hit counter script
Cisco AP775A - Nexus Converged Network Switch 5010 Configuration Manual
  1. Manuals
  2. Brands
  3. Cisco Manuals
  4. Software
  5. AP775A - Nexus Converged Network Switch 5010
  6. Configuration manual
Cisco AP775A - Nexus Converged Network Switch 5010 Configuration Manual

Cisco AP775A - Nexus Converged Network Switch 5010 Configuration Manual

Fabric manager configuration guide, release 4.x
Hide thumbs Also See for AP775A - Nexus Converged Network Switch 5010:
1
2
3
Table Of Contents
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
Table of Contents

Advertisement

Quick Links

See also: Reference , Installation Manual
S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m
Cisco MDS 9000 Family Fabric Manager
Configuration Guide, Release 4.x
Cisco MDS NX-OS Release 4.1(1b) Through 4.1(3a)
Cisco MDS 9000 FabricWare Release 4.x
February 2009
Americas Headquarters
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134-1706
USA
http://www.cisco.com
Tel: 408 526-4000
800 553-NETS (6387)
Fax: 408 527-0883
Text Part Number: OL-17256-03

Advertisement

Table of Contents
loading

Related Manuals for Cisco AP775A - Nexus Converged Network Switch 5010

Summary of Contents for Cisco AP775A - Nexus Converged Network Switch 5010

  • Page 1 S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Cisco MDS 9000 Family Fabric Manager Configuration Guide, Release 4.x Cisco MDS NX-OS Release 4.1(1b) Through 4.1(3a)
  • Page 2 S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE.
  • Page 3 S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m C O N T E N T S New and Changed Information lvii...

  • Page 4: Table Of Contents

    Contents S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Installing Cisco MDS NX-OS and Fabric Manager C H A P T E R Starting a Switch in the Cisco MDS 9000 Family...
  • Page 5 Contents S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Importing PM Statitics Data to Fabric Manager 2-24 Installing Fabric Manager...
  • Page 6 Contents S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Fabric Manager Client Quick Tour: Server Admin Perspective Fabric Manager Main Window Menu Bar...
  • Page 7 Contents S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Device Manager C H A P T E R Device Manager Overview...
  • Page 8 Contents S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Using Your Own Values 7-26 Viewing Switch Bandwidth...
  • Page 9 Contents S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Viewing Log Information 7-62 Downloading Fabric Manager Client...
  • Page 10 Contents S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Grace Period Alerts 10-15 License Transfers Between Switches...
  • Page 11 Contents S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Configuring CDP 12-12 Using the CFS Infrastructure...
  • Page 12 Contents S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Configuring FlexAttach Virtual pWWN 14-1 C H A P T E R...
  • Page 13 Contents S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Preparing for a Nondisruptive Upgrade on Fabric and Modular Switches 15-13 Performing a Nondisruptive Upgrade on a Fabric Switch...
  • Page 14 Contents S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Managing System Hardware 18-1 C H A P T E R...
  • Page 15 Contents S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Configuring Interfaces 20-1 C H A P T E R...
  • Page 16 Contents S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m About SFP Transmitter Types 20-21 Displaying SFP Transmitter Types...
  • Page 17 Contents S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m NPV Traffic Management Guidelines 21-7 Configuring NPV...
  • Page 18 Contents S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Configuring Module Interface Shared Resources 22-28 Configuration Guidelines for 48-Port, 24-Port, and 4/44-Port 8-Gbps Fibre Channel Switching...
  • Page 19 Contents S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Deleting PortChannels 23-16 Interfaces in a PortChannel...
  • Page 20 Contents S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Configuring Domain Parameters 25-1 C H A P T E R...
  • Page 21 Contents S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Fabric Configuration P A R T Configuring and Managing VSANs...
  • Page 22 Contents S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Configuring DPVM with the DPVM Wizard 28-2 About DPVM Databases...
  • Page 23 Contents S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Border Switch Guidelines 29-10 Configuring IVR NAT and IVR Auto Topology...
  • Page 24 Contents S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Configuring and Managing Zones 30-1 C H A P T E R...
  • Page 25 Contents S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Configuring Zone-Based Traffic Priority 30-37 Configuring Default Zone QoS Priority Attributes...
  • Page 26 Contents S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Discarding Changes 31-7 Legacy Zone Alias Conversion...
  • Page 27 Contents S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m About Reordering Network Frames 32-15 About Reordering PortChannel Frames...
  • Page 28 Contents S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m About Initiating Customized Discovery 35-2 Initiating Customized Discovery...
  • Page 29 Contents S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m About FICON Device Allegiance 36-23 Automatically Saving the Running Configuration...
  • Page 30 Contents S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Database Merge Guidelines 37-5 World Wide Names...
  • Page 31 Contents S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Database Merge Guidelines 39-10 Displaying Roles When Distribution is Enabled...
  • Page 32 Contents S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Configuring the Notification Target User 40-11 Configuring Event Security...
  • Page 33 Contents S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m About the Default TACACS+ Server Encryption Type and Preshared Key 41-15 Setting the Default TACACS+ Server Encryption Type and Preshared Key...
  • Page 34 Contents S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m ToS Information 42-5 Creating IPv4-ACLs or IPv6-ACLs with the IP-ACL Wizard...
  • Page 35 Contents S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Deleting RSA Key-Pairs from Your Switch 43-16 Example Configurations...
  • Page 36 Contents S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m About Crypto IPv4-ACLs 44-22 Crypto IPv4-ACL Guidelines...
  • Page 37 Contents S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m About the DHCHAP Timeout Value 45-9 Configuring the DHCHAP Timeout Value...
  • Page 38 Contents S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Locking the Fabric 46-18 Committing the Changes...
  • Page 39 Contents S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m VRRP 48-6 Ethernet PortChannels...
  • Page 40 Contents S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Using the SAN Extension Tuner Wizard 49-4 Default Settings...
  • Page 41 Contents S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m About iSLB Initiators 50-37 Configuring iSLB Using Device Manager...
  • Page 42 Contents S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Creating an iSNS Client Profile 50-68 About iSNS Server Functionality...
  • Page 43 Contents S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Adding Virtual Router IP Addresses 51-11 Setting the Priority for the Virtual Router...
  • Page 44 Contents S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Configuring Beacon Mode 53-3 Configuring Autonegotiation...
  • Page 45 Contents S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Configuring SCSI Flow Services and Statistics 55-1 C H A P T E R...
  • Page 46 Contents S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Events in Device Manager 57-5 Performance Monitoring...
  • Page 47 Contents S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Monitoring Network Traffic Using SPAN 60-1 C H A P T E R...
  • Page 48 Contents S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Default Settings 61-11 Configuring Call Home...
  • Page 49 Contents S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Sample Syslog Alert Notification in Full-txt Format 62-24 Sample Syslog Alert Notification in XML Format...
  • Page 50 Contents S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Ingress Port Rate Limiting 64-11 Default Settings...
  • Page 51 Contents S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Timer Configuration Per-VSAN 66-16 Configuring a Fabric Analyzer...
  • Page 52 Contents S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m What do I do if the Fabric Manager or Performance Manager service shows up as “disabled”...
  • Page 53 Contents S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m How do I set the map layout so it stays after Fabric Manager restarted? 67-13 What do I do when two switches show on the map, but there is only one switch?
  • Page 54 Contents S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m HTTP/HTTPS 69-2 WDSL...
  • Page 55 Contents S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m getHost 69-13 getHostByFabric...
  • Page 56 Contents S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Cisco MDS 9000 Family Fabric Manager Configuration Guide OL-17256-03, Cisco MDS NX-OS Release 4.x...

  • Page 57: New And Changed Information

    S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m New and Changed Information This document provides release-specific information for each new and changed feature in Cisco MDS Fabric Manager Release 4.x software.

  • Page 58: Chapter 2 Installing Cisco Mds Nx-Os And Fabric Manager

    New and Changed Information S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Table 1 New and Changed Features for Cisco MDS Fabric Manager Release 4.x (continued) Changed...
  • Page 59 New and Changed Information S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Table 1 New and Changed Features for Cisco MDS Fabric Manager Release 4.x (continued) Changed...
  • Page 60 New and Changed Information S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Cisco MDS 9000 Family Fabric Manager Configuration Guide OL-17256-03, Cisco MDS NX-OS Release 4.x...
  • Page 61 S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Preface This preface describes the audience, organization, and conventions of the Cisco MDS 9000 Family Configuration Guide.
  • Page 62 Preface S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Chapter Title Description...
  • Page 63 Preface S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Chapter Title Description...
  • Page 64 Preface S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Chapter Title Description...
  • Page 65 Preface S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Chapter Title Description...

  • Page 66: Document Conventions

    Preface S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Chapter Title Description...

  • Page 67: Related Documentation

    Preface S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Screen examples use these conventions: Terminal sessions and information the switch displays are in screen font.

