How it Works
Cisco
Loading...
DS-C9216I-K9
Configuration Manual
436 pgs6.08 Mb0

Cisco DS-C9216I-K9 Configuration Manual

Download
Page 1
Corporate Headquarters
Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000
800 553-NETS (6387)
Fax: 408 526-4100
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
March 2004
Text Part Number: OL-7753-01
Page 2
THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.
THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY.
The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB’s public domain version of the UNIX operating system. All rights reserved. Copyright © 1981, Regents of the University of California.
NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS” WITH ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE.
IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
Copyright © 2004-2005, Cisco Systems, Inc. All rights reserved.
CCSP, CCVP, the Cisco Square Bridge logo, Follow Me Browsing, and StackWise are trademarks of Cisco Systems, Inc.; Changing the Way We Work, Live, Play, and Learn, and iQuick Study are service marks of Cisco Systems, Inc.; and Access Registrar, Aironet, ASIST, BPX, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Empowering the Internet Generation, Enterprise/Solver, EtherChannel, EtherFast, EtherSwitch, Fast Step, FormShare, GigaDrive, GigaStack, HomeLink, Internet Quotient, IOS, IP/TV, iQ Expertise, the iQ logo, iQ Net Readiness Scorecard, LightStream, Linksys, MeetingPlace, MGX, the Networkers logo, Networking Academy, Network Registrar, Pac k et , PIX, Post-Routing, Pre-Routing, ProConnect, RateMUX, ScriptShare, SlideCast, SMARTnet, StrataView Plus, TeleRouter, The Fastest Way to Increase Your Internet Quotient, and TransPath are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
All other trademarks mentioned in this document or Website are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0502R)
Page 3
iii
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
CONTENTS
Preface xxvii
Audience xxvii
Organization xxvii
Conventions xxx
Obtaining Documentation xxxi
Cisco.com xxxi Documentation DVD xxxi Ordering Documentation xxxi
Documentation Feedback xxxii
Cisco Product Security Overview xxxii
Reporting Security Problems in Cisco Products xxxii
Obtaining Technical Assistance xxxiii
Cisco Technical Support Website xxxiii Submitting a Service Request xxxiii Definitions of Service Request Severity xxxiv
Obtaining Additional Publications and Information xxxiv
New and Changed Information xxxvii
CHAPTER
1 Product Overview 1-1
Hardware Overview 1-1
Cisco MDS 9216 Fabric Switch 1-2 Cisco MDS 9500 Modular Directors 1-2 Cisco MDS 9100 Series Fixed Configuration Fabric Switches 1-3
Software Features 1-4
Licensing 1-4 High Availability 1-4 Switch Reliability 1-4 Virtual SANs 1-5 Intelligent Zoning 1-5 Inter-VSAN Routing 1-5 Trunking 1-6 PortChannels 1-6 IP Services 1-6
Page 4
Contents
iv
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
IP Storage 1-7 Call Home 1-7 QoS and Congestion Control 1-7 SPAN and RSPAN 1-8 Switch Management Features 1-8
Redundant Supervisor Module Management 1-8 Fabric Management 1-9 Security Management 1-9
Tools for Software Configuration 1-10
CLI 1-10 Cisco MDS 9000 Fabric Manager 1-11
CHAPTER
2 Getting Started with Cisco Fabric Manager 2-1
Managing Cisco MDS 9000 Switches 2-2
Storage Management Solutions Architecture 2-3
In-Band Management and Out-of-Band Management 2-4
MGMT0 2-4 IPFC 2-4
Installing the Applications 2-5
Launching the Applications 2-6
Using the Management Services Wizard 2-7
A Note on Ports 2-7
CHAPTER
3 Overview of Fabric Manager 3-1
Launching Cisco Fabric Manager 3-1
Using Fabric Manager 3-2
Menu Bar, Toolbars, and Status Bar 3-3 Logical/Physical Pane 3-3 Information Pane 3-4 Map Pane 3-4
Discovering and Viewing the Network Fabric 3-7
Controlling Administrator Access with Users and Roles 3-7
Modifying Device Grouping 3-7
Setting Fabric Manager Preferences 3-8
Viewing Reports in Fabric Manager 3-9
Using Device Manager 3-10
Launching Device Manager from Fabric Manager 3-10 Using Summary View 3-11
Page 5
Contents
v
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Comparing Device Manager to Fabric Manager 3-12 Performing Device Management 3-13 Managing Ports 3-13 Setting Device Manager Preferences 3-14
Using Performance Manager 3-14
Performance Manager Architecture 3-14 Creating a PM Configuration File 3-14 Collecting the Data 3-15 Presenting the Collected Data 3-15 Exporting and Importing Data 3-16 Integration with Cisco Traffic Analyzer 3-16
Configuring PM for Use with Cisco Traffic Analyzer 3-16
Stopping Data Collection 3-19
Exporting Data Collection to XML Files 3-19
Removing Data Collection Files from the List 3-19
CHAPTER
4 Before You Begin 4-1
About Flash Devices 4-1
Internal bootflash: 4-2 External CompactFlash (Slot0) 4-2
Switch Roles 4-2
Using Valid Formats and Ranges 4-2
CHAPTER
5 Obtaining and Installing Licenses 5-1
License Terminology 5-1
Licensing Model 5-2
Licensing High Availability 5-4
Options to Install a License 5-4
Obtaining a Factory-Installed License 5-4
Performing a Manual Installation 5-5
Obtaining License Key Files 5-5
Installing Licenses 5-6
Installing Licenses Using Fabric Manager License Wizard 5-6 Installing Licenses Using Device Manager 5-8
Viewing License Information in Fabric Manager 5-8
Viewing License Information in Device Manager 5-9
Removing Licenses 5-9
Page 6
Contents
vi
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Updating Licenses 5-10
License Expiry Alerts 5-10
Moving Licenses Between Switches 5-11
CHAPTER
6 Initial Configuration 6-1
NTP Configuration 6-1
NTP Configuration Guidelines 6-2
Display General NTP Statistics for a Switch 6-3
Create an NTP Server or Peer 6-3
Edit an NTP Server or Peer Configuration 6-4
Delete an NTP Server or Peer 6-4
CHAPTER
7 Configuring High Availability 7-1
About High Availability 7-1
Switchover Mechanisms 7-2
HA Switchover 7-2
Process Restartability 7-2
Synchronizing Supervisor Modules 7-2
HA Redundancy States 7-2
CHAPTER
8 Software Images 8-1
About Software Images 8-1
Essential Upgrade Prerequisites 8-2
Using the Software Install Wizard 8-3
Maintaining Supervisor Modules 8-4
Standby Supervisor Boot Variable Version 8-4 Standby Supervisor Boot Alert 8-5
Replacing Modules 8-5
Recovering a Corrupted Bootflash 8-5
Default Factory Settings 8-5
CHAPTER
9 Managing Modules 9-1
About Modules 9-1
Supervisor Modules 9-1 Switching Modules 9-2
Viewing the State of a Module 9-2
Identifying Module LEDs 9-3
Page 7
Contents
vii
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Configuring EPLDs 9-5
Default Supervisor Module Settings 9-6
CHAPTER
10 Managing System Hardware 10-1
Configuring Power Supplies 10-1
Guidelines for Power Supplies with Different Capacities 10-1 Guidelines for Power Supplies with Different Capacities 10-3 Managing Power Supplies 10-4
Displaying Module Temperature 10-5
Monitoring Fan Modules 10-6
Monitoring Clock Modules 10-6
Viewing System Attributes 10-6
Viewing Running Processes 10-6
Viewing Flash File Information 10-7
Managing Inventory Information 10-7
Managing Module Attributes 10-7
10-7
CHAPTER
11 Configuring and Managing VSANs 11-1
How VSANs Work 11-2
VSANs Versus Zones 11-4
Default and Isolated VSANs 11-5
Default VSANs 11-5 Isolated VSANs 11-5
VSAN Membership 11-6
VSAN Attributes 11-6
Operational State of a VSAN 11-6
Adding and Configuring VSANs 11-7
Deleting VSANs 11-7
Default Settings 11-8
CHAPTER
12 Configuring Interfaces 12-1
Configuring Fibre Channel Interfaces 12-1
About Interface Modes 12-2
E Port 12-2 F Port 12-2 FL Port 12-3
Page 8
Contents
viii
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
TL Port 12-3 TE Port 12-3 SD Port 12-3 ST Port 12-4 Fx Port 12-4 B Port 12-4 Auto Mode 12-4
About Interface States 12-4
Administrative States 12-4 Operational States 12-5
Reason Codes 12-5 Configuring TL Port ALPA Caches 12-8 Configuring Buffer-to-Buffer Credits 12-8 Configuring Performance Buffers 12-8 Configuring the Beacon Mode 12-9 Identifying the Beacon LEDs 12-9 Configuring Switch Port Defaults 12-10
Default Settings 12-10
Configuring VSAN Interfaces 12-10
Configuring Gigabit Ethernet Interfaces 12-11
Enabling or Disabling Ports 12-11
Managing Interface Attributes for Ports 12-11
CHAPTER
13 Configuring Trunking 13-1
About Trunking 13-1
About Trunking Protocol 13-2
Configuring Trunk Modes 13-2
Configuring Trunk-Allowed VSAN List 13-2
Trunking Configuration Guidelines 13-4
Default Settings 13-5
CHAPTER
14 Configuring PortChannels 14-1
PortChannel Examples 14-1
Configuring 32-port Switching Modules and Host-Optimized Ports 14-2 Managing Physical Attributes for a Port 14-2 Viewing Port Capability Attributes 14-3
About PortChanneling and Trunking 14-3
Managing PortChannel General Attributes 14-4
Page 9
Contents
ix
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Managing PortChannel Interface Attributes 14-4 Quiescing/Disabling Port Channel Members 14-4
About Load Balancing 14-5
Considerations for PortChannel Configurations 14-6
Error Detection 14-6
Default Settings 14-7
CHAPTER
15 Configuring and Managing Zones 15-1
Zoning Features 15-2
Zoning Example 15-3
Configuring a Zone 15-4
Creating Zones 15-4
Creating Additional Zones 15-4
Cloning Zones 15-5 Adding Zone Members 15-5 Displaying Port Membership Information 15-6 Viewing Zone Statistics 15-6 Deleting Zones and Members 15-6
Configuring Aliases 15-6
Creating Zones with Aliases 15-7 Viewing Aliases 15-7
Zone Sets 15-7
Active and Full Zone Set Considerations 15-8 Distributing Zone Sets 15-10 Copying Zone Sets 15-10 Creating Zone Sets 15-10
Creating Additional Zone Sets 15-10
Cloning Zone Sets 15-11 Adding Zones to a Zone Set 15-11 Activating or Enforcing Zone Sets 15-11 Deactivating Zone Sets 15-12 Importing Active Zone Sets 15-12 Exporting Active Zone Sets 15-12 Deleting Zone Sets or Members 15-12 Clearing the Zone Database 15-13 Recovering a Full Zone Database 15-13 Performing Zone Merge Analysis 15-13
Zone Enforcement 15-14
Page 10
Contents
x
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
The Default Zone 15-14
Setting Default Zone Policy 15-15 Changing the Default Zone Policy 15-15
Recovering from Link Isolation 15-15
LUN Zoning 15-16
Assigning LUNs to Storage Subsystems 15-17
Read-Only Zoning 15-17
Guidelines to Configure Read-Only Zones 15-17
Default Settings 15-18
Migrating a Non-MDS Database 15-18
Using the Zone Wizard 15-18
CHAPTER
16 Configuring Inter-VSAN Routing 16-1
About IVR 16-1
IVR Features 16-2
IVR Terminology 16-2
IVR Guidelines 16-3
Domain ID Guidelines 16-3 Transit VSANs Guidelines 16-3 Border Switch Guidelines 16-3
Configuring IVR 16-4
Unique Domain ID Configuration Options 16-4 Enabling IVR 16-4
Configuring an IVR Topology 16-4
Creating an IVR Topology 16-4
Creating IVR Zones and Zone Sets 16-5 Creating Additional IVR Zones and Zone Sets 16-5 Activating IVR Zone Sets 16-6
Deactivating IVR Zone Sets 16-6 Recovering an IVR Full Zone Database 16-6 Recovering an IVR Full Topology 16-7 IVR Interoperability 16-7 IVR Using LUN Zoning or Read-Only Zoning 16-7
Creating IVZs and IVZSs 16-7
Zones versus IVZs 16-8 Automatic IVZ Creation 16-8
Configuring and Activating IVZs and IVZSs 16-9
Using the force Option 16-9
Page 11
Contents
xi
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Clearing the IVZ Database 16-9
Using the Zone Wizard 16-10
CHAPTER
17 Managing FLOGI, Name Server, FDMI, and RSCN Databases 17-1
Displaying FLOGI Details 17-1
Configuring the Name Server Proxy Feature 17-2
Displaying Name Server Database Entries 17-2
Displaying FDMI 17-2
Displaying RSCN Information 17-2
Sending RSCNs 17-3
Viewing General Attributes for the Name Server 17-3
Viewing Advanced Attributes for the Name Server 17-3
Proxy Ports for the Name Server 17-3
Viewing Name Server Statistics 17-4
Viewing RSCN Nx Registrations 17-4
Viewing RSCN Statistics 17-4
Viewing FLOGI Attributes 17-4
Viewing Port ELP Attributes 17-5
Viewing Trunk Configuration 17-5
CHAPTER
18 Configuring Switch Security 18-1
Switch Management Security 18-2
SNMP Security 18-2 CLI Security 18-2
Switch AAA Functionalities 18-2
Authentication 18-3 Authorization 18-3 Accounting 18-3 Remote Authentication by AAA Servers 18-3 Remote Authentication Guidelines 18-3 Server Groups 18-4 AAA Service Configuration Options 18-4
Configuring RADIUS 18-4
About RADIUS 18-5 Configuring RADIUS Authentication 18-5 Configuring RADIUS Servers 18-5 Setting the RADIUS Server Address 18-5
Page 12
Contents
xii
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Setting the RADIUS Preshared Key 18-6 Setting Iterations of the RADIUS Server 18-6 Defining Vendor-Specific Attributes 18-6
VSA Format 18-6
Configuring TACACS+ 18-7
About TACACS+ 18-7 Advantages of TACACS+ 18-7 Enabling TACACS+ 18-8 Setting the TACACS+ Server Address 18-8 Setting the Secret Key 18-8 Setting the Timeout Value 18-8 Defining Custom Attributes for Roles 18-8
Configuring Server Groups 18-9
Local AAA 18-9
Authentication and Authorization Process 18-9
Configuring Role-Based CLI Authorization 18-11
Configuring Rules and Features for Each Role 18-11 Configuring the VSAN Policy 18-12
Recovering Administrator Password 18-12
Configuring SSH Services 18-12
Enabling SSH Service 18-13 Generating an SSH Host Key Pair 18-13
Using the force Option 18-13
About SNMP Security 18-13
SNMP Version 1 and Version 2c 18-14
Adding a Community String 18-14
Deleting a Community String 18-14 SNMP Version 3 18-14 Adding SNMP Users 18-15 Deleting SNMP Users 18-15 Configuring and Creating SNMP User Roles 18-15 Viewing SNMP Community and User Information 18-16 Group-Based SNMP Access 18-16 Configuring Common Roles 18-16
Creating and Modifying Users 18-17
Creating Common Roles 18-18
Editing Common Role Rules (Device Manager Only) 18-19
Deleting Common Roles 18-19 Assigning Users to Roles 18-19
Page 13
Contents
xiii
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Default Security Settings 18-20
Restricting Switch Access 18-21
CHAPTER
19 Configuring Fabric Security 19-1
About Fabric Authentication 19-1
About DHCHAP 19-2
DHCHAP Compatibility with Existing MDS Features 19-2
Configuring DHCHAP Authentication 19-3
Enabling DHCHAP 19-3
Configuring DHCHAP Authentication Modes 19-3
Configuring the DHCHAP Hash Algorithm 19-4
Configuring DHCHAP Groups 19-4
Configuring DHCHAP Passwords 19-4
Configuring Passwords for Other Devices 19-5
Configuring the DHCHAP Timeout Value 19-5
Default Fabric Security Settings 19-5
CHAPTER
20 Configuring Port Security 20-1
Port Security Features 20-1
Enforcing Port Security 20-1 Configuring a Port Binding 20-2 Copying an Active Configuration to the Running Configuration 20-2 Deleting a Port Binding 20-3
About Auto-Learn 20-3
Activating Port Security 20-3
Activating a Port Binding 20-3
Displaying Activated Port Bindings 20-4 Configuring Auto-Learning 20-4 Authorization Scenario 20-5 Turning Auto-Learning On or Off 20-6
Manually Configuring Port Security 20-7
Identifying WWNs to Configure Port Security 20-7 Securing Authorized Ports 20-7 Activating the Port Security Database 20-7
Forcing Port Security Activation 20-8
Reactivating the Database 20-8
Database Scenarios 20-8
Page 14
Contents
xiv
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Displaying Port Security Statistics 20-9
Displaying Port Security Violations 20-9
Default Port Security Settings 20-9
CHAPTER
21 Configuring Fibre Channel Routing Services and Protocols 21-1
FSPF Features 21-2
FSPF Examples 21-2
Fault Tolerant Fabric 21-2 Redundant Links 21-3
Fail-over Scenarios for PortChannels and FSPF Links 21-3
Configuring FSPF Globally 21-4
Managing FSPF General Attributes 21-4 Disabling FSPF Routing Protocols 21-4 Link State Record Defaults 21-4 Viewing Link State Records 21-5 Viewing FSPF Links 21-5
Configuring FSPF for a Specific Interface 21-5
Configuring FSPF Interfaces 21-6 Computing Route Cost 21-6 Specifying Hello Time Intervals 21-6 Specifying Dead Intervals 21-6 Disabling FSPF for Specific Interfaces 21-6 Retransmitting Intervals 21-6 Viewing FSPF Interface Statistics 21-7
Configuring Fibre Channel Routes 21-7
Configuring Fibre Channel Route Flows 21-7
Broadcast Routing 21-8
In-Order Delivery 21-8
Reordering Network Frames 21-8 Reordering PortChannel Frames 21-9 Enabling In-Order Delivery 21-10
Configuring Flow Statistics 21-10
Viewing FSPF Statistics 21-10
Default Settings 21-10
CHAPTER
22 Configuring IP Services 22-1
Traffic Management Services 22-2
Configuring the Ethernet Management Port 22-2
Page 15
Contents
xv
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Configuring the Default Gateway 22-3
