McDATA 316095-B21 User Manual

Download

E/OS

Command Line Interface

User Manual

P/N 620-000134-740

REV A

E/OS Command Line Interface User Manual

Record of Revisions and Updates

Printed June 2005 Thirteenth Edition

No part of this publication may be reproduced or distributed in any form or by any means, or stored in a database or retrieval system, without the prior written consent of McDATA Corporation. The information contained in this document is subject to change without notice. McDATA Corporation assumes no responsibility for any errors that may appear.

All computer software programs, including but not limited to microcode, described in this document are furnished under a license, and may be used or copied only in accordance with the terms of such license. McDATA either owns or has the right to license the computer software programs described in this document. McDATA Corporation retains all rights, title and interest in the computer software programs.

McDATA Corporation makes no warranties, expressed or implied, by operation of law or otherwise, relating to this document, the products or the computer software programs described herein. McDATA CORPORATION DISCLAIMS ALL IMPLIED WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. In no event shall McDATA Corporation be liable for (a) incidental, indirect, special, or consequential damages or (b) any damages whatsoever resulting from the loss of use, data or profits, arising out of this document, even if advised of the possibility of such damages.

Revision Date Description

620-000134-000 11/2001 Initial release of Manual

620-000134-100 05/2002 Updates for E/OS 2.0

620-000134-200 08/2002 Updates for E/OS 3.0

620-000134-300 09/2002 Updates for E/OS 4.0

620-000134-400 10/2002 Updates for E/OS 4.1

620-000134-500 10/2002 Updates for E/OS 4.1 CD-ROM final

620-000134-600 2/2003 Updates for E/OS 5.1 and EFCM 7.1

620-000134-601 7/2003 Updates for E/OS 5.5

620-000134-700 10/2003 Updates for E/OS 6.0

620-000134-710 12/2003 Updates for E/OS 6.1

620-000134-720 6/2004 Updates for E/OS 6.2

620-000134-730 12/2004 Updates for E/OS 7.0

620-000134-740 6/2005 Updates for E/OS 8.0

E/OS Command Line Interface User Manual

iii

Data, nScale, nView, OPENready, SANavigator, SANtegrity, SANvergence, SecureConnect and Sphereon are trademarks or registered trademarks of McDATA Corporation. OEM and Reseller logos are the property of such parties and are reprinted with limited use permission. All other trademarks are the property of their respective companies. All specifications subject to change.

E/OS Command Line Interface User Manual

Contents

Preface.............................................................................................................................xv

Chapter 1 Introduction

Command Line Interface Overview...............................................1-2

Entering Command Line Interface Commands ...........................1-2

Documentation Conventions ...................................................1-2

Navigation Conventions...........................................................1-2

Command Tree ..........................................................................1-4

Navigation of the CLI Command Tree.................................1-12

Parameters ................................................................................1-14

Output .......................................................................................1-15

Logging In and Logging Out ........................................................1-15

User Access Rights ..................................................................1-15

Passwords and Secrets ............................................................1-15

logout.........................................................................................1-17

Using the commaDelim Command..............................................1-18

commaDelim ............................................................................1-18

Handling Command Line Interface Errors .................................1-19

Using the Command Line Interface Help ...................................1-20

Commenting Scripts.......................................................................1-21

ED-5000 Director.............................................................................1-22

Telnet Session ..................................................................................1-23

Ethernet Connection Loss.......................................................1-23

Chapter 2 CLI Commands

Command Overview........................................................................2-2

New and Changed Commands ......................................................2-2

Contents

E/OS Command Line Interface User Manual

Contents

config ..................................................................................................2-5

config.enterpriseFabMode.setState.........................................2-5

config.features.enterpriseFabMode ........................................2-6

config.features.ficonMS ............................................................2-7

config.features.installKey.........................................................2-7

config.features.NPIV.................................................................2-8

config.features.openSysMS......................................................2-8

config.features.openTrunking .................................................2-9

config.features.show .................................................................2-9

config.fencing.addPolicy........................................................2-10

config.fencing.addPort............................................................2-11

config.fencing.deletePolicy ....................................................2-12

config.fencing.removePort.....................................................2-12

config.fencing.setParams........................................................2-13

config.fencing.setState ............................................................2-15

config.fencing.show ................................................................2-15

config.fencing.showTypeTable..............................................2-17

config.ficonCUPZoning.addControlHost............................2-17

config.ficonCUPZoning.deleteControlHost ........................2-18

config.ficonCUPZoning.setState ...........................................2-18

config.ficonCUPZoning.show ...............................................2-19

config.ficonMS.setMIHPTO...................................................2-19

config.ficonMS.setState...........................................................2-20

config.ficonMS.show...............................................................2-20

config.ip.ethernet.....................................................................2-21

config.ip.lineSpeed..................................................................2-22

config.ip.show..........................................................................2-22

config.NPIV..............................................................................2-23

config.NPIV.maxPortIDs........................................................2-23

config.NPIV.setState ..............................................................2-24

config.NPIV.show ..................................................................2-24

config.openSysMS.setHostCtrlState .....................................2-25

config.openSysMS.setState.....................................................2-25

config.port.blocked..................................................................2-26

config.port.fan..........................................................................2-26

config.port.name......................................................................2-27

config.port.rxCredits...............................................................2-28

config.port.show......................................................................2-28

config.port.showPortAddr.....................................................2-30

config.port.showCredits.........................................................2-31

config.port.speed .....................................................................2-32

config.port.swapPortByAddr ................................................2-32

config.port.swapPortByNum.................................................2-33

vii

Contents

config.port.type ....................................................................... 2-33

config.security ......................................................................... 2-34

config.security.authentication.interface.api.outgoing ....... 2-35

config.security.authentication.interface.api.sequence....... 2-35

config.security.authentication.interface.cli.sequence ........ 2-36

config.security.authentication.interface.eport.outgoing ... 2-37 config.security.authentication.interface.eport.sequence ... 2-37 config.security.authentication.interface.nport.outgoing... 2-38 config.security.authentication.interface.nport.sequence... 2-39 config.security.authentication.interface.osms.outgoing ... 2-39

config.security.authentication.interface.osms.setKey ....... 2-40

config.security.authentication.interface.serial.enhancedAuth. 2-41

config.security.authentication.interface.show .................... 2-41

config.security.authentication.interface.web.sequence..... 2-42

config.security.authentication.port.override ...................... 2-42

config.security.authentication.port.show ............................ 2-43

config.security.authentication.RADIUS.attempts.............. 2-44

config.security.authentication.RADIUS.deadtime............. 2-44

config.security.authentication.RADIUS.deleteServer ....... 2-45

config.security.authentication.RADIUS.server .................. 2-45

config.security.authentication.RADIUS.show.................... 2-46

config.security.authentication.RADIUS.timeout................ 2-47

config.security.authentication.switch.setSecret.................. 2-47

config.security.authentication.user ...................................... 2-48

config.security.authentication.user.add .............................. 2-48

config.security.authentication.user.delete........................... 2-50

config.security.authentication.user.modify ........................ 2-50

config.security.authentication.user.role .............................. 2-51

config.security.authentication.user.show............................ 2-52

config.security.fabricBinding ................................................ 2-53

config.security.fabricBinding.activatePending................... 2-54

config.security.fabricbinding.addAttachedMembers........ 2-55

config.security.fabricBinding.addMember ......................... 2-55

config.security.fabricBinding.clearMemList....................... 2-56

config.security.fabricbinding.deactivateFabBind............... 2-56

config.security.fabricBinding.deleteMember...................... 2-57

config.security.fabricBinding.replacePending.................... 2-57

config.security.fabricBinding.showActive .......................... 2-57

config.security.fabricBinding.showPending....................... 2-58

config.security.portBinding................................................... 2-59

config.security.portBinding.bound ...................................... 2-59

config.security.portBinding.show ........................................ 2-60

E/OS Command Line Interface User Manual

viii

Contents

config.security.portBinding.wwn .........................................2-61

config.security.ssh.resetKeys.................................................2-63

config.security.ssh.setState.....................................................2-63

config.security.ssh.show.........................................................2-63

config.security.switchAcl .......................................................2-64

config.security.switchAcl.addRange ....................................2-64

config.security.switchAcl.deleteRange ................................2-65

config.security.switchAcl.setState.........................................2-65

config.security.switchAcl.show.............................................2-65

config.security.switchBinding ...............................................2-66

config.security.switchBinding.addMember ........................2-67

config.security.switchBinding.deleteMember.....................2-67

config.security.switchBinding.setState.................................2-68

config.security.switchBinding.show.....................................2-69

config.security.ssl ....................................................................2-70

config.security.ssl.generateKeys ...........................................2-70

config.security.ssl.resetKeys ..................................................2-71

config.security.ssl.setRenegotiationMB ...............................2-72

config.security.ssl.setWebState..............................................2-72

config.security.ssl.setAPIState...............................................2-73

config.security.ssl.show..........................................................2-73

config.snmp..............................................................................2-75

config.snmp.addAccessEntry ................................................2-76

config.snmp.addAccessViews ...............................................2-77

config.snmp.addCommunity.................................................2-77

config.snmp.addTargetParams .............................................2-78

config.snmp.addUserEntry....................................................2-80

config.snmp.addV3Group......................................................2-81

config.snmp.addV1Target......................................................2-82

config.snmp.addV2Target......................................................2-83

config.snmp.addV3Target......................................................2-83

config.snmp.authTraps...........................................................2-84

config.snmp.deleteAccessEntry ............................................2-85

config.snmp.deleteCommunity.............................................2-85

config.snmp.deleteUserEntry ................................................2-85

config.snmp.deleteTargetEntry.............................................2-86

config.snmp.deleteV3Group..................................................2-86

config.snmp.setSNMPv3State................................................2-86

config.snmp.setFaMibVersion...............................................2-87

config.snmp.setState ...............................................................2-87

config.snmp.show ...................................................................2-88

config.snmp.showAccessTable..............................................2-89

config.snmp.showTargetTable ..............................................2-90

Contents

config.snmp.showUserTable................................................. 2-91

config.snmp.showV3GroupTable......................................... 2-92

config.snmp.showViewTable................................................ 2-93

config.snmp.validateUser...................................................... 2-94

config.switch............................................................................ 2-95

config.switch.apiState............................................................. 2-95

config.switch.domainRSCN .................................................. 2-96

config.switch.edTOV.............................................................. 2-96

config.switch.haMode ............................................................ 2-97

config.switch.insistDomainId ............................................... 2-97

config.switch.interopMode.................................................... 2-98

config.switch.islFSPFCost...................................................... 2-98

config.switch.ltdFabRSCN..................................................... 2-99

config.switch.prefDomainId.................................................. 2-99

config.switch.priority ........................................................... 2-100

config.switch.raTOV............................................................. 2-101

config.switch.rerouteDelay.................................................. 2-101

config.switch.RSCNZoneIsolation ..................................... 2-102

config.switch.safeZoning..................................................... 2-103

config.switch.speed .............................................................. 2-103

config.switch.show ............................................................... 2-104

config.switch.webState......................................................... 2-106

config.switch.zoneFlexPars ................................................. 2-106

config.switch.zoningRSCN.................................................. 2-106

config.syslog .......................................................................... 2-107

config.syslog.addServer....................................................... 2-107

config.syslog.deleteServer ................................................... 2-107

config.syslog.setLogConfig ................................................. 2-108

config.syslog.setState............................................................ 2-108

config.syslog.show................................................................ 2-109

config.system ......................................................................... 2-110

config.system.contact ........................................................... 2-110

config.system.date ................................................................ 2-110

config.system.description .................................................... 2-111

config.system.location.......................................................... 2-111

config.system.name .............................................................. 2-112

config.system.show............................................................... 2-112

config.zoning ......................................................................... 2-113

config.zoning.activateZoneSet ............................................ 2-114

config.zoning.addPortMem................................................. 2-114

config.zoning.addWwnMem .............................................. 2-115

config.zoning.addZone ........................................................ 2-116

config.zoning.clearZone....................................................... 2-117

