HP H-series Enterprise Fabric Management Suite Software User Manual

HP StorageWorks 8/20q and SN6000 Fibre Channel Switch Enterprise Fabric Management Suite User Guide

This guide describes the HP StorageWorks Enterprise Fabric Management Suite applicaton (version 8.0.4) for the HP H-Series 8/20q and SN6000 Fibre Channel Switches (firmware version 8.0.4). Enterprise Fabric Management Suite is a workstation-based graphical user interface for managing fabrics, switches, and ports. Enterprise Fabric Management Suite includes EFMS Performance View, which plots port performance information in graphs. This guide is intended for users responsible for installing and using switch management tools.

Part Number: 5697-0420 Published June 2010 Edition:1

Legal and notice information

Confidential computer software. Valid license from HP required for possession, use or copying. Consistent with FAR 12.211 and 12. 212, Commercial Computer Software, Computer Software Documentation, and Technical Data for Commercial Items are licensed to the U.S. Government under vendor's standard commercial license.

The information contained herein is subject to change without notice. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein.

QuickTools and mPort are trademarks of QLogic Corporation.

Java and Solaris are registered trademarks of Sun Microsystems, Inc.

Gnome is a trademark of the GNOME Foundation Corporation.

Linux is a registered trademark of Linus Torvalds.

Mac OS and Safari are registered trademarks of Apple Computer, Inc.

Microsoft, Windows, and Internet Explorer are trademarks of Microsoft Corporation.

Netscape Navigator and Mozilla are registered trademarks of Netscape Communications Corporation.

Red Hat is a registered trademark of Red Hat Software Inc.

SUSE is a trademark of Novell, Inc.

), Brett McLaughlin and Jason Hunter. All

HP StorageWorks 8/20q and SN6000 Fibre Channel Switch Enterprise Fabric Management Suite User Guide

1 Using Enterprise Fabric Management Suite . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11

Installing Enterprise Fabric Management Suite . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11

Starting Enterprise Fabric Management Suite . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12

Exiting Enterprise Fabric Management Suite. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

Uninstalling Enterprise Fabric Management Suite . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14

Changing the encryption key for the default fabric view file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14

Saving and opening fabric view files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15

Setting Enterprise Fabric Management Suite preferences . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15

Using online help . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16

Viewing software version and copyright information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16

Enterprise Fabric Management Suite user interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17

Fabric tree . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18

Graphic window . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19

Data windows and tabs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19

Alerts panel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20

Menu bars . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21

Topology display menu . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21

Faceplate display menu . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22

Popup menus . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25

Menu Shortcut keys . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25

Tool bar . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26

Working with switches and links . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26

Working with ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27

2 Managing Fabrics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29

Fabric firmware and software versions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29

Saving a version snapshot . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29

Viewing and comparing version snapshots . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29

Exporting version snapshots to a file. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30

Managing the fabric database . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30

Adding a fabric. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30

Removing a fabric . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31

Opening a fabric view file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31

Saving a fabric view file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31

Rediscovering a fabric . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31

Deleting switches and links . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32

Adding a new switch to a fabric. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32

Replacing a failed switch. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32

Displaying fabric information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33

Link data window . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33

Displaying fabric status. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34

Event browser . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34

Filtering the event browser . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36

Sorting the Event Browser . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36

Saving the Event Browser to a file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36

Verifying Fibre Channel connections . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36

FC Ping dialog box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37

FC Traceroute dialog box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38

Device information and nicknames . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38

Devices data window . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39

Managing device port nicknames . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40

Creating a nickname . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40

Editing a nickname . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41

Deleting a nickname . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41

HP StorageWorks 8/20q and SN6000 Fibre Channel Switch Enterprise Fabric Management Suite User Guide 3

Exporting nicknames to a file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41

Importing a nicknames file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41

Fabric services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41

Enabling SNMP configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42

Enabling in-band management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42

Transparent router . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42

Viewing inter-fabric routes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43

Transparent Routes data window . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44

TR Mapping Manager dialog box. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45

Adding an inter-fabric route . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46

Removing an inter-fabric route. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47

Creating a zoning commands text file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47

3 Managing Fabric Zoning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49

Zoning concepts. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49

Zones. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49

Aliases . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49

Zone sets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49

Zoning database . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50

Using the Zoning Wizard . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50

Managing the zoning database . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50

Viewing zoning limits and properties . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50

Viewing active and configured zone set information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51

Editing the zoning database . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52

Configuring the zoning database . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54

Merge Auto Save . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54

Default Zone . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55

Discard Inactive . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55

Saving and restoring the zoning database to a file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55

Saving the zoning database to a file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55

Restoring the zoning database from a file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55

Restoring the default zoning database. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55

Removing all zone and zone set definitions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56

Merging fabrics and zoning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56

Zone merge failure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56

Zone merge failure recovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56

Resolving active, configured, and merged zone sets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57

Managing zone sets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57

Creating a zone set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57

Activating and deactivating a zone set. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58

Renaming a zone set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58

Removing a zone set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59

Managing zones . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59

Creating a zone in a zone set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59

Copying a zone to a zone set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60

Adding zone members . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60

Renaming a zone . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61

Removing a zone member . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62

Removing a zone from a zone set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62

Removing a zone from all zone sets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62

Managing aliases. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63

Creating an alias. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63

Adding a member to an alias . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63

Removing an alias from all zones . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64

4 Managing Fabric Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65

Connection security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65

User account security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65

Port security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66

Device security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66

Managing the security database . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67

Viewing the device security database . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68

Configuring the security data base . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69

Saving the security database to a file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69

Restoring the security database from a file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70

Resetting the security database . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70

Managing security sets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70

Creating a security set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70

Removing a security set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71

Renaming a security set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71

Adding an existing group to a security set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71

Removing a group from a security set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71

Removing a group from all security sets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72

Activating a security set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72

Deactivating a security set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72

Managing security groups and members . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72

Creating a security group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72

Creating a security group member . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73

Modifying a security group member . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74

Removing a member from a group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74

Using RADIUS servers. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74

Adding a RADIUS server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75

Removing a RADIUS server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 76

Editing RADIUS server information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77

Modifying authentication order RADIUS server information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 78

5 Managing Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79

Managing user accounts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79

Creating user accounts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80

Removing a user account . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80

Changing a user account password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81

Modifying a user account . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82

Viewing switch information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 83

Switch data window . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84

Stack Links data window . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89

Configuring port threshold alarms. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 90

Paging a switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91

Setting the date/time and enabling NTP client . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91

Resetting a switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93

Configuring a switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93

Using the configuration wizard . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93

Switch properties . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93

Domain ID and Domain ID lock . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94

Syslog . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94

Symbolic name. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95

Switch administrative states . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95

Broadcast support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95

In-band management. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95

Fabric device management interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95

Advanced switch properties (timeout values) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 96

Managing system services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97

Managing switch stacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98

Configuring switches in a stack . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98

Security consistency checklist. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99

Configuring the network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99

Network IP configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100

Network DNS configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 102

Network IP Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103

HP StorageWorks 8/20q and SN6000 Fibre Channel Switch Enterprise Fabric Management Suite User Guide 5

Security policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104

Security associations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106

Configuring SNMP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107

SNMP configuration and trap configuration parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107

SNMP v3 security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109

Adding an SNMP v3 user . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 110

Modifying an SNMP v3 user . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 111

Removing an SNMP v3 user. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 111

Configuring Call Home . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 111

Using the Call Home profile manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113

Creating a profile . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 114

Editing a profile . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115

Copying a profile . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115

Applying all profiles on a switch to other switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 116

Using the Call Home message queue . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 117

Testing Call Home profiles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 117

Changing SMTP servers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 117

Testing a switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 118

Archiving a switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 119

Restoring a switch. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 120

Restoring the factory default configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 121

Installing feature license keys . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 122

Downloading a support file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 123

Installing firmware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 124

6 Managing Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 127

Viewing port information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 127

Port Information data window . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 127

Port Statistics data window . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131

Configuring ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 134

Port symbolic name . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 135

Port types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 135

Port states . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 136

Port speeds . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 137

Port media status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 138

I/O StreamGuard . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 138

Device Scan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 138

Auto Performance Tuning and AL Fairness . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 139

Using the Extended Credits wizard . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 139

Moving a licensed port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141

Resetting a port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141

Testing ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141

Graphing port performance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 143

Starting EFMS Performance View. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 143

Exiting EFMS Performance View . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 143

Saving and opening Fabric View files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 144

Changing the default Fabric View file encryption key for EFMS Performance View. . . . . . . . . . . . . . . 144

Setting EFMS Performance View preferences. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 145

Setting the polling frequency . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 145

Displaying Graphs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 146

Arranging graphs in the display . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 146

Customizing graphs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 147

Setting global graph type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 148

Rescaling a selected graph . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 148

Printing graphs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 148

Saving graph statistics to a file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 148

7 Support and Other Resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 149

Document conventions and symbols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 149

JDOM license. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 149

Contacting HP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 150

HP contact information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 150

Subscription service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 150

Documentation feedback . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 150

Related information. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 150

Documents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 150

Other HP websites . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 151

Glossary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 153

Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 157

Figures

1 Enterprise Fabric Management Suite installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11

2 Initial Start dialog box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12

3 Add a New Fabric dialog box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

4 Save Default Fabric View File dialog box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

5 Load Default Fabric View File dialog box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14

6 Preferences dialog box—Enterprise Fabric Management Suite. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15

7 Topology display elements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17

8 SN6000 Fibre Channel Switch faceplate display. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17

9 SN6000 Fibre Channel Switch backplate display . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18

10 Fabric tree . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18

11 Alerts panel. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20

12 Fabric Version Snapshot Analysis dialog box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29

13 Add a New Fabric dialog box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30

14 Link data window . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33

15 Event browser dialog box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35

16 Filter Events dialog box. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36

17 FC Ping dialog box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37

18 FC TraceRoute dialog box. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38

19 Devices data window. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39

20 Detailed Devices Display window . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40

21 Transparent Routes data window . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44

22 Transparent Route dialog box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45

23 TR Mapping Manager dialog box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45

24 Add TR Mapping dialog box. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46

25 Remote Fabric Zoning dialog box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47

26 Active Zoneset data window . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51

27 Configured Zoneset data window . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52

28 Edit Zoning dialog box. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52

29 Zoning Config dialog box. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54

30 Port Binding dialog box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66

31 Edit Security dialog box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67

32 Configured Security data window . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68

33 Active Security data window . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68

34 Security Config dialog box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69

35 Create a Security Set dialog box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70

36 Create a Security Group dialog box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72

37 Create a Security Group Member dialog box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73

38 Radius Server Information dialog box—Add server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75

39 Radius Server Information dialog box—Remove server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 76

40 Radius Server Information dialog box—Edit server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77

41 Radius Server Information dialog box—Modify authentication order . . . . . . . . . . . . . . . . . . . . . . . . 78

42 User Account Administration dialog box—Add account . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80

43 User Account Administration dialog box—Remove account . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81

44 User Account Administration dialog box—Change password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82

45 User Account Administration dialog box—Modify account . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 83

46 Switch data window . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84

HP StorageWorks 8/20q and SN6000 Fibre Channel Switch Enterprise Fabric Management Suite User Guide 7

47 Switch data window buttons . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84

48 Stack Links data window . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89

49 Port Threshold Alarm Configuration dialog box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 90

50 Port threshold alarm example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91

51 Date/Time dialog box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92

52 Switch Properties dialog box. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94

53 Advanced Switch Properties dialog box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 96

54 System Services dialog box. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97

55 Security Consistency Checklist dialog box. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99

56 Network Properties dialog boxes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100

57 IPsec Configuration dialog box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103

58 Create IP Security Policy dialog box. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104

59 Create IP Security Association dialog box. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106

60 SNMP Properties dialog box. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 108

61 SNMP v3 Manager dialog box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109

62 SNMP v3 User Editor dialog box. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 110

63 Call Home Setup dialog box. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 111

64 Call Home Profile Manager dialog box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113

65 Call Home Profile Editor dialog box. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 114

66 Call Home Profile Multiple Switch Apply dialog box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 116

67 Call Home Message Queue dialog box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 117

68 Call Home Test Profile dialog box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 117

69 Call Home Change Over dialog box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 117

70 Switch Diagnostics dialog box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 118

71 Restore dialog boxes—full and selective . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 120

72 Feature Licenses dialog box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 123

73 Add License Key dialog box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 123

74 Download Support File dialog box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 123

75 Load Firmware dialog box for a single switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 125

76 Load Firmware dialog box for a stack . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 125

77 Port Information data window . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 127

78 Detailed Media Display dialog box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 130

79 Port Statistics data window . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131

80 Port Properties dialog box. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 134

81 Advanced Port Properties dialog box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 139

82 Extended Credit Wizard dialog box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 140

83 Move Port License dialog box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141

84 Port Diagnostics dialog box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 142

85 EFMS Performance View graph . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 143

86 Save Default Fabric View File dialog box—EFMS Performance View . . . . . . . . . . . . . . . . . . . . . . . 144

87 Load Default Fabric View File dialog box—EFMS Performance View . . . . . . . . . . . . . . . . . . . . . . . 144

88 Preferences dialog box—EFMS Performance View . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 145

89 Set Graph Polling Frequency dialog box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 145

90 Default Graph Options dialog box. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 147

Tables

1 Workstation requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11

2 Topology menu bar options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21

3 Faceplate menu bar options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22

4 Tool bar options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26

5 Topology display switch and status icons . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34

6 Port operational states . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35

7 Devices data window fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39

8 Transparent Routes data window fields. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44

9 Edit Zoning dialog box tool bar. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53

10 Port/device icons . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54

11 Switch data window fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84

12 Stack Links data window . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89

13 Switch resets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93

14 Network Properties dialog box—IP fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .101

15 Network Properties dialog box—DNS fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 102

16 IPsec Configuration dialog box buttons. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103

17 Create IP Security Policy dialog box fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104

18 Create IP Security Association dialog box fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106

19 SNMP Properties dialog box fields. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 108

20 SNMP v3 User Editor dialog box fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .110

21 Call Home Setup dialog box fields. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 112

22 Call Home Editor dialog box fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 114

23 Factory default configuration settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 121

24 Port Information data window buttons . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .127

25 Port Information data window—Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 128

26 Port Information data window—Advanced . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 129

27 Port Information data window—Extended Credits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 129

28 Port Information data window—Media . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 129

29 Port Information data window—Digital Diagnostics Monitoring . . . . . . . . . . . . . . . . . . . . . . . . . . . . 130

30 Port Statistics data window fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131

31 Port Properties dialog box fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 134

32 Port types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 135

33 Port operational states . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 136

34 Port administrative states. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 137

35 Port speeds . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 137

36 Port media status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 138

37 Extended Credits—Minimum Cable Lengths . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 140

38 Document conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 149

HP StorageWorks 8/20q and SN6000 Fibre Channel Switch Enterprise Fabric Management Suite User Guide 9

1 Using Enterprise Fabric Management Suite

This chapter describes how to install and configure the Enterprise Fabric Management Suite application, which includes the EFMS Performance View application. This chapter also describes the user interface.

Installing Enterprise Fabric Management Suite

To install the Enterprise Fabric Management Suite application:

1. Verify that your workstation is properly equipped. Table 1 lists the requirements for workstations

running the Enterprise Fabric Management Suite application.

Table 1 Workstation requirements

Component Options/Requirements

Operating System Windows Server 2003 R2 w/SP2

Windows Storage Server 2003 R2 w/SP2

Windows 2008 w/SP2

Windows 2008 R2

Memory 2 GB

Disk space 150 MB

Processor 2 GHz or faster

Hardware CD-ROM drive and RJ-45 Ethernet port; RS-232 serial port (optional)

Internet Browser Microsoft Internet Explorer 6.0 and later

Netscape Navigator 6.0 and later

Firefox 1.5 and later

Java 2 Standard Edition Runtime Environment 1.5 to support the application

2. Purchase an Enterprise Fabric Management Suite license and obtain your license key. Otherwise

proceed to step 3 to use the 30-day trial license.

3. Visit the website

Management Suite zip file.

4. Extract and execute the Enterprise Fabric Management Suite installation file

(Windows_HP_EFMS_8.00.4.05.exe) and follow the instructions (Figure 1).

www.hp.com/go/EFMS and follow the links to download the Enterprise Fabric

Figure 1 Enterprise Fabric Management Suite installation

HP StorageWorks 8/20q and SN6000 Fibre Channel Switch Enterprise Fabric Management Suite User Guide 11

The installation process prompts you to enter the following information:

• Installation folder

• An 8/20q or SN6000 Fibre Channel Switch serial number and the Enterprise Fabric Management

Suite license key. To use the 30-day trial license, only the switch serial number is needed.

• Shortcut location

Starting Enterprise Fabric Management Suite

To start Enterprise Fabric Management Suite for the first time:

1. Double-click the Enterprise Fabric Management Suite shortcut, or select Enterprise Fabric Management

Suite from the Start menu, depending on what you selected when you installed the application. From a

command line, enter the following command:

<install_directory>\HP_Enterprise_Fabric_Management_Suite.exe

2. The application prompts if you did not enter a license key when you installed Enterprise Fabric

Management Suite. If you are using the 30-day trial version, click OK. Otherwise, click Enter, provide a switch serial number and license key, and click Save.

NOTE: To update the current serial number or license key, select Help > License Info. In the dialog

box, click Enter Key, provide a switch serial number and license key, and click Save.

3. When you start Enterprise Fabric Management Suite for the first time, the application opens with the

Initial Start dialog box (Figure 2). Select the Open existing fabric option, and click Proceed.

Figure 2 Initial Start dialog box

The other options are as follows:

• Select the Open Configuration Wizard option to configure a switch, add a new switch,

replace/restore a switch, or recover or edit an IP configuration of an existing switch.

• Select the Open existing fabric view file option to open the Open View dialog box, which prompts

you to specify a fabric view file that you saved earlier.

• Select the Start application without specifying a fabric option to open the Enterprise Fabric

Management Suite initial window.

Selecting the Don’t show this dialog again option has the same effect as disabling the Initial Start dialog box. For information about setting preferences, see ”Setting Enterprise Fabric Management Suite

preferences” (page 15).

12 Using Enterprise Fabric Management Suite

4. Enter a fabric name, an entry switch, login name and password in the Add a New Fabric dialog box.

Figure 3 Add a New Fabric dialog box

A fabric name is recommended, but not required, and must be unique.

• The Entry Switch field can be the IP address or Domain Name Server (DNS) name of the switch through which to manage the fabric. For more information about addresses and host names, see ”Network IP configuration” (page 100).

• The factory login name and password are admin and password. The password is for the switch and is stored in the switch firmware. For information on user accounts, see ”Managing user

accounts” (page 79).

5. Click Add Fabric.

6. For security reasons, you are prompted to change your user account password initially set up by the

administrator. You are prompted each time you attempt to open the fabric until you change the password. Click OK, and change the user account password.

7. If the entry switch has SSL (Secure Socket Layer) enabled, the switch will generate and display a Verify

Certificate dialog box that you must accept before gaining access to the fabric.

Exiting Enterprise Fabric Management Suite

To exit an Enterprise Fabric Management Suite application session:

1. Select File > Exit.

2. If you have not yet saved the default fabric view file, the Save Default Fabric View File dialog box

(Figure 4) prompts you to save the current fabric view as the default fabric view file. Enter an encryption key in the Default Fabric File Encryption Key field.

3. Re-enter the encryption key in the Re-enter Encryption Key to Confirm field. You can also leave the fields

blank.

4. Click Save View File to save the current set of fabrics to the default fabric view file in the working

directory. You can also do one of the following:

•Click Exit Without Saving to close the session without saving the view file.

•Click Cancel Exit to sustain the session.

Figure 4 Save Default Fabric View File dialog box

HP StorageWorks 8/20q and SN6000 Fibre Channel Switch Enterprise Fabric Management Suite User Guide 13

The encryption key encrypts the sensitive data in the default fabric view file so that no one can open the file without the encryption key. For information about changing this encryption key, see ”Changing the

encryption key for the default fabric view file” (page 14). If an encryption key has been defined and the

View File Auto Save and Load preference is enabled, the current fabric view is saved to your default fabric view file when you close future Enterprise Fabric Management Suite sessions. In addition to the default fabric view file, you can save and open other fabric view files. See ”Saving and opening fabric view files” (page 15) for more information.

To prevent Enterprise Fabric Management Suite from prompting you to save the default fabric view file between Enterprise Fabric Management Suite sessions, enable (check) the View File Auto Save and Load preference. For more information about preferences, see ”Setting Enterprise Fabric Management Suite

preferences” (page 15).

In your next Enterprise Fabric Management Suite session, the Load Default Fabric View File dialog box (Figure 5) prompts you to load the default fabric view file and to specify its encryption key, if one exists. In the Default Fabric File Encryption Key field, enter the encryption key, and click Load View File. If you do not want to load the default fabric view file, click Continue Without Loading to open the Enterprise Fabric Management Suite with no fabric displayed.

Figure 5 Load Default Fabric View File dialog box

Uninstalling Enterprise Fabric Management Suite

A program to uninstall Enterprise Fabric Management Suite is included as part of the installation process. The UninstallerData folder in the installation directory contains the uninstall program. Also, a shortcut/link to the uninstall program is installed in the installation directory during the Enterprise Fabric Management Suite installation process.