Configuring the Default Network 22-4
Configuring an IP Route 22-4
IP Access Control Lists 22-4
IP-ACL Configuration Guidelines 22-4 Creating IP-ACLs 22-5
Adding Entries to an Existing IP-ACL 22-5
Comparing Ports 22-5 Applying IP-ACLs 22-7
Configuring IPFC 22-8
Configuring Overlay VSANs 22-8
Configuring Multiple VSANs 22-9
Managing IPFC Connectivity with Multiple VSANs 22-10
Configuring VRRP 22-10
VRRP Features 22-11 VRRP Functionality 22-11 Creating or Removing a Virtual Router 22-12 Enabling a Virtual Router 22-12 Adding an IP Address for a Virtual Router 22-12
Viewing IP Address Information 22-12
Managing IP Addresses for VRRP 22-13 Setting Priority for the Virtual Router 22-13 Setting the Time Interval for the Advertisement Packet 22-13 Preempting the Master Virtual Router 22-13 Configuring Authentication for the Virtual Router 22-13 Setting the Priority Based on Interface State 22-14 Configuring VRRP Operations Attributes 22-14
Default Settings 22-14
Enabling or Disabling IP Forwarding 22-15
Viewing Information and Statistics 22-15
Viewing VRRP Statistics 22-15 Viewing TCP Information and Statistics 22-15 Viewing UDP Information and Statistics 22-15 Viewing IP Statistics 22-16 Viewing ICMP Statistics 22-16
CHAPTER
23 Configuring FICON 23-1
About FICON 23-2
Page 16
Contents
xvi
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
MDS-Specific FICON Advantages 23-3
Fabric-Optimization with VSANs 23-3 FCIP Support 23-4 PortChannel Support 23-5 VSANs for FICON and FCP Intermixing 23-5 MDS-Supported FICON Features 23-5
FICON Port Numbering 23-6
Port Addresses 23-8 Implemented and Unimplemented Port Addresses 23-9 Installed and Uninstalled Ports 23-9 FCIP Port Number 23-9 Port Numbering Summary 23-10 FCIP and PortChannel Port Numbers 23-10 FC ID Allocation 23-11 FICON Cascading 23-11
MDS FICON Prerequisites 23-11
Enabling FICON 23-12
Effects of Enabling FICON 23-12
Creating FICON VSANs (enabling FICON) Using Fabric Manager 23-12
Creating FICON VSANs (enabling FICON) Using Device Manager 23-13
Deleting FICON VSANs (Disabling FICON) 23-13
Viewing FICON Director History 23-14
Configuring Code Page 23-14
Configuring the FC ID Last Byte 23-14
Automatically Saving the Running Configuration 23-14
Binding Port Numbers to PortChannels 23-15
Binding Port Numbers to FCIP Interfaces 23-15
Configuring FICON Ports 23-15
FICON Information Refresh Note 23-15 Blocking Ports 23-15 Prohibiting Ports 23-16
Entering FICON Port Configuration Information 23-16
Viewing FICON Port Attributes 23-17
FICON Configuration Files 23-17
Accessing FICON Configuration Files 23-18 Editing FICON Configuration Files 23-18
Creating FICON Files 23-18
Deleting FICON Files 23-19
Page 17
Contents
xvii
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Copying FICON Files 23-19
Port Swapping 23-19
Port Swapping Guidelines 23-20
Swapping FICON Ports 23-20
Clearing FICON Device Allegiance 23-21
CUP Inband Management 23-21
Configuring Fabric Binding 23-21
Port Security versus Fabric Binding 23-22 Enforcing Fabric Binding 23-22 Enabling Fabric Binding 23-23 Configuring a List of sWWNs 23-23 Activating Fabric Binding 23-23
Forcing Fabric Binding Activation 23-23
Activating Fabric Binding 23-24
Deactivating Fabric Binding 23-24
Fabric Binding CopyActive to Config 23-24
Creating a Fabric Binding Configuration 23-25
Deleting a Fabric Binding Configuration 23-25
Viewing Fabric Binding Active Database 23-25
Viewing Fabric Binding Violations 23-25
Clearing Fabric Binding Statistics 23-26
Viewing EFMD Statistics 23-26
Displaying RLIR Information 23-26
CHAPTER
24 Configuring IP Storage 24-1
IP Storage Services Module 24-1
Configuring Gigabit Ethernet Interfaces 24-2
About Gigabit Ethernet Interfaces 24-3 Basic Gigabit Ethernet Configuration 24-3 About VLANs for Gigabit Ethernet 24-3 Verifying Gigabit Ethernet Connectivity 24-4 Gigabit Ethernet High Availability 24-4
Configuring VRRP 24-4
Configuring Ethernet PortChannels 24-5 Configuring CDP 24-6 IPS Core Dumps 24-6
Configuring FCIP 24-7
Page 18
Contents
xviii
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
About FCIP 24-7
FCIP and VE Ports 24-7 FCIP Link 24-8 FCIP Profiles 24-8
FCIP Interface 24-9 Enabling FCIP 24-9 Basic FCIP Configuration 24-9
Creating FCIP Profiles 24-10
Creating FCIP Links 24-10 Creating FCIP Tunnels with Device Manager 24-11
Assigning FCIP Profiles 24-11
Creating Tunnels 24-11
Verifying Interfaces 24-12
Verifying Extended Link Protocols (ELP) 24-12
Checking Trunk Status 24-12
Checking for Interface Errors 24-13 Creating FCIP Tunnels with Fabric Manager 24-13 Advanced FCIP Profile Configuration 24-13
Configuring TCP Listener Ports 24-14
Configuring TCP Parameters 24-14 Advanced FCIP Interface Configuration 24-16
Configuring Peers 24-16
Configuring Active Connection 24-17
Configuring the Number of TCP Connections 24-17
Enabling Time Stamps 24-17
B Port Interoperability Mode 24-17 E Port Configurations 24-19
Configuring FCIP Write Acceleration 24-20 Enabling FCIP Compression 24-21
Fibre Channel PortChannels 24-22
FSPF 24-22
VRRP 24-23
Ethernet PortChannels 24-23 Ethernet PortChannels and Fibre Channel PortChannels 24-24
Configuring iSCSI 24-24
About iSCSI 24-25 Enabling iSCSI 24-26 Using the iSCSI Wizard 24-26 Routing iSCSI Requests and Responses 24-27 Presenting Fibre Channel Targets as iSCSI Targets 24-27
Page 19
Contents
xix
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Dynamic Importing 24-28 Static Importing 24-28 iSCSI Virtual Target Configuration Examples 24-31
Presenting iSCSI Hosts as Virtual Fibre Channel Hosts 24-32
Dynamic Mapping 24-33 Static Mapping 24-33 Making the Dynamic Initiator WWN Mapping Static 24-34 Assigning VSAN Membership to iSCSI Hosts 24-34 Assigning VSANs to a iSCSI Interface 24-34
Configuring iSCSI Proxy Initiators 24-34
Configuring the iSCSI Proxy Initiator 24-35
Access Control in iSCSI 24-36
Fibre Channel Zoning-Based Access Control 24-36 iSCSI-Based Access Control 24-36 Enforcing Access Control 24-37
iSCSI User Authentication 24-37
Configuring an Authentication Mechanism 24-37 Configuring an iSCSI RADIUS Server 24-38
Advanced iSCSI Configuration 24-38
Setting the QOS Values 24-39 iSCSI Forwarding Mode 24-39
iSCSI High Availability 24-39
Multiple IPS Ports Connected to the Same IP Network 24-39 VRRP-Based High Availability 24-40 Ethernet PortChannel-Based High Availability 24-41
iSCSI Authentication Setup Guidelines 24-42
Configuring Storage Name Services 24-42
Creating iSNS Profiles and Tagging Profiles 24-42
Creating an iSNS Profile 24-43 Modifying an iSNS Profile 24-43
Default IP Storage Settings 24-44
Using the IP Filter Wizard 24-45
Creating IP Profiles 24-45
Adding IP Filters to Profiles 24-46
Associating IP Profiles to Interfaces 24-46
Deleting IP Profiles 24-47
Deleting IP Filters 24-47
Page 20
Contents
xx
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
CHAPTER
25 Configuring Call Home 25-1
Call Home Features 25-2
Call Home Configuration Process 25-2
Cisco AutoNotify 25-2
Assigning Contact Information 25-3
Configuring Destination Profiles 25-3
Configuring Alert Groups 25-3
Configuring Message Levels 25-4
Configuring E-Mail Options 25-4
Enabling or Disabling Call Home 25-4
Default Settings 25-4
Event Triggers 25-4
Call Home Message Severity Levels 25-7
Message Contents 25-8
Call Home Configuration Overview 25-11
Configuring Call Home Attributes 25-12
Configuring Call Home Destination Attributes 25-12
Configuring Call Home E-Mail Addresses 25-12
Configuring Call Home Alerts 25-13
Configuring Call Home Profiles 25-13
CHAPTER
26 Configuring Domain Parameters 26-1
About fcdomain Phases 26-2
Restarting the Domain 26-3
Performing a Domain Restart 26-3
Configuring the Domain 26-3
Configuring Domain Attributes 26-4 Managing Running Attributes for Domains 26-5 Viewing Domain Information 26-5 Viewing Domain Manager Statistics 26-5 Configuring Domain Interfaces 26-5 Viewing Domain Areas 26-6 Viewing Domain Area Ports 26-6
Specifying a Preferred or Static Domain ID 26-6
Setting Switch Priority 26-6
Configuring Allowed Domain ID Lists 26-6
Page 21
Contents
xxi
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Merging Stable Fabrics 26-7
Assigning Contiguous Domains 26-7
Disabling the fcdomain Feature 26-7
Setting the Fabric Name 26-8
Stopping Incoming RCFs 26-8
Configuring Persistent FC IDs 26-8
Creating a Persistent FC ID 26-9 Deleting a Persistent FC ID 26-9 Configuring Persistent FC IDs Manually 26-10
Configuring Unique Area FC IDs for Some HBAs 26-10
Enabling Persistent FC IDs 26-10
Purging Persistent FC IDs 26-11
Default Settings 26-12
CHAPTER
27 Configuring Traffic Management 27-1
FCC 27-1
FCC Process 27-2 Enabling FCC 27-2
QoS 27-2
Control Traffic 27-3
Disabling Control Traffic 27-3
Data Traffic 27-3
Configuring Data Traffic 27-4 Enabling QoS for Data Traffic 27-5 Creating Class Maps 27-5 Defining Service Policies 27-5 Applying a Service Policy 27-6 Scheduling Traffic 27-6
Ingress Port Rate Limiting 27-6
Default Settings 27-6
CHAPTER
28 Configuring System Message Logging 28-1
About System Message Logging 28-1
Configuring System Message Logging 28-3
Enabling Message Logging 28-4 Configuring Console Severity Level 28-4 Configuring Module Logging 28-4 Configuring Log Files 28-4
Page 22
Contents
xxii
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Configuring the Syslog Daemon 28-4
Outgoing Syslog Server Logging Facilities 28-5 Configuring Syslog Servers 28-6 Configuring Syslog Attributes 28-6 Configuring Syslog Priorities 28-6
Default Settings 28-6
About SNMP Events 28-7
Viewing the Events Log 28-7 Configuring Event Destinations 28-7 Configuring Event Security 28-8 Configuring Event Filters 28-8
About RMON Facilities 28-8
Enabling RMON Alarms by Port 28-8 Enabling RMON Alarms for VSANs 28-9 Enabling RMON Alarms for Physical Components 28-9 Configuring RMON Controls 28-10 Managing RMON Alarms 28-10 Managing RMON Event Severity Levels 28-10 Viewing the RMON Log 28-11
CHAPTER
29 Discovering SCSI Targets 29-1
About SCSI LUN Discovery 29-1
Initiating Customized Discovery 29-2
Authenticating iSCSI Targets 29-2
Specifying Targets 29-2
Specifying LUN Mappings 29-3
Viewing iSCSI Statistics 29-3
Viewing iSCSI Sessions 29-3
Viewing Session Statistics 29-4
Creating an iSCSI Initiator 29-4
Creating an iSCSI Virtual Target 29-4
Using the iSCSI Wizard 29-5
CHAPTER
30 Monitoring Network Traffic Using SPAN 30-1
About SPAN 30-1
SPAN Sources 30-2
IPS Source Ports 30-3
CSM Source Ports 30-3
Page 23
Contents
xxiii
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Allowed Source Interface Types 30-3 VSAN as a SPAN Source 30-4
Guidelines to Configure VSANs as a Source 30-4
SPAN Sessions 30-5
Creating SPAN Sessions 30-5
Editing SPAN Sources 30-5
Deleting SPAN Sessions 30-6
Specifying Filters 30-6
Guidelines to Specifying Filters 30-6
SD Port Characteristics 30-7
Guidelines to Configure SPAN 30-7
Monitoring Traffic Using Fibre Channel Analyzers 30-7
Without SPAN 30-7 Using SPAN 30-8
Configuring Analyzers Using SPAN 30-9 Using a Single SD Port to Monitor Traffic 30-9
Default SPAN Settings 30-10
Remote SPAN 30-10
Advantages to Using RSPAN 30-11 FC and RSPAN Tunnels 30-11 Guidelines to Configure RSPAN 30-12 ST Port Characteristics 30-12 Configuring RSPAN 30-13
Configuration in the Source Switch 30-13 Configuration in All Intermediate Switches 30-14
Configuration in the Destination Switch 30-14 Configuring An Explicit Path 30-15 Monitoring RSPAN Traffic 30-16 Sample Scenarios 30-17
Single Source with One RSPAN Tunnel 30-17
Single Source with Multiple RSPAN Tunnels 30-17
Multiple Sources with Multiple RSPAN Tunnels 30-18
CHAPTER
31 Advanced Features and Concepts 31-1
Configuring FC Timers 31-1
Configuring Timers Per-VSAN 31-2
Configuring a Fabric Analyzer 31-2
About the Cisco Fabric Analyzer 31-3
Page 24
Contents
xxiv
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Local Text-Based Capture 31-3 Remote Capture Daemon 31-4 GUI-Based Client 31-4
Configuring the Cisco Fabric Analyzer 31-4
Configuring World Wide Names 31-5
Allocating Flat FC IDs 31-5
Enabling Loop Monitoring 31-6
Configuring the Switch for Interoperability 31-6
Configuring Interoperability 31-8
Using the show tech-support Command 31-8
Managing World Wide Names 31-9
Configuring Timers 31-9
CHAPTER
32 Configuring Fabric Configuration Servers 32-1
About FCS 32-1
Significance of FCS 32-2
CHAPTER
33 Monitoring System Processes and Logs 33-1
Configuring Kernel Core Dumps 33-1
CHAPTER
34 Troubleshooting the Fabric 34-1
Analyzing Switch Device Health 34-1
Analyzing End-to-End Connectivity 34-2
Analyzing Switch Fabric Configuration 34-2
Analyzing the Results of Merging Zones 34-3
Issuing the Show Tech Support Command 34-3
Using Traceroute and Other Troubleshooting Tools 34-4
Locating Other Switches 34-5
Configuring an OUI 34-5
CHAPTER
35 Troubleshooting Fabric Manager Issues 35-1
Can I Set the Map Layout So It Stays After I Restart Fabric Manager? 35-1
Two Switches Show on my Map, But I Only Have One Switch 35-2
There is a Red Line Through the Switch. What’s Wrong? 35-2
There is a Dotted Orange Line Through the Switch. What’s Wrong? 35-2
Can I Upgrade Without Losing My Map Settings? 35-2
Page 25
Contents
xxv
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Are There Any Restrictions When Using Fabric Manager Across FCIP? 35-2
Running Cisco Fabric Manager with Multiple Interfaces 35-3
Specifying an Interface for Fabric Manager Server 35-3 Specifying an Interface for Performance Manager 35-3 Specifying an Interface for Fabric Manager Client or Device Manager 35-4
Configuring a Proxy Server 35-4
Clearing Topology Maps 35-5
Can I Use Fabric Manager in a Mixed Software Environment? 35-5
I
NDEX
Page 26
Contents
xxvi
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Page 27
xxvii
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Preface
This preface describes the audience, organization, and conventions of the Cisco MDS 9000 Family Fabric Manager User’s Guide. It also provides information on how to obtain related documentation.
Audience
This guide is for system administrators who intend to use the Cisco Fabric Manager to configure and monitor the switches that build the network fabric.
You should be familiar with the basic concepts and terminology used in internetworking, and understand your network topology and the protocols that the devices in your network can use. You should also have a working knowledge of the operating system on which you are running Fabric Manager, such as Microsoft Windows, Linux, or Solaris.
Organization
This document contains the following chapters:
“New and Changed Information”—Summarizes the new and changed features for the Cisco MDS
9000 Family Fabric Manager Switch Configuration Guide.
Chapter 1, “Product Overview”—Presents an overview of the Cisco MDS 9000 Family of
multilayer switches and directors.
Chapter 2, “Getting Started with Cisco Fabric Manager”—Provides a brief overview of Fabric
Manager components and capabilities, and information on installation and launching the applications.
Chapter 3, “Overview of Fabric Manager”—Provides in-depth descriptions of GUIs and
capabilities for Fabric Manager Client, Fabric Manager Server, Device Manager, and Performance Manager.
Chapter 4, “Before You Begin”—Discusses some things to be aware of before installing your
switch.
Chapter 5, “Obtaining and Installing Licenses”—Provides information on the Cisco MDS 9000
Family licensing model, license concepts, and license installation and management.
Chapter 6, “Initial Configuration”—Provides initial switch configuration options and switch
access information.
Page 28
xxviii
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Preface
Organization
Chapter 7, “Configuring High Availability”—Provides details on the high availability feature
including switchover mechanisms.
Chapter 8, “Software Images”—Describes how to upgrade Cisco MDS 9000 Family switches,
install software image files, use the Flash file system on the supervisor engine, and recover a corrupted bootflash image.
Chapter 9, “Managing Modules”—Explains how to display and analyze the status of each module
and specifies the power on and power off process for modules.
Chapter 10, “Managing System Hardware”—Provides details on switch hardware inventory,
power usage, power supply, module temperature, fan and clock modules, and environment information.
Chapter 11, “Configuring and Managing VSANs”—Describes how virtual SANs (VSANs) work,
explains the concept of default VSANs, isolated VSANs, VSAN IDs and attributes, and provides details on how to create, delete, and view VSANs.
