the borrowed upper two bits from the AL_PA portion of the PID. Areas 0x00 through 0x8F use only 8 bits for the port address and support up to 256 NPIV devices. A logical switch can support up to 144 ports that can each support 256 devices. Areas 0x90 through 0xFF use an additional two bits from the AL_PA for the port address. Therefore, these ports support only 64 NPIV devices per port.

10-bit addressing mode provides the following features:

• A PID is dynamically allocated only when the port is first moved to a logical switch and

thereafter it is persistently maintained.

• PIDs are assigned in each logical switch starting with 0xFFC0, and can go to 0x8000 in the

case of 64-port blades.

80 Fabric OS Administrator’s Guide

53-1002745-02

Port Identifiers (PIDs) and PID binding overview

ATTENTION

• Shared area limitations are removed on 48-port and 64-port blades.

• Any port on a 48-port or 64-port blade can support up to 256 NPIV devices (in fixed addressing

mode, only 128 NPIV devices are supported in non-VF mode and 64 NPIV devices in VF mode on a 48-port blade).

• Any port on a 48-port blade can support loop devices.

• Any port on a 48-port or 64-port blade can support hard port zoning.

• Port index is not guaranteed to be equal to the port area ID.

256-area addressing mode

This configurable addressing mode is available only in a logical switch on the Brocade Backbone. In this mode, only 256 ports are supported and each port receives a unique 8-bit area address. This mode can be used in FICON environments, which have strict requirements for 8-bit area FC addresses.

There are two types of area assignment modes in the 256-area addressing mode: zero-based and port-based.

• Zero-based mode assigns areas as ports are added to the logical switch, beginning at area

0x00. When a port is assigned to a logical switch, the next free PID starting from 0x00 is assigned. This mode allows FICON customers to make use of the upper ports of a 48-port or 64-port blade.

• Zero-based mode is supported on the default switch.

• Port-based mode is a bit more complex:

• Port-based mode is not supported on the default switch.

• 48-port cards are supported in port-based addressing mode (mode 2) on both DCX-4S and

8510-4 devices. However, the upper 16 ports of a 64-port card are not supported.The Brocade DCX does not support port-based addressing (mode 2) on the FC8-48 blade, but does support zero-based addressing (mode 1).

• The Brocade DCX-4S supports port-based addressing (mode 2) on the FC8-48 blade.

• The Brocade 8510-4 supports port-based addressing (mode 2) on the FC16-48 blade.

• The Brocade 8510-8 does not support port based addressing (mode 2) on the FC16-48

blade, but does support zero-based addressing (mode 1).

The DCX and 8510-8 Backbones have safeguards that disable all 49 port cards if FMS is enabled.

See the FICON Administrator’s Guide for more details if needed.

Fabric OS Administrator’s Guide 81 53-1002745-02

Port Identifiers (PIDs) and PID binding overview

ATTENTION

NOTE

WWN-based PID assignment

WWN-based PID assignment is disabled by default. When the feature is enabled, bindings are created dynamically; as new devices log in, they automatically enter the WWN-based PID database. The bindings exist until you explicitly unbind the mappings through the CLI or change to a different addressing mode. If there are any existing devices when you enable the feature, you must manually enter the WWN-based PID assignments through the CLI.

This feature also allows you to configure a PID persistently using a device WWN. When the device logs in to the switch, the PID is bound to the device WWN. If the device is moved to another port in the same switch, or a new blade is hot plugged, the device receives the same PID (area) at its next login.

Once WWN-based PID assignment is enabled, you must manually enter the WWN-based PID assignments through the CLI for any existing devices.

When WWN-based PID assignment is enabled, the area assignment is dynamic and does not guarantee any order in the presence of static WWN-area binding or when the devices are moved around.

PID assignments are supported for a maximum of 4096 devices; this includes both point-to-point and NPIV devices. The number of point-to-point devices supported depends on the areas available. For example, 448 areas are available on Backbones and 256 areas are available on switches. When the number of entries in the WWN-based PID database reaches 4096 areas are used up, the oldest unused entry is purged from the database to free up the reserved area for the new FLOGI.

Virtual Fabrics considerations for WWN-based PID assignment

WWN-based PID assignment is disabled by default and is supported in the default switch on the Brocade DCX and DCX 8510 Backbone families. This feature is not supported on application blades such as the FS8-18, FX8-24, and the FCOE10-24. The total number of ports in the default switch must be 256 or less.

When the WWN-based PID assignment feature is enabled and a new blade is plugged into the chassis, the ports for which the area is not available are disabled.

NPIV

If any NPIV devices have static PIDs configured and the acquired area is not the same as the one being requested, the FDISC coming from that device is rejected and the error is noted in the RASlog.

If the NPIV device has Dynamic Persistent PID set, the same AL_PA value in the PID is used. This guarantees NPIV devices get the same PID across reboots and AL_PAs assigned for the device do not depend on the order in which the devices come up. For more information on NPIV, refer to

Chapter 15, “NPIV”.

Enabling automatic PID assignment

To activate the WWN-based PID assignment, you do not need to disable the switch.

82 Fabric OS Administrator’s Guide

53-1002745-02

Port Identifiers (PIDs) and PID binding overview

Use the following procedure to enable automatic PID assignment:

1. Connect to the switch and log in using an account with admin permissions.

2. Enter the configure command.

3. At the Fabric Parameters prompt, type y.

4. At the WWN Based persistent PID prompt, type y.

5. Press Enter to bypass the remaining prompts without changing them.

Example of activating PID assignments

switch: admin> configure Configure...