  • Page 68: Hardware Installation

    Preface S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Cisco MDS NX-OS Release Compatibility Matrix for IBM SAN Volume Controller Software for •...

  • Page 69: Obtaining Documentation And Submitting A Service Request

    Preface S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Cisco MDS 9000 Family SMI-S Programming Reference •...
  • Page 70 Preface S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Cisco MDS 9000 Family Fabric Manager Configuration Guide OL-17256-03, Cisco MDS NX-OS Release 4.x...

  • Page 71: Getting Started

    S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m A R T Getting Started...
  • Page 72 S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m...

  • Page 73: Product Overview

    S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m C H A P T E R Product Overview The Cisco MDS 9000 Family of multilayer directors and fabric switches offers intelligent...

  • Page 74: Cisco Mds 9500 Series Multilayer Directors

    Chapter 1 Product Overview Hardware Overview S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Cisco MDS 9500 Series Multilayer Directors The Cisco MDS 9500 Series includes the following multilayer, modular directors: The Cisco MDS 9513 Director, which has thirteen slots, two of which (slot 7 and slot 8) are reserved...

  • Page 75: Cisco Mds 9200 Series Fabric Switches

    Chapter 1 Product Overview Hardware Overview S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m 14/2-port Multiprotocol Services (MPS-14/2) module •...

  • Page 76: Cisco Mds 9100 Series Fixed Configuration Fabric Switches

    Chapter 1 Product Overview Cisco NX-OS Software Configuration S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m 18/4-port Multiservice FIPS Module with Federal Information Processing Standard (FIPS) 140-2 •...

  • Page 77: Tools For Software Configuration

    Chapter 1 Product Overview Cisco NX-OS Software Configuration S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m This section includes the following topics: Tools for Software Configuration, page 1-5 •...

  • Page 78: Software Configuration Overview

    Chapter 1 Product Overview Cisco NX-OS Software Configuration S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Device View displays a continuously updated physical representation of the switch –...
  • Page 79 Chapter 1 Product Overview Cisco NX-OS Software Configuration S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Advanced Configuration These sections contain additional configuration information for NX-OS software and the MDS 9000 Family of switches and includes the following topics:...
  • Page 80 Chapter 1 Product Overview Cisco NX-OS Software Configuration S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m IPsec for network security (Chapter 44, “Configuring IPsec Network Security”)

  • Page 81: Starting A Switch In The Cisco Mds 9000 Family

    S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m C H A P T E R Installing Cisco MDS NX-OS and Fabric Manager The Cisco Fabric Manager is a set of network management tools that supports Secure Simple Network...

  • Page 82: Initial Setup Routine

    Chapter 2 Installing Cisco MDS NX-OS and Fabric Manager Initial Setup Routine S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m The console port is physically connected to a computer terminal (or terminal server).

  • Page 83: Default Login

    Chapter 2 Installing Cisco MDS NX-OS and Fabric Manager Initial Setup Routine S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Destination prefix, destination prefix subnet mask, and next hop IP address, if you want to –...

  • Page 84: Assigning Setup Information

    Chapter 2 Installing Cisco MDS NX-OS and Fabric Manager Initial Setup Routine S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 2-1 Management Access to Switches Router...
  • Page 85 Chapter 2 Installing Cisco MDS NX-OS and Fabric Manager Initial Setup Routine S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Confirm the administrator password.
  • Page 86 Chapter 2 Installing Cisco MDS NX-OS and Fabric Manager Initial Setup Routine S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Enter the SNMPv3 password (minimum of eight characters).
  • Page 87 Chapter 2 Installing Cisco MDS NX-OS and Fabric Manager Initial Setup Routine S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Be sure to configure the IP route, the default network IP address, and the default gateway IP Note address to enable SNMP access.
  • Page 88 Chapter 2 Installing Cisco MDS NX-OS and Fabric Manager Initial Setup Routine S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Enter noshut (shut is the default) to configure the default switch port interface to the shut state.

  • Page 89: Configuring In-Band Management

    Chapter 2 Installing Cisco MDS NX-OS and Fabric Manager Initial Setup Routine S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m If you do not save the configuration at this point, none of your changes are updated the next Caution time the switch is rebooted.
  • Page 90 Chapter 2 Installing Cisco MDS NX-OS and Fabric Manager Initial Setup Routine S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Configure the read-only or read-write SNMP community string.
  • Page 91 Chapter 2 Installing Cisco MDS NX-OS and Fabric Manager Initial Setup Routine S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Enabled SSH service? (yes/no) [n]: yes Enter the SSH key type (see the “Generating the SSH Server Key Pair”...

  • Page 92: Using The Setup Command

    Chapter 2 Installing Cisco MDS NX-OS and Fabric Manager Accessing the Switch S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m If you do not save the configuration at this point, none of your changes are updated the next Caution time the switch is rebooted.

  • Page 93: Where Do You Go Next

    Chapter 2 Installing Cisco MDS NX-OS and Fabric Manager Where Do You Go Next? S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 2-2 Switch Access Options Router...

  • Page 94: Fabric Manager Server

    Chapter 2 Installing Cisco MDS NX-OS and Fabric Manager About Cisco Fabric Manager S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Fabric Manager Web Server •...

  • Page 95: Device Manager

    Chapter 2 Installing Cisco MDS NX-OS and Fabric Manager Cisco MDS 9000 Switch Management S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Open Internet Explorer and select Tools >...

  • Page 96: Storage Management Solutions Architecture

    Chapter 2 Installing Cisco MDS NX-OS and Fabric Manager Cisco MDS 9000 Switch Management S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Table 2-1 Supported Management Protocols Management Protocol...

  • Page 97: In-Band Management And Out-Of-Band Management

    Chapter 2 Installing Cisco MDS NX-OS and Fabric Manager Cisco MDS 9000 Switch Management S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Of these five layers of storage network management, Cisco Fabric Manager provides tools for device (element) management and fabric management.

  • Page 98: Installing The Management Software

    Chapter 2 Installing Cisco MDS NX-OS and Fabric Manager Installing the Management Software S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m IPFC encapsulates IP packets into Fibre Channel frames so that management information can cross the Fibre Channel network without requiring a dedicated Ethernet connection to each switch.

  • Page 99: Supported Software

    Chapter 2 Installing Cisco MDS NX-OS and Fabric Manager Installing the Management Software S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Supported Software For the latest information on supported software, refer to the Cisco MDS 9000 Family Release Notes for Note...

  • Page 100: Minimum Hardware Requirements

    Chapter 2 Installing Cisco MDS NX-OS and Fabric Manager Installing the Management Software S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m A JDBC driver is a software component enabling a Java application to interact with a database.

  • Page 101: Directory Structure

    Chapter 2 Installing Cisco MDS NX-OS and Fabric Manager Installing the Management Software S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m If you are installing Cisco SAN-OS Release 3.1(2b) or later, you can also use Oracle Database 10g Note Express.

  • Page 102: Installing Oracle

    Chapter 2 Installing Cisco MDS NX-OS and Fabric Manager Installing the Management Software S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Table 2-3 Directory Structure (Unix and Solaris) Directory...

  • Page 103: Increasing Udp Buffer Size

    Chapter 2 Installing Cisco MDS NX-OS and Fabric Manager Installing the Management Software S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m For information about backing up the Oracle database, go to this location: Note http://download.oracle.com/docs/cd/B25329_01/doc/admin.102/b25107/backrest.htm#i1004902.

  • Page 104: Restore

    Chapter 2 Installing Cisco MDS NX-OS and Fabric Manager Installing the Management Software S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Restore To restore Fabric Manager database, you must have a good backup file, and you must stop the Fabric Manager server before restoration.
  • Page 105 Chapter 2 Installing Cisco MDS NX-OS and Fabric Manager Installing the Management Software S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Follow the on-screen instructions provided in the Fabric Manager management software setup wizard.
  • Page 106 Chapter 2 Installing Cisco MDS NX-OS and Fabric Manager Installing the Management Software S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 2-3 Welcome to the Management Software Setup Wizard Click the Express radio button, and then click Next to begin express installation.
  • Page 107 Chapter 2 Installing Cisco MDS NX-OS and Fabric Manager Installing the Management Software S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 2-4 Default User Credentials Step 7...
  • Page 108 Chapter 2 Installing Cisco MDS NX-OS and Fabric Manager Installing the Management Software S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Click Finish to close the Cisco Fabric Manager Installer window.
  • Page 109 Chapter 2 Installing Cisco MDS NX-OS and Fabric Manager Installing the Management Software S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 2-7 Install Options Dialog Box Click the radio button for either:...
  • Page 110 Chapter 2 Installing Cisco MDS NX-OS and Fabric Manager Installing the Management Software S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 2-8 Database Options Dialog Box Click the radio button for either Install PostgreSQL or Use existing DB to specify which database you...
  • Page 111 Chapter 2 Installing Cisco MDS NX-OS and Fabric Manager Installing the Management Software S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 2-9 User Options Dialog Box Enter a user name and password and click Next.
  • Page 112 Chapter 2 Installing Cisco MDS NX-OS and Fabric Manager Installing the Management Software S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Click Verify to test your login.
  • Page 113 Chapter 2 Installing Cisco MDS NX-OS and Fabric Manager Installing the Management Software S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Select the local interface, web server port or Fabric Manager server port and check the FC Alias and Step 17 SNMPv3 check boxes as desired.