Chapter 12, “Configuring Interfaces”—Explains port and operational state concepts in Cisco
MDS 9000 Family switches and provides details on configuring ports and interfaces.
Chapter 13, “Configuring Trunking”—Explains TE ports and trunking concepts.
Chapter 14, “Configuring PortChannels”—Explains PortChannels and load balancing concepts
and provides details on configuring PortChannels, adding ports to PortChannels, and deleting ports from PortChannels.
Chapter 15, “Configuring and Managing Zones”—Defines various zoning concepts and provides
details on configuring a zone set and zone management features.
Chapter 16, “Configuring Inter-VSAN Routing”—Describes Inter-VSAN Routing.
Chapter 17, “Managing FLOGI, Name Server, FDMI, and RSCN Databases”—Provides name
server and fabric login details required to manage storage devices and display registered state change notification (RSCN) databases.
Chapter 18, “Configuring Switch Security”—Discusses the AAA parameters, user profiles,
RADIUS authentication, SSH services, and SNMP Security options provided in all switches in the Cisco MDS 9000 Family and provides configuration information for these options.
Chapter 19, “Configuring Fabric Security”—Describes how to configure and manage fabric
security.
Chapter 20, “Configuring Port Security”—Provides details on port security features that can
prevent unauthorized access to a switch port in the Cisco MDS 9000 Family.
Chapter 21, “Configuring Fibre Channel Routing Services and Protocols”—Provides details
and configuration information on Fibre Channel routing services and protocols.
Chapter 22, “Configuring IP Services”—Provides details on IP over Fibre Channel (IPFC)
services and provides configuring IPFC, virtual router, and DNS server configuration information.
Chapter 23, “Configuring FICON”—Provides information on configuring and managing FICON
with the Cisco MDS 9000 Family.
Chapter 24, “Configuring IP Storage”—Provides details on extending the reach of Fibre Channel
SANs by connecting separated SAN islands together via IP networks using FCIP, and allowing IP hosts to access FC storage using the iSCSI protocol.
Chapter 25, “Configuring Call Home”—Provides details on the Call Home service and includes
information on Call Home, event triggers, contact information, destination profiles, and e-mail Options.
Page 29
xxix
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Preface
Organization
Chapter 26, “Configuring Domain Parameters”—Explains the Fibre Channel domain (fcdomain)
feature, which includes principal switch selection, domain ID distribution, FC ID allocation, and fabric reconfiguration functions.
Chapter 27, “Configuring Traffic Management”—Provides details on the quality of service
(QoS) and Fibre Channel Congestion Control (FCC) features.
Chapter 28, “Configuring System Message Logging”— Describes how to configure system
message logging on the Cisco MDS 9000 Family switches.
Chapter 29, “Discovering SCSI Targets”—Describes how the SCSI LUN discovery feature is
started and displayed.
Chapter 30, “Monitoring Network Traffic Using SPAN”—Describes the switched port analyzer
(SPAN), identifies SPAN sources, specifies filters, explains SPAN Sessions, SD port characteristics, and configuration details.
Chapter 31, “Advanced Features and Concepts”—Describes the advanced configuration features
features—time out values, fctrace, fabric analyzer, world wide names, flat FC IDs, loop monitoring, and interoperating switches.
Chapter 32, “Configuring Fabric Configuration Servers”—Describes how the fabric
Configuration Server (FCS) feature is configured and displayed.
Chapter 33, “Monitoring System Processes and Logs”—Provides information on displaying
system processes and status. It also provides information on configuring core and log files, HA policy, heartbeat and watchdog checks, and upgrade resets.
Chapter 34, “Troubleshooting the Fabric”—Provides information on using Fabric Manager to
troubleshoot your fabric.
Chapter 35, “Troubleshooting Fabric Manager Issues”—Describes some common issues you
may experience while using Cisco Fabric Manager, and provides solutions.
Page 30
xxx
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Preface
Conventions
Conventions
This document uses the following conventions:
Tip Identifies information to help you get the most benefit from your product.
Note Means reader take note. Notes identify important information that you should reflect upon before
continuing, contain helpful suggestions, or provide references to materials not contained in the document.
Caution Means reader be careful. In this situation, you might do something that could result in equipment
damage, loss of data, or a potential breach in your network security.
Warning
Identifies information that you must heed to prevent damaging yourself, the state of software, or equipment. Warnings identify definite security breaches that will result if the information presented is not followed carefully.
Item Convention
Commands, keywords, special terminology, and options that should be selected during procedures
boldface font
Variables for which you supply values and new or important terminology
italic font
Displayed session and system information, paths and file names
screen font
Information you enter boldface screen font
Variables you enter italic screen font
Menu items and button names
boldface font
Indicates menu items to select, in the order you select them.
Option > Network Preferences
Page 31
xxxi
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Preface
Obtaining Documentation
Obtaining Documentation
Cisco documentation and additional literature are available on Cisco.com. Cisco also provides several ways to obtain technical assistance and other technical resources. These sections explain how to obtain technical information from Cisco Systems.
Cisco.com
You can access the most current Cisco documentation at this URL:
http://www.cisco.com/univercd/home/home.htm
You can access the Cisco website at this URL:
http://www.cisco.com
You can access international Cisco websites at this URL:
http://www.cisco.com/public/countries_languages.shtml
Documentation DVD
Cisco documentation and additional literature are available in a Documentation DVD package, which may have shipped with your product. The Documentation DVD is updated regularly and may be more current than printed documentation. The Documentation DVD package is available as a single unit.
Registered Cisco.com users (Cisco direct customers) can order a Cisco Documentation DVD (product number DOC-DOCDVD=) from the Ordering tool or Cisco Marketplace.
Cisco Ordering tool:
http://www.cisco.com/en/US/partner/ordering/
Cisco Marketplace:
http://www.cisco.com/go/marketplace/
Ordering Documentation
You can find instructions for ordering documentation at this URL:
http://www.cisco.com/univercd/cc/td/doc/es_inpck/pdi.htm
You can order Cisco documentation in these ways:
Registered Cisco.com users (Cisco direct customers) can order Cisco product documentation from
the Ordering tool:
http://www.cisco.com/en/US/partner/ordering/
Nonregistered Cisco.com users can order documentation through a local account representative by
calling Cisco Systems Corporate Headquarters (California, USA) at 408 526-7208 or, elsewhere in North America, by calling 1 800 553-NETS (6387).
Page 32
xxxii
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Preface
Documentation Feedback
Documentation Feedback
You can send comments about technical documentation to mdsfeedback-doc@cisco.com.
You can submit comments by using the response card (if present) behind the front cover of your document or by writing to the following address:
Cisco Systems Attn: Customer Document Ordering 170 West Tasman Drive San Jose, CA 95134-9883
We appreciate your comments.
Cisco Product Security Overview
Cisco provides a free online Security Vulnerability Policy portal at this URL:
http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html
From this site, you can perform these tasks:
Report security vulnerabilities in Cisco products.
Obtain assistance with security incidents that involve Cisco products.
Register to receive security information from Cisco.
A current list of security advisories and notices for Cisco products is available at this URL:
http://www.cisco.com/go/psirt
If you prefer to see advisories and notices as they are updated in real time, you can access a Product Security Incident Response Team Really Simple Syndication (PSIRT RSS) feed from this URL:
http://www.cisco.com/en/US/products/products_psirt_rss_feed.html
Reporting Security Problems in Cisco Products
Cisco is committed to delivering secure products. We test our products internally before we release them, and we strive to correct all vulnerabilities quickly. If you think that you might have identified a vulnerability in a Cisco product, contact PSIRT:
Emergencies— security-alert@cisco.com
Nonemergencies— psirt@cisco.com
Tip We encourage you to use Pretty Good Privacy (PGP) or a compatible product to encrypt any sensitive
information that you send to Cisco. PSIRT can work from encrypted information that is compatible with PGP versions 2.x through 8.x.
Never use a revoked or an expired encryption key. The correct public key to use in your correspondence with PSIRT is the one that has the most recent creation date in this public key server list:
http://pgp.mit.edu:11371/pks/lookup?search=psirt%40cisco.com&op=index&exact=on
Page 33
xxxiii
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Preface
Obtaining Technical Assistance
In an emergency, you can also reach PSIRT by telephone:
1 877 228-7302
1 408 525-6532
Obtaining Technical Assistance
For all customers, partners, resellers, and distributors who hold valid Cisco service contracts, Cisco Technical Support provides 24-hour-a-day, award-winning technical assistance. The Cisco Technical Support Website on Cisco.com features extensive online support resources. In addition, Cisco Technical Assistance Center (TAC) engineers provide telephone support. If you do not hold a valid Cisco service contract, contact your reseller.
Cisco Technical Support Website
The Cisco Technical Support Website provides online documents and tools for troubleshooting and resolving technical issues with Cisco products and technologies. The website is available 24 hours a day, 365 days a year, at this URL:
http://www.cisco.com/techsupport
Access to all tools on the Cisco Technical Support Website requires a Cisco.com user ID and password. If you have a valid service contract but do not have a user ID or password, you can register at this URL:
http://tools.cisco.com/RPF/register/register.do
Note Use the Cisco Product Identification (CPI) tool to locate your product serial number before submitting
a web or phone request for service. You can access the CPI tool from the Cisco Technical Support Website by clicking the Too l s & R eso u rc es link under Documentation & Tools. Choose Cisco Product
Identification Tool from the Alphabetical Index drop-down list, or click the Cisco Product Identification Tool link under Alerts & RMAs. The CPI tool offers three search options: by product ID
or model name; by tree view; or for certain products, by copying and pasting show command output. Search results show an illustration of your product with the serial number label location highlighted. Locate the serial number label on your product and record the information before placing a service call.
Submitting a Service Request
Using the online TAC Service Request Tool is the fastest way to open S3 and S4 service requests. (S3 and S4 service requests are those in which your network is minimally impaired or for which you require product information.) After you describe your situation, the TAC Service Request Tool provides recommended solutions. If your issue is not resolved using the recommended resources, your service request is assigned to a Cisco TAC engineer. The TAC Service Request Tool is located at this URL:
http://www.cisco.com/techsupport/servicerequest
For S1 or S2 service requests or if you do not have Internet access, contact the Cisco TAC by telephone. (S1 or S2 service requests are those in which your production network is down or severely degraded.) Cisco TAC engineers are assigned immediately to S1 and S2 service requests to help keep your business operations running smoothly.
Page 34
xxxiv
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Preface
Obtaining Additional Publications and Information
To open a service request by telephone, use one of the following numbers:
Asia-Pacific: +61 2 8446 7411 (Australia: 1 800 805 227) EMEA: +32 2 704 55 55 USA: 1 800 553-2447
For a complete list of Cisco TAC contacts, go to this URL:
http://www.cisco.com/techsupport/contacts
Definitions of Service Request Severity
To ensure that all service requests are reported in a standard format, Cisco has established severity definitions.
Severity 1 (S1)—Your network is “down,” or there is a critical impact to your business operations. You and Cisco will commit all necessary resources around the clock to resolve the situation.
Severity 2 (S2)—Operation of an existing network is severely degraded, or significant aspects of your business operation are negatively affected by inadequate performance of Cisco products. You and Cisco will commit full-time resources during normal business hours to resolve the situation.
Severity 3 (S3)—Operational performance of your network is impaired, but most business operations remain functional. You and Cisco will commit resources during normal business hours to restore service to satisfactory levels.
Severity 4 (S4)—You require information or assistance with Cisco product capabilities, installation, or configuration. There is little or no effect on your business operations.
Obtaining Additional Publications and Information
Information about Cisco products, technologies, and network solutions is available from various online and printed sources.
Cisco Marketplace provides a variety of Cisco books, reference guides, and logo merchandise. Visit
Cisco Marketplace, the company store, at this URL:
http://www.cisco.com/go/marketplace/
Cisco Press publishes a wide range of general networking, training and certification titles. Both new
and experienced users will benefit from these publications. For current Cisco Press titles and other information, go to Cisco Press at this URL:
http://www.ciscopress.com
Pack et magazine is the Cisco Systems technical user magazine for maximizing Internet and
networking investments. Each quarter, Packet delivers coverage of the latest industry trends, technology breakthroughs, and Cisco products and solutions, as well as network deployment and troubleshooting tips, configuration examples, customer case studies, certification and training information, and links to scores of in-depth online resources. You can access Packet magazine at this URL:
http://www.cisco.com/packet
Page 35
xxxv
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Preface
Obtaining Additional Publications and Information
iQ Magazine is the quarterly publication from Cisco Systems designed to help growing companies
learn how they can use technology to increase revenue, streamline their business, and expand services. The publication identifies the challenges facing these companies and the technologies to help solve them, using real-world case studies and business strategies to help readers make sound technology investment decisions. You can access iQ Magazine at this URL:
http://www.cisco.com/go/iqmagazine
Internet Protocol Journal is a quarterly journal published by Cisco Systems for engineering
professionals involved in designing, developing, and operating public and private internets and intranets. You can access the Internet Protocol Journal at this URL:
http://www.cisco.com/ipj
World-class networking training is available from Cisco. You can view current offerings at
this URL:
http://www.cisco.com/en/US/learning/index.html
Page 36
xxxvi
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Preface
Obtaining Additional Publications and Information
Page 37
xxxvii
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
New and Changed Information
The table below summarizes the new and changed features for the Cisco MDS 9000 Family Fabric Manager Switch Configuration Guide, and tells you where they are documented. If a feature has changed
in Release 1.3, a brief description of the change appears in the "Description" column, and that release is shown in the "Changed in Release" column.
Table 1 Documented Features for the Cisco MDS 9000 Family Fabric Manager Switch
Configuration Guide
Feature Description Changed in Release
Where Documented
All Updated procedures to remove CLI
command references.
Fabric Manager Switch Tree Change: QoS
Switch->QoS has been moved to Switch->FC->QoS. QoS can only apply to Fibre Channel.
1.3(4)
Fabric Manager Switch Tree Change: Interfaces
Switch->Interfaces is a new folder which contains:
Port Channels, moved from
Switch FC
FC Physical, moved from
Switch->FC
FC Logical, moved from
Switch->FC
SVC, moved from
Switch->FC
Ethernet, gigE and Ether
Channels, was previously Switch->IP->Physical Interfaces
Management, mgmt0 and vsan
with the ability to create ipfc.
1.3(4)
Fabric Manager Switch Tree Change: IPFC
Switch->IP->IPFC functionality is now in Switch->Interfaces->Management
1.3(4)
Page 38
xxxviii
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
New and Changed Information
Multiple pWWNs to same alias
You can add/associate multiple pWWNs and fWWNs to the same alias name.
1.3(4)
Quiesce You can now quiesce/disable a port
channel member. This will quiesce a port channel member ISL, and administratively bring down both ports.
1.3(4)
iSCSI SACK Default The TCP SACK parameter is
enabled by default for iSCSI configurations.
1.3(3)
Essential Upgrade Prerequisites
Obtaining recommendations based on your current operating environment.
1.3(3)
iSCSI name restriction The iSCSI qualified name is
restricted to a maximum name length of 223 alphanumeric characters and a minimum length of 16 characters.
1.3(3)
Rolling upgrades The Cashing Services Module
(CSM) and the IP Storage (IPS) services module use a rolling upgrade install mechanism
1.3(2a)
Running configuration information
Display Configurations based a specified feature, interface, module, or VSAN.
1.3(1)
Licensing Access specified premium features
on the switch.
1.3(1)
Initial Setup Additions Configure the full zoneset
distribution and FC ID persistence features for the entire fabric during initial setup.
1.3(1)
Automatic image synchronization
The running image is automatically synchronized in the standby supervisor module by the active supervisor module.
1.3(1)
Standby state The internal standby state indicates
that a switchover is possible when the redundancy state or the supervisor state display standby or HA standby.
1.3(1)
Table 1 Documented Features for the Cisco MDS 9000 Family Fabric Manager Switch
Configuration Guide (continued)
Feature Description Changed in Release
Where Documented
Page 39
xxxix
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
New and Changed Information
Terminal connection options
From the active supervisor module, you can connect to a console terminal, a Telnet terminal, or an SSH terminal.
1.3(1)
Standby supervisor module boot variables
The software forces the standby supervisor module to run the same version as the active supervisor module.
1.3(1)
Replacing modules Ensure that the new module is
running the same software version as the rest of the switch. I.
1.3(1)
Transceiver and calibration information
Display real-time diagnostics information.
1.3(1)
Buffer-to-Buffer Credit (BB_credit) display
Displays the receive and transmit BB_credit along with other pertinent interface information.
1.3(1)
PortChannel Quiesce Use the quiesce feature on an ISL
to gracefully shutdown an interface without dropping any frames.
1.3(1)
Zone membership Assign zone membership criteria is
also based on the interface and domain ID, domain ID and port number, and IP address.
1.3(1)
Inter-VSAN routing (IVR)
Access resources across VSANs without compromising other VSAN benefits.
1.3(1)
Fabric-Device Management Interface (FDMI)
Enables management of devices using the FDMI feature.
1.3(1)
AAA server groups Configure remote AAA servers
using server groups.
1.3(1)
TAC ACS + authentication
Use the Terminal Access Controller Access Control System plus (TACACS+) protocol to communicate with remote AAA servers.
1.3(1)
RADIUS enhancements Configure multiple RADIUS
server groups.
1.3(1)
Table 1 Documented Features for the Cisco MDS 9000 Family Fabric Manager Switch
Configuration Guide (continued)
Feature Description Changed in Release
Where Documented
Page 40
xl
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
New and Changed Information
FC-SP DHCHAP Configure Fibre Channel Security
Protocol (FC-SP) authentication to overcome security challenges for enterprise-wide fabrics. Diffie-Hellman Challenge Handshake Authentication Protocol (DHCHAP) provides authentication between Cisco MDS switches and other devices.
1.3(1)
FI-bre CON-nection (FICON)
Intermix FICON and Fibre Channel Protocol (FCP) traffic on the same switch without compromising scalability, availability, manageability and network security.
1.3(1)
Fabric Binding Prevent unauthorized switches
from joining the fabric or disrupting current fabric operations.
1.3(1)
Registered Link Incident Report (RLIR)
Use the RLIR function to send a LIR to a registered Nx-port.
1.3(1)
Trespass support Use the trespass feature to enable
the export of Logical Units (LUs) from the active to the passive port of a statically imported iSCSI target.