Fabric parameters (yes, y, no, n): [no] y

WWN Based persistent PID (yes, y, no, n): [no] y System services (yes, y, no, n): [no] ssl attributes (yes, y, no, n): [no] rpcd attributes (yes, y, no, n): [no] cfgload attributes (yes, y, no, n): [no] webtools attributes (yes, y, no, n): [no] Custom attributes (yes, y, no, n): [no] system attributes (yes, y, no, n): [no]

Assigning a static PID

Use the following procedure to assign a static PID:

1. Connect to the switch and log in using an account with admin permissions.

2. Enter the wwnAddress -bind command to assign a 16-bit PID to a given WWN.

Clearing PID binding

Use the following procedure to clear a PID binding:

1. Connect to the switch and log in using an account with admin permissions.

2. Enter the wwnAddress -unbind command to clear the PID binding for the specified WWN.

Showing PID assignments

Use the following procedure to display PID assignments:

1. Connect to the switch and log in using an account with admin permissions.

2. Based on what you want to display, enter the appropriate command:

• wwnAddress –show displays the assigned WWN-PID bindings.

• wwnAddress –findPID wwn displays the PID assigned to the device WWN specified.

Fabric OS Administrator’s Guide 83 53-1002745-02

NOTE

Ports

Ports provide either a physical or virtual network connection point for a device. Brocade devices support a wide variety of ports.

Port Types

The following is a list of port types that may be part of a Brocade device:

• D_Port — A diagnostic port lets an administrator isolate the inter-switch link (ISL) to diagnose

link level faults. This port runs only specific diagnostics tests and does not carry any fabric traffic. Refer to the Fabric OS Troubleshooting and Diagnostics Guide for more information on this port type.

• E_Port — An expansion port that is assigned to ISL links to expand a fabric by connecting it to

other switches. Two connected E_Ports form an Inter-Switch Link (ISL). When E_Ports are used to connect switches, those switches merge into a single fabric without an isolation demarcation point. ISLs are non-routed links.

• EX_Port — A type of E_Port that connects a Fibre Channel router to an edge fabric.

From the point of view of a switch in an edge fabric, an EX_Port appears as a normal E_Port. It follows applicable Fibre Channel standards as other E_Ports. However, the router terminates EX_Ports rather than allowing different fabrics to merge as would happen on a switch with regular E_Ports. An EX_Port cannot be connected to another EX_Port.

• F_Port — A fabric port that is assigned to fabric-capable devices, such as SAN storage devices.

• G_Port — A generic port that acts as a transition port for non-loop fabric-capable devices.

• L_/FL_Port — A loop or fabric loop port that connects loop devices. L_Ports are associated with

private loop devices and FL_Ports are associated with public loop devices.

• M_Port — A mirror port that is configured to duplicate (mirror) the traffic passing between a

specified source port and destination port. This is only supported for pairs of F_Ports. Refer to the Fabric OS Troubleshooting and Diagnostics Guide for more information on port mirroring.

• U_Port — A universal Fibre Channel port. This is the base Fibre Channel port type, and all

unidentified or uninitiated ports are listed as U_Ports.

• VE_Port — A virtual E_Port that is a gigabit Ethernet switch port configured for an FCIP tunnel.

• VEX_Port — A virtual EX_Port that connects a Fibre Channel router to an edge fabric. From the

point of view of a switch in an edge fabric, a VEX_Port appears as a normal VE_Port. It follows the same Fibre Channel protocol as other VE_Ports. However, the router terminates VEX_Ports rather than allowing different fabrics to merge as would happen on a switch with regular VE_Ports.

Backbone port blades

Because Backbones contain interchangeable port blades, their procedures differ from those for fixed-port switches. For example, fixed-port models identify ports only by the port number, while Backbones identify ports by slot/port notation.

For detailed information about the Brocade DCX and DCX 8510 Backbone families, refer to the hardware reference manuals.

84 Fabric OS Administrator’s Guide

53-1002745-02

Ports

NOTE

The different blades that can be inserted into a chassis are described as follows:

• Control processor blades (CPs) contain communication ports for system management, and are

used for low-level, platform-wide tasks.

• Core blades are used for intra-chassis switching as well as interconnecting two Backbones.

• Port blades are used for host, storage, and interswitch connections.

• AP blades are used for Fibre Channel Application Services and Routing Services, FCIP,

Converged Enhanced Ethernet, and encryption support.

On each port blade, a particular port must be represented by both slot number and port number.

The Brocade DCX and DCX 8510-8 each have 12 slots that contain control processor, core, port, and AP blades:

• Slot numbers 6 and 7 contain CPs.

• Slot numbers 5 and 8 contain core blades.

• Slot numbers 1 through 4 and 9 through 12 contain port and AP blades.

The Brocade DCX-4S and DCX 8510-4 each have 8 slots that contain control processor, core, port, and AP blades:

• Slot numbers 4 and 5 contain CPs.

• Slot numbers 3 and 6 contain core blades.

• Slot numbers 1 and 2, and 7 and 8 contain port and AP blades.

When you have port blades with different port counts in the same Backbone (for example, 16-port blades and 32-port blades, or 16-port blades and 18-port blades with 16 FC ports and 2 GbE ports, or 16-port and 48-port blades), the area IDs no longer match the port numbers.

