McDATA Enterprise Operating System User Manual

Download

Enterprise Operating System

Command Line Interface

User Manual

P/N 620-000134-720

REV A

Record of Revisions and Updates

Revision Date Description

620-000134-000 11/2001 Initial release of Manual 620-000134-100 05/2002 Updates for E/OS 2.0 620-000134-200 08/2002 Updates for E/OS 3.0 620-000134-300 09/2002 Updates for E/OS 4.0 620-000134-400 10/2002 Updates for E/OS 4.1 620-000134-500 10/2002 Updates for E/OS 4.1 CD-ROM final 620-000134-600 2/2003 Updates for E/OS 5.1 and EFCM 7.1 620-000134-601 7/2003 Updates for E/OS 5.5 620-000134-700 10/2003 Updates for E/OS 6.0 620-000134-710 12/2003 Updates for E/OS 6.1 620-000134-720 6/2004 Updates for E/OS 6.2 620-000134-730 01/2005 Updates for E/OS 7.0

Printed December 2004 First Edition

No part of this publication may be reproduced or distributed in any form or by any means, or stored in a database or retrieval system, without the prior written consent of McDATA Corporation. The information contained in this document is subject to change without notice. McDATA Corporation assumes no responsibility for any errors that may appear.

All computer software programs, including but not limited to microcode, described in this document are furnished under a license, and may be used or copied only in accordance with the terms of such license. McDATA either owns or has the right to license the computer software programs described in this document. McDATA Corporation retains all rights, title and interest in the computer software programs.

McDATA Corporation makes no warranties, expressed or implied, by operation of law or otherwise, relating to this document, the products or the computer software programs described herein. McDATA CORPORATION DISCLAIMS ALL IMPLIED WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. In no event shall McDATA Corporation be liable for (a) incidental, indirect, special, or consequential damages or (b) any damages whatsoever resulting from the loss of use, data or profits, arising out of this document, even if advised of the possibility of such damages.

©2004 McDATA Corporation. All rights reserved. McDATA, the McDATA logo, McDATA Eclipse, Fabricenter, HotCAT, Intrepid, Multi-Capable Storage Network Solutions, Networking the World's Business Data, nScale, nView, OPENready, SANavigator, SANpilot, SANtegrity, SANvergence, SecureConnect and Sphereon are trademarks or registered trademarks of McDATA Corporation. OEM and Reseller logos are the

Enterprise Operating System Command Line Interface User Manual

property of such parties and are reprinted with limited use permission. All other trademarks are the property of their respective companies. All specifications subject to change.

Enterprise Operating System Command Line Interface User Manual

iii

Enterprise Operating System Command Line Interface User Manual

Contents

Preface.............................................................................................................................xv

Chapter 1 Introduction

Command Line Interface Overview...............................................1-2

Entering Command Line Interface Commands ...........................1-3

Documentation Conventions...................................................1-3

Navigation Conventions...........................................................1-3

Command Tree...........................................................................1-5

Navigation of the CLI Command Tree.................................1-12

Parameters ................................................................................1-13

Output .......................................................................................1-14

Logging In and Logging Out ........................................................1-14

User Access Rights ..................................................................1-14

Passwords and Secrets ............................................................1-14

logout.........................................................................................1-16

Using the commaDelim Command..............................................1-17

commaDelim ............................................................................1-17

Handling Command Line Interface Errors .................................1-18

Using the Command Line Interface Help ...................................1-19

Commenting Scripts.......................................................................1-20

ED-5000 Director.............................................................................1-21

Telnet Session...................................................................................1-22

Ethernet Connection Loss.......................................................1-22

Backup and Restoration.................................................................1-23

Chapter 2 CLI Commands

Command Overview........................................................................2-2

Contents

New and Changed Commands......................................................2-2

config ..................................................................................................2-5

config.enterpriseFabMode.setState.........................................2-5

config.features.enterpriseFabMode ........................................2-6

config.features.ficonMS............................................................2-6

config.features.installKey.........................................................2-7

config.features.NPIV.................................................................2-8

config.features.openSysMS......................................................2-8

config.features.openTrunking .................................................2-8

config.features.show .................................................................2-9

config.fencing.addPolicy........................................................2-10

config.fencing.addPort............................................................2-10

config.fencing.deletePolicy ....................................................2-11

config.fencing.removePort.....................................................2-12

config.fencing.setParams........................................................2-12

config.fencing.setState ............................................................2-14

config.fencing.show ................................................................2-14

config.fencing.showTypeTable..............................................2-16

config.ficonCUPZoning.addControlHost............................2-16

config.ficonCUPZoning.deleteControlHost ........................2-17

config.ficonCUPZoning.setState ...........................................2-17

config.ficonCUPZoning.show ...............................................2-18

config.ficonMS.setMIHPTO...................................................2-18

config.ficonMS.setState...........................................................2-19

config.ficonMS.show...............................................................2-20

config.ip.ethernet.....................................................................2-20

config.ip.lineSpeed..................................................................2-21

config.ip.show..........................................................................2-21

config.NPIV.maxPortIDs........................................................2-22

config.NPIV.setState ..............................................................2-23

config.NPIV.show ..................................................................2-23

config.openSysMS.setHostCtrlState .....................................2-24

config.openSysMS.setState.....................................................2-24

config.port.blocked..................................................................2-25

config.port.fan..........................................................................2-25

config.port.name......................................................................2-26

config.port.rxCredits...............................................................2-26

config.port.show......................................................................2-27

config.port.showPortAddr.....................................................2-28

config.port.speed.....................................................................2-29

config.port.swapPortByAddr ................................................2-30

config.port.swapPortByNum.................................................2-30

config.port.type........................................................................2-31

Enterprise Operating System Command Line Interface User Manual

Contents

config.security ......................................................................... 2-32

config.security.authentication.interface api.outgoing.......2-33

config.security.authentication.interface.api.sequence....... 2-33

config.security.authentication.interface.cli.sequence ........ 2-34

config.security.authentication.interface.eport.outgoing ... 2-34 config.security.authentication.interface.eport.sequence... 2-35 config.security.authentication.interface.nport.outgoing... 2-36 config.security.authentication.interface.nport.sequence... 2-36 config.security.authentication.interface.osms.outgoing ... 2-37

config.security.authentication.interface.osms.setKey ....... 2-38

config.security.authentication.interface.serial.

enhancedAuth ......................................................................... 2-38

config.security.authentication.interface.show.................... 2-39

config.security.authentication.interface.web.sequence..... 2-39

config.security.authentication.port.override ...................... 2-40

config.security.authentication.port.show............................2-41

config.security.authentication.RADIUS.attempts.............. 2-42

config.security.authentication.RADIUS.deadtime............. 2-42

config.security.authentication.RADIUS.deleteServer .......2-43

config.security.authentication.RADIUS.server ..................2-43

config.security.authentication.RADIUS.show.................... 2-44

config.security.authentication.RADIUS.timeout................ 2-45

config.security.authentication.switch.setSecret.................. 2-45

config.security.authentication.user ...................................... 2-46

config.security.authentication.user.add .............................. 2-46

config.security.authentication.user.delete........................... 2-47

config.security.authentication.user.modify ........................ 2-48

config.security.authentication.user.role .............................. 2-49

config.security.authentication.user.show............................ 2-50

config.security.fabricBinding ................................................ 2-51

config.security.fabricBinding.activatePending...................2-53

config.security.fabricbinding.addAttachedMembers........ 2-53

config.security.fabricBinding.addMember ......................... 2-54

config.security.fabricBinding.clearMemList....................... 2-54

config.security.fabricbinding.deactivateFabBind............... 2-55

config.security.fabricBinding.deleteMember...................... 2-55

config.security.fabricBinding.replacePending.................... 2-56

config.security.fabricBinding.showActive .......................... 2-56

config.security.fabricBinding.showPending....................... 2-57

config.security.portBinding................................................... 2-57

config.security.portBinding.bound ...................................... 2-57

config.security.portBinding.show ........................................ 2-58

config.security.portBinding.wwn......................................... 2-59

Contents

vii

Contents

config.security.ssh.resetKeys.................................................2-61

config.security.ssh.setState.....................................................2-61

config.security.ssh.show.........................................................2-61

config.security.switchAcl .......................................................2-62

config.security.switchAcl.addRange ....................................2-62

config.security.switchAcl.deleteRange ................................2-63

config.security.switchAcl.setState.........................................2-63

config.security.switchAcl.show.............................................2-64

config.security.switchBinding ...............................................2-64

config.security.switchBinding.addMember ........................2-65

config.security.switchBinding.deleteMember.....................2-66

config.security.switchBinding.setState.................................2-66

config.security.switchBinding.show.....................................2-67

config.snmp.addCommunity.................................................2-68

config.snmp.authTraps...........................................................2-69

config.snmp.deleteCommunity.............................................2-70

config.snmp.setFaMibVersion...............................................2-70

config.snmp.setState ...............................................................2-71

config.snmp.show ...................................................................2-71

config.switch ............................................................................2-72

config.switch.domainRSCN...................................................2-72

config.switch.edTOV...............................................................2-73

config.switch.insistDomainId................................................2-73

config.switch.interopMode....................................................2-74

config.switch.ltdFabRSCN.....................................................2-74

config.switch.prefDomainId..................................................2-75

config.switch.priority..............................................................2-75

config.switch.raTOV ...............................................................2-76

config.switch.rerouteDelay....................................................2-77

config.switch.speed.................................................................2-78

config.switch.show..................................................................2-78

config.switch.zoneFlexPars....................................................2-80

config.switch.zoningRSCN....................................................2-81

config.system.contact..............................................................2-81

config.system.date...................................................................2-82

config.system.description.......................................................2-82

config.system.location ............................................................2-83

config.system.name.................................................................2-83

config.system.show.................................................................2-83

config.zoning............................................................................2-84

config.zoning.activateZoneSet...............................................2-85

config.zoning.addPortMem...................................................2-86

config.zoning.addWwnMem.................................................2-87

viii

Enterprise Operating System Command Line Interface User Manual

Contents

config.zoning.addZone ..........................................................2-87

config.zoning.clearZone......................................................... 2-88

config.zoning.clearZoneSet ................................................... 2-88

config.zoning.deactivateZoneSet.......................................... 2-89

config.zoning.deletePortMem............................................... 2-89

config.zoning.deleteWwnMem............................................. 2-90

config.zoning.deleteZone ...................................................... 2-90

config.zoning.renameZone....................................................2-91

config.zoning.renameZoneSet...............................................2-91

config.zoning.replaceZoneSet...............................................2-92

config.zoning.setDefZoneState ............................................. 2-92

config.zoning.showActive..................................................... 2-92

config.zoning.showPending.................................................. 2-93

maint ................................................................................................ 2-95

maint.port.beacon ...................................................................2-95

maint.port.reset ....................................................................... 2-96

maint.system.beacon .............................................................. 2-96

maint.system.clearSysError................................................... 2-97

maint.system.ipl...................................................................... 2-97

maint.system.resetConfig ...................................................... 2-97

maint.system.setOnlineState.................................................2-98

perf ................................................................................................... 2-99

perf.class2................................................................................. 2-99

perf.class3...............................................................................2-100

perf.clearStats ........................................................................ 2-102

perf.errors...............................................................................2-102

perf.link .................................................................................. 2-104

perf.openTrunking.backPressure .......................................2-105

perf.openTrunking.congestionThresh ...............................2-106

perf.openTrunking.lowBBCreditThresh............................ 2-106

perf.openTrunking.setState ................................................. 2-107

perf.openTrunking.show ..................................................... 2-108

perf.openTrunking.unresCongestion.................................2-109

perf.preferredPath................................................................. 2-110

perf.preferredPath.clearPath............................................... 2-110

perf.preferredPath.setPath................................................... 2-111

perf.preferredPath.setState.................................................. 2-112

perf.preferredPath.showPath.............................................. 2-113

perf.preferredPath.showState ............................................. 2-115

perf.thresholdAlerts..............................................................2-116

perf.thresholdAlerts.counter.addAlert.............................. 2-120

perf.thresholdAlerts.counter.addPort................................2-121

perf.thresholdAlerts.counter.removePort......................... 2-122

Contents

perf.thresholdAlerts.counter.setCounter...........................2-123

perf.thresholdAlerts.counter.setParams ............................2-124

perf.thresholdAlerts.counter.show.....................................2-125

perf.threshholdAlerts.counter.showStatisticTable...........2-126

perf.thresholdAlerts.deleteAlert .........................................2-127

perf.thresholdAlerts.setState ...............................................2-127

perf.thresholdAlerts.show ...................................................2-127

perf.thresholdAlerts.throughput.addAlert........................2-129

perf.thresholdAlerts.throughput.addPort .........................2-130

perf.thresholdAlerts.throughput.removePort...................2-131

perf.thresholdAlerts.throughput.setUtilType...................2-132

perf.thresholdAlerts.throughput.setUtilPercentage ........2-133

perf.thresholdAlerts.throughput.setParams .....................2-134

perf.thresholdAlerts.throughput.show..............................2-135

perf.thresholdAlerts.throughput.showUtilTypeTable.....2-135

perf.traffic ...............................................................................2-136