The default Windows installation directory depends on the Windows operating system:

• For Windows x64 systems:

c:\Program Files (x86) \Hewlett-Packard\HP_Enterprise_Fabric_Management_Suite

• For Windows x86 systems:

c:\Program Files\Hewlett-Packard\HP_Enterprise_Fabric_Management_Suite

To uninstall the Enterprise Fabric Management Suite application:

1. Browse for the uninstall program file or the shortcut/link that points to the uninstall program file. The

uninstall program shortcut is in the same folder as the program shortcut (Start menu, program group, on desktop, or user specified) that is used to start the Enterprise Fabric Management Suite application.

2. Double-click the uninstall program file or shortcut/link, and follow the instructions to uninstall the

Enterprise Fabric Management Suite application.

Changing the encryption key for the default fabric view file

To change the encryption key for the Enterprise Fabric Management Suite default fabric view file:

1. Select File > Save Default Fabric View File to open the Save Default Fabric View File dialog box.

2. Enter an encryption key in the Default Fabric File Encryption Key field.

3. Re-enter the same encryption key in the Re-enter Encryption Key to Confirm field.

4. Click OK to save the current set of fabrics to the default fabric view file in the working directory.

14 Using Enterprise Fabric Management Suite

Saving and opening fabric view files

A fabric view file is one or more fabrics saved to a file. In addition to the Enterprise Fabric Management Suite default fabric view file, you can save and open your own fabric view files. To save a set of fabrics to a file:

1. Select File > Save View As to open the Save View dialog box.

2. Enter a name for the fabric view file or click Browse to select an existing file. Files are saved in the

working directory.

3. Enter a password. When you attempt to open this fabric view file, you are prompted for this password.

If you leave the File Password field blank, no password is required when attempting to open this fabric view file.

4. Click OK to save the view.

To open a fabric view file:

1. Select File > Open View File to open the Open View dialog box.

2. Enter a name for the fabric view file or click Browse to select an existing file.

3. If the fabric view file was saved with a password, enter the password, and click OK.

4. Click OK to open the view.

Setting Enterprise Fabric Management Suite preferences

To set preferences for your Enterprise Fabric Management Suite sessions:

1. Select File > Preferences to open the Preferences dialog box (Figure 6).

2. Enter or browse for the paths to the working directory and Internet browser location.

3. In the Application-wide Options area, choose the preferences you want.

4. Click OK to save the changes.

Figure 6 Preferences dialog box—Enterprise Fabric Management Suite

• Working Directory is the path for the folder in which to save files. The default is the installation

directory.

• Browser Location is the path for Internet browser program to use to view the online help. The default is

c:\Program Files (x86)\Internet Explorer\iexplore.exe.

• View file auto save and load prevents (checked/default) or allows prompts to save the default fabric

view file between Enterprise Fabric Management Suite sessions.

• Display initial startup dialog enables (checked/default) or disables the use of the Initial Start dialog

box at the beginning of an Enterprise Fabric Management Suite session. After a default fabric view file is created, this setting has no effect.

• Display dialog when making non-secure connections allows (checked/default) or prevents connections

to a non-secure fabric. If this preference is enabled, the application informs you when connecting to a non-secure fabric, and enables you to connect. Otherwise, you must have a secure connection.

HP StorageWorks 8/20q and SN6000 Fibre Channel Switch Enterprise Fabric Management Suite User Guide 15

• Event browser maintains event messages in the event browser (checked/default) between Enterprise

Fabric Management Suite sessions, or discards those messages (unchecked). For information about events, see ”Event browser” (page 34).

• Preferred Initial Port View determines the port information type represented by the ports of the

faceplate display: port type (default), port speed, port operational state, or port transceiver media. You can change the port view in the faceplate display by opening the View menu and selecting a different port view option.

Using online help

The browser-based online help system can be accessed from the Enterprise Fabric Management Suite application in several ways. Online help is also context-sensitive; that is, the online help opens to the topic that describes the current dialog box.

To open the first topic in the help system, choose one of the following:

• Select Help > Help Topics.

• Click Help in the tool bar.

• With no dialog box displayed, press F1 key.

To open the help system to the topic that describes the current dialog box, choose one of the following:

• Click Help in the dialog box.

• Press the F1 key.

Viewing software version and copyright information

To view Enterprise Fabric Management Suite software version and copyright information, open the Help menu, and select About.

16 Using Enterprise Fabric Management Suite

Enterprise Fabric Management Suite user interface

Menu bar

Data window tabs

Tool bar

Data window

Graphic window

Fabric tree

Switch/fabric name and status

The Enterprise Fabric Management Suite application uses faceplate and backplate displays to manage the switches in a fabric. The interface (Figure 7) consists of a menu bar, fabric tree, graphic window, data windows (some with buttons), and data window tabs. The topology display (Figure 7) appears in the graphic window and shows all of the switches and connections in the fabric. The fabric names and switch names appear in the fabric tree. Click a switch name or icon to display a different switch faceplate in the graphic window. Information displayed in the data windows corresponds to the selected data window tab.

Figure 7 Topology display elements

The faceplate and backplate displays are used to manage individual switches. The faceplate displays of the 8/20q and SN6000 Fibre Channel Switches are similar, showing the front of a switch and its ports. The backplate display shows the power supplies for single and dual power supply switches. Figure 8 shows an SN6000 Fibre Channel Switch faceplate display.

Figure 8 SN6000 Fibre Channel Switch faceplate display

HP StorageWorks 8/20q and SN6000 Fibre Channel Switch Enterprise Fabric Management Suite User Guide 17

Figure 9 shows the backplate display for a dual power supply SN6000 Fibre Channel Switch.

Switch entries

Moveable window border

Fabric name entry handle

Fabric name entry

Security lock icon

Figure 9 SN6000 Fibre Channel Switch backplate display

TIP: Mouse-over information appears when you rest the cursor over key elements in the Enterprise Fabric

Management Suite interface, such as ports, LEDs, and fabric tree entries.

Fabric tree

The Enterprise Fabric Management Suite application enables you to manage the switches in multiple fabrics. The fabric tree (Figure 7) provides access to the topology and faceplate displays for any fabric or switch:

• To open the topology display from the fabric tree, click a fabric entry.

• To open the faceplate/backplate displays from the fabric tree, click a switch entry.

A fabric name entry handle located to the left of an entry in the tree indicates that the entry can be expanded or collapsed. Click this handle or double-click the entry to expand or collapse a fabric tree entry. A fabric entry expands to show its member switches. You can adjust the width of the fabric tree window by clicking and dragging the moveable window border.

Figure 10 Fabric tree

18 Using Enterprise Fabric Management Suite

Next to each fabric tree entry is a small icon that uses color to indicate operational status:

• A green icon indicates normal operation.

• A yellow icon indicates that a switch is operational, but may require attention to maintain maximum

performance.

• A red icon indicates a potential failure or non-operational state, as when the switch is offline.

• A blue icon indicates that a switch is unknown, unreachable, or unmanageable.

If the status of a fabric is not normal, the fabric icon in the fabric tree indicates the reason for the abnormal status. The same message is provided when you rest the pointer on the fabric icon in the fabric tree.

The small lock icon next to the fabric icon in the fabric tree indicates a secure fabric connection using Secure Socket Layer (SSL). The Security menu is available only for the entry switch (out-of-band switch) on a secure fabric. Select Switch > Services to enable the SSL service for that switch. You must then close the fabric and re-establish a secure connection to the fabric using SSL.

Graphic window

The graphic window shows fabric, switch, and port information in the forms of the fabric topology display, switch faceplate display (Figure 8), and switch backplate display (Figure 9). To view the faceplate display, select a switch or stack in the fabric tree, and select View > View Faceplate. To view the backplate display, select View > View Backplate. You can adjust the height of the graphic window by clicking and dragging the border that it shares with the data window.

Data windows and tabs

The data window (Figure 7) displays a table of data and statistics associated with the selected tab for the fabric, stack, or switch displayed in the graphic window. The available data window tabs vary depending on the display. The following data windows and tabs are available:

• Devices—Displays information about devices (hosts and storage targets) connected to the switch. For

more information, see ”Devices data window” (page 39).

• Transparent Routes—Displays the currently configured inter-fabric zones/routes using a TR_Port. For

more information about the Transparent Routes data window, see ”Transparent Routes data window” (page 44). For information about the transparent router feature, see ”Transparent router” (page 42).

• Active Zoneset—Displays the active zone set for the fabric including zones and their member ports. For

more information about this data window, see ”Viewing active and configured zone set information” (page 51). For information about zone sets and zones, see ”Zoning concepts” (page 49).

• Switch—Displays current network and switch configuration data for the selected switch. For more

information, see ”Switch data window” (page 84).

• Link—Displays a list of the inter-switch links in the fabric. For information on switch links, see ”Link data

window” (page 33).

• Stack Links—Displays a list of the inter-switch links in the stack. For information on switch links, see

”Stack Links data window” (page 89).

• Port Statistics—Displays performance data for the selected ports. For more information, see ”Port

Statistics data window” (page 131).

• Port Information—Displays information for the selected ports. For more information, see ”Port

Information data window” (page 127).

• Configured Zonesets—Displays all zone sets, zones, and zone membership in the zoning database. A

zone is a named group of ports or devices. For more information, see ”Viewing active and configured

zone set information” (page 51).

Use the scroll bar to browse through the data. To adjust the length of the window, click and drag the border that it shares with the graphic window. To adjust the column width, move the pointer over the column heading border shared by two columns until a right/left arrow graphic appears. Click and drag the arrow to the preferred width.

HP StorageWorks 8/20q and SN6000 Fibre Channel Switch Enterprise Fabric Management Suite User Guide 19

Alerts panel

Status section

The Alerts panel shows all reasons for status, including faults. The Alerts panel entries are the highlighted rows between the faceplate image and the data window entries.

The up/down arrows on the divider bar between the Alerts panel entries and data windows enable you to move the divider bar up or down incrementally. With the faceplate image in the graphic window and the data window displayed, you can do the following:

• Click the up arrow (on the left) to move the divider up to the top of the window, completely hiding the

faceplate image.

• Click the down arrow (on the right) to move the divider back to the middle. Click the down arrow again

to completely hide the data window.

• Click and drag the divider bar to manually move it up or down.

Figure 11 Alerts panel

20 Using Enterprise Fabric Management Suite

Menu bars

The menus and the included tasks vary depending on the type of display. For example, the Port menu and many of the Switch menu selections are only available in the faceplate display. For information on the menus, see ”Topology menu bar options” (page 21) and ”Faceplate menu bar options” (page 22).

Topology display menu

The Topology menu bar options, listed in Table 2, are available when a fabric is selected in the fabric tree.

Table 2 Topology menu bar options

Option Sub-options

File Open View File

Fabric Add Fabric

Save View File

Save Default Fabric View File

Preferences

Exit

Remove Fabric

Nicknames

Fabric Tracker

Switch

Options marked with an asterisk (*) are available only when one switch is selected in the topology display.

Stack

These options are available only when one stack is selected in the topology display.

Save Snapshot Analyze Snapshots

Security Consistency Checklist

Rediscover Fabric

Start EFMS Performance View

FC TraceRoute

TR Mapping Manager

Show Event Browser

Delete*

Export Devices

Switch Properties*

Network Properties*

SNMP Properties*

Delete

Syslog

SNMP Properties

Set Date/Time

User Accounts

Security Consistency Checklist

Load Firmware

Edit Zoning Configuration

HP StorageWorks 8/20q and SN6000 Fibre Channel Switch Enterprise Fabric Management Suite User Guide 21

Table 2 Topology menu bar options (continued)

Option Sub-options

View Refresh

Wizards Configuration Wizard

Help Help Topics

Faceplate display menu

The Faceplate menu bar options, listed in Table 3, are available when a stack or switch is selected in the fabric tree, except as noted.

Table 3 Faceplate menu bar options

Option Sub-options

File Open View File

Layout Topology

Toggle Auto Layout

Remember Layout

License Info

About

Save View File

Save Default Fabric View File

Preferences

Exit

Fabric Add Fabric

Remove Fabric

Nicknames

Fabric Tracker

Save Snapshot Analyze Snapshots

FC TraceRoute

TR Mapping Manager

Show Event Browser

22 Using Enterprise Fabric Management Suite

Table 3 Faceplate menu bar options (continued)

Option Sub-options

Switch

These options are available only when a switch is selected in the fabric tree.

Popup menus

Popup menus appear when you right-click the stack, faceplate, or backplate images in the graphic window. Popup menu options provide quick access to the common tasks and dialog boxes, such as the following:

• Refreshing a switch

• Selecting all ports

• Properties dialog boxes (Port, Switch, Network, and SNMP)

• Services dialog box

• Port diagnostics dialog boxes

Menu Shortcut keys

Shortcut key combinations provide an alternative method of accessing menu options in the application. For example, to open the Preferences dialog box, press Alt+F, and then press R.

NOTE: The shortcut key combinations are not case-sensitive.

License Info

About

HP StorageWorks 8/20q and SN6000 Fibre Channel Switch Enterprise Fabric Management Suite User Guide 25

Tool bar

The tool bar consists of a row of graphical buttons that provide access to Enterprise Fabric Management Suite functions. The tool bar buttons are an alternative method to using the menu bar.

The Tool bar options are described in Table 4.

Table 4 Tool bar options

Button Description

Add Fabric—adds a new fabric to the fabric view

Open View File—opens an existing fabric view file

Save View As—saves the current fabric view to a file

Refresh—updates the topology or faceplate display with current information

Event Browser—opens the events browser

Edit Zoning—opens the Edit Zoning dialog box (available only when a switch or stack is selected in the fabric tree)

Edit Security—opens the Edit Security dialog box (available only on a secure entry switch)

Help Topics—opens the online help file

Working with switches and links

Switch and link icons are selectable and moveable, and serve as access points for other displays and menus. You select switches and links to display information about them, modify their configuration, or delete them from the display. Context-sensitive popup menus are displayed when you right-click on a switch or link icon, or in the background of the topology display and graphic window.

Switch icon shape and color provide information about the switch and its operational state. Lines represent links between switches. The topology display uses green to indicate normal operation, yellow to indicate operational with errors, red to indicate a potential failure or non-operational state, and blue to indicate unknown, unreachable, or unmanageable. For more information about topology display icons, see ”Displaying fabric status” (page 34).

26 Using Enterprise Fabric Management Suite

Selected ISL links in the topology display are displayed with a heavier line. Selected switches are displayed with a light blue background. You can select switches and links the following ways:

• To select one switch or link, click the switch or link.

• To select a group of switches or links, press the Shift or Control key while clicking each switch or link.

• To select all switches or links, right-click anywhere in the graphic window background, and select Select

All Links or Select All Switches from the popup menu.

• To cancel all selections, click in the background of the graphic window.

• To un-select one switch or link in a group of selected switches or links, press the Shift or Control key

while clicking the switch or link.

• To add a switch or link to a group of selected switches or links, press the Shift or Control key while

clicking the switch or link.

You can arrange individual switch icons in the topology display or allow Enterprise Fabric Management Suite to arrange all switch icons for you:

• To move an individual switch icon, click and drag the icon to another location in the graphic window.

Links stretch or contract to remain connected.

• To arrange all switch icons in the topology display automatically, open the View menu, and select

Layout Topology.

By default, the Toggle Auto Layout box in the View menu is selected, which causes Enterprise Fabric Management Suite to arrange the icons when you select Layout Topology.

You can save a custom arrangement, or layout, and restore that layout during an Enterprise Fabric Management Suite session. Begin by arranging the icons, then open the View menu, and select Remember Layout. To restore the saved layout, open the View menu, unselect the Toggle Auto Layout option, and select Layout Topology.

Working with ports

Ports are selectable and serve as access points for other displays and menus. You select ports to display information about them in the data window or to modify them. Context-sensitive popup menus appear when you right-click the faceplate image or on a port icon. See ”Managing Ports” (page 127) for detailed port information.

Selected ports in the faceplate display are outlined in white. You can select ports in the following ways:

• To select a port, click the port.

• To select all ports, right-click on the faceplate image, and select Select All Ports from the popup menu.

• To select a range of consecutive ports, click a port, press and hold the Shift key, and then click the last

port in the range. The Enterprise Fabric Management Suite application selects both end ports and all ports in between the end ports.

NOTE: When using the Shift key to select a range of ports, the first port you click in the range is

the anchor selection. Subsequent ranges are based on this anchor selection. For example, when you click port 4 and port 9 respectively, port 4 becomes the anchor selection. The next range includes all ports between port 4 and the next port you select.

• To select several non-consecutive ports, press and hold the Control key while clicking each port.

• To deselect ports, press and hold the Control key while clicking each port.

• To cancel a selection, press and hold the Control key, and select it again.

HP StorageWorks 8/20q and SN6000 Fibre Channel Switch Enterprise Fabric Management Suite User Guide 27

28 Using Enterprise Fabric Management Suite

2 Managing Fabrics

This chapter describes the options for managing fabrics.

Fabric firmware and software versions

The Fabric Tracker option enables you to generate a snapshot or baseline of current system version information, which can be viewed, analyzed and compared to other snapshot files, and exported to a file. Information includes date and time, switch active firmware version, device hardware, drivers, and firmware version from FDMI.

The Snapshot Analyzer option enables you to do the following:

• Compare two snapshots.

• Detect mismatches of firmware and driver versions.

• Detect devices that have been moved, added to, or removed from the fabric.

Saving a version snapshot

To save the current snapshot to an XML file:

1. In the faceplate display, select Fabric > Fabric Tracker, and then select Save Snapshot.

2. Enter a filename.

3. Click Save to save the snapshot as an XML file.

Viewing and comparing version snapshots

To view and analyze system version information:

1. Select Fabric > Fabric Tracker > Analyze Snapshots to open the Fabric Version Snapshot Analysis

dialog box (Figure 12).

2. Click Browse to open and view the snapshot files in the corresponding tab pages (Summary,

Differences, Reports).

3. Click Close to exit the Fabric Version Snapshot Analysis dialog box.

Figure 12 Fabric Version Snapshot Analysis dialog box

The color key below the scrollable area defines the meanings of the colors used. The Summary tab page shows a brief description of the changes that have occurred between the older snapshot and the newer one. Use the Summary tab page to quickly view what has changed. The Differences tab page shows a side-by-side comparison of two snapshots.

The timestamp of each snapshot appears above the scroll area showing that snapshot. The background color of the older snapshot is darker than the background of the newer snapshot. The arrow icon between the snapshot selectors always points from the older snapshot to the newer one. If the two snapshots have

HP StorageWorks 8/20q and SN6000 Fibre Channel Switch Enterprise Fabric Management Suite User Guide 29

the same timestamp, the arrow is not displayed. The scroll bars are synchronized to view the same portion of each snapshot file simultaneously.

To resize each pane:

1. Click and drag the separator bar between the two panes.

2. At the top of the separator bar between the two panes, click the left/right arrows to close the

corresponding pane. The left/right arrows move to one side.

Exporting version snapshots to a file

The Reports tab page enables you to select one report to save to a text file. There are two types of reports: Summary report and Detailed report.

• Summary report shows the same format displayed on the Summary tab page without the color

highlighting.

• Detail report shows a detailed breakdown of the differences.

Click Export to save the selected report to a text file.

Managing the fabric database

A fabric database contains the set of fabrics that you add during a Enterprise Fabric Management Suite session. Initially, if you do not open an existing fabric or fabric view file, the Enterprise Fabric Management Suite application opens with an empty fabric database.

Adding a fabric

To add a fabric to the database:

1. Select Open > Add Fabric to open the Add a New Fabric dialog box (Figure 13).

Figure 13 Add a New Fabric dialog box

2. Enter a unique fabric name in the Fabric Name field. This step is optional.

NOTE: Assigning a fabric name is recommended.

3. In the Entry Switch field, enter the IP address or Domain Name Server (DNS) name of the switch

through which to manage the fabric. For more information, see ”Network IP configuration” (page 100).

4. Enter an account name and password. The factory login name and password are admin and

password. The password is for the switch, which is stored in the switch firmware. For information on

user accounts, see ”Managing user accounts” (page 79).

5. Click Add Fabric.

30 Managing Fabrics

6. For security reasons, you are prompted to change your user account password initially set up by the

administrator. You are prompted each time you attempt to open the fabric until you change the password. Click OK, and change the user account password.

NOTE: If the entry switch has SSL (Secure Socket Layer) enabled, the switch generates and displays

a Verify Certificate dialog box that you must accept before gaining access to the fabric.

Removing a fabric

To delete a fabric from the database:

1. Select a fabric in the fabric tree.

2. Select Fabric > Remove Fabric.

3. The application automatically removes the fabric whether you click OK or not.

Opening a fabric view file

A fabric view file is one or more fabrics saved to a file. To open an existing view file:

1. Select File > Open View File, or click Open to open the Open View dialog box. If the fabric you are

currently viewing has changed, you are prompted to save the changes to the fabric view file with the Save View dialog box before opening a different view file.

2. Enter the name of the file to open, and enter a file password if a password was entered when this fabric

view file was saved.

3. Click OK.

NOTE: To maximize system performance and reduce the fabric event logs, limit the number of large

fabrics open at one time.

Saving a fabric view file

To save a fabric view file:

1. Select File > Save View As to open the Save View dialog box.

2. Enter a new file name and a file password, if necessary.

3. Click OK.

Rediscovering a fabric

After making changes to or deleting switches from a fabric view, it may be helpful to view the actual fabric configuration again. The Rediscover Fabric option clears the current fabric information being displayed, and rediscovers all switch information.

To rediscover a fabric, open the topology display and select Fabric > Rediscover Fabric. The Rediscover function is more comprehensive than the Refresh function.