Tab le 6 on page 94 lists the port numbering schemes for the blades.

Configuring two Ethernet ports on one CP8 blade

This feature bonds the two external Ethernet ports of a CP8 blade together as a single logical network interface. This uses an active-standby failover model to provide automatic failover support for the primary Ethernet port on the blade. Basically, if the primary Ethernet port fails (due to something other than power loss), the second Ethernet port immediately takes over to ensure link layer communication is retained

The bonding functions as follows: the bonding driver selects one of the physical ports as an active interface by inspecting the physical link state reported by the PHY. Once this is done, all traffic is transmitted over the active interface. The second interface is set as the standby interface and no traffic is transmitted over it unless the active interface is determined to be no longer connected; at this point the second interface is made active.

When active, all the Fabric OS kernel modules and applications on the CP8 will use this logical network interface named “bond0” instead of “eth0”.

On bootup, physical port eth0 is always made active if it is connected.

Fabric OS Administrator’s Guide 85 53-1002745-02

ATTENTION

Ports

Upgrade and Downgrade considerations

For an upgrade, unless both CP8 external Ethernet ports are upgraded and rebooted, the bonding feature will not be enabled. On a downgrade, the first physical port named eth0 has to be connected for the device to initialize correctly; the bonding feature will not be available.

Supported devices

This feature is available on a CP8 blade when it is installed on a Brocade DCX, Brocade DCX-4S, Brocade DCX 8510-8 or Brocade DCX 8510-4.

Setting up the second Ethernet port on a CP8 blade

To set up the second Ethernet port on a CP8 blade for bonding:

1. Make sure that the speed and link operating mode settings are the same for both eth3 and eth0. See “Setting port modes” on page 90 for instructions on setting port modes, and

“Setting port speeds” on page 92 for instructions on setting port speeds.

2. Physically connect the second Ethernet port to the same network as the primary Ethernet port.

Notes:

• The port speed and duplex mode between these Ethernet ports should always match with both

either set at a fixed speed or both set to autonegotiate.

• The CP8 blade actually contains multiple Ethernet devices, including eth0 and eth3 which map

to the two Ethernet ports on the front of the CP8 blade. Other Ethernet devices on the blade are reserved for use by the operating system.

• The CP blade enables eth0 by default. If errors are encountered on eth0, these are treated the

same as for any other port, except if the error causes the eth0 port to go down. If eth0 goes down, the eth3 interface becomes active (as described above) and will remain active even if eth0 comes back up. The only ways to restore eth0 as the active interface are to:

- Unplug the network cable, wait 5 seconds, and then plug it back in.

- Perform a HA failover routine.

- Take the entire switch down and then power it back up again (see note above).

The second two options will cause a disruptive delay in content delivery.

Setting port names

Perform the following steps to specify a port name. For Backbones, specify the slot number where the blade is installed.

1. Connect to the switch and log in using an account with admin permissions.

2. Enter the portName command.

Example of naming port 0

ecp:admin> portname 1/0 trunk1

86 Fabric OS Administrator’s Guide

53-1002745-02

Ports

ATTENTION

Port identification by slot and port number

The port number is a number assigned to an external port to give it a unique identifier in a switch.

To select a specific port in the Backbones, you must identify both the slot number and the port number using the format slot number/port number. No spaces are allowed between the slot number, the slash (/), and the port number.

Example of enabling port 4 on a blade in slot 2

ecp:admin> portenable 2/4

Port identification by port area ID

The relationship between the port number and area ID depends upon the PID format used in the fabric. When Core PID format is in effect, the area ID for port 0 is 0, for port 1 is 1, and so forth.

For 32-port blades (FC8-32, FC8-32E, FC16-32), the numbering is contiguous up to port 15; from port 16, the numbering is still contiguous, but starts with 128. For example, port 15 in slot 1 has a port number and area ID of 15; port 16 has a port number and area ID of 128; port 17 has a port number and area ID of 129.

For 48-port blades (FC8-48, FC8-48E, FC16-48), the numbering is the same as for 32-port blades for the first 32 ports on the blade. For ports 32 through 47, area IDs are not unique and port index should be used instead of area ID.

For the 64-port blade (FC8-64), the numbering is the same as for 32-port blades for the first 32 ports on the blade. For ports 32 through 64, area IDs are not unique and port index should be used instead of area ID.

If you perform a port swap operation, the port number and area ID no longer match. On 48-port blades, port swapping is supported only on ports 0–15.

To determine the area ID of a particular port, enter the switchShow command. This command displays all ports on the current (logical) switch and their corresponding area IDs.

Port identification by index

With the introduction of 48-port blades, indexing was introduced. Unique area IDs are possible for up to 255 areas, but beyond that there needed to be some way to ensure uniqueness.

A number of fabric-wide databases supported by Fabric OS (including ZoneDB, the ACL DDC, and Admin Domain) allow a port to be designated by the use of a “D,P” (domain,port) notation. While the “P” component appears to be the port number, for up to 255 ports it is actually the area assigned to that port.

Port area schema does not apply to the Brocade DCX-4S and DCX 8510-4 Backbones.

Fabric OS Administrator’s Guide 87 53-1002745-02

ATTENTION

NOTE

ATTENTION

Ports

Configuring a device-switch connection

To configure an 8G (and 8G only) connection between a device and a switch, use the portCfgFillWord command. This command provides the following configuration options:

• Mode Link Init/Fill Word

• Mode 0 IDLE/IDLE

• Mode 1 ARBF/ARBF

• Mode 2 IDLE/ARBF

• Mode 3 If ARBF/ARBF fails use IDLE/ARBF

Although this setting only affects devices logged in at 8G, changing the mode is disruptive regardless of the speed at which the port is operating.