show................................................................................................2-138

show.all...................................................................................2-138

show.auditLog .......................................................................2-139

show.epFrameLog.config.....................................................2-140

show.epFrameLog.filterClassFFrames...............................2-140

show.epFrameLog.setFilterPort ..........................................2-141

show.epFrameLog.noWrap .................................................2-142

show.epFrameLog.wrap.......................................................2-143

show.eventLog.......................................................................2-144

show.fabricLog.noWrap.......................................................2-145

show.fabricLog.wrap............................................................2-146

show.fabric.nodes..................................................................2-148

show.fabric.principal ............................................................2-148

show.fabric.topology ............................................................2-149

show.features .........................................................................2-150

show.fencing.policies............................................................2-150

show.ficonCUPZoning .........................................................2-152

show.ficonMS ........................................................................2-152

show.frus ................................................................................2-153

show.ip.ethernet ....................................................................2-154

show.linkIncidentLog...........................................................2-154

show.loginServer...................................................................2-155

show.nameServer ..................................................................2-156

show.nameServerExt ............................................................2-158

show.NPIV.config .................................................................2-159

show.openSysMS.config.......................................................2-160

show.openTrunking.config..................................................2-161

Enterprise Operating System Command Line Interface User Manual

Contents

show.openTrunking.rerouteLog.........................................2-162

show.port.config ................................................................... 2-163

show.port.exit........................................................................ 2-164

show.port.info ....................................................................... 2-166

show.port.nodes....................................................................2-167

show.port.opticEDD............................................................. 2-169

show.port.opticInfo .............................................................. 2-170

show.port.profile................................................................... 2-171

show.port.showPortAddr ...................................................2-173

show.port.status.................................................................... 2-174

show.port.technology........................................................... 2-177

show.preferredPath.showPath............................................ 2-178

show.security.fabricBinding................................................2-180

show.security.log .................................................................. 2-181

show.security.portBinding .................................................. 2-182

show.security.switchAcl ...................................................... 2-183

show.security.switchBinding .............................................. 2-184

show.snmp.............................................................................2-185

show.switch ........................................................................... 2-186

show.system........................................................................... 2-188

show.thresholdAlerts.alerts................................................. 2-189

show.thresholdAlerts.log..................................................... 2-192

show.zoning........................................................................... 2-194

Appendix A Error Messages

Appendix B Commands and Corresponding Releases

Glossary

........................................................................................................................g-1

Index ...............................................................................................................................i-1

Contents

xii

Enterprise Operating System Command Line Interface User Manual

Tables

1-1 CLI Command Tree Navigation Conventions ......................................... 1-3

1-2 CLI Command Tree ...................................................................................... 1-5

1-3 CLI Command Tree for the ED-5000 Director ........................................ 1-21

2-1 Supported Zoning Configurations ........................................................... 2-85

2-2 Throughput Threshold Alerts ................................................................ 2-118

2-3 Alert Counters ........................................................................................... 2-118

B-1 Commands and Releases ............................................................................. B-1

Table s

xiii

Tab les

xiv

Enterprise Operating System Command Line Interface User Manual

Preface

This publication is part of the documentation suite that supports the McDATA® Sphereon™ 3016 Fabric Switch, Sphereon 3032 Fabric Switch, Sphereon 3216 Fabric Switch, Sphereon 3232 Fabric Switch, Sphereon 4300 Fabric Switch, Sphereon 4500 Fabric Switch, Intrepid

6064 Director, and Intrepid 6140 Director.

Who Should Use This

Manual

This publication describes the commands that can be entered through the Command Line Interface (CLI) for the Intrepid

6064 Director, and Intrepid 6140 Director, Sphereon™ 3016 Switch, Sphereon 3032 Switch, Sphereon 3216 Switch, Sphereon 3232 Switch, Sphereon 4300 Switch, and Sphereon 4500 Switch. (A limited number of these commands are available on the ED-5000 Director.) Access through a Telnet client is presumed.

This publication is intended for data center administrators and customer support personnel, who can either enter the commands manually or write a script containing them. However, the primary purpose of the Command Line Interface is for scripts written by these administrators and personnel for use in a host-based scripting environment. Therefore, this publication presumes that the user is familiar with:

• Establishing and using a Telnet session

• Using the command line of a terminal

• Writing scripts

• Networking, SAN, and zoning concepts

• McDATA products in the user’s network

Preface

The publications listed in Related Publications provide considerable information about both concepts and McDATA products.

Organization of This

Manual

This publication is organized as follows:

• Chapter 1, Introduction, provides an introduction and overview of the Command Line Interface.

• Chapter 2, CLI Commands, describes the Command Line Interface commands, including their syntax, purpose, and parameters, as well as examples of their usage and any output that they generate.

• Appendix A, Error Messages lists and explains error messages that may appear while using the CLI.

• Appendix B, Commands and Corresponding Releases lists each command in the CLI and the release in which the command was added to the CLI.

•The Glossary defines terms, abbreviations, and acronyms used in this manual.

•An Index is also provided.

Manual Updates Check the McDATA web site at www.mcdata.com for possible

updates or supplements to this manual.

xvi

Related Publications Other publications that provide additional information about the

products mentioned in this manual are:

• Configuration Backup and Restore Utility Installation and User Guide (958-000370)

• Products in a SAN Environment - Planning Manual (620-000124)

• McDATA ED-5000 Director Element Manager User Manual (620-000176)

• Intrepid 6064 Director Installation and Service Manual (620-000108)

• Intrepid 6140 and 6064 Directors Element Manager User Manual (620-000172)

• Intrepid 6140 Director Installation and Service Manual (620-000157)

• E/OSn SNMP Support Manual (620-000226)

• SANpilot User Manual (620-000160)

Enterprise Operating System Command Line Interface User Manual

• Sphereon 3016 and 3216 Fabric Switch Element Manager User Manual (620-000174)

• Sphereon 3016 and 3216 Fabric Switches Installation and Service Manual (620-000154)

• Sphereon 3032 and 3232 Fabric Switch Element Manager User Manual (620-000173)

• Sphereon 3032 and 3232 Fabric Switches Installation and Service Manual (620-000155)

• Sphereon 4300 Fabric Switch Installation and Service Manual (620-000171)

• Sphereon 4500 Fabric Switch Installation and Service Manual (620-000159)

• Sphereon 4500 Fabric Switch Element Manager User Manual (620-000175)

Manual Conventions The following notational conventions are used in this document:

Preface

Convention Meaning Bold Keyboard keys, buttons and switches on hardware products,

and screen prompts for the Command Line Interface.

Italic

Monospaced

NOTE: A note presents important information that is not hazard-related.

ATTENTION! An attention notice presents important information about

activities that could result in loss of equipment function or loss of data.

Outside book references, names of user interface windows, buttons, and dialog boxes.

Command syntax, examples of commands, output.

Where to Get Help For technical support, McDATA end-user customers should call the

phone number located on the service label attached to the front or rear of the hardware product.

For IBM products, contact IBM for technical support, which includes hardware support, all product repairs, and ordering of spare parts. Go to: http://www.ibm.com/servers/storage/support/san/index.html.

Preface

xvii

Preface

McDATA’s “Best in Class” Solution Center provides a single point of contact for customers seeking help with McDATA software products. The Solution Center will research, explore, and resolve inquiries or service requests regarding McDATA products and services. The Solution Center is staffed 24 hours a day, 7 days a week, including holidays.

NOTE: To expedite warranty entitlement, please have your product serial number available.

McDATA Corporation 380 Interlocken Crescent Broomfield, CO 80021

Phone: (800) 752-4572 or (720) 558-3910 Fax: (720) 558-3581 E-mail: support@mcdata.com

NOTE: Customers who purchased the hardware product from a company other than McDATA should contact that company’s service representative for technical support.

Forwarding Publication

Comments

We sincerely appreciate any comments about this publication. Did you find this manual easy or difficult to use? Did it lack necessary information? Were there any errors? Could its organization be improved?

Please send your comments via e-mail, our home page, or FAX. Identify the manual, and provide page numbers and specific detail. Thank you.

E-mail: pubsmgr@mcdata.com Home Page: http://www.mcdata.com Fax: Technical Communi cation s Manager

(720) 558-8999

Ordering Publications To order a paper copy of this manual, contact your McDATA

representative, or use the contact information listed below.

xviii

Enterprise Operating System Command Line Interface User Manual

Phone: (800) 545-5773 and select the option for information on McDATA’s complete family of enterprise-to-edge SAN solutions.

Preface

Fax: (720) 558-4193

Trademarks The following terms, indicated by a registered trademark symbol (®)

or trademark symbol (™) on first use in this publication, are trademarks of McDATA Corporation in the United States, other countries, or both:

Registered Trademarks Fabricenter HotCAT Intrepid McDATA OPENready SANavigator SANpilot

Trademarks E/OS™ Eclipse™ Fibre Channel Director™ OPENconnectors™ SANvergence™ Sphereon™

SANtegrity®

All other trademarked terms, indicated by a registered trademark symbol (®) or trademark symbol (™) on first use in this publication, are trademarks of their respective owners in the United States, other countries, or both.

Preface

xix

Preface

Enterprise Operating System Command Line Interface User Manual

Introduction

This chapter introduces the Command Line Interface (CLI) and describes the essentials for using the CLI commands.

• Command Line Interface Overview......................................................1-2

• Entering Command Line Interface Commands....................................1-3

• Logging In and Logging Out..............................................................1-14

• Using the commaDelim Command ....................................................1-17

• Handling Command Line Interface Errors.........................................1-18

• Using the Command Line Interface Help...........................................1-19

• Commenting Scripts...........................................................................1-20

• ED-5000 Director...............................................................................1-21

• Telnet Session......................................................................................1-22

• Backup and Restoration......................................................................1-23

Introduction

1-1

Command Line Interface Overview

The Command Line Interface (CLI) is a feature that provides an alternative to Graphical User Interface (GUI) and web-based (HTTP) interface products for director and switch management capabilities.

The CLI can only be used through a Telnet client session in an out-of-band management environment, using the Ethernet port in the director or switch. Although the primary use of the CLI is in host-based scripting environments, the CLI commands can also be entered directly at a command line. Any hardware platform that supports the Telnet client software can be used.

The primary purpose of the CLI is to automate management of a large number of switches with the use of scripts.

Because the CLI is not an interactive interface, no prompts are displayed to guide the user through a task. If an interactive interface is needed, use the GUI-based or web-based SAN management applications instead of the CLI.

1-2

Enterprise Operating System Command Line Interface User Manual

Entering Command Line Interface Commands

The CLI commands can be entered directly at the command line of a terminal or coded in a script.

Note that the CLI commands are not case sensitive.

Documentation Conventions

Navigation Conventions

Throughout this publication, periods are used to separate the components of a command name. However, the periods cannot be included when the command is actually entered at the terminal or coded in a script. (How to enter the commands is explained in

Navigation of the CLI Command Tree on page 1-12.)

Even though the commands cannot be entered with the periods, the command line prompts do include the periods.

Config.Port>

Basic command line navigation conventions are supported. The following table includes the asynchronous commands that are recognized by the CLI.

Table 1-1 CLI Command Tree Navigation Conventions

Character Sequence Common Name Action or Description

<CR> Carriage Return Pass a completed line to the

parser.

<DEL> Delete Backspace one character

and delete the character.

<NL> New Line Pass a completed line to the

<SP> Space Used to separate keywords. # Pound Sign Used to designate

? Question Mark Provide help information. “ Quotation Mark Used to surround a single

^A Control-A Position the cursor to the

parser.

comments in a script.

token.

start of the line.

Introduction

1-3

Entering Command Line Interface Commands

Table 1-1 CLI Command Tree Navigation Conventions (Continued)

Character Sequence Common Name Action or Description

^B Control-B Position the cursor left one

character. ^D Control-D Delete the current character. ^E Control-E Position the cursor to the

end of the line. ^F Control-F Position the cursor right one

character. ^H Control-H Backspace one character

and delete the character. ^I Tab Complete the current

keyword. ^K Control-K Delete to the end of the line. ^L Control-L Redraw the line. ^N Control-N Move down one line in the

command history. ^P Control-P Move up one line in the

command history. ^R Control-R Redraw the line. ^U Control-U Clear the input and reset the

line buffer. ^X Control-X Clear the input and reset the

line buffer. <ESC>[A Up Arrow Move up one line in the

command history. <ESC>[B Down Arrow Move down one line in the

command history. <ESC>[C Right Arrow Position the cursor right one

character. <ESC>[D Left Arrow Position the cursor left one

character.

1-4

Enterprise Operating System Command Line Interface User Manual

Entering Command Line Interface Commands

Command Tree

The command tree of the CLI begins from the root. Table 1-2 shows the CLI command tree. The commands in the four extended branches (config, maint, perf, and show) are described in Chapter 2, CLI

Commands.

The following commands are not listed in the command tree, but are globally available and are documented in this chapter:

• login (see login on page 1-15)

•logout (see logout on page 1-16)

• commaDelim (see Using the commaDelim Command on page 1-17)

Table 1-2 shows the command tree hierarchy from the root, reading

from left to right.