HP StorageWorks 8/20q and SN6000 Fibre Channel Switch Enterprise Fabric Management Suite User Guide 31

Deleting switches and links

The Enterprise Fabric Management Suite application does not automatically delete switches or links that have failed or have been physically removed from the fabric Fibre Channel network. In these cases, you can delete switches and links to bring the display up to date. If you delete a switch or a link that is still active, the Enterprise Fabric Management Suite application restores it automatically. You can also refresh the display. To delete a switch from the topology display:

1. Select a switch in the topology display.

2. Select Switch > Delete.

To delete a link:

1. Select a link in the topology display.

2. Right-click the link, and then select Delete from the popup menu.

Adding a new switch to a fabric

If there are no special conditions to be configured for a new switch, plug in the switch; the switch becomes functional with the default fabric configuration. The default fabric configuration settings are:

• Fabric zoning is sent to the switch from the fabric.

• All 8-Gb/s ports are GL_Ports.

• The default IP address 10.0.0.1 is assigned to the switch without configuring a gateway or boot

protocol (RARP, BOOTP, and DHCP).

If you are adding a new switch to a fabric and do not want to accept the default fabric configuration:

1. If the switch is not new from the factory, reset the switch to the factory configuration before adding the

switch to the fabric by selecting Restore Factory Defaults from the Switch menu.

2. If you want to manage the switch through the Ethernet port, configure the IP address using the Network

Properties dialog box or the Configuration Wizard.

3. Configure any special switch settings. To open the Zoning Config dialog box, select Zoning > Edit

Zoning Config.

4. Plug in the ISLs, but do not connect the devices.

5. Configure the port types for the new switch using the Port Properties dialog box.

6. Connect the devices to the switch.

7. To make any necessary zoning changes, select Zoning > Edit Zoning to open the Edit Zoning dialog

box.

Replacing a failed switch

Use the following procedure to replace a failed switch for which an archive is available.

1. Turn off the power to the failed switch and disconnect the AC cords. Note port locations and remove

the interconnection cables and small form-factor pluggable (SFPs).

2. Remove the failed switch.

3. Mount the replacement switch in the location where the failed switch was removed.

4. Install the SFPs using the same ports that were used on the failed switch. Do not reconnect inter-switch

links, target devices, and initiator devices at this time. Doing so could invalidate the fabric zoning configuration.

5. Attach the AC cords and power up the switch.

6. Connect the Ethernet port to the LAN used for Enterprise Fabric Management Suite and configure the IP

address using the Network Properties dialog box or the Configuration Wizard.

7. Restore the configuration on the replacement switch:

a. Open a new fabric through the replacement switch. b. Open the faceplate display for the replacement switch and select Switch > Restore. c. In the Restore dialog box, enter the archive file from the failed switch or browse for the file. d. Click Restore.

32 Managing Fabrics

8. Select Switch > Reset Switch to reset the replacement switch to activate the configuration. This

configuration comes from the failed switch, including the domain ID and the zoning database.

9. Reconnect the inter-switch links, target devices, and initiator devices to the replacement switch using the

same ports as were used on the failed switch.

Displaying fabric information

The topology display is your primary tool for monitoring a fabric. The graphic window of the topology display provides status information for switches, inter-switch links, and the Ethernet connection to the management workstation. For more information, see the Link data window (Figure 14).

The topology display data windows show device, active zone set, switch, and link information.

• For information on devices in a fabric, see ”Devices data window” (page 39).

• For information on zone definitions for the active zone set, see ”Viewing active and configured zone set

information” (page 51).

• For information about the Name Server and Switch data windows, see ”Switch data window”

(page 84).

• For information on switch links, see ”Link data window” (page 33).

Link data window

The Link data window (Figure 14) displays information about all switch links in the fabric or selected links in the topology display. This information includes the switch name, the port number at the end of each link, and the link status icon. To open the Link data window, select a fabric in the fabric tree, and then click the

Link tab.

Figure 14 Link data window

HP StorageWorks 8/20q and SN6000 Fibre Channel Switch Enterprise Fabric Management Suite User Guide 33

Displaying fabric status

The fabric updates the topology and faceplate displays by forwarding changes in status to the management workstation as they occur. You can allow the fabric to update the display status, or you can refresh the display at any time. To refresh the topology display, do one of the following:

• Click Refresh.

• Select View > Refresh.

• Press the F5 key.

• Right-click anywhere in the background of the topology display, and select Refresh Fabric from the

popup menu.

The topology display uses switch and status icons to provide status information about switches, inter-switch links, and the Ethernet connection. The switch status icons, displayed on the left side of a switch, vary in shape and color. Switches controlled by an Ethernet Internet Protocol have a colored Ethernet icon displayed on the right side of the switch. Table 5 shows the different switch icons and their meanings.

NOTE: Enterprise Fabric Management Suite may not support all firmware versions. If the version of

Enterprise Fabric Management Suite is not supported, a warning status message appears: FW/GUI mismatch. A switch with this status is still manageable, but some functions may not be available. For

firmware compatibility information, see the Enterprise Fabric Management Suite Release Notes.

Table 5 Topology display switch and status icons

Switch icon Description

Event browser

The Event Browser displays a list of events generated by the switches in the fabric and the Enterprise Fabric Management Suite application. Events that are generated by the Enterprise Fabric Management Suite application are not saved on the switch, but can be saved to a file (.xml, .csv, .txt) during an Enterprise Fabric Management Suite session.

Switch status icons

• Normal operation (green)

• Warning–operational with errors (yellow)

• Critical–potential failure (red)

• Unknown–communication status unknown,

unreachable, or unmanageable (blue)

Fabric management switch Ethernet icons

• Ethernet connection normal (green)

• Ethernet connection warning (yellow)

• Ethernet connection critical (red)

Switch is not manageable with this version of Enterprise Fabric Management Suite. Use the management application that was shipped with this switch.

The Event Browser (Figure 15) lists events that have occurred, displaying the severity, time, source, type, and description of the events. The maximum number of entries allowed in the Event Browser is 10,000. The maximum number of entries allowed on a switch is 1,200. Once the maximum is reached, the oldest events in the event list are deleted when new events occur. Event entries from the switch use the switch time stamp, while event entries generated by Enterprise Fabric Management Suite have a workstation time stamp. You can filter, sort, and export the contents of the Event Browser to a file. The Event Browser begins recording when it is enabled and Enterprise Fabric Management Suite is running.

34 Managing Fabrics

If the Event Browser is enabled using the Preferences dialog box, the next time Enterprise Fabric

Column sorting buttons

Severity column

Management Suite is started all events from the switch log appear. If the Event Browser is disabled when Enterprise Fabric Management Suite is started and later enabled, only those events that occur after the time the Event Browser was enabled will appear.

To display the Event Browser, select Fabric > Show Event Browser. If the Show Event Browser selection is grayed-out, you must first enable the Events Browser preference. See ”Setting Enterprise Fabric

Management Suite preferences” (page 15).

Figure 15 Event browser dialog box

The icons in the Severity column identify the operational state of the port, as described in Table 6.

Table 6 Port operational states

State Description

Alarm—An alarm is a serviceable event. This means that attention by the user or field service is required. Alarms are posted asynchronously to the screen and cannot be turned off. If the alarm indicates that a system error has occurred, the customer may be directed to provide the support file from the switch.

Critical event—An event that indicates a potential failure. Critical log messages are events that warrant notice by the user. By default, these log messages are posted to the screen. Critical log messages do not have alarm status as they require no immediate attention from a user or service representative.

Warning event—An event that indicates errors or other conditions that may require attention to maintain maximum performance. Warning messages are not be posted to the screen unless the log is configured to do so. Warning messages are not disruptive and therefore, do not meet the criteria of Critical. The user need not be informed asynchronously

No icon Informative—An unclassified event that provides only supporting information.

NOTE: Events (Alarms, Critical, Warning, and Informative) generated by Enterprise Fabric Management

Suite are not saved on the switch. They are permanently discarded when you close an Enterprise Fabric Management Suite session; however, you can save these events to a file on the workstation before you close Enterprise Fabric Management Suite and read it later with a text editor or browser.

Events generated by the switch are stored on the switch, and are retrieved when Enterprise Fabric Management Suite is restarted. Some alarms are configurable.

HP StorageWorks 8/20q and SN6000 Fibre Channel Switch Enterprise Fabric Management Suite User Guide 35

Filtering the event browser

Filtering the Event Browser enables you to display only those events that are of interest based on the event severity, timestamp, source, type, and description. To filter the Event Browser, select Filter > Filter Entries. This opens the Filter Events dialog box (Figure 16). The Event Browser displays those events that meet all of the criteria in the Filter Events dialog box. If the filtering criteria are cleared or changed, then all the events that were previously hidden that satisfy the new criteria are shown.

You can filter the Event Browser in the following ways:

• Severity—Select one or more of the corresponding options to display: alarm, critical, warning, or

informative events.

• Date/Time—Select one or both of the From: and To: options, and enter the bounding timestamps

(MM/DD/YY HH:MM:SS AA, where "AA" indicates AM or PM) to display only those events that fall within the selected times. The current year (YY) can be entered as either 2 or 4 digits.

• Text—Select one or more of the corresponding options and enter a text string (case sensitive)

identifying the source, type, and description of the events to be monitored. The Event Browser displays only those events that satisfy all of the search specifications for the criteria defined.

Figure 16 Filter Events dialog box

Sorting the Event Browser

Sorting the Event Browser enables you to display the events in alphanumeric order based on the event severity, timestamp, source, type, or description. By default, the Event Browser is sorted in ascending order by timestamp. To sort on another column of the Event Browser, click the Severity, Timestamp, Source, Type, or Description column button. Alternatively, select Sort > By Severity, By Timestamp, By Source, By Type, or By Description. Successive sort operations of the same type alternate between ascending and descending order.

Saving the Event Browser to a file

You can save the displayed Event Browser entries to a file. Filtering affects the save operation, because only displayed events are saved. To save the Event Browser to a file:

1. Filter and sort the Event Browser to obtain the preferred display.

2. Select File > Save As.

3. Select a folder and enter a file name in which to save the event log, and then click Save. The file can be

saved in XML, CSV, or text format. XML files can be opened with an Internet browser or text editor. CSV files can be opened with most spreadsheet applications.

Verifying Fibre Channel connections

Use the FC Ping and FC TraceRoute dialog boxes to verify connections and track frames from specified targets and destinations in the Fibre Channel fabric.

36 Managing Fabrics

FC Ping dialog box

The FC Ping dialog box (Figure 17) enables you to send an ECHO frame to a specified target and verify that the frame was returned.

Figure 17 FC Ping dialog box

To verify a Fibre Channel connection:

1. Select Switch > FC Ping to open the FC Ping dialog box.

2. Open the Destination drop-down list, and select a destination port.

3. Select the Port WWN or Port Address option.

4. In the Repeat area, use the arrow keys to select or type in a value (1–100) for the number of FC ping

attempts to perform.

5. In the Timeout area, select the number of seconds (0–10) to continue attempting the FC ping operation

before timing out. Click and drag the slide bar to move the slide bar.

6. Click Ping, and view the results in the text window.

HP StorageWorks 8/20q and SN6000 Fibre Channel Switch Enterprise Fabric Management Suite User Guide 37

FC Traceroute dialog box

The FC TraceRoute dialog box (Figure 18) enables you to map the route trip a frame takes from source to destination and back.

Figure 18 FC TraceRoute dialog box

To trace a Fibre Channel connection:

1. Select Fabric > FC TraceRoute to open the FC TraceRoute dialog box.

2. Open the Source drop-down list, and select a source port.

3. Select the Port WWN or Port Address option.

4. Open the Destination drop-down list, and select a destination port.

5. Select the Port WWN or Port Address option.

6. In the Maximum Round-trip Hops list, select a value from the drop-down list (1–32).

7. Click Trace and view the results in the text window.

Device information and nicknames

Devices are hosts and storage targets connected to the switch. A nickname is a user-definable, meaningful name that can be used in place of the World Wide Name (WWN). Assigning nicknames makes it easier to recognize device ports when zoning your fabric and when viewing the Devices data window. The following describes how to view and manage device information and nicknames.

38 Managing Fabrics

Devices data window

The Devices data window (Figure 19) displays information about name server devices and proxied devices (from configuration of TR ports) connected to the switch. To display the Devices data window, click the

Devices tab below the data window.

Figure 19 Devices data window

Because remote devices are proxied, the following limitations in available information exist:

• The Details button is disabled.

• The Target/Initiator field always reads Unknown.

• The Vendor field text is decoded from the OUI in the Port WWN, rather than potentially being read

from the FC4Descriptors, as is the case with local devices.

• The proxied devices are indicated in the Device data window by italic text and the notation "(TR)" after

the port number.

• Proxied devices are also unavailable in the Active Zoneset data window. For more information, see

”Viewing active and configured zone set information” (page 51).

The Devices data window fields are described in Table 7.

Table 7 Devices data window fields

Field Description

Port WWN Port World Wide Name

Nickname Device port nickname. To create a new nickname or edit an existing

nickname, double-click the cell and enter a nickname in the Edit Nickname dialog box. For more information, see ”Managing device port

nicknames” (page 40).

Details Click (i) to display additional information about the device (Figure 20).

FC Address Fibre Channel address

Switch Switch name

Port Switch port number

Target/Initiator Device type: Target, Initiator, or Both

Vendor Host Bus Adapter/Device Vendor

HP StorageWorks 8/20q and SN6000 Fibre Channel Switch Enterprise Fabric Management Suite User Guide 39

Table 7 Devices data window fields (continued)

Field Description

Active Zones The active zone to which the device belongs

Row # Row number reference for each listing in the Devices data window table

To display detailed information for a device listed in the Devices data window, click (i) in the Details column for that device to open the Detailed Devices Display window (Figure 20).

Figure 20 Detailed Devices Display window

Managing device port nicknames

In addition to creating, editing, and deleting nicknames, you can also export the nicknames to a file, which can be imported into the Nicknames.xml file on other workstations. The maximum number of nicknames allowed is 5,000.

Nicknames are saved to an XML file stored on the switch. If different nickname files exist on other switches in the fabric, you are prompted to resolve differences before the Nicknames dialog box appears. When a conflict exists, a series of dialog boxes is presented to resolve differences between the nicknames stored on that switch with nicknames stored on other switches. The most recent nickname takes precedence during nickname resolution. Changes made in the Nickname dialog box are propagated to all switches in the fabric only after you click Apply.

Creating a nickname

To create a device port nickname:

1. Select Fabric > Nicknames to open the Nicknames dialog box. The device entries are listed in table

format.

2. Choose one of the following options to enter a nickname. A nickname must start with a letter and can

have up to 64 characters. Valid characters include alphanumeric characters [aA–zZ][0–9] and special symbols [$ _ - ^ ].

• Double-click a cell in the Nicknames column, and enter a new nickname in the text field. Click Save

to save the changes and exit the Nicknames dialog box.

• Click on a device entry in the table, and then select Edit > Create Nickname to open the Add

Nickname dialog box. In the Add Nickname dialog box, enter a nickname and WWN, and then click OK.

40 Managing Fabrics

Editing a nickname

To edit a nickname:

1. Select Fabric > Nicknames to open the Nicknames dialog box. The device entries are listed in table

format.

2. Choose one of the following options:

• Double-click a cell in the Nicknames column, and edit the nickname in the text field. In the

Nicknames dialog box, click Apply to save the changes.

• Click on a device entry in the table, and then select Edit > Edit Nickname to open the Edit Nicknames dialog box. Edit the nickname in the text field, and then click OK. In the Nicknames dialog box, click Apply to save the changes.

Deleting a nickname

To delete a device port nickname:

1. Select Fabric > Nicknames to open the Nicknames dialog box.

2. Choose one of the following options:

• Click a device in the table, and then select Edit > Delete Nickname.

• Double-click a cell in the Nicknames column, and then delete the nickname text.

3. Click Apply to save the changes.

Exporting nicknames to a file

You can save nicknames to a file, which can then be used to restore nicknames on a switch. To export nicknames to an XML file:

1. Select Fabric > Nicknames to open the Nicknames dialog box.

2. Select File > Export.

3. Enter a name for the XML nickname file in the Save dialog box.

4. Click Save.

Importing a nicknames file

Importing a nicknames file copies nickname information from a file on your workstation onto the switch. To import a nicknames file:

1. Select Fabric > Nicknames to open the Nicknames dialog box.

2. Select File > Import.

3. Click an XML nickname file in the Open dialog box.

4. Click Open.

5. When prompted to overwrite existing nicknames, click Yes.

Fabric services

Fabric services security includes SNMP and in-band management. SNMP is the protocol governing network management and monitoring of network devices. SNMP security consists of a read community string and a write community string, that are basically the passwords that control read and write access to the switch. The read community string (public) and write community string (private) are set at the factory to these well-known defaults and should be changed when SNMP is enabled using the System Services or SNMP Properties dialog boxes. If SNMP is enabled (default) and the read and write community strings have not been changed from their defaults, you risk unwanted access to the switch. For more information, see ”Enabling SNMP configuration” (page 42). SNMP is enabled by default.

In-band management is the ability to manage switches across inter-switch links using Enterprise Fabric Management Suite, QuickTools, SNMP, management server, or the application programming interface. The switch comes from the factory with in-band management enabled. If you disable in-band management on a particular switch, you can no longer communicate with that switch by means other than a direct Ethernet or serial connection. For more information, see ”Enabling in-band management” (page 42).

HP StorageWorks 8/20q and SN6000 Fibre Channel Switch Enterprise Fabric Management Suite User Guide 41

Enabling SNMP configuration

To enable the SNMP configuration on a single switch:

1. Select a switch in the fabric tree or in the topology display graphic window.

2. If you selected a switch in the fabric tree, select Switch > SNMP > SNMP Properties to open the SNMP

Properties dialog box. If you selected a switch in the graphic window, select Switch > SNMP Properties.

3. Select the SNMP Enabled option in the SNMP Configuration area.

4. Click OK to save the change to the database.

To enable the SNMP configuration on a stack of switches:

1. Select a stack in the fabric tree or in the topology display graphic window. All switches in the stack

must have the same firmware version.

2. Select Stack > SNMP Properties to open the SNMP Properties dialog box.

3. Select the SNMP Enabled option in the SNMP Configuration area.

4. Click OK to save the change to the database.

Enabling in-band management

To enable in-band management:

1. Select a switch in the fabric tree or the topology display graphic window.

2. Select Switch > Switch Properties to open the Switch Properties dialog box.

3. Select the In-band Management Enable option.

4. Click OK to save the change to the database.

Transparent router

IMPORTANT: The SSCM application can manage HP H-Series Fibre Channel Switches with active

TR_Ports; however, SSCM cannot manage or discover remote switches or devices in the remote fabric. Use the storage management interface to present LUNs to remote devices. SSCM displays the remote fabric as a grayed-out switch, and no management can be performed.

The Transparent Router feature on the HP H-Series Fibre Channel Switch provides inter-fabric routing to enable controlled and limited access between devices on an HP H-Series Fibre Channel Switch (local) fabric and devices on a remote fabric of B-series or C-series switches.

The local fabric may consist of one or multiple HP H-Series Fibre Channel Switches connected by their ISLs. A specific device attached to an HP H-Series Fibre Channel Switch can be mapped with one or more devices in one remote fabric over only one TR_Port on that HP H-Series Fibre Channel Switch. If a device attached to an HP H-Series Fibre Channel Switch is mapped with multiple devices in the same remote fabric, the same TR_Port must be used.

A device attached to a remote fabric can be mapped with multiple devices in multiple local fabrics. If a device in a remote fabric is mapped with multiple devices in the local fabric attached to a given HP H-Series Fibre Channel Switch, the same TR_Port on the HP H-Series Fibre Channel Switch must be used for all mappings involving that remote device. However, the same remote device can be mapped with other local devices attached to a different HP H-Series Fibre Channel Switch in the same local fabric over a TR port from that switch. A remote device can be mapped through more than one TR port, as long as each of those TR ports is on a different HP H-Series Fibre Channel Switch.

You cannot map a local device to a remote device over an E_Port to another local switch and then over a TR_Port to the remote switch. The transparent route cannot include an E_Port on the local fabric.

Local devices do not discover remote devices until the corresponding inter-fabric zones are activated on both the local and remote fabrics. To remove a mapping, in addition to removing the local inter-fabric zone, you must also remove the corresponding remote inter-fabric zone.

42 Managing Fabrics

NOTE: When a local device is mapped over a TR_Port to a remote device, the local device and its

TR_Port appear as an NPIV connected device in the remote fabric. It is possible, though not recommended, to map such a local device over a second TR_Port to a local device in a second local fabric. In this case, if you merge the two local fabrics, the transparent route becomes inactive for the devices that now have a path over an ISL, and an alarm is generated.

For details of switches supported in a remote fabric, see release notes for the HP H-Series Fibre Channel Switch, and the HP StorageWorks SAN Design Reference Guide on the HP website

http://www.hp.com/go/sandesignguide.

You can configure TR mappings to connect devices on the local HP H-Series Fibre Channel Switch fabric with devices on remote fabrics. To establish a transparent route between devices:

1. Connect a remote switch to a TR_port on the HP H-Series Fibre Channel Switch.

2. Map the devices together.

3. Create and activate the inter-fabric zones (IFZ) in both fabrics. Each fabric contains a matching IFZ,

which must contain exactly three WWN members: local device, remote device, and TR_Port attached to the remote fabric.