The setting is retained and applied any time an 8G device logs in. Upgrades from prior releases which supported only modes 0 and 1 will not change the existing setting, but switches reset to factory defaults with Fabric OS v6.3.1 or later will be configured to Mode 0 by default. The default setting on new units may vary by vendor.

Modes 2 and 3 are compliant with FC-FS-3 specifications (standards specify the IDLE/ARBF behavior of Mode 2, which is used by Mode 3 if ARBF/ARBF fails after 3 attempts). For most environments, Brocade recommends using Mode 3, as it provides more flexibility and compatibility with a wide range of devices. In the event that the default setting or Mode 3 does not work with a particular device, contact your switch vendor for further assistance.

For more information on using this command, refer to the Fabric OS Command Reference.

Swapping port area IDs

If a device that uses port binding is connected to a port that fails, you can use port swapping to make another physical port use the same PID as the failed port. The device can then be plugged into the new port without the need to reboot the device.

If two ports are changed using the portSwap command, their respective areas and “P” values are exchanged.

For ports that are numbered above 255, the “P” value is actually a logical index. The first 256 ports continue to have an index value equal to the area ID assigned to the port. If a switch is using Core PID format, and no port swapping has been done, the port index value for all ports is the same as the physical port numbers. Using portSwap on a pair of ports will exchange those ports’ area ID and index values.

The portSwap command is not supported for ports above 256.

Use the following procedure to swap the port area IDs of two physical switch ports. In order to swap port area IDs, the port swap feature must be enabled, and both switch ports must be disabled. The swapped area IDs for the two ports remain persistent across reboots, power cycles, and failovers.

Brocade DCX and DCX 8510 Backbone families only: You can swap only ports 0 through 15 on the FC8-48 port blades. You cannot swap ports 16 through 47.

88 Fabric OS Administrator’s Guide

53-1002745-02

Ports

CAUTION

1. Connect to the switch and log in using an account with admin permissions.

2. Enable the portSwapEnable command to enable the feature.

3. Enter the portDisable command on each of the source and destination ports to be swapped.

switch:admin>portdisable 1 ecp:admin>portdisable 1/2

4. Enter the portSwap command.

switch:admin>portswap 1 2 ecp:admin>portswap 1/1 2/2

5. Enter the portSwapShow command to verify that the port area IDs have been swapped.

A table shows the physical port numbers and the logical area IDs for any swapped ports.

6. Enter the portSwapDisable command to disable the port swap feature.

Port activation and deactivation

By default, all licensed ports are enabled. You can disable and re-enable them as necessary. Ports that you activate with the Ports on Demand license must be enabled explicitly, as described in

“Ports on Demand” on page 483.

If ports are persistently disabled and you use the portEnable command to enable a disabled port, the port will revert to being disabled after a power cycle or a switch reboot. To ensure the port remains enabled, use the portCfgPersistentEnable command as shown in the following instructions.

The fabric will be reconfigured if the port you are enabling or disabling is connected to another switch. The switch with a port that has been disabled will be segmented from the fabric and all traffic flowing between it and the fabric will be lost.

Enabling a port

Use the following procedure to enable a port:

1. Connect to the switch and log in using an account with admin permissions.

2. Enter the appropriate command based on the current state of the port and on whether it is necessary to specify a slot number:

• To enable a port that is disabled, enter the command portEnable portnumber or

portEnable slotnumber/portnumber. You can also use the -x option to enter the value in hexadecimal if you prefer. See the Fabric OS Command Reference for more details on this command.

• To enable a port that is persistently disabled, enter the command portCfgPersistentEnable

portnumber or portCfgPersistentEnable slotnumber/portnumber.

If you change port configurations during a switch failover, the ports may become disabled. To bring the ports online, re-issue the portEnable command after the failover is complete.

Fabric OS Administrator’s Guide 89 53-1002745-02

NOTE

Ports

Disabling a port

Use the following procedure to disable a port:

1. Connect to the switch and log in using an account with admin permissions.

2. Enter the appropriate command based on the current state of the port and on whether it is necessary to specify a slot number:

• To disable a port that is enabled, enter the command portDisable portnumber or

portDisable slotnumber/portnumber. You can also use the -x option to enter the value in hexadecimal if you prefer. See the Fabric OS Command Reference for more details on this command.

• To disable a port that is persistently enabled, enter the command

portCfgPersistentDisable portnumber or portCfgPersistentDisable

slotnumber/portnumber.

Port decommissioning

Fabric OS 7.0.0 and later provides an automated mechanism to remove an E_Port or E_Port trunk port from use. This feature identifies the target port and communicates the intention to decommission the port to those systems within the fabric affected by the action. Each affected system can agree or disagree with the action, and these responses are automatically collected before a port is decommissioned.

All members of a trunk group must have an equal link cost value in order for any of the members to be decommissioned. If any member of a trunk group does not have an equal cost, requests to decommission a trunk member will fail and an error reminding the caller of this requirement is produced.

The following restrictions apply to port decommissioning:

• The local switch and the remote switch on the other end of the E_Port must both be running

Fabric OS 7.0.0 or later.

• Port decommissioning is not supported on links configured for encryption or compression.