Table 1-2 CLI Command Tree

config---------- enterpriseFabMode--- setState

features ----------------- enterpriseFabMode

ficonMS installKey NPIV openSysMS openTrunking show

fencing------------------- addPolicy

addPort deletePolicy removePort setParams setState show showTypeT able

ficonCUPZoning------- addControlHost

deleteControlHost setState show

ficonMS------------------ setMIHPTO

setState show

Introduction

1-5

Entering Command Line Interface Commands

Table 1-2 CLI Command Tree (Continued)

ip-------------------------- ethernet

lineSpeed show setHostCtrlState

NPIV--------------------- maxPortIDs

setState show

openSysMS------------ setState port ----------------------- blocked

fan name rxCredits show showPortAddr speed swapPortByAddr swapPortByNum type

security------------------ authentication---------- interface----------------- api------------------------- outgoing

sequence cli-------------------------- sequence eport---------------------- outgoing

sequence nport---------------------- outging

sequence osms--------------------- outgoing

setKey serial--------------------- enhancedAuth show web----------------------- sequence

port----------------------- override

show

radius-------------------- attempts

deadtime deleteServer server

1-6

Enterprise Operating System Command Line Interface User Manual

Table 1-2 CLI Command Tree (Continued)

security ----------------- fabricBinding ----------- activatePending

portBinding ------------- bound

ssh------------------------ resetKeys

switchAcl---------------- addRange

switchBinding ---------- addMember

acl ------------------------ addRange

snmp --------------------- addCommunity

Entering Command Line Interface Commands

show

timeout switch-------------------- setSecret user----------------------- add

delete

modify

role

show

addAttachedMembers

addMember clearMemList deactivateFabBind deleteMember replacePending showActive showPending

show wwn

setState show

deleteRange setState show

deleteMember setState show

deleteRange setState show

Introduction

1-7

Entering Command Line Interface Commands

Table 1-2 CLI Command Tree (Continued)

authTraps deleteCommunity setFaMibVersion setState show

switch ------------ -- -- -- -- domainRSCN

edTOV insistDomainId interopMode ltdFabRSCN prefDomainId priority raTOV rerouteDelay speed show zoneFlexPars zoningRSCN

system ------------------ contact

date description location name show

zoning ------------------- setDefZoneState

activateZoneSet deactivateZoneSet replaceZoneSet clearZoneSet addZone deleteZone renameZoneSet addWwnMem addPortMem clearZone deleteWwnMem

1-8

Enterprise Operating System Command Line Interface User Manual

Table 1-2 CLI Command Tree (Continued)

deletePortMem renameZone showPending showActive

maint ---------- port ----------------------- beacon

reset

system ------------------ beacon

clearSysError ipl resetConfig setOnlineState

perf --------- --- class2

class3 clearStats errors link openTrunking ---------- backPressure

congestionThresh lowBBCreditThresh setState show unresCongestion

preferredPath ---------- clearPath

setPath setState showPath showState

thresholdAlerts -------- counter ------------------ addAlert

deleteAlert setState

Entering Command Line Interface Commands

addPort removeP ort setCounter setParams show showStatisticTable

Introduction

1-9

Entering Command Line Interface Commands

Table 1-2 CLI Command Tree (Continued)

show throughput -------------- addAlert

addPort removeP ort setUtilType setUtilPercentage setParams show showUtilTypeTable

traffic

show ---------- all

auditLog epFrameLog----------- config

filterClassFFrames noWrap setFilterPort

wrap eventLog fabric--------------------- nodes

principal

topology fabricLog---------------- noWrap

wrap features fencing------------------- policies ficonCUPZoning ficonMS frus ip -------------------------- ethernet linkIncidentLog loginServer nameServer nameServerExt NPIV--------------------- config openSysMS------------ config

1-10

Enterprise Operating System Command Line Interface User Manual

Table 1-2 CLI Command Tree (Continued)

openTrunking ---------- config

rerouteLog

port ----------------------- config

exit info nodes opticEDD opticInfo profile showPortAddr status

technology preferredPath ---------- showPath security------------------ fabricBinding

log

portBinding

switchAcl

switchBinding snmp switch system thresholdAlerts-------- alerts

log zoning

Entering Command Line Interface Commands

Note that the commands are shown, with the exception of the zoning commands, in alphabetical order to make them easier to locate. Although the commands can be entered in any order, depending on the results desired, the order shown in Table 1-2, CLI Command Tree, page 1-5 for the zoning commands is a typical order in which the zoning commands are entered.

Note that the order in which commands are entered determines the order in which the show commands display the values. Refer to

Chapter 2, CLI Commands for examples of show commands output.

Introduction

1-11

Entering Command Line Interface Commands

Navigation of the CLI Command Tree

Once the administrator or operator logs in and receives the Root> prompt, the CLI commands are accessed by navigating up and down the CLI command tree.

To move from the root through the any of the four extended branches, enter the name of the next branch as shown in Table 1-2, CLI

Command Tree, page 1-5. For example, to use the config.port.name

command to configure the name for port 4 on the switch, this series of commands is entered:

Root> config Config> port Config.Port> name 4 "Sam’s Tape Drive"

At this point, to enter the maint.port.beacon command to set the beaconing state of port 4, the following series of commands is entered:

Config.Port> .. Config> .. Root> maint Maint> port Maint.Port> beacon 4 true

Note that you must return all the way to the root of the tree to transition to another extended branch. When traversing back to the root, the name of each branch cannot be used. Instead use the double-dot command (two periods) to move back towards the root. Note that only one double-dot command may be entered at a time.

1-12

One approach to making the navigation more concise is to use the root command to jump directly to the root of the CLI command tree. The previous example, which shows stepping back to the root with the double-dot command, is simplified as follows:

Config.Port> root Root> maint Maint> port Maint.Port> beacon 4 true

Another approach to making the navigation more concise is to use the complete command syntax from the Root> prompt each time. For example, to issue the config.port.name command and then the maint.port.beacon command, the commands are entered as follows:

Root> config port name 4 "Sam’s Tape Drive" Root> maint port beacon 4 true

Enterprise Operating System Command Line Interface User Manual

Entering Command Line Interface Commands

As shown in this example, use of the complete command syntax avoids navigating up and down the branches of the CLI command tree, and the prompt stays at the root. The use of complete command syntax is particularly useful when writing scripts.

When coding a script, remember to code the appropriate character sequences, which are described in Navigation Conventions on page 1-3.

Root> config port name 4 "Sam’s Tape Drive"<CR> Root> maint port beacon 4 true<CR>

Limitation on

Movements

As the commands are entered, they are recorded in a history log. Note these limitations on movement that result from use of the history log:

• If a command has more than 60 characters, the command runs, but the command is not recorded in the history log, and the position in the tree does not change, as shown in the following example. Because the command is not recorded in the history, a subsequent asynchronous command (navigation command) cannot depend on it.

Root> config zoning addWwnMem TheUltimateZone 10:00:00:00 :C9:22:9B:64 Root>

• Whenever the position in the CLI command tree moves to a new branch (for example, config to maint, config to config.port, or config.port to config), the history log is cleared. In this case, any asynchronous commands (for example, the up-arrow command <ESC>[A or the up-arrow keyboard symbol) cannot move the position back towards the root, as shown in this example:

Root> config Root.Config> port Root.Config.Port> <ESC>[A Root.Config.Port>

Parameters

Some command parameters accept character strings that include spaces. Quotation marks are required when a string includes spaces.

Config.System> location Building_24_Room_16

Config.System> location "Building 24 Room 16"

Introduction

1-13

Logging In and Logging Out

If spaces are not included in a parameter that accepts a string, the quotation marks are not required around that string.

To include quotation marks in a string, use the escape character (\) before the quotation marks.

Config.System> location "Building 24 \"Joe’s PlayLab\""

A null string can be created by using the quotation marks without any space between them.

Config.System> location ""

Output

All output from the CLI commands is limited to the standard 80 columns supported by most Telnet interfaces. The output is left-justified.

Logging In and Logging Out

The CLI allows a single Telnet client to be connected to the switch. If a Telnet client logs out, or if after 15 minutes of inactivity the client’s access times out, another Telnet client may log in. Also note that the Telnet client (user) must log in any time the director or switch is restarted because the current user’s access is lost. Examples of a restart include an IPL and any power-off situation.

User Access Rights

The CLI supports two user access rights: administrator and operator. A user who logs in with administrator access rights can use all of the commands described in this publication. Operator access rights grant permission to use only the perf and show branches of the CLI command tree (for example, the perf.traffic and show.system commands) with the following exceptions: operator rights cannot access the show.preferredPath, show.security, and show.thresholdAlerts commands. Operators can also execute the globally available commands (login, logout, and commaDelim).

Passwords and Secrets

1-14

Enterprise Operating System Command Line Interface User Manual

Some commands require the user to enter a password or secret before the command can be executed.

Passwords can be ASCII characters in the range of 32 to 126. Secrets can be any ASCII character (0-255). Non-printable and

extended ASCII characters can be entered by using a backslash. Two

Logging In and Logging Out

hexadecimal characters must follow the backslash. All printable ASCII characters can be entered using the keyboard or using its hexadecimal value except for the backslash character. If a backslash is desired as part of the password its hexadecimal representation must be used. Spaces are valid, but if they appear at the begging of the password then they will be ignored. The following are examples of valid secrets.

simplesecret****

This is an example of a secret that does not use any special characters.

\40\72\A3\F9\12\13\14\15\16\17\18\19\55\33\87\42

This is an example of a secret of length 4 that is configured using the hexadecimal representation.

a9p\40\40xx\44\88kutfe\89h

This is an example of a secret that has a length of 7 characters that are composed of a mix using hexadecimal and the printable ASCII characters.

Syntax login

Purpose This command allows a Telnet client to connect to the switch.

Description This command allows the user to log in with either administrator or

operator access rights. The default passwords are password. The login command is called automatically by the CLI each time a

new Telnet session is activated, as well as each time new administrator access rights are configured.

After the login command is issued, the Username: prompt automatically displays. After a valid user name is entered, the Password: prompt automatically displays. After the corresponding valid password is entered, the Root> prompt displays. At this prompt the user may enter any of the commands included in

Table 1-2, CLI Command Tree, page 1-5.

When users are prompted to change the password when logging in, they can enter the default password (password). This will be accepted. However, at the next login, they will again be required to change the password, if the default password is still being used. When the user

Introduction

1-15

Logging In and Logging Out

enters the default password when prompted to change the password, the data portion of the security log entry for CLI login includes “password not changed.”

A user name and password can be set by the administrator through the config.security.authentication.user.add command or through the config.security.authentication.user.modify command.

The access rights chosen for the CLI are completely independent of the other product interfaces, for example, SNMP or McDATA product interfaces.

Parameters This command has no parameters.

Command Examples

logout

Syntax logout

Purpose This command allows a Telnet client to disconnect from the switch.

Description This command logs out the single Telnet client connected to the

Parameters This command has no parameters.

Command Examples

Username: Administrator Password: password

Username: Operator Password: password

switch. This command can be entered at any point in the command tree.

Root> logout

Config> logout

1-16

Enterprise Operating System Command Line Interface User Manual

Config.Port> logout

Using the commaDelim Command

Note that the output examples shown in the other sections of this publication presume that commaDelim is off.

commaDelim

Syntax commaDelim enable

Purpose This command enables the user to obtain displayed information in

comma-delimited, rather than tabular, format. Tabular format is the default.

Description This command can be entered at any point in the command tree.

Parameter This command has one parameter

enable Specifies the comma-delineated state for

output. Valid values are true and false. Boolean 1 and 0 may be substituted as values.

Using the commaDelim Command

Command Examples

Root> commaDelim true

Config> commaDelim 1

Config.Port> commaDelim false

Output Example Output displayed in commaDelim mode is as follows:

Root> show eventLog Date/Time,Code,Severity,FRU,Event Data, 04/12/01 10:58A,375,Major,CTP-0,00010203 04050607 08090A0B 0C0D0E0F, 04/12/01 10:58A,375,Major,CTP-0,00010203 04050607 08090A0B 0C0D0E0F, 04/12/01 9:58A,385,Severe,CTP-0,00010203 04050607 08090A0B 0C0D0E0F, 04/11/01 7:18P,395,Severe,CTP-0,00010203 04050607 08090A0B 0C0D0E0F,

Introduction

1-17

Handling Command Line Interface Errors

Two types of errors detected by the CLI are:

• An error associated with the interface. For example, a keyword is misspelled or does not exist.

Root> confg Error 234: Invalid Command

• An error associated with fabric or switch issues. For example, a parameter error is detected by the switch, where port 24 is entered for a switch that supports only 16 ports.

Root> config port name 24 "Port 24" Error 218: Invalid Port Number

In either case, the command is ignored. The CLI remains at the point it was before the command was entered.

The error messages, including error number and error, are listed in

Appendix A, Error Messages.

1-18

Enterprise Operating System Command Line Interface User Manual

Using the Command Line Interface Help

The question mark (?) can be used within a command to obtain certain information:

• If the question mark is used in place of a command keyword, all the keywords at that level of the CLI command tree display.