1.3(1)
Internet Storage Name Service (iSNS)
Use the iSNS services to automate the discovery and management of iSCSI devices.
1.3(1)
Proxy initiator Connect all iSCSI initiators
through one IPS port to make it appear as one Fibre Channel port per VSAN.
1.3(1)
FCIP write accelerator Improve application performance
using the FCIP write acceleration feature.
1.3(1)
FCIP compression Allow IP packets to be compressed
on the FCIP link if this feature is enabled on that link.
1.3(1)
VSAN membership for iSCSI interfaces
Configure an iSCSI host to be a member of one or more VSANs.
1.3(1)
Table 1 Documented Features for the Cisco MDS 9000 Family Fabric Manager Switch
Configuration Guide (continued)
Feature Description Changed in Release
Where Documented
Page 41
xli
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
New and Changed Information
Call Home enhancements
Define a Call Home destination profile, select predefined types of Call Home alerts, or filter messages based on their level of urgency.
1.3(1)
FC Domain ID changes Define the default behavior to
enable persistent FC IDs globally or for each VSAN.
1.3(1)
Port rate limiting Use the port rate limiting feature to
control ingress traffic into a Fibre Channel port.
1.3(1)
Quality of Service (QoS)
Configure four priority levels for service differentiation.
1.3(1)
Auto-discovery of SCSI targets
Displays automatically discovered SCSI targets.
1.3(1)
IPS SPAN source Assign a Switched Port Analyzer
(SPAN) source on the IP Storage Services (IPS) module.
1.3(1)
Per VSAN Time Out Val ue s ( TOV)
Configure different TOVs for a specified VSAN with special links like FC or IP tunnels.
1.3(1)
Deleting directories Deleting a specified directory
deletes the entire directory and all its contents.
All
Table 1 Documented Features for the Cisco MDS 9000 Family Fabric Manager Switch
Configuration Guide (continued)
Feature Description Changed in Release
Where Documented
Page 42
xlii
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
New and Changed Information
Page 43
CHA P TER
1-1
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
1
Product Overview
The Cisco MDS 9000 Family of multilayer directors and fabric switches offer intelligent fabric-switching services that realize maximum performance while ensuring high reliability levels. They combine robust and flexible hardware architecture with multiple layers of network and storage management intelligence. This powerful combination enables highly available, scalable storage networks that provide advanced security and unified management features.
The Cisco MDS 9000 Family provides intelligent networking features such as multiprotocol and multitransport integration, virtual SANs (VSANs), advanced security, sophisticated debug analysis tools, and unified SAN management.
This chapter lists the hardware features for the Cisco MDS 9000 Family and describes its software features.
This chapter contains the following topics:
Hardware Overview, page 1-1
Software Features, page 1-4
Tools for Software Configuration, page 1-10
Hardware Overview
This section provides an overview of the Cisco MDS 9000 Family of multilayer directors and fabric switches.
Cisco MDS 9216 multilayer fabric switches contain one fixed integrated supervisor module with 16
Fibre Channel ports and an expansion slot which can support up to 32 additional ports (for a total of 48 ports).
Cisco MDS 9509 multilayer directors contain two slots for supervisor modules and 7 slots for
switching or services modules providing up to 224 ports (32 ports x 7 slots).
Cisco MDS 9506 multilayer directors contain two slots for supervisor modules and 4 slots for
switching or services modules providing up to 128 ports (32 ports x 4 slots).
Cisco MDS 9140 multilayer switches contains 40 ports (8 full rate ports, 32 host-optimized ports).
Cisco MDS 9120 multilayer switches contains 20 ports (4 full rate ports, 16 host-optimized ports).
Page 44
1-2
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Chapter 1 Product Overview
Hardware Overview
Cisco MDS 9216 Fabric Switch
Cisco MDS 9216 fabric switches share a consistent software architecture with the Cisco MDS 9500 Series in a semi-modular chassis. They consist of the following major hardware components:
The chassis has two slots, one of which is reserved for the supervisor module. The supervisor
module provides supervisor functions and has 16 standard, Fibre Channel ports.
The backplane has direct plug-in connectivity to one switching module (any type).
Two redundant, hot-swappable power supplies have AC connections, each of which can supply
power to a fully loaded chassis.
The hot-swappable fan module has four fans managing the airflow and cooling for the entire switch.
The 1-Gbps or 2-Gbps autosensing Fibre Channel ports support Inter-Switch Links (E ports),
extended Inter-Switch Links (TE ports), loop (FL and TL ports), and fabric (F ports) connectivity. Besides Telnet access, a 10/100BASE-T Ethernet port provides switch access and a RS-232 (EIA/TIA-232) serial port allows switch configuration.
Hot-swappable, small form-factor pluggable (SFP) ports can be configured with either short or long
wavelength SFPs for connectivity up to 500m and 10km, respectively.
The Cisco MDS 9216 supports the IP Storage Services (IPS) module. All IPS modules are
configurable for both FCIP and iSCSI operation on a port-by-port basis. Ports configured for FCIP operation can be further configured to support up to three virtual ISL connections.
Refer to the Cisco MDS 9200 Series Hardware Installation Guide for more information.
Cisco MDS 9500 Modular Directors
The Cisco MDS 9500 Series includes two multilayer, modular directors:
The Cisco MDS 9509 Director addresses the stringent requirements of large data center storage
environments and consists of the following major hardware components:
The chassis has nine slots, two of which are reserved for the supervisor modules.
Up to seven hot-pluggable switching or services modules that provide Fibre Channel or Gigabit Ethernet services.
The backplane has direct plug-in connectivity to seven switching modules, two integrated supervisor modules, two clock modules, and two power supplies.
The hot-swappable fan module has nine fans managing the airflow and cooling for the entire switch.
The Cisco MDS 9506 Director addresses the stringent requirements of data center storage
environments and consists of the following major hardware components:
The chassis has six slots, two of which are reserved for the supervisor modules.
Up to four hot-pluggable switching or services modules that provide Fibre Channel or Gigabit Ethernet services.
The backplane has direct plug-in connectivity to four switching modules, two integrated supervisor modules, two clock modules, and two power supplies.
The hot-swappable fan module has six fans managing the airflow and cooling for the entire switch.
Page 45
1-3
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Chapter 1 Product Overview
Hardware Overview
These modular directors have the following features:
Two redundant, hot-swappable power supplies have AC or DC connection, each of which can supply
power to the entire chassis.
Two supervisor modules ensure high availability and traffic load balancing capabilities. Each
supervisor module can control the entire switch. The standby supervisor module provides redundancy in case the active supervisor module fails.
The 1-Gbps or 2-Gbps autosensing Fibre Channel ports support Inter-Switch Links (E ports),
Extended Inter-Switch Links (TE ports), loop (FL and TL ports), and fabric (F ports) connectivity. Besides Telnet access, a 10/100BASE-T Ethernet port provides switch access and a RS-232 serial port allows switch configuration.
Hot-swappable, small form-factor pluggable (SFP) ports can be configured with either short or long
wavelength SFPs for connectivity up to 500m and 10km, respectively.
The Cisco MDS 9500 Series supports the IP Storage Services (IPS) module. All IPS modules are
configurable for both FCIP and iSCSI operation on a port-by-port basis. Ports configured for FCIP operation can be further configured to support up to three virtual ISL connections.
Refer to the Cisco MDS 9500 Series Hardware Installation Guide for additional information.
Cisco MDS 9100 Series Fixed Configuration Fabric Switches
Cisco MDS 9100 Series includes two multilayer, fixed configuration (non-modular) switches:
The Cisco MDS 9140 provides 40 ports (8 full rate ports, 32 host-optimized ports)
The Cisco MDS 9120 is a 20 ports (4 full rate ports, 16 host-optimized ports)
These fixed configuration switches are packaged in a 1 RU enclosures and have the following features:
Two redundant, hot-swappable power supplies have AC connections, each of which can supply
power to the entire chassis.
Two hot-swappable fan modules with two fans each manage the airflow and cooling for the entire
switch.
The 1-Gbps or 2-Gbps autosensing Fibre Channel ports support Inter-Switch Links (E ports),
Extended Inter-Switch Links (TE ports), loop (FL and TL ports), and fabric (F ports) connectivity. Besides Telnet access, a 10/100BASE-T Ethernet port provides switch access.
Hot-swappable, small form-factor pluggable (SFP) ports can be configured with either short or long
wavelength SFPs for connectivity up to 500m and 10km, respectively.
Note Switches in the Cisco MDS 9100 Series do not have a COM1 port (a RS-232 serial port).
Refer to the Cisco MDS 9100 Series Hardware Installation Guide for additional information.
Page 46
1-4
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Chapter 1 Product Overview
Software Features
Software Features
This section provides an overview of the major software features of the Cisco MDS 9000 Family of multilayer directors and fabric switches.
Licensing
The licensing functionality is available in all switches in the Cisco MDS 9000 Family. This functionality allows you to access specified premium features on the switch after you install the appropriate license for that feature. Licenses are sold, supported, and enforced from Release 1.3(1).
High Availability
The Cisco MDS 9500 Series of multilayer directors support application restartability and nondisruptive supervisor switchability. The switches are protected from system failure by redundant hardware components and a high availability software framework. The high availability (HA) software framework includes the following:
Provides stateful redundancy for supervisor module failure by using dual supervisor modules.
Ensures nondisruptive software upgrade capability.
Protects against link failure using the PortChannel (port aggregation) feature. This feature is also
available in Cisco MDS 9216 switches and in the Cisco MDS 9100 Series.
Provides management redundancy using Virtual Router Redundancy Protocol (VRRP). This feature
is also available in Cisco MDS 9216 switches and in the Cisco MDS 9100 Series.
Performs nondisruptive restarts of a failed process on the same supervisor module. A service
running on the supervisor modules and on the switching module tracks the HA policy defined in the configuration and takes action based on this policy. This feature is also available in Cisco MDS 9216 switches and in the Cisco MDS 9100 Series.
Switch Reliability
Switches in the Cisco MDS 9000 Family maintain internally controlled reliability services that ensure continued service with no degradation. This reliability service includes the following:
Provides power-on self testing (POST)
Detects errors, isolates faults, performs parity checking, and checks illegal addresses
Enables remote diagnostics using Call Home troubleshooting features
Displays LEDs that summarize the status of each switching module, supervisor module, power
supply, and fan assembly
Page 47
1-5
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Chapter 1 Product Overview
Software Features
Virtual SANs
VSANs (virtual SANs) enable higher security and greater scalability in Fibre Channel fabrics. VSANs provide isolation among devices that are physically connected to the same fabric. VSANs allow multiple logical SANs over a common physical infrastructure. VSANs offer the following:
Traffic isolation—Traffic is contained within VSAN boundaries and devices reside only in one
VSAN thus ensuring absolute separation between user groups, if desired.
Scalability—VSANs are overlaid on top of a single physical SAN. The ability to create several
logical VSAN layers increases the scalability of the SAN.
Per VSAN fabric services—Replication of fabric services on a per VSAN basis provides increased
scalability and availability.
Redundancy—Several VSANs created on the same physical SAN ensure redundancy. If one VSAN
fails, redundant protection is provided by a configured backup path between the host and the switch.
Ease of configuration—Devices can be added, moved, or changed between VSANs without
changing the physical structure of a SAN. Moving a device from one VSAN to another only requires configuration at the port level, not at a physical level.
Intelligent Zoning
Zoning controls access between devices in a VSAN. Zoning accomplishes the following:
Partitions devices that use different operating systems. In a heterogeneous environment, it is often
necessary to separate servers and storage devices to avoid accidental transfer of information between devices with different operating systems. Such transfers could result in corruption or deletion of data.
Creates logical subsets of closed user groups. Closed user groups are needed to enforce security or
to separate functional areas across the fabric.
Configures groups of devices that are separate from the rest of the fabric. Based on the assigned zone
membership, devices outside the zone cannot access devices internal to the zone.
Provides temporary access between devices (zone sets). Zone restrictions can be imposed
temporarily, and then restored to revert to normal operation, if desired.
Restricts access to specific logical unit numbers (LUNs) associated with a device.
Allows members to have only read-only access to the media within a read-only Fibre Channel zone.
Inter-VSAN Routing
Using Inter-VSAN Routing (IVR), resources across VSANs can be accessed without compromising other VSAN benefits. Valuable resources like tape libraries are easily shared across VSANs without compromise. Routes that traverse one or more VSANs across multiple switches can be established, if necessary, to ensure proper interconnections. IVR used in conjunction with FCIP provides more efficient business continuity or disaster recovery solutions.
Page 48
1-6
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Chapter 1 Product Overview
Software Features
Trunking
Trunking is the term used to refer to an ISL link that carries one or more VSANs. Trunking ports receive and transmit Extended ISL (EISL) frames. EISL frames carry an EISL header containing VSAN information. Once EISL is enabled on an E port, that port becomes a TE port. The trunking configuration is saved along with the interface information.
PortChannels
PortChannel refers to the aggregation of multiple physical Fibre Channel ports into one logical port to provide high aggregated bandwidth, load balancing, and link redundancy. Up to 16 physical ports can be aggregated into a PortChannel. PortChannels can connect to ports across switching modules. The failure of a port in one switching module does not bring down the logical PortChannel link. Specifically, a PortChannel does the following:
Increases the aggregate bandwidth on an ISL or EISL by distributing traffic among all functional
links in the channel.
Load balances across multiple links and maintains optimum bandwidth utilization. Load balancing
is based on a source ID (SID), destination ID (DID), and optionally the originator exchange ID (OX ID) that identify the flow of the frame.
Provides high availability on an ISL. If one link fails, traffic previously carried on this link is
switched to the remaining links. If a link goes down in a PortChannel, the upper protocol is not aware of it. To the upper protocol, the link is still there, although the bandwidth is diminished. The routing tables are not affected by link failure. PortChannels can contain up to 16 physical links and can span multiple modules for added high availability.
IP Services
Switches in the Cisco MDS 9000 Family support the following IP services:
IP over Ethernet—These services are limited to management traffic.
IP over Fibre Channel (IPFC)—IPFC (RFC 2625) specifies how IP packets are transported using
encapsulation schemes. By encapsulating IP frames into Fibre Channel frames, management information is exchanged among switches without requiring a separate Ethernet connection to each switch. Each switch includes:
Encapsulation for IP and Address Resolution Protocol (ARP) over Fibre Channel.
Address resolution uses the ARP server.
IP routing services—These services include:
Ethernet or TCP/IP connection.
Static IP routing services to enable management traffic between VSANs.
DNS client support.
The Network Time Protocol (NTP) server synchronizes the system clocks of network devices.
Page 49
1-7
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Chapter 1 Product Overview
Software Features
IP Storage
The Cisco MDS 9000 Family IP services module integrates seamlessly into the Cisco MDS 9000 Family of Multilayer Directors and Fabric Switches. Traffic can be routed between any IP storage port and any other port on a Cisco MDS 9000 Family switch. The Cisco MDS 9000 Family IP Storage Services Module supports the full range of services available on other MDS 9000 Family Switching Modules including VSANs, security, and traffic management. It uses widely known IP to cost-effectively connect to more servers and more locations over greater distances than previously possible. It delivers both Fibre Channel over IP (FCIP) and iSCSI IP storage services and is configurable on a port-by-port basis.
FCIP highlights
Simplifies data protection and business continuance strategies by enabling backup, remote replication, and disaster recovery over WAN distances using open-standard FCIP tunneling.
Improves utilization of WAN resources for backup and replication by tunneling up to 3 virtual Inter Switch Links (ISLs) on a single Gigabit Ethernet port.
Reduces SAN complexity by eliminating the need to deploy and manage a separate remote connectivity platform.
Preserves Cisco MDS 9000 Family enhanced capabilities including VSANs, advanced traffic management, and security across remote connections.
iSCSI highlights
Extends the benefits of Fibre Channel SAN-based storage to IP-enabled servers at a lower cost point than possible using Fibre Channel interconnect alone.
Increases storage utilization and availability through consolidation of IP and Fibre Channel block storage.
Transparent operation preserves the functionality of legacy storage applications such as zoning tools.
Extending the Benefits of Fibre Channel SANs
Call Home
The Call Home feature detects switch failures and sends alerts along with relevant failure information. These alerts are sent through E-mail to a user-specified customer center.
QoS and Congestion Control
Switches in the Cisco MDS 9000 Family provide priority queuing and flow control services.
The Quality of service (QoS) feature has the following advantages:
Provides relative bandwidth guarantee to application traffic.
Controls latency experienced by application traffic.
Prioritizes one application over another (for example, prioritizing transactional traffic over bulk traffic) through bandwidth and latency differentiation.
Page 50
1-8
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Chapter 1 Product Overview
Software Features
Fibre Channel Congestion Control (FCC)--FCC is a flow control mechanism that alleviates
congestion on Fibre Channel networks. Any switch in the network can detect congestion for an output port. The switches sample frames from the congested queue and generate messages about the congestion level upstream toward the source of the congestion. The switch closest to the source, with FCC enabled, can perform one of two actions:
Forwards the frames as other vendor switches do.
Limits the flow of frames from the port causing the congestion.
SPAN and RSPAN
The switched port analyzer (SPAN) feature is specific to switches in the Cisco MDS 9000 Family. It monitors network traffic though a Fibre Channel interface. Traffic through any Fibre Channel interface can be replicated to a special port called the SPAN Destination port (SD port). Any Fibre Channel port in a switch can be configured as an SD port. Once an interface is in SD-port mode, it cannot be used for normal data traffic. You can attach a Fibre Channel Analyzer to the SD port to monitor SPAN traffic.
The Remote SPAN (RSPAN) feature enables you to remotely monitor traffic for one or more SPAN sources distributed in one or more source switches in a Fibre Channel fabric. The SPAN destination (SD) port is used for remote monitoring in a destination switch. A destination switch may be different from the source switch(es) provided that it is attached to the same Fibre Channel fabric. You can replicate and monitor traffic in any remote Cisco MDS 9000 Family switch or director, just as you would monitor traffic in a MDS source switch. This feature is nonintrusive and does not affect network traffic switching for any SPAN source ports.
Switch Management Features
Besides the software features already listed, there are additional management features that fall into the following categories: redundant supervisor module management, fabric management, and security management.
Redundant Supervisor Module Management
Series of multilayer directors support two redundant supervisor modules. They require two supervisor modules to enforce redundant supervisor module management and high availability and restartability.