E/OS Command Line Interface User Manual

Contents

config.zoning.clearZoneSet..................................................2-117

config.zoning.deactivateZoneSet ........................................2-117

config.zoning.deletePortMem .............................................2-118

config.zoning.deleteWwnMem ...........................................2-118

config.zoning.deleteZone.....................................................2-119

config.zoning.renameZone ..................................................2-120

config.zoning.renameZoneSet.............................................2-120

config.zoning.replaceZoneSet..............................................2-121

config.zoning.setDefZoneState............................................2-121

config.zoning.showActive....................................................2-121

config.zoning.showPending ................................................2-122

maint...............................................................................................2-124

maint.port.beacon..................................................................2-124

maint.port.reset......................................................................2-125

maint.system.beacon.............................................................2-125

maint.system.clearSysError .................................................2-126

maint.system.ipl.....................................................................2-126

maint.system.resetConfig.....................................................2-126

maint.system.setOnlineState................................................2-127

perf..................................................................................................2-128

perf.class2 ...............................................................................2-128

perf.class3 ...............................................................................2-129

perf.clearStats.........................................................................2-131

perf.errors ...............................................................................2-131

perf.link...................................................................................2-133

perf.openTrunking.backPressure........................................2-134

perf.openTrunking.congestionThresh................................2-135

perf.openTrunking.lowBBCreditThresh............................2-136

perf.openTrunking.setState..................................................2-136

perf.openTrunking.show......................................................2-137

perf.openTrunking.unresCongestion.................................2-138

perf.preferredPath.................................................................2-139

perf.preferredPath.clearPath................................................2-140

perf.preferredPath.setPath...................................................2-141

perf.preferredPath.setState ..................................................2-142

perf.preferredPath.showPath ..............................................2-142

perf.preferredPath.showState..............................................2-144

perf.thresholdAlerts..............................................................2-144

perf.thresholdAlerts.counter.addAlert...............................2-149

perf.thresholdAlerts.counter.addPort ................................2-150

perf.thresholdAlerts.counter.removePort..........................2-151

perf.thresholdAlerts.counter.setCounter...........................2-151

perf.thresholdAlerts.counter.setParams ............................2-153

Contents

perf.thresholdAlerts.counter.show .................................... 2-154

perf.thresholdAlerts.counter.showStatisticTable............. 2-154

perf.thresholdAlerts.deleteAlert......................................... 2-155

perf.thresholdAlerts.setState............................................... 2-156

perf.thresholdAlerts.show................................................... 2-156

perf.thresholdAlerts.throughput.addAlert....................... 2-158

perf.thresholdAlerts.throughput.addPort......................... 2-159

perf.thresholdAlerts.throughput.removePort .................. 2-160

perf.thresholdAlerts.throughput.setUtilType .................. 2-161

perf.thresholdAlerts.throughput.setUtilPercentage........ 2-162

perf.thresholdAlerts.throughput.setParams..................... 2-163

perf.thresholdAlerts.throughput.show ............................. 2-164

perf.thresholdAlerts.throughput.showUtilTypeTable .... 2-164

perf.traffic............................................................................... 2-165

show ............................................................................................... 2-167

show.all................................................................................... 2-167

show.auditLog....................................................................... 2-168

show.epFrameLog.config .................................................... 2-169

show.epFrameLog.disableTrigger...................................... 2-170

show.epFrameLog.filterClassFFrames .............................. 2-170

show.epFrameLog.setFilterPort.......................................... 2-171

show.epFrameLog.noWrap................................................. 2-172

show.epFrameLog.setTrigger ............................................. 2-173

show.epFrameLog.wrap ...................................................... 2-174

show.eventLog ...................................................................... 2-175

show.fabricLog.noWrap ...................................................... 2-176

show.fabricLog.wrap............................................................ 2-177

show.fabric.nodes ................................................................. 2-178

show.fabric.principal............................................................ 2-179

show.fabric.topology............................................................ 2-180

show.fabric.traceRoute......................................................... 2-181

show.features......................................................................... 2-183

show.fencing.policies ........................................................... 2-184

show.ficonCUPZoning......................................................... 2-185

show.ficonMS ....................................................................... 2-186

show.frus................................................................................ 2-187

show.ip.ethernet.................................................................... 2-188

show.linkIncidentLog........................................................... 2-188

show.loginServer .................................................................. 2-189

show.nameServer.................................................................. 2-190

show.nameServerExt............................................................ 2-192

show.NPIV.config................................................................. 2-193

show.openSysMS.config ...................................................... 2-194

E/OS Command Line Interface User Manual

xii

Contents

show.openTrunking.config..................................................2-195

show.openTrunking.rerouteLog .........................................2-196

show.port.config....................................................................2-197

show.port.exit ........................................................................2-198

show.port.info........................................................................2-200

show.port.nodes ....................................................................2-201

show.port.opticData..............................................................2-203

show.port.opticEDD .............................................................2-204

show.port.opticHealth..........................................................2-205

show.port.opticInfo...............................................................2-206

show.port.profile ...................................................................2-208

show.port.showPortAddr ...................................................2-210

show.port.status.....................................................................2-212

show.port.technology ...........................................................2-215

show.preferredPath.showPath............................................2-216

show.preferredPath.showState............................................2-218

show.security.fabricBinding ................................................2-218

show.security.log...................................................................2-219

show.security.portBinding...................................................2-220

show.security.switchAcl.......................................................2-221

show.security.switchBinding...............................................2-222

show.snmp.accessTable........................................................2-223

show.snmp.targetTable ........................................................2-224

show.snmp.userTable ...........................................................2-225

show.snmp.V3GroupTable ..................................................2-226

show.snmp.viewTable..........................................................2-227

show.snmp.config .................................................................2-228

show.switch............................................................................2-230

show.system...........................................................................2-232

show.syslog ............................................................................2-234

show.thresholdAlerts.alerts.................................................2-235

show.thresholdAlerts.log .....................................................2-237

show.zoning ...........................................................................2-239

Appendix A Error Messages

Appendix B Commands and Corresponding Releases

Glossary

........................................................................................................................a-1

Index ...............................................................................................................................b-1

Ta bl es

xiii

1-1 CLI Command Tree Navigation Conventions ......................................... 1-3

1-2 CLI Command Tree ...................................................................................... 1-4

1-3 CLI Command Tree for the ED-5000 Director ........................................ 1-22

2-1 Supported Zoning Configurations ......................................................... 2-114

2-2 Throughput Threshold Alerts ................................................................ 2-147

2-3 Alert Counters ........................................................................................... 2-147

B-1 Commands and Releases ............................................................................. B-1

Tables

xiv

E/OS Command Line Interface User Manual

Tables

Preface

This publication is part of the documentation suite that supports the McDATA

Sphereon™ 3016, Sphereon 3032, Sphereon 3216, Sphereon 3232, Sphereon 4300, Sphereon 4500, Sphereon 4400, and Sphereon 4700 Fabric Switches, Intrepid

6064 Director, and Intrepid

6140 Director.

Who Should Use This

Manual

This publication describes the commands that can be entered through the Command Line Interface (CLI) for the Intrepid 6064 Director, and Intrepid 6140 Director, Sphereon 3016, Sphereon 3032, Sphereon 3216, Sphereon 3232, Sphereon 4300, Sphereon 4400, Sphereon 4500, and Sphereon 4700 Fabric Switches. (A limited number of these commands are available on the ED-5000 Director.) Access through a Telnet client is presumed.

This publication is intended for data center administrators and customer support personnel, who can either enter the commands manually or write a script containing them. However, the primary purpose of the CLI is for scripts written by these administrators and personnel for use in a host-based scripting environments. Therefore, this publication presumes that the user is familiar with:

• Establishing and using a Telnet session

• Using the command line of a terminal

• Writing scripts

• Networking, SAN, and zoning concepts

• McDATA products in the user’s network

The publications listed in Related Publications provide considerable information about both concepts and McDATA products.

xvi

E/OS Command Line Interface User Manual

Preface

Organization of This

Manual

This publication is organized as follows:

• Chapter 1, Introduction, provides an introduction and overview of the Command Line Interface.

• Chapter 2, CLI Commands, describes the CLI commands, including their syntax, purpose, and parameters, as well as examples of their usage and any output that they generate.

• Appendix A, Error Messages lists and explains error messages that may appear while using the CLI.

• Appendix B, Commands and Corresponding Releases lists each command in the CLI and the release in which the command was added to the CLI.

•The Glossary defines terms, abbreviations, and acronyms used in this manual.

•An Index is also provided.

Manual Updates Check the McDATA web site at www.mcdata.com for possible

updates or supplements to this manual.

Related Publications Other publications that provide additional information about the

products mentioned in this manual are:

• Configuration Backup and Restore Utility Installation and User Guide (958-000370)

• McDATA Products in a SAN Environment - Planning Manual (620-000124)

• Intrepid 6064 Director Installation and Service Manual (620-000108)

• Intrepid 6140 and 6064 Directors Element Manager User Manual (620-000172)

• Intrepid 6140 Director Installation and Service Manual (620-000157)

• EFCM Basic User Manual (620-000240)

• McDATA E/OS SNMP Support Manual (620-000131)

• Sphereon 3016 and 3216 Fabric Switch Element Manager User Manual (620-000174)

• Sphereon 3016 and 3216 Fabric Switches Installation and Service Manual (620-000154)

• Sphereon 3032 and 3232 Fabric Switch Element Manager User Manual (620-000173)

Preface

xvii

Preface

• Sphereon 3032 and 3232 Fabric Switches Installation and Service Manual (620-000155)

• Sphereon 4300 Fabric Switch Installation and Service Manual (620-000171)

• Sphereon 4500 Fabric Switch Installation and Service Manual (620-000159)

• Sphereon 4500 Fabric Switch Element Manager User Manual (620-000175)

• McDATA Sphereon 4400 Switch Element Manager User Manual (620-000241)

• McDATA Sphereon 4700 Fabric Switch Element Manager User Manual (620-000242)

• McDATA Sphereon 4400 Fabric Switch Installation and Service Manual (620-000238)

• McDATA Sphereon 4700 Fabric Switch Installation and Service Manual (620-000239)

Manual Conventions The following notational conventions are used in this document:

NOTE: A note presents important information that is not hazard-related.

ATTENTION! An attention notice presents important information about

activities that could result in loss of equipment function or loss of data.

Where to Get Help For technical support, McDATA end-user customers should call the

phone number located on the service label attached to the front or rear of the hardware product.

Convention Meaning

Bold Keyboard keys, buttons and switches on hardware products,

and screen prompts for the Command Line Interface.

Italic Outside book references, names of user interface windows,

buttons, and dialog boxes.

Monospaced Command syntax, examples of commands, output.

xviii

E/OS Command Line Interface User Manual

Preface

NOTE: To expedite warranty entitlement, please have your product serial number available.

McDATA Corporation

380 Interlocken Crescent

Broomfield, CO 80021

Phone: (800) 752-4572 or (720) 558-3910

Fax: (720) 558-3581

E-mail: support@mcdata.com

NOTE: Customers who purchased the hardware product from a company other than McDATA should contact that company’s service representative for technical support.

Forwarding Publication

Comments

We sincerely appreciate any comments about this publication. Did you find this manual easy or difficult to use? Did it lack necessary information? Were there any errors? Could its organization be improved?

Please send your comments via e-mail, our home page, or FAX. Identify the manual, and provide page numbers and specific detail. Thank you.

Ordering Publications To order a paper copy of this manual, submit a purchase order as

described in Ordering McDATA Documentation Instructions, which is found on McDATA’s web site, www.mcdata.com. To obtain documentation CD-ROMs, contact your sales representative.

E-mail: pubsmgr@mcdata.com

Home Page: http://www.mcdata.com

Fax: Technical Communications Manager

(720) 558-8999

Preface

xix

Preface

Trademarks The following terms, indicated by a registered trademark symbol (®)

or trademark symbol (™) on first use in this publication, are trademarks of McDATA Corporation in the United States, other countries, or both:

Registered Trademarks

Trademarks

Fabricenter

E/OS™

HotCAT

Eclipse™

Intrepid

Fibre Channel Director™

McDATA

OPENconnectors™

OPENready

SANvergence™

SANavigator

Sphereon™

SANtegrity

All other trademarked terms, indicated by a registered trademark symbol (®) or trademark symbol (™) on first use in this publication, are trademarks of their respective owners in the United States, other countries, or both.

E/OS Command Line Interface User Manual

Preface

Introduction

1-1

Introduction

This chapter introduces the Command Line Interface (CLI) and describes the essentials for using the CLI commands.

• Command Line Interface Overview......................................................1-2

• Entering Command Line Interface Commands....................................1-2

• Logging In and Logging Out..............................................................1-15

• Using the commaDelim Command ....................................................1-18

• Handling Command Line Interface Errors......................................... 1-19

• Using the Command Line Interface Help........................................... 1-20

• Commenting Scripts...........................................................................1-21

• ED-5000 Director............................................................................... 1-22

• Telnet Session......................................................................................1-23

1-2

E/OS Command Line Interface User Manual

Command Line Interface Overview

The Command Line Interface (CLI) is a feature that provides an alternative to Graphical User Interface (GUI) and web-based (HTTP) interface products for director and switch management capabilities.

The CLI can only be used through a Telnet client session in an out-of-band management environment, using the Ethernet port in the director or switch. It can also be used through SSH. Although the primary use of the CLI is in host-based scripting environments, the CLI commands can also be entered directly at a command line. Any hardware platform that supports the Telnet client software can be used.

The primary purpose of the CLI is to automate management of a large number of switches with the use of scripts.

Because the CLI is not an interactive interface, no prompts are displayed to guide the user through a task. If an interactive interface is needed, use the GUI-based or web-based SAN management applications instead of the CLI.

Entering Command Line Interface Commands

The CLI commands can be entered directly at the command line of a terminal or coded in a script.

Note that the CLI commands are not case sensitive.

Documentation Conventions

Throughout this publication, periods are used to separate the components of a command name. However, the periods cannot be included when the command is actually entered at the terminal or coded in a script. (How to enter the commands is explained in

Navigation of the CLI Command Tree on page 1-12.)

Even though the commands cannot be entered with the periods, the command line prompts do include the periods.

Config.Port>

Navigation Conventions

Basic command line navigation conventions are supported. The following table includes the asynchronous commands that are recognized by the CLI.