Root> config system ? Command identified contact - Set the system contact attribute date - Set the system date and time description - Set the system description attribute location - Set the system location attribute name - Set the system name attribute show - Display the system configuration

• If the question mark is used at the end of a recognized command, any parameters for that command display.

Root> config port name ?

- name <portNumber> <portName>

Using the Command Line Interface Help

• If the question mark is used after one or more characters of a keyword, any keywords at that level of the CLI command tree display.

Root> config s? security snmp switch system

Introduction

1-19

Commenting Scripts

The pound sign (#) can be used to add comments in a script file. The pound sign must be the first character in the line; the CLI ignores everything after the pound sign in that line. The following lines are valid:

Root> #Change port 3 to an E_Port<CR> Root> config port<CR> config.port> ##################<CR> config.port> ## Begin Script ##<CR> config.port> ##################<CR>

The pound sign cannot be used after any other characters (a command, for example) to start a comment. The following is an invalid script line:

Root> maint system beacon true # Turn on beaconing<CR>

To correct the previous script line, move the comment either before or after the line with the command. For example, the following examples are both valid:

Root> # Turn on beaconing<CR> Root> maint system beacon true<CR>

Root> maint system beacon true<CR> Root> # Turn on beaconing<CR>

ATTENTION! Comments of over 200 characters in length may cause unpredictable system behavior. Limit comments to 200 characters per line.

1-20

Enterprise Operating System Command Line Interface User Manual

ED-5000 Director

A subset of the CLI commands described in this publication are available on the ED-5000 Director™. The globally available commands (login, logout, and commaDelim) are described previously in this chapter. The following config, maint, and show commands are described in Chapter 2, CLI Commands.

Table 1-3 CLI Command Tree for the ED-5000 Director

config -------------------- security ----------------- userRights -------------- administrator

operator

show maint --------------------- system ------------------ resetConfig show --------------------- ip -------------------------- ethernet

port ----------------------- config

info

status switch system zoning

Introduction

1-21

Telnet Session

The CLI can be accessed through a Telnet client session in an out-of-band management environment, using the Ethernet port in the director or switch. It can also be accessed using Secure Shell (SSH).

Although the primary use of the CLI is in host-based scripting environments, the CLI commands can also be entered directly at a command line. Any hardware platform that supports the Telnet client software can be used.

NOTE: You can use the Configure option in the GUI-based or web-based interfaces to enable/disable Telnet access. Telnet access is enabled by default. Any changes to the enabled state of the Telnet server are retained through system restarts and power cycles.

Ethernet Connection Loss

If the Ethernet cable is disconnected from the director or switch during a Telnet session, one of three scenarios is possible:

• Replace the Ethernet cable before the client connection times out, and the Telnet session will continue.

• Wait 15 minutes until the client connection times out; then replace the Ethernet cable and restart the connection.

• If the client connection has already timed out, replace the Ethernet cable. Open a GUI-based or web-based interface SAN-management window. Toggle the enabled state of the CLI, thereby clearing the client connection. Restart the client connection.

Once the client connection is reestablished, verify your configuration’s completeness and accuracy.

1-22

Enterprise Operating System Command Line Interface User Manual

Backup and Restoration

A standalone Configuration Backup and Restore (CBR) utility is available for customers that do not use EFCM for backing up and restoring user configuration data. You can use this utility to backup and restore configuration data from all switch and director products running E/OS versions 4.0 and higher. The CBR utility is available for no charge in the Technical Documents section of the McDATA website at www.mcdata.com or by contacting your sales representative or service provider

The procedures for system backup and restoration are documented in the Configuration Backup and Restore Utility Installation and User Guide (958-000370), which is also available at www.mcdata.com.

Backup and Restoration

Introduction

1-23

Backup and Restoration

1-24

Enterprise Operating System Command Line Interface User Manual

CLI Commands

This chapter describes the Command Line Interface (CLI) commands, including their syntax, purpose, and parameters, as well as examples of their usage and any output that they generate.

• Command Overview.............................................................................2-2

• New and Changed Commands .............................................................2-2

• config.....................................................................................................2-5

• maint...................................................................................................2-95

• perf ......................................................................................................2-99

• show ..................................................................................................2-138

CLI Commands

2-1

Command Overview

Most of the commands in this chapter are listed in alphabetical order to make them easy to locate. Although the commands can be entered in any order, depending on the results desired (so long as the tree structure is followed), the order used herein for the zoning commands follows a typical order of entry. The various show commands are usually entered at the end of a group of other commands to verify configuration changes.

New and Changed Commands

The following CLI commands are new for this edition of the Enterprise Operating System Command Line Interface User Manual:

• config.fencing.addPolicy on page 2-10

• config.fencing.addPort on page 2-10

• config.fencing.deletePolicy on page 2-11

• config.fencing.removePort on page 2-12

• config.fencing.setParams on page 2-12

• config.fencing.setState on page 2-14

• config.fencing.show on page 2-14

• config.fencing.showTypeTable on page 2-16

• config.ficonCUPZoning.addControlHost on page 2-16

• config.ficonCUPZoning.deleteControlHost on page 2-17

• config.ficonCUPZoning.setState on page 2-17

• config.ficonCUPZoning.show on page 2-18

• config.ficonMS.setMIHPTO on page 2-18

• config.ficonMS.show on page 2-20

• config.ip.lineSpeed on page 2-21

• config.NPIV.maxPortIDs on page 2-22

2-2

Enterprise Operating System Command Line Interface User Manual

• config.NPIV.setState on page 2-23

New and Changed Commands

• config.NPIV.show on page 2-23

• config.port.rxCredits on page 2-26

• config.port.show on page 2-27

• config.port.showPortAddr on page 2-28

• config.port.swapPortByAddr on page 2-30

• config.port.swapPortByNum on page 2-30

• config.security.authentication.interface api.outgoing on page 2-33

• config.security.authentication.interface.api.sequence on page 2-33

• config.security.authentication.interface.cli.sequence on page 2-34

• config.security.authentication.interface.eport.outgoing on page 2-34

• config.security.authentication.interface.eport.sequence on page 2-35

• config.security.authentication.interface.nport.outgoing on page 2-36

• config.security.authentication.interface.nport.sequence on page 2-36

• config.security.authentication.interface.osms.setKey on page 2-38

• config.security.authentication.interface.osms.outgoing on page 2-37

• config.security.authentication.interface.serial.enhancedAuth on page 2-38

• config.security.authentication.interface.show on page 2-39

• config.security.authentication.interface.web.sequence on page 2-39

• config.security.authentication.port.override on page 2-40

• config.security.authentication.port.show on page 2-41

• config.security.authentication.RADIUS.deadtime on page 2-42

• config.security.authentication.RADIUS.deleteServer on page 2-43

• config.security.authentication.RADIUS.attempts on page 2-42

• config.security.authentication.RADIUS.server on page 2-43

• config.security.authentication.RADIUS.show on page 2-44

• config.security.authentication.RADIUS.timeout on page 2-45

• config.security.authentication.switch.setSecret on page 2-45

• config.security.authentication.user on page 2-46

CLI Commands

2-3

New and Changed Commands

• config.security.authentication.user.add on page 2-46

• config.security.authentication.user.delete on page 2-47

• config.security.authentication.user.modify on page 2-48

• config.security.authentication.user.role on page 2-49

• config.security.authentication.user.show on page 2-50

• config.security.switchAcl.addRange on page 2-62

• config.security.switchAcl.deleteRange on page 2-63

• config.security.switchAcl.setState on page 2-63

• config.security.switchAcl.show on page 2-64

• config.security.ssh.resetKeys on page 2-61

• config.security.ssh.setState on page 2-61

• config.security.ssh.show on page 2-61

• config.switch.zoneFlexPars on page 2-80

• perf.thresholdAlerts.show on page 2-127

• show.auditLog on page 2-139

• show.epFrameLog.config on page 2-140

• show.epFrameLog.filterClassFFrames on page 2-140

• show.epFrameLog.noWrap on page 2-142

• show.epFrameLog.wrap on page 2-143

• show.fabric.principal on page 2-148

• show.fabric.topology on page 2-149

• show.fabricLog.noWrap on page 2-145

• show.fabricLog.wrap on page 2-146

• show.fencing.policies on page 2-150

• show.ficonCUPZoning on page 2-152

• show.ficonMS on page 2-152

• show.NPIV.config on page 2-159

• show.openSysMS.config on page 2-160

2-4

Enterprise Operating System Command Line Interface User Manual

• show.port.opticEDD on page 2-169

config

• show.port.opticInfo on page 2-170

• show.port.profile on page 2-171

• show.port.showPortAddr on page 2-173

• show.security.log on page 2-181

• show.security.switchAcl on page 2-183

The config branch of the CLI command tree contains commands that set parameter values on the switch or director. These values are not temporary (session) values, but are retained across power cycles.

The commands in the config branch can only be accessed by a user with administrator level user rights.

CLI commands are activated on the switch immediately, except as noted.

In general, the config naming commands (except for the config.zoning commands) use the USASCII character set. All of the characters in this 128-character set (the first 7-bit subset of the ISO-8859-1 Latin-1 character set) are valid. Any exceptions are noted in the specific command descriptions.

config.enterpriseFabMode.setState

Syntax setState enterpriseFabModeState

Purpose This command sets the Enterprise Fabric Mode state for the fabric.

The SANtegrity™ feature key must be installed to activate the Enterprise Fabric Mode state.

NOTE: The command config.features.enterpriseFabMode on page 2-6 has functionality that is identical to this command.

Parameters This command has one parameter.

enterpriseFabModeState Specifies whether enterpriseFabMode is

active. Valid values are activate and deactivate. Boolean 1 and 0 may be substituted as values.

CLI Commands

2-5

config

Command Example Root> config enterpriseFabMode setState 1

NOTE: You cannot activate Enterprise Fabric Mode while Open Trunking is enabled.

config.features.enterpriseFabMode

Syntax enterpriseFabMode enterpriseFabModeState

Purpose This command sets the Enterprise Fabric Mode state for the fabric.

The SANtegrity™ feature key must be installed to activate the Enterprise Fabric Mode state.

Parameters This command has one parameter.

enterpriseFabModeState Specifies whether enterpriseFabMode is

active. Valid values are activate and deactivate. Boolean 1 and 0 may be substituted as values.

Command Example

config.features.ficonMS

Syntax ficonMS ficonMSState

Purpose This command sets the enabled state of the FICON Management

Root> config features enterpriseFabMode 1

NOTE: The command config.enterpriseFabMode.setState on page 2-5 has functionality that is identical to this command.

Server. The FICON Management Server feature key must be installed in order to enable the FICON Management Server State. (The Sphereon 4300 and Sphereon 4500 switches do not accept this command.)

NOTE: This command is displayed on a Sphereon 3016 and 3216 only if the feature key is installed.

2-6

Enterprise Operating System Command Line Interface User Manual

NOTE: If the FICON Management Server is enabled, the default management style is the FICON Management Style. The Open Systems Management Style cannot be used.

Parameters This command has one parameter.

ficonMSState Specifies whether the FICON Management

Server is enabled. Valid values are enable and disable. Boolean 1 and 0 may be substituted as values.

config

Command Example

config.features.installKey

Syntax installKey featureKey

Purpose This command allows the user to install a feature set that is enabled

Parameters This command has one parameter.

Root> config features ficonMS 1

NOTE: The command config.ficonMS.setState on page 2-19 has functionality that is identical to this command.

by the provided feature key. The switch can be either offline or online when this command is executed.

NOTE: If any currently installed features are being removed by the new feature key, the switch must be offline when the command is given.

featureKey Specifies the key you have received to enable

optional software feature on a specific product. A feature key is a string of case-sensitive, alphanumeric ASCII characters.

The number of characters may vary in the format; however, the key must be entered exactly, including the hyphens. An example of a feature key format is XxXx-XXxX-xxXX-xX.

Command Example

Root> config features installKey AaBb-CCdD-eeFF-gH

CLI Commands

2-7

config

config.features.NPIV

Syntax setState NPIVState

Purpose This command sets the enabled state of the NPIV feature. The NPIV

feature key must be installed in order to enable this feature.

Parameters This command has one parameter.

NPIVState Valid values are enable and disable. Boolean 1 and

0 may be substituted as values.

Command Example

Root> config features NPIV enable

NOTE: The command config.NPIV.setState on page 2-23 has functionality that is identical to this command.

config.features.openSysMS

Syntax openSysMS openSysMSState

Purpose This command sets the enabled state of the Open Systems

Management Server (OSMS). OSMS is a feature that allows host control and inband management of the director or switch through a management application that resides on an open-systems interconnection (OSI) device.

Parameters This command has one parameter.

osmsState Specifies whether the Open Systems

Management Server is enabled. Valid values are enable and disable. Boolean 1 and 0 may be substituted as values.

Command Example

config.features.openTrunking

Syntax openTrunking openTrunkingState

2-8

Enterprise Operating System Command Line Interface User Manual

Root> config features openSysMS 1

NOTE: The command config.openSysMS.setState on page 2-24 has functionality that is identical to this command.