Table 1-1 Redundant Supervisor Module Management
Product
No. of Supervisor Modules Slot Features
Cisco MDS 9216 One module (includes
16 Fibre Channel ports)
Slot 1 2-slot chassis allows one optional
switching module in the other slot.
Cisco MDS 9506 Two modules Slots 5 and 6 6-slot chassis allows any switching
module in the other four slots.
Cisco MDS 9509 Two modules Slots 5 and 6 9-slot chassis allows any switching
module in the other seven slots.
Cisco MDS 9120 Not applicable
Cisco MDS 8149 Not applicable
Page 51
1-9
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Chapter 1 Product Overview
Software Features
When a switch powers up and two supervisor modules are present, the module in slot 5 enters the active mode, while the second module in slot 6 enters the standby mode. All storage management functions occur on the active supervisor module. The standby module constantly monitors the active module. If the active module fails, the standby module takes over without any impact to user traffic.
See the Cisco MDS 9500 Series Hardware Installation Guide for additional information.
Fabric Management
Switches in the Cisco MDS 9000 Family offer fabric management and control through the command-line interface (CLI) by using Telnet, SSH, or a serial console and through the Cisco MDS 9000 Fabric Manager tool by using the Simple Network Management Protocol (SNMP) services:
SNMP versions 1, 2, and 3 are supported.
Remote Monitoring (RMON) allows you to specify thresholds and monitor alarms on SNMP
variables. Extended RMON alarms are available for supported Management Information Base (MIB) objects. See the Cisco MDS 9000 Family MIB Reference Guide for additional information.
System error message logs (syslogs) are viewed through a console or Telnet session for
asynchronous events such as an interface transition. Syslogs are directed to an internal log and optionally to an external server. See the Cisco MDS 9000 Family System Messages Guide for additional information.
Security Management
The Cisco MDS 9000 Family of switches offer strict and secure switch management options through switch access security, port security, user authentication, and role-based access.
Switch Access Security
Each switch can be accessed through the CLI or SNMP.
Secure switch access—Available when you explicitly enable Secure Shell (SSH) access to the
switch. SSH access provides additional controlled security by encrypting data, user IDs, and passwords. By default, Telnet access is enabled on each switch.
SNMP access—SNMPv3 provides built-in security for secure user authentication and data
encryption.
IP Access control lists (IP-ACLs)—Provide basic network security to all switches in the Cisco MDS
9000 Family. IP-ACLs restricts IP-related inband and out-of-band management traffic based on IP addresses (layer 3 and layer 4 information). You can use IP-ACLs to control transmissions on an interface.
Port Security
Port security features prevent unauthorized access to a switch port in the Cisco MDS 9000 Family.
Login requests from unauthorized Fibre Channel devices (Nx ports) and switches (xE ports) are
rejected.
All intrusion attempts are reported to the SAN administrator through syslog messages.
Page 52
1-10
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Chapter 1 Product Overview
Tools for Software Configuration
User Authentication
A strategy known as authentication, authorization, and accounting (AAA) is used to verify identity of, grant access to, and track the actions of remote users. The Remote Access Dial-In User Service (RADIUS) and Terminal Access Controller Access Control System Plus (TACACS+) provide AAA solutions.
Based on the user ID and password combination provided, switches perform local authentication using a local database or remote authentication using AAA server(s). A global, preshared, secret key authenticates communication between the AAA servers. This secret key can be configured for all AAA server groups or for only a specific AAA server. This kind of authentication provides a central configuration management capability.
Role-Based Access
Role-based access control assigns roles or groups (locally through the switch or remotely using AAA servers) to users and limits access to the switch. Access is assigned based on the permission level associated with each user ID. Your administrator can provide complete access to each user or restrict access to specific read and write levels for each command.
From Release 1.2(x), CLI and SNMP in all switches in the Cisco MDS 9000 Family synchronize CLI and SNMP roles. This database contains any role that is created using CLI or SNMP. You can use SNMP to modify a role that was created using CLI and vice versa. Each role in SNMP is the same as a role created or modified through the CLI.
Each role in the role database can be restricted to one or more VSANs as required.
Tools for Software Configuration
You can use one of two configuration management tools to configure your SANs: the CLI and the Cisco MDS 9000 Fabric Manager graphical user interface.
Figure 1-1 Tools for Configuring Software
CLI
With the CLI, you can type commands at the switch prompt, and the commands are executed when you press the Enter key. The CLI parser provides command help, command completion, and keyboard sequences that allow you to access previously executed commands from the buffer history.
Telnet
SSH
Serial
connection
CLI
Cisco Fabric Manager
(Device View, Fabric View, and
Summary View)
Cisco MDS 9000 Family
IP
network
SNMP version 1, 2, or 3
RADIUS server
Default
79524
Page 53
1-11
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Chapter 1 Product Overview
Tools for Software Configuration
Cisco MDS 9000 Fabric Manager
The Cisco Fabric Manager is a Java and SNMP-based network fabric and device management tool with a GUI that displays real-time views of your network fabric and installed devices. The Cisco Fabric Manager provides three views for managing your network fabric:
The Device View displays a continuously updated physical picture of device configuration and
health conditions for a single switch.
The Summary View presents real-time performance statistics all active ports and channels on a
single switch.
The Fabric View displays a view of your network fabric, including multiple switches.
The Cisco Fabric Manager provides an alternative to the CLI for most switch configuration commands. The Cisco Fabric Manager is embedded in each switch in the Cisco MDS 9000 Family.
Resource Manager Essentials (RME) versions 3.4 and 3.5 provide support for switches in the Cisco MDS 9000 Family. Patches are available on Cisco Connection Online (http://www.cisco.com/).
Page 54
1-12
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Chapter 1 Product Overview
Tools for Software Configuration
Page 55
CHA P TER
2-1
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
2
Getting Started with Cisco Fabric Manager
The Cisco Fabric Manager is a set of network management tools that supports Secure Simple Network Management Protocol version 3 (SNMPv3) and legacy versions. It provides a graphical user interface (GUI) that displays real-time views of your network fabric, and lets you manage the configuration of Cisco MDS 9000 Family devices and third-party switches. The Cisco Fabric Manager applications are:
Fabric Manager Server
Device Manager
Fabric Manager Client
Performance Manager
Fabric Manager Server is the server component of the Cisco Fabric Manager tool set, and must be started before running Fabric Manager. On a Windows PC, Fabric Manager Server is installed as a service. This service can then be administered using the Service Panel in the Control Panel.
The Fabric Manager displays a map of your network fabric, including Cisco MDS 9000 Family switches, third-party switches, hosts, and storage devices.
The Device Manager presents two views of a switch.
Device View displays a graphic representation of the switch configuration, and provides access to
statistics and configuration information for a single switch.
Summary View displays a summary of xEPorts (Inter-Switch Links), Fx Ports (fabric ports), and Nx
Ports (attached hosts and storage) on the switch, as well as FC and IP neighbor devices.
Performance Manager provides detailed traffic analysis by capturing data with SNMP. This data is compiled into various graphs and charts which can be viewed with any web browser.
The Cisco Fabric Manager applications are an alternative to the command-line interface (CLI) for most switch configuration commands. For information on using the CLI to configure a Cisco MDS 9000 Family switch, refer to the Cisco 9000 Family Configuration Guide or the Cisco 9000 Family Command Reference. To learn more about the general capabilities of Cisco Fabric Manager, refer to this document.
Page 56
2-2
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Chapter 2 Getting Started with Cisco Fabric Manager
Managing Cisco MDS 9000 Switches
This chapter contains the following topics:
Managing Cisco MDS 9000 Switches, page 2-2
Storage Management Solutions Architecture, page 2-3
In-Band Management and Out-of-Band Management, page 2-4
Installing the Applications, page 2-5
Launching the Applications, page 2-6
Using the Management Services Wizard, page 2-7
A Note on Ports, page 2-7
Managing Cisco MDS 9000 Switches
The Cisco MDS 9000 Family of switches can be accessed and configured in many different ways, and support standard management protocols. The different protocols that are supported in order to access, monitor, and configure the Cisco MDS 9000 Family of switches are described in the following table:
Table 2-1 Supported Management Protocols
Management Protocol Purpose
Telnet/SSH Provides remote access to the CLI for a Cisco
MDS 9000 switch.
FTP/SFTP/TFTP, SCP Copies configuration and software images
between devices.
SNMPv1, v2c, and v3 Includes over 70 distinct Management
Information Bases (MIBs). Cisco MDS 9000 Family switches support SNMP version 1, 2, and 3 and RMON V1 and V2. RMON provides advanced alarm and event management, including setting thresholds and sending notifications based on changes in device or network behavior.
By default, the Cisco Fabric Manager communicates with Cisco MDS 9000 Family switches using SNMPv3, which provides secure authentication using encrypted user names and passwords. SNMPv3 also provides the option to encrypt all management traffic.
HTTP HTTP is only used for the distribution and
installation of the Cisco Fabric Manager software. It is not used for communication between the Cisco Fabric Manager and Cisco MDS 9000 Family switches.
Page 57
2-3
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Chapter 2 Getting Started with Cisco Fabric Manager
Storage Management Solutions Architecture
Storage Management Solutions Architecture
Management services required for the storage environment can be divided into five “layers,” with the bottom layer being closest to the physical storage network equipment, and the top layer managing the interface between applications and storage resources.
Of these five layers of storage network management, Cisco Fabric Manager provides tools for device (element) management and fabric management. In general, the Device Manager is most useful for device management (a single switch), while Fabric Manager is more efficient for performing fabric management operations involving multiple switches.
Tools for “upper-layer” management tasks can be provided by Cisco or by third-party storage and network management applications. The following summarizes the goals and function of each layer of storage network management:
Device management provides tools to configure and manage a device within a system or a fabric.
You use device management tools to perform tasks on one device at a time, such as initial device configuration, setting and monitoring thresholds, and managing device system images or firmware.
Fabric management provides a system-oriented view of a fabric and its devices. Fabric management
applications provide fabric discovery, fabric monitoring, reporting, and fabric configuration.
Resource management provides tools for managing resources such as fabric bandwidth, connected
paths, disks, I/O operations per second (IOPS), CPU, and memory. You can use Fabric Manager to perform some of these tasks.
ANSI T11 FC-GS3 Fibre Channel-Generic Services (FC-GS)3 in the
definition of the management servers defines the Fabric Configuration Server (FCS), which is a standard mechanism to collect information about platforms (end devices) and interconnecting elements (switches) building the fabric.
The Cisco MDS 9000 uses the information provided by FCS on top of the information contained in the Name Server database and in the Fibre Channel Shortest Path First (FSPF) topology database to build a detailed topology view, and collect information for all the devices building the fabric.
XML/CIM CIM server support for designing storage area
network management applications to run on Cisco MDS SAN-OS.
Table 2-1 Supported Management Protocols (continued)
Management Protocol Purpose
Page 58
2-4
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Chapter 2 Getting Started with Cisco Fabric Manager
In-Band Management and Out-of-Band Management
Data management provides tools for ensuring the integrity, availability, and performance of data.
Data management services include redundant array of independent disks (RAID) schemes, data replication practices, backup or recovery requirements, and data migration. Data management capabilities are provided by third-party tools.
Application management provides tools for managing the overall system consisting of devices,
fabric, resources, and data from the application. Application management integrates all these components with the applications that use the storage network. Application management capabilities are provided by third-party tools.
In-Band Management and Out-of-Band Management
Cisco Fabric Manager requires an out-of-band (Ethernet) connection to at least one Cisco MDS 9000 Family switch. You need either mgmt0 or IP over Fibre Channel (IPFC) to manage the fabric.
MGMT0
The interface referred to as the out-of-band management connection is a 10/100 Mbps Ethernet interface on the supervisor module, labeled mgmt0. The mgmt0 interface can be connected to a management network to access the switch through IP over Ethernet. You must connect to at least one Cisco MDS 9000 Family switch in the fabric, through its Ethernet management port. You can then use this connection to manage the other switches using in-band (Fibre Channel) connectivity. Otherwise, you need to connect the mgmt0 port on each switch to your Ethernet network.
Each supervisor module has its own Ethernet connection; however, the two Ethernet connections in a redundant supervisor system operate in active or standby mode. The active supervisor module also hosts the active mgmt0 connection. When a failover event occurs to the standby supervisor module, the IP address and media access control (MAC) address of the active Ethernet connection are moved to the standby Ethernet connection.
IPFC
You can also manage switches on a Fibre Channel network using an in-band IP connection. The Cisco MDS 9000 Family supports RFC 2625 IP over Fibre Channel, which defines an encapsulation method to transport IP over a Fibre Channel network.
IPFC encapsulates IP packets into Fibre Channel frames so that management information can cross the Fibre Channel network without requiring a dedicated Ethernet connection to each switch. IP addresses are resolved to the Fibre Channel address through Address Resolution Protocol (ARP). This feature allows you to build a completely in-band management solution.
Page 59
2-5
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Chapter 2 Getting Started with Cisco Fabric Manager
Installing the Applications
Installing the Applications
Before you can access the Cisco Fabric Manager, you must complete the following tasks:
A supervisor module must be installed on each switch that you want to manage.
The supervisor module must be configured with the following values using the setup routine or the
CLI:
IP address assigned to the mgmt0 interface
SNMP Credentials (v1/v2 communities, or v3 user name and password), maintaining the same password for all the switches in the fabric. Must be on each PC.
The Cisco Fabric Manager software executables reside on each supervisor module of each Cisco MDS 9000 Family switch in your network. The supervisor module provides an HTTP server that responds to browser requests and distributes the software to Windows or UNIX network management stations.
To install the software for the first time, or if you want to update or reinstall the software, access the supervisor module with a web browser. When you click the Install buttons on the web page that appears, the software running on your workstation is verified to make sure you are running the most current version of the software. If it is not current, the most recent version is downloaded and installed on your workstation.
New installation options include:
Upgrade/Downgrade—The installer detects your current version of Fabric Manager and Device
Manager, and provides the option to upgrade or downgrade. The default is to upgrade to the latest version of Fabric Manager or Device Manager.
Autoupgrade—If you always want to run the latest version of Fabric Manager and Device Manager,
select “Always autoupgrade, don’t ask me again.” Subsequent upgrades will happen automatically, without prompting.
Uninstall—Before upgrading or uninstalling Fabric Manager or Device Manager, make sure any
instances of these applications have been shut down. Use the Uninstall batch file or shell script to uninstall. Do not delete the .cisco_mds9000 folder as this might make your installation unsafe for upgrades.
To download and install the software on your workstation, follow these steps:
Step 1 Enter the IP address or host name of the supervisor module in the Address or Location field of your
browser.
When you connect to the server for the first time, it checks to see if you have the correct Sun Java Virtual Machine version installed on your workstation. If not, a link is provided to the appropriate web page on Sun Microsystem’s website so you can install it.
The supervisor module HTTP server displays the window.
Step 2 Click the link to the Sun Java Virtual Machine software (if required) and install the software.
Using the instructions provided by the Sun Microsystems website to reconnect to the supervisor module by reentering the IP address or host name in the Location or Address field of your browser.
Note The recommended version of Java is 1.4.2, although 1.4 and above is supported. To change the
JRE version, start Java Web Start and set the Java preferences.
Page 60
2-6
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Chapter 2 Getting Started with Cisco Fabric Manager
Launching the Applications
Step 3 Click on any installation link (Fabric Manager or Device Manager).
You see a prompt asking for permission to install the applications on your workstation.
Clicking on a link first runs an installer, which detects the installed version of the software, prompts for upgrades/downgrades and other options if applicable, and runs the application you selected.
All software is installed in a folder called “.cisco_mds9000”. On a Windows machine, the pathname is %HOME%\.cisco_mds9000. On a UNIX machine, the pathname is $HOME/.cisco_mds9000.
On a Windows machine, a Cisco MDS program group is created under Start > Programs. This program group contains shortcuts to batch files in the install directory. On a Solaris or Linux machine, shell scripts are created in the install directory.
Note Fabric Manager cannot run without the server component, Fabric Manager Server. Fabric
Manager Server is downloaded and installed when you download and install Fabric Manager or Device Manager. On a Windows machine you install the FMServer as a service. This service can then be administered using the Service Panel in the Control Panel. The default setting for the FMServer service is that the server is automatically started when the machine is rebooted. You can change this behavior by modifying the properties in the Service panel.
Launching the Applications
To launch the Fabric Manager Server, Fabric Manager Client (Fabric View) or Device Manager (Device View and Summary View), follow these steps:
Step 1 Double-click the Fabric Manager icon or the Device Manager icon on your desktop or select the option
from the Windows Start menu.
If you double-click on Fabric Manager, the Fabric Manager Server will load (a command line window will appear briefly).
A login screen for Fabric Manager or Device Manager appears.
Step 2 Enter the IP address or device name in the Device Name(s) field, or select an IP address from the list of
previously accessed devices, accessible through the Device Name(s) drop-down list.
Step 3 Check the SNMPv3 check box to select SNMP version 3.
Note The default authentication digest used for storing user names and passwords is MD5. In case you
selected SHA instead, the relative check box in the Fabric Manager initial login screen should be checked.
Step 4 Enter a user name and password.
Page 61
2-7
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Chapter 2 Getting Started with Cisco Fabric Manager
Using the Management Services Wizard
Step 5 If the SNMPv3 Privacy option is enabled, enter the Privacy Password used for encrypting management
traffic
The Privacy option causes all management traffic to be encrypted while, with SNMPv3, user names and passwords are always encrypted.
Step 6 Click Open.
You see either the Fabric Manager or the Device Manager.
Using the Management Services Wizard
The Management Services Wizard enables you to quickly create and apply initial configuration CLI scripts for the MDS 9000 family. You can run the Management Services Wizard by accessing the switch’s supervisor module with a web browser.
To create a configuration script, step sequentially through all the configuration steps by filling in the required fields on each page, and clicking the Next button. You can also selectively configure features by clicking on their category titles in the left frame (e.g., Call Home).
Note When creating configuration scripts this way, you cannot go to any panel with failures in the validation
of fields. Use the Enable check box on each panel to enable validation and script generation for that panel. The exception to this is that a Role can only be created if a user is created at the same time.
If you want to change information on a previous page, use the Back button. You can also view and change information you have entered at any time by clicking on the Review category title.
To edit an existing script file, you must open the script file with a text editor, select it, and copy it. In the Management Services Wizard, click on Review under the Script item in the menu tree. Then, paste the script into the text area of the script dialog.
A Note on Ports
For PCs running Fabric Manager Server, Fabric Manager Client, Device Manager, and Performance Manager, certain ports need to be available.