Introduction

1-3

Entering Command Line Interface Commands

Table 1-1 CLI Command Tree Navigation Conventions

Character Sequence Common Name Action or Description

<CR> Carriage Return Pass a completed line to the

parser.

<DEL> Delete Backspace one character

and delete the character.

<NL> New Line Pass a completed line to the

parser.

<SP> Space Used to separate keywords.

# Pound Sign Used to designate

comments in a script.

? Question Mark Provide help information.

“ Quotation Mark Used to surround a single

token.

^A Control-A Position the cursor to the

start of the line.

^B Control-B Position the cursor left one

character.

^D Control-D Delete the current character.

^E Control-E Position the cursor to the

end of the line.

^F Control-F Position the cursor right one

character.

^H Control-H Backspace one character

and delete the character.

^I Tab Complete the current

keyword.

^K Control-K Delete to the end of the line.

^L Control-L Redraw the line.

^N Control-N Move down one line in the

command history.

^P Control-P Move up one line in the

command history.

1-4

E/OS Command Line Interface User Manual

Entering Command Line Interface Commands

Command Tree

The command tree of the CLI begins from the root. Table 1-2 shows the CLI command tree. The commands in the four extended branches (config, maint, perf, and show) are described in Chapter 2, New and

Changed Commands.

The following commands are not listed in the command tree, but are globally available and are documented in this chapter:

• login (see login on page 1-16)

• logout (see logout on page 1-17)

• commaDelim (see Using the commaDelim Command on page 1-18)

Table 1-2 shows the command tree hierarchy from the root, reading

from left to right.

^R Control-R Redraw the line.

^U Control-U Clear the input and reset the

line buffer.

^X Control-X Clear the input and reset the

line buffer.

<ESC>[A Up Arrow Move up one line in the

command history.

<ESC>[B Down Arrow Move down one line in the

command history.

<ESC>[C Right Arrow Position the cursor right one

character.

<ESC>[D Left Arrow Position the cursor left one

character.

Table 1-1 CLI Command Tree Navigation Conventions (Continued)

Character Sequence Common Name Action or Description

Table 1-2 CLI Command Tree

config---------- enterpriseFabMode--- setState

features ----------------- enterpriseFabMode

ficonMS

installKey

NPIV

Introduction

1-5

Entering Command Line Interface Commands

openSysMS

openTrunking

show

fencing------------------- addPolicy

addPort

deletePolicy

removePort

setParams

setState

show

showTypeTable

ficonCUPZoning------- addControlHost

deleteControlHost

setState

show

ficonMS------------------ setMIHPTO

setState

show

ip-------------------------- ethernet

lineSpeed

show

setHostCtrlState

NPIV--------------------- maxPortIDs

setState

show

openSysMS------------ setHostCtrlState

setState

port ----------------------- blocked

fan

name

rxCredits

show

showCredits

showPortAddr

speed

swapPortByAddr

Table 1-2 CLI Command Tree (Continued)

1-6

E/OS Command Line Interface User Manual

Entering Command Line Interface Commands

swapPortByNum

type

security------------------ authentication---------- interface----------------- api------------------------- outgoing

sequence

cli-------------------------- sequence

eport---------------------- outgoing

sequence

nport---------------------- outging

sequence

osms--------------------- outgoing

setKey

serial--------------------- enhancedAuth

show

web----------------------- sequence

port----------------------- override

show

radius-------------------- attempts

deadtime

deleteServer

server

show

timeout

switch-------------------- setSecret

user----------------------- add

delete

modify

role

show

security ----------------- fabricBinding ----------- activatePending

addAttachedMembers

addMember

clearMemList

deactivateFabBind

deleteMember

replacePending

showActive

Table 1-2 CLI Command Tree (Continued)

Introduction

1-7

Entering Command Line Interface Commands

showPending

portBinding ------------- bound

show

wwn

ssh------------------------ resetKeys

setState

show

switchAcl---------------- addRange

deleteRange

setState

show

switchBinding ---------- addMember

deleteMember

setState

show

ssl ------------------------ generateKeys

resetKeys

setAPIState

setRengotiationMB

setWebState

show

snmp --------------------- addAccessEntry

addAccessViews

addCommunity

addTargetParams

addUserEntry

addV1Target

addV2Target

addV3Group

addV3Target

authTraps

deleteAccessEntry

deleteCommunity

deleteTargetEntry

deleteUserEntry

deleteV3Group

Table 1-2 CLI Command Tree (Continued)

1-8

E/OS Command Line Interface User Manual

Entering Command Line Interface Commands

setFaMibVersion

setSNMPv3State

setState

show

showAccessTable

showTargetTable

showUserTable

showV3GroupTable

showViewTable

validateUser

switch -------------------- apiState

bbCredit

domainRSCN

edTOV

haMode

islFSPFCost

insistDomainId

interopMode

ltdFabRSCN

prefDomainId

priority

raTOV

rerouteDelay

RSCNZoneIsolation

safeZoning

speed

show

webState

zoneFlexPars

zoningRSCN

syslog ------------------- addServer

deleteServer

setLogConfig

setState

show

system ------------------ contact

Table 1-2 CLI Command Tree (Continued)

Introduction

1-9

Entering Command Line Interface Commands

date

description

location

name

show

zoning ------------------ activateZoneSet

addPortMem

addWwnMem

addZone

clearZone

clearZoneSet

deactivateZoneSet

deletePortMem

deleteWwnMem

deleteZone

renameZone

renameZoneSet

replaceZoneSet

setDefZoneState

showPending

showActive

maint ---------- port ----------------------- beacon

reset

system ------------------ beacon

clearSysError

ipl

resetConfig

setOnlineState

perf ------------ class2

class3

clearStats

errors

link

openTrunking ---------- backPressure

congestionThresh

lowBBCreditThresh

Table 1-2 CLI Command Tree (Continued)

1-10

E/OS Command Line Interface User Manual

Entering Command Line Interface Commands

setState

show

unresCongestion

preferredPath ---------- clearPath

setPath

setState

showPath

showState

thresholdAlerts -------- counter ------------------ addAlert

addPort

removePort

setCounter

setParams

show

showStatisticTable

deleteAlert

setState

show

throughput -------------- addAlert

addPort

removePort

setUtilType

setUtilPercentage

setParams

show

showUtilTypeTable

traffic

show ---------- all

auditLog

epFrameLog----------- config

disableTrigger

filterClassFFrames

noWrap

setFilterPort

setTrigger

wrap

Table 1-2 CLI Command Tree (Continued)

Introduction

1-11

Entering Command Line Interface Commands

eventLog

fabric--------------------- nodes

principal

topology

traceroute

fabricLog---------------- noWrap

wrap

features

fencing------------------- policies

ficonCUPZoning

ficonMS

frus

ip -------------------------- ethernet

linkIncidentLog

loginServer

nameServer

nameServerExt

NPIV--------------------- config

openSysMS------------ config

openTrunking ---------- config

rerouteLog

port ----------------------- config

exit

info

nodes

opticData

opticEDD

opticHealth

opticInfo

profile

showPortAddr

status

technology

preferredPath ---------- showPath

security------------------ fabricBinding

log

Table 1-2 CLI Command Tree (Continued)

1-12

E/OS Command Line Interface User Manual

Entering Command Line Interface Commands

Note that the commands are shown, with the exception of the zoning commands, in alphabetical order to make them easier to locate. Although the commands can be entered in any order, depending on the results desired, the order shown in Table 1-2, CLI Command Tree, page 1-4 for the zoning commands is a typical order in which the zoning commands are entered.

Note that the order in which commands are entered determines the order in which the show commands display the values. Refer to

Chapter 2, New and Changed Commands for examples of show

commands output.

Navigation of the CLI Command Tree

Once the administrator or operator logs in and receives the Root> prompt, the CLI commands are accessed by navigating up and down the CLI command tree.

To move from the root through the any of the four extended branches, enter the name of the next branch as shown in Table 1-2,

CLI Command Tree, page 1-4. For example, to use the config.port.name

command to configure the name for port 4 on the switch, this series of commands is entered:

Root> config Config> port

portBinding

switchAcl

switchBinding

snmp -------------------- accessTable

config

targetTable

userTable

V3GroupTable

viewTable

switch

syslog

system

thresholdAlerts-------- alerts

log

zoning

Table 1-2 CLI Command Tree (Continued)

Introduction

1-13

Entering Command Line Interface Commands

Config.Port> name 4 "Sam’s Tape Drive"

At this point, to enter the maint.port.beacon command to set the beaconing state of port 4, the following series of commands is entered:

Config.Port> .. Config> .. Root> maint Maint> port Maint.Port> beacon 4 true

Note that you must return all the way to the root of the tree to transition to another extended branch. When traversing back to the root, the name of each branch cannot be used. Instead use the double-dot command (two periods) to move back towards the root. Note that only one double-dot command may be entered at a time.

One approach to making the navigation more concise is to use the root command to jump directly to the root of the CLI command tree. The previous example, which shows stepping back to the root with the double-dot command, is simplified as follows:

Config.Port> root Root> maint Maint> port Maint.Port> beacon 4 true

Another approach to making the navigation more concise is to use the complete command syntax from the Root> prompt each time. For example, to issue the config.port.name command and then the maint.port.beacon command, the commands are entered as follows:

Root> config port name 4 "Sam’s Tape Drive" Root> maint port beacon 4 true

As shown in this example, use of the complete command syntax avoids navigating up and down the branches of the CLI command tree, and the prompt stays at the root. The use of complete command syntax is particularly useful when writing scripts.

When coding a script, remember to code the appropriate character sequences, which are described in Navigation Conventions on page 1-2.

Root> config port name 4 "Sam’s Tape Drive"<CR> Root> maint port beacon 4 true<CR>

1-14

E/OS Command Line Interface User Manual

Entering Command Line Interface Commands

Limitation on Movements As the commands are entered, they are recorded in a history log.

Note these limitations on movement that result from use of the history log:

• If a command has more than 60 characters, the command runs, but the command is not recorded in the history log, and the position in the tree does not change, as shown in the following example. Because the command is not recorded in the history, a subsequent asynchronous command (navigation command) cannot depend on it.

Root> config zoning addWwnMem TheUltimateZone 10:00:00:00 :C9:22:9B:64 Root>

• Whenever the position in the CLI command tree moves to a new branch (for example, config to maint, config to config.port, or config.port to config), the history log is cleared. In this case, any asynchronous commands (for example, the up-arrow command <ESC>[A or the up-arrow keyboard symbol) cannot move the position back towards the root, as shown in this example:

Root> config Root.Config> port Root.Config.Port> <ESC>[A Root.Config.Port>

Parameters

Some command parameters accept character strings that include spaces. Quotation marks are required when a string includes spaces.

Config.System> location Building_24_Room_16

Config.System> location "Building 24 Room 16"

If spaces are not included in a parameter that accepts a string, the quotation marks are not required around that string.

To include quotation marks in a string, use the escape character (\) before the quotation marks.

Config.System> location "Building 24 \"Joe’s PlayLab\""

A null string can be created by using the quotation marks without any space between them.

Config.System> location ""

Introduction

1-15

Logging In and Logging Out

Output

All output from the CLI commands is limited to the standard 80 columns supported by most Telnet interfaces. The output is left-justified.

Logging In and Logging Out

The command line interface (CLI) allows a single Telnet client to be connected to the switch. If a Telnet client logs out, or if after 15 minutes of inactivity the client’s access times out, another Telnet client may log in. Also note that the Telnet client (user) must log in any time the director or switch is restarted because the current user’s access is lost. Examples of a restart include an initial program load (IPL) and any power-off situation.

User Access Rights

The CLI supports two user access rights: administrator and operator. A user who logs in with administrator access rights can use all of the commands described in this publication. Operator access rights grant permission to use only the perf and show branches of the CLI command tree (for example, the perf.traffic and show.system commands) with the following exceptions: operator cannot access the show.preferredPath, show.security, and show.thresholdAlerts commands. Operators can also execute the globally available commands (login, logout, and commaDelim).

Passwords and Secrets

Some commands require the user to enter a password or secret before the command can be executed.

Passwords can be ASCII characters in the range of 32 to 126.

Secrets can be any ASCII character (0-255). Non-printable and extended ASCII characters can be entered by using a backslash. Two hexadecimal characters must follow the backslash. All printable ASCII characters can be entered using the keyboard or using its hexadecimal value except for the backslash character. If a backslash is desired as part of the password its hexadecimal representation must be used. Spaces are valid, but the whole password must be in quotes, or you need to use the hexadecimal for the quote. Also, when you login to CLI you will need to use quotes around the password again. The following are examples of valid secrets.

1-16

E/OS Command Line Interface User Manual

Logging In and Logging Out

simplesecret****

This is an example of a secret that does not use any special characters.

\40\72\A3\F9\12\13\14\15\16\17\18\19\55\33\87\42

This is an example of a secret of length 4 that is configured using the hexadecimal representation.

a9p\40\40xx\44\88kutfe\89h

This is an example of a secret that has a length of 7 characters that are composed of a mix using hexadecimal and the printable ASCII characters.

Syntax login

Purpose This command allows a Telnet client to connect to the switch.