  • Page 114: Installing Device Manager

    Chapter 2 Installing Cisco MDS NX-OS and Fabric Manager Installing the Management Software S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 2-14 Install Complete If you installed Fabric Manager Standalone, you can choose to launch Fabric Manager or Device...
  • Page 115 Chapter 2 Installing Cisco MDS NX-OS and Fabric Manager Installing the Management Software S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Enter the IP address of the switch in the Address field of your browser.

  • Page 116: Creating Fm/Dm Shortcut Manually

    Chapter 2 Installing Cisco MDS NX-OS and Fabric Manager Installing the Management Software S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Select an installation folder on your workstation for Device Manager.
  • Page 117 Chapter 2 Installing Cisco MDS NX-OS and Fabric Manager Installing the Management Software S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 2-18 Java Control Panel Dialog Box Step 2...

  • Page 118: Upgrading The Management Software

    Chapter 2 Installing Cisco MDS NX-OS and Fabric Manager Upgrading the Management Software S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 2-20 Shortcut Menu Upgrading the Management Software...

  • Page 119: Update Installer

    Chapter 2 Installing Cisco MDS NX-OS and Fabric Manager Upgrading Fabric Manager Server and Fabric Manager Standalone Version Using the Fabric Manager Update S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Upgrading Fabric Manager Server and Fabric Manager Standalone Version Using the Fabric Manager Update Installer As of Release 3.3(1a), you can use the Cisco MDS 9000 Fabric Manager Update Installer to upgrade:...

  • Page 120: Integrating Cisco Fabric Manager With Other Management Tools

    Chapter 2 Installing Cisco MDS NX-OS and Fabric Manager Integrating Cisco Fabric Manager with Other Management Tools S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Table 2-4 Fabric Manager Upgrade Path Using Update Installer Current Version...
  • Page 121 Chapter 2 Installing Cisco MDS NX-OS and Fabric Manager Running Fabric Manager Behind a Firewall S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m On a Windows desktop, uncomment the following in the FabricManager.bat or DeviceManager.bat •...
  • Page 122 Chapter 2 Installing Cisco MDS NX-OS and Fabric Manager Running Fabric Manager Behind a Firewall S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Communication Type Port(s) Used...

  • Page 123: Uninstalling The Management Software

    Chapter 2 Installing Cisco MDS NX-OS and Fabric Manager Uninstalling the Management Software S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m 8092 deploy/jms/oil2-servic jboss.mq:service=Invocati...
  • Page 124 Chapter 2 Installing Cisco MDS NX-OS and Fabric Manager Uninstalling the Management Software S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m To uninstall the Fabric Manager applications on a UNIX machine, follow these steps: For all releases starting with Release 2.x, run the shell script Step 1...

  • Page 125: Fabric Manager Server

    S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m C H A P T E R Fabric Manager Server Fabric Manager Server is a platform for advanced MDS monitoring, troubleshooting, and configuration...

  • Page 126: Installing And Configuring Fabric Manager Server

    Chapter 3 Fabric Manager Server Installing and Configuring Fabric Manager Server S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Continuous health monitoring—MDS health is monitored continuously, so any events that •...

  • Page 127: Unlicensed Versus Licensed Fabric Manager Server

    Chapter 3 Fabric Manager Server Managing a Fabric Manager Server Fabric S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Unlicensed Versus Licensed Fabric Manager Server When you install Fabric Manager, the basic unlicensed version of Fabric Manager Server is installed with it.

  • Page 128: Fabric Manager Server Properties File

    Chapter 3 Fabric Manager Server Fabric Manager Server Properties File S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m You can pre-configure a user name and password to manage fabrics.

  • Page 129: Modifying Fabric Manager Server

    Chapter 3 Fabric Manager Server Modifying Fabric Manager Server S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m SNMP Specific snmp.preferTCP—If this option is set to true, TCP will be the default protocol for the Fabric •...

  • Page 130: Adding Or Removing Fabric Manager Server Users

    Chapter 3 Fabric Manager Server Modifying Fabric Manager Server S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Changing the Fabric Manager Server User Name and Password, page 3-7 •...

  • Page 131: Changing The Fabric Manager Server User Name And Password

    Chapter 3 Fabric Manager Server Modifying Fabric Manager Server S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Changing the Fabric Manager Server User Name and Password You can modify the user name or password used to access a fabric from Fabric Manager Client without restarting Fabric Manager Server.
  • Page 132 Chapter 3 Fabric Manager Server Modifying Fabric Manager Server S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Click Apply to save these changes.

  • Page 133: Authentication In Fabric Manager

    S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m C H A P T E R Authentication in Fabric Manager Fabric Manager contains interdependent software components that communicate with the switches in...

  • Page 134: C H A P T E R 4 Authentication In Fabric Manager

    Chapter 4 Authentication in Fabric Manager Fabric Manager Authentication Overview S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 4-1 Fabric Manager Authentication Example AAA server...

  • Page 135: Best Practices For Discovering A Fabric

    Chapter 4 Authentication in Fabric Manager Best Practices for Discovering a Fabric S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Best Practices for Discovering a Fabric Fabric Manager Server monitors multiple physical fabrics under the same user interface.

  • Page 136: Performance Manager Authentication

    Chapter 4 Authentication in Fabric Manager Performance Manager Authentication S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Performance Manager Authentication Performance Manager uses the user name and password information stored in the Fabric Manager Server database.
  • Page 137 Chapter 4 Authentication in Fabric Manager Fabric Manager Web Server Authentication S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Launch Fabric Manager Web Server.
  • Page 138 Chapter 4 Authentication in Fabric Manager Fabric Manager Web Server Authentication S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Cisco MDS 9000 Family Fabric Manager Configuration Guide OL-17256-03, Cisco MDS NX-OS Release 4.x...

  • Page 139: Fabric Manager Client

    S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m C H A P T E R Fabric Manager Client Cisco Fabric Manager Client is a java-based GUI application that provides access to the Fabric Manager...

  • Page 140: Fabric Manager Advanced Mode

    Chapter 5 Fabric Manager Client Launching Fabric Manager Client in Cisco SAN-OS Release 3.2(1) and Later S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Fabric Manager Advanced Mode Advanced mode is enabled by default and provides the full suite of Fabric Manager features, including security, IVR, iSCSI, and FICON.
  • Page 141 Chapter 5 Fabric Manager Client Launching Fabric Manager Client in Cisco SAN-OS Release 3.2(1) and Later S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 5-1 Fabric Manager Web Server Login Dialog Box Step 2...
  • Page 142 Chapter 5 Fabric Manager Client Launching Fabric Manager Client in Cisco SAN-OS Release 3.2(1) and Later S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 5-2 Download Page for Fabric Manager and Device Manager Step 4...
  • Page 143 Chapter 5 Fabric Manager Client Launching Fabric Manager Client in Cisco SAN-OS Release 3.2(1) and Later S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 5-4 Fabric Manager Login Dialog Box Enter the Fabric Manager Server user name and password.
  • Page 144 Chapter 5 Fabric Manager Client Launching Fabric Manager Client in Cisco SAN-OS Release 3.2(1) and Later S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m If you want a clean discovery, remove the fabric and rediscover it.

  • Page 145: Fabric Manager Client Quick Tour: Server Admin Perspective

    Chapter 5 Fabric Manager Client Fabric Manager Client Quick Tour: Server Admin Perspective S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Changes made using Fabric Manager are applied to the running configuration of the switches Note that you are managing.

  • Page 146: Fabric Manager Main Window

    Chapter 5 Fabric Manager Client Fabric Manager Client Quick Tour: Server Admin Perspective S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 5-7 Fabric Manager Main Window: Server Admin Perspective Menu bar—Provides access to options that are organized by menus.

  • Page 147: Menu Bar

    Chapter 5 Fabric Manager Client Fabric Manager Client Quick Tour: Server Admin Perspective S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Menu Bar The menu bar at the top of the Fabric Manager main window provides options for managing and for controlling the display of information on the Fabric pane.

  • Page 148: Information Pane

    Chapter 5 Fabric Manager Client Fabric Manager Client Quick Tour: Server Admin Perspective S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m To select an option, click a folder to display the options available and then click the option.