Fabric Manager Client and Device manager use the first available UDP port for receiving SNMP responses. The UDP SNMP Trap local ports are (FM=1162, DM=1163 or 1164). Fabric Manager Client also opens TCP RMI port (9099). If Device Manager is opened from Fabric Manager Client, it listens on the first available UDP port for Fabric Manager requests.
Fabric Manager Server requires two predictable TCP ports to be opened on the firewall for an incoming connection:
java.rmi.registry.port = 9099
java.rmi.server.remoteObjectPort = 9199
As long as these two ports are opened, the Fabric Manager client is able to connect to the server. There may be other TCP ports connected to a Fabric Manager client, but they are initiated by server, which is behind the firewall.
Page 62
2-8
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Chapter 2 Getting Started with Cisco Fabric Manager
A Note on Ports
Page 63
CHA P TER
3-1
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
3
Overview of Fabric Manager
This chapter contains descriptions of, and instructions for using, the Cisco MDS 9000 Fabric Manager.
This chapter contains the following topics:
Launching Cisco Fabric Manager, page 3-1
Using Fabric Manager, page 3-2
Discovering and Viewing the Network Fabric, page 3-7
Controlling Administrator Access with Users and Roles, page 3-7
Modifying Device Grouping, page 3-7
Setting Fabric Manager Preferences, page 3-8
Viewing Reports in Fabric Manager, page 3-9
Using Device Manager, page 3-10
Using Performance Manager, page 3-14
Configuring PM for Use with Cisco Traffic Analyzer, page 3-16
Stopping Data Collection, page 3-19
Exporting Data Collection to XML Files, page 3-19
Removing Data Collection Files from the List, page 3-19
Launching Cisco Fabric Manager
When you click on the Fabric Manager icon, the dialog box allows you to enter the IP address of a computer running the FMServer component. If the server component is running on your local machine, leave “localhost” in that field. If you try to run Fabric Manager without specifying a valid server, you are prompted to start the FMServer.
On a Windows PC, you install the FMServer as a service. This service can then be administered using the Service Panel in the Control Panel. The default setting for the FMServer service is that the server is automatically started when the machine is rebooted. You can change this behavior by modifying the properties in the Service panel.
Note If your computer has multiple interface cards (NICs), choose a local interface that can reach Fibre
Channel network on clients and on the server.
Page 64
3-2
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Chapter 3 Overview of Fabric Manager
Using Fabric Manager
Using Fabric Manager
The Fabric Manager displays a view of your network fabric, including Cisco MDS 9000 and third-party switches and end devices. To launch the Fabric Manager from your desktop, double-click the Fabric Manager icon and follow the instructions described in the “Launching the Applications” section on
page 2-6. The figure below shows the Fabric Manager main window.
Note Changes made using Fabric Manager are applied to the running configuration of the switches you are
managing and the changes may not be saved when the switch restarts. After you make a change to the configuration or perform an operation (such as activating zones), Fabric Manager prompts you to save your changes before you exit.
Figure 3-1 Fabric Manager Main Window
The menu bar at the top of the Fabric Manager window provides access to options, that are organized by menus (see Number 1, Figure 3-1). The toolbar provides icons that duplicate the most commonly used options on the File, Tools, and Help menus (see Number 2, Figure 3-1).
Page 65
3-3
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Chapter 3 Overview of Fabric Manager
Using Fabric Manager
The main window has a menu bar, toolbar, message bar, status bar, and three panes:
Logical/Physical pane—Displays a tree of configured VSANs and zones on the Logical tab and a
menu tree of available configuration tasks on the Physical tab (see Number 6, Figure 3-1).
Information pane—Displays information about whatever option is selected in the menu tree (see
Number 4, Figure 3-1).
Map pane—Displays a map of the network fabric, including switches, hosts, and storage. It also
provides tabs for displaying log and event data (see Number 3, Figure 3-1).
You can resize each pane by dragging the boundaries between each region or by clicking the Minimize or Maximize controls.
Menu Bar, Toolbars, and Status Bar
The menu bar at the top of the Fabric Manager main window provides options for managing and troubleshooting the current fabric and for controlling the display of information on the Map pane. The menu bar provides the following menus:
File—Open a new fabric, rediscover the current fabric, locate switches, set preferences, print the
map, and export the Map pane log.
View—Change the appearance of the map (these options are duplicated on the Map pane toolbar).
Zone—Manage zones, zone sets, and Inter-VSAN Routing (IVR).
Tools—Verify and troubleshoot connectivity and configuration, as described in the “Analyzing
Switch Fabric Configuration” section.
Performance—Run and configure Performance Manager and Cisco Traffic Analyzer, and generate
reports.
Server—Run administrative tasks on clients and fabrics.
Help—Display online help topics for specific dialog boxes in the Information pane.
The Fabric Manager main toolbar provides buttons for accessing the most commonly used menu bar options. The Map pane toolbar provides buttons for managing the appearance of the map. The Information pane toolbar provides buttons for editing and managing the Information pane.
The status bar shows the last entry displayed by the discovery process, and the possible error message on the right side. It displays a dialog stating that something has changed in the fabric and a new discovery is needed. The status bar shows both short-term, transient messages (such as the number of rows displayed in the table), and long-term discovery issues.
Logical/Physical Pane
Use the Logical tab on the Logical/Physical pane to manage virtual SAN attributes (e.g., zones) in the currently discovered fabric.
To manage zones, right-click one of the folders in the VSAN tree and click Edit Local Zone Database from the pop-up menu. You see the Edit Local Zone Database dialog box.
Use the Physical tab on the Logical/Physical pane to display a menu tree of the options available for managing the switches in the currently discovered fabric.
To select an option, click a folder to display the options available and then click the option. You see the dialog box for the selected option in the Information pane.
Page 66
3-4
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Chapter 3 Overview of Fabric Manager
Using Fabric Manager
The Physical tree provides the following main folders:
Switches—View and configure hardware, system, licensing, and configuration files.
Interfaces—View and configure FC Physical, FC Logical, Ethernet, SVC, and Port Channels
interfaces.
FC—View and configure Fibre Channel network configurations.
IP—View and configure IP storage and IP services.
Events—View and configure events, alarms, thresholds, notifications, and informs.
Security—View and configure MDS management and FC-SP security.
Connectivity—View and configure ISLs, Hosts, and Storage components.
Information Pane
The Information pane displays tables or other information associated with the option selected from the menu tree. The Information pane toolbar provides buttons for performing one or more of the following operations:
Apply Change— Apply configuration changes.
Refresh Value— Refresh table values.
Copy (Ctrl-C)—Copy data from one row to another.
Paste (Ctrl-V)—Paste the data from one row to another.
Undo Changes (Ctrl-Z) —Undo the most recent change.
Export—Export and save information to a file.
Print Table—Print the contents of the Information pane.
Note After making changes you must save the configuration or the changes will be lost when the device is
restarted.
Note The buttons that appear on the toolbar vary according to the option you select. They are activated or
deactivated (grayed) according to the field or other object that you select in the Information pane.
Map Pane
The Map pane shows the graphical representation of your fabric.Table 3-1 explains the graphics you may see displayed, depending on which devices you have in your fabric.
Page 67
3-5
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Chapter 3 Overview of Fabric Manager
Using Fabric Manager
Table 3-1 Fabric Manager Graphics
Icon or Graphic Description
Director Class MDS 9000
Non-director Class MDS 9000
Generic FC Switch
Cisco SN5428
A line through a device indicates that the device is not manageable
An “X” through a device or link indicates that the device is down or that the connection is down
FC HBA (or enclosure)
FC Target (or enclosure)
iSCSI Host
Fibre Channel ISL and Edge connection
Fibre Channel Port Channel
IP ISL and Edge connection
IP Port Channel
FC Loop (Storage)
iSAN
Page 68
3-6
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Chapter 3 Overview of Fabric Manager
Using Fabric Manager
There are three tabs on the bottom of the Map pane:
Map—Displays a graphical view of the network fabric with switches, hosts, and storage subsystems.
Log—Displays messages that describe Fabric Manager operations, such as fabric discovery.
Events—Displays information about the SNMP traps received by the management station.
When viewing large fabrics in the Map pane, it is helpful to:
Turn off end device labels
Collapse loops
Collapse expanded multiple links (collapsed multiple links are shown as very thick single lines)
Dim or hide portions of your fabric by VSAN
When you right-click an icon, you see a pop-up menu with options that vary depending on the type of icon selected. The various options available for different objects include the following:
Open an instance of Device Manager for the selected switch.
Open a CLI session for the selected switch.
Copy the display name of the selected object.
Execute a ping or traceroute command for the device.
Show or hide end devices.
View attributes
Quiesce and Disable Members for PortChannels
Set the trunking mode for an ISL.
Create or add to a PortChannel for selected ISLs.
The Map pane has its own toolbar with options for saving, printing, and changing the appearance of the map. When you right-click on the map, a pop-up menu appears that provides options (duplicated on the toolbar) for changing the appearance of the map.
Note When a VSAN, zone, or zone member is selected in the VSAN tree, the map highlighting changes to
identify the selected objects. To remove this highlighting, click the Clear Highlight button on the Map pane toolbar or choose Clear Highlight from the pop-up menu.
IP Cloud (Hosts)
Any device, cloud, or loop with a box around it means that there are hidden links attached
Table 3-1 Fabric Manager Graphics (continued)
Icon or Graphic Description
Page 69
3-7
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Chapter 3 Overview of Fabric Manager
Discovering and Viewing the Network Fabric
Discovering and Viewing the Network Fabric
Cisco Fabric Manager collects information on the fabric topology through SNMP queries to the switches connected to Fabric Manager. The switch replies after having discovered all devices connected to the fabric by using the information coming from its FSPF technology database and the Name Server database, and collected using the Fabric Configuration Server’s request/response mechanisms defined by the FC-GS3/4 standard. When you start the Fabric Manager, you enter the IP address (or host name) of a “seed” switch for discovery.
After you start Fabric Manager and discovery completes, Fabric Manager presents you with a view of your network fabric, including all discovered switches, hosts, and storage devices.
Controlling Administrator Access with Users and Roles
Cisco MDS 9000 Family switches support role-based management access whether using the CLI or the Cisco Fabric Manager. This lets you assign specific management privileges to particular roles and then assign one or more users to each role.
Cisco Fabric Manager uses SNMPv3 to establish role-based management access. After completing the setup routine, a single role, user name, and password are established. The role assigned to this user allows the highest level of privileges, which includes creating new users and roles. Use the Cisco Fabric Manager to create roles and users, and to assign passwords as required for secure management access in your network.
Modifying Device Grouping
Because of not all the devices are capable of responding to FC-GS3 requests, different ports of a single server or storage subsystem may be displayed as individual end devices on the Fabric Manager map.
To group end devices in a single enclosure in order to have them represented by a single icon on the map, follow these steps:
Step 1 Select Storage or Hosts from the Fabric Manager’s Physical tree in the Navigation pane.
The end devices appear in the Information pane.
Step 2 Click on the Name field for one of the devices you want to be in the enclosure.
Step 3 Enter a name to identify the new enclosure’s icon on the Fabric Manager Map pane.
Step 4 Click once on the Name field for that device. To select more than one Name, hold down the Shift key
and click each of the other Names.
Step 5 Press Ctrl-C to copy the selected Name(s).
Step 6 Press Ctrl-V to paste the name into the Name field for that device.
Note To remove devices from an enclosure, triple click on the name of the device and press Delete.
To remove an enclosure, repeat this step for each device in the enclosure.
Page 70
3-8
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Chapter 3 Overview of Fabric Manager
Setting Fabric Manager Preferences
Setting Fabric Manager Preferences
To set your preferences for the behavior of the Fabric Manager, choose File > Preferences from the Fabric Manager menu bar. The Preferences dialog box appears.
This dialog box has the following tabs, which let you set your preferences for different components of the application:
General
Discovery
Map
The default General preferences for Fabric Manager are:
Show Switch Name by IP—This displays the IP addresses of the switches in the Map pane, rather
than the DNS or Logical Name.
Show WWN Vendor by Prepend Name—The other options are to show the vendor by replacing
vendor bytes, or not to show it at all.
Append Enclosures to End Device Names—The default setting for this value is OFF.
Show Shortened iSCSI Names—The default setting for this value is OFF.
Show Timestamps as Date/Time—The default setting for this value is ON.
Use Secure Shell instead of Telnet—The default setting for this value is OFF. When set to ON, you
must enter a path for your secure shell client.
Confirm Deletions—The default setting for this value is ON.
Export Tables with Tab-Delimited Format—The other option is to export with XML format.
The default SNMP preferences for Fabric Manager are:
Retry request 1 time(s) after 5 sec timeout—You can set the retry value to 0-5, and the timeout
value to 3-30.
Trace SNMP packets in Log—The default setting for this value is OFF.
Enable Audible Alert when Event Received—The default setting for this value is OFF.
Discover LUN by Host OS—The default setting for this value is All. The other options are
Windows, AIX, Solaris, Linux, and HPUX
The default Map preferences for Fabric Manager are:
Display Unselected VSAN Members—This displays the unselected VSAN members in the Map
pane. The default setting for this value is ON.
Display End Devices—This displays the fabric’s end devices in the Map pane. The default setting
for this value is ON.
Display End Device Labels—This displays the fabric’s end device labels in the Map pane. The
default setting for this value is ON.
Expand Loops—This displays the loops in the fabric as individual connections in the Map pane.
The default setting for this value is OFF.
Expand Multiple Links—This displays multiple links in the Map pane as separate lines rather than
as one thick line. The default setting for this value is ON.
Open New Device Manager Each Time—This opens a new instance of Device Manager each time
you invoke it from a switch in your fabric. The default value is OFF, which means only one instance of Device Manager will be open at a time.
Page 71
3-9
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Chapter 3 Overview of Fabric Manager
Viewing Reports in Fabric Manager
Layout New Devices Automatically—This automatically places new devices in the Map pane in an
optimal configuration. The default setting for this value is OFF. In this mode, when you add a new device, you must manually reposition it if the initial position does not suit your needs.
Use Quick Layout when Switch has >=30 End Devices—The default setting for this value is 30.
You can enter any number in this field. Enter 0 to disable Quick Layout.
Override Preferences for Non-default Layout—The default setting for this value is ON.
Automatically Save Layout—When this option is enabled, any changes in layout are automatically
saved. The default setting for this value is ON.
Viewing Reports in Fabric Manager
The Fabric Manager provides a series of reports, showing various information in tabular form. When you select one of these options, you see the available information in tabular form in the Information pane of the Fabric Manager main window. The table below describes the reports provided by each option.
Table 3-2 Fabric Manager Reports
Reports Description
ISL Statistics Click on Connectivity > ISLs > Statistics in the
Physical tab of the Fabric Manager Logical/Physical pane to display information about the Inter-Switch Links in the currently discovered fabric. You can use the controls at the top of the table to change the Poll Interval and Scale parameters.
ISL Choose Connectivity > ISLs in the Physical tab of
the Fabric Manager Logical/Physical pane to display information about the Inter-Switch links in the currently discovered fabric.
Switches Choose Switches in the Physical tab of the Fabric
Manager Logical/Physical pane to display information about the switches in the currently discovered fabric.
Hosts Choose Connectivity > Hosts in the Physical tab
of the Fabric Manager Logical/Physical pane to display information about the hosts in the currently discovered fabric.
Storage Choose Connectivity > Storage in the Physical
tab of the Fabric Manager Logical/Physical pane to display information about the links to hosts and storage in the currently discovered fabric.
LUNs Choose Connectivity > Storage > LUNs in the
Physical tab of the Fabric Manager Logical/Physical pane to display information about the LUNs in the currently discovered fabric.
Page 72
3-10
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Chapter 3 Overview of Fabric Manager
Using Device Manager
Using Device Manager
Device Manager provides a physical representation of your switch chassis, with the modules, ports, power supplies, and fan assemblies. The menu bar at the top of the Device Manager window provides access to options, organized into menus that correspond to the menu tree in Fabric Manager.
The legend at the bottom right of the Device Manager indicates port status, as follows:
Green—The port is up.
Brown—The port is administratively down.
Red—The port is down or has failed.
Gray—The port is unreachable.
Launching Device Manager from Fabric Manager
Device Manager gives a graphic representation of a Cisco MDS 9000 Family switch, including the installed switching modules, the supervisor modules, the power supplies, and the status of each port within each module.
To launch the Device Manager from your desktop, double-click the Device Manager icon and follow the instructions described in the “Launching the Applications” section.
To launch Device Manager from Fabric Manager, right-click the switch you want to manage on the Fabric Manager map and click Device Manager from the pop-up menu that appears. The Device Manager main window is shown below.
Device Manager can also be started by double-clicking on a switch in the Fabric Manager topology view, or by selecting a switch in the Fabric Manager Map page and choosing the Device Manager option from the Tools menu.
Page 73
3-11
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Chapter 3 Overview of Fabric Manager
Using Device Manager
Figure 3-2 Device Manager, Device Tab
Using Summary View
Click the Summary tab on the Device Manager main window to see a summary of enabled interfaces on a single switch, as well as FC and IP neighbor devices. All logical interfaces are shown in a dropdown list at the top of the Summary view.
The Summary View displays attributes for a single switch, such as port speed, link utilization, and other traffic statistics. It has the same menu bar and toolbar buttons as the Device View.
To monitor traffic for selected objects, click the Monitor icon. To display detailed statistics for selected objects, click the Detailed Statistics icon.
The Summary View provides the same menus and options that are available from the Device View.
Note You can access the field descriptions for the windows or dialog boxes in this procedure in the Reference
section of the Device Manager help system.
Page 74
3-12
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Chapter 3 Overview of Fabric Manager
Using Device Manager
Comparing Device Manager to Fabric Manager
The menu bar at the top of the Device Manager contains the same menus as the Fabric Manager menu tree.
For information about the options provided by these menus, see the “Logical/Physical Pane” section on
page 3-3. The Device menu provides the following options:
Open—Open the Device Manager for a different switch.
Open Last—Open the Device Manager for the most recently managed switch.
Preferences—Set management preferences for controlling the behavior and appearance of the
Device Manager.
Refresh—Update the current display.
Command Line Interface—Open a Telnet/SSH session with the current switch.
Exit—Close the Device Manager application.
The tables in the Fabric Manager roughly correspond to the dialog boxes that appear in Device Manager. However, the Fabric Manager tables show values for multiple switches and so the first column identifies the specific switch. The Device Manager dialog box shows values for a single switch, while the Fabric Manager shows the same values for one or more switches.