Description This command allows the user to log in with either administrator or

operator access rights. The default passwords are password.

The login command is called automatically by the CLI each time a new Telnet session is activated, as well as each time new administrator access rights are configured.

After the login command is issued, the Username: prompt automatically displays. After a valid user name is entered, the Password: prompt automatically displays. After the corresponding valid password is entered, the Root> prompt displays. At this prompt the user may enter any of the commands included in

Table 1-2, CLI Command Tree, page 1-4.

When users are prompted to change the password when logging in, they can enter the default password (password). This will be accepted. However, at the next login, they will again be required to change the password, if the default password is still being used. When the user enters the default password when prompted to change the password, the data portion of the security log entry for CLI login includes “password not changed.”

A user name and password can be set by the administrator through the config.security.authentication.user.add command or through the config.security.authentication.user.modify command.

Introduction

1-17

Logging In and Logging Out

The access rights chosen for the CLI are completely independent of the other product interfaces, for example, SNMP or McDATA product interfaces.

Parameters This command has no parameters.

Command Examples

Username: Administrator Password: password

Username: Operator Password: password

logout

Syntax logout

Purpose This command allows a Telnet client to disconnect from the switch.

Description This command logs out the single Telnet client connected to the

switch. This command can be entered at any point in the command tree.

Parameters This command has no parameters.

Command Examples

Root> logout

Config> logout

Config.Port> logout

1-18

E/OS Command Line Interface User Manual

Using the commaDelim Command

Note that the output examples shown in the other sections of this publication presume that commaDelim is off.

commaDelim

Syntax commaDelim enable

Purpose This command enables the user to obtain displayed information in

comma-delimited, rather than tabular, format. Tabular format is the default.

Description This command can be entered at any point in the command tree.

Parameter This command has one parameter

Command Examples

Root> commaDelim true

Config> commaDelim 1

Config.Port> commaDelim false

Output Example Output displayed in commaDelim mode is as follows:

Root> show eventLog Date/Time,Code,Severity,FRU,Event Data, 04/12/01 10:58A,375,Major,CTP-0,00010203 04050607 08090A0B 0C0D0E0F, 04/12/01 10:58A,375,Major,CTP-0,00010203 04050607 08090A0B 0C0D0E0F, 04/12/01 9:58A,385,Severe,CTP-0,00010203 04050607 08090A0B 0C0D0E0F, 04/11/01 7:18P,395,Severe,CTP-0,00010203 04050607 08090A0B 0C0D0E0F,

enable Specifies the comma-delineated state for

output. Valid values are true and false. Boolean 1 and 0 may be substituted as values.

Introduction

1-19

Handling Command Line Interface Errors

Two types of errors detected by the CLI are:

• An error associated with the interface. For example, a keyword is misspelled or does not exist.

Root> confg Error 234: Invalid Command

• An error associated with fabric or switch issues. For example, a parameter error is detected by the switch where port 24 is entered for a switch that supports only 16 ports:

Root> config port name 24 "Port 24" Error 218: Invalid Port Number

In either case, the command is ignored. The CLI remains at the point it was before the command was entered.

The error messages, including error number and error, are listed in

Appendix A, Error Messages.

1-20

E/OS Command Line Interface User Manual

Using the Command Line Interface Help

The question mark (?) can be used within a command to obtain certain information:

• If the question mark is used in place of a command keyword, all the keywords at that level of the CLI command tree display:

Root> config system ? Command identified contact - Set the system contact attribute date - Set the system date and time description - Set the system description attribute location - Set the system location attribute name - Set the system name attribute show - Display the system configuration

• If the question mark is used at the end of a recognized command, any parameters for that command display:

Root> config port name ?

- name <portNumber> <portName>

• If the question mark is used after one or more characters of a keyword, any keywords at that level of the CLI command tree display:

Root> config s? security snmp switch system

Introduction

1-21

Commenting Scripts

The pound sign (#) can be used to add comments in a script file. The pound sign must be the first character in the line; the CLI ignores everything after the pound sign in that line. The following lines are valid:

Root> #Change port 3 to an E_Port<CR> Root> config port<CR> config.port> ##################<CR> config.port> ## Begin Script ##<CR> config.port> ##################<CR>

The pound sign cannot be used after any other characters (a command, for example) to start a comment. The following is an invalid script line:

Root> maint system beacon true # Turn on beaconing<CR>

To correct the previous script line, move the comment either before or after the line with the command. For example, the following examples are both valid:

Root> # Turn on beaconing<CR> Root> maint system beacon true<CR>

Root> maint system beacon true<CR> Root> # Turn on beaconing<CR>

ATTENTION! Comments of over 200 characters in length may cause unpredictable system behavior. Limit comments to 200 characters per line.

1-22

E/OS Command Line Interface User Manual

ED-5000 Director

A subset of the CLI commands described in this publication are available on the ED-5000 Director™. The globally available commands (login, logout, and commaDelim) are described previously in this chapter. The following config, maint, and show commands are described in Chapter 2, New and Changed Commands:

Table 1-3 CLI Command Tree for the ED-5000 Director

config -------------------- security ----------------- userRights -------------- administrator

operator

show

maint --------------------- system ------------------ resetConfig

show --------------------- ip -------------------------- ethernet

port ----------------------- config

info

status

switch

system

zoning

Introduction

1-23

Telnet Session

The CLI can be accessed through a Telnet client session in an out-of-band management environment, using the Ethernet port in the director or switch. It can also be accessed using Secure Shell (SSH).

Although the primary use of the CLI is in host-based scripting environments, the CLI commands can also be entered directly at a command line. Any hardware platform that supports the Telnet client software can be used.

NOTE: You can use the Configure option in the GUI-based or web-based interfaces to enable/disable Telnet access. Telnet access is enabled by default. Any changes to the enabled state of the Telnet server are retained through system restarts and power cycles.

Ethernet Connection Loss

If the Ethernet cable is disconnected from the director or switch during a Telnet session, one of three scenarios is possible:

• Replace the Ethernet cable before the client connection times out, and the Telnet session will continue.

• Wait 15 minutes until the client connection times out; then replace the Ethernet cable and restart the connection.

• If the client connection has already timed out, replace the Ethernet cable. Open a GUI-based or web-based interface SAN-management window. Toggle the enabled state of the CLI, thereby clearing the client connection. Restart the client connection.

Once the client connection is reestablished, verify the completeness and accuracy of your configuration.

1-24

E/OS Command Line Interface User Manual

Telnet Session

CLI Commands

2-1

CLI Commands

This chapter describes the Command Line Interface (CLI) commands, including their syntax, purpose, and parameters, as well as examples of their usage and any output that they generate.

• Command Overview.............................................................................2-2

• New and Changed Commands .............................................................2-2

• config..................................................................................................... 2-5

• maint................................................................................................. 2-124

• perf ....................................................................................................2-128

• show ..................................................................................................2-167

2-2

E/OS Command Line Interface User Manual

Command Overview

Most of the commands in this chapter are listed in alphabetical order to make them easy to locate. Although the commands can be entered in any order, depending on the results desired (so long as the tree structure is followed), the order used herein for the zoning commands follows a typical order of entry. The various show commands are usually entered at the end of a group of other commands to verify configuration changes.

New and Changed Commands

The following CLI commands are new for this edition of the E/OS Command Line Interface User Manual:

• config.fencing.addPort on page 2-11

• config.fencing.removePort on page 2-12

• config.NPIV.maxPortIDs on page 2-23

• config.port.blocked on page 2-26

• config.port.name on page 2-27

• config.port.rxCredits on page 2-28

• config.port.show on page 2-28

• config.port.speed on page 2-32

• config.port.type on page 2-33

• config.security.authentication.port.override on page 2-42

• config.security.portBinding.bound on page 2-59

• config.security.portBinding.show on page 2-60

• config.security.portBinding.wwn on page 2-61

• config.security.ssl.show on page 2-73

• config.security.ssl.resetKeys on page 2-71

•cconfig.security.ssl.setAPIState on page 2-73

• config.security.ssl.setRenegotiationMB on page 2-72

• config.security.ssl.setWebState on page 2-72

CLI Commands

2-3

New and Changed Commands

• config.security.ssl.show on page 2-73

• config.snmp.addAccessEntry on page 2-76

• config.snmp.deleteAccessEntry on page 2-85

• config.snmp.addTargetParams on page 2-78

• config.snmp.addUserEntry on page 2-80

• config.snmp.addV1Target on page 2-82

• config.snmp.addV2Target on page 2-83

• config.snmp.addV3Target on page 2-83

• config.snmp.deleteAccessEntry on page 2-85

• config.snmp.setSNMPv3State on page 2-86

• config.snmp.addUserEntry on page 2-80

• config.snmp.deleteV3Group on page 2-86

• config.snmp.setSNMPv3State on page 2-86

• config.snmp.showAccessTable on page 2-89

• config.snmp.showTargetTable on page 2-90

• config.snmp.showUserTable on page 2-91

• config.snmp.showV3GroupTable on page 2-92

• config.snmp.showViewTable on page 2-93

• config.snmp.validateUser on page 2-94

• config.switch.apiState on page 2-95

• config.switch.haMode on page 2-97

• config.syslog on page 2-107

• config.switch.show on page 2-104

• config.switch.webState on page 2-106

• config.switch.apiState on page 2-95

• config.syslog on page 2-107

• config.syslog.addServer on page 2-107

• config.syslog.deleteServer on page 2-107

2-4

E/OS Command Line Interface User Manual

New and Changed Commands

• config.syslog.setLogConfig on page 2-108

• config.syslog.setState on page 2-108

• config.syslog.show on page 2-109

• config.system on page 2-110

• config.system.contact on page 2-110

• maint.port.beacon on page 2-124

• maint.port.reset on page 2-125

• perf.class2 on page 2-128

• perf.class3 on page 2-129

• perf.clearStats on page 2-131

• perf.errors on page 2-131

• perf.link on page 2-133

• perf.openTrunking.congestionThresh on page 2-135

• perf.openTrunking.show on page 2-137

• perf.preferredPath.clearPath on page 2-140

• perf.preferredPath.setPath on page 2-141

• perf.thresholdAlerts.counter.addPort on page 2-150

• perf.thresholdAlerts.counter.removePort on page 2-151

• perf.thresholdAlerts.throughput.addPort on page 2-159

• perf.thresholdAlerts.throughput.removePort on page 2-160

• perf.traffic on page 2-165

• show.epFrameLog.disableTrigger on page 2-170

• show.epFrameLog.setTrigger on page 2-173

• show.fabric.traceRoute on page 2-181

• show.port.exit on page 2-198

• show.port.info on page 2-200

• show.port.nodes on page 2-201

• show.port.opticData on page 2-203

• show.port.opticHealth on page 2-205

CLI Commands

2-5

config

• show.port.profile on page 2-208

• show.preferredPath.showPath on page 2-216

• show.snmp.accessTable on page 2-223

• show.snmp.targetTable on page 2-224

• show.snmp.userTable on page 2-225

• show.snmp.V3GroupTable on page 2-226

• show.snmp.viewTable on page 2-227

• show.syslog on page 2-234

config

The config branch of the CLI command tree contains commands that set parameter values on the switch or director. These values are not temporary (session) values, but are retained across power cycles.

The commands in the config branch can only be accessed by a user with administrator level user rights. CLI commands are activated on the switch immediately, except as noted.

In general, the config naming commands (except for the config.zoning commands) use the USASCII character set. All of the characters in this 128-character set (the first 7-bit subset of the ISO-8859-1 Latin-1 character set) are valid. Any exceptions are noted in the specific command descriptions.

config.enterpriseFabMode.setState

Syntax setState enterpriseFabModeState

Purpose This command sets the Enterprise Fabric Mode state for the fabric.

The SANtegrity™ feature key must be installed to activate the Enterprise Fabric Mode state.

NOTE: The command config.features.enterpriseFabMode on page 2-6 has functionality that is identical to this command.

2-6

E/OS Command Line Interface User Manual

config

Parameters This command has one parameter:

Command Example

Root> config enterpriseFabMode setState 1

NOTE: You cannot activate Enterprise Fabric Mode while Open Trunking is enabled.

config.features.enterpriseFabMode

Syntax enterpriseFabMode enterpriseFabModeState

Purpose This command sets the Enterprise Fabric Mode state for the fabric.

The SANtegrity™ feature key must be installed to activate the Enterprise Fabric Mode state.

Parameters This command has one parameter:

Command Example

Root> config features enterpriseFabMode 1

NOTE: The command config.enterpriseFabMode.setState on page 2-5 has functionality that is identical to this command.

enterpriseFabModeState Specifies whether enterpriseFabMode is

active. Valid values are activate and deactivate. Boolean 1 and 0 may be substituted as values.

enterpriseFabModeState Specifies whether enterpriseFabMode is

active. Valid values are activate and deactivate. Boolean 1 and 0 may be substituted as values.

CLI Commands

2-7

config

config.features.ficonMS

Syntax ficonMS ficonMSState

Purpose This command enables or disables FICON Management Server. The

FICON Management Server feature key must be installed in order to enable the FICON Management Server State. (The Sphereon 4300 and Sphereon 4500 switches do not accept this command.)