  • Page 149: Fabric Pane

    Chapter 5 Fabric Manager Client Fabric Manager Client Quick Tour: Server Admin Perspective S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Fabric Pane Use the Fabric pane to display the graphical representation of your fabric.

  • Page 150: Fabric Manager Client Quick Tour: Admin Perspective

    Chapter 5 Fabric Manager Client Fabric Manager Client Quick Tour: Admin Perspective S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Fabric Manager Client Quick Tour: Admin Perspective This section describes the Fabric Manager Client interface shown in Figure...

  • Page 151: Menu Bar

    Chapter 5 Fabric Manager Client Fabric Manager Client Quick Tour: Admin Perspective S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Status Bar (left side)—Shows short-term transient messages, such as the number of rows displayed in a table.

  • Page 152: View

    Chapter 5 Fabric Manager Client Fabric Manager Client Quick Tour: Admin Perspective S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Resync All Open Fabrics—...

  • Page 153: Tools

    Chapter 5 Fabric Manager Client Fabric Manager Client Quick Tour: Admin Perspective S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Edit Local Full Zone Database—Allows you to create zones across multiple switches.
  • Page 154 Chapter 5 Fabric Manager Client Fabric Manager Client Quick Tour: Admin Perspective S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Compact Flash Report—Automatically scans the fabric and generate a report that shows the –...

  • Page 155: Performance

    Chapter 5 Fabric Manager Client Fabric Manager Client Quick Tour: Admin Perspective S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Flow Load Balance Calculator—Allows you to get the best load balancing configuration for your •...
  • Page 156 Chapter 5 Fabric Manager Client Fabric Manager Client Quick Tour: Admin Perspective S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Table 5-3 Fabric Manager Client Main Toolbar (continued) Icon...

  • Page 157: Logical Domains Pane

    Chapter 5 Fabric Manager Client Fabric Manager Client Quick Tour: Admin Perspective S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Table 5-3 Fabric Manager Client Main Toolbar (continued) Icon...

  • Page 158: Filtering

    Chapter 5 Fabric Manager Client Fabric Manager Client Quick Tour: Admin Perspective S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Filtering Fabric Manager has a filtering mechanism that displays only the data that you are interested in.
  • Page 159 Chapter 5 Fabric Manager Client Fabric Manager Client Quick Tour: Admin Perspective S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Undo Changes—Undoes modifications to the switch.
  • Page 160 Chapter 5 Fabric Manager Client Fabric Manager Client Quick Tour: Admin Perspective S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m When you select a port channel from the table, the pop-up menu will have the following additional Note options:...

  • Page 161: Information Pane

    Chapter 5 Fabric Manager Client Fabric Manager Client Quick Tour: Admin Perspective S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Information Pane Use the Information pane to display tables of information associated with the option selected from the menu tree in the Logical Domains or Physical Attributes panes.

  • Page 162: Detachable Tables

    Chapter 5 Fabric Manager Client Fabric Manager Client Quick Tour: Admin Perspective S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m After making changes, you must save the configuration or the changes will be lost when the device is Note restarted.
  • Page 163 Chapter 5 Fabric Manager Client Fabric Manager Client Quick Tour: Admin Perspective S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Table 5-5 Fabric Manager Graphics (continued) Icon or Graphic...

  • Page 164: Context Menus

    Chapter 5 Fabric Manager Client Fabric Manager Client Quick Tour: Admin Perspective S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Fabric—When displaying multiple fabrics, each fabric has its own tab.

  • Page 165: Purging Down Elements

    Chapter 5 Fabric Manager Client Fabric Manager Client Quick Tour: Admin Perspective S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m The end devices layer includes the end devices and can be turned off to remove end devices from •...

  • Page 166: Filtering By Groups

    Chapter 5 Fabric Manager Client Fabric Manager Client Quick Tour: Admin Perspective S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 5-9 Fabric Manager’s Multiple Fabric Display Window The Fabric view tab for fabric 172.23.46.152.
  • Page 167 Chapter 5 Fabric Manager Client Fabric Manager Client Quick Tour: Admin Perspective S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 5-10 Edit User Defined Group Dialog Box Enter a group name in the Name field.

  • Page 168: Status Bar

    Chapter 5 Fabric Manager Client Setting Fabric Manager Preferences S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m In the Fabric pane, the switches or end devices in your group are shown normally;...
  • Page 169 Chapter 5 Fabric Manager Client Setting Fabric Manager Preferences S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m If you browse for a path or enter a path and you have a space in the pathname (for example, Note c:\program files\telnet.exe), then the path will not work.

  • Page 170: Network Fabric Discovery

    Chapter 5 Fabric Manager Client Network Fabric Discovery S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Automatically Save Layout—If this option is enabled, any changes in the layout are automatically •...

  • Page 171: Using Alias Names As Enclosures

    Chapter 5 Fabric Manager Client Modifying the Device Grouping S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Using Alias Names as Enclosures To create an enclosure that uses the alias name as the name of the enclosure using Fabric Manager, follow these steps:...

  • Page 172: Controlling Administrator Access With Users And Roles

    Chapter 5 Fabric Manager Client Controlling Administrator Access with Users and Roles S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Fabric Manager uses the regular expressions to convert multiple alias names into one enclosure.

  • Page 173: Fabric Manager Troubleshooting Tools

    Chapter 5 Fabric Manager Client Fabric Manager Troubleshooting Tools S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Software Install—Verifies image compatibility and installs software images on selected switches in •...
  • Page 174 Chapter 5 Fabric Manager Client Fabric Manager Troubleshooting Tools S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Cisco MDS 9000 Family Fabric Manager Configuration Guide 5-36 OL-17256-03, Cisco MDS NX-OS Release 4.x...

  • Page 175: Device Manager

    S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m C H A P T E R Device Manager This chapter contains descriptions of, and instructions for using, the Cisco MDS 9000 Device Manager.

  • Page 176: Chapter 6 Device Manager

    Chapter 6 Device Manager Launching Device Manager S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m View chassis, module, port status, and statistics.

  • Page 177: Menu Bar

    Chapter 6 Device Manager Using Device Manager S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 6-1 Device Manager, Device Tab Menu bar...

  • Page 178: Toolbar Icons

    Chapter 6 Device Manager Using Device Manager S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Interface—Allows you to configure and manage PortChannels, as well as Fibre Channel, Ethernet, •...

  • Page 179: Dialog Boxes

    Chapter 6 Device Manager Using Device Manager S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Table 6-1 Device Manager Main Toolbar (continued) Icon...
  • Page 180 Chapter 6 Device Manager Using Device Manager S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Amber—The port has a minor fault condition.

  • Page 181: Supervisor And Switching Modules

    Chapter 6 Device Manager Using Device Manager S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Supervisor and Switching Modules In the Device View, you can right-click an object and get information on it, or configure it.

  • Page 182: Setting Device Manager Preferences

    Chapter 6 Device Manager Setting Device Manager Preferences S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Setting Device Manager Preferences To set your preferences for the behavior of the Device Manager application, choose Device >...

  • Page 183: Fabric Manager Web Client

    S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m C H A P T E R Fabric Manager Web Client With Fabric Manager Web Client you can monitor Cisco MDS switch events, performance, and inventory...

  • Page 184: Navigating Fabric Manager Web Client

    Chapter 7 Fabric Manager Web Client Navigating Fabric Manager Web Client S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m You see Fabric Manager Web Client window as shown in Figure 7-1.

  • Page 185: Installing Fabric Manager Web Client

    Chapter 7 Fabric Manager Web Client Installing Fabric Manager Web Client S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Table Filtering and Navigation You can filter the display of some tables to view subsets of the information.
  • Page 186 Chapter 7 Fabric Manager Web Client Installing Fabric Manager Web Client S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Optionally, enter the IP address or host name of the supervisor module running Cisco MDS NX-OS in Step 1 the Location or Address field of your browser.

  • Page 187: Using Fabric Manager Web Client With Ssl

    Chapter 7 Fabric Manager Web Client Installing Fabric Manager Web Client S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Using Fabric Manager Web Client with SSL Fabric Manager Web Client uses TCP port 80 by default.
  • Page 188 Chapter 7 Fabric Manager Web Client Installing Fabric Manager Web Client S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m For Verisign.com trial certificates, go to: •...

  • Page 189: Launching Fabric Manager Web Client

    Chapter 7 Fabric Manager Web Client Launching Fabric Manager Web Client S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m port="443"...
  • Page 190 Chapter 7 Fabric Manager Web Client Launching Fabric Manager Web Client S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 7-2 Fabric Manager Web Client Login Dialog Box Enter your user name and password.

  • Page 191: Health

    Chapter 7 Fabric Manager Web Client Health S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m After launching Fabric Manager Web Client, you see the screen as shown in Figure 7-1, which you can...