Purpose This command sets the enabled state of the OpenTrunking feature.

The OpenTrunking feature key must be installed in order to enable open trunking.

Parameters This command has one parameter.

openTrunkingState This parameter can be set to enable or disable

the OpenTrunking feature. Boolean 1 and 0 may be substituted as values.

config

Command Example

config.features.show

Syntax show

Purpose This command shows the product feature information configured for

Parameters This command has no parameters.

Command Example

Output The product feature data is displayed as a table that includes the

Root> config features openTrunking 1

NOTE: The command perf.openTrunking.setState on page 2-107 has functionality that is identical to this command.

this switch.

Root> config features show

following properties.

Installed Feature Set

The feature set installed using a feature key. Only installed keys are displayed.

Feature Individual features within each set. In many

State The state of the individual feature. Fabric-wide

cases, there is only one feature within each feature set.

features are displayed as Active/Inactive. Features related to the switch are displayed as Enabled/Disabled.

CLI Commands

2-9

config

Output Example The output from the config.features.show command displays as

follows.

Installed Feature Set Feature State

------------------------------ ------------------ ----Flex Ports 8 Flex Ports Enabled SANtegrity Fabric Binding Active SANtegrity Switch Binding Enabled SANtegrity Enterprise Fabrics Active Open Trunking Open Trunking Enabled

NOTE: The command show.features on page 2-150.has functionality that is identical to this command.

config.fencing.addPolicy

Syntax addPolicy name

Purpose This command configures a new fencing policy and assigns it a name.

The new policy is assigned default settings, which must be changed before the policy is activated.

Parameters This command has one parameter.

Command Example

config.fencing.addPort

Syntax addPort name portNumber

Purpose This command adds a port to the specified fencing policy.

See config.fencing.setParams on page 2-12 for default settings.

name Specifies the name of the new fencing

policy. This name can consist of any printable USASCII characters up to a maximum length of 63 characters. This name is case-sensitive.

Root> config fencing addPolicy Policy2

NOTE: The maximum number of policies supported is 14.

2-10

Enterprise Operating System Command Line Interface User Manual

Parameters This command has two parameters.

name The name of the fencing policy.

portNumber The new port number to add to the

fencing policy, or all, which will add all of the individual ports to the fencing policy. Valid values for the port number are:

0–11 for the Sphereon 4300 0–15 for the Sphereon 3016 0–23 for the Sphereon 4500 0–31 for the Sphereon 3032 0–63 for the Intrepid 6064 0–127 and 132–143 for the Intrepid 6140

NOTE: A range of ports is not accepted as a valid input to this command (e.g., “0-29” is not acceptable).

config

The port values can also be substituted with one of the following keywords that will remove all the ports from the alert, and then use a specific type of port instead of individual port numbers.

Valid values are:

• eport - This will add all active E ports

NOTE: A fencing policy is not allowed to contain both port types and individual ports.

Command Example Root> config fencing addPort 24

Root> config fencing addPort eport

config.fencing.deletePolicy

Syntax deletePolicy name

Purpose This command deletes a specified fencing policy. Only disabled

fencing policies can be deleted.

CLI Commands

2-11

config

Parameters This command has one parameter.

name The name of the fencing policy. You can

also enter all for this argument. This will delete all of the configured fencing policies.

Command Example

Root> config fencing deletePolicy Policy1

config.fencing.removePort

Syntax removePort name portNumber

Purpose This command removes a port from the specified fencing policy.

Parameters This command has two parameters.

name The name of the fencing policy.

portNumber The new port number to remove from the

fencing policy, or all, which will remove all of the individual ports from the fencing policy.

0–11 for the Sphereon 4300 0–15 for the Sphereon 3016 0–23 for the Sphereon 4500 0–31 for the Sphereon 3032 0–63 for the Intrepid 6064 0–127 and 132–143 for the Intrepid 6140

Command Example

config.fencing.setParams

Syntax setParams name typeNumber limit period

Purpose This command sets the type, limit and period values for a specified

2-12

Enterprise Operating System Command Line Interface User Manual

Root> config fencing removePort 24

fencing policy.

Parameters This command has four parameters.

name The name of the fencing policy.

typeNumber This must be entered as a number that

corresponds to an entry in the table shown below.

limit The count of fencing violations that must

occur within the specified period in order for a port to be automatically disabled. Acceptable values are in the range of 1-255.

You may also enter default for this argument, which will set the default limit value for this fencing policy type.

period The number of seconds in which the

violation count must equal or exceed the threshold limit in order for a port to be fenced.

config

You may also enter default for this argument, which will set the default period for this fencing policy type.

NOTE: The interval value is a fixed length amount of time. This interval is not a rolling window interval.

Type Number

Policy Type

Default Limit Value

Default Period Value

1 Protocol Errors 5 300 seconds

Type Number Policy Type Limit Value Range Period Value Range

1 Protocol Errors 1 - 255 60 - 1800 seconds

CLI Commands

2-13

config

Command Example The meaning for each of these inputs can best be described using the

following example sentence: If ports 0,1, or 2 have more than 5 protocol errors on a single port

within a period of 30 minutes, disable the offending port. Where:

Port list = 0, 1, 2

Fencing Type = Protocol Errors

Limit = 5

Period = 1800 seconds

config.fencing.setState

Syntax setState name enabledState

Purpose This command sets the enabled state of the specified fencing policy. A

Parameters This command has two parameters.

Command Example

config.fencing.show

Syntax show [name]

Purpose This command displays the settings for fencing policies.

policy cannot be activated if it contains ports that are already controlled by a different fencing policy of the same type.

name The name of the fencing policy.

enabledState Sets the fencing policy enabled state.

Valid values are enable and disable. Boolean 1 and 0 values may also be substituted.

Root> config fencing setState enable

2-14

Enterprise Operating System Command Line Interface User Manual

Parameters This command has one optional parameter.

name The name of the fencing policy.

When no parameters are specified, the command will display the name, type, and state of all policies. If you use the optional parameter, it will display all the information about the policy.

NOTE: When the name parameter isn't supplied, then only 50 characters of the names of the policies will be displayed. You will have to enable Comma Delimited Mode to view the full name.

Command Example Root> config fencing show

Root> config fencing show Policy_1

Output If you do not specify the name parameter, then the output shows the

following information.

config

Name The name of the policy. This will be

concatenated to 50 characters in the summary display. The policy full name will be shown in comma delim mode.

Ports The ports to which the fencing policy will

be applied

Type The type of the fencing policy.

Limit The number of offenses that are allowed

before a port is disabled.

Period The amount of time that limit of number

of offenses must exceed before a port is fenced.

State The enabled state of the fencing policy.

Output Example The output from the config.fencing.show command displays as

follows:

Name Type State

------------------------------ ------------------ -----

Default Protocol Error Policy Protocol Error Disabled Policy_1 Protocol Error Disabled

CLI Commands

2-15

config

The output from the config.fencing.show Policy_1 command displays as follows:

Name: Policy_1 Ports: E ports Type: Protocol Error Limit: 5 Period: 300 seconds State: Disabled

config.fencing.showTypeTable

Syntax showTypeTable

Purpose This command displays the table of different fencing types that can

be assigned to a policy. This table is used for reference only.

Parameters This command has no parameters.

Command Example

Root> config fencing showTypeTable

Output Example The output from the config.fencing.showTypeTable command

displays as follows:

Number Fencing Policy Types

--------------------------------1 Protocol Errors

config.ficonCUPZoning.addControlHost

Syntax addControlHost hostNodeWwn

Purpose This command adds a control host to the Control Host List used to

determine the FICON host(s) capable of viewing all ports. This list overrides the FCZ port visibility mask. The maximum entries in this list is 8.

Parameters This command has one parameter:

hostNodeWwn The node WWN of the desired control

host, entered in colon-delimited notation (e.g., 01:02:03:04:05:06:07:08)

2-16

Enterprise Operating System Command Line Interface User Manual

Command Example Root> config ficonCUPZoning addControlHost 01:02:03:04:

05:06:07:08

config.ficonCUPZoning.deleteControlHost

Syntax deleteControlHost hostNodeWwn

Purpose This command removes one or all control hosts from the Control

Host List used to determine the FICON host(s) capable of viewing all ports. This list overrides the FCZ port visibility mask.

Parameters This command has one parameter:

hostNodeWwn The node WWN of the desired control

host, entered in colon-delimited notation (e.g., 01:02:03:04:05:06:07:08). You can also enter all to remove the entire list, if no attached hosts have supervisory privileges.

config

Command Example

Root> config ficonCUPZoning deleteControlHost all

config.ficonCUPZoning.setState

Syntax setState ficonCUPZoningState

Purpose This command sets the enabled state of FICON CUP Zoning. The

FICON Management Server feature key must be installed in order to enable the FICON CUP Zoning State. (The Sphereon 4300 and Sphereon 4500 switches do not accept this command.)

NOTE: If the FICON Management Server is enabled, the default management style is the FICON Management Style. The Open Systems Management Style cannot be used.

Parameters This command has one parameter.

ficonCUPZoningState Specifies whether the FICON Management

Server is enabled. Valid values are enable and disable. Boolean 1 and 0 may be substituted as values.

CLI Commands

2-17

config

Command Example Root> config ficonCUPZoning setState 1

config.ficonCUPZoning.show

Syntax show

Purpose This command displays the contents of the host control list and the

enabled state of FICON CUP Zoning.

Parameters This command has no parameters.

Command Example

Root> config ficonCUPZoning show

Output The data is displayed as a table that includes the following

information:

FICON CUP Zoning State

The enabled state of the FICON CUP Zoning feature

Host Control List List of 0-8 control hosts, displays

“empty” for control host list with no members.

Output Example The output from the config ficonCUPZoning show command

displays as follows:

FICON CUP Zoning State: Enabled

Host Control List

----------------------01:02:03:04:05:06:07:08 09:0A:0B:0C:0D:0E:0F:00

NOTE: The command show.ficonCUPZoning on page 2-152 has functionality that is identical to this command.

config.ficonMS.setMIHPTO

Synopsis setMIHPTO timeout

Purpose This command sets the Ficon MS MIHPTO value in seconds. The

2-18

Enterprise Operating System Command Line Interface User Manual

default value is 180 seconds (3 minutes).

Parameters This command has one parameter.

timeout Valid values are 15, 30, 45,

60, 120, 180, 240, 300, 360, 420, 480, 540, and 600.

config

Command Example

config.ficonMS.setState

Syntax setState ficonMSState

Purpose This command sets the enabled state of the FICON Management

Parameters This command has one parameter.

Root> config ficonms setMIHPTO 180

Server. The FICON Management Server feature key must be installed in order to enable the FICON Management Server State. (The Sphereon 4300 and Sphereon 4500 switches do not accept this command.)

NOTE: This command is displayed on a Sphereon 3016 only if the feature key is installed.

NOTE: If the FICON Management Server is enabled, the default management style is the FICON Management Style. The Open Systems Management Style cannot be used.

ficonMSState Specifies whether the FICON Management

Command Example

Root> config ficonMS setState 1

NOTE: The command config.features.ficonMS on page 2-6 has functionality that is identical to this command.

Server is enabled. Valid values are enable and disable. Boolean 1 and 0 may be substituted as values.

CLI Commands

2-19

config

config.ficonMS.show

Syntax show

Purpose This command shows the Ficon MS settings

Parameters This command has no parameters.

Command Example

Output The data is displayed as a table that includes the following

Output Example The output from the config ficonMS show command displays as

config.ip.ethernet

Syntax ethernet ipAddress gatewayAddress subnetMask

Purpose This command sets the Ethernet network settings.

Root> config ficonMS show

information:

Ficon MS State The state of the FICON MS feature.

Ficon MIHPTO The FICON MIHPTO value in seconds.

follows:

Ficon MS State: Disabled Ficon MIHPTO (seconds): 180

ATTENTION! The Telnet connection can be lost when these Ethernet network settings are changed.

2-20

Enterprise Operating System Command Line Interface User Manual

NOTE: If the IP address is reconfigured, your Telnet client must be reconnected to the new IP address. A new login will be requested.

Parameters This command has three parameters.

ipAddress Specifies the new IP address for the director or

switch. The address must be entered in dotted decimal format (for example, 10.0.0.0).

gatewayAddress Specifies the new gateway address for the

Ethernet interface. The address must be entered in dotted decimal format (for example, 0.0.0.0).

subnetMask Specifies the new subnet mask for the Ethernet

interface. The address must be entered in dotted decimal format (for example, 255.0.0.0).

config

Command Example

config.ip.lineSpeed

Synopsis lineSpeed speed duplex

Purpose This command sets the Ethernet line speed

Parameters This command has two parameters. One of the parameters is optional

Command Example

Root> config ip ethernet 10.0.0.0 0.0.0.0 255.0.0.0

depending on the combination.

speed The line speed. Options are auto, 10, or

100. If auto is entered then the optional duplex should not be entered.

duplex The duplex mode for the connection.

Options are full or half.

Root> config ip lineSpeed 10 half

config.ip.show

Syntax show

Purpose This command shows the LAN configuration.