• Port decommissioning is not supported on ports with DWDM, CWDM, or TDM.

• Port decommissioning requires that the lossless feature is enabled on both the local switch

and the remote switch.

Use the portDecom [slot/]port command to begin the decommission process.

Setting port modes

Ports can be set to use one of three link operating modes: full duplex, half duplex, or autonegotiate, subject to the following conditions and restrictions:

• Changing the link operating mode is not supported for all network interfaces or for all Ethernet

network interfaces. On the CP in a Brocade DCX, DCX-4S, DCX 8510-4, or DCX 8510-8, this command supports eth0 and eth3 as interface parameters. On all other platforms, only eth0 is supported.

90 Fabric OS Administrator’s Guide

53-1002745-02

Ports

ATTENTION

NOTE

• When selecting autonegotiation, you can choose the specific link operating modes that are

advertised to the link partner. At least one mode must be advertised in common by both sides of the link.

• When forcing the link operating mode, both sides of the link must be forced to the same mode.

A link will not work reliably if one side is set to autonegotiate and the other side is set to a forced mode.

• For dual-CP systems, the ifModeSet command affects only the CP you are currently logged in

to. Therefor, to set the link operating mode on the active CP, you must issue this command on the active CP; and to set the mode on the standby CP, you must issue this command on the standby CP. During failover, the mode is retained separately for each CP, because the physical links might be set to operate in different modes.

• Active link operating mode values are confirmed by entering y or yes at the prompt. Entering n

or no deactivates that mode. If the mode selected is the same as the current mode, nothing is changed and the command moves to the next option. If the mode selected differs from the current mode, the change is saved and the command moves to the next option.

Forcing the link to an operating mode not supported by the network equipment to which it is attached might result in an inability to communicate with the system through its Ethernet interface. It is recommended that this command be used only from the serial console port. When used through an interface other than the serial console port, the command displays a warning message and prompts for verification before continuing. This warning is not displayed and you are not prompted when the command is used through the serial console port. See the examples below for illustrations.

This command may be subject to Virtual Fabric or Admin Domain restrictions. Refer to the Fabric OS

Command Reference for details.

Use the following procedure to set the mode of a port:

1. Connect to the switch and log in using an account with admin permissions.

2. Enter the ifModeSet command.

Example of setting the port mode to full autonegotiate

The following example sets the mode for eth3 to autonegotiate, and permits both full and half-duplex modes to be selected at both 10 and 100 Mbps:

switch:admin> ifmodeset eth3 Exercise care when using this command. Forcing the link to an operating mode not supported by the network equipment to which it is attached may result in an inability to communicate with the system through its ethernet interface. It is recommended that you only use this command from the serial console port. Are you sure you really want to do this? (yes, y, no, n): [no] y Proceed with caution. Auto-negotiate (yes, y, no, n): [no] y Advertise 100 Mbps / Full Duplex (yes, y, no, n): [yes] y Advertise 100 Mbps / Half Duplex (yes, y, no, n): [yes] y Advertise 10 Mbps / Full Duplex (yes, y, no, n): [yes] y Advertise 10 Mbps / Half Duplex (yes, y, no, n): [yes] y Committing configuration...done. switch:admin>

Fabric OS Administrator’s Guide 91 53-1002745-02

NOTE

Ports

Example of setting the port mode to 10 Mbps half-duplex operation

To force the link for the eth0 interface from autonegotiation to 10 Mbps half-duplex operation, when entering this command through the serial console port:

switch:admin> ifmodeset eth0 Auto-negotiate (yes, y, no, n): [yes] n Force 100 Mbps / Full Duplex (yes, y, no, n): [no] n Force 100 Mbps / Half Duplex (yes, y, no, n): [no] n Force 10 Mbps / Full Duplex (yes, y, no, n): [no] n Force 10 Mbps / Half Duplex (yes, y, no, n): [no] y Committing configuration...done. switch:admin>

The caution shown in the first example is not displayed when the command is entered using the serial console port

Setting port speeds

Use the following procedure to set port speeds:

1. Connect to the switch and log in using an account with admin permissions.

2. Enter the portCfgSpeed command.

Example of setting the port speed

The following example sets the speed for port 3 on slot 2 to 4 Gbps:

ecp:admin> portcfgspeed 2/3 4 done.

The following example sets the speed for port 3 on slot 2 to autonegotiate:

ecp:admin> portcfgspeed 2/3 0 done.

Setting all ports on a switch to the same speed

Use the following procedure to set all ports on a switch to the same speed:

1. Connect to the switch and log in using an account with admin permissions.

2. Enter the switchCfgSpeed command.

Example of setting the switch speed

The following example sets the speed for all ports on the switch to 8 Gbps:

switch:admin> switchcfgspeed 8 Committing configuration...done.

The following example sets the speed for all ports on the switch to autonegotiate:

switch:admin> switchcfgspeed 0 Committing configuration...done.

92 Fabric OS Administrator’s Guide

53-1002745-02

Blade terminology and compatibility

NOTE

Setting port speed for a port octet

You can use the portCfgOctetSpeedCombo command to configure the speed for a port octet. Be aware that in a Virtual Fabrics environment, this command applies chassis-wide and not just to the logical switch.

Use the following procedure to set the port speed for a port octet:

1. Connect to the switch and log in using an account with admin permissions.

2. Enter the portCfgOctetSpeedCombo command.

Example

The following example configures the ports in the first octet for combination 3 (support autonegotiated or fixed port speeds of 16 Gbps and 10 Gbps):

switch:admin> portcfgoctetspeedcombo 1 3

For information on how encryption and compression can affect port speed, see “Port speed and

encryption/compression enabled ports” on page 401.