NOTE: Be sure to configure the TR_Port before connecting the remote fabric to the HP H-Series Fibre

Channel Switch. If the remote fabric is connected to a port on the HP H-Series Fibre Channel Switch that is not a TR_Port, the two fabrics may establish an E_Port connection and the local and remote fabrics may merge. This mixed fabric is not a supported configuration. If the port type is changed to TR_Port after connecting the remote fabric, a port reset may be required to completely establish the TR connection.

A TR_Port is used as a bridge between the transparent router’s local fabric and a remote fabric. A TR_Port uses standard NPIV login methods to attach to the remote fabric. For remote B-series or C-series fabrics, the switch to which the TR_Port connects must support N-Port ID Virtualization (NPIV) and for B-series fabrics the interoperability mode must be configured to InteropMode=0. The TR_Port logs into the remote fabric using the WWN of the TR_Port. The TR_Port accesses fabric services of the remote fabric, such as Name Server and Management Server, and may receive registered state change notifications (RSCNs). The TR_Port uses FDISCs to login proxies for devices attached to an N_Port on the HP H-Series Fibre Channel Switch. Any of the HP H-Series Fibre Channel Switch 8Gb ports may be configured as a TR_Port.

IMPORTANT: Because C-series switches do not support Unzoned Name Server queries (which are an

option of the Fibre Channel standard), C-series fabrics must be “pre-zoned” before you can set up TR mappings to a remote C-series fabric using the TR Mapping Manager dialog box. The C-series fabric zone set must be changed to add zones so that the WWNs of the remote devices to be mapped and the WWNs of the HP H-Series Fibre Channel Switch TR ports are zoned together. For more information, see the C-series documentation for specific information to configure zoning. Retain these zones in the zone set after completion of the TR mapping as a best practice, until you no longer need to map the device to the local fabric.

Viewing inter-fabric routes

You can view inter-fabric routes in the Transparent Routes data window and the TR Mapping Manager dialog box.

HP StorageWorks 8/20q and SN6000 Fibre Channel Switch Enterprise Fabric Management Suite User Guide 43

Transparent Routes data window

The Transparent Routes data window displays the currently configured inter-fabric zones/routes using a TR_Port.

Figure 21 Transparent Routes data window

The Transparent Routes data window fields are described in Table 8.

Table 8 Transparent Routes data window fields

Field Description

Route Route number reference for each listing in the Transparent Routes data window table

State The current TR mapping state (Active or Inactive)

• Active—Indicates that the mapped TR port is on this switch, and both devices have

logged in.

• Inactive—Indicates that the mapped TR port is on this switch, and the mapping is not

active. The reasons are shown in the details display as the three Status column entries (one for the overall mapping and one for each device in the mapping).

Device A The WWN of one of the two devices linked by the TR mapping. Assigned nicknames are

also displayed.

Device B The WWN of the other device linked by the TR mapping. Assigned nicknames are also

displayed.

Details Click (i) in the Details column to open the Transparent Route dialog box, which displays

detailed information on the transparent route.

44 Managing Fabrics

The Transparent Route dialog box (Figure 22) displays detailed information about the transparent route you selected from the Transparent Routes data window. The state of the route (Active or Inactive) is shown, and Port WWN, TR Port WWN, and Status fields are displayed for both sides of the route. Device A does not necessarily correspond to the HP H-Series Fibre Channel Switch side of the route because the end points of the route could be in any order.

Figure 22 Transparent Route dialog box

TR Mapping Manager dialog box

NOTE: The Merge Auto Save option in the Config Zoning dialog box must be selected before you can

open the TR Mapping Manager dialog box. For more information, see ”Merge Auto Save” (page 54).

To view the current inter-fabric routes:

1. Select Fabric > TR Mapping Manager to open the TR Mapping Manager dialog box (Figure 23).

2. Select a TR mapping member in the TR Mapping list for which to display information.

Figure 23 TR Mapping Manager dialog box

HP StorageWorks 8/20q and SN6000 Fibre Channel Switch Enterprise Fabric Management Suite User Guide 45

Adding an inter-fabric route

NOTE: The Merge Auto Save option in the Config Zoning dialog box must be selected before you can

open the TR Mapping Manager dialog box. For more information, see ”Merge Auto Save” (page 54).

The local fabric port to be used in the inter-fabric zone must be configured as a TR_Port before the devices are mapped. For information about changing port types, see ”Port types” (page 135). You can map a remote device through multiple TR ports, as long as each of those TR ports are on different HP H-Series Fibre Channel Switches.

To add an inter-fabric route:

1. Select Fabric > TR Mapping Manager to open the TR Mapping Manager dialog box (Figure 23).

2. Click Add or select Edit > Add to open the Add TR Mapping dialog box (Figure 24).

3. Select a local device from the 1 Select a Local Device column.

4. Select a remote device from the 2 Select a Remote Device column.

5. Select a TR port from the 3 Select a TR Port column.

6. Click OK to save the changes and close the Add TR Mapping dialog box.

7. Verify that the new TR mapping members appear in the TR Mapping list of the TR Mapping Manager

dialog box, and click OK.

Figure 24 Add TR Mapping dialog box

After you click OK in the TR Mapping Manager dialog box, the IFZs are created and saved to the switch. The possible results are as follows:

• If there is an active zone set with TR mappings, the old IFZs are deleted and replaced with the new

IFZs, and then the active zone set is re-activated.

• If there is no active zone set, a zone set named TR_MAPPING_SET (default name) is created, the new

IFZs are added to the zone set, and then the zone set is activated.

• If there are no TR mappings, the old IFZs are deleted from the active zone set, and then the active zone

set is re-activated.

• If there are no zones and no IFZs in the active set, the active zone set is deactivated.

46 Managing Fabrics

Removing an inter-fabric route

NOTE: The Merge Auto Save option in the Config Zoning dialog box must be selected before you can

open the TR Mapping Manager dialog box. For more information, see ”Merge Auto Save” (page 54).

To remove an inter-fabric route:

1. Select Fabric > TR Mapping Manager to open the TR Mapping Manager dialog box (Figure 23).

2. Select a TR mapping member from the TR Mapping list, and then click Remove or select Edit > Remove.

A warning dialog box prompts you to confirm the removal of the selected mapping members.

3. Click OK to confirm the removal of the selected TR mapping member.

Creating a zoning commands text file

A zoning commands text file contains the commands needed to configure zoning on the remote fabric and allow the inter-fabric connection over the TR_Port. You can choose the type of remote switch fabric to generate the proper commands, either for B-series or C-series switches.

TIP: Before modifying zoning, HP recommends that you back up the configuration.

To create a zoning commands text file for the remote fabric:

1. Select Fabric > TR Mapping Manager to open the TR Mapping Manager dialog box (Figure 23).

2. Create a new TR mapping for a inter-fabric zone, if one does not exist. For more information, see

”Adding an inter-fabric route” (page 46).

3. Select an entry from the TR Mapping List window.

4. Select File > Generate Remote Zoning to open the Remote Fabric Zoning dialog box (Figure 25). If you

make and save changes in the TR Mapping Manager dialog box, you can choose the type of zoning commands to view in the Suggested Remote Fabric Zoning Commands window of the Remote Fabric Zoning dialog box.

Figure 25 Remote Fabric Zoning dialog box

HP StorageWorks 8/20q and SN6000 Fibre Channel Switch Enterprise Fabric Management Suite User Guide 47

a. Choose one of the following options from Select Set of Zoning Commands to View:

• Comprehensive Zoning Commands for Initial TR Setup shows the list of zoning commands to set

up all the IFZs.

• Zoning Commands Only for Changes to TR Mappings shows the list of zoning commands only

for changes you make during this session (after opening the TR Mapping Manager dialog box).

NOTE: The Remote Fabric Zoning dialog box displays the Select Set of Zoning Commands to View

option only if you made and saved changes in the TR Mapping Manager dialog box. If you open the Remote Fabric Zoning dialog box after selecting File > Generate Remote Zoning, the Select Set of Zoning Commands to View option does not appear, and the Suggested Remote Fabric Zoning Commands window displays the list of zoning commands to set up all the IFZs.

b. Choose one of the following options from the Remote Switch Type drop-down list to generate the

corresponding zoning commands:

• B-series—to connect remotely with B-series switches

• C-series—to connect remotely with C-series switches

c. Enter the Configuration Name, which is used as the zone set name in the commands. This must be

the same zone set name as the zone set on the remote fabric to which this zoning is applied, or else the commands generated can be saved and edited to change the zone set name as needed. The default Configuration Name is TRoutesCfg.

d. Configure the command list to either modify the existing zoning on the remote fabric, or to create

and activate new zoning.

•Clear the New Configuration option to add the changes to the existing active zone set. The

specified configuration and the active zone set must have the same name. If the names are not the same, the application attempts to replace the active zone set with a new zone set with the new name, containing only the Inter Fabric Zones. The active zone set will not be replaced unless you respond to CLI queries to accept activation of this new zone set.

• Select the New Configuration option to create and activate a new active zone set. The specified

configuration name becomes the name of the active zone set.

5. Click Export, and select a path name (TXT file extension only) in the Save dialog box. Selecting the

same path name overwrites the first path name.

6. Click Save to save the zoning commands text file on your workstation.

NOTE: The commands generated for C-series switches assume that zoning is applied to VSAN 1. If

this is not the correct VSAN, you must edit the commands accordingly before executing the commands.

48 Managing Fabrics

3 Managing Fabric Zoning

NOTE: If you are using Simple SAN Connection Manager (SSCM), it is recommended that you use the

single initiator zoning that SSCM configures automatically. This chapter is for administrators who are not using SSCM, or who want to do custom zoning.

Zoning a fabric enables you to divide the ports and devices of the fabric into zones for more efficient and secure communication among functionally grouped nodes. This chapter describes zoning concepts and how to configure and manage fabric zoning.

Zoning concepts

The following zoning concepts provide some context for the zoning tasks described in this chapter.

Zones

Zoning divides the fabric for the purpose of controlling discovery and inbound traffic. A zone is a named group of ports or devices. Members of the same zone can communicate with each other and transmit outside the zone, but cannot receive inbound traffic from outside the zone. Zoning is hardware-enforced only when a port/device is a member of no more than eight zones whose combined membership does not exceed 64. If this condition is not satisfied, that port behaves as a soft zone member.

Zoning is hardware enforced on a switch port if the sum of the logged-in devices plus the devices zoned with devices on that port is 64 or less. If a port exceeds this sum, that port behaves as a soft zone member, which means the zone can automatically discover and communicate freely with all other member of the same zone. The port continues to behave as a soft zone member until the sum of logged-in and zoned devices falls back to 64, and the port is reset.

A zone can be a component of more than one zone set. Several zone sets can be defined for a fabric, but only one zone set can be active at one time. The active zone set determines the zoning of the fabric.

Membership in a zone can be defined by device WWN, device FCID, or switch domain ID and port number.

• WWN entries define zone membership by the World Wide Name of the attached device. With this

• FCID entries define zone membership by the Fibre Channel address of the attached device. With this

• Domain ID/Port number entries define zone membership by switch domain ID and port number. All

Aliases

To make it easier to add a group of ports or devices to one or more zones, you can create an alias. An alias is a named set of ports or devices that are grouped together for convenience. Unlike a zone, an alias imposes no communication restrictions between its members. You can add an alias to one or more zones. However, you cannot add a zone to an alias, nor can an alias be a member of another alias.

Zone sets

membership method, you can move WWN member devices to different switch ports in different zones without having to edit the member entry as you would with a domain ID/port number member. Unlike FCID members, WWN zone members are not affected by changes in the fabric that could change the Fibre Channel address of an attached device.

membership method you can replace a device on the same port without having to edit the member entry as you would with a WWN member.

devices attached to the specified port become members of the zone. The specified port must be an F_Port or an FL_Port.

A zone set is a named group of zones. A zone can be a member of more than one zone set. Each switch in the fabric maintains its own zoning database containing one or more zone sets. This zoning database

HP StorageWorks 8/20q and SN6000 Fibre Channel Switch Enterprise Fabric Management Suite User Guide 49

resides in non-volatile or permanent memory and is therefore retained after a reset. Zones that are currently not in a zone set are considered to be part of the orphan zone set. The orphan zone set is not an actual zone set, but rather a way of displaying the zones that are not currently in a zone set.

To apply zoning to a fabric, choose a zone set and activate it. When you activate a zone set, the switch distributes that zone set and its zones, excluding aliases, to every switch in the fabric. This zone set is known as the active zone set. See ”Viewing active and configured zone set information” (page 51) for information about displaying the active zone set.

Zoning database

Each switch has its own zoning database. The zoning database is made up of all aliases, zones, and zone sets that have been created on the switch or received from other switches. The switch maintains two copies of the inactive zoning database: one copy is maintained in temporary memory for editing purposes; the second copy is maintained in permanent memory. Zoning database edits are made on an individual switch basis and are not propagated to other switches in the fabric when saved.

The Merge Auto Save parameter determines whether changes to the active zone set that a switch receives from another switch in the fabric are saved to permanent memory on that switch. See ”Configuring the

zoning database” (page 54) for information about zoning configuration.

Using the Zoning Wizard

The Zoning Wizard is a series of dialog boxes that leads you through the process of zoning a fabric. To open the Zoning Wizard, open the Wizards menu in the faceplate display, and select Zoning Wizard.

The Zoning Wizard helps you zone the two most typical reasons for zoning:

• Zoning Windows servers storage

• Assign storage to servers.

There must be at least one target and at least one initiator in the name server. Windows servers do not share devices well, but sometimes they must share devices, such as a tape drive. The wizard helps you define which devices are sharable and which ones are not. Once a device is in a Windows group, it can no longer be in any other group.

Managing the zoning database

The following sections describe the zoning database management tasks.

NOTE: Changes that you make to the zoning database are limited to the managed switch and do not

propagate to the rest of the fabric. To distribute changes to configured zone sets fabric wide, you must edit the zoning databases on the individual switches.

Viewing zoning limits and properties

Zoning limits vary depending on the firmware installed on the switch:

• MaxZoneSets—Maximum number of zone sets that can be configured on the switch.

• MaxZones—Maximum number of zones that can be configured on the switch, including orphan zones.

• MaxAliases—Maximum number of aliases that can be configured on the switch.

• MaxTotalMembers—Maximum number of zone and alias members that can be stored in the switch

zoning database. Each instance of a zone member or alias member counts toward this maximum.

• MaxZonesInZoneSets—Maximum number of zone linkages to zone sets that can be configured on the

switch. A linkage is configured every time a zone is added to a zone set.

• MaxMembersPerZone—Maximum number of zone members that can be added to any zone on the

switch. When added to a zone, an alias is considered to be a zone member.

• MaxMembersPerAlias—Maximum number of zone members that can be added to any alias on the

switch.

50 Managing Fabric Zoning

To view zoning properties and limits on a switch:

1. On the faceplate display, select Zoning > Edit Zoning to open the Edit Zoning dialog box.

2. Choose one of the following options:

• View the zoning properties/limits located directly below the zoning tool bar (Figure 28).

• In the zone sets tree (left pane), right-click the Zonesets entry at the top of the tree, and then select

Properties.

• In the zone sets tree (left windowpane), select the zone sets entry at the top of the tree, and then

select Edit > Properties from the menu bar.

3. When you have finished viewing the zoning properties information, click OK to close the Properties

dialog box.

Viewing active and configured zone set information

The Active Zoneset data window (Figure 26) displays the zone membership for the active zone set that resides on the fabric management switch. The active zone set is the same on all switches in the fabric. To open the Active Zoneset data window, select a fabric in the fabric tree, and click the Active Zoneset tab. The Active Zoneset data window uses display conventions for expanding and contracting entries that are similar to the fabric tree. An entry handle located to the left of an entry in the tree indicates that the entry can be expanded. Click this handle or double-click the following entries:

• A zone set expands to show its member zones.

• A zone expands to show its member ports/devices.

• Ports/devices that are zoned by WWN or FC address, but no longer part of the fabric, are grayed-out.

Proxied devices are also grayed-out.

Figure 26 Active Zoneset data window

The Configured Zonesets data window (Figure 27) displays all zone sets, zones, aliases, and zone membership in the zoning database. To open the Configured Zonesets data window, select a switch in the fabric tree, and click the Configured Zonesets tab.

HP StorageWorks 8/20q and SN6000 Fibre Channel Switch Enterprise Fabric Management Suite User Guide 51

The Configured Zonesets data window uses display conventions for expanding and contracting entries that are similar to those used by the fabric tree. An entry handle located to the left of an entry in the tree indicates that the entry can be expanded. Click this handle or double-click the following entries to expand or collapse them:

• A zone set expands to show its member zones.

• A zone expands to show its members by device port World Wide Name or device port Fibre Channel

address.

• The alias expands to show its entries.

Figure 27 Configured Zoneset data window

Editing the zoning database

Use the Edit Zoning dialog box (Figure 28) to edit the zoning database of a particular switch. To open the Edit Zoning dialog box:

1. Select a switch or a stack in the fabric tree.

2. Select Zoning > Edit Zoning.

3. If you selected a stack and the zoning database is not identical on all switches in the stack, choose a

switch from the Select Source Switch list. Changes that you make to this switch are distributed to the other switches in the stack.

Figure 28 Edit Zoning dialog box

52 Managing Fabric Zoning

Changes can only be made to inactive zone sets, which are stored in flash (non-volatile) memory and retained after any switch reset. You must configure an inactive zone set to your needs and then activate that updated zone set to apply the changes to the fabric. When you activate a zone set, the switch distributes that zone set to the temporary zoning database on every switch in the fabric. However, in addition to the merged active zone set, each switch maintains its own original zone set in its zoning database. However, only one zone set can be active at one time.

NOTE: If the Merge Auto Save parameter is enabled on the Zoning Configuration dialog box, then every

time the active zone set changes, the switch copies it into an inactive zone set stored on the switch. To conveniently apply the changes to the active zone set, you can edit the copy of the active zone set, and then activate the updated copy. The edited copy then becomes the active zone set.

The Edit Zoning dialog box has a zone set tree on the left and a Port/Device (or members) tree on the right. Both trees use display conventions similar to those used by the fabric tree for expanding and contracting zone sets, zones, and ports. An expanded port shows the port Fibre Channel address; an expanded address shows the port World Wide Name. You can select zone sets, zones, and ports in any one of the following ways:

• Click a zone, zone set, or port icon.

• Right-click to select a zone set or zone, and then open the corresponding popup menu.

• Press and hold the Shift key while clicking several consecutive icons.

• Press and hold the Control key while clicking several non-consecutive icons.

Using tool bar buttons, popup menus, or the drag-and-drop method, you can create and manage zone sets and zones in the zoning database. Table 9 describes the zoning tool bar operations.

Table 9 Edit Zoning dialog box tool bar

Button Description

Create Zoneset—Creates a new zone set

Create Zone—Creates a new zone

Create Alias—Creates another name for a set of objects

Add Member—Adds selected port/device to a zone

Remove Member—Deletes the selected zone from a zone set, or deletes the selected port/device from a zone

Copy—Copies selected zoning items to the clipboard

Paste—Pastes clipboard items in selected zoning item, where applicable

HP StorageWorks 8/20q and SN6000 Fibre Channel Switch Enterprise Fabric Management Suite User Guide 53

Table 10 Port/device icons

Icon Description

Switch port icon—When not logged in

Switch port icon—When logged in

NL_Port (loop) device icon—When logged in to fabric

NL_Port (loop) device icon—When not logged in to fabric

N_Port device icon—When logged in to fabric

N_Port device icon—When not logged in to fabric

Configuring the zoning database

Use the Zoning Config dialog box (Figure 29) to change the Merge Auto Save, Default Zone, and Discard Inactive configuration parameters. To open the Zoning Config dialog box, select Zoning > Edit Zoning

Config. After making the changes, click OK to put the new values into effect.

Figure 29 Zoning Config dialog box

Merge Auto Save

The Merge Auto Save parameter determines whether changes to the active zone set that a switch receives from other switches in the fabric are saved to the zoning database on that switch. Changes are saved when an updated zone set is activated. Zoning changes are always saved to temporary memory.

• If Merge Auto Save is enabled, the switch firmware saves changes to the active zone set in temporary

memory and to the zoning database.

• If Merge Auto Save is disabled, changes to the active zone set are stored only in temporary memory,

which is cleared when the switch is reset.

NOTE: Disabling the Merge Auto Save parameter can be useful to prevent the propagation of zoning

information when experimenting with different zoning schemes. However, leaving the Merge Auto Save parameter disabled can disrupt device configurations should a switch have to be reset. For this reason, the Merge Auto Save parameter should be enabled in a production environment.

54 Managing Fabric Zoning

Default Zone

The Default Zone parameter enables (Allow) or disables (Deny) communication among ports/devices that are not defined in the active zone set or when there is no active zone set. This parameter must have the same value throughout the fabric. However, the Default Zone parameter is not automatically distributed throughout the fabric and must be configured to the same state in every switch in the fabric.

Discard Inactive

The Discard Inactive parameter automatically removes inactive zones and zone sets when a zone set is activated or deactivated from a remote switch.

Saving and restoring the zoning database to a file

You can save the zoning database to an XML file, restore the saved database or the default zoning (which clears the switch of all definitions). You can also remove all zones and zone set definitions.

Saving the zoning database to a file

To save a zoning database to a file:

1. Select a switch or a stack in the fabric tree.

2. Select Zoning > Edit Zoning to open the Edit Zoning dialog box.

3. If you selected a stack and the zoning database is not identical on all switches in the stack, choose a

switch from the Select Source Switch list. Changes that you make to this switch are distributed to the other switches in the stack.