Parameters This command has no parameters.

Command Example

Root> config ip show

CLI Commands

2-21

config

Output The LAN configuration data is displayed as a table that includes the

following properties.

IP Address The IP address.

Output Example The output from the config.ip.show command displays as follows.

config.NPIV.maxPortIDs

Syntax maxPortIDs portNumber maxIDs

Purpose This command configures the maximum number of NPIV logins that

Parameters This command has two parameters.

Gateway

The gateway address.

Address

Subnet Mask The subnet mask.

IP Address: 10.0.0.0 Gateway Address: 0.0.0.0 Subnet Mask: 255.0.0.0

are allowed on the specified port.

portNumber Specifies the port number. Valid values

are: 0–11 for the Sphereon 4300 0–15 for the Sphereon 3016 0–23 for the Sphereon 4500 0–31 for the Sphereon 3032 0–63 for the Intrepid 6064 0–127 and 132–143 for the Intrepid 6140 all - applies the maxIDs parameter value

to every port on the product

Command Example Root> config NPIV maxPortIDs 128

2-22

Enterprise Operating System Command Line Interface User Manual

maxIDs Specifies the maximum number of NPIV

logins allowed on the specified port.Valid values are in the range 1-256.

Root> config NPIV portNumber 60

config.NPIV.setState

Syntax setState NPIVEnabledState

Purpose This command sets enabled state of the NPIV feature. The NPIV

Parameters This command has one parameter.

config

feature key must be installed in order to enable this feature.

NPIVEnabledState This parameter can be set to enable or disable.

Boolean 1 and 0 values may also be substituted.

Command Example

config.NPIV.show

Syntax show

Purpose This command displays the current NPIV configuration for all ports.

Parameters This command has no parameters.

Command Example

Output This command displays the following NPIV configuration data:

Root> config NPIV setState enable

Root> config NPIV show

NPIV state The current enabled/disabled state of the NPIV

feature.

Max Allowed NPIV Login Table. A table mapping each port

number on the switch to a corresponding max number of NPIV logins setting.

Output Example The output from the config.NPIV.show command displays as follows:

NPIV state: Enabled Port Max Allowed NPIV Logins

---------------------------

110 210 310 40 50

CLI Commands

2-23

config

6 130 ...

NOTE: The command show.NPIV.config on page 2-159 has functionality that is the same as this command.

config.openSysMS.setHostCtrlState

Syntax setHostCtrlState HostContrlState

Purpose This command sets the enabled state of the Open Systems

Management Server Host Control.

Parameters This command has one parameter:

HostContrlState This parameter can be set to enable or

disable. Boolean 1 and 0 values may also be substituted.

Command Example

Root> config openSysMS setHostCtrlState enable

config.openSysMS.setState

Syntax setState osmsState

Purpose This command sets the enabled state of the Open Systems

Parameters This command has one parameter.

osmsState Specifies whether the Open Systems

Command Example

Root> config openSysMS setState 1

Management Server is enabled. Valid values are enable and disable. Boolean 1 and 0 may be substituted as values.

2-24

Enterprise Operating System Command Line Interface User Manual

config.port.blocked

Syntax blocked portNumber blockedState

Purpose This command sets the blocked state for a port.

Parameters This command has two required parameters.

config

NOTE: The command config.features.openSysMS on page 2-8 has functionality that is identical to this command.

portNumber Specifies the port number. Valid values are:

0–11 for the Sphereon 4300 0–15 for the Sphereon 3016 0–23 for the Sphereon 4500 0–31 for the Sphereon 3032 0–63 for the Intrepid 6064 0–127 and 132–143 for the Intrepid 6140

Command Examples

config.port.fan

Syntax fan portNumber fanOn

Purpose This command sets the fabric address notification (FAN) state for a

blockedState Specifies the blocked state for the port. Valid

values are true and false. Boolean 1 and 0 may be substituted as values.

Root> config port blocked 4 false

Root> config port blocked 4 0

port (Sphereon 4300 and Sphereon 4500 switches only). This configuration can be applied to any port regardless of its current configuration. The FAN value is applied at the time the port is configured and operated in a loop.

CLI Commands

2-25

config

Parameters This command has two required parameters.

portNumber Specifies the port number. Valid values are:

0–23 for the Sphereon 4500

fanOn Specifies the FAN state for the port. Valid values

are true and false. Boolean 1 and 0 may be substituted as values.

Command Example

config.port.name

Syntax name portNumber portName

Purpose This command sets the name for a port.

Parameters This command has two required parameters.

Root> config port fan 4 1

portNumber Specifies the port number. Valid values are:

0–11 for the Sphereon 4300 0–15 for the Sphereon 3016 0–23 for the Sphereon 4500 0–31 for the Sphereon 3032 0–63 for the Intrepid 6064 0–127 and 132–143 for the Intrepid 6140

portName Specifies the name for the port. The port name

must not exceed 24 characters in length.

Command Example

config.port.rxCredits

Syntax rxCredits portNumber numRxCredits

Purpose This command is used to set the number of initial BB Credits for a

2-26

Enterprise Operating System Command Line Interface User Manual

Root> config port name 4 Sam’s tape drive

given port. The number of credits assigned must fall between the minimum and maximum allowed values for the port.

Parameters This command has two required parameters:

portNumber Specifies the port number. Valid values

are: 0–11 for the Sphereon 4300 0–15 for the Sphereon 3016 0–23 for the Sphereon 4500 0–31 for the Sphereon 3032 0–63 for the Intrepid 6064 0–127 and 132–143 for the Intrepid 6140

numBBCredits Specifies the number of Rx BB Credits to

assign the specified port. For the Sphereon 4300 and Sphereon 4500

the RxCredits per port must be between 2 and 12. The total number of Rx Credits assigned across all ports must not exceed the maximum pool size of 150.

For the Intrepid family, the RxCredits per FPM/UPM port must be between 1 and

60. The RxCredits per XPM port must be between 4 and 400. There is no pool limitation.

config

Command Example

config.port.show

Syntax show portNumber

Purpose This command displays the current configuration for the specified

Parameters This command has one parameter.

Root> config port rxCredits 8 40

port.

portNumber Specifies the port number. Valid values are:

0–11 for the Sphereon 4300 0–15 for the Sphereon 3016 0–23 for the Sphereon 4500 0–31 for the Sphereon 3032 0–63 for the Intrepid 6064 0–127 and 132–143 for the Intrepid 6140

CLI Commands

2-27

config

Command Example Root> config port show 4

Output This command displays as a table that includes the following

properties.

Port Number The port number.

Name The configured port name.

Blocked The blocked state. Valid values are true and false.

FAN The fabric address notification (FAN) state. Valid

values are true and false. (Sphereon 4300 and Sphereon 4500 switches only.)

Type The port type. Valid values are:

•F Port

•E Port

•G Port

• Fx Port (Sphereon 4300 and Sphereon 4500 only)

• Gx Port (Sphereon 4300 and Sphereon 4500 only)

Output Example The output from the config.port.show command displays as follows.

Port Number: 4 Name: Sam’s tape drive Blocked: false Type: F Port Speed: 2 Gb/sec Rx BB Credits: 12

config.port.showPortAddr

Syntax showPortAddr

Purpose This command displays the port address configuration for all ports.

NOTE: The command show.port.showPortAddr on page 2-173 has functionality that is the same as this command.

Speed The port speed. Valid values are 1 Gb/sec, 2 Gb/sec,

and Negotiate.

Rx BB Credits The number of configured Rx BB Credits.

2-28

Enterprise Operating System Command Line Interface User Manual

Parameters This command has no parameters.

config

Command Example

Output The port configuration is shown as a table of properties. The

Output Example

Root> config port showPortAddr

following properties are displayed:

Port The port number

Original Addr The original port address of the port

Current Addr The current port address of the port

Swapped Port Num If the port is swapped with another port,

it will show the port number of the port it is swapped with.

Port Original Addr Current Addr SwappedPort Num

---- ------------- ------------ ----------------

04 4 15 5 26 7 3 37 6 2 48 8 59 9 6a a 7b b 8c c ...

config.port.speed

Syntax speed portNumber portSpeed

Purpose This command sets the speed for a port. A port can be configured to

operate at 1 Gb/sec, 2 Gb/sec, or a negotiated speed. The port speed can be set only to 1 Gb/sec if the switch speed is 1 Gb/sec. An attempt to set the port speed to 2 Gb/sec or to negotiate in a switch with a 1 Gb/sec switch speed results in an error message.

If the port speed is set to negotiate, the port and the device to which it is attached negotiate the data speed setting to either 1 Gb/sec or 2 Gb/sec.

CLI Commands

2-29

config

ATTENTION! Port speed changes temporarily disrupt port data transfers.

Parameters This command has two required parameters.

portNumber Specifies the port number. Valid values are:

0–11 for the Sphereon 4300 0–15 for the Sphereon 3016 0–23 for the Sphereon 4500 0–31 for the Sphereon 3032 0–63 for the Intrepid 6064 0–127 and 132–143 for the Intrepid 6140

portSpeed Specifies the speed of the port. Valid values are

1g, 2g, and negotiate.

Command Examples

Root> config port speed 4 2g

Root> config port speed 6 negotiate

config.port.swapPortByAddr

Syntax swapPortByAddr portAddr1 portAddr2

Purpose This command will swap two ports given the port addresses. The

ports must be offline to perform this operation.

Parameters This command has two required parameters:

portAddr1 Port address, in hexidecimal format, of

portAddr2 Port address, in hexidecimal format, of

Command Example

Root> config port swapPortByAddr 1e 1f

the desired port to be swapped

config.port.swapPortByNum

Syntax swapPortByNum portNum1 portNum2

2-30

Enterprise Operating System Command Line Interface User Manual

Purpose This command will swap two ports given the port numbers. The

ports must be offline to perform this operation.

Parameters This command has two required parameters:

portNum1 Port number, in hexidecimal format, of

the desired port to be swapped

portNum2 Port number, in hexidecimal format, of

the desired port to be swapped

config

Command Example

config.port.type

Syntax type portNumber portType

Purpose This command sets the allowed type for a port.

Root> config port swapPortByAddr 1e 1f

A port can be configured as an F_Port, an E_Port, or a G_Port. On a Sphereon 4300 or Sphereon 4500, a port can also be an Fx_port or Gx_port.

NOTE: On the Sphereon 4300 Switch, the E_Port, G_Port, and GX_Port options are not valid, unless the Fabric Capable feature is enabled. For more information, see the McDATA Sphereon 4300 Switch Installation and Service Manual (620-000171).

The port configurations function as follows:

• F_Port—cannot be used as an interswitch link, but may attach to a device with an N_Port.

• E_Port—only other switches may attach to this type of port.

• G_Port—either a device or another switch may attach to this type

• Fx_Port — allows Arbitrated Loop operation in addition to the

• Gx_Port—allows Arbitrated Loop operation in addition to the

of port.

functionality of an F_Port. (Sphereon 4300 and Sphereon 4500 only.)

functionality of an F_Port or an E_Port. (Sphereon 4300 and Sphereon 4500 only.)

CLI Commands

2-31

config

Parameters This command has two required parameters.

portNumber Specifies the port number. Valid values are:

0–11 for the Sphereon 4300 0–15 for the Sphereon 3016 0–23 for the Sphereon 4500 0–31 for the Sphereon 3032 0–63 for the Intrepid 6064 0–127 and 132–143 for the Intrepid 6140

portType Specifies the type of the port. Valid values for the

port type are:

eport fport

gport fxport (Sphereon 4300 and Sphereon 4500 only) gxport (Sphereon 4300 and Sphereon 4500 only)

Command Example Root> config port type 4 fport

config.security

The security command on the configuration branch enters the security configuration branch. All commands under this branch operate on a particular security attribute.

Some security configuration commands (namely those under the fabricBinding branch) are different from other CLI commands in that they are not single action commands that take effect immediately. These commands implement a rudimentary membership list editor. A user works on a temporary copy of a membership list in the editor and can perform actions such as adding or deleting fabric members. The edited copy can then be activated to the fabric. It should be noted that not all verification of membership lists can be made in the pending copy. Therefore, it is possible that a user will build up a pending membership list definition without errors, but will encounter errors when saving to the fabric. It should also be noted that the state of the pending configuration must be set to 'restrict' in order to make any changes to the (pending) fabric membership list.

2-32

Enterprise Operating System Command Line Interface User Manual

config.security.authentication.interface api.outgoing

Syntax outgoing enabledState

Purpose This command determines if outgoing CHAP authentication is used

on all API sessions. If this is enabled, the switch will issue a CHAP challenge to authenticate all new API connections.

Parameters This command has one parameter:

enabledState This parameter enables and disables

outgoing CHAP authentication for API sessions. Valid values for this parameter are enable or disable. Boolean 1 and 0 values may also be substituted.

config

Command Example

Root> config security authentication interface api outgoing enable

config.security.authentication.interface.api.sequence

Syntax sequence method1 [method2]

Purpose This command sets the sequence that the API interface will use to

authenticate. When the preferred method cannot be contacted, the backup method will be used to authenticate the API session.