  • Page 192: Viewing Fabric Information

    Chapter 7 Fabric Manager Web Client Health S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 7-3 Summary Tab Do one of the following:...

  • Page 193: Viewing Syslog Information

    Chapter 7 Fabric Manager Web Client Health S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 7-4 Fabric Events Tab Expand a fabric and choose one of the switches to display event information for that switch.

  • Page 194: Viewing Analysis Reports

    Chapter 7 Fabric Manager Web Client Health S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 7-5 Syslog Tab Select one of the fabrics to display a table of syslog information for that fabric.

  • Page 195: Performance

    Chapter 7 Fabric Manager Web Client Performance S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Switch Health—The switch health report provides status information on all critical Cisco MDS •...

  • Page 196: Viewing Performance Summary Information

    Chapter 7 Fabric Manager Web Client Performance S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m NPV Links—...

  • Page 197: Performance Detail Summary Report

    Chapter 7 Fabric Manager Web Client Performance S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Click a pie chart (Hosts, Storage, or ISLs) to go to the appropriate performance table.

  • Page 198: Viewing Performance Information For End Devices

    Chapter 7 Fabric Manager Web Client Performance S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Viewing Performance Information for End Devices To view host and storage port traffic and errors using Fabric Manager Web Client, follow these steps: Click the Performance tab, and then click End Devices tab.

  • Page 199: Viewing Performance Information For Isls

    Chapter 7 Fabric Manager Web Client Performance S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Viewing Performance Information for ISLs To view ISL traffic and errors using Fabric Manager Web Client, follow these steps: Click the Performance tab, and then click ISLs tab.
  • Page 200 Chapter 7 Fabric Manager Web Client Performance S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 7-11 ISL Traffic (24 Hours) Cisco MDS 9000 Family Fabric Manager Configuration Guide...
  • Page 201 Chapter 7 Fabric Manager Web Client Performance S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 7-12 ISL Traffic Grid View Notation NaN (Not a Number) in the data grid means it is a negative value.
  • Page 202 Chapter 7 Fabric Manager Web Client Performance S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 7-13 ISL Traffic (Real Time) There are variations to this procedure.

  • Page 203: Viewing Performance Information For Npv Links

    Chapter 7 Fabric Manager Web Client Performance S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Viewing Performance Information for NPV Links To view traffic between NPV devices and ports using Fabric Manager Web Client, follow these steps: Click the Performance tab, and then click NPV Links.

  • Page 204: Viewing Performance Information For Flows

    Chapter 7 Fabric Manager Web Client Performance S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Viewing Performance Information for Flows To view host and storage traffic using Fabric Manager Web Client, follow these steps: Click the Performance tab, and then click Flows.

  • Page 205: Viewing Performance Information For Gige Ports

    Chapter 7 Fabric Manager Web Client Performance S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Viewing Performance Information for GigE Ports To view GigE ports using Fabric Manager Web Client, follow these steps: Click the Performance tab, and then click Ethernet.

  • Page 206: Viewing Detailed Traffic Information

    Chapter 7 Fabric Manager Web Client Performance S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 7-17 Others Tab Expand a fabric and select one of the VSANs to display the other statistics in that VSAN.

  • Page 207: Viewing Predicted Future Performance

    Chapter 7 Fabric Manager Web Client Performance S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 7-18 Traffic Analyzer Tab Do one of the following:...

  • Page 208: Using Your Own Values

    Chapter 7 Fabric Manager Web Client Performance S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Threshold—80% •...

  • Page 209: Viewing Switch Bandwidth

    Chapter 7 Fabric Manager Web Client Performance S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Peak—The average value of all the peak values is used.

  • Page 210: Inventory

    Chapter 7 Fabric Manager Web Client Inventory S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Inventory The Inventory tab shows an inventory of the selected SAN, fabric, or switch.

  • Page 211: Viewing Detailed Summary Inventory Information

    Chapter 7 Fabric Manager Web Client Inventory S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Select a SAN to display a summary of inventory information for all fabrics in the SAN.

  • Page 212: Viewing Detailed Information For Switches

    Chapter 7 Fabric Manager Web Client Inventory S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Click the Inventory tab, and then click VSANs.

  • Page 213: Viewing License Information

    Chapter 7 Fabric Manager Web Client Inventory S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 7-24 Switches Tab Do one of the following:...

  • Page 214: Viewing Detailed Information For Modules

    Chapter 7 Fabric Manager Web Client Inventory S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 7-25 Switch Licenses Tab Select one of the fabrics to display license information for switches in that fabric.

  • Page 215: Viewing Detailed Information For End Devices

    Chapter 7 Fabric Manager Web Client Inventory S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 7-26 Modules Tab Do one of the following:...

  • Page 216: Viewing Detailed Information For Isls

    Chapter 7 Fabric Manager Web Client Inventory S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 7-27 End Devices Tab Expand a fabric and select one of the VSANs to display end device inventory information for that VSAN.

  • Page 217: Viewing Detailed Information For Npv Links

    Chapter 7 Fabric Manager Web Client Inventory S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 7-28 ISLs Tab Expand a fabric and select one of the VSANs to display ISL inventory information for that VSAN.

  • Page 218: Viewing Detailed Information For Zones

    Chapter 7 Fabric Manager Web Client Inventory S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 7-29 NPV Links Step 2...

  • Page 219: Reports

    Chapter 7 Fabric Manager Web Client Reports S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 7-30 Zones Tab Expand a fabric and select one of the VSANs to display zone inventory information for that VSAN.
  • Page 220 Chapter 7 Fabric Manager Web Client Reports S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m and schedule a report of your fabric based on this template immediately or at a later time.

  • Page 221: Viewing Custom Reports By Template

    Chapter 7 Fabric Manager Web Client Reports S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Viewing Custom Reports by Template To view a custom report based on a specific template using Fabric Manager Web Client, follow these steps:...

  • Page 222: Generating Custom Reports By Template

    Chapter 7 Fabric Manager Web Client Reports S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 7-33 View Report Table In the left pane, click to expand Users.

  • Page 223: Modifying A Custom Report Template

    Chapter 7 Fabric Manager Web Client Reports S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m (Optional) Change the name of the report.

  • Page 224: Deleting Custom Reports

    Chapter 7 Fabric Manager Web Client Reports S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 7-35 Report Indicate the information you want to gather in the report by checking the Health, Analysis,...

  • Page 225: Viewing Scheduled Jobs By Report Template

    Chapter 7 Fabric Manager Web Client Reports S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Viewing Scheduled Jobs by Report Template To view scheduled jobs by report template using Fabric Manager Web Client, follow these steps: Click the Reports tab, and then click Scheduled Jobs.

  • Page 226: Admin

    Chapter 7 Fabric Manager Web Client Admin S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 7-37 Modify Scheduled Jobs Step 3...

  • Page 227: Recovering A Web Server Password

    Chapter 7 Fabric Manager Web Client Admin S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m If you see a database file lock error in the database log, you can fix it by shutting down and restarting Note the database server using the web client.

  • Page 228: Adding, Editing, And Removing Managed Fabrics

    Chapter 7 Fabric Manager Web Client Admin S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 7-38 Fabric Manager Services Status Select the services you want to start, restart, or stop.
  • Page 229 Chapter 7 Fabric Manager Web Client Admin S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 7-39 List of Fabrics Managed by the Fabric Manager Server Click Add.

  • Page 230: Viewing Trap And Syslog Registration Information

    Chapter 7 Fabric Manager Web Client Admin S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Click the Admin tab, and then click Configure.

  • Page 231: Configuring Forwarding Of Notifications For Events

    Chapter 7 Fabric Manager Web Client Admin S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 7-42 Registration Screen Step 4...

  • Page 232: Viewing And Disconnecting Clients

    Chapter 7 Fabric Manager Web Client Admin S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m From the Fabric drop-down list, choose the fabric for notification.

  • Page 233: Configuring Fabric Manager Server Preferences

    Chapter 7 Fabric Manager Web Client Admin S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 7-44 List of Clients Check the check box next to the client you want to disconnect.
  • Page 234 Chapter 7 Fabric Manager Web Client Admin S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 7-45 Add Community Dialog Box Step 4...

  • Page 235: Configuring Aaa Information

    Chapter 7 Fabric Manager Web Client Admin S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Cisco Fabric Manager 3.0(1) does not require you to make changes to the communities.properties file Note even if you are using a Cisco MDS 9020 switch or any third-party devices.

  • Page 236: Adding And Removing Roles

    Chapter 7 Fabric Manager Web Client Admin S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 7-48 Add User Dialog Box Step 4...
  • Page 237 Chapter 7 Fabric Manager Web Client Admin S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 7-49 Local Roles Page Step 3...

  • Page 238: Creating Performance Collections

    Chapter 7 Fabric Manager Web Client Admin S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Click the Admin tab and then click Configure.