4. Select File > Save As to open the Save dialog box.

5. Enter a file name for the database file, and click Save to save the zoning file.

Restoring the zoning database from a file

To restore the zoning database from a file:

CAUTION: Restoring the zoning database from a file replaces the current zoning database on the switch.

1. Select a switch or stack in the fabric tree.

2. Select Zoning > Edit Zoning to open the Edit Zoning window.

3. If you selected a stack and the zoning database is not identical on all switches in the stack, choose a

switch from the Select Source Switch list. Changes that you make to this switch are distributed to the other switches in the stack.

4. Select File > Open File. A popup window prompts you to select an XML zoning database file.

5. Select a file and then click Open.

Restoring the default zoning database

Restoring the default zoning clears the switch of all zoning definitions.

NOTE: This command deactivates the active zone set.

To restore the default zoning database:

1. Select a switch or stack in the fabric tree.

2. Select Zoning > Edit Zoning to open the Edit Zoning window.

3. If you selected a stack and the zoning database is not identical on all switches in the stack, choose a

switch from the Select Source Switch list. Changes that you make to this switch are distributed to the other switches in the stack.

4. Click OK to confirm that you want to restore default zoning and save changes to the zoning database.

HP StorageWorks 8/20q and SN6000 Fibre Channel Switch Enterprise Fabric Management Suite User Guide 55

Removing all zone and zone set definitions

To remove all zone and zone set definitions:

1. Select a switch or stack in the fabric tree.

2. Select Zoning > Edit Zoning to open the Edit Zoning window.

3. If you selected a stack and the zoning database is not identical on all switches in the stack, choose a

switch from the Select Source Switch list. Changes that you make to this switch are distributed to the other switches in the stack.

4. Select Edit > Clear Zoning.

5. In the Removes All dialog box, click Yes to confirm that you want to delete all zones and zone sets.

Merging fabrics and zoning

If you join two fabrics with an inter-switch link, the active zone sets from the two fabrics attempt to merge automatically. The fabrics may consist of a single switch or many switches already connected together. The switches in the two fabrics attempt to create a new active zone set containing the union of each fabric's active zone set. The propagation of zoning information affects only the active zone set, not the configured zone sets, unless Merge Auto Save is turned on.

Zone merge failure

If a zone merge is unsuccessful, the inter-switch links between the fabrics isolate due to the zone merge failure, and an alarm is generated. The reason for the E_Port isolation can also be determined by viewing the port information. For information about the Port Information data window, see Table 25.

A zone merge fails if the two active zone sets have member zones with identical names, but differ in membership or type. For example, consider Fabric A and Fabric B each with a zone named ZN1 in its active zone set. Fabric A ZN1 contains a member specified by Domain ID 1 and Port 1; Fabric B ZN1 contains a member specified by Domain ID 1 and Port 2. In this case, the merge fails because the two zones have the same name, but different membership.

A zone merge may also fail if the merged zones/members exceed the maximum zoning limits. For information about zoning limits, see ”Viewing zoning limits and properties” (page 50).

Zone merge failure recovery

When a zone merge failure occurs, the conflict that caused the failure must be resolved. You can correct a failure due to a zone conflict by deactivating one of the active zone sets or by editing the conflicting zones so that their membership is the same. You can deactivate the active zone set on one fabric if the active zone set on the other fabric accurately defines your zoning needs. If not, you must edit the zone memberships, and reactivate the zone sets. After correcting the zone membership, reset the isolated ports to allow the fabrics to join.

NOTE: If you deactivate the active zone set in one fabric and the Merge Auto Save parameter is enabled,

the active zone set from the second fabric propagates to the first fabric and replaces all zones with matching names in the configured zone sets.

For more information about adding and removing zone members, see ”Managing zones” (page 59). For more information about resetting a port, see ”Resetting a port” (page 141).

56 Managing Fabric Zoning

Resolving active, configured, and merged zone sets

The Resolving Zoning options enable you to manage the active, configured, and merged zone sets in the zoning database. To access the Resolving Zoning dialog box options, open the faceplate display, and then select Zoning > Resolve Zoning.

• Capture Active Zoning—Capture Active Zoning option copies the active zone set to the configured

zone set.

• Restore Configured Zoning—Restore Configured Zoning option reverts back to the previously saved

configured zone set.

• Capture Merged Zoning—Capture Merged Zoning option saves the merged zone set into the

configured zone set.

• View Merged/Configured Differences—View Merged/Configured Differences option opens a dialog

box to display the Merged and Configured zone sets in split panes. Items in the Merged pane, but not in the Configured pane, are shown in red and are not persistent after a switch reset. Items in the Configured pane but not in the Merged pane are shown in green and are persistent after a switch reset. The bottom pane shows a summary description of the differences between the merged and configured zone sets.

Managing zone sets

Zoning a fabric involves creating a zone set, creating zones as zone set members, then adding devices as zone members. The zoning database supports multiple zone sets to serve the different security and access needs of your storage area network, but only one zone set can be active at one time. The following describes the zone set management tasks.

Creating a zone set

To create a zone set:

1. Select a switch or stack in the fabric tree.

2. Select Zoning > Edit Zoning to open the Edit Zoning window.

3. If you selected a stack and the zoning database is not identical on all switches in the stack, choose a

switch from the Select Source Switch list. Changes that you make to this switch are distributed to the other switches in the stack.

4. Select Edit > Create Zoneset to open the Create Zoneset dialog box.

5. Enter a name for the zone set, and then click OK. A zone set name must begin with a letter and be no

longer than 64 characters. Valid characters are 0–9, A–Z, a–z, _, -, ^, and $.

6. Choose one of the following options to create new zones in a zone set:

• Right-click a zone set, and select Create A Zone from the popup menu. In the Create a Zone dialog box, enter a name for the new zone, and then click OK. The new zone name appears in the Zonesets dialog box.

• Copy an existing zone by dragging a zone into the new zone set. See ”Copying a zone to a zone

set” (page 60).

7. Click Apply to open the Save Zoning and Error Check dialog box, which presents the following

options:

• Perform Error Check checks for zoning conflicts, such as empty zones, aliases, or zone sets. This option is recommended before saving. If errors are found, click Close and correct the errors.

• Save Zoning saves the changes to the zoning database with an option to activate a zone set. The Zone set activation dialog box prompts you to activate a zone set. Click Yes to select and activate a zone set; click No to save the changes without activating a zone set.

• Close cancels the Apply operation without saving the changes.

8. Click Close to close the Save Zoning and Error Check dialog box.

9. Click Close to close the Edit Zoning dialog box.

HP StorageWorks 8/20q and SN6000 Fibre Channel Switch Enterprise Fabric Management Suite User Guide 57

Activating and deactivating a zone set

You must activate a zone set to apply its zoning definitions to the fabric. When you activate a zone set, the switch distributes that zone set to the temporary zoning database on every switch in the fabric. Only one zone set can be active at one time.

The purpose of the deactivate function is to suspend all fabric zoning, which results in free communication fabric-wide (when Default Zone is set to Allow) or no communication (when Default Zone is set to Deny). It is not necessary to deactivate the active zone set before activating a new one.

To activate a zone set:

1. Select a switch or stack in the fabric tree.

2. Select Zoning > Activate Zoneset to open the Activate Zoneset dialog box.

3. If you selected a stack and the zoning database is not identical on all switches in the stack, choose a

switch from the Select Source Switch list. Changes that you make to this switch are distributed to the other switches in the stack.

4. If the current active zone set contains TR mappings, click Yes to acknowledge the warning about

re-mapping devices if they are not included in zone sets that will be activated later.

5. Select a zone set from the Select Zoneset drop-down list, and click Activate.

To deactivate the active zone set:

1. Select a switch or stack in the fabric tree.

2. Select Zoning > Deactivate Zoneset.

3. If the current active zone set contains TR mappings, click Yes to acknowledge the warning about

re-mapping devices if they are not included in zone sets that will be activated later.

4. Click Yes to acknowledge the warning about traffic disruption and confirm that you want to deactivate

the active zone set.

Renaming a zone set

To rename a zone set:

1. Select a switch or stack in the fabric tree.

2. Select Zoning > Edit Zoning to open the Edit Zoning window.

3. If you selected a stack and the zoning database is not identical on all switches in the stack, choose a

switch from the Select Source Switch list. Changes that you make to this switch are distributed to the other switches in the stack.

4. In the zone set tree of the Edit Zoning dialog box, click the zone set to be renamed, and select

Edit > Rename to open the Rename Zoneset dialog box.

5. Enter a new name for the zone set, and click OK.

6. Click Apply to open the Save Zoning and Error Check dialog box, which presents the following

options:

• Perform Error Check checks for zoning conflicts, such as empty zones, aliases, or zone sets. This

option is recommended before saving. If errors are found, click Close and correct the errors.

• Save Zoning save the changes to the zoning database with an option to activate a zone set. The

Zone set activation dialog box prompts you to activate a zone set. Click Yes to select and activate a zone set; click No to save the changes without activating a zone set.

• Close cancels the Apply operation without saving the changes.

7. Click Close to close the Save Zoning and Error Check dialog box.

8. Click Close to close the Edit Zoning dialog box.

58 Managing Fabric Zoning

Removing a zone set

Removing a zone set from the database affects the member zones in the following ways.

• Member zones that are members of other zone sets are not affected.

• Zones that are currently not in a zone set are considered to be part of the orphan zone set. The orphan

zone set is not an actual zone set, but rather a way of displaying the zones that are not currently in a zone set.

To remove a zone set:

1. Select a switch or stack in the fabric tree.

2. Select Zoning > Edit Zoning to open the Edit Zoning window.

3. If you selected a stack and the zoning database is not identical on all switches in the stack, choose a

switch from the Select Source Switch list. Changes that you make to this switch are distributed to the other switches in the stack.

4. In the zone set tree, select the zone set to be removed, and select Edit > Remove.

5. Click Yes to confirm the zone set removal.

6. Click Apply to open the Save Zoning and Error Check dialog box, which presents the following

options:

• Perform Error Check checks for zoning conflicts, such as empty zones, aliases, or zone sets. This option is recommended before saving. If errors are found, click Close and correct the errors.

• Save Zoning save the changes to the zoning database with an option to activate a zone set. The Zone set activation dialog box prompts you to activate a zone set. Click Yes to select and activate a zone set; click No to save the changes without activating a zone set.

• Close cancels the Apply operation without saving the changes.

7. Click Close to close the Save Zoning and Error Check dialog box.

8. Click Close to close the Edit Zoning dialog box.

Alternatively, you may right-click and use shortcut menus to remove a zone set from the database.

Managing zones

The following describes the zone management tasks.

Creating a zone in a zone set

To create a zone in a zone set:

1. Select a switch or stack in the fabric tree.

2. Select Zoning > Edit Zoning to open the Edit Zoning window.

3. If you selected a stack and the zoning database is not identical on all switches in the stack, choose a

switch from the Select Source Switch list. Changes that you make to this switch are distributed to the other switches in the stack.

4. In the zone set tree, select a zone set in which to create a zone.

5. Select Edit > Create a Zone to open the Create a Zone dialog box.

6. Enter a name for the new zone, and then click OK. A zone name must begin with a letter and be no

longer than 64 characters. Valid characters are 0–9, A–Z, a–z, _, ^, $, and -. The new zone name appears in the Zonesets dialog box.

7. Click OK.

NOTE: If you enter the name of a zone that already exists in the database, the Enterprise Fabric

Management Suite application asks if you would like to add that zone and its membership to the zone set.

HP StorageWorks 8/20q and SN6000 Fibre Channel Switch Enterprise Fabric Management Suite User Guide 59

8. To add switch ports or attached devices to the zone, choose one of the following options:

• In the zone set tree, select the zone set. In the graphic window, select the port to add to the zone.

Select Edit > Add Members.

• Select a port by switch port number, Fibre Channel address, or WWN in the Port/Device tree, and drag it into the zone.

• Select a port by switch port number, Fibre Channel address, or WWN in the Port/Device tree. Right-click the zone, and select Add Zone Members from the popup menu.

9. Click Apply to display the Save Zoning and Error Check dialog box, which presents the following

options:

• Perform Error Check checks for zoning conflicts, such as empty zones, aliases, or zone sets. This option is recommended before saving. If errors are found, click Close and correct the errors.

• Close cancels the Apply operation without saving the changes.

10. Click Close to close the Save Zoning and Error Check dialog box. 11 . Click Close to close the Edit Zoning dialog box.

Copying a zone to a zone set

To copy an existing zone and its membership from one zone set to another:

1. Select a switch or stack in the fabric tree.

2. Select Zoning > Edit Zoning to open the Edit Zoning window.

3. If you selected a stack and the zoning database is not identical on all switches in the stack, choose a

switch from the Select Source Switch list. Changes that you make to this switch are distributed to the other switches in the stack.

4. In the zone set tree, select the zone to copy, and drag it to the chosen zone set.

5. Click Apply to display the Save Zoning and Error Check dialog box, which presents the following

options:

• Perform Error Check checks for zoning conflicts, such as empty zones, aliases, or zone sets. This option is recommended before saving. If errors are found, click Close and correct the errors.

• Close cancels the Apply operation without saving the changes.

6. Click Close to close the Save Zoning and Error Check dialog box.

7. Click Close to close the Edit Zoning dialog box.

Adding zone members

You can zone a port/device by switch domain ID and port number, device port Fibre Channel address, or the device port WWN. Adding a port/device to a zone affects every zone set in which that zone is a member. To add ports/devices to a zone:

1. Select a switch or stack in the fabric tree.

2. Select Zoning > Edit Zoning to open the Edit Zoning window.

3. If you selected a stack and the zoning database is not identical on all switches in the stack, choose a

switch from the Select Source Switch list. Changes that you make to this switch are distributed to the other switches in the stack.

60 Managing Fabric Zoning

4. Choose one of the following options to add the port/device:

• Select a port/device in the Port/Device tree, and drag it into the zone. To select multiple

ports/devices, press and hold the Control key while selecting and dragging.

• Select a port/device in the Port/Device tree. To select multiple ports/devices, press and hold the

Control key while selecting. Select a zone set in the left pane. Select Edit > Add Members.

• Select a port/device in the Port/Device tree. To select multiple ports/devices, press and hold the

Control key while selecting. Select a zone set in the left pane, and then click Insert.

If the port/device you want to add is not in the Port/Device tree, you can add it by doing the following:

a. Right-click the selected zone. b. Select Edit > Create Members. c. Select the WWN, Domain/Port, or First Port Address option. d. Enter the hexadecimal value for the port/device according to the option selected: 16 digits for a

WWN member, 4 digits for a Domain/ Port member (in format: DDPP), or a 6-digit Fibre Channel Address for a First Port Address member (in format: DDPPAA), where DD=domain ID, PP=port number, and AA=AL_PA.

5. Click Apply to display the Save Zoning and Error Check dialog box, which presents the following

options:

• Perform Error Check checks for zoning conflicts, such as empty zones, aliases, or zone sets. This option is recommended before saving. If errors are found, click Close and correct the errors.

• Close cancels the Apply operation without saving the changes.

6. Click Close to close the Save Zoning and Error Check dialog box.

7. Click Close to close the Edit Zoning dialog box.

NOTE: Domain ID conflicts can result in automatic reassignment of switch domain IDs. These

reassignments are not reflected in zones that use a domain ID/port number pair to define their membership. Be sure to reconfigure zones that are affected by a domain ID change.

Renaming a zone

To rename a zone:

1. Select a switch or stack in the fabric tree.

2. Select Zoning > Edit Zoning to open the Edit Zoning window.

3. If you selected a stack and the zoning database is not identical on all switches in the stack, choose a

switch from the Select Source Switch list. Changes that you make to this switch are distributed to the other switches in the stack.

4. In the zone set tree of the Edit Zoning dialog box, select the zone to be renamed.

5. Select Edit > Rename to open the Rename Zone dialog box.

6. Enter a new name for the zone, and click OK.

7. Click Apply to display the Save Zoning and Error Check dialog box, which presents the following

options:

• Perform Error Check checks for zoning conflicts, such as empty zones, aliases, or zone sets. This option is recommended before saving. If errors are found, click Close and correct the errors.

• Save Zoning save the changes to the zoning database with an option to activate a zone set. The Zone set activation dialog box prompts you to activate a zone set. Click Yes, to select and activate a zone set; click No to save the changes without activating a zone set.

• Close cancels the Apply operation without saving the changes.

8. Click Close to close the Save Zoning and Error Check dialog box.

9. Click Close to close the Edit Zoning dialog box.

HP StorageWorks 8/20q and SN6000 Fibre Channel Switch Enterprise Fabric Management Suite User Guide 61

Removing a zone member

Removing a zone member affects every zone and zone set in which that zone is a member. To remove a member from a zone:

1. Select a switch or stack in the fabric tree.

2. Select Zoning > Edit Zoning to open the Edit Zoning window.

3. If you selected a stack and the zoning database is not identical on all switches in the stack, choose a

switch from the Select Source Switch list. Changes that you make to this switch are distributed to the other switches in the stack.

4. Select Edit > Remove to open the Remove dialog box.

5. Click Yes to remove the zone member.

6. Click Apply to display the Save Zoning and Error Check dialog box, which presents the following

options:

• Perform Error Check checks for zoning conflicts, such as empty zones, aliases, or zone sets. This option is recommended before saving. If errors are found, click Close and correct the errors.

• Close cancels the Apply operation without saving the changes.

7. Click Close to close the Save Zoning and Error Check dialog box.

8. Click Close to close the Edit Zoning dialog box.

Removing a zone from a zone set

To remove a zone from a zone set:

1. Select a switch or stack in the fabric tree.

2. Select Zoning > Edit Zoning to open the Edit Zoning window.

3. If you selected a stack and the zoning database is not identical on all switches in the stack, choose a

switch from the Select Source Switch list. Changes that you make to this switch are distributed to the other switches in the stack.

4. In the Edit Zoning dialog box, select the zone to be removed. The selected zone is removed from that

zone set only.

5. Select Edit > Remove to open the Remove dialog box.

6. Click Yes to remove the zone from the zone set.

7. Click Apply to display the Save Zoning and Error Check dialog box, which presents the following

options:

• Perform Error Check checks for zoning conflicts, such as empty zones, aliases, or zone sets. This option is recommended before saving. If errors are found, click Close and correct the errors.

• Close cancels the Apply operation without saving the changes.

8. Click Close to close the Save Zoning and Error Check dialog box.

9. Click Close to close the Edit Zoning dialog box.

Removing a zone from all zone sets

To remove a zone from all zone sets:

1. Select a switch or stack in the fabric tree.

2. Select Zoning > Edit Zoning to open the Edit Zoning window.

3. If you selected a stack and the zoning database is not identical on all switches in the stack, choose a

switch from the Select Source Switch list. Changes that you make to this switch are distributed to the other switches in the stack.

62 Managing Fabric Zoning

4. Select Edit > Delete Zone to open the Remove dialog box.

5. Click Yes to remove the zone from all zone sets.

6. Click Apply to display the Save Zoning and Error Check dialog box, which presents the following

options:

• Perform Error Check checks for zoning conflicts, such as empty zones, aliases, or zone sets. This option is recommended before saving. If errors are found, click Close and correct the errors.

• Close cancels the Apply operation without saving the changes.

7. Click Close to close the Save Zoning and Error Check dialog box.

8. Click Close to close the Edit Zoning dialog box.

Managing aliases

An alias is a collection of objects that can be zoned together. An alias is not a zone, and cannot have a zone or another alias as a member.

Creating an alias

To create an alias:

1. Select a switch or stack in the fabric tree.

2. Select Zoning > Edit Zoning to open the Edit Zoning window.

3. If you selected a stack and the zoning database is not identical on all switches in the stack, choose a

switch from the Select Source Switch list. Changes that you make to this switch are distributed to the other switches in the stack.

4. Select Edit > Create Alias to open the Create Alias dialog box.

5. Enter a name for the alias, and click OK. The alias name appears in the Zonesets dialog box. An alias

name must begin with a letter and be no longer than 64 characters. Valid characters are 0–9, A–Z, a–z, _, $, ^, and -.

6. Click Apply to display the Save Zoning and Error Check dialog box, which presents the following

options:

• Perform Error Check checks for zoning conflicts, such as empty zones, aliases, or zone sets. This option is recommended before saving. If errors are found, click Close and correct the errors.

• Close cancels the Apply operation without saving the changes.

7. Click Close to close the Save Zoning and Error Check dialog box.

8. Click Close to close the Edit Zoning dialog box.

Adding a member to an alias

You can add a port/device to an alias by domain ID and port number, device port Fibre Channel address, or the device port WWN. To add ports/devices to an alias:

1. Select a switch or stack in the fabric tree.

2. Select Zoning > Edit Zoning to open the Edit Zoning window.

3. If you selected a stack and the zoning database is not identical on all switches in the stack, choose a

switch from the Select Source Switch list. Changes that you make to this switch are distributed to the other switches in the stack.

HP StorageWorks 8/20q and SN6000 Fibre Channel Switch Enterprise Fabric Management Suite User Guide 63

4. Choose one of the following options to add the port/device:

• Select a port/device in the Port/Device tree, and drag it into the alias. To select multiple

ports/devices, press and hold the Control key while selecting.

• Select a port/device in the Port/Device tree. Click an alias to select multiple ports/devices, press

and hold the Control key while selecting. Select an alias. Select Edit > Add Members.

• Select a port/device in the Port/Device tree. To select multiple ports/devices, press and hold the

Control key while selecting. Select an alias, and then click Insert.