Parameters This command has one required parameter, and one optional

parameter:

method1 This sets the preferred method of

authentication. Accepted values are local or RADIUS.

method2 This optional parameter sets the backup

method of authentication. This backup method is used when the preferred method cannot be contacted. Accepted value is local.

CLI Commands

2-33

config

NOTE: A preferred method of local and a backup method of RADIUS is not an accepted combination because the local method can always be contacted.

Command Example Root> config security authentication interface api

sequence RADIUS local

config.security.authentication.interface.cli.sequence

Syntax sequence method1 [method2]

Purpose This command sets the sequence that the CLI interface will use to

authenticate. When the preferred method cannot be contacted, the backup method will be used to authenticate the CLI login.

Parameters This command has one required parameter, and one optional

parameter:

method1 This sets the preferred method of

authentication for the CLI interface. Accepted values are local or RADIUS.

method2 This optional parameter sets the backup

method of authentication for the CLI interface. This backup method is used when the preferred method cannot be contacted. Accepted value is local.

NOTE: A preferred method of local and a backup method of RADIUS is not an accepted combination because the local method can always be contacted.

Command Example Root> config security authentication interface cli

sequence RADIUS local

config.security.authentication.interface.eport.outgoing

Syntax outgoing enabledState

Purpose This command determines if outgoing CHAP authentication is used

on E port connections. If this is enabled, the switch will issue a CHAP challenge to authenticate the remote end of the ISL.

2-34

Enterprise Operating System Command Line Interface User Manual

NOTE: This command requires that the SANtegrity Authentication feature key be installed.

Parameters This command has one parameter:

enabledState This parameter enables and disables

outgoing CHAP authentication on all ISLs. Accepted values for this parameter are enable or disable. Boolean 1 and 0 values may also be substituted.

config

Command Example

Root> config security authentication interface eport outgoing disable

config.security.authentication.interface.eport.sequence

Syntax sequence method1 [method2]

Purpose This command sets the sequence that the E port interface will use to

authenticate. When the preferred method cannot be contacted, the backup method will be used to authenticate the remote end of the ISL.

NOTE: This command requires that the SANtegrity Authentication feature key be installed.

Parameters This command has one required parameter, and one optional

parameter:

method1 This sets the preferred method of

authentication. Accepted values are local or RADIUS.

method2 This optional parameter sets the backup

method of authentication. This backup method is used when the preferred method cannot be contacted. Accepted value is local.

CLI Commands

2-35

config

NOTE: A preferred method of local and a backup method of RADIUS is not an accepted combination because the local method can always be contacted.

Command Example Root> config security authentication interface eport

sequence RADIUS local

config.security.authentication.interface.nport.outgoing

Syntax outgoing enabledState

Purpose This command determines if outgoing CHAP authentication is used

on N port connections. If this is enabled, the switch will issue a CHAP challenge to authenticate the remote device.

NOTE: This command requires that the SANtegrity Authentication feature key be installed.

Parameters This command has one parameter:

enabledState This parameter enables and disables

outgoing CHAP authentication on all ISLs. Accepted values for this parameter are enable or disable. Boolean 1 and 0 values may also be substituted.

Command Example

Root> config security authentication interface eport outgoing disable

config.security.authentication.interface.nport.sequence

Syntax sequence method1 [method2]

Purpose This command sets the sequence that the N_port interface will use to

authenticate. When the preferred method cannot be contacted, the backup method will be used to authenticate the remote end of the ISL.

NOTE: This command requires that the SANtegrity Authentication feature key be installed.

2-36

Enterprise Operating System Command Line Interface User Manual

Parameters This command has one required parameter, and one optional

parameter:

method1 This sets the preferred method of

authentication. Accepted values are local or RADIUS.

method2 This optional parameter sets the backup

method of authentication. This backup method is used when the preferred method cannot be contacted. Accepted value is local.

NOTE: A preferred method of local and a backup method of RADIUS is not an accepted combination because the local method can always be contacted.

Command Example Root> config security authentication interface nport

sequence RADIUS local

config

config.security.authentication.interface.osms.outgoing

Syntax outgoing enabledState

Purpose This command determines if outgoing authentication is used on all

OSMS requests. The OSMS key must be configured prior to setting the outgoing state to enabled.

NOTE: The SANtegrity Authentication feature key must be installed to configure the OSMS outgoing state.

Parameters This command has one parameter:

enabledState This parameter enables and disables

FCCT authentication. Accepted values for this parameter are enable or disable. Boolean 1 and 0 values may also be substituted.

Command Example

Root> config security authentication interface osms outgoing 1

CLI Commands

2-37

config

config.security.authentication.interface.osms.setKey

Syntax setKey

Purpose This command sets the FCCT key that is associated to the single

OSMS username. This username is a static entry in the local authentication database. This user is not viewable. This command effectively sets the key that will be used in all OSMS authenticated requests. This entry in the user database is only used for the OSMS interface, and cannot be changed.

After issuing this command, you are directed to a password prompt where the actual 16-byte key is entered. After entering the new secret, it must be confirmed in the following prompt. After confirmation, you will be returned to the initial prompt that the command was executed from. No characters will be echoed back to the screen when entering a password, or when confirming a password.

NOTE: The SANtegrity Authentication feature key must be installed to configure the FCCT key.

Parameters This command has no required parameters.

Command Example

Root> config security authentication interface osms setKey

config.security.authentication.interface.serial.enhancedAuth

Syntax enhancedAuth enhancedAuthState

Purpose This command sets the enhanced serial authentication state.

Enhanced Serial Authentication will require a user to enter a password when gaining access to the serial port interface.

Parameters This command has one parameter:

enhancedAuthState This parameter enables and disables

enhanced authentication on the serial port interface. Accepted values for this parameter are enable or disable. Boolean 1 and 0 values may also be substituted.

2-38

Enterprise Operating System Command Line Interface User Manual

Command Example Root> config security authentication serial enhancedAuth

enable

config.security.authentication.interface.show

Syntax show interface

Purpose This command displays the settings in the local authentication

database for a single interface.

NOTE: The SANtegrity Authentication feature key must be installed to view the eport and nport information, and the OSMS information.

Parameters This command has one parameter.

interface The interface that will be displayed. Valid

values for this parameter are:

cli web osms api serial eport nport.

config

Command Example

Root> config security authentication interface show Web

Output Example The output for the config.security.authentication.interface.show

command displays as follows:

Interface: Web Outgoing: N/A Incoming: N/A Sequence: Local, RADIUS

config.security.authentication.interface.web.sequence

Syntax sequence method1 [method2]

Purpose This command sets the sequence that the Web interface will use to

authenticate. When the preferred method cannot be contacted, the backup method will be used to authenticate the Web login.

CLI Commands

2-39

config

Parameters This command has one required parameter, and one optional

parameter:

method1 This sets the preferred method of

authentication for the CLI interface. Accepted values are local or RADIUS.

method2 This optional parameter sets the backup

method of authentication for the CLI interface. This backup method is used when the preferred method cannot be contacted. Accepted value is local.

NOTE: A preferred method of local and a backup method of RADIUS is not an accepted combination because the local method can always be contacted.

Command Example Root> config security authentication interface cli

sequence RADIUS local

config.security.authentication.port.override

Syntax override portNumber [overrideState]

Purpose This command sets the outgoing override state for a single port. This

setting allows you to override the default outgoing authentication state for either the E_port or N_port interface. The default setting will cause the port to use the outgoing state configure for the corresponding interface (either E_port or N_port).

NOTE: This command requires that the SANtegrity Authentication feature key be installed.

2-40

Enterprise Operating System Command Line Interface User Manual

Parameters This command has one required parameter, and one optional

parameter:

portNumber Specifies the port number. Valid values

are: 0–11 for the Sphereon 4300 0–15 for the Sphereon 3016 and 3216 0–23 for the Sphereon 4500 0–31 for the Sphereon 3032 and 3232 0–63 for the Intrepid 6064 0–127 and 132–143 for the Intrepid 6140

overrideState This parameter sets the outgoing

authentication state for the specified port. Valid values are enable, disable, or default. Boolean 1 and 0 values may also be substituted.

config

Command Example

Root> config security authentication port override 138 enable

config.security.authentication.port.show

Syntax show

Purpose This command displays a table displaying the outgoing override

state for each port.

Parameters This command has no parameters.

Command Example

Output This command displays all valid user names in the local database for

Root> config security authentication port show

the specified interface.

Port The port number.

Override State The outgoing authentication override

state.

Output Example The output for the config.security.authentication.port.show

command displays as follows:

CLI Commands

2-41

config

Port Override State

---- -------------0 Default 1 Default 2 Enable 3 Default 4 Disable

config.security.authentication.RADIUS.attempts

syntax attempts index attempts

Purpose This command configures the number of attempts a packet will be

sent to a RADIUS server if a response is not received before the timeout. After the transmit attempt limit is reached, the switch will, if applicable, move on to the next defined RADIUS server. The default is 3 attempts.

Parameters This command has two required parameters:

index Index of the RADIUS sever (1-3) to

change the transmit attempts value.

attempts The number of transmit attempts. Valid

values are between 1 and 100.

Command Example

Root> config security authentication RADIUS attempts 3 20

config.security.authentication.RADIUS.deadtime

Syntax deadtime minutes

Purpose This command configures the number of minutes a RADIUS server is

marked as “dead”. If a RADIUS server does not respond to an authentication request, it can be marked as “dead” for a specified time interval. This may speed up authentication by eliminating timeouts and retransmissions. If no alternate RADIUS servers are available (when only one server is configured or when all are marked dead), then the deadtime is ignored. Deadtime may be 0 to 1440 minutes. The default is 0.

2-42

Enterprise Operating System Command Line Interface User Manual

Parameters This command has one required parameter:

minutes The number of minutes a RADIUS server

is marked “dead” before it is contacted again. Valid values are between 0 and

1440.

config

Command Example

Root> config security authentication RADIUS deadtime 120

config.security.authentication.RADIUS.deleteServer

Syntax deleteServer index

Purpose This command removes a RADIUS server from the RADIUS server

list. If you delete a server, and there are servers configured in higher numbered slots, these servers will be automatically moved up to the first available slots.

Parameters This command has one required parameter.

index Index of the server to be removed.

Command Example

Root> config security authentication RADIUS deleteServer 3

config.security.authentication.RADIUS.server

Syntax server index [IP:port]

Purpose This command adds or modifies one RADIUS server, at a given

index, that will be used for authentication. Servers are queried in the order listed, so the primary server must be the first one in the list.

There are three slots available for RADIUS servers. Servers will be added into the list by the index value. The range is 1 to 3. If a server is added and there is an empty slot before that server, it will be shifted up to the empty slot. The IP:port is the IP address and the UDP port on the RADIUS server.

NOTE: If you want to configure a RADIUS server without a key, you must specify the key as "". The set of double quotes is an empty string in the CLI.

CLI Commands

2-43

config

Parameters This command has one required parameter, and two optional

parameters:

index Index of the RADIUS server (1-3) to

add/modify.

IP IP address of the server.

port The UDP port number.

Command Example

Root> config security authentication RADIUS server 3

14.2.114.183:6

config.security.authentication.RADIUS.show

Syntax show

Purpose This command displays the current RADIUS server configuration.

Parameters This command has no parameters.

Command Example

Output This command displays all three configured RADIUS servers.

Root> config security authentication RADIUS show

Deadtime The amount of time a server is marked as

“dead”.

Server The IP address and UDP port of the

configured RADIUS server.

Attempts The number of transmit attempts.

Timeout The timeout value for a server in seconds.

Output Example The output for the config.security.authentication.RADIUS.show

2-44

Enterprise Operating System Command Line Interface User Manual

command displays as follows:

Deadtime: 0

Index IP Address Port Attempts Timeout

----- ------------- ---- ---------- ------1 1.1.1.1 1111 3 2 2 2.2.2.2 2222 3 2 3

config.security.authentication.RADIUS.timeout

Syntax timeout index seconds

Purpose This command configures the number of seconds to wait for a

response from the RADIUS server before retransmitting a packet. The default is 2 seconds.

Parameters This command has two required parameters:

index Index of the RADIUS sever (1-3) to

change the timeout value.

seconds The number of seconds before the

RADIUS server retransmits. Valid values are between 1 and 1000.

config

Command Example

Root> config security authentication RADIUS timeout 3 360

config.security.authentication.switch.setSecret

Syntax SetSecret

Purpose This command sets the CHAP secret that is associated with the

switch. This command effectively sets the secret for the local WWN username in the local authentication user database. The switch secret is used for all incoming CHAP challenges on the E port and N port interfaces.

After issuing this command, you are directed to a “password” prompt where the actual 16-byte secret is entered. After entering the new secret, it must be confirmed in the following prompt. After confirmation, you are returned to the initial prompt that the command was executed from. No characters will be echoed back to the screen when entering a password, or when confirming a password. See Passwords and Secrets on page 1-14 for valid characters.

NOTE: The SANtegrity Authentication feature key must be installed to configure switch secret.

Parameters This command has no required parameters.