NOTE: This command is displayed on a Sphereon 3016 and 3216 only if the feature key is installed.

NOTE: If the FICON Management Server is enabled, the default management style is the FICON Management Style. The Open Systems Management Style cannot be used.

Parameters This command has one parameter:

Command Example

Root> config features ficonMS 1

NOTE: The command config.ficonMS.setState on page 2-20 has functionality that is identical to this command.

config.features.installKey

Syntax installKey featureKey

Purpose This command installs a feature set that with the provided feature

key. The switch can be either offline or online when this command is executed.

NOTE: If any currently installed features are being removed by the new feature key, the switch must be offline when the command is given.

ficonMSState Specifies whether the FICON Management

Server is enabled. Valid values are enable and disable. Boolean 1 and 0 may be substituted as values.

2-8

E/OS Command Line Interface User Manual

config

Parameters This command has one parameter:

Command Example

Root> config features installKey AaBb-CCdD-eeFF-gH

config.features.NPIV

Syntax setState NPIVState

Purpose This command enables or disables NPIV feature. The NPIV feature

key must be installed in order to enable this feature.

Parameters This command has one parameter.

Command Example

Root> config features NPIV enable

NOTE: The command config.NPIV.setState on page 2-24 has functionality that is identical to this command.

config.features.openSysMS

Syntax openSysMS openSysMSState

Purpose This command enables or disables Open Systems Management

Server (OSMS). OSMS is a feature that allows host control and inband management of the switch or director through a management application that resides on an open-systems interconnection (OSI) device.

featureKey Specifies the key you have received to enable

optional software feature on a specific product. A feature key is a string of case-sensitive, alphanumeric ASCII characters.

The number of characters may vary in the format; however, the key must be entered exactly, including the hyphens. An example of a feature key format is XxXx-XXxX-xxXX-xX.

NPIVState Valid values are enable and disable. Boolean 1

and 0 may be substituted as values.

CLI Commands

2-9

config

Parameters This command has one parameter:

Command Example

Root> config features openSysMS 1

NOTE: The command config.openSysMS.setState on page 2-25 has functionality that is identical to this command.

config.features.openTrunking

Syntax openTrunking openTrunkingState

Purpose This command enables or disables OpenTrunking feature. The

OpenTrunking feature key must be installed in order to enable open trunking.

Parameters This command has one parameter:

Command Example

Root> config features openTrunking 1

NOTE: The command perf.openTrunking.setState on page 2-136 has functionality that is identical to this command.

config.features.show

Syntax show

Purpose This command shows the product feature information configured for

this director or switch.

Parameters This command has no parameters.

osmsState Specifies whether the Open Systems

Management Server is enabled. Valid values are enable and disable. Boolean 1 and 0 may be substituted as values.

openTrunkingState This parameter can be set to enable or disable

the OpenTrunking feature. Boolean 1 and 0 may be substituted as values.

2-10

E/OS Command Line Interface User Manual

config

Command Example Root> config features show

Output The product feature data is displayed as a table that includes the

following properties.

Output Example The output from the config.features.show command appears as follows.

Installed Feature SetFeatureState

----------------------------------------------------Flex Ports8 Flex PortsEnabled SANtegrityFabric BindingActive SANtegritySwitch BindingEnabled SANtegrityEnterprise FabricsActive Open TrunkingOpen TrunkingEnabled

NOTE: The command show.features on page 2-183 has functionality that is identical to this command.

config.fencing.addPolicy

Syntax addPolicy name

Purpose This command configures a new fencing policy and assigns it a name.

The new policy is assigned default settings, which must be changed before the policy is activated.

Refer to the command config.fencing.setParams on page 2-13 for default settings.

Parameters This command has one parameter.

Installed Feature Set

The feature set installed using a feature key. Only installed keys are displayed.

Feature Individual features within each set. In many

cases, there is only one feature within each feature set.

State The state of the individual feature. Fabric-wide

features are displayed as Active/Inactive. Features related to the switch are displayed as Enabled/Disabled.

name Specifies the name of the new fencing policy.

This name can consist of any printable USASCII characters up to a maximum length of 63 characters. This name is case-sensitive.

CLI Commands

2-11

config

Command Example Root> config fencing addPolicy Policy2

NOTE: The maximum number of policies supported is 14.

config.fencing.addPort

Syntax addPort name portNumber

Purpose This command adds a port to the specified fencing policy.

Parameters This command has two parameters:

NOTE: A range of ports is not accepted as a valid input to this command (e.g., “0-29” is not acceptable).

The port values can also be substituted with one of the following keywords that will remove all the ports from the alert, and then use a specific type of port instead of individual port numbers.

Valid values are:

• eport – This adds all active E_ports.

• fport – This adds all active F_ports.

name The name of the fencing policy.

portNumber The port number to add to the fencing policy,

or all, which will add all of the individual ports to the fencing policy. Valid values for the port number are:

0–11 for the Sphereon 4300 0–15 for the Sphereon 3016 0-15 for the Sphereon 4400 0–23 for the Sphereon 4500 0–31 for the Sphereon 3032 0–31 for the Sphereon 3232 0-31 for the Sphereon 4700 0–63 for the Intrepid 6064 0–127 and 132–143 for the Intrepid 6140

2-12

E/OS Command Line Interface User Manual

config

• flport – This adds all active F_Ports and FL_ports (This applies to Sphereon 4400, Sphereon 4300, Sphereon 4500 and Sphereon 4700 switches).

NOTE: A fencing policy can contain either port types or individual port numbers only.

Command Example Root> config fencing addPort 24

Root> config fencing addPort eport

config.fencing.deletePolicy

Syntax deletePolicy name

Purpose This command deletes the specified fencing policy. Only disabled

fencing policies can be deleted.

Parameters This command has one parameter:

Command Example

Root> config fencing deletePolicy Policy1

config.fencing.removePort

Syntax removePort name portNumber

Purpose This command removes a port from the specified fencing policy.

name The name of the fencing policy. You can also

enter all for this argument. This will delete all of the configured fencing policies.

CLI Commands

2-13

config

Parameters This command has two parameters:

Command Example

Root> config fencing removePort 24

config.fencing.setParams

Syntax setParams name typeNumber limit period

Purpose This command sets the type, limit, and period values for the specified

fencing policy.

name The name of the fencing policy.

portNumber The port number to remove from the fencing

policy, or all, which will remove all of the individual ports from the fencing policy.

2-14

E/OS Command Line Interface User Manual

config

Parameters This command has four parameters:

NOTE: The interval value is a fixed length amount of time. This interval is not a rolling window interval.

Command Example If ports 0, 1, or 2 have more than five protocol errors on a single port

within a period of 30 minutes, disable the offending port.

name The name of the fencing policy.

typeNumber This must be entered as a number that

corresponds to an entry in the table shown below.

limit The count of fencing violations that must

occur within the specified period in order for a port to be automatically disabled. Acceptable values are in the range of 1-255.

You may also enter default for this argument, which will set the default limit value for this fencing policy type.

period The number of seconds in which the violation

count must equal or exceed the threshold limit in order for a port to be fenced.

You may also enter default for this argument, which will set the default period for this fencing policy type.

Typ e Number

Policy Type Limit Value Range Period Value Range

1 Protocol Errors 5 300 seconds

Typ e Number

Policy Type Limit Value Range Period Value Range

1 Protocol Errors 1 - 255 60 - 1800 seconds

CLI Commands

2-15

config

Where:

Command Example

Root> Config fencing setParams abc 1 5 300

config.fencing.setState

Syntax setState name enabledState

Purpose This command enables or disables specified fencing policy. A policy

cannot be activated if it contains ports that are already controlled by a different fencing policy of the same type.

Parameters This command has two parameters:

Command Example

Root> config fencing setState enable

config.fencing.show

Syntax show name

Purpose This command displays the settings for fencing policies.

Parameters This command has one optional parameter:

Port list = 0, 1, 2

Fencing Type = Protocol Errors

Limit = 5

Period = 1800 seconds

name The name of the fencing policy.

enabledState Sets the fencing policy enabled state. Valid

values are enable and disable. Boolean 1 and 0 values may also be substituted.

name The name of the fencing policy.

2-16

E/OS Command Line Interface User Manual

config

When no parameters are specified, the command will display the name, type, and state of all policies. If the optional parameter is specified, it will display all the information about the policy.

NOTE: If the name parameter is not supplied, then only 50 characters of the policy name will be displayed. In such cases enable the Comma Delimited Mode to view the full name.

Command Example Root> config fencing show

Root> config fencing show Policy_1

Output If you do not specify the name parameter, then the output shows the

following information:

Output Example The output from the config.fencing.show command appears follows:

Name Type State

----------------------------------------------------Default Protocol Error Policy Protocol Error Disabled Policy_1 Protocol Error Disabled

The output from the config.fencing.show Policy_1 command appears as follows:

Name: Policy_1 Ports: E ports Type: Protocol Error Limit: 5

Name The name of the policy. This will be

concatenated to 50 characters in the summary display. You can view the policy full name in the comma delim mode.

Ports The ports to which the fencing policy will be

applied.

Type The type of the fencing policy.

Limit The number of offenses that are allowed

before a port is disabled.

Period The amount of time that limit of number of

offenses must exceed before a port is fenced.

State The enabled state of the fencing policy.

CLI Commands

2-17

config

Period: 300 seconds State: Disabled

config.fencing.showTypeTable

Syntax showTypeTable

Purpose This command displays the table of different fencing types that can

be assigned to a policy. This table is used for reference only.

Parameters This command has no parameters.

Command Example

Root> config fencing showTypeTable

Output Example The output from the config.fencing.showTypeTable command appears

as follows:

Number Fencing Policy Types

--------------------------------1 Protocol Error 2 Link Level Hot I/O 3 Security Violationss

config.ficonCUPZoning.addControlHost

Syntax addControlHost hostNodeWwn

Purpose This command adds a control host to the Control Host List used to

determine the FICON host(s) capable of viewing all ports. This list overrides the FCZ port visibility mask. The maximum entries in this list is 8.

Parameters This command has one parameter:

Command Example

Root> config ficonCUPZoning addControlHost 01:02:03:04: 05:06:07:08

hostNodeWwn The node World Wide Name (WWN) of the

desired control host, entered in colon-delimited notation (e.g., 01:02:03:04:05:06:07:08).

2-18

E/OS Command Line Interface User Manual

config

config.ficonCUPZoning.deleteControlHost

Syntax deleteControlHost hostNodeWwn

Purpose This command removes one or all control hosts from the Control

Host List used to determine the FICON host(s) capable of viewing all ports. This list overrides the FCZ port visibility mask.

Parameters This command has one parameter:

Command Example

Root> config ficonCUPZoning deleteControlHost all

config.ficonCUPZoning.setState

Syntax setState ficonCUPZoningState

Purpose This command enables or disables FICON CUP Zoning. The FICON

Management Server feature key must be installed in order to enable the FICON CUP Zoning State. (The Sphereon 4300 and Sphereon 4500 switches do not accept this command.)

NOTE: If the FICON Management Server is enabled, the default management style is the FICON Management Style. The Open Systems Management Style cannot be used.

Parameters This command has one parameter.

Command Example

Root> config ficonCUPZoning setState 1

hostNodeWwn The node WWN of the desired control host,

entered in colon-delimited notation (e.g., 01:02:03:04:05:06:07:08). You can also enter all to remove the entire list, if no attached hosts have supervisory privileges.

ficonCUPZoningState Specifies whether the FICON Management

Server is enabled. Valid values are enable and disable. Boolean 1 and 0 may be substituted as values.

CLI Commands

2-19

config

config.ficonCUPZoning.show

Syntax show

Purpose This command displays the contents of the host control list and the

enabled state of FICON CUP Zoning.

Parameters This command has no parameters.

Command Example

Root> config ficonCUPZoning show

Output The data is displayed as a table that includes the following

information:

Output Example The output from the config ficonCUPZoning show command appears

as follows:

FICON CUP Zoning State: Enabled

Host Control List

----------------------01:02:03:04:05:06:07:08 09:0A:0B:0C:0D:0E:0F:00

NOTE: The command show.ficonCUPZoning on page 2-185 has functionality that is identical to this command.

config.ficonMS.setMIHPTO

Synopsis setMIHPTO timeout

Purpose This command sets the FICON MS MIHPTO value in seconds. The

default value is 180 seconds (3 minutes).

Parameters This command has one parameter:

FICON CUP Zoning State

The enabled state of the FICON CUP Zoning feature.

Host Control List List of 0-8 control hosts, displays “empty” for

control host list with no members.

timeout Valid values are 15, 30, 45, 60, 120, 180, 240,

300, 360, 420, 480, 540, and 600.

2-20

E/OS Command Line Interface User Manual

config

Command Example Root> config ficonms setMIHPTO 180

config.ficonMS.setState

Syntax setState ficonMSState

Purpose This command enables or disables FICON Management Server. The

FICON Management Server feature key must be installed in order to enable the FICON Management Server State. (The Sphereon 4300 and Sphereon 4500 switches do not accept this command.)

NOTE: This command is displayed on a Sphereon 3016 only if the feature key is installed.

NOTE: If the FICON Management Server is enabled, the default management style is the FICON Management Style. The Open Systems Management Style cannot be used.