  • Page 239: Configuring Other Statistics

    Chapter 7 Fabric Manager Web Client Admin S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 7-52 Create Collection Dialog Box Step 4...
  • Page 240 Chapter 7 Fabric Manager Web Client Admin S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 7-53 Others Page Click Add.

  • Page 241: Configuring Collection Thresholds

    Chapter 7 Fabric Manager Web Client Admin S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Configuring Collection Thresholds To configure collection thresholds using Fabric Manager Web Client, follow these steps: Click the Admin tab, and then click Configure.

  • Page 242: Importing The Rrd Statistics Index

    Chapter 7 Fabric Manager Web Client Admin S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m To configure conditions for sending Warning notifications, check the Send Warning check box.
  • Page 243 Chapter 7 Fabric Manager Web Client Admin S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 7-56 Performance Database Page Enter the number of days to collect samples at 5-minute intervals in the top row of the Days column.

  • Page 244: Viewing Log Information

    Chapter 7 Fabric Manager Web Client Downloading Fabric Manager Client S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Viewing Log Information You may occasionally want to view logs such as the Fabric Manager Server log.

  • Page 245: Performance Manager

    S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m C H A P T E R Performance Manager The primary purpose of Fabric Manager is to manage the network.

  • Page 246: Chapter 8 Performance Manager

    Chapter 8 Performance Manager Performance Manager Architecture S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Data Interpolation One of the unique features of Performance Manager is its ability to interpolate data when statistical polling results are missing or delayed.

  • Page 247: Flow Setup Wizards

    Chapter 8 Performance Manager Performance Manager Architecture S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 8-1 Baseline Threshold Example Two thresholds per throughput...
  • Page 248 Chapter 8 Performance Manager Performance Manager Architecture S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 8-2 Create Flows Dialog Box Click the drop-down menu in the VSAN field.
  • Page 249 Chapter 8 Performance Manager Performance Manager Architecture S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 8-3 Review Traffic Flows Dialog Box Choose items in the Possible Flow Pairs area.

  • Page 250: Flow Statistics Configuration

    Chapter 8 Performance Manager Flow Statistics Configuration S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Flow Statistics Configuration Flow statistics count the ingress traffic in the aggregated statistics table.

  • Page 251: Cisco Traffic Analyzer

    S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m C H A P T E R Cisco Traffic Analyzer Cisco Traffic Analyzer is a version of network top (ntop) software that is modified to support Fibre...

  • Page 252: Using Cisco Traffic Analyzer With Performance Manager

    Chapter 9 Cisco Traffic Analyzer Using Cisco Traffic Analyzer with Performance Manager S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Using Cisco Traffic Analyzer with Performance Manager Performance Manager works in conjunction with Cisco Traffic Analyzer to monitor and manage the traffic on your fabric.

  • Page 253: Understanding Cisco Traffic Analyzer

    Chapter 9 Cisco Traffic Analyzer Installing Cisco Traffic Analyzer S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Understanding Cisco Traffic Analyzer Performance Manager collects Fibre Channel level performance statistics using SNMP to access counters on Cisco MDS 9000 Family switches.
  • Page 254 Chapter 9 Cisco Traffic Analyzer Installing Cisco Traffic Analyzer S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Click Interfaces >...

  • Page 255: Accessing Traffic Analyzer From Fabric Manager Web Server

    Chapter 9 Cisco Traffic Analyzer Accessing Traffic Analyzer from Fabric Manager Web Server S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m To modify the script that launches ntop (ntop.sh or ntop.bat), follow the instructions provided within the script file.
  • Page 256 Chapter 9 Cisco Traffic Analyzer Accessing Traffic Analyzer from Fabric Manager Web Server S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Click a Traffic Analyzer to launch that Traffic Analyzer within Fabric Manager Web Server.

  • Page 257: Installation And Switch Management

    S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m A R T Installation and Switch Management...
  • Page 258 S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m...

  • Page 259: Licensing Terminology

    S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m C H A P T E R Obtaining and Installing Licenses Licenses are available in all switches in the Cisco MDS 9000 Family.

  • Page 260: C H A P T E R 10 Obtaining And Installing Licenses

    Chapter 10 Obtaining and Installing Licenses Licensing Model S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Licensed application—A software feature that requires a license to be used.
  • Page 261 Chapter 10 Obtaining and Installing Licenses Licensing Model S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Chapter 11, “On-Demand Port Activation Licensing”...
  • Page 262 Chapter 10 Obtaining and Installing Licenses Licensing Model S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Table 10-1 Feature-Based Licenses Feature License...
  • Page 263 Chapter 10 Obtaining and Installing Licenses Licensing Model S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Table 10-1 Feature-Based Licenses (continued) Feature License...
  • Page 264 Chapter 10 Obtaining and Installing Licenses Licensing Model S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Table 10-1 Feature-Based Licenses (continued) Feature License...
  • Page 265 Chapter 10 Obtaining and Installing Licenses Licensing Model S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Table 10-1 Feature-Based Licenses (continued) Feature License...

  • Page 266: Licensing High Availability

    Chapter 10 Obtaining and Installing Licenses Licensing High Availability S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Table 10-1 Feature-Based Licenses (continued) Feature License...

  • Page 267: Obtaining A Factory-Installed License

    Chapter 10 Obtaining and Installing Licenses Obtaining a Factory-Installed License S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Obtaining a Factory-Installed License You can obtain factory-installed licenses for a new switch.

  • Page 268: Installing The License Key File

    Chapter 10 Obtaining and Installing Licenses Installing the License Key File S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Select Physical >...

  • Page 269: Installing Licenses Using Fabric Manager License Wizard

    Chapter 10 Obtaining and Installing Licenses Installing Licenses Using Fabric Manager License Wizard S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Installing Licenses Using Fabric Manager License Wizard To install licenses using the Fabric Manager License Wizard, follow these steps: Step 1...

  • Page 270: Installing Or Updating Licenses Using Device Manager

    Chapter 10 Obtaining and Installing Licenses Installing or Updating Licenses Using Device Manager S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Select the switches for which you have PAKs or license key files.

  • Page 271: Identifying License Features In Use

    Chapter 10 Obtaining and Installing Licenses Identifying License Features in Use S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Click Install if you are installing, or Update if you are updating.

  • Page 272: Uninstalling Licenses

    Chapter 10 Obtaining and Installing Licenses Uninstalling Licenses S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Uninstalling Licenses You can only uninstall a permanent license that is not in use.

  • Page 273: Grace Period Alerts

    Chapter 10 Obtaining and Installing Licenses Grace Period Alerts S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m To update a license, follow these steps: Obtain the updated license file using the procedure described in the “Obtaining the License Key File”...

  • Page 274: License Transfers Between Switches

    Chapter 10 Obtaining and Installing Licenses License Transfers Between Switches S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m License Transfers Between Switches A license is specific to the switch for which it is issued and is not valid on any other switch.

  • Page 275: Viewing Licenses Using Fabric Manager Web Server

    Chapter 10 Obtaining and Installing Licenses Fabric Manager Server Licensing S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Click the Features tab to see the name of the feature package, the type of license, the expiration date, Step 2 the grace period (if you do not have a license for a particular feature), and any errors, such as a missing...
  • Page 276 Chapter 10 Obtaining and Installing Licenses Fabric Manager Server Licensing S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Cisco MDS 9000 Family Fabric Manager Configuration Guide 10-18 OL-17256-03, Cisco MDS NX-OS Release 4.x...

  • Page 277: On-Demand Port Activation Licensing

    S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m C H A P T E R On-Demand Port Activation Licensing This chapter describes how to use the on-demand port activation licensing feature on the Cisco MDS...

  • Page 278: Port-Naming Conventions

    Chapter 11 On-Demand Port Activation Licensing About On-Demand Port Activation Licensing S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Port-Naming Conventions Table 11-1 describes the port-naming conventions for the four Cisco Fabric switches.

  • Page 279: C H A P T E R 11 On-Demand Port Activation Licensing

    Chapter 11 On-Demand Port Activation Licensing About On-Demand Port Activation Licensing S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 11-3 Cisco Fabric Switch for HP c-Class BladeSystem Default Port Licenses (ext1 - ext4) EXT 1...

  • Page 280: Configuring Port Activation Licenses

    Chapter 11 On-Demand Port Activation Licensing Configuring Port Activation Licenses S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Table 11-2 Port Activation License Status Definitions Port Activation License Status...

  • Page 281: Making A Port Eligible For A License

    Chapter 11 On-Demand Port Activation Licensing Configuring Port Activation Licenses S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 11-5 Licenses Dialog Box Step 2...