CLI Commands

2-45

config

Command Example Root> config security authentication switch setSecret

config.security.authentication.user

One of the fundamental concepts of the authentication portion of the Command Line Interface is that all secured interfaces have interchangeable users that are stored in a single local authentication user database. In the past, CLI has supported authorization for only two username/password pairs (one Administrator-level and another Operator-level). These two username/password pairs were also unique to CLI interface. With this release, a CLI user can now configure multiple users for his own interface, as well as for other management entities and FC connections. For this reason, the security.userrights branch of commands has been removed from the command tree.

config.security.authentication.user.add

Syntax add username interface1 [interface2]

Purpose This command adds a new user to the local authentication database.

Each user can be assigned a combination of interfaces that will authenticate the new username/password combination. After executing this command, the user will be moved to a new password prompt where the user will enter a password; the password must then be confirmed in next prompt. After confirming the new password, the user will be returned to the initial prompt. No characters will be echoed back to the screen when entering a password, or when confirming a password.

All new users will be assigned a role of “none”; a subsequent “role” command must be executed to assign a role. Web and CLI users must be assigned a role before they can access the CLI or Web interfaces.

NOTE: The SANtegrity Authentication feature key must be installed to configure E port and N port usernames.

Parameters This command has two required parameters, and an additional

password parameter at the prompt after the command.

2-46

Enterprise Operating System Command Line Interface User Manual

username The new user name that will be added to

the local authentication database. If the entered user name already exists in the user database, an error will be shown. This parameter can be from 1-23 characters in length for an API, Web or CLI username. E Port and N Port usernames must be entered as a standard colon delimited WWN. All characters in the printable USASCII character set are valid with the exception of spaces, single quotes, and double quotes.

interfaces This is a list of interfaces that will be

assigned to the associated username. Accepted values for this parameter are:

cli web api eport nport

config

password Sets the password for the new login

NOTE: Currently the only possible combination of multiple interfaces

is (Web and CLI).

Command Example

Root> config security authentication user add 01:2A:3f:4:5:0:0 eport

config.security.authentication.user.delete

Syntax delete username

username. This parameter can be from 1-24 characters in length for a Web or CLI password. CHAP secrets and FCCT keys must be exactly 16 bytes long for API, OSMS, E Port, and N Port interfaces. This parameter will not be echoed to the screen. See Passwords and Secrets on page 1-14 for valid characters.

CLI Commands

2-47

config

Purpose This command deletes an entry from the local authentication

database. Both the Web and CLI interfaces must have at least one valid username with an “Administrator” role.

Parameters This command has one parameter:

username A valid username in the local

authentication database.

Command Example

Root> config security authentication user delete 01:2A:3f:4:5:0:0

config.security.authentication.user.modify

Syntax modify username interface1 [interface2]

Purpose This command modifies an existing user in the local authentication

database. The user password and the combination of interfaces can be modified with this command. After executing this command, you are prompted to enter a password, similar to behavior of the user.add command.

The role of a user will remain the same unless the currently assigned role is invalid for the new combination of interfaces. If the role is no longer valid for an interface combination, the role will be changed back to “none”. At least one username with an “Administrator” role must exist in the user database at all times for both the Web and CLI interfaces.

NOTE: The SANtegrity Authentication feature key must be installed to configure E port and N port usernames.

2-48

Enterprise Operating System Command Line Interface User Manual

Parameters This command has two required parameters, and an additional

password parameter at the prompt after the command:

username The existing user name whose fields will

be modified in the local authentication database. If the entered user name does not exist in the user database, an error will be shown. This parameter can be from 1-23 characters in length for an API, Web or CLI username. E Port and N Port usernames must be entered as a standard colon delimited WWN. All characters in the printable USASCII character set are valid with the exception of spaces, single quotes, and double quotes.

interfaces This is a list of interfaces that will be

assigned to the associated username. Accepted values for this parameter are:

cli web api eport nport.

config

password Sets the password for the existing

username. This parameter can be from 1-24 characters in length for a Web or CLI username. CHAP secrets must be exactly 16 bytes long for API, OSMS, E Port, and N Port interfaces. This parameter will not be echoed to the screen. See Passwords and

Secrets on page 1-14 for valid characters.

NOTE: Currently the only possible combination of multiple interfaces is (Web and CLI) or (E port or N port).

Command Example Root> config security authentication user modify

01:2A:3f:4:5:0:0 nport

config.security.authentication.user.role

Syntax role username privilegeLevel

CLI Commands

2-49

config

Purpose This command sets the role value that is associated to an existing

username. The role value can either be set to an administrator or an operator. This value defaults to “none” when the user is first added to the database. This value must be changed for all new CLI and Web users before they will be allowed access to their respective interfaces.

Parameters This command has two required parameters:

username A valid Web or CLI username in the local

authentication database.

privilegeLevel This parameter assigns the privilege level

to a username. Currently only Web and CLI users can be assigned a role value. This parameter must be either administrator or operator.

Command Example

Root> config security authentication user role 01:2A:3f:4:5:0:0 administrator

config.security.authentication.user.show

Syntax show interface

Purpose This command displays a single interface from the local

authentication database.

Parameters This command has one optional parameter:

interface The interface that will be displayed.

Accepted values for this parameter are:

cli web api eport nport.

Command Example

Output Example The output for the config.security.authentication.user.show

2-50

Enterprise Operating System Command Line Interface User Manual

Root> config security authentication user show web

command displays as follows:

Interface: Web

Username Interfaces Role

----------- ----------- -------------

johndoe_1223 Web,CLI Administrator ewsOperator Web Operator Operator Web,CLI Operator

config.security.fabricBinding

Fabric Binding functionality, provided by the SANtegrity Binding feature, allows you to bind the switch or director to specified fabrics so that it can communicate only with those fabrics. With Fabric Binding enabled, the product can communicate only with fabrics that are included in the Fabric Binding Membership List (FBML).

Using Fabric Binding, you can allow specific switches to attach to specific fabrics in the SAN. This provides security from accidental fabric merges and potential fabric disruption when fabrics become segmented because they cannot merge.

config

Fabric Binding

Commands

Fabric Binding

Membership

Terminology

The config.security.fabricBinding commands function in a different way from most CLI commands, which are single action commands that take effect immediately. Most of the Fabric Binding commands affect a temporary copy of an FBML in the work area, which is called the Pending FBML. When this temporary copy, the pending list, is activated to the fabric, it is called the Active FBML.

ATTENTION! One factor to consider, when using CLI commands to view and configure Fabric Binding settings, is that the SANpilot change Fabric Binding status and FBMLs, if it is used at the same time as the CLI.

interface can

Because not all the verification of the Pending FBML can occur on the temporary copy in the work area, it is possible, however unlikely, that the copy of the list encounters no errors until the list is activated to the fabric.

NOTE: A Sphereon 4300 Switch cannot participate in a fabric, unless the Fabric Capable feature is enabled. For more information, see the McDATA Sphereon 4300 Switch Installation and Service Manual (620-000171).

Two types of FBMLs are configured using the CLI:

CLI Commands

2-51

config

• Active FBML: When fabric binding is active, the active FBML is the list of fabric members with which the product is allowed to communicate. If fabric binding is disabled, this list is empty.

• Pending FBML: A list used to configure an FBML before it is made active on the product. Changes to the pending FBML are not implemented in the fabric until they are saved and activated using the config.security.fabricBinding.activatePending command as documented on page 2-53.

The following terms apply to the switches and directors that are part of the FBMLs:

• Local: The switch or director product that you are configuring. This is a required FBML member.

• Attached: A switch or director that is currently in a fabric with the local product. Any switch and director that is attached is a required FBML member.

• Unattached: A switch or director that is not currently in a fabric with the local product. These switches and directors are unattached if they have been added manually to the pending FBML, or if they segmented from the local fabric.

Enable/Disable and

Online State Functions

In order for Fabric Binding to function, specific operating parameters and optional features must be enabled. Also, there are specific requirements for disabling these parameters and features when the director or switch is offline or online. Be aware of the following:

• Because switches are bound to a fabric by World Wide Name (WWN) and domain ID, the Insistent Domain ID option in the Configure Switch Parameters dialog box is automatically enabled if Fabric Binding is enabled. You cannot disable Insistent Domain ID while Fabric Binding is active and the switch is online.

• If Fabric Binding is enabled and the switch is online, you cannot disable Insistent Domain ID.

• If Fabric Binding is enabled and the director is offline, you can disable Insistent Domain ID, but this will disable Fabric Binding.

• You cannot disable Fabric Binding if Enterprise Fabric Mode is enabled. However, if Enterprise Fabric Mode is disabled, you can disable Fabric Binding.

NOTE: Fabric Binding can be disabled when the switch is offline.

2-52

Enterprise Operating System Command Line Interface User Manual

config.security.fabricBinding.activatePending

Syntax activatePending

Purpose This command activates the fabric binding configuration contained in

the pending work area to the fabric. The Pending FBML becomes the Active FBML, and fabric binding is made functional.

NOTE: This command takes effect immediately. The CLI verifies the list before activating it to the fabric.

Parameters This command has no parameters.

config

Command Example

Root> config security fabricBinding activatePending

config.security.fabricbinding.addAttachedMembers

Syntax addAttachedMembers

Purpose This command adds all the current members of the fabric to the

Pending FBML. If a fabric member's domain ID or WWN already exists in the list, it is not added.

Parameters This command has no parameters.

Command Example

Root> config security fabricbinding addAttachedMembers

CLI Commands

2-53

config

config.security.fabricBinding.addMember

Syntax addMember wwn domainId

Purpose This command adds a new member to the Pending FBML in the

fabric binding work area. The number of entries is limited to the maximum available domain IDs for the fabric, which is 239.

NOTE: Changes from this command are not activated to the fabric until the activatePending command is issued.

Parameters This command has two parameters:

wwn Specifies the world wide name (WWN) of the

member to be added to the Pending FBML. The value of the WWN must be in colon-delimited hexadecimal notation (for example, AA:00:AA:00:AA:00:AA:00).

domainId The domain ID of the member to be added to

the Pending FBML. Valid domain IDs range from 1 to 239.

Command Example

Root> config security fabricBinding addMember AA:99:23:23:08:14:88:C1 2

config.security.fabricBinding.clearMemList

Syntax clearMemList

Purpose This command clears the Pending FBML in the working area.

Members that are attached remain in the list, because the Pending FBML must contain all attached members to become active.

NOTE: This information is not saved to the fabric until the activatePending command is issued. When the list is cleared, the CLI automatically adds the managed switch to the Pending FBML.

Parameters This command has no parameters.

Command Example

2-54

Enterprise Operating System Command Line Interface User Manual

Root> config security fabricBinding clearMemList

config.security.fabricbinding.deactivateFabBind

Syntax deactivateFabBind

Purpose This command deactivates the active FBML on the fabric. The Active

FBML is erased when this command is executed.

NOTE: This command takes effect immediately in the fabric.

Parameters This command has no parameters.

config

Command Example

Root> config security fabricbinding deactivateFabBind

config.security.fabricBinding.deleteMember

Syntax deleteMember wwn domainId

Purpose This command removes a member from the Pending FBML in the

fabric binding work area. The local member and attached members cannot be deleted from the list.

NOTE: Changes are not activated to the fabric until the activatePending command is issued.

Parameters This command has two parameters:

wwn Specifies the WWN of the member to be

removed from the Pending FBML. The value of the WWN must be in colon-delimited hexadecimal notation (for example, AA:00:AA:00:AA:00:AA:00).

domainId The domain ID of the member to be removed

from the Pending FBML. Valid domain IDs range from 1 to 239.

Command Examples

Root> config security fabricBinding deleteMember AA:99:23:23:08:14:88:C1 Root> config security fabricBinding deleteMember 2

CLI Commands

2-55

config

config.security.fabricBinding.replacePending

Syntax replacePending

Purpose This command replaces the Pending FBML with the fabric binding

configuration that is currently loaded on the fabric.

Parameters This command has no parameters.

Command Example

Root> config security fabricBinding replacePending

config.security.fabricBinding.showActive

Syntax showActive

Purpose This command displays the fabric binding configuration (active

FBML) saved on the fabric. It performs the same function as

show.security.fabricBinding on page 2-180.

Parameters This command has no parameters.

Output This command displays the following fabric binding configuration

data:

Domain ID The domain ID of the FBML member. Valid

WWN The world wide name (WWN) of the FBML

Attachment Status

domain ID's range from 1 to 239.

member in colon-delimited hexadecimal notation.

Indicates whether the FBML member is Local, Attached, or Unattached. For more information, see Fabric Binding Membership Terminology on page 2-51.

Output Example The output from the config.security.fabricBinding.showActive

2-56

Enterprise Operating System Command Line Interface User Manual

command displays as follows.

Domain 1 (20:30:40:50:60:70:8F:1A) (Local) Domain 3 (00:11:22:33:44:55:66:77) (Unattached) Domain 2 (88:99:AA:BB:CC:DD:EE:FF) (Attached) Domain 14 (11:55:35:45:24:78:98:FA) (Attached)

McDATA Enterprise Operating System User Manual

Specifications and Main Features

Frequently Asked Questions

User Manual