Blade terminology and compatibility

Before configuring a chassis, familiarize yourself with the platform CP blade and port blade nomenclature, as well as the port blade compatibilities. Tabl e 5 includes core and CP blade terminology and descriptions. Table 6 on page 94 includes port blade terminology and descriptions.

TABLE 5 Core and CP blade terminology and platform support

Supported on:

Blade Blade ID

(slotshow)

CP8 50 Yes Yes Brocade DCX and DCX 8510 Backbone family control

CORE8 52 Yes

CR4S-8 46 Yes

CR16-8 98 No Yes

CR16-4 99 No Yes

DCX family DCX 8510 family Definition

No A 16-port blade that provides 8 Gbps connectivity

DCX only

No A 16-port blade that provides 8 Gbps connectivity

DCX-4S only

DCX 8510-8 only.

DCX 8510-4 only

processor blade. This CP supports all blades used in the DCX and DCX 8510 Backbone families.

between port blades in the Brocade DCX chassis.

between port blades in the Brocade DCX-4S chassis.

A core blade that has 16x4 QSFPs per blade. It can be connected to another CR16-8 or CR16-4 core blade.

A core blade that has 8x4 QSFPs per blade. It can be connected to another CR16-4 or a CR16-8 core blade.

Fabric OS Administrator’s Guide 93 53-1002745-02

Blade terminology and compatibility

TABLE 6 Port blade terminology, numbering, and platform support

Supported on:

Blade Blade ID

(slotshow)

FC8-16

FC8-32

FC8-32E 125 No Yes 32 8-Gbps port blade supporting 2, 4, and 8 Gbps port speeds.

FC8-48

FC8-48E 126 No Yes 48 8-Gbps port blade supporting 2, 4, and 8 Gbps port speeds.

FC8-64 77 Yes Yes 64 8-Gbps port blade supporting 2, 4, and 8 Gbps port speeds. The Brocade

FC16-32 97 No Yes 32 A 32-port, 16-Gbps port blade supporting 2, 4, 8, 10, and 16 Gbps port

FC16-48 96 No Yes 48 A 48-port, 16-Gbps port blade supporting 2, 4, 8, 10, and 16 Gbps port

FS8-18 68 Yes Yes 16 FC

21 Yes No 16 8-Gbps port blade supporting 1, 2, 4, and 8 Gbps port speeds.

55 Yes No 32 8-Gbps port blade supporting 1, 2, 4, and 8 Gbps port speeds.

51 Yes No 48 8-Gbps port blade supporting 1, 2, 4, and 8 Gbps port speeds.

DCX family DCX 8510

family

Ports Definition

Ports are numbered from 0 through 15 from bottom to top.

Ports are numbered from 0 through 15 from bottom to top on the left set of ports and 16 through 31 from bottom to top on the right set of ports.

Ports are numbered from 0 through 23 from bottom to top on the left set of ports and 24 through 47 from bottom to top on the right set of ports.

DCX and Brocade DCX 8510 Backbone families support loop devices on 64-port blades in a Virtual Fabric-enabled environment. The loop devices can only be attached to ports on a 64-port blade that is not a part of the default logical switch.

Ports are numbered from 0 through 31 from bottom to top on the left set of ports and 32 through 63 from bottom to top on the right set of ports.

speeds.

NOTE: 10 Gbps speed for FC16-xx blades requires the 10G license. Ports are numbered from 0 through 15 from bottom to top on the left set of

ports and 16 through 31 from bottom to top on the right set of ports.

speeds.

NOTE: 10 Gbps speed for FC16-xx blades requires the 10G license. Ports are numbered from 0 through 23 from bottom to top on the left set of ports and 24 through 47 from bottom to top on the right set of ports.

Brocade Encryption blade that provides high performance 32-port

2 GbE

auto-sensing 8-Gbps Fibre Channel connectivity with data cryptographic (encryption/decryption) and data compression capabilities.

Ports are numbered from 0 through 15 from bottom to top. GbE ports are numbered ge0 through ge1 from top to bottom. Going from top to bottom, the 2 GbE ports appear on the top of the blade

followed by the 16 FC ports.

94 Fabric OS Administrator’s Guide

53-1002745-02

TABLE 6 Port blade terminology, numbering, and platform support (Continued)

Supported on:

Blade terminology and compatibility

Blade Blade ID

(slotshow)

FCOE10-24 74 Yes ‘No 24

FX8-24 75 Yes Yes 12 FC

DCX family DCX 8510

family

Ports Definition

An application blade that provides Converged Enhanced Ethernet to bridge 10-GbE DCB ports

10 1-GbE 2 10-GbE

a Fibre Channel and Ethernet SAN.

Ports are numbered from 0 through 11 from bottom to top on the left set of

ports and 12 through 23 from bottom to top on the right set of ports.

Extension blade with 8-Gbps Fibre Channel, FCIP, and 10-GbE technology.

Port numbering on this blade is as follows.