  • Page 282: Acquiring A License For A Port

    Chapter 11 On-Demand Port Activation Licensing Configuring Port Activation Licenses S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 11-7 FC Interfaces Dialog Box Select eligible from the Config drop-down list for each port that you want to make eligible.
  • Page 283 Chapter 11 On-Demand Port Activation Licensing Configuring Port Activation Licenses S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Right-click the selected ports, select Configure, and click the License tab.
  • Page 284 Chapter 11 On-Demand Port Activation Licensing Configuring Port Activation Licenses S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Cisco MDS 9000 Family Fabric Manager Configuration Guide 11-8 OL-17256-03, Cisco MDS NX-OS Release 4.x...

  • Page 285: Initial Configuration

    S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m C H A P T E R Initial Configuration Most of the initial switch configuration procedures can only be performed using the CLI.

  • Page 286: Chapter 12 Initial Configuration

    Chapter 12 Initial Configuration Verifying the Module Status S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Double-click the Logical Name of the switch you want to change in the Information pane.

  • Page 287: Configuring Date, Time, And Time Zone

    Chapter 12 Initial Configuration Configuring Date, Time, and Time Zone S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m If the status is OK or active, you can continue with your configuration (see Chapter 19, “Managing Modules”).

  • Page 288: Ntp Configuration

    Chapter 12 Initial Configuration NTP Configuration S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m If you do not enter a time zone, GMT is used as the default.
  • Page 289 Chapter 12 Initial Configuration NTP Configuration S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m If an active server fails, a configured peer helps in providing the NTP time.

  • Page 290: Configuring Ntp

    Chapter 12 Initial Configuration NTP Configuration S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m NTP peer 10.10.10.2 –...

  • Page 291: Deleting An Ntp Server Or Peer

    Chapter 12 Initial Configuration NTP Configuration S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m In Fabric Manager, you see the System information pane.

  • Page 292: Ntp Cfs Distribution

    Chapter 12 Initial Configuration NTP Configuration S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m NTP CFS Distribution You can enable NTP fabric distribution for all Cisco MDS switches in the fabric.

  • Page 293: Committing Ntp Configuration Changes

    Chapter 12 Initial Configuration NTP Configuration S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m A warning displays if you do not enable CFS for all switches in the fabric for this feature.

  • Page 294: Database Merge Guidelines

    Chapter 12 Initial Configuration Management Interface Configuration S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m The changes are only available in the volatile directory and are subject to being discarded if the switch is restarted.

  • Page 295: Telnet Server Connection

    Chapter 12 Initial Configuration Telnet Server Connection S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 12-7 Default Gateway Default...

  • Page 296: Configuring Cdp

    Chapter 12 Initial Configuration Configuring CDP S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Configuring CDP The Cisco Discovery Protocol (CDP) is an advertisement protocol used by Cisco devices to advertise itself to other Cisco devices in the same network.
  • Page 297 Chapter 12 Initial Configuration Configuring CDP S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Click IP >...
  • Page 298 Chapter 12 Initial Configuration Configuring CDP S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Cisco MDS 9000 Family Fabric Manager Configuration Guide 12-14 OL-17256-03, Cisco MDS NX-OS Release 4.x...

  • Page 299: About Cfs

    S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m C H A P T E R Using the CFS Infrastructure The Cisco MDS NX-OS software uses the Cisco Fabric Services (CFS) infrastructure to enable efficient...

  • Page 300: Chapter 13 Using The Cf Infrastructure

    Chapter 13 Using the CFS Infrastructure About CFS S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Cisco Fabric Services (CFS) provides a common infrastructure for automatic configuration synchronization in the fabric.

  • Page 301: Cfs Protocol

    Chapter 13 Using the CFS Infrastructure About CFS S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Three scopes of distribution.

  • Page 302: Cfs Distribution Modes

    Chapter 13 Using the CFS Infrastructure Disabling CFS Distribution on a Switch S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m CFS Distribution Modes CFS supports different distribution modes to support different application requirements: coordinated and uncoordinated distributions.

  • Page 303: Cfs Application Requirements

    Chapter 13 Using the CFS Infrastructure CFS Application Requirements S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m In the information pane, from the drop-down menu, choose disable or enable for a switch.

  • Page 304: Locking The Fabric

    Chapter 13 Using the CFS Infrastructure Locking the Fabric S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m The application configuration is not distributed by CFS unless distribution is explicitly enabled for that application.

  • Page 305: Committing Changes

    Chapter 13 Using the CFS Infrastructure Committing Changes S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Committing Changes A commit operation saves the pending database for all application peers and releases the lock for all switches.

  • Page 306: Discarding Changes

    Chapter 13 Using the CFS Infrastructure Discarding Changes S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Device Manager retrieves the status of the CFS change and updates the Last Command and Result columns.

  • Page 307: Cfs Merge Support

    Chapter 13 Using the CFS Infrastructure CFS Merge Support S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 13-1 Clearing Locks Exercise caution when using this function to clear locks in the fabric.

  • Page 308: Cfs Distribution Over Ip

    Chapter 13 Using the CFS Infrastructure CFS Distribution over IP S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m CFS Distribution over IP You can configure CFS to distribute information over IP for networks containing switches that are not reachable over Fibre Channel.

  • Page 309: Configuring Static Ip Peers For Cfs Over Ip

    Chapter 13 Using the CFS Infrastructure CFS Distribution over IP S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 13-3 Network Example 2 with Fibre Channel and IP Connections Node A...

  • Page 310: Adding Peers To List

    Chapter 13 Using the CFS Infrastructure CFS Distribution over IP S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m If a new NPV switch is added to the fabric, you must launch the NPV CFS Setup wizard to update the Note list, because Fabric Manager does not update the list automatically.
  • Page 311 Chapter 13 Using the CFS Infrastructure CFS Distribution over IP S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 13-6 NPV Device Selection From the NPV Device to retrieve peer list from drop-down list box, select the device to retrieve the...

  • Page 312: Removing An Npv Device From The Peer List

    Chapter 13 Using the CFS Infrastructure CFS Distribution over IP S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Select the peers, and then click Ok to add the peers to the list.
  • Page 313 Chapter 13 Using the CFS Infrastructure CFS Distribution over IP S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 13-9 Start Dynamic Peer Discovery Click Yes to remove the deleted peer or localhost from all the other NPV device peer lists, and start...

  • Page 314: Cfs Regions

    Chapter 13 Using the CFS Infrastructure CFS Regions S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m CFS Regions This section contains the following topics: About CFS Regions, page 13-16...

  • Page 315: Managing Cfs Regions Using Fabric Manager

    Chapter 13 Using the CFS Infrastructure CFS Regions S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Managing CFS Regions Using Fabric Manager This section describes how to use Fabric Manager for managing CFS regions.
  • Page 316 Chapter 13 Using the CFS Infrastructure CFS Regions S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Click the Create Row button on the toolbar.

  • Page 317: Deleting Cfs Regions

    Chapter 13 Using the CFS Infrastructure CFS Regions S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 13-12 Feature by Region Tab Double-click the RegionId cell in the required row.

  • Page 318: Cfs Example Using Fabric Manager

    Chapter 13 Using the CFS Infrastructure CFS Example Using Fabric Manager S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 13-14 shows a confirmation dialog box.
  • Page 319 Chapter 13 Using the CFS Infrastructure CFS Example Using Fabric Manager S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m You see the configuration for this feature based on the master switch (see Figure 13-16).
  • Page 320 Chapter 13 Using the CFS Infrastructure CFS Example Using Fabric Manager S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 13-19 Status Change to Running From the Config Action drop-down list, select abortChanges for each switch that you enabled for CFS...

  • Page 321: Cfs Example Using Device Manager

    Chapter 13 Using the CFS Infrastructure CFS Example Using Device Manager S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m CFS Example Using Device Manager This procedure is an example of what you see when you use Device Manager to configure a feature that uses CFS.
  • Page 322 Chapter 13 Using the CFS Infrastructure Default Settings S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Table 13-1 Default CFS Parameters (continued) Parameters...

  • Page 323: About Flexattach Virtual Pwwn

    S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m C H A P T E R Configuring FlexAttach Virtual pWWN This chapter describes the FlexAttach virtual port world-wide name (pWWN) feature and includes the...

  • Page 324: Flexattach Virtual Pwwn Guidelines And Requirements

    Chapter 14 Configuring FlexAttach Virtual pWWN FlexAttach Virtual pWWN Guidelines and Requirements S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Server Mobility—A server can be moved to another port on the same NPV device or another NPV •...

  • Page 325: Launching Flexattach In Fabric Manager

    Chapter 14 Configuring FlexAttach Virtual pWWN Configuring FlexAttach Virtual pWWN S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 14-1 FlexAttach in Device Manager You see the FlexAttach window.