Parameters This command has one parameter:

Command Example

Root> config ficonMS setState 1

NOTE: The command config.features.ficonMS on page 2-7 has functionality that is identical to this command.

config.ficonMS.show

Syntax show

Purpose This command shows the FICON MS settings.

Parameters This command has no parameters.

Command Example

Root> config ficonMS show

ficonMSState Specifies whether the FICON Management

Server is enabled. Valid values are enable and disable. Boolean 1 and 0 may be substituted as values.

CLI Commands

2-21

config

Output The data is displayed as a table that includes the following

information:

Output Example The output from the config.ficonMS.show command appears as

follows:

Ficon MS State: Disabled Ficon MIHPTO (seconds): 180

config.ip.ethernet

Syntax ethernet ipAddress gatewayAddress subnetMask

Purpose This command sets the Ethernet network settings.

ATTENTION! The Telnet connection can be lost when these Ethernet network settings are changed.

NOTE: If the IP address is reconfigured, your Telnet client must be reconnected to the new IP address. A new login will be requested.

Parameters This command has three parameters:

Command Example

Root> config ip ethernet 10.0.0.0 0.0.0.0 255.0.0.0

Ficon MS State The state of the FICON MS feature.

Ficon MIHPTO The FICON MIHPTO value in seconds.

ipAddress Specifies the new IP address for the director or

switch. The address must be entered in dotted decimal format (for example, 10.0.0.0).

gatewayAddress Specifies the new gateway address for the

Ethernet interface. The address must be entered in dotted decimal format (for example, 0.0.0.0).

subnetMask Specifies the new subnet mask for the Ethernet

interface. The address must be entered in dotted decimal format (for example, 255.0.0.0).

2-22

E/OS Command Line Interface User Manual

config

config.ip.lineSpeed

Synopsis lineSpeed speed duplex

Purpose This command sets the Ethernet line speed.

Parameters This command has two parameters. One of the parameters is optional

depending on the combination.

Command Example

Root> config ip lineSpeed 10 half

config.ip.show

Syntax show

Purpose This command shows the LAN configuration.

Parameters This command has no parameters.

Command Example

Root> config ip show

Output The LAN configuration data is displayed as a table that includes the

following properties.

Output Example The output from the config.ip.show command appears as follows:

IP Address: 10.0.0.0 Gateway Address: 0.0.0.0 Subnet Mask: 255.0.0.0

speed The line speed. Options are auto, 10, or 100. If

auto is entered then the optional duplex

should not be entered.

duplex The duplex mode for the connection. Options

are full or half.

IP Address The IP address.

Gateway Address

The gateway address.

Subnet Mask The subnet mask.

CLI Commands

2-23

config

config.NPIV

N_Port ID Virtualization (NPIV) provides a FC facility for sharing a single physical N_Port among multiple N_Port IDs, thereby allowing multiple initiators, each with its own N_Port ID, to share the N_Port.

You can configure the number of allowed NPIV logins for a given port and enable or disable the feature.

Valid values for the Login Limit are 1 to 256. When the feature is enabled, NPIV number cannot be lowered if the NPIV devices have been logged in already. To enable NPIV, the Product Feature Enablement key has to be purchased from McDATA.

config.NPIV.maxPortIDs

Syntax maxPortIDs portNumber maxIDs

Purpose This command configures the maximum number of NPIV logins that

are allowed on the specified port.

Parameters This command has two parameters:

Command Example

Root> config NPIV maxPortIDs 128

Root> config NPIV portNumber 60

portNumber Specifies the port number. Valid values are:

every port on the product.

maxIDs Specifies the maximum number of NPIV

logins allowed on the specified port.Valid values are in the range 1-256.

2-24

E/OS Command Line Interface User Manual

config

config.NPIV.setState

Syntax setState NPIVEnabledState

Purpose This command sets enabled state of the NPIV feature. The NPIV

feature key must be installed in order to enable this feature.

Parameters This command has one parameter:

Command Example

Root> config NPIV setState enable

config.NPIV.show

Syntax show

Purpose This command displays the current NPIV configuration for all ports.

Parameters This command has no parameters.

Command Example

Root> config NPIV show

Output This command displays the following NPIV configuration data:

Output Example The output from the config.NPIV.show command appears as follows:

NPIV state:Enabled Port Max Allowed NPIV Logins

---------------------------

110 210 310 40 50

NPIVEnabledState This parameter can be set to enable or disable.

Boolean 1 and 0 values may also be substituted.

NPIV state The current enabled/disabled state of the NPIV

feature.

Max Allowed NPIV Login Table. A table mapping each port

number on the switch to a corresponding max number of NPIV logins setting.

CLI Commands

2-25

config

6 130 ...

NOTE: The command show.NPIV.config on page 2-193 has functionality that is the same as this command.

config.openSysMS.setHostCtrlState

Syntax setHostCtrlState HostContrlState

Purpose This command enables or disables Open Systems Management

Server (OSMS) Host Control.

Parameters This command has one parameter:

Command Example

Root> config openSysMS setHostCtrlState enable

config.openSysMS.setState

Syntax setState osmsState

Purpose This command enables or disables Open Systems Management

Server (OSMS) feature. OSMS is a feature that allows host control and inband management of the switch or director through a management application that resides on an open-systems interconnection (OSI) device.

Parameters This command has one parameter.

Command Example

Root> config openSysMS setState 1

HostContrlState This parameter can be set to enable or disable.

Boolean 1 and 0 values may also be substituted.

osmsState Specifies whether the Open Systems

Management Server is enabled. Valid values are enable and disable. Boolean 1 and 0 may be substituted as values.

2-26

E/OS Command Line Interface User Manual

config

NOTE: The command config.features.openSysMS on page 2-8 has functionality that is identical to this command.

config.port.blocked

Syntax blocked portNumber blockedState

Purpose This command sets the blocked state for a port.

Parameters This command has two required parameters:

Command Examples

Root> config port blocked 4 false

Root> config port blocked 4 0

config.port.fan

Syntax fan portNumber fanState

Purpose This command sets the fabric address notification (FAN) state for a

port (Sphereon 4300 and Sphereon 4500 switches only). This configuration can be applied to any port regardless of its current configuration. The FAN value is applied at the time the port is configured and operated in a loop.

portNumber Specifies the port number. Valid values are:

blockedState Specifies the blocked state for the port. Valid

values are true and false. Boolean 1 and 0 may be substituted as values.

CLI Commands

2-27

config

Parameters This command has two required parameters:

Command Example

Root> config port fan 4 1

config.port.name

Syntax name portNumber portName

Purpose This command sets the name for a port.

Parameters This command has two required parameters:

Command Example

Root> config port name 4 Sam’s tape drive

portNumber Specifies the port number. Valid values are:

0–11 for the Sphereon 4300 0-15 for the Sphereon 4400 0–23 for the Sphereon 4500 0–31 for the Sphereon 3232 0-31 for the Sphereon 4700

fanState Specifies the FAN state for the port. Valid

values are true and false. Boolean 1 and 0 may be substituted as values.

portNumber Specifies the port number. Valid values are:

portName Specifies the name for the port. The port name

must not exceed 24 characters in length.

2-28

E/OS Command Line Interface User Manual

config

config.port.rxCredits

Syntax rxCredits PortNumber RxCredits

Purpose This command is used to set the number of initial BB_Credits for a

given port. The number of credits assigned must fall between the minimum and maximum allowed values for the port.

Parameters This command has two required parameters:

Command Example

Root> config port rxCredits 8 40

config.port.show

Syntax show portNumber

Purpose This command displays the current configuration for the specified

port.

portNumber Specifies the port number. Valid values are:

numBBCredits Specifies the number of Rx BB_Credits to

assign the specified port. For the Sphereon 4300 and Sphereon 4500 the

RxCredits per port must be between 2 and 12. The total number of Rx Credits assigned across all ports must not exceed the maximum pool size of 150.

For the Intrepid family, the RxCredits per FPM/UPM port must be between 1 and 60. The RxCredits per XPM port must be between 4 and 400. There is no pool limitation.

CLI Commands

2-29

config

Parameters This command has one parameter:

Command Example

Root> config port show 4

Output This command output appears as a table that includes the following

properties:

Output Example The output from the config.port.show command appears as follows:

portNumber Specifies the port number. Valid values are:

Port Number The port number.

Name The configured port name.

Blocked The blocked state. Valid values are true and false.

FAN The fabric address notification (FAN) state. Valid

values are true and false. (Sphereon 4300 and Sphereon 4500 switches only.)

Type The port type. Valid values are:

•F Port

•E Port

•G Port

• Fx Port (Sphereon 4300 and Sphereon 4500 only)

• Gx Port (Sphereon 4300 and Sphereon 4500 only)

Speed The port speed. Valid values are 1 Gb/sec, 2 Gb/sec,

and Negotiate.

Rx BB_Credits The number of configured Rx BB_Credits.

2-30

E/OS Command Line Interface User Manual

config

Port Number: 4 Name: Sam’s tape drive Blocked: false Type: F Port Speed: 2 Gb/sec Rx BB_Credits: 12

config.port.showPortAddr

Syntax showPortAddr

Purpose This command displays the port address configuration for all ports.

NOTE: The command show.port.showPortAddr on page 2-210 has functionality that is the same as this command.

Parameters This command has no parameters.

Command Example

Root> config port showPortAddr

Output The port configuration is shown as a table of properties. The

following properties are displayed:

Output Example

Port Original Addr Current Addr SwappedPort Num

---- ------------- ------------ ---------------04 4 15 5 26 7 3 37 6 2 48 8 59 9 6a a 7b b 8c c ...

Port The port number.

Original Addr The original port address of the port.

Current Addr The current port address of the port.

Swapped Port Num If the port is swapped with another port,

it will show the port number of the port it is swapped with.

CLI Commands

2-31

config

config.port.showCredits

Syntax showCredits

Purpose This command shows the BB_Credit Pool information.

Parameters This command has no parameters.

Command Example

Root> config port showCredits

Output This command displays the BB_Credit data:

Output Example

Config.Port> showCredits Pool Total Allocated Available Ports

------ ----- --------- --------- ----Pool 1 252 190 62 0-3,8-11,16-19,24-27 Pool 2 252 80 172 4-7,12-15,20-23,28-31

Config.Port> showCredits Pool Total Allocated Available Ports

------ ----- --------- --------- ----Pool 1 150 100 50 0-23

Pool The BB_Credit pool. Possible values:

Sphereon 4300 - Pool 0 Sphereon 4400 - Pool 0 Sphereon 4500 - Pool 0 Sphereon 4700 - Pool 0 and Pool 1

Total The total number of BB_Credits that this

pool contains.

Allocated The number of BB_Credits that are

currently allocated to ports.

Available The number of BB_Credits that are

currently available to allocate to ports.

Ports A list of port numbers that belong to the

pool.

2-32

E/OS Command Line Interface User Manual

config

config.port.speed

Syntax speed portNumber portSpeed

Purpose This command sets the speed for a port. A port can be configured to

operate at 1 Gb/sec, 2 Gb/sec, 4Gb/sec, or a negotiated speed. The port speed can be set only to 1 Gb/sec, if the switch speed is 1 Gb/sec. An attempt to set the port speed to 2 Gb/sec or to negotiate in a switch with a 1 Gb/sec switch speed results in an error message.

If the port speed is set to negotiate, the port and the device to which it is attached negotiate the data speed setting to either 1 Gb/sec or 2 Gb/sec.

ATTENTION! Port speed changes temporarily disrupt port data transfers.

Parameters This command has two required parameters:

Command Examples

Root> config port speed 4 2g

Root> config port speed 6 negotiate

config.port.swapPortByAddr

Syntax swapPortByAddr portAddr1 portAddr2

Purpose This command will swap two ports given the port addresses. The

ports must be offline to perform this operation.

portNumber Specifies the port number. Valid values are:

0–11 for the Sphereon 4300 0–15 for the Sphereon 3016 0-15 for the Sphereon 4400 0–23 for the Sphereon 4500 0–31 for the Sphereon 3032 0-31 for the Sphereon 4700 0–63 for the Intrepid 6064 0–127 and 132–143 for the Intrepid 6140

portSpeed Specifies the speed of the port. Valid values are

1g, 2g, 4g and negotiate.

CLI Commands

2-33

config

Parameters This command has two required parameters:

Command Example

Root> config port swapPortByAddr 1e 1f

config.port.swapPortByNum

Syntax swapPortByNum portNum1 portNum2

Purpose This command will swap two ports given the port numbers. The

ports must be offline to perform this operation.

Parameters This command has two required parameters:

Command Example

Root> config port swapPortByAddr 1e 1f

config.port.type

Syntax type portNumber portType

Purpose This command sets the allowed type for a port.

A port can be configured as an F_Port, an E_Port, or a G_Port. On a Sphereon 4300 or Sphereon 4500, a port can also be an Fx_port or Gx_port.

NOTE: On the Sphereon 4300 Switch, the E_Port, G_Port, and GX_Port options are not valid unless the Fabric Capable feature is enabled. For more information, see the McDATA Sphereon 4300 Switch Installation and Service Manual (620-000171).

portAddr1 Port address, in hexidecimal format, of the

desired port to be swapped.

portAddr2 Port address, in hexidecimal format, of the

desired port to be swapped.

portNum1 Port number, in hexidecimal format, of the

desired port to be swapped.

portNum2 Port number, in hexidecimal format, of the

desired port to be swapped.