On the left side of the blade going from bottom to top:

• Six FC ports numbered from 0 through 5

• Two 10-GbE ports numbered xge0 and xge1

• Four 1-GbE ports numbered from ge0 through ge3

On the right side of the blade going from bottom to top:

• Six FC ports numbered from 6 through 11

• Six 1-GbE ports numbered from ge4 through ge9

1. The Brocade DCX and DCX-4S support loop devices on this blade in a Virtual Fabrics-enabled environment.

CP blades

The control processor (CP) blade provides redundancy and acts as the main controller on the Brocade Backbone. The Brocade DCX and DCX 8510 Backbone families support the CP8 blades.

The CP blades in the Brocade DCX and DCX 8510 Backbone families are hot-swappable. The CP8 blades are fully interchangeable among Brocade DCX, DCX-4S, DCX 8510-4, and DCX 8510-8 Backbones.

Brocade recommends that each CP (primary and secondary partition) should maintain the same firmware version.

For more information on maintaining firmware in your Backbone, refer to Chapter 9, “Installing and

Maintaining Firmware”.

Core blades

Core blades provide intra-chassis switching and ICL connectivity, between DCX/DCX-4S platforms and between DCX 8510 platforms.

• Brocade DCX supports two CORE8 core blades.

• Brocade DCX-4S supports two CR4S-8 core blades.

• Brocade DCX 8510-8 supports two CR16-8 core blades.

• Brocade DCX 8510-4 supports two CR16-4 core blades.

The core blades for each platform are not interchangeable or hot-swappable with the core blades for any other platform. If you try to interchange the blades they become faulty.

Fabric OS Administrator’s Guide 95 53-1002745-02

Enabling and disabling blades

NOTE

Port and application blade compatibility

Tab le 6 on page 94 identifies which port and application blades are supported for each Brocade

Backbone.

During power up of a Brocade DCX or DCX-4S Backbone, if an FCOE10-24 is detected first before any other AP blade, all other AP and FC8-64 blades are faulted. If a non-FCOE10-24 blade is detected first, then any subsequently-detected FCOE10-24 blades are faulted. Blades are powered up starting with slot 1.

The maximum number of intelligent blades supported on a Brocade DCX or DCX 8510-8 is eight.

The maximum number of intelligent blades supported on a Brocade DCX-4S or DCX 8510-4 is four.

Tab le 7 lists the maximum supported limits of each blade for a specific Fabric OS release. Software

functions are not supported across application blades.

TABLE 7 Blade compatibility within Brocade Backbone families

Intelligent blade Fabric OS v6.3.0 Fabric OS v6.4.0 Fabric OS v7.0.0

DCX DCX-4S DCX DCX-4S DCX DCX-4S DCX 8510-8 DCX 8510-4

FS8-18 4 4 4 4 4 4 4 4

FCOE10-24

FX8-24

1. Not compatible with other application blades or with the FC8-64 in the same chassis.

2. The hardware limit is enforced by software.

22 2 2 44 0 0

24 4 4 44 4 4

FX8-24 compatibility notes

Follow these guidelines when using an FX8-24 in the Brocade DCX and DCX-4S Backbones:

• Brocade 7500 GbE ports cannot be connected to either the FX8-24 or Brocade 7800 GbE

ports. The ports may come online, but they will not communicate with each other.

• If an FX8-24 blade is replaced by another FX8-24 blade, the previous IP configuration data

would be applied to the new FX8-24.

• The FX8-24 and FS8-18 blades cannot co-exist with the FCOE10-24 blade.

Enabling and disabling blades

Port blades are enabled by default. In some cases, you will need to disable a port blade to perform diagnostics. When diagnostics are executed manually (from the Fabric OS command line), many commands require the port blade to be disabled. This ensures that diagnostic activity does not interfere with normal fabric traffic.

If you need to replace an application blade with a different application blade, there may be extra steps you need to take to ensure that the previous configuration is not interfering with your new application blade.

96 Fabric OS Administrator’s Guide

53-1002745-02

Blade swapping

Enabling blades

Use the following procedure to enable a blade:

1. Connect to the switch and log in using an account with admin permissions.

2. Enter the bladeEnable command with the slot number of the port blade you want to enable.

ecp:admin> bladeenable 3 Slot 3 is being enabled

FC8-48, FC8-48E, FC8-64, and FC16-48 port blade enabling exceptions

Because the area IDs are shared with different port IDs, the FC8-48, FC8-48E, FC8-64, and FC16-48 blades support only F_ and E_Ports. They do not support FL_Ports.

Port swapping on an FC8-48, FC8-48E, FC8-64, and FC16-48 is supported only on ports 0–15. For the FC8-32, FC8-32E, and FC16-32 port blades, port swapping is supported on all 32 ports. This means that if you replace a 32-port blade where a port has been swapped on ports 16–31 with a 48-port blade, the 48-port blade faults. To correct this, reinsert the 32-port blade and issue portSwap to restore the original area IDs to ports 16–31.

Disabling blades

Use the following procedure to disable a blade:

1. Connect to the switch and log in using an account with admin permissions.

2. Enter the bladeDisable command with the slot number of the port blade you want to disable.

ecp:admin> bladedisable 3 Slot 3 is being disabled

Blade swapping

Blade swapping allows you to swap one blade with another of the same type; in this way, you can replace a FRU with minimal traffic disruption. The entire operation is accomplished when the bladeSwap command runs on the Fabric OS. The Fabric OS then validates each command before actually implementing the command on the Backbone. If an error is encountered, the blade swap quits without disrupting traffic flowing through the blades. If an unforeseen error does occur during the bladeSwap command, an entry will be made into the RASlog and all ports that have been swapped as part of the blade swap operation will be swapped back. On successful completion of the command, the source and destination blades are left in a disabled state, allowing you to complete the cable move.