The toolbar on the Device Manager dialog box provides the same options as the toolbar on the Information pane in Fabric Manager, as summarized here:
Create—Insert a new row into a table (if applicable).
Delete Row—Delete the selected row from a table (if applicable).
Copy (Ctrl-C)—Copy data from one row to another.
Paste (Ctrl-V)—Paste the data from one row to another.
Apply Changes—Apply configuration changes. (Note: After making changes you must save the
configuration. Otherwise, the changes will be lost when the device is restarted.)
Refresh Values—Refresh table values.
Reset Changes (Ctrl-Z)—Undo the most recent change.
Print table—Print the contents of the Information pane.
Tip You can copy values from one cell in a table to the rest of the column. Copy the value to the clipboard,
hold down the shift key while pressing the down arrow key (or click on the bottom cell in the column). Then paste the value to all the selected cells and click Apply.
When you click the Create button, you see a dialog box that lets you enter the values required for the specific table. As you can see the fields and options are the same from both views, but the appearance of the window may vary slightly. For instance, the dialog box from Fabric Manager may have an option for selecting a specific switch, while the dialog box from Device Manager may have additional port-level detail.
Page 75
3-13
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Chapter 3 Overview of Fabric Manager
Using Device Manager
Performing Device Management
Most tasks that you can perform with Device Manager can also be performed for multiple switches using the Fabric Manager. However, Device Manager may be more convenient to use when you are working with a single switch. Also, the Device Manager provides more detailed information for verifying or troubleshooting device-specific configuration than what is available from the Fabric Manager.
The Device View provides a graphic representation of a Cisco MDS 9000 switch, including the installed switching modules, services modules, supervisor modules, and the status of each port within each module. You can use the Device View to perform any switch-level configuration tasks including the following:
Manage ports, Port Channels, and trunking
Manage SNMPv3 security access to switches
Manage CLI security access to switches
Manage alarms, events, and notifications
Save and copy configuration files and software images
View hardware configuration
View chassis, module, and port status and statistics
Summary View provides a way of monitoring all of the ports on the switch, categorized by operative modes (Fx-Ports and E-Ports).
When you click the Summary tab on the Device Manager window, you see the Summary View, which provides summary information about the interfaces on a single switch.
Managing Ports
Tip You can select multiple ports in Device Manager and apply options to all the selected ports at one time.
Either select the ports by clicking the mouse and dragging it around them, or hold down the Control key and click on each port.
To enable or disable a port, right-click the port and click Enable or Disable from the pop-up menu. To enable or disable multiple ports, drag the mouse to select the ports and then right-click the selected ports. Then click Enable or Disable from the pop-up menu.
To manage trunking on one or more ports, right-click the ports and click Configure. On the dialog box that appears, in the Trunk column, right-click the current value and click nonTrunk, trunk, or auto from the pull-down list.
To create PortChannels using Device Manager, click PortChannels from the Interface menu. For detailed instructions, see the“About PortChanneling and Trunking” section on page 14-3. You can also use Fabric Manager to conveniently create a PortChannel.
Note To create a PortChannel, all the ports on both ends of the link must have the same port speed, trunking
type, and administrative state.
Page 76
3-14
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Chapter 3 Overview of Fabric Manager
Using Performance Manager
Setting Device Manager Preferences
From the Device menu, choose Preferences to set your preferences for the behavior of the Device Manager application.
Note You can access the field descriptions for the windows or dialog boxes in this procedure in the Reference
section of the Device Manager help system.
Using Performance Manager
Performance Manager monitors network device statistics historically, and provide this information graphically using a web browser. It presents recent statistics in detail and older statistics in summary. Performance Manager also integrates with external tools, such as Cisco Traffic Analyzer.
Performance Manager Architecture
The Performance Manager has three parts:
Definition—Use a configuration wizard to create a configuration file
Collection—Performance Manager reads the configuration file and collects the desired information
Presentation—Performance Manager generates web pages to present the collected data Performance
Manager can collect a variety of data, about these fabric components: ISLs, host ports, storage ports, route flows, and site-specific statistical collection areas.
Creating a PM Configuration File
Performance Manager has a Configuration File Wizard, which steps you through the process of creating configuration files.
To create a configuration file, perform the following steps:
Step 1 Choose Performance > Create Collection in Fabric Manage to launch the wizard.
Step 2 Select the VSANs from which you want to collect data.
Step 3 Check the types of SAN objects for which you want to collect data.
Step 4 If you want to ignore flows with Zero counter values, check that check box.
Step 5 If you are using Cisco Traffic Analyzer, enter the URL where it is located on your network.
Step 6 Click Next to review the collected data.
Page 77
3-15
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Chapter 3 Overview of Fabric Manager
Using Performance Manager
Step 7 Enter the name of the file (the default is the switch’s IP address with a .XML suffix).
Step 8 Select the definitions that you wish to remove, then click Finish to create the configuration file.
Note The FV Interface mentioned at the bottom of the second screen of this wizard is the Veritas
virtualization interface. It is documented in the Veritas documentation.
Collecting the Data
One year’s worth of data for two variables (Rx and Tx Bytes) requires an rrd file size of 76K. The default internal values are:
600 samples of 5 minutes (2 days and 2 hours)
700 samples of 30 minutes (2 days and 2 hours, plus 12.5 days)
775 samples of 2 hours (above + 50 days)
300 samples of 1 day (above + 300 days, rounded up to 365)
A 1000-port SAN requires 76MB for a year’s worth of historical data. If there were 20 switches in this SAN with equal distribution of fabric ports, about 2-3 SNMP packets per switch would be sent every 5 minutes for a total of about 100 total request/response SNMP packets required to monitor the data.
Flows, because of their variable counter requests, are more difficult to predict. But as a rule of thumb, each extra variable adds another 38K.
The Performance Manager collector is designed to run as a background process on the various supported OSs. On Microsoft Windows, it runs as a service.
Presenting the Collected Data
The Summary page presents the top 10 Hosts, ISLs, Storage, and Flows by average throughput for the last 24 hour period. This period changes on every polling interval ñ this is unlikely to change the average significantly, but it could affect the maximum value. The intention is to provide a quick summary of the fabric’s bandwidth consumption and highlight any hotspots.
Clicking on any Host, Storage, ISL, or Flow title will provide a view of traffic over the past day for
all Hosts, Storage, ISLs, or Flows respectively.
Clicking on a host port from the summary page will provide you with a similar detail page. If flows
exist for that port, you could see which storage ports it was sending data to.
Clicking on the ISLs link from the summary page will list the daily traffic charts for all monitored
ISLs in the fabric.
Page 78
3-16
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Chapter 3 Overview of Fabric Manager
Configuring PM for Use with Cisco Traffic Analyzer
Exporting and Importing Data
You can export an rrd file to XML with the command:
pm xport <rrdFile> <xmlFile>
This will produce an XML format that rrdtool is capable of reading with the command:
rrdtool restore filename.xml filename.rrd
You can import an XML with the command:
pm restore <xmlFile> <rrdFile>
This will read the XML export format that rrdtool is capable of writing with the command:
rrdtool xport filename.xml filename.rrd
Integration with Cisco Traffic Analyzer
SNMP and Performance Manager can only provide a top-level view of what data the fabric is carrying. The Cisco MDS 9000 switch has no LUN-level flow counters, and cannot count SCSI commands. In order to view this detailed information, it is necessary to look at the data on a SPAN destination port with the help of the Cisco Traffic Analyzer, which uses the Cisco Port Adapter Analyzer.
Cisco Traffic Analyzer must be downloaded and installed separately.
Caution The Cisco Traffic Analyzer for Fibre Channel throughput values are not accurate when used with the
original Cisco Port Adapter Analyzer if data truncation is enabled. The A version of the Cisco Port Adapter Analyzer is required to achieve accurate results with truncation, because it adds a count that enables the Cisco Traffic Analyzer to determine how many data bytes were actually transferred.
Configuring PM for Use with Cisco Traffic Analyzer
Performance Manager works in conjunction with the Cisco Traffic Analyzer to allow you to monitor and manager the traffic on your fabric. The figure below is a graphic representation of how Performance Manager works with the Cisco Traffic Analyzer to monitor traffic on your fabric.
Page 79
3-17
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Chapter 3 Overview of Fabric Manager
Configuring PM for Use with Cisco Traffic Analyzer
Figure 3-3 Overview of Performance Manager/Cisco Traffic Analyzer Configuration
Note See Chapter 30, “Monitoring Network Traffic Using SPAN” for information on configuring the settings
for your span destination port. It is important that the data you collect through this port matches the data collected by Performance Manager through the MGMT0 port. If the data does not match, you will not be able to view the Cisco Traffic Analyzer information through a Traffic Analyzer link on the detail page of a Performance Manager report.
For information on setting up the Cisco Traffic Analyzer, refer to the Cisco MDS 9000 Family Port
Analyzer Adapter 2 Installation and Configuration Note.
To configure Performance Manager to work with the Cisco Traffic Analyzer, perform these steps:
Step 1 Set up the Cisco Traffic Analyzer according to the instructions in the Cisco MDS 9000 Family Port
Analyzer Adapter 2 Installation and Configuration Note.
Step 2 You will need three pieces of information:
The IP address of the management workstation on which you are running Performance Manager and
Cisco Traffic Analyzer
The path to the directory where Cisco Traffic Analyzer is installed.
The port that is used by Cisco Traffic Analyzer (the default is 3000).
Step 3 Start the Cisco Traffic Analyzer.
1. From the Fabric Manager Performance menu, choose Traffic Analyzer > Open.
2. Enter the URL for the Cisco Traffic Analyzer, in the format
http://<ip address>:<port number>
where:
<ip address> is the address of the management workstation on which you have installed the Cisco Traffic Analyzer, and
:<port number> is the port that is used by Cisco Traffic Analyzer (the default is :3000).
Management Workstation
Performance
Manager
Cisco Traffic
Analyzer
GUI Collection GUI Collection
NIC 1 NIC 2
PAA2
MDS 9000 Switch
Network
Span Destination Port
MGMT0 Port
113485
Page 80
3-18
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Chapter 3 Overview of Fabric Manager
Configuring PM for Use with Cisco Traffic Analyzer
3. Click OK.
4. From the Fabric Manager Performance menu, choose Traffic Analyzer > Start.
5. Enter the location of the Cisco Traffic Analyzer, in the format
D:\<directory>\ntop.bat
where:
D: is the drive letter for the disk drive where the Cisco Traffic Analyzer is installed, and
<directory> is the directory containing the ntop.bat file.
6. Click OK.
Step 4 Create the flows you want Performance Manager to monitor, using the Flow Configuration Wizard.
Step 5 Define the data collection you want Performance Manager to gather, using the Performance Manager
Configuration Wizard.
1. Select the VSAN you want to collect information for, or select All VSANs.
2. Check the types of items you want to collect information for (hosts, ISLs, Storage devices, and
Flows).
3. Enter the URL for the Cisco Traffic Analyzer, in the format
http://<ip address>/<directory>
where:
<ip address> is the address of the management workstation on which you have installed the Cisco Traffic Analyzer, and
<directory> is the path to the directory where the Cisco Traffic Analyzer is installed.
4. Click Next.
5. Review the Data Collection to make sure this is the data you want to collect.
6. Click Finish to begin collecting data.
Note Data is not collected for JBOD or for virtual ports. If you change the data collection
configuration parameters during a data collection, you must stop and restart the
collection process in order for your changes to take effect.
Step 6 To generate a report, choose Performance > Reports.
You see a list of XML files. These files are the data collection files you specified in the Performance Manager Configuration Wizard.
Note It takes about five minutes to collect enough data to generate a report. Do not attempt to generate
a report in Performance Manager during the first five minutes of collection.
Page 81
3-19
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Chapter 3 Overview of Fabric Manager
Stopping Data Collection
Step 7 Choose a file for which you want to generate a report.
In about five minutes, an HTML report appears in your default web browser.
Step 8 To view the Cisco Traffic Analyzer information, click the Cisco Traffic Analyzer link at the top of the
Host or Storage detail pages.
Note For information on capturing a SPAN session and starting a Cisco Traffic Analyzer session to
view it, refer to the Cisco MDS 9000 Family Port Analyzer Adapter 2 Installation and Configuration Note.
Note For information on viewing and interpreting your Performance Manager data see the “Using
Performance Manager” section on page 3-14.
For information on viewing and interpreting your Cisco Traffic Analyzer data, refer to the Cisco MDS 9000 Family Port Analyzer Adapter 2 Installation and Configuration Note.
Stopping Data Collection
You can stop a data collection process in Windows using the services panel. Right click on the Cisco Performance Manager service and select Stop.
On a Unix machine, enter the following command:
$HOME/.ciscomds9000/bin/pm.sh stop
Exporting Data Collection to XML Files
To export the collection to an XML file, enter the following command at the operating system command line prompt:
$HOME/.ciscomds9000/bin/pm.bat xport xxx yyy
Removing Data Collection Files from the List
To remove a data collection file from the list, edit the pm.txt file and comment out the line (#), or remove the line entirely.
Page 82
3-20
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Chapter 3 Overview of Fabric Manager
Removing Data Collection Files from the List
Page 83
CHA P TER
4-1
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
4
Before You Begin
This chapter lists the information you need to have before you begin using your MDS 9000 Switch. For information on setting up the switch and doing an initial configuration, refer to the Cisco MDS 9000 Family Configuration Guide.
This chapter contains the following topics:
About Flash Devices, page 4-1
Switch Roles, page 4-2
Using Valid Formats and Ranges, page 4-2
About Flash Devices
Every switch in the Cisco MDS 9000 Family contains one internal bootflash. The Cisco MDS 9500 Series additionally contains one external CompactFlash called slot0. (See Figure 4-1 and Figure 4-2.)
Figure 4-1 Flash Devices in the Cisco MDS 9000 Supervisor Module
Figure 4-2 External CompactFlash in the Cisco MDS 9000 Supervisor Module
External
CompactFlash
79527
Internal
bootflash
Internal
bootflash
Cisco MDS 9500 Series Director
Slot 0
Cisco MDS 9216 Switch
85603
CompactFlash 1
LED
CompactFlash 1
eject button
CompactFlash 1 slot 0
Page 84
4-2
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Chapter 4 Before You Begin
Switch Roles
Internal bootflash:
All switches in the Cisco MDS 9000 Family have one internal bootflash: that resides in the supervisor or switching module.You have access to two directories within the internal bootflash: file system.
The volatile: directory which provides temporary storage, and is also the default. Files in temporary
storage (volatile:) are erased when the switch reboots.
The bootflash (nonvolatile storage): directory which provides permanent storage. The files in
bootflash are preserved through reboots and power outages.
External CompactFlash (Slot0)
Cisco MDS 9500 Series directors contain an additional external CompactFlash called slot0:
The external CompactFlash, an optional device for MDS 9500 Series directors, can be used for storing software images, logs, and core dumps.
Switch Roles
By default, two roles exist in all switches:
Network operator—Has permission to view the configuration.
Network administrator—Has permission to execute all commands and to set up to 64 permission
levels based on user roles and groups.
When you execute a command, perform command completion, or obtain context sensitive help, the switch software allows the operation to progress if you have the correct permission as specified in the description of the command.
Using Valid Formats and Ranges
Note Do not enter ellipsis ( ... ), vertical bars ( | ), less than or greater than ( < > ), brackets ( [ ] ), or braces
( { } ) in any formats or ranges. These characters have special meaning in SAN-OS text strings.
Table 4-1 Valid Formats and Ranges
Address Description Valid Format Example Range
MAC address 6 bytes in hexadecimal
format separated by colons (not case-sensitive)
00:00:0c:24:d2:Fe --
Page 85
4-3
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Chapter 4 Before You Begin
Using Valid Formats and Ranges
IP address 32 bytes, written as 4
octets separated by periods (dotted decimal format) that are made up of a network section, an optional netmask section, and a host section.
126.2.54.1 --
VSAN Integer that specifies the
VSAN.
7 1 to 4093
VLAN Integer that specifies the
VLAN
11 1 to 4093
Port WWN (p WWN) Eight hexadecimal
numbers separated by colons (not case-sensitive).
12:34:56:78:9A:BC:dE:F1--
Node WWN (n WWN) Eight hexadecimal
numbers separated by colons (not case-sensitive).
12:34:56:78:9A:BC:dE:F1--
LUN 8 bytes in hexadecimal
format separated by colons. A minimum of two hex characters are acceptable. The valid format is hhhh[:hhhh[:hhhh[:hhh h]]]
64
(100d = 64h)
--
F C ID Six character
hexadecimal value prepended by 0x.
0xabc123 --
Domain ID Integer that specifies the
domain.
71 to 239
Timers Integer that specifies
timers in milliseconds for latency, FC time out values (TOV).
100 0 to 2147483647
Switching module Slot in which the
applicable switching module resides.
11 to 15
Switch priority Integer specifying
switch priority.
51 to 254
Channel group Integer that specifies a
PortChannel group addition.
11 to 100
Table 4-1 Valid Formats and Ranges (continued)
Page 86
4-4
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Chapter 4 Before You Begin
Using Valid Formats and Ranges
Fabric Shortest Path First (FSPF)
Integer that specifies the hold time (in milliseconds) before making FSPF computations.
1000 0 to 65535
Fabric Analyzer The allowed range for
the frame size limit in bytes.
64 64 to 65536
Fabric Analyzer captures
An example of 10 frames, limits the number of frames captured to 10.
10 0 to 2147483647
FCIP profile Integer that specifies the
FCIP profile
101 1 to 255
TCP retransmit time Integer that specifies the
minimum retransmit time for the TCP connection in milliseconds
300 250 to 5000
Keepalive timeout Integer that specifies the
TCP connection’s keepalive timeout in seconds.
60 1 to 7200
TCP retransmissions Integer that specifies the
maximum number of TCP transmissions.
61 to 8
PMTU Integer that specifies the
path MTU reset time in seconds
90 60 to 3600
TCP buffer size Integer that specifies the
advertised TCP buffer size in KB.
5000 0 to 8192
Traffic burst size Integer that specifies the
maximum burst size in KB.
30 10 to 100
Peer TCP port Integer that specifies the
TCP port number
3000 0 to 65535
Acceptable time difference
Integer that specifies the acceptable time difference in milliseconds for a packet being accepted.