2-34

E/OS Command Line Interface User Manual

config

The port configurations function as follows:

• F_Port—cannot be used as an interswitch link, but may attach to a device with an N_Port.

• E_Port—only other switches may attach to this type of port.

• G_Port—either a device or another switch may attach to this type of port.

• Fx_Port — allows Arbitrated Loop operation in addition to the functionality of an F_Port. (Sphereon 4300 and Sphereon 4500 only.)

• Gx_Port—allows Arbitrated Loop operation in addition to the functionality of an F_Port or an E_Port. (Sphereon 4300 and Sphereon 4500 only.)

Parameters This command has two required parameters:

Command Example

Root> config port type 4 fport

config.security

The security command on the configuration branch enters the security configuration branch. All commands under this branch operate on a particular security attribute.

portNumber Specifies the port number. Valid values are:

portType Specifies the type of the port. Valid values for the

port type are:

eport fport gport fxport (Sphereon 4300 and Sphereon 4500 only) gxport (Sphereon 4300 and Sphereon 4500 only)

CLI Commands

2-35

config

Some security configuration commands (namely those under the fabricBinding branch) are different from other CLI commands in that they are not single action commands that take effect immediately. These commands implement a rudimentary membership list editor.

A user works on a temporary copy of a membership list in the editor and can perform actions such as adding or deleting fabric members. The edited copy can then be activated to the fabric.

It should be noted that not all verification of membership lists can be made in the pending copy. Therefore, it is possible that a user will build up a pending membership list definition without errors, but will encounter errors when saving to the fabric. It should also be noted that the state of the pending configuration must be set to restrict in order to make any changes to the (pending) fabric membership list.

config.security.authentication.interface.api.outgoing

Syntax outgoing enabledState

Purpose This command determines if outgoing CHAP authentication is used

on all API sessions. If this is enabled, the switch will issue a CHAP challenge to authenticate all new API connections.

Parameters This command has one parameter:

Command Example

Root> config security authentication interface api outgoing enable

config.security.authentication.interface.api.sequence

Syntax sequence method1 [method2]

Purpose This command sets the sequence that the API interface will use to

authenticate. When the preferred method cannot be contacted, the backup method will be used to authenticate the API session.

enabledState This parameter enables and disables

outgoing CHAP authentication for API sessions. Valid values for this parameter are enable or disable. Boolean 1 and 0 values may also be substituted.

2-36

E/OS Command Line Interface User Manual

config

Parameters This command has one required parameter, and one optional

parameter:

NOTE: A preferred method of local and a backup method of RADIUS is not an accepted combination because the local method can always be contacted.

Command Example Root> config security authentication interface api

sequence RADIUS local

config.security.authentication.interface.cli.sequence

Syntax sequence method1 [method2]

Purpose This command sets the sequence that the CLI interface will use to

authenticate. When the preferred method cannot be contacted, the backup method will be used to authenticate the CLI login.

Parameters This command has one required parameter, and one optional

parameter:

NOTE: A preferred method of local and a backup method of RADIUS is not an accepted combination because the local method can always be contacted.

method1 This sets the preferred method of

authentication. Accepted values are local or

RADIUS.

method2 This optional parameter sets the backup

method of authentication. This backup method is used when the preferred method cannot be contacted. Accepted value is local.

method1 This sets the preferred method of

authentication for the CLI interface. Accepted values are local or RADIUS.

method2 This optional parameter sets the backup

method of authentication for the CLI interface. This backup method is used when the preferred method cannot be contacted. Accepted value is local.

CLI Commands

2-37

config

Command Example Root> config security authentication interface cli

sequence RADIUS local

config.security.authentication.interface.eport.outgoing

Syntax outgoing enabledState

Purpose This command determines if outgoing CHAP authentication is used

on E_Port connections. If this is enabled, the switch will issue a CHAP challenge to authenticate the remote end of the ISL.

NOTE: This command requires that the SANtegrity Authentication feature key be installed.

Parameters This command has one parameter:

Command Example

Root> config security authentication interface eport outgoing disable

config.security.authentication.interface.eport.sequence

Syntax sequence method1 [method2]

Purpose This command sets the sequence that the E_Port interface will use to

authenticate. When the preferred method cannot be contacted, the backup method will be used to authenticate the remote end of the ISL.

NOTE: This command requires that the SANtegrity Authentication feature key be installed.

enabledState This parameter enables and disables

outgoing CHAP authentication on all ISLs. Accepted values for this parameter are enable or disable. Boolean 1 and 0 values may also be substituted.

2-38

E/OS Command Line Interface User Manual

config

Parameters This command has one required parameter, and one optional

parameter:

NOTE: A preferred method of local and a backup method of RADIUS is not an accepted combination because the local method can always be contacted.

Command Example Root> config security authentication interface eport

sequence RADIUS local

config.security.authentication.interface.nport.outgoing

Syntax outgoing enabledState

Purpose This command determines if outgoing CHAP authentication is used

on N port connections. If this is enabled, the switch will issue a CHAP challenge to authenticate the remote device.

NOTE: This command requires that the SANtegrity Authentication feature key be installed.

Parameters This command has one parameter:

Command Example

Root> config security authentication interface eport outgoing disable

method1 This sets the preferred method of

authentication. Accepted values are local or

RADIUS.

method2 This optional parameter sets the backup

method of authentication. This backup method is used when the preferred method cannot be contacted. Accepted value is local.

enabledState This parameter enables and disables

outgoing CHAP authentication on all ISLs. Accepted values for this parameter are enable or disable. Boolean 1 and 0 values may also be substituted.

CLI Commands

2-39

config

config.security.authentication.interface.nport.sequence

Syntax sequence method1 [method2]

Purpose This command sets the sequence that the N_Port interface will use to

authenticate. When the preferred method cannot be contacted, the backup method will be used to authenticate the remote end of the ISL.

NOTE: This command requires that the SANtegrity Authentication feature key be installed.

Parameters This command has one required parameter, and one optional

parameter:

NOTE: A preferred method of local and a backup method of RADIUS is not an accepted combination because the local method can always be contacted.

Command Example Root> config security authentication interface nport

sequence RADIUS local

config.security.authentication.interface.osms.outgoing

Syntax outgoing enabledState

Purpose This command determines if outgoing authentication is used on all

OSMS requests. The OSMS key must be configured prior to setting the outgoing state to enabled.

method1 This sets the preferred method of

authentication. Accepted values are local or

RADIUS.

method2 This optional parameter sets the backup

method of authentication. This backup method is used when the preferred method cannot be contacted. Accepted value is local.

2-40

E/OS Command Line Interface User Manual

config

NOTE: The SANtegrity Authentication feature key must be installed to configure the OSMS outgoing state.

Parameters This command has one parameter:

Command Example

Root> config security authentication interface osms outgoing 1

config.security.authentication.interface.osms.setKey

Syntax setKey

Purpose This command sets the FCCT key that is associated to the single

OSMS username. This username is a static entry in the local authentication database. This user is not viewable. This command effectively sets the key that will be used in all OSMS authenticated requests. This entry in the user database is only used for the OSMS interface, and cannot be changed.

After issuing this command, you are directed to a password prompt where the actual 16-byte key is entered. After entering the new secret, it must be confirmed in the following prompt. After confirmation, you will be returned to the initial prompt that the command was executed from. No characters will be echoed back to the screen when entering a password, or when confirming a password.

NOTE: The SANtegrity Authentication feature key must be installed to configure the FCCT key.

Parameters This command has no required parameters.

Command Example

Root> config security authentication interface osms setKey

enabledState This parameter enables and disables FCCT

authentication. Accepted values for this parameter are enable or disable. Boolean 1 and 0 values may also be substituted.

CLI Commands

2-41

config

config.security.authentication.interface.serial.enhancedAuth

Syntax enhancedAuth enhancedAuthState

Purpose This command sets the enhanced serial authentication state.

Enhanced Serial Authentication will require a user to enter a password when gaining access to the serial port interface.

Parameters This command has one parameter:

Command Example

Root> config security authentication serial enhancedAuth enable

config.security.authentication.interface.show

Syntax show interface

Purpose This command displays the settings in the local authentication

database for a single interface.

NOTE: The SANtegrity Authentication feature key must be installed to view the eport and nport information, and the OSMS information.

Parameters This command has one parameter:

enhancedAuthState This parameter enables and disables

enhanced authentication on the serial port interface. Accepted values for this parameter are enable or disable. Boolean 1 and 0 values may also be substituted.

interface The interface that will be displayed. Valid

values for this parameter are:

cli web osms api serial eport nport

2-42

E/OS Command Line Interface User Manual

config

Command Example Root> config security authentication interface show Web

Output Example The output for the config.security.authentication.interface.show

command appears as follows:

Interface: Web Outgoing: N/A Incoming: N/A Sequence: Local, RADIUS

config.security.authentication.interface.web.sequence

Syntax sequence method1 [method2]

Purpose This command sets the sequence that the web interface will use to

authenticate. When the preferred method cannot be contacted, the backup method will be used to authenticate the web login.

Parameters This command has one required parameter, and one optional

parameter:

NOTE: A preferred method of local and a backup method of RADIUS is not an accepted combination because the local method can always be contacted.

Command Example Root> config security authentication interface cli

sequence RADIUS local

config.security.authentication.port.override

Syntax override portNumber [overrideState]

Purpose This command sets the outgoing override state for a single port. This

setting allows you to override the default outgoing authentication

method1 This sets the preferred method of

authentication for the CLI interface. Accepted values are local or RADIUS.

method2 This optional parameter sets the backup

method of authentication for the CLI interface. This backup method is used when the preferred method cannot be contacted. Accepted value is local.

CLI Commands

2-43

config

state for either the E_Port or N_Port interface. The default setting will cause the port to use the outgoing state configure for the corresponding interface (either E_Port or N_Port).

NOTE: This command requires that the SANtegrity Authentication feature key be installed.

Parameters This command has one required parameter, and one optional

parameter:

Command Example

Root> config security authentication port override 138 enable

config.security.authentication.port.show

Syntax show

Purpose This command displays a table displaying the outgoing override

state for each port.

Parameters This command has no parameters.

Command Example

Root> config security authentication port show

portNumber Specifies the port number. Valid values are:

0–11 for the Sphereon 4300 0–15 for the Sphereon 3016 and 3216 0-15 for the Sphereon 4400 0–23 for the Sphereon 4500 0–31 for the Sphereon 3032 and 3232 0-31 for the Sphereon 4700 0–63 for the Intrepid 6064 0–127 and 132–143 for the Intrepid 6140

overrideState This parameter sets the outgoing

authentication state for the specified port. Valid values are enable, disable, or default. Boolean 1 and 0 values may also be substituted.

2-44

E/OS Command Line Interface User Manual

config

Output This command displays all valid user names in the local database for

the specified interface.

Output Example The output for the config.security.authentication.port.show command

appears as follows:

Port Override State

---- --------------

0 Default 1 Default 2 Enable 3 Default 4 Disable

config.security.authentication.RADIUS.attempts

syntax attempts index attempts

Purpose This command configures the number of attempts a packet will be

sent to a RADIUS server if a response is not received before the timeout. After the transmit attempt limit is reached, the switch will, if applicable, move on to the next defined RADIUS server. The default is three attempts.

Parameters This command has two required parameters:

Command Example

Root> config security authentication RADIUS attempts 3 20

config.security.authentication.RADIUS.deadtime

Syntax deadtime minutes

Port The port number.

Override State The outgoing authentication override state.

index Index of the RADIUS sever (1-3) to change

the transmit attempts value.

attempts The number of transmit attempts. Valid

values are between 1 and 100.

CLI Commands

2-45

config

Purpose This command configures the number of minutes a RADIUS server is

marked as “dead”. If a RADIUS server does not respond to an authentication request, it can be marked as “dead” for a specified time interval. This may speed up authentication by eliminating timeouts and retransmissions. If no alternate RADIUS servers are available (when only one server is configured or when all are marked dead), then the deadtime is ignored. Deadtime may be 0 to 1440 minutes. The default is 0.

Parameters This command has one required parameter:

Command Example

Root> config security authentication RADIUS deadtime 120

config.security.authentication.RADIUS.deleteServer

Syntax deleteServer index

Purpose This command removes a RADIUS server from the RADIUS server

list. If you delete a server, and there are servers configured in higher numbered slots, these servers will be automatically moved up to the first available slots.

Parameters This command has one required parameter:

Command Example

Root> config security authentication RADIUS deleteServer 3

config.security.authentication.RADIUS.server

Syntax server index [IP:port]

Purpose This command adds or modifies one RADIUS server at a given index

that will be used for authentication. Servers are queried in the order listed so the primary server must be the first one in the list.

minutes The number of minutes a RADIUS server is

marked “dead” before it is contacted again. Valid values are between 0 and 1440.

index Index of the server to be removed.