5. If the port/device you want to add is not in the Port/Device tree, you can add it by doing the following:

• Right-click the selected alias.

•Select Edit > Create Members.

• Select the WWN, Domain/Port, or First Port Address option.

• Enter the hexadecimal value for the port/device according to the option selected: 16 digits for a WWN member, 4 digits for a Domain/ Port member (DDPP), or a 6-digit Fibre Channel Address for a First Port Address member (DDPPAA), where DD=domain ID, PP=port number, and AA=AL_PA.

6. Click Apply to display the Save Zoning and Error Check dialog box, which presents the following

options:

• Perform Error Check checks for zoning conflicts, such as empty zones, aliases, or zone sets. This option is recommended before saving. If errors are found, click Close and correct the errors.

• Close cancels the Apply operation without saving the changes.

7. Click Close to close the Save Zoning and Error Check dialog box.

8. Click Close to close the Edit Zoning dialog box.

Removing an alias from all zones

To remove an alias from all zones:

1. Select a switch or stack in the fabric tree.

2. Select Zoning > Edit Zoning to open the Edit Zoning window.

3. If you selected a stack and the zoning database is not identical on all switches in the stack, choose a

switch from the Select Source Switch list. Changes that you make to this switch are distributed to the other switches in the stack.

4. Select Edit >Delete Alias to open the Remove dialog box.

5. Click Yes to remove the alias from all zones.

6. Click Apply to display the Save Zoning and Error Check dialog box, which presents the following

options:

• Perform Error Check checks for zoning conflicts, such as empty zones, aliases, or zone sets. This option is recommended before saving. If errors are found, click Close and correct the errors.

• Close cancels the Apply operation without saving the changes.

7. Click Close to close the Save Zoning and Error Check dialog box.

8. Click Close to close the Edit Zoning dialog box.

64 Managing Fabric Zoning

4 Managing Fabric Security

This chapter describes connection security and user account security concepts. It also describes the tasks to configure port security, device security, and RADIUS servers.

Connection security

Connection security provides an encrypted data path for switch management methods. The switch supports the Secure Shell (SSH) protocol for the command line interface and the Secure Socket Layer (SSL) protocol for management applications such as Enterprise Fabric Management Suite and Common Information Module (CIM). For information about enabling SSH, SSL, and CIM services, see ”Managing system

services” (page 97).

The SSL handshake process between the workstation and the switch involves the exchanging of certificates, which contain the public and private keys that define the encryption. The switch certificate is valid for one year beginning with its creation date and time. The workstation validates the switch certificate by comparing the workstation date and time to the switch certificate creation date and time. For this reason, it is important to synchronize the workstation and switch with the same date, time, and time zone. If you do not create a certificate, the switch automatically creates one.

Consider your requirements for connection security: for the command line interface (SSH), management applications such as Enterprise Fabric Management Suite (SSL), or both. If SSL connection security is required, also consider using the Network Time Protocol (NTP) to synchronize workstations and switches.

User account security

User account security is the process by which your user account and password are authenticated with the list of valid user accounts and passwords. The switch validates your account and password when you attempt to add a fabric using Enterprise Fabric Management Suite or log in to a switch through Telnet. Your system administrator defines accounts, passwords, and authority levels that are stored on the switch. For information about creating user accounts, see ”Managing user accounts” (page 79).

The Admin account has Admin authority, which grants full access to all tasks of the Enterprise Fabric Management Suite menu system. The switch validates your user account, and Enterprise Fabric Management Suite grants access to its menus. If you do not have Admin authority, you are limited to monitoring tasks.

NOTE: If an administrator changes user access rights and passwords, existing Enterprise Fabric

Management Suite, QuickTools, and CLI logins are not affected by the new settings. Login access and privileges are only checked for a new login request.

HP StorageWorks 8/20q and SN6000 Fibre Channel Switch Enterprise Fabric Management Suite User Guide 65

Port security

Port binding ties a specific device WWN to a physical port number. Using the Port Binding dialog box, you can enable/disable port binding for the port and add WWNs to the list of WWNs bound to the port. The dialog box displays the port binding data received from the switch for the selected port.

To bind a WWN to a port:

1. Select a switch in the fabric tree.

2. Select a port, and select Port > Port Binding to open the Port Binding dialog box (Figure 30).

3. Select a WWN in the WWN field, and click Add to place the WWN into the WWN List. You can

specify a maximum of 32 WWNs. To remove a WWN from the list, select the WWN, and click

Remove.

4. To enable port binding for the list of WWNs, check the Port Binding checkbox, and click OK.

NOTE: Enabling port binding for an empty WWN list will isolate the port.

Figure 30 Port Binding dialog box

Device security

Device security provides for the authorization and authentication of devices that you attach to a switch. You can configure a switch with a group of devices against which the switch authorizes new attachments by devices, other switches, or devices issuing management server commands.

Device security is configured through the use of security sets and groups. A group is a list of device World Wide Names that are authorized to attach to a switch. There are three types of groups: one for other switches (ISL), another for devices (Port), and a third for devices issuing management server commands (MS).

A security set is a set of up to three groups with no more than one of each group type. The orphan security set contains the security groups and members that do not belong to a security set. Activating a security set applies security to the switch or fabric. Only one security set can be active at one time.

An active security set with an ISL group allows changes to the security set to propagate to the other switches in the ISL group. ISL group WWN, domain ID, and configuration information (except secrets) propagate to the other switches in the ISL group so that all of the switches have the same security information. If fabric binding is enabled on the ISL group, WWNs and domain IDs are verified against the ISL group information before allowing a connection by another switch, providing another level of security.

66 Managing Fabric Security

Each switch maintains its own security database consisting of the active security set (if one has been activated), configured security sets, and groups. A switch may have more than one configured security set, but only one security set may be active. The security database has the following limits:

• Maximum number of security sets is 4.

• Maximum number of security groups is 16.

• Maximum number of members in a group is 1000.

• Maximum total number of group members is 1000.

Switches, devices, and users can be authenticated locally using the switch security database, or remotely using a Remote Authentication Dial-In User Service (RADIUS) server. With a RADIUS server, the security database for the entire fabric resides on the server. In this way, you can manage the security database centrally, rather than on each switch. For more information about RADIUS server, see ”Using RADIUS

servers” (page 74).

The device security options and menu selections are available only on the entry switch, and the entry switch must have a secure connection. To establish a secure connection, the SSL service must be enabled on the entry switch before you log in. For information about enabling the SSL service, see ”Managing

system services” (page 97).

You manage device security through the Edit Security dialog box (Figure 31). The Edit Security dialog box is available only on the entry switch, which must have a secure connection (SSL). To open the Edit Security dialog box:

1. Select the entry switch in the fabric tree.

2. Click Security on the toolbar, or select Security > Edit Security to open the Edit Security dialog box

(Figure 31).

Figure 31 Edit Security dialog box

Use the Edit menu options or popup menu options to access Edit Security dialog box options. These options enable you to manage the security database, manage security sets, and manage security groups and members. Select a security item in the graphic window, and select an option in the Edit menu, or right-click on a security item in the graphic window, and select an option from the popup menus.

Managing the security database

The following sections describe the security database management tasks.

HP StorageWorks 8/20q and SN6000 Fibre Channel Switch Enterprise Fabric Management Suite User Guide 67

Viewing the device security database

Device security information is available in the Configured Security data window and the Active Security data window. These data windows are available only on a secure (SSL enabled) entry switch. To establish a secure connection, the SSL service must be enabled on the entry switch before you log in. For information about enabling the SSL service, see ”Managing system services” (page 97).

The Configured Security data window (Figure 32) displays a graphical representation of all configured security sets, groups, and members in the security database. To open the Configured Security data window, click the Configured Security tab below the data window in the faceplate display.

Figure 32 Configured Security data window

The Active Security data window (Figure 33) displays a graphical representation of the active security set, its groups, and members in the security database. To open the Active Security data window, click the

Active Security tab below the data window in the faceplate display.

Figure 33 Active Security data window

68 Managing Fabric Security

To view the properties of a security set or security group:

1. Select the entry switch in the fabric tree.

2. Click Security on the toolbar, or select Security > Edit Security to open the Edit Security dialog box

(Figure 31).

3. Select a security set or security group, and select Edit > Properties to open the Properties dialog box.

Configuring the security data base

You can configure how the security database is applied to the switch and exchanged with the fabric through the security database parameters Auto Save and Fabric Binding Enabled. To configure the security database parameters:

1. Select the entry switch in the fabric tree.

2. Select Security > Edit Security Config to open the Security Config dialog box (Figure 34).

Figure 34 Security Config dialog box

• Auto Save enables or disables the saving of changes to the active security set in the switch non-volatile

security database.

•Enable Auto Save to save changes to the active security set in non-volatile memory on the switch. If

Auto Save is disabled, changes to the active security set are saved only to temporary memory and any updates from remote switches are not saved locally. If the local switch is reset, it may become isolated. Enable Auto Save when Fabric Binding is enabled.

•Enable Fabric Binding Enabled to enforce World Wide Name and domain ID matching with other

switches in the same ISL group. This prevents unauthorized switches from accessing the fabric. For information about specifying domain IDs for ISL group members, see ”Creating a security group

member” (page 73).

3. Click OK to save the settings and close the Security Config dialog box.

4. Click Apply to save the changes to the security database.

Saving the security database to a file

To save security database to a file:

1. Select the entry switch in the fabric tree.

2. Click Security on the toolbar, or select Security > Edit Security to open the Edit Security dialog box

(Figure 31).

3. Select File > Save As.

4. In the Save dialog box, enter a name and location for the security file (.xml extension), and click Save

to save the security database to a file.

5. In the File Password dialog box, enter a password, and click Yes to save the file with a password, or

click No to save the file without a password.

HP StorageWorks 8/20q and SN6000 Fibre Channel Switch Enterprise Fabric Management Suite User Guide 69

Restoring the security database from a file

To restore a security database from a file:

1. Select the entry switch in the fabric tree.

2. Click Security on the toolbar, or select Security > Edit Security to open the Edit Security dialog box

(Figure 31).

3. Select File > Open to open the Open dialog box.

4. Browse for and select a previously saved security database file, and click Open. The security database

appears in the Edit Security dialog box. You can now modify the security database as described in ”Managing security sets” (page 70) and ”Managing security groups and members” (page 72).

Resetting the security database

Resetting the security database removes all security sets and groups. To reset the security database:

1. Select the entry switch in the fabric tree.

2. Click Security on the toolbar, or select Security > Edit Security to open the Edit Security dialog box

(Figure 31).

3. Select Edit > Clear Security.

4. In the Remove All dialog box, click Yes to remove all security sets and groups; click no to cancel the

operation.

5. Click Apply to display the Save Security dialog box.

6. Click Save Security to apply changes to switch.

7. In the Security Set Activation dialog box, click Yes to save and activate the security set, or click No to

save the security set without activation.

8. Click Close to close the Save Security dialog box.

Managing security sets

This following describes the security set management tasks.

Creating a security set

To create a security set:

1. Select the entry switch in the fabric tree.

2. Click Security on the toolbar, or select Security > Edit Security to open the Edit Security dialog box

(Figure 31).

3. Choose one of the following methods to open the Create a Security Set dialog box:

•Click Security Set in the toolbar.

• Right-click in the graphic window, and select New Security Set from the popup menu.

•Select Edit > Create Security Set.

Figure 35 Create a Security Set dialog box

4. Enter a name for the security set, and click OK. A security set name can be up to 64 characters and

must begin with a letter. Valid characters are 0–9, A–Z, a–z, _, –, ^, and $.

5. Click Apply to display the Save Security dialog box.

6. Click Save Security to apply changes to switch.

7. In the Security Set Activation dialog box, click Yes to save and activate the security set, or click No to

save the security set without activation.

8. Click Close to close the Save Security dialog box.

70 Managing Fabric Security

Removing a security set

To remove a security set:

1. Select the entry switch from the fabric tree.

2. Click Security on the toolbar, or select Security > Edit Security to open the Edit Security dialog box

(Figure 31).

3. Select a security set, and select Edit > Remove Security Set. You cannot delete the orphan zone set.

4. Click Yes to confirm the security set removal.

5. Click Apply to display the Save Security dialog box.

6. Click Save Security to apply changes to switch.

7. Click Close to close the Save Security dialog box.

Renaming a security set

To rename a security set:

1. Select the entry switch from the fabric tree.

2. Click Security on the toolbar, or select Security > Edit Security to open the Edit Security dialog box

(Figure 31).

3. Select a security set, and select Edit > Rename Security Set to open the Rename a Security Set dialog

box.

4. Modify the name of the security set, and click OK.

5. Click Apply to display the Save Security dialog box.

6. Click Save Security to apply changes to switch.

7. In the Security Set Activation dialog box, click Yes to save and activate the security set, or click No to

save the security set without activation.

8. Click Close to close the Save Security dialog box.

Adding an existing group to a security set

To add an existing group to a security set:

1. Select the entry switch from the fabric tree.

2. Click Security on the toolbar, or select Security > Edit Security to open the Edit Security dialog box

(Figure 31).

3. Select a group in a security set, and click and drag the group into the target security set. This creates a

copy of the group in the target security set. For information about creating a new group in a security set, see ”Creating a security group” (page 72).

4. Click Apply to display the Save Security dialog box.

5. Click Save Security to apply changes to switch.

6. In the Security Set Activation dialog box, click Yes to save and activate the security set, or click No to

save the security set without activation.

7. Click Close to close the Save Security dialog box.

Removing a group from a security set

To remove a group from a security set:

1. Select the entry switch from the fabric tree.

2. Click Security on the toolbar, or select Security > Edit Security to open the Edit Security dialog box

(Figure 31).

3. Select a group in a security set, and select Edit > Remove Security Group from Set.

4. Click Yes to confirm the security group removal.

5. Click Apply to display the Save Security dialog box.

6. Click Save Security to apply changes to switch.

7. In the Security Set Activation dialog box, click Yes to save and activate the security set, or click No to

save the security set without activation.

HP StorageWorks 8/20q and SN6000 Fibre Channel Switch Enterprise Fabric Management Suite User Guide 71

8. Click Close to close the Save Security dialog box.

Removing a group from all security sets

To remove a group from all security sets:

1. Select the entry switch from the fabric tree.

2. Click Security on the toolbar, or select Security > Edit Security to open the Edit Security dialog box

(Figure 31).

3. Select a group in a security set, and select Edit > Remove Security Group from All Security sets.

4. Click Yes to confirm the security group removal.

5. Click Apply to display the Save Security dialog box.

6. Click Save Security to apply changes to switch.

7. In the Security Set Activation dialog box, click Yes to save and activate the security set, or click No to

save the security set without activation.

8. Click Close to close the Save Security dialog box.

Activating a security set

Only one security set can be active at one time. To activate a security set:

1. Select the entry switch from the fabric tree.

2. Click Security on the toolbar, or select Security > Activate Security Set to open the Activate Security Set

dialog box.

3. In the Activate Security Set dialog box, select a security set from the drop-down list, and click Activate.

Deactivating a security set

When you deactivate the active security set on a fabric in which fabric binding is enabled, device security is disabled on all switches in the fabric except the entry switch. To deactivate an active security set:

1. Select Security > Deactivate Security Set.

2. In the Deactivate dialog box, click Yes to confirm that you want to deactivate the active security set.

Managing security groups and members

The following describes the security group management tasks.

Creating a security group

To create a new group and add it to a security set:

1. Select the entry switch in the fabric tree.

2. Click Security on the toolbar, or select Security > Edit Security to open the Edit Security dialog box

(Figure 31).

3. Select a security set, and select Edit > Create a Security Group to open the Create A Security Group

dialog box (Figure 36).

Figure 36 Create a Security Group dialog box

4. Enter a name for the group, and click OK. A group name can be up to 64 characters and must begin

with a letter. Valid characters are 0–9, A–Z, a–z, _, –, ^, and $.

72 Managing Fabric Security

5. Select a security group type from the Security Group Type drop-down menu. A security set is limited to

one group of each type.

• ISL for secure connections to other switches

• Port for secure connections to devices

• MS for secure connections to devices that issue management server commands.

6. Click OK to save the change.

7. Click Apply to display the Save Security dialog box.

8. Click Save Security to apply changes to switch.

9. In the Security Set Activation dialog box, click Yes to save and activate the security set, or click No to

save the security set without activation.

10. Click Close to close the Save Security dialog box.

IMPORTANT: Activating a security set with an empty security group prevents all connections for that

security group type. For example, an empty ISL security group causes the switch to reject all logins from other switches.

Creating a security group member

To create a group member and add it to a security group:

1. Select the entry switch in the fabric tree.

2. Click Security on the toolbar, or select Security > Edit Security to open the Edit Security dialog box

(Figure 31).

3. Choose one of the following methods to open the Create a Security Group Member dialog box

(Figure 37):

• In the graphic window, select a security group, and click Security Member in the toolbar.

• Right-click on a security group, and select Create Members from the popup menu.

• In the graphic window, select a security group, and select Edit > Create Members.

Figure 37 Create a Security Group Member dialog box

4. Open the Group Member drop-down list, and select a node World Wide Name. The switch must be a

member of any group in which authentication is used. You can type a 16-character hex World Wide Name, or a 23-character WWN with the format xx:xx:xx:xx:xx:xx:xx:xx.

5. Open the Authentication drop-down list, and select the authentication protocol for that member: None

(zero bytes) or Chap (16 bytes).

6. If the authentication protocol is Chap, choose a primary hash algorithm and type a primary secret. You

can also click Generate to create a random primary secret. Re-type the primary secret in the Confirm Primary field.

7. If the authentication protocol is Chap, choose a secondary hash algorithm and type a secondary

secret. If the primary hash is not supported on the initiator, the secondary hash and secret are used.

HP StorageWorks 8/20q and SN6000 Fibre Channel Switch Enterprise Fabric Management Suite User Guide 73

You c an also click Generate to create a random secondary secret. Re-type the secondary secret in the Confirm Secondary field. If the initiator does not support either hash, the link becomes isolated.

8. For ISL groups when fabric binding is enabled (see ”Configuring the security data base” (page 69)), in

the Domain ID Binding field, enter the domain ID (1–239) for the switch. The WWN of the switch must correspond to the specified domain ID when attempting to enter the fabric, otherwise the switch becomes isolated.

9. Click OK to close the Create a Security Group Member dialog box.

10. Click Apply to display the Save Security dialog box. 11 . Click Save Security to apply changes to switch. 12 . In the Security Set Activation dialog box, click Yes to save and activate the security set, or click No to

save the security set without activation.

13 . Click Close to close the Save Security dialog box.

Modifying a security group member

To modify a group member:

1. Select the entry switch in the fabric tree.

2. Click Security on the toolbar, or select Security > Edit Security to open the Edit Security dialog box

(Figure 31).

3. Select a member, and select Edit > Edit security group member.

4. In the Edit a Security Group Member dialog box, make the necessary changes, and click OK.

5. Click Apply to display the Save Security dialog box.

6. Click Save Security to apply changes to switch.

7. In the Security Set Activation dialog box, click Yes to save and activate the security set, or click No to

save the security set without activation.

8. Click Close to close the Save Security dialog box.

Removing a member from a group

to remove a member from a group:

1. Select the entry switch in the fabric tree.

2. Click Security on the toolbar, or select Security > Edit Security to open the Edit Security dialog box

(Figure 31).

3. Select a member in a group, and select Edit > Remove Security Group Member.

4. Click Yes to confirm the group member removal.

5. Click Apply to display the Save Security dialog box.

6. Click Save Security to apply changes to switch.

7. In the Security Set Activation dialog box, click Yes to save and activate the security set, or click No to

save the security set without activation.

8. Click Close to close the Save Security dialog box.

Using RADIUS servers

Remote Authentication Dial In User Service (RADIUS) provides a method to centralize the management of authentication passwords in larger networks. It has a client/server model, where the server is the password repository and third party authentication point and the clients are all of the managed devices. You can configure RADIUS for just the switch, or both the switch and the initiator device, and user accounts. When using a RADIUS server, every switch in the fabric must have a network connection. You can configure up to five RADIUS servers to provide failover.

RADIUS authenticates users and devices using a challenge/response protocol. Basic implementations consist of a central RADIUS server containing a database of authorized users as well as authentication information. A RADIUS client wishing to verify the authenticity of a user issues a challenge to the user and collects the response to the challenge. This information is forwarded to the RADIUS server for authentication and the server responds with the results, either an accept or reject. The RADIUS client does not need to be configured with any user authentication information. All of this information resides on the

74 Managing Fabric Security

RADIUS server and can be managed centrally and separately from the clients. In addition, no passwords are exchanged between the RADIUS server and its clients. Authentication of requests from a RADIUS client to the server and responses from the server to a client can also be authenticated. This requires sharing a secret between the server and client. The accounting RADIUS supports the auditing of the users and switch services such as Telnet, FTP, and switch management applications.

NOTE: The RADIUS server dialog boxes are available only on a secure (SSL) fabric and on the entry

switch. For more information about SSL, see ”Connection security” (page 65). For information about the SSL service, see ”Managing system services” (page 97). You may need to configure a security set for RADIUS device security to be used in authenticating other switches. For information about configuring a security set, see ”Creating a security set” (page 70).

Adding a RADIUS server

When you add a RADIUS server, you provide a method to centralize the management of authentication passwords over a network.