Blade swapping is based on port swapping and has the same restrictions:

• Shared area ports cannot be swapped.

• Ports that are part of a trunk group cannot be swapped.

• GbE ports cannot be swapped.

• Swapping ports between different logical switches is not supported. The ports on the source

and destination blades must be in the same logical switch.

• Undetermined board types cannot be swapped. For example, a blade swap will fail if the blade

type cannot be identified.

Fabric OS Administrator’s Guide 97 53-1002745-02

Blade swapping

• Blade swapping is not supported when swapping to a different model of blade or a different

port count. For example, you cannot swap an FC8-32 blade with an FC8-48 port blade.

How blades are swapped

The bladeSwap command performs the following operations:

1. Blade selection

The selection process includes selecting the switch and the blades to be affected by the swap operation. Figure 2 shows the source and destination blades identified to begin the process.

FIGURE 2 Identifying the blades

2. Blade validation

The validation process includes determining the compatibility between the blades selected for the swap operation:

• Blade technology. Both blades must be of compatible technology types (for example, Fibre

Channel to Fibre Channel, Ethernet to Ethernet, application to application, and so on).

• Port count. Both blades must support the same number of front ports (for example, 16

ports to 16 ports, 32 ports to 32 ports, 48 ports to 48 ports, and so on).

• Availability. The ports on the destination blade must be available for the swap operation

and not attached to any other devices.

3. Port preparation

The process of preparing ports for a swap operation includes basic operations such as ensuring the source and destination ports are offline, or verifying that none of the destination ports have failed.

98 Fabric OS Administrator’s Guide

53-1002745-02

Blade swapping

The preparation process also includes any special handling of ports associated with logical switches. For example Figure 3 shows the source blade has ports in a logical switch or logical fabric, then the corresponding destination ports must be included in the associated logical switch or logical fabric of the source ports.

FIGURE 3 Blade swap with Virtual Fabrics during the swap

4. Port swapping

The swap ports action is effectively an iteration of the portSwap command for each port on the source blade to each corresponding port on the destination blade.

In Figure 4 shows Virtual Fabrics, where the blades can be carved up into different logical switches as long as they are carved the same way. If slot 1 and slot 2 ports 0-7 are all in the same logical switch, then blade swapping slot 1 to slot 2 will work. The entire blade does not need to be in the same partition.

Fabric OS Administrator’s Guide 99 53-1002745-02

Enabling and disabling switches

FIGURE 4 Blade swap with Virtual Fabrics after the swap

Swapping blades

Use the following procedure to swap blades:

1. Connect to the Backbone and log in using an account with admin permissions.

2. Enter the bladeSwap command.

If no errors are encountered, the blade swap will complete successfully. If errors are encountered, the command is interrupted and the ports are set back to their original configurations.

3. Once the command completes successfully, move the cables from the source blade to the destination blade.

4. Enter the bladeEnable command on the destination blade to enable all user ports.

Enabling and disabling switches

Switches are enabled by default. In some cases, you may need to disable a switch to perform diagnostics. This ensures that diagnostic activity does not interfere with normal fabric traffic.

Use the following procedure to disable a switch:

1. Connect to the Backbone and log in using an account with admin permissions.

2. Enter the command switchCfgPersistentDisable --setdisablestate.

This sets the switch to the disabled state without actually disabling it. However, on reset, the switch will be in a disabled state, and will need to be enabled.

100 Fabric OS Administrator’s Guide

53-1002745-02

Brocade Communications Systems 53-1002745-02 User Manual

Specifications and Main Features

Frequently Asked Questions

User Manual

Contents (High Level)

Contents

Figures

Tables

About This Document

How this document is organized

Supported hardware and software

What’s new in this document

Document conventions

Notice to the reader

Additional information

Getting technical help

Document feedback

Understanding Fibre Channel Services

Fibre Channel services overview

Management server

Platform services

Management server database

Platform services and Virtual Fabrics

Enabling platform services

Disabling platform services

Displaying the management server ACL

Adding a member to the ACL

Deleting a member from the ACL

Viewing the contents of the management server database

Clearing the management server database

Topology discovery

Displaying topology discovery status

Enabling topology discovery

Disabling topology discovery

Device login

Principal switch

E_Port login process

Fabric login process

Port login process

RSCNs

Duplicate Port World Wide Name

Device recovery

High availability of daemon processes

Performing Basic Configuration Tasks

Fabric OS overview

Fabric OS command line interface

Notes

Console sessions using the serial port

Connecting to Fabric OS through the serial port

Telnet or SSH sessions

Rules for Telnet connections

Connecting to Fabric OS using Telnet

Getting help on a command

Viewing a history of command line entries

Password modification

Default account passwords

The switch Ethernet interface

Changing the default account passwords at login

Brocade Backbones

Brocade switches

Virtual Fabrics and the Ethernet interface

Displaying the network interface settings

Static Ethernet addresses

Setting the static addresses for the Ethernet network interface

Setting the static addresses for the chassis management IP interface

DHCP activation

Enabling DHCP for IPv4

Disabling DHCP for IPv4

IPv6 autoconfiguration

Setting IPv6 autoconfiguration

Date and time settings

Setting the date and time

Time zone settings

Setting the time zone

Setting the time zone interactively

Network time protocol

Synchronizing the local time with an external source

Domain IDs

Domain ID issues

Displaying the domain IDs