2-46

E/OS Command Line Interface User Manual

config

There are three slots available for RADIUS servers. Servers will be added into the list by the index value. The range is 1 to 3. If a server is added and there is an empty slot before that server, it will be shifted up to the empty slot. The IP:port is the IP address and the UDP port on the RADIUS server.

NOTE: If you want to configure a RADIUS server without a key, you must specify the key as "". The set of double quotes is an empty string in the CLI.

Parameters This command has one required parameter, and two optional

parameters:

Command Example

Root> config security authentication RADIUS server 3

14.2.114.183:6

config.security.authentication.RADIUS.show

Syntax show

Purpose This command displays the current RADIUS server configuration.

Parameters This command has no parameters.

Command Example

Root> config security authentication RADIUS show

Output This command displays all three configured RADIUS servers.

index Index of the RADIUS server (1-3) to add or

modify.

IP IP address of the server.

port The UDP port number.

Deadtime The amount of time a server is marked as

“dead”.

Server The IP address and UDP port of the

configured RADIUS server.

Attempts The number of transmit attempts.

Timeout The timeout value for a server in seconds.

CLI Commands

2-47

config

Output Example The output for the config.security.authentication.RADIUS.show

command appears as follows:

Deadtime: 0

Index IP Address Port Attempts Timeout

----- ------------- ---- ---------- ------1 1.1.1.1 1111 3 2 2 2.2.2.2 2222 3 2 3

config.security.authentication.RADIUS.timeout

Syntax timeout index seconds

Purpose This command configures the number of seconds to wait for a

response from the RADIUS server before retransmitting a packet. The default is 4 seconds.

Parameters This command has two required parameters:

Command Example

Root> config security authentication RADIUS timeout 3 360

config.security.authentication.switch.setSecret

Syntax SetSecret

Purpose This command sets the CHAP secret that is associated with the

switch. This command effectively sets the secret for the local WWN username in the local authentication user database. The switch secret is used for all incoming CHAP challenges on the E_Port and N_Port interfaces.

After issuing this command, you are directed to a “password” prompt where the actual 16-byte secret is entered. After entering the new secret, it must be confirmed in the following prompt. After confirmation, you are returned to the initial prompt that the

index Index of the RADIUS sever (1-3) to change

the timeout value.

seconds The number of seconds before the RADIUS

server retransmits. Valid values are between 1 and 1000.

2-48

E/OS Command Line Interface User Manual

config

command was executed from. No characters will be echoed back to the screen when entering a password, or when confirming a password. See Passwords and Secrets on page 1-15 for valid characters.

NOTE: The SANtegrity Authentication feature key must be installed to configure switch secret.

Parameters This command has no required parameters.

Command Example

Root> config security authentication switch setSecret

config.security.authentication.user

One of the fundamental concepts of the authentication portion of the CLI is that all secured interfaces have interchangeable users that are stored in a single local authentication user database. In the past, CLI supported authorization for only two username/password pairs (one Administrator-level and another Operator-level). These two username/password pairs were also unique to the CLI interface.

The present CLI lets you configure multiple users for their own interface, as well as for other management entities and FC connections. For this reason, the security.userrights branch of commands has been removed from the command tree.

config.security.authentication.user.add

Syntax add username interface1 [interface2]

Purpose This command adds a new user to the local authentication database.

Each user can be assigned a combination of interfaces that will authenticate the new username/password combination.

After executing this command, the user will be moved to a new password prompt where the user will enter a password; the password must then be confirmed in next prompt. After confirming the new password, the user will be returned to the initial prompt. No characters will be echoed back to the screen when entering a password, or when confirming a password.

All new users will be assigned a role of “none”; a subsequent “role” command must be executed to assign a role. Web and CLI users must be assigned a role before they can access the CLI or web interfaces.

CLI Commands

2-49

config

NOTE: The SANtegrity Authentication feature key must be installed to configure E_port and N_port usernames.

Parameters This command has two required parameters and an additional

interface parameter before the password parameter at the prompt after the command.

NOTE: Currently the only possible combination of multiple interfaces is Web and CLI.

username The new user name that will be added to the

local authentication database. If the entered user name already exists in the user database, an error will be shown. This parameter can be from 1-23 characters in length for an API, Web, or CLI username.

E_Port and N_Port usernames must be entered as a standard colon-delimited WWN. All characters in the printable USASCII character set are valid with the exception of spaces, single quotes, and double quotes.

interfaces This is a list of interfaces that will be assigned

to the associated username. Accepted values for this parameter are:

cli web api eport nport

password Sets the password for the new login

username. This parameter can be from 1-24 characters in length for a Web or CLI password. CHAP secrets and FCCT keys must be exactly 16 bytes long for API, OSMS, E_Port, and N_Port interfaces. This parameter will not be echoed to the screen. See Passwords and Secrets on page 1-15 for valid characters.

2-50

E/OS Command Line Interface User Manual

config

Command Example Root> config security authentication user add

01:2A:3f:4:5:0:0 eport

config.security.authentication.user.delete

Syntax delete username

Purpose This command deletes an entry from the local authentication

database. Both the Web and CLI interfaces must have at least one valid username with an “Administrator” role.

Parameters This command has one parameter:

Command Example

Root> config security authentication user delete 01:2A:3f:4:5:0:0

config.security.authentication.user.modify

Syntax modify username interface1 [interface2]

Purpose This command modifies an existing user in the local authentication

database. The user password and the combination of interfaces can be modified with this command. After executing this command, you are prompted to enter a password, similar to behavior of the user.add command.

The role of a user will remain the same unless the currently assigned role is invalid for the new combination of interfaces. If the role is no longer valid for an interface combination, the role will be changed back to “none”. At least one username with an “Administrator” role must exist in the user database at all times for both the web and CLI interfaces.

NOTE: The SANtegrity Authentication feature key must be installed to configure E_port and N_port usernames.

username A valid user name in the local authentication

database.

CLI Commands

2-51

config

Parameters This command has two required parameters and an additional

interface parameter before the password parameter at the prompt after the command:

NOTE: Currently the only possible combination of multiple interfaces is (Web and CLI) or (E_port or N_port).

Command Example Root> config security authentication user modify

01:2A:3f:4:5:0:0 nport

config.security.authentication.user.role

Syntax role username privilegeLevel

username The existing user name whose fields will be

modified in the local authentication database. If the entered user name does not exist in the user database, an error will be shown. This parameter can be from 1-23 characters in length for an API, web or CLI user name.

E_Port and N_Port user names must be entered as a standard colon-delimited WWN. All characters in the printable USASCII character set are valid with the exception of spaces, single quotes, and double quotes.

interfaces This is a list of interfaces that will be assigned

to the associated user name. Accepted values for this parameter are:

cli web api eport nport.

password Sets the password for the existing username.

This parameter can be from 1-24 characters in length for a Web or CLI user name. CHAP secrets must be exactly 16 bytes long for API, OSMS, E_Port, and N_Port interfaces. This parameter will not be echoed to the screen. See Passwords and Secrets on page 1-15 for valid characters.

2-52

E/OS Command Line Interface User Manual

config

Purpose This command sets the role value associated to an existing user name.

The role value can either be set to an administrator or an operator. This value defaults to “none” when the user is first added to the database. This value must be changed for all new CLI and web users before they will be allowed access to their respective interfaces.

Parameters This command has two required parameters:

Command Example

Root> config security authentication user role 01:2A:3f:4:5:0:0 administrator

config.security.authentication.user.show

Syntax show interface

Purpose This command displays a single interface from the local

authentication database.

Parameters This command has one optional parameter:

Command Example

Root> config security authentication user show web

Output Example The output for the config.security.authentication.user.show command

appears as follows:

Interface: Web Username Interfaces Role

username A valid web or CLI username in the local

authentication database.

privilegeLevel This parameter assigns the privilege level to a

username. Currently only Web and CLI users can be assigned a role value. This parameter must be either administrator or operator.

interface The interface that will be displayed. Accepted

values for this parameter are:

cli web api eport nport.

CLI Commands

2-53

config

----------- ----------- ------------johndoe_1223 Web,CLI Administrator ewsOperator Web Operator Operator Web,CLI Operator

config.security.fabricBinding

Fabric Binding functionality provided by the SANtegrity Binding feature allows you to bind the switch or director to specified fabrics so that it can communicate only with those fabrics included in the Fabric Binding Membership List (FBML). This provides security from accidental fabric merges and potential fabric disruption when fabrics become segmented because they cannot merge.

Fabric Binding

Commands

The config.security.fabricBinding commands function in a different way from most CLI commands, which are single action commands that take effect immediately. Most of the Fabric Binding commands affect a temporary copy of an FBML in the work area called the Pending FBML. When this temporary copy is activated to the fabric, it is called the Active FBML.

ATTENTION! The EFCM Basic interface can change Fabric Binding status and FBMLs if it is used at the same time as the CLI.

Because not all the verification of the Pending FBML can occur on the temporary copy in the work area, it is possible, however unlikely, that the copy of the list encounters no errors until the list is activated to the fabric.

NOTE: A Sphereon 4300 Switch cannot participate in a fabric, unless the Fabric Capable feature is enabled. For more information, see the McDATA Sphereon 4300 Switch Installation and Service Manual (620-000171).

Fabric Binding

Membership

Terminology

Two types of FBMLs are configured using the CLI:

• Active FBML: When fabric binding is active, the active FBML is the list of fabric members with which the product is allowed to communicate. If fabric binding is disabled, this list is empty.

• Pending FBML: A list used to configure an FBML before it is made active on the director or switch. Changes to the pending FBML are not implemented in the fabric until they are saved and activated using the config.security.fabricBinding.activatePending command as documented on page 2-54.

2-54

E/OS Command Line Interface User Manual

config

The following terms apply to the switches and directors that are part of the FBMLs:

• Local: The switch or director that you are configuring. This is a required FBML member.

• Attached: A switch or director that is currently in a fabric with the local switch or director. Any switch and director that is attached to the local switch or director is a required FBML member.

• Unattached: A switch or director that is not currently in a fabric with the local switch or director. These switches and directors are unattached if they have been added manually to the pending FBML, or if they are segmented from the local fabric.

Enable/Disable and

Online State Functions

In order for Fabric Binding to function, specific operating parameters and optional features must be enabled. Also, there are specific requirements for disabling these parameters and features when the switch or director is offline or online. Be aware of the following:

• Because switches are bound to a fabric by World Wide Name (WWN) and domain ID, the Insistent Domain ID is automatically enabled if Fabric Binding is enabled. If Fabric Binding is enabled and the switch or director is online, you cannot disable Insistent Domain ID.

• If Fabric Binding is enabled and the director is offline, you can disable Insistent Domain ID, but this will also disable Fabric Binding.

• You cannot disable Fabric Binding if Enterprise Fabric Mode is enabled. However, if Enterprise Fabric Mode is disabled, you can disable Fabric Binding.

NOTE: Fabric Binding can be disabled when the switch is offline.

config.security.fabricBinding.activatePending

Syntax activatePending

Purpose This command activates the fabric binding configuration contained in

the pending work area to the fabric. The Pending FBML becomes the Active FBML, and fabric binding is made functional.

CLI Commands

2-55

config

NOTE: This command takes effect immediately. The CLI verifies the list before activating it to the fabric.

Parameters This command has no parameters.

Command Example

Root> config security fabricBinding activatePending

config.security.fabricbinding.addAttachedMembers

Syntax addAttachedMembers

Purpose This command adds all the current members of the fabric to the

Pending FBML. If the domain ID or WWN of a fabric member already exists in the list, it is not added.

Parameters This command has no parameters.

Command Example

Root> config security fabricbinding addAttachedMembers

config.security.fabricBinding.addMember

Syntax addMember wwn domainId

Purpose This command adds a new member to the Pending FBML in the

fabric binding work area, called the Pending FBML. The number of entries is limited to the maximum available domain IDs for the fabric, which is 239.

NOTE: Changes from this command are not activated to the fabric until the activatePending command is issued.

Parameters This command has two parameters:

wwn Specifies the world wide name (WWN) of the

member to be added to the Pending FBML. The value of the WWN must be in colon-delimited hexadecimal notation (for example, AA:00:AA:00:AA:00:AA:00).

domainId The domain ID of the member to be added to

the Pending FBML. Valid domain IDs range from 1 to 239.

2-56

E/OS Command Line Interface User Manual

config

Command Example Root> config security fabricBinding addMember

AA:99:23:23:08:14:88:C1 2

config.security.fabricBinding.clearMemList

Syntax clearMemList

Purpose This command clears the Pending FBML in the working area.

Members that are attached remain in the list because the Pending FBML must contain all attached members to become active.

NOTE: This information is not saved to the fabric until the activatePending command is issued. When the list is cleared, the CLI automatically adds the managed switch to the Pending FBML.

Parameters This command has no parameters.

Command Example

Root> config security fabricBinding clearMemList

config.security.fabricbinding.deactivateFabBind

Syntax deactivateFabBind

Purpose This command deactivates the active FBML on the fabric. The Active

FBML is erased when this command is executed.

NOTE: This command takes effect immediately in the fabric.

Parameters This command has no parameters.

Command Example

Root> config security fabricbinding deactivateFabBind

McDATA 316095-B21 User Manual

Specifications and Main Features

Frequently Asked Questions

User Manual