Figure 38 Radius Server Information dialog box—Add server

To add a RADIUS server:

1. Select a switch in the fabric tree.

2. Select Switch > Radius Servers to open the Radius Server Information dialog box (Figure 38).

3. Click the Add Server tab, and select the server type (Device, User, Account).

4. In the Server Address field, enter the remote IP address of the server.

5. In the UDP Port field, enter the remote UDP port number of the Authentication Radius Server. The Radius

Accounting Server UDP port is the value of Device/User Authentication Server UDP Port plus one.

6. In the Timeout field, enter the timeout value in seconds (minimum of 1 second, maximum of 30

seconds). This is the number of seconds the RADIUS client waits for a response from the RADIUS server before retrying, or giving up on a request.

7. In the Retries field, enter the number of retries. This is the maximum number of times the RADIUS client

retries a request sent to the primary RADIUS server.

8. Select the Sign Packets option to enable the switch to include a digital signature

(Message-Authenticator) in all RADIUS access request packets sent to the RADIUS server. A valid Message-Authenticator attribute is required in all RADIUS server responses.

HP StorageWorks 8/20q and SN6000 Fibre Channel Switch Enterprise Fabric Management Suite User Guide 75

9. In the Secret field, enter the server secret. A secret is required for all RADIUS servers. The secret is used

when generating and checking the Message-Authenticator attribute.

10. Click Add Server to add the server. 11 . Click the Modify Authentication Order tab, and verify that Device Authentication Order and User

Authentication Order options are set to either Radius or Radius Local for Radius Authentication to be implemented.

• Local—Attempts to authenticate using the local switch password database.

• RADIUS—Attempts to authenticate using the RADIUS server (another computer that provides authentication).

• RADIUS Local—Attempts to authenticate using the RADIUS server first, then the local switch as a backup. If the switch cannot contact the RADIUS server due to a network or some other problem, the switch authenticates using the local password database (active security set).

12 . Click Modify Order to set the authentication order. 13 . Click Close to exit the dialog box.

Removing a RADIUS server

When you remove a RADIUS server, you disable the management of authentication user names and passwords over the network for that server.

Figure 39 Radius Server Information dialog box—Remove server

To remove a RADIUS server:

1. Select a switch in the fabric tree.

2. Select Switch > Radius Servers to open the Radius Server Information dialog box (Figure 39).

3. Click the Remove Server tab, and select the server to be removed in server list at the top of the dialog

box.

4. Click Remove Server to remove the server.

5. Click Close to exit the dialog box.

76 Managing Fabric Security

Editing RADIUS server information

Editing information of a RADIUS server involves changing the configuration of a RADIUS server.

Figure 40 Radius Server Information dialog box—Edit server

To edit information of a RADIUS server:

1. Select a switch in the fabric tree.

2. Select Switch > Radius Servers to open the Radius Server Information dialog box (Figure 40).

3. Click the Edit Server tab, and select the server to be edited In the server list at the top of the dialog box.

4. Make changes to the Server Address, UDP Port, Timeout, Retries, or Secret field.

5. Select the server type (Device, User, Account) and Sign Packets options.

6. Click Edit Server to save the changes.

7. Click Close to exit the dialog box.

HP StorageWorks 8/20q and SN6000 Fibre Channel Switch Enterprise Fabric Management Suite User Guide 77

Modifying authentication order RADIUS server information

Editing information of a RADIUS server involves changing the configuration of a RADIUS server.

Figure 41 Radius Server Information dialog box—Modify authentication order

To modify the authentication order information of a RADIUS server:

1. Select a switch in the fabric tree.

2. Select Switch > Radius Servers to open the Radius Server Information dialog box (Figure 41).

3. Click the Modify Authentication Order tab, and select the server to be modified in server list at the top

of the dialog box.

4. Make changes to the Device Authentication Order or User Authentication Order drop-down lists. Select

one of the following:

• Local—Attempts to authenticate using local switch password database.

• RADIUS—Attempts to authenticate using the RADIUS server (another computer that provides authentication).

5. Click Modify Order to save the changes, and then click Close to exit the dialog box.

78 Managing Fabric Security

5 Managing Switches

This chapter describes the tasks used to manage switches in the fabric. The switches supported by the Enterprise Fabric Management Suite application are:

• HP StorageWorks 8/20q Fibre Channel Switch

• HP StorageWorks SN6000 Single Power Supply Fibre Channel Switch

• HP StorageWorks SN6000 Dual Power Supply Fibre Channel Switch

Managing user accounts

Only the Admin account can manage user accounts with the User Account Administration dialog boxes. However, any user can modify their own password. To open a User Account Administration dialog box, select Switch > User Accounts.

A user account consists of the following data:

• Account name or login

• Password

• Authority level

• Expiration date

Switches come from the factory with the following user accounts:

• admin—Admin authority, never expires, password is password

• images—No Admin authority, never expires, password is images

The Admin account is the only user that can manage all user accounts with the User Account Administration dialog boxes. The Admin account can create, remove, or modify user accounts, and change account passwords. The Admin account can also view and modify the switch and its configuration with Enterprise Fabric Management Suite. The Admin account cannot be removed.

Users with Admin authority can use Enterprise Fabric Management Suite to view and modify the switch and its configuration. Users without Admin authority are limited to viewing only the switch status and configuration.

The Images account is used to exchange files with the switch using FTP. The Images account cannot be removed.

NOTE: If the same user account exists on a switch and its RADIUS server, that user can log in with either

password, but the authority and account expiration always come from the switch database.

HP StorageWorks 8/20q and SN6000 Fibre Channel Switch Enterprise Fabric Management Suite User Guide 79

Creating user accounts

A switch can have a maximum of 15 user accounts.

Figure 42 User Account Administration dialog box—Add account

To create a user account on a switch:

1. Select a switch or stack in the fabric tree.

2. Select Switch > User Accounts to open the User Account Administration dialog box. For a stack, select

Stack > User Accounts.

3. Click the Add Account tab to open the Add Account tab page (Figure 42).

4. If you selected a stack, choose a switch from the Initial Configuration drop-down list. Changes that you

make to this switch are distributed to the other switches in the stack.

5. Enter an account name in the New Account Login field. Account names are limited to 15 characters.

The first character must be alphanumeric.

6. If the account is to have the ability to modify switch configurations, select the Admin Authority Enabled

option.

7. Enter a password in the New Password field and enter it again in the Verify Password field. A password

must have a minimum of 8 characters and no more than 20.

8. If this account is to be permanent with no expiration date, select the Permanent Account option.

Otherwise, click Account Will Expire and enter the number days in which the account will expire.

9. Click Add Account to add the newly defined account.

10. Click Close to close the User Account Administration dialog box.

Removing a user account

To remove a user account on a switch:

1. Select a switch or stack in the fabric tree.

2. Select Switch > User Accounts to open the User Account Administration dialog box. For a stack, select

Stack > User Accounts.

3. Click the Remove Account tab to open the Remove Account tab page (Figure 43).

4. If you selected a stack, choose a switch from the Initial Configuration drop-down list. Changes that you

make to this switch are distributed to the other switches in the stack.

5. Select the account (Login) name from the list of accounts at the top of the dialog box.

6. Click Remove Account.

80 Managing Switches

7. Click Close to close the User Account Administration dialog box.

Figure 43 User Account Administration dialog box—Remove account

Changing a user account password

A user can change the password for their account, but only the Admin account user can change the password for another user’s account. If the user’s original password is not known, the Admin account user must remove the account and then add the account with the new password.

To change the password for an account on a switch:

1. Select a switch or stack in the fabric tree.

2. Select Switch > User Accounts to open the User Account Administration dialog box. For a stack, select

Stack > User Accounts.

3. Click the Change Password tab to open the Change Password tab page (Figure 44).

4. If you selected a stack, choose a switch from the Initial Configuration drop-down list. Changes that you

make to this switch are distributed to the other switches in the stack.

5. Select the account (Login) name from the list of accounts at the top of the dialog box.

6. Enter the old password and the new password, and then verify the new password in the corresponding

fields.

7. Click Change Password.

HP StorageWorks 8/20q and SN6000 Fibre Channel Switch Enterprise Fabric Management Suite User Guide 81

8. Click Close to close the User Account Administration dialog box.

Figure 44 User Account Administration dialog box—Change password

Modifying a user account

To modify a user account on a switch:

1. Select a switch or stack in the fabric tree.

2. Select Switch > User Accounts to open the User Account Administration dialog box. For a stack, select

Stack > User Accounts.

3. Click the Modify Account tab to display the Modify Account dialog box (Figure 45).

4. If you selected a stack, choose a switch from the Initial Configuration drop-down list. Changes that you

make to this switch are distributed to the other switches in the stack.

5. Select the account (login) name from the list of accounts at the top of the dialog box.

6. Select the Admin Authority Enabled option to grant admin authority to the account name.

7. Select an Account Expiration Date option (Permanent account or Account will expire in). If the account

is not to be permanent, enter the number of days until the account expires.

8. Click Modify Account to save the changes.

82 Managing Switches

9. Click Close to close the User Account Administration dialog box.

Figure 45 User Account Administration dialog box—Modify account

Viewing switch information

The faceplate and backplate displays and data windows provide the following switch information:

• Device and HBA information

• Switch specifications and addresses

• Configuration parameters

• Port information and performance statistics

• Configured zone sets

• Configured and active security

• Link information

• Mouse-overs display popup-like information when you rest the cursor over key elements, such as ports,

and LEDs.

The fabric updates the topology and faceplate displays by forwarding changes in status to the management workstation as they occur. You can allow the fabric to update the switch status, or you can refresh the display at any time. To refresh switch status in the display, do one of the following:

• Click Refresh.

• Select View > Refresh.

• Press the F5 key.

• Right-click a switch in the topology display, and select Refresh Switch from the popup menu.

• Right-click in the graphic window of the faceplate display, and select Refresh Switch from the popup

menu.

The Switch data window and the Stack Links data window are described in detail in the following sections.

HP StorageWorks 8/20q and SN6000 Fibre Channel Switch Enterprise Fabric Management Suite User Guide 83

Switch data window

The Switch data window (Figure 46) displays the current network and switch information for the selected switch. To open the Switch data window, click the Switch tab below the data window.

Figure 46 Switch data window

Information in the Switch data window is grouped and accessed by the Summary, Status, Network, User Login, Firmware, Services, Zones/Security, and Advanced buttons. Click a button to display the switch

information for the selected data category (Figure 46). The Switch data window buttons are identified in

Figure 47.

Figure 47 Switch data window buttons

The Switch data window fields are described in Table 11.

Table 11 Switch data window fields

Field Description

Summary Group

Switch Type Switch model

84 Managing Switches

Table 11 Switch data window fields (continued)

Field Description

First Port Address Switch Fibre Channel address

World Wide Name Switch World Wide Name

Serial Number Number assigned to each chassis

Reason for Status Reason for the operational state

Vendor Switch manufacturer

MAC Address Media Access Control address

Negotiated Domain ID Domain ID currently being used by the fabric

Configured Domain ID Domain ID, defined by network administrator

Domain ID Lock Domain ID lock status. Prevents (True) or permits (False) dynamic

domain ID reassignment.

Number of Ports Number of physical ports on the switch

Operational State Switch operational state: Online, Offline, Diagnostic, Down

Administrative State Current switch administrative state

Configured Admin State Administrative state that is stored in the switch configuration

Beacon Status Switch LEDs are blinking (On) or not blinking (Off).

Status Group

Operational State Switch operational state: Online, Offline, Diagnostic, Down

Administrative State Current switch administrative state

Configured Admin State Administrative state that is stored in the switch configuration

Beacon Status Beacon status. Switch LEDs are blinking (On) or not blinking (Off).

Reason for Status Reason for the operational state

Temperature Internal switch temperature °C

Fan 1 Status Fan 1 operational status (dual power supply model only)

Fan 2 Status Fan 2 operational status (dual power supply model only)

Fan 3 Status Not applicable

Power Supply 1 Status Power supply 1 operational status

Power Supply 2 Status Power supply 2 operational status (dual power supply model only)

Temperature Failure Port Shutdown

Non-configurable (always enabled for this switch). All ports are shut down when the switch temperature exceeds the Failure Temperature.

Warning Temperature Non-configurable temperature threshold, above which a warning

condition alarm is generated

Failure Temperature Non-configurable temperature threshold, above which a failure

condition alarm is generated

POST Status Current diagnostic state of the switch

POST Fault Code Code value for the last recorded diagnostic test result recorded on the

switch

Test Status Current diagnostic test status of switch

HP StorageWorks 8/20q and SN6000 Fibre Channel Switch Enterprise Fabric Management Suite User Guide 85

Table 11 Switch data window fields (continued)

Field Description

Test Fault Code Code value for the last recorded diagnostic test status recorded on

the switch

Network Group

IPv4 Enabled Internet Protocol version 4 Enabled or Disabled

IPv4 Address Internet Protocol version 4 address

IPv4 Subnet Mask Mask that determines the IP address subnet

IPv4 Gateway Gateway address

IPv6 Enabled Internet Protocol version 6 Enabled or Disabled

IPv6 Address Mask that determines the IP address subnet

IPv6 Gateway Gateway address

SNMP Enabled SNMP Enabled or Disabled

SNMP v3 Security Enabled SNMP v3 Security Enabled or Disabled

Broadcast Support Broadcast support status. Broadcast support is enabled (default) or

disabled.

NTP Client Enabled NTP Client Enabled or Disabled. If Enabled, this parameter enables

switches to synchronize their time to a centralized server.

NTP Server Address IP address of the centralized NTP server. Ethernet connection to NTP

server is required.

DNS Enabled Domain Name Service Enabled or Disabled

Configured Local Hostname Requested hostname for the switch. If a fully qualified domain name is

given, the domain suffix is used as the first suffix in the DNS search list for DNS lookups performed by the switch.

Assigned Hostname Actual hostname for the switch. If a fully qualified domain name is

given, the domain suffix is used as the first suffix in the DNS search list for DNS lookups performed by the switch.

IPv6 Assigned Address (1–20) The set of IPv6 addresses assigned by DHCP v6, NDP, or the switch

administrator

User Login Group

User Name Account name

Super User Super user privileges Enabled or Disabled

UserAuthentication Enabled Enforcement of account names and authority (always True)

Firmware Group

Firmware Version Active firmware version

Inactive Firmware Version This field does not apply to this switch

Pending Firmware Version Firmware version that is activated at the next reset

PROM/Flasher Version Installed version of PROM firmware

86 Managing Switches

Table 11 Switch data window fields (continued)

Field Description

Services Group

NTP Client Enabled Enables switches to synchronize their time to a centralized server.

Enabled or Disabled.

NTP Server Address IP address of the centralized NTP server. Ethernet connection to NTP

server is required.

FDMI Enable Fabric Device Management Interface status. If enabled, device

information can be obtained, managed, and saved through the fabric using Name Service Management Server functions. If FDMI is Enabled on the entry switch, Enterprise Fabric Management Suite reports all FDMI information reported by the entry switch.

FDMI HBA Entry Limit Maximum number of HBAs that can be registered with a switch

Embedded GUI Enabled Web applet status. Indicates whether the web applet on the switch is

Enabled or Disabled.

Inactivity Timeout Number of minutes the switch waits before terminating an idle

command line interface (CLI) session. Zero (0) disables the timeout threshold.

GUI Mgmt Enabled Web applet status. If this option is disabled, the switch cannot be

managed using the web applet.

Telnet Enabled Telnet client status Enabled or Disabled

SSH Enabled Secure Shell status. If Enabled, an encrypted data path is provided

for command line interface sessions.

SSL Enabled Secure Sockets Layer status. If enabled, encryption for switch

management web applet and CIM sessions is provided.

CIM Enabled Common Interface Model status. The CIM agent is based on the

Storage Networking Industry Association (SNIA) Storage Management Initiative Specification (SMI-S), which is the standard for SAN management in a heterogeneous environment.

FTP Enabled FTP status Enabled or Disabled

Management Server Enabled Management server status Enabled or Disabled

SNMP Enabled SNMP status, Enabled or Disabled

Call Home Enabled Call Home status. If enabled and configured, switches can send alerts

to pagers and email. Users can configure the type of events and where the alerts are sent.

Zones/Security Group

Interop Mode Standard

Legacy Address Format None

Merge Auto Save If enabled, any zoning updates from the fabric are saved in

permanent (non-volatile) memory as well as temporary memory. if disabled, any zoning updates from the fabric are saved only in temporary memory and are lost after a switch reset.

Default Zone Enables or disables communication between ports and devices not

defined in the active zone set, or when there is no active zone set

HP StorageWorks 8/20q and SN6000 Fibre Channel Switch Enterprise Fabric Management Suite User Guide 87

Table 11 Switch data window fields (continued)

Field Description

Discard Inactive Automatically removes the previously active zone set when a zone set

is activated on a switch

Implicit Hard Zoning Introduces hardware enforcement of zoning regardless of type. All

zones and all supported zone member types have hardware enforcement.

Security Auto Save Enable to automatically save security settings to permanent memory

on the switch

Security Fabric Binding Enabled If Enabled, the expected domain ID of a switch is required before the

switch can be attached to the fabric.

Advanced Group

R_A_TOV Resource allocation timeout value (in milliseconds)

E_D_TOV Error detect timeout value (in milliseconds)

Number of Donor Groups Total number of donor port groups. A donor group is a set of ports on

a switch that can donate buffer credits to one another.

Inactivity Timeout Number of minutes the switch waits before terminating an idle

command line interface session. Zero (0) disables the time out threshold.

Interop Mode Standard

Legacy Address Format None

In-band Enabled In-band management status. Permits (True) or prevents (False) a switch

from being managed over an ISL.

Principal Switch If there is a domain ID conflict in the fabric, the switch with the highest

principal priority (the principal switch) reassigns any domain ID conflicts and establish the fabric.

88 Managing Switches

Stack Links data window

The Stack Links data window displays information about all switch links for a stack of switches in the faceplate display. This information includes the switch names, the port number at the end of each link, and the link status icon. To open the Stack Links data window, click a stack icon in the fabric tree, and click the

Stack Links tab below the data window in the stack faceplate display.

Figure 48 Stack Links data window

The Stack Links data window fields are described in Table 12.

Table 12 Stack Links data window

Field Description

Status Icon depicting current link status

Switch 1 The first switch discovered in the fabric, and the port to

which the ISL is connected

Switch 2 The second switch discovered in the fabric, and the port to

which the ISL is connected

HP StorageWorks 8/20q and SN6000 Fibre Channel Switch Enterprise Fabric Management Suite User Guide 89

Configuring port threshold alarms

You can configure the switch to generate alarms for selected events. Configuring an alarm involves the following:

• Choosing an event type

• Specifying rising and falling triggers

• Specifying a sample window

• Enabling or disabling the alarm

To configure port threshold alarms:

1. Select a switch in the fabric tree.

2. Select Switch > Port Threshold Alarm Configuration to open the Port Threshold Alarm Configuration

dialog box (Figure 49).

Figure 49 Port Threshold Alarm Configuration dialog box

3. Select the Enable All Port Threshold Alarms option to enable monitoring for all the individual alarm

types that are enabled. The Enable All Port Threshold Alarms option is the master control for the individual alarms. For example, the switch monitors CRC errors only if both the CRC Error Enable and

Enable All Port Threshold Alarms options are selected.

4. Select an event type from the Port Threshold Alarm drop-down list. Choose from the following options:

• CRC error monitoring

• Decode errors monitoring

• ISL monitoring

• Login monitoring

• Logout monitoring

• Loss of signal monitoring

5. Select the Enable option to make the alarm eligible for use.

6. Enter a value for the rising trigger. A rising trigger alarm is generated when the event count per interval

exceeds the rising trigger. The switch does not generate another rising trigger alarm for that event until the count descends below the falling trigger and rises again above the rising trigger. Consider the example in Figure 50.

7. Enter a value for the falling trigger. A falling trigger alarm is generated when the event count per

interval descends below the falling trigger.

90 Managing Switches

NOTE: The switch downs a port if a rising trigger alarm is not cleared after three consecutive sample

Rising Trigger

Falling Trigger

Event Count

Sample Window

Generate falling trigger alarm; eligibility is reset

Generate rising trigger alarm; eligibility ends

windows.

Figure 50 Port threshold alarm example

8. Enter a sample window in seconds. The sample window defines the period of time in which to count

events.

9. Repeat steps 3 through 7 for each alarm you want to configure or enable.

10. Click OK to save all changes.

Paging a switch

You can use the Beacon feature to page a switch. The Beacon feature causes all Logged-In LEDs to flash, making them easier to recognize. To page a switch:

1. Select a switch in the fabric tree.

2. Select Switch > Toggle Beacon.

To cancel the beacon, reselect Toggle Beacon.

Setting the date/time and enabling NTP client

The Date/Time dialog box (Figure 51) enables you to manually set the date, time, and time zone on a switch, or to enable NTP (Network Time Protocol) Client to synchronize the date and time on the switch with an NTP server. Enabling the NTP Client, which requires an Ethernet connection to an NTP server, ensures the consistency of date and time stamps in alarms and log entries. Although the date/time is set or displayed in the firmware in Universal Time, when displayed in the Date/Time dialog box, the value is always in local time.

If you select the NTP Client Enabled option (the default is deselected):

• Date and Time areas become active, and you are prevented from manually setting the date and time

on the switch.

• NTP Server Discovery and NTP Server IP Address fields become active, and you can select a discovery

method.

HP StorageWorks 8/20q and SN6000 Fibre Channel Switch Enterprise Fabric Management Suite User Guide 91

The NTP Server Discovery and NTP Server IP Address fields become active, and allow you to select a discovery method (Static, DHCP, DHCPv6) and to specify an IP address (IPv4 or IPv6).