4000 1 to 60,000
Table 4-1 Valid Formats and Ranges (continued)
Page 87
4-5
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Chapter 4 Before You Begin
Using Valid Formats and Ranges
iSCSI pWWN allocation
Integer that specifies the number of pWWNs that must be allocated to an iSCSI initiator.
21 to 64
CDP refresh and hold time
Integer that specifies the refresh time interval and the hold time in seconds for the CDP protocol.
60 5 to 255
Table 4-1 Valid Formats and Ranges (continued)
Page 88
4-6
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Chapter 4 Before You Begin
Using Valid Formats and Ranges
Page 89
CHA P TER
5-1
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
5
Obtaining and Installing Licenses
The licensing functionality is available in all switches in the Cisco MDS 9000 Family. This functionality allows you to access specified premium features on the switch after you install the appropriate license for that feature. Licenses are sold, supported, and enforced from Release 1.3(1).
This section contains information related to licensing types, licensing procedure, license installation, and license management for the Cisco MDS SAN-OS software.
This chapter contains the following topics:
License Terminology, page 5-1
Licensing Model, page 5-2
Licensing High Availability, page 5-4
Options to Install a License, page 5-4
Obtaining a Factory-Installed License, page 5-4
Performing a Manual Installation, page 5-5
Obtaining License Key Files, page 5-5
Installing Licenses, page 5-6
Viewing License Information in Fabric Manager, page 5-8
Viewing License Information in Device Manager, page 5-9
Removing Licenses, page 5-9
Updating Licenses, page 5-10
License Expiry Alerts, page 5-10
Moving Licenses Between Switches, page 5-11
License Terminology
The terms used in this chapter are explained in this section.
Licensed feature—Permission to use a particular feature through a license file, a hardware object,
or a legal contract. This permission is limited to the number of users, number of instances, time span, and the implemented switch.
License expiry—The time span during which a licensed feature is valid. The software tracks all
licenses and sends periodic alerts before shutting down the licensed feature.
a. Counted license—The number of usage instances for a licensed feature.
Page 90
5-2
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Chapter 5 Obtaining and Installing Licenses
Licensing Model
Licensed application—A software feature that requires a license in order to be used.
License enforcement—Mechanism to prevent features being used without first obtaining a license.
Node-locked license—A license that can only be used on a particular switch using the switch’s
unique host ID.
Host ID—A host ID is a unique chassis serial number that is specific to each Cisco MDS switch.
Proof of purchase—Also known as the Claim Certificate. A document entitling it’s rightful owner
to use licensed feature(s) of the Cisco MDS 9000 Family of Multilayer Directors and Fabric Switches on one MDS switch as described in that document.
Product Authorization Key (PAK)—Using the PAK, you can obtain a license key from one of the
sites listed in the proof of purchase document. After registering at the specified website, you will receive your license key file and installation instructions via e-mail.
License key file—A switch-specific unique file that specifies the licensed features. Each file
contains digital signatures to prevent tampering and modification. License keys are required to use a licensed feature. License keys are enforced within a specified time span.
Counted licenses—Counted licenses refer to the number of licenses issued for a single feature (for
example, FCIP). You can increase counted licenses (incremental licenses) should a need arise in the future.
Incremental licenses—Incremental refers to adding other licensed features not in the initial license
file. License keys are incremental--if you purchase some features now and others later, the license file and the software detect the sum of all features for the specified switch.
Evaluation license—An evaluation license is a temporary license. Evaluation licenses are time
bound (valid for a specified number of days) and are not tied to a host ID (switch serial number).
Permanent license—A license that is not time bound (does not have an expiry date) is called a
permanent license.
Grace period—The amount of time an application can continue functioning without a license. The
grace period is set to 120 days from the first occurrence of using any licensed feature without a license. The grace period starts with the first checkout and will be counted only for the days when that feature is used. If you do not use this feature, the grace period stops incrementing.
Support—If you purchased Cisco support through a Cisco reseller, contact the reseller directly. If
you purchased support directly from Cisco, contact Cisco Technical Support at this URL:
Licensing Model
The licensing model defined for the Cisco MDS product line has two options:
Feature-based licensing—Features that are applicable to the entire switch. The cost varies based on
a per-switch usage. lists the feature-based license packages.
Module-based licensing—Features that require additional hardware modules. The cost varies based
on a per-module usage. Some examples are the IPS module using the FCIP feature or a Fibre Channel switching module using the FICON feature.
Table 5- 1 lists the licenses and their features.
Page 91
5-3
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Chapter 5 Obtaining and Installing Licenses
Licensing Model
Table 5-1 Feature-Based Licenses
Feature License Features
Standard package (free--no license required)
FCP, SSH, SFTP, and iSCSI protocols
Fabric Manager and Remote monitoring
(RMON)
VSANs, High availability, PortChannel, and
Zoning
Fibre Channel Congestion Control (FCC)
Virtual Output Queuing (VOQ)
Diagnostics (SPAN, RSPAN, and FC
Analyzer)
SNMP v3, Role-based access control,
RADIUS
Call Home and Interoperability modes
IP access control lists (ACLs)
Terminal Access Controller Access Control
System (TACACS+)
Fabric-Device Management Interface (FDMI)
Internet Storage Name Service (iSNS) client.
Enterprise package
(ENTERPRISE_PKG)
Enhanced security features:
LUN zoning
Read-only zones
Port security
VSAN-based access control
Fibre Channel Security Protocol (FC-SP) authentication
Advanced traffic engineering--Quality of
Service (QoS)
Enhanced VSAN routing--inter-VSAN
routing
SAN extension over IP
(SAN_EXTN_OVER_IP)
FCIP protocol
FCIP compression
FCIP write acceleration
Page 92
5-4
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Chapter 5 Obtaining and Installing Licenses
Licensing High Availability
Licensing High Availability
Like any other Cisco MDS SAN-OS feature, the licensing feature also maintains the following high availability standards for all switches in the Cisco MDS 9000 Family:
Installing any license in any switch is a nondisruptive process.
Installing a license automatically saves a copy of permanent licenses to the chassis in all switches.
When a licensed feature is enabled without a license key, the MDS switch enables the feature and
starts a counter on the grace period. You then have 60 days to install the appropriate license keys or disable the use of that feature. If at the end of the 60 day grace period the switch does not have a valid license key for the feature, the feature is automatically disabled by the switch.
Directors in the Cisco MDS 9500 Series have the following additional high availability features:
The license software runs on both supervisor modules and provides failover protection.
The license key file is mirrored on both supervisor modules. Even if both supervisor modules fail,
the license file continues to function from the version that is available on the chassis.
Options to Install a License
If you have purchased a new switch through either your reseller or through Cisco, you have two options:
To have the licenses preinstalled in the factory.
To install the licenses yourself by following the manual process.
If you already have an existing switch, follow the manual process.
Obtaining a Factory-Installed License
You can obtain factory-installed licenses for a new switch. To obtain a factory-installed license for a new Cisco MDS switch, follow these steps:
Mainframe
(MAINFRAME_PKG)
FICON protocol and CUP management
FICON VSAN and intermixing
Switch cascading
Fabric Binding
Fabric Manager Server
(FM_SERVER_PKG)
Multiple physical fabric management
Centralized fabric discovery services
Continuous MDS health and event monitoring
Long term historical Fibre Channel
Performance monitoring
Performance reports and charting for hotspot
analysis
Table 5-1 Feature-Based Licenses (continued)
Page 93
5-5
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Chapter 5 Obtaining and Installing Licenses
Performing a Manual Installation
Step 1 Contact your reseller or Cisco representative and request this service.
Note If you purchased Cisco support through a Cisco reseller, contact the reseller directly. If you
purchased support directly from Cisco, contact Cisco Technical Support at this URL:
Your switch is shipped with the required licenses installed in the system. The Proof of Purchase document is sent along with the switch.
Step 2 Obtain the host ID from the Proof of Purchase for future use.
Step 3 Start using the switch and the installed licenses features.
Performing a Manual Installation
If you have existing switches or if you wish to install the licenses on your own, you must first obtain the license key file and then install that file in the switch. Figure 5-1 maps out ways to obtain license key files.
Figure 5-1 Obtaining a License Key File
Obtaining License Key Files
To obtain new or updated license key files, follow these steps.
Note The host ID is also referred to as the switch serial number.
Software claims certificate
Release 1 .1 and 1.2
Proof of purchase
Release 1.3 and above
Website URL
Product authorization key
Website URL
Product authorization key
Product authorization key
URL address
Cisco MDS switch
Switch serial number (switch ID)
Internet web browser
License key file
through email
105227
Switch serial number (switch ID)
Page 94
5-6
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Chapter 5 Obtaining and Installing Licenses
Installing Licenses
Step 1 Obtain your Claim Certificate or the Proof of Purchase document.
This document accompanies every Cisco MDS switch.
Step 2 Locate the Product Authorization Key (PAK) from the Claim Certificate or Proof of Purchase document.
Step 3 Locate the website URL from the Claim Certificate or Proof of Purchase document.
Step 4 Access the specified URL that applies to your switch and enter the switch serial number and the PAK.
The license key file is sent to you by e-mail. The license key file is digitally signed to only authorize use on the switch for which it was requested. The requested features are also enabled once the SAN-OS software on the specified switch access the license key file.
Caution Install the license file in the specified MDS switch without making any modifications.
A license is either permanent or it expires on a fixed date. If you do not have a license, the grace period for using that license starts from the first time you start using a feature offered by that license.
Installing Licenses
Note If you need to install multiple licenses in any switch in the Cisco MDS 9000 Family, be sure to provide
unique file names for each license key file.
If you have purchased a new switch through either your reseller or through Cisco, you can have the licenses pre-installed in the factory, or you can install the licenses yourself. If you already have an existing switch, you install the licenses yourself. The best way to install licenses on the switches in your fabric is to use the License Wizard provided in Fabric Manager. You can also use Device Manager to install licenses on each switch individually.
Note You do not need a license to access a switch with Fabric Manager. See the “Licensing Model” section
on page 5-2 for a list of features requiring licenses.
You can install licenses two ways:
Installing Licenses Using Fabric Manager License Wizard
Installing Licenses Using Device Manager
Installing Licenses Using Fabric Manager License Wizard
To install licenses using the Fabric Manager License Wizard, follow these steps:
Step 1 Log in to a switch in the fabric containing the switches for which you want to install licenses.
To install licenses on multiple switches, you do not need to log in to each switch; however, the switches must be in the fabric you are viewing.
Page 95
5-7
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Chapter 5 Obtaining and Installing Licenses
Installing Licenses
Step 2 Start the License Wizard by clicking on the License Wizard icon in the Fabric Manager toolbar (see
Figure 5-2); or,
Choose Switches > License Manager from the Physical pane. The license information is displayed in the Information pane, one line per feature. Click the License Keys tab, and then click the License Install Wizard button in the toolbar.
You see the initial screen of the License Wizard.
Figure 5-2 License Install Wizard Icon
Step 3
Select the vendor from which you purchased your switch.
The License Server URL changes depending on the vendor you select. If your URL is different, or if you select Other as the vendor, enter the correct license server URL.
Step 4 If you have already obtained the license key files, click that radio button. Otherwise, click “I have the
Product Authorization Key (PAK)” if you have the authorization key.
Step 5 Click Next to continue to the next screen.
Step 6 Choose the switches for which you have PAKs.
When you check the check box for a switch, the PAK field for that switch becomes editable. The VDH=<serial number> for each switch is shown in the HostId column.
Step 7 Enter the PAK for each switch you have selected.
Step 8 Click Finish to transfer the licenses from the host to the switches.
Fabric Manager accesses the appropriate license site and installs the licenses onto each switch. The status of each installation is displayed in the Status column, as follows:
success— Install/uninstall operation completed successfully
inProgress—License install/uninstall operation is in progress
corruptedLicenseFile—License file content is Invalid/Corrupted
targetLicenseFileAlreadyExist—Target license file name already exists
invalidLicenseFileName—License file does not exist
duplicateLicense—License file is already installed
generalLicensingFailure—General error from license Manager
none—No install operation is performed
licenseExpiryConflict—License exist with a different expiration date for the feature
invalidLicenseCount—License count is invalid for the feature
Step 9 Click Close to close the wizard. To install more licenses at this point, you must close the wizard and
launch it again.
Page 96
5-8
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Chapter 5 Obtaining and Installing Licenses
Viewing License Information in Fabric Manager
Installing Licenses Using Device Manager
To install a license on your switch using Device Manager, follow these steps:
Step 1 Choose Admin > License Manager.
You see the License Manager dialog.
Step 2 Click the Install tab to display the Install fields.
The HostId shows the “VDH=” portion of the serial number. The rest of the number is filled in when you complete Steps 3 through 5.
Step 3 Enter the URI from which the license file will be picked for installation.
You should already have copied the license file provided by CISCO-CCO by some other means (for example, through the CLI) to this location.
Step 4 Enter the Target Filename with which the license file will be installed.
Step 5 Click Install.
The status of the installation is displayed at the bottom of the dialog box, as follows:
success—Install/uninstall operation completed successfully
inProgress—License install/uninstall operation is in progress
corruptedLicenseFile—License file content is Invalid/Corrupted
targetLicenseFileAlreadyExist—Target license file name already exists
invalidLicenseFileName—License file does not exist
duplicateLicense—License file is already installed
generalLicensingFailure—General error from license Manager
none—No install operation is performed
licenseExpiryConflict—License exist with a different expiration date for the feature
invalidLicenseCount—License count is invalid for the feature
Step 6 Repeat Steps 3 through 5 to install another license, or click Close to close the License Manager dialog.
Viewing License Information in Fabric Manager
To view license information in Fabric Manager, perform these steps:
Step 1 Choose Switches > License Manager from the Physical pane. The license information is listed in the
Information pane, one line per feature.
Step 2 Click the Feature Usage tab to see the Switch, name of the feature package, the type of license installed,
the number of licenses used (Usage Count), the expiration date, the grace period (if you do not have a license for a particular feature), and any errors (for example, if you have a missing license).
Step 3 Click the File tab to display the information about each of the License Key Files installed on your switch.
Page 97
5-9
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Chapter 5 Obtaining and Installing Licenses
Viewing License Information in Device Manager
Caution Once an expiration period has started, notifications about license expiration appear in the Fabric
Manager’s Events pane on a daily basis. During the last seven days of the expiration period, these messages are displayed hourly. After the final seven days of the expiration period, the feature is turned off and your network traffic may be disrupted.
Viewing License Information in Device Manager
To view license information in Device Manager, perform these steps:
Step 1 Choose Admin > License Manager. You see the License Manager dialog.
Step 2 Click the Features tab to see the name of the feature package, the type of license installed, the number
of licenses used (Usage Count), the expiration date, the grace period (if you do not have a license for a particular feature), and any errors (for example, if you have a missing license).
Step 3 Click the Files tab to display the information about each of the License Key Files installed on your
switch.
Removing Licenses
You can only uninstall a permanent license that is not in use. If you try to delete a permanent license that is currently being used, the software rejects the request and issues an error message. Features turned on by a permanent license must be disabled before the license in uninstalled.
Uninstalling an unused license causes the grace period to come into effect. The grace period is counted from the first use of the feature without a license and is reset when a valid license file is installed.
Tip If you are using an evaluation license and would like to install a new permanent license, you can do so
without service disruption and before the evaluation license expires. Removing an evaluation license immediately triggers a grace period without service disruption.
Caution Uninstalling a license requires the related features to first be disabled.
To remove a license, perform the following procedure:
Step 1 Log in to the switch. If you are using Fabric Manager to remove licenses from multiple switches, you do
not need to log in to each switch; however, the switches must be in the fabric you are viewing.
Step 2 From Fabric Manager, select Switches > License Manager from the Physical pane. The license
information is listed in the Information pane, one line per feature.
From Device Manager, select Admin > License Manager. You see the License Manager dialog.
Page 98
5-10
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Chapter 5 Obtaining and Installing Licenses
Updating Licenses
Step 3 In Fabric Manager, click the File tab. You see a list of License Key Files. Click on the name of the license
you want to remove, and press the Delete key or click on the Delete Row icon in the toolbar.
In Device Manager, click Uninstall, and enter the name of the License Key File you want to remove. Click Apply to remove the License Key File, and click Close to close the dialog.
Note To delete a license, you must disable the features enabled by that license. The delete procedure
fails if the license is in use, and an error message is displayed.
Updating Licenses
If your license is time bound, you must obtain and install an updated license. Contact technical support to request an updated license.
If you purchased Cisco support through a Cisco reseller, contact the reseller directly. If you purchased support directly from Cisco, contact Cisco Technical Support at this URL:
License Expiry Alerts
The SAN-OS license counter keeps track of all licenses on a switch. Once an expiry period has started, you will receive CLI console messages, SNMP traps, syslog error messages, and Call Home messages on a daily basis.
Beyond that, the frequency of these message will increase to an hourly basis during the last seven days of the expiry time span. For example:
Your FICON license feature is scheduled to expire in 60 days. If today is December 1st, the license expires on January 30th. In this case, you will receive:
Daily alerts from December 1st to January 23rd
Hourly alerts from January 24th to January 29th
From January 30th, the FICON feature will run without a license for a grace period of 60 days.
From January 30th to March 21st, you will receive daily alerts about the grace period usage.
From March 22nd to March 30th, you will receive hourly alerts about the grace period ending.
On March 31st, the FICON feature is automatically turned off.
License expiry alerts cannot be configured.
Caution After the final seven days of the grace period, the feature is turned off and your network traffic may be
disrupted. The grace period also applies to licensed features in Release 1.2(x). While Release 1.2(x) did not enforce the licenses, any upgrade will enforce license requirements and the 60-day grace period.
Page 99
5-11
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Chapter 5 Obtaining and Installing Licenses
Moving Licenses Between Switches
Moving Licenses Between Switches
A license is specific to the switch for which it is issued and is not valid on any other switch. If you need to transfer a license from one switch to another, contact your customer service representative.
If you purchased Cisco support through a Cisco reseller, contact the reseller directly. If you purchased support directly from Cisco, contact Cisco Technical Support at this URL:
http://www.cisco.com/warp/public/687/Directory/DirTAC.shtm
Page 100
5-12
Cisco MDS 9000 Fabric Manager Switch Configuration Guide
OL-7753-01
Chapter 5 Obtaining and Installing Licenses
Moving Licenses Between Switches
Loading...
Buy Points How it Works FAQ Contact Us Questions and Suggestions Privacy Policy Cookie Policy Terms of Use