Figure 51 Date/Time dialog box

To manually set the date and time on a switch:

1. Select a switch or a stack in the fabric tree.

2. Select Switch > Set Date/Time to open the Date/Time dialog box. For a stack, select Stack > Set

Date/Time.

3. If you selected a stack, choose a switch from the Initial Configuration drop-down list. Changes that you

make to this switch are distributed to the other switches in the stack.

4. In the NTP area of the Date/Time dialog box, clear the NTP Client Enabled checkbox. The fields in the

Date and Time areas become active.

5. Select the month, day, year, hour, minutes, and time zone from the drop-down lists.

6. Click OK. The new date and time take effect immediately.

To synchronize the date and time on the switch with an NTP server:

1. Select a switch or a stack in the fabric tree.

2. Select Switch > Set Date/Time to open the Date/Time dialog box. For a stack, select Stack > Set

Date/Time.

3. If you selected a stack, choose a switch from the Initial Configuration drop-down list. Changes that you

make to this switch are distributed to the other switches in the stack.

4. In the NTP area of the Date/Time dialog box, select the NTP Client Enabled checkbox. The fields in the

Date and Time areas become inactive.

5. Select a time zone from the Select Time Zone drop-down list.

6. Select an NTP Server Discovery option from the drop-down list.

7. Enter an NTP Server IP Address (IPv4 or IPv6).

8. Click OK.

92 Managing Switches

Resetting a switch

Resetting a switch reboots the switch using the configuration parameters in memory. Depending on the reset type, a switch reset may include a Power On Self Test (POST) and may disrupt traffic. Table 13 describes the types of switch resets.

Table 13 Switch resets

Reset Type Description

Hot Reset Resets a switch without a Power On Self Test. This reset activates the

Reset Resets a switch without a Power On Self Test. This reset activates the

Hard Reset Resets a switch with a Power On Self Test. This reset activates the pending

IMPORTANT: If performing a Reset or a Hard Reset, the support files, the firmware image files that have

not been unpacked, and the configuration backup files that were created on the switch are deleted.

pending firmware, but does not disrupt switch traffic. Fabric services are unavailable for a short period (30–75 seconds, depending on switch model). If errors are detected on a port during a hot reset, the port is reset automatically.

pending firmware and it is disruptive to switch traffic.

firmware and it is disruptive to switch traffic.

To reset a switch or a stack:

1. Select a switch or a stack in the fabric tree.

2. Select Switch > Reset Switch for a switch, or Stack > Reset Switch for a stack, and then choose Hot

Reset, Reset, or Hard Reset.

3. Click Yes to continue; click No to cancel the reset.

Configuring a switch

Switch configuration consists of chassis configuration, network configuration, and SNMP configuration.

• Chassis configuration specifies switch-wide Fibre Channel settings.

• Network configuration specifies IP and DNS settings.

• SNMP configuration specifies SNMP settings, SNMP traps, and SNMP security.

Using the configuration wizard

Use the configuration wizard to configure the IP address, password, and other parameters for new or replacement switches. To start the configuration wizard, select Wizards > Configuration Wizard.

Switch properties

Use the Switch Properties dialog box to change the following switch configuration parameters:

• Domain ID and Domain ID Lock

• Syslog

• Symbolic name

• Switch administrative state

• Broadcast support

• In-band management

• Fabric Device Management Interface (FDMI)

HP StorageWorks 8/20q and SN6000 Fibre Channel Switch Enterprise Fabric Management Suite User Guide 93

To open the Switch Properties dialog box (Figure 52), choose one of the following options:

• Open the faceplate display for the switch you are configuring, and then select Switch > Switch

Properties.

• Right-click a switch graphic in the faceplate display, and then select Switch Properties from the popup

menu.

Figure 52 Switch Properties dialog box

Domain ID and Domain ID lock

Syslog

The domain ID is a unique Fibre Channel identifier for the switch. The Fibre Channel address consists of the domain ID, port ID, and the Arbitrated Loop Physical Address (AL_PA).

Switches come from the factory with the domain IDs unlocked. This means that if there is a domain ID conflict in the fabric, the switch with the highest principal priority, or the principal switch, reassigns any domain ID conflicts and establishes the fabric. If you lock the domain ID on a switch and a domain ID conflict occurs, one of the switches isolates as a separate fabric and the Logged-In LEDs on both switches flash to show the affected ports. For information about the Domain ID Lock and Principal Priority parameters, see the HP StorageWorks 8/20q Fibre Channel Switch Command Line Interface Guide or the HP StorageWorks SN6000 Fibre Channel Switch Command Line Interface Guide.

If you connect a new switch to an existing fabric with its domain ID unlocked, and a domain conflict occurs, the new switch is isolated as a separate fabric. However, you can remedy this by resetting the new switch or taking it offline then back online. The principal switch reassigns the domain ID and the switch joins the fabric.

NOTE: Domain ID reassignment is not reflected in zoning that is defined by domain ID and port number

pair. You must reconfigure zones that are affected by domain ID reassignment.

The Syslog (Remote Logging) feature enables saving the log information to a remote host that supports the syslog protocol. When enabled, the log entries are sent to the syslog host at the IP address that you specify in the Logging Host IP Address field. Log entries are saved in the internal switch log, whether this feature is enabled or not.

To save log information to a remote host, you must edit the syslog.conf file (located on the remote host) and then restart the syslog daemon. Consult your operating system documentation for information on how to configure Remote Logging. The syslog.conf file on the remote host must contain an entry that specifies the name of the log file in which to save error messages. Add the following line to the syslog.conf file:

local0.info <tab> /var/adm/messages.name

A <tab> separates the selector field (local0.info) and action field which contains the log file path name in the format /var/adm/messages/messages.name.

94 Managing Switches

Symbolic name

The symbolic name is a user-defined name of up to 32 characters that identifies the switch. The symbolic name is used in the displays and data windows to help identify switches. The following characters may not be used in the symbolic name: pound sign (#), semi-colon (;), and comma (,).

Switch administrative states

The switch administrative state determines the operational state of the switch. The switch administrative state exists in two forms: configured administrative state and current administrative state.

The configured administrative state is the state that is saved in the switch configuration and is preserved across switch resets. Enterprise Fabric Management Suite always makes changes to the configured administrative state. The configured administrative state appears in the Switch Properties dialog box.

The current administrative state is the state that is applied to the switch for temporary purposes and is not retained across switch resets. The current administrative state is set using the Set Switch command. For information about the command line interface, see the HP StorageWorks 8/20q Fibre Channel Switch

Command Line Interface Guide or the HP StorageWorks SN6000 Fibre Channel Switch Command Line Interface Guide.

The switch administrative state values are:

• Online—Switch is available.

• Offline—Switch is unavailable.

• Diagnostics—Switch is in diagnostics mode, is unavailable, and tests can be run on all ports of the

switch.

Broadcast support

Broadcast is supported on the switch and enables TCP/IP support. Broadcast is implemented using the proposed standard specified in Multi-Switch Broadcast for FC-SW-3, T11 Presentation Number T11/02-031v0. Fabric Shortest Path First (FSPF) is used to set up a fabric spanning tree used in transmission of broadcast frames. Broadcast frames are retransmitted on all ISLs indicated in the spanning tree and all online N_Ports and NL_Ports. Broadcast zoning is supported with zones. The default setting is Enabled.

In-band management

In-band management is the ability to manage switches across inter-switch links. Enterprise Fabric Management Suite, SNMP, management server, and the application programming interface use the in-band management capability. The switch comes from the factory with in-band management enabled. If you disable in-band management on a particular switch, you can no longer communicate with that switch by means other than a direct Ethernet or serial connection.

Fabric device management interface

Fabric Device Management Interface (FDMI) provides a means to gather and display device information from the fabric and enables FDMI-capable devices to register certain information with the fabric, when FDMI is Enabled. Enterprise Fabric Management Suite reports any and all FDMI information reported by the entry switch, if FDMI is enabled on the entry switch. To view FDMI data, FDMI must be enabled on the entry switch and on all other switches in the fabric which are to report FDMI data.

FDMI is comprised of the fabric-to-device interface and the application-to-fabric interface. The fabric-to-device interface enables a device’s management information to be registered. The application-to-fabric interface provides the framework by which an application obtains device information from the fabric. Use the FDMI HBA Entry Limit field on the Switch Properties dialog box to configure the maximum number of HBAs that can be registered with a switch. If the number of HBAs exceeds the maximum number, the FDMI information for those HBAs cannot be registered.

Select the FDMI Enabled option on the Switch Properties dialog box to enable or disable FDMI. If FDMI is enabled on an HBA, the HBA forwards information about itself to the switch when the HBA logs into the switch. If FDMI is Enabled on a switch, the switch stores the HBA information in its FDMI database. Disabling FDMI on a switch clears the FDMI database. If you disable FDMI on a switch and then re-enable it, you must reset the ports to cause the HBAs to log in again, and thus forward HBA information to the switch.

HP StorageWorks 8/20q and SN6000 Fibre Channel Switch Enterprise Fabric Management Suite User Guide 95

To view detailed FDMI information for a device, click the Devices tab, and click (i) in the Details column of the Devices data window. The Detailed Devices Display dialog box displays the specific information for that device. For more information, see ”Devices data window” (page 39).

Advanced switch properties (timeout values)

The Advanced Switch Properties dialog box (Figure 53) enables you to set the timeout values for all ports on the switch, and is available only on the entry switch. The timeout values must be the same for all switches in the fabric.

IMPORTANT: Timeout values should not be changed unless absolutely necessary. You must place the

switch offline to change these values.

To change timeout values:

1. Select the entry switch in the fabric tree.

2. Select Switch > Switch Properties to open the Switch Properties dialog box (Figure 52).

3. Select Offline in the Administrative State field, and click OK. When the application confirms that the

change has been applied, proceed.

4. Select Switch > Advanced Switch Properties to open the Advanced Switch Properties dialog box

(Figure 53).

Figure 53 Advanced Switch Properties dialog box

5. Make changes to the R_A_TOV and E_D_TOV switch timeout values:

• R_A_TOV (Resource Allocation Timeout)—The maximum time a frame could be delayed and still be

delivered. The default is 10000 milliseconds.

• E_D_TOV (Error Detect Timeout)—The maximum round trip time that an operation between two

N_Ports could require. The default is 2000 milliseconds.

6. Click OK to put the new values into effect.

7. Select Switch > Switch Properties to open the Switch Properties dialog box.

8. Select Online in the Administrative State drop-down list, and click OK to place the switch back online.

9. Repeat this procedure on every switch in the fabric to ensure that all timeout values are the same.

96 Managing Switches

Managing system services

The System Services dialog box (Figure 54) provides a central location for you to enable or disable any of the external user services such as Simple Network Management Protocol (SNMP), embedded web applet, command line interface, Network Time Protocol (NTP), Common Information Model (CIM), and Call Home. To display the System Services dialog box, select Switch > Services.

Figure 54 System Services dialog box

IMPORTANT: Use caution when disabling the Embedded GUI, GUI Mgmt, and Telnet, as it is possible to

disable all access to the switch except through a serial connection.

The following system services are available:

• Embedded GUI (Graphical User Interface)—Enables users to point a browser at the switch and use the

Enterprise Fabric Management Suite application.

• GUI Mgmt—Enables out-of-band management of the switch from the switch management application

(GUI). If this service is disabled, the switch cannot be specified as the entry switch for a fabric in the GUI, but can still be managed through an in-band connection.

• SSL (Secure Sockets Layer)—Enables secure encrypted communications between the switch

management application (GUI) and the switch. SSL must be enabled to configure device security and RADIUS servers. SSL certificates are generated on the switch with the switch date/time and validated with the workstation’s date/time. If the switch and workstation date/time are not synchronized, invalid certificates are generated and prevent an SSL connection from being established between the switch and switch management application (GUI). After enabling the SSL service, you must then log off the fabric and log on again to establish a secure connection. To disable SSL when using a user authentication RADIUS server, the RADIUS authentication order must first be set to Local.

• Telnet (Command line interface)—Enables users to manage the switch through a Telnet command line

interface session. Disabling Telnet access to the switch is not recommended.

• SSH (Secure SHell)—Enables secure encrypted Telnet command line interface sessions with the switch.

To manage a switch over a secure Telnet connection, the SSH service must be enabled, and an SSH client must be running on your workstation.

• SNMP (Simple Network Management Protocol)—Enables management of the switch through

third-party applications that use SNMP.

HP StorageWorks 8/20q and SN6000 Fibre Channel Switch Enterprise Fabric Management Suite User Guide 97

• NTP (Network Time Protocol)—Enables the switch to obtain its time and date settings from an NTP

server. Configuring NTP on all of your switches and your workstations synchronizes the date/time settings across the fabric and prevents difficulties with SSL certificates and event logs.

• CIM (Common Information Model)—Enables management of the switch through third-party

applications that use CIM.

• FTP (File Transfer Protocol)—Enables file transfers to the switch using FTP. FTP is required for out-of-band

firmware uploads, which complete faster than in-band firmware uploads.

• Management Server—Enables management of the switch through third-party applications that use the

GS-3 Management Server.

• Call Home—Enables you to configure switches and send alerts and events to email addresses or

pagers. This email-based Call Home cannot be used to contact HP Services. Call Home to HP Services can be accomplished using HP Service Essentials Remote Support Pack as described in the HP

StorageWorks 8/20q Fibre Channel Switch Installation and Reference Guide or HP StorageWorks SN6000 Fibre Channel Switch Installation and Reference Guide.

Managing switch stacks

The Enterprise Fabric Management Suite application recognizes switches as a stack if they are connected by their high-speed XPAK stacking ports. Enterprise Fabric Management Suite auto-detects switches connected by their XPAK ports and displays these stacked switches as a single stack entity in the faceplate display (Figure 48).

The graphic window (upper right pane of the faceplate display) displays one faceplate image for each switch in the stack.

In the fabric tree (left window pane), the switches in each stack are nested under the stack icon, which is nested under the fabric icon. Expanding the fabric and stack icons in the fabric tree displays all switches in a stack. The lock image on the fabric icon indicates that the application is communicating with the fabric through a secure (Secure Sockets Layer) connection.

Configuring switches in a stack

The stack dialog boxes are essentially the same as their corresponding switch dialog boxes, except that the Select Switch for Initial Configuration drop-down list is added to each dialog box. The stack dialog boxes display the information for the switch selected in the Select Switch for Initial Configuration drop-down list. Click OK to apply the configuration for the selected switch to all other switches in the stack. The following operations are available to configure the stack as a single entity:

• Syslog configuration. For more information, see ”Syslog” (page 94).

• SNMP configuration. For more information, see ”Configuring SNMP” (page 107).

• Date/time and NTP settings. For more information, see ”Setting the date/time and enabling NTP

client” (page 91).

• Editing user accounts. For more information, see ”Managing user accounts” (page 79).

• Security Consistency Checklist. For more information, see ”Security consistency checklist” (page 99).

• Firmware load and activation. For more information, see ”Installing firmware” (page 124).

• Zoning configuration. For more information, see ”Managing Fabric Zoning” (page 49).

Additional stack operations include the following:

• Move the selected switch up or down one position in the stack within the graphic window. To move a

switch image up, select a switch, open the Stack menu, and select Move Switch Up. To move a switch image down, select a switch, open the Stack menu, and select Move Switch Down. The Move Switch Up menu is unavailable when you select the top switch in the stack. Similarly, the Move Switch Down is unavailable when you select the bottom switch.

• Remove a switch from being associated with the stack if the switch is not connected to any other switch

in the fabric with an ISL connection. To remove a switch from a stack, select a switch, open the Stack menu, and select Remove Switch.

• Remove a dead ISL connection in the stack display between two switches that is either offline or has

been physically disconnected. To remove a dead link (red), select one of the linked XPAK ports, open the Stack menu, and select Remove Links.

98 Managing Switches

• Refresh the stack to update the faceplate display with current information for all switches in the stack

• Select all ports on all switches in the stack.

Security consistency checklist

The Security Consistency Checklist dialog box (Figure 55) enables you to view current security-related settings, such as, firmware versions, embedded GUI, in-band management, date/time on switches. Any changes must be made through the appropriate dialog box, such as Network Properties dialog box, Switch Properties dialog box, or SNMP Properties dialog box.

To open the Security Consistency Checklist dialog box for a single switch:

1. Select a switch in the fabric tree.

2. Select Switch > Security Consistency Checklist.

To open the Security Consistency Checklist dialog box for a stack of switches:

1. Select a stack in the fabric tree or the topology display graphic window.

2. Select Stack > Security Consistency Checklist.

To open the Security Consistency Checklist dialog box for all switches in a fabric:

1. Select a fabric in the fabric tree.

2. Select Fabric > Security Consistency Checklist.

Figure 55 Security Consistency Checklist dialog box

Configuring the network

Network configuration includes:

• Network IP configuration

• Network Domain Name Service (DNS) configuration

• Network IP security

To configure IP and DNS parameters:

1. Select a switch in the fabric tree.

2. Select Switch > Network > Network Properties to open the Network Properties dialog box. You can

also right-click a switch graphic in the topology or faceplate display, and then select Network Properties from the popup menu.

3. Click the IP tab to open the Network Properties IP dialog box or the DNS tab to open the Network

Properties DNS dialog box, as appropriate for your network setup (Figure 56).

4. Make the changes to the network properties. For information about the IP network properties, see

”Network IP configuration” (page 100). For information about DNS network properties, see ”Network

DNS configuration” (page 102).

HP StorageWorks 8/20q and SN6000 Fibre Channel Switch Enterprise Fabric Management Suite User Guide 99

5. After making changes, click OK to put the new values into effect.

Figure 56 Network Properties dialog boxes

Network IP configuration

The IP configuration identifies the switch on the Ethernet network, determines which network discovery method to use, and enables/disables the IPv4 and IPv6 network addressing. An IPv4 address is 32 bits and consists of four blocks of decimal numbers, with each block separated by a period. Each block can have up to three numbers. A single zero character displayed in a block indicates that the block consists of all zeroes. An example of an IPv4 address is 10.20.30.5. All four blocks contain numbers. Table 14 describes the IPv4 and IPv6 configuration parameters.

An IPv6 address provides a much wider range of IP addresses than an IPv4 address. An IPv6 address is 128 bits, and consists of eight blocks of hexadecimal numbers, with each block separated by a colon. The maximum number of numerals in each block is four. One or more blocks with all zeroes are represented by two colon characters. The total number of blocks always adds up to eight. To determine how many contiguous blocks contain only zeroes, subtract the number of populated blocks from eight. For example, the IPv6 address 2eee::49:24:7a:54:3434 is equivalent to 2eee:0000:0000:49:24:7a:54:3434. The number of blocks containing zeroes in this example is two (8-6=2).

NOTE: Switches without IPv6 addressing enabled cannot communicate over Ethernet with hosts or

switches using the IPv6 addressing.

Table 14 describes the network IP configuration parameters.

100 Managing Switches

HP H-series Enterprise Fabric Management Suite Software User Manual

Specifications and Main Features

Frequently Asked Questions

User Manual

Contents

1 Using Enterprise Fabric Management Suite

Installing Enterprise Fabric Management Suite

Table 1 Workstation requirements

Figure 1 Enterprise Fabric Management Suite installation

Starting Enterprise Fabric Management Suite

Figure 2 Initial Start dialog box

Figure 3 Add a New Fabric dialog box

Exiting Enterprise Fabric Management Suite

Figure 4 Save Default Fabric View File dialog box

Figure 5 Load Default Fabric View File dialog box

Uninstalling Enterprise Fabric Management Suite

Changing the encryption key for the default fabric view file

Saving and opening fabric view files

Setting Enterprise Fabric Management Suite preferences

Figure 6 Preferences dialog box—Enterprise Fabric Management Suite

Using online help

Viewing software version and copyright information

Enterprise Fabric Management Suite user interface

Figure 7 Topology display elements

Figure 8 SN6000 Fibre Channel Switch faceplate display

Figure 9 SN6000 Fibre Channel Switch backplate display

Fabric tree

Figure 10 Fabric tree

Graphic window

Data windows and tabs

Alerts panel

Figure 11 Alerts panel

Menu bars

Topology display menu

Table 2 Topology menu bar options

Faceplate display menu

Table 3 Faceplate menu bar options

Popup menus

Menu Shortcut keys

Tool bar

Table 4 Tool bar options

Working with switches and links

Working with ports

2 Managing Fabrics

Fabric firmware and software versions

Saving a version snapshot

Viewing and comparing version snapshots

Figure 12 Fabric Version Snapshot Analysis dialog box

Exporting version snapshots to a file

Managing the fabric database

Adding a fabric

Figure 13 Add a New Fabric dialog box

Removing a fabric

Opening a fabric view file

Saving a fabric view file

Rediscovering a fabric

Deleting switches and links

Adding a new switch to a fabric

Replacing a failed switch

Displaying fabric information

Link data window

Figure 14 Link data window

Displaying fabric status

Table 5 Topology display switch and status icons

Event browser

Figure 15 Event browser dialog box

Table 6 Port operational states

Filtering the event browser

Figure 16 Filter Events dialog box

Sorting the Event Browser

Saving the Event Browser to a file

Verifying Fibre Channel connections

FC Ping dialog box

Figure 17 FC Ping dialog box

FC Traceroute dialog box

Figure 18 FC TraceRoute dialog box

Device information and nicknames

Devices data window

Figure 19 Devices data window

Table 7 Devices data window fields