  • Page 326: Manually Enabling Flexattach Virtual Pwwn

    Chapter 14 Configuring FlexAttach Virtual pWWN Configuring FlexAttach Virtual pWWN S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 14-3 FlexAttach Menu Manually Enabling FlexAttach Virtual pWWN...
  • Page 327 Chapter 14 Configuring FlexAttach Virtual pWWN Configuring FlexAttach Virtual pWWN S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 14-4 Virtual PWWN Tab View in Device Manager The Virtual pWWN tab view displays a list of the interfaces.

  • Page 328: Mapping Pwwn To Virtual Pwwn

    Chapter 14 Configuring FlexAttach Virtual pWWN Configuring FlexAttach Virtual pWWN S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 14-5 Virtual pWWN Tab View in Fabric Manager Note...
  • Page 329 Chapter 14 Configuring FlexAttach Virtual pWWN Configuring FlexAttach Virtual pWWN S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 14-6 Physical to Virtual WWNs Tab View in Device Manager The LastChange field displays the time when the virtual pWWN was changed.

  • Page 330: Debugging Flexattach Virtual Pwwn

    Chapter 14 Configuring FlexAttach Virtual pWWN Configuring FlexAttach Virtual pWWN S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Debugging FlexAttach Virtual pWWN Table 14-1 lists the errors that might be displayed and provides the workarounds.

  • Page 331: Flexattach Virtual Pwwn Cfs Distribution

    Chapter 14 Configuring FlexAttach Virtual pWWN Using the Server Admin FlexAttach Wizards S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m FlexAttach Virtual pWWN CFS Distribution The FlexAttach virtual pWWN configuration is distributed for CFS through IPv4, and is enabled by default.

  • Page 332: Pre-Configuring Flexattach For All The Ports

    Chapter 14 Configuring FlexAttach Virtual pWWN Using the Server Admin FlexAttach Wizards S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Pre-Configuring FlexAttach for All the Ports Using the Pre-Configure Server Basic configuration wizard, you can set the following port configurations for all the ports in one or more switches in common:...
  • Page 333 Chapter 14 Configuring FlexAttach Virtual pWWN Using the Server Admin FlexAttach Wizards S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 14-10 Pre Configure Server - Basic Configuration In the Basic Configuration window, check the check box to select one or more switches from the list of...

  • Page 334: Pre-Configuring Flexattach For Each Port Individually

    Chapter 14 Configuring FlexAttach Virtual pWWN Using the Server Admin FlexAttach Wizards S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 14-11 Pre-Configure Server - Finish Pre-Configuring FlexAttach for Each Port Individually...
  • Page 335 Chapter 14 Configuring FlexAttach Virtual pWWN Using the Server Admin FlexAttach Wizards S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 14-12 Pre-Configure Server - Advanced Configuration In the Interface tab, click to select a switch from the list of switches displayed in the left pane.
  • Page 336 Chapter 14 Configuring FlexAttach Virtual pWWN Using the Server Admin FlexAttach Wizards S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Repeat Step 3 through Step 4 for each switch.

  • Page 337: Moving A Server To Another Port Or Switch

    Chapter 14 Configuring FlexAttach Virtual pWWN Using the Server Admin FlexAttach Wizards S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Moving a Server to Another Port or Switch Using the Move Server wizard, you can move a server to another port on the same NPV device or another NPV device without changing the SAN.
  • Page 338 Chapter 14 Configuring FlexAttach Virtual pWWN Using the Server Admin FlexAttach Wizards S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 14-15 Move Port Selection From the Select a Switch drop-down list, select the switch.
  • Page 339 Chapter 14 Configuring FlexAttach Virtual pWWN Using the Server Admin FlexAttach Wizards S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 14-16 New Port Selection From the Select a Switch drop-down list box, select the switch.

  • Page 340: Replacing A Server With Another Server

    Chapter 14 Configuring FlexAttach Virtual pWWN Using the Server Admin FlexAttach Wizards S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 14-17 Existing Server Virtual Port WWN Entry In the Server WWN window, enter the existing server virtual port WWN to be moved.

  • Page 341: Replacing A Server On The Same Port

    Chapter 14 Configuring FlexAttach Virtual pWWN Using the Server Admin FlexAttach Wizards S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Replacing a Server on the Same Port To replace a failed server with a new server on the same port, follow these steps: Step 1...
  • Page 342 Chapter 14 Configuring FlexAttach Virtual pWWN Using the Server Admin FlexAttach Wizards S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 14-19 Failed Port Selection In the Failed Port selection window, from the Select a Switch drop-down list, select the switch.

  • Page 343: Replacing The Server To A Different Port On The Same Switch

    Chapter 14 Configuring FlexAttach Virtual pWWN Using the Server Admin FlexAttach Wizards S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 14-20 Server WWN Entries In the Server WWN window, enter the existing FlexAttach server virtual port WWN to be replaced, and...

  • Page 344: Replacing With A Server On A Different Switch

    Chapter 14 Configuring FlexAttach Virtual pWWN Using the Server Admin FlexAttach Wizards S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m The New Port window is displayed.

  • Page 345: Difference Between San Device Virtualization And Flexattach Port Virtualization

    Chapter 14 Configuring FlexAttach Virtual pWWN Difference Between San Device Virtualization and FlexAttach Port Virtualization S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m In the Replace Server wizard, click the With Spare Server on a Different NPV switch radio button.
  • Page 346 Chapter 14 Configuring FlexAttach Virtual pWWN Difference Between San Device Virtualization and FlexAttach Port Virtualization S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Cisco MDS 9000 Family Fabric Manager Configuration Guide 14-24 OL-17256-03, Cisco MDS NX-OS Release 4.x...

  • Page 347: Software Images

    S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m C H A P T E R Software Images This chapter describes how to install and upgrade Cisco MDS software images.

  • Page 348: Selecting The Correct Software Images For Cisco Mds 9100 Series Switches

    Chapter 15 Software Images About Software Images S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Software images—The kickstart and system image files reside in directories or folders that can be •...

  • Page 349: Chapter 15 Software Image

    Chapter 15 Software Images Essential Upgrade Prerequisites S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Table 15-3 Supervisor Module Software Image Naming Conventions for MDS 9500 Series Cisco MDS 9500 Series...
  • Page 350 Chapter 15 Software Images Essential Upgrade Prerequisites S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m 1000 BASE-T Ethernet is only available on Supervisor-2 modules.

  • Page 351: Software Upgrade Methods

    Chapter 15 Software Images Software Upgrade Methods S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m If the switching module(s) are not compatible with the new supervisor module image, some Note traffic disruption may be noticed in the related modules, depending on your configuration.

  • Page 352: Automated Upgrades

    Chapter 15 Software Images Automated Upgrades S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Configuration incompatibility—There is a possible incompatibility if certain features in the running •...

  • Page 353: Recognizing Failure Cases

    Chapter 15 Software Images Automated Upgrades S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m After a switchover process, you can see the progress from both the supervisor modules.

  • Page 354: Using The Software Install Wizard

    Chapter 15 Software Images Using the Software Install Wizard S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Using the Software Install Wizard You can use the Software Install Wizard to install Cisco NX-OS images on supported switches.
  • Page 355 Chapter 15 Software Images Using the Software Install Wizard S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 15-4 Specify Software Image(s) by Model Dialog Box Click the row under the System, Kickstart, ASM-SFN, or SSI columns to enter image URIs.
  • Page 356 Chapter 15 Software Images Using the Software Install Wizard S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m You see the Start Install dialog box shown in Figure 15-6.
  • Page 357 Chapter 15 Software Images Using the Software Install Wizard S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 15-7 Version Check Results Dialog box The version check provides information about the impact of the upgrade for each module on the...

  • Page 358: Upgrading Services Modules

    Chapter 15 Software Images Using the Software Install Wizard S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 15-8 Download and Install Status Dialog Box On hosts where the TFTP server cannot be started, a warning is displayed.

  • Page 359: Nondisruptive Upgrades On Fabric And Modular Switches

    Chapter 15 Software Images Nondisruptive Upgrades on Fabric and Modular Switches S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Each IPS module in a switch requires a 5-minute delay before the next IPS module is upgraded.

  • Page 360: Performing A Nondisruptive Upgrade On A Fabric Switch

    Chapter 15 Software Images Maintaining Supervisor Modules S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Telnet sessions –...

  • Page 361: Replacing Supervisor Modules

    Chapter 15 Software Images Maintaining Supervisor Modules S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Standby Supervisor Module Boot Alert, page 15-16 •...

  • Page 362: Standby Supervisor Module Bootflash Memory

    Chapter 15 Software Images Installing Generation 2 Modules in Generation 1 Chassis S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Standby Supervisor Module Bootflash Memory When updating software images on the standby supervisor module, verify that there is enough space available for the image .

  • Page 363: Replacing Modules

    Chapter 15 Software Images Replacing Modules S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Replacing Modules When you replace any module (supervisor, switching, or services module), you must ensure that the new module is running the same software version as the rest of the switch.
  • Page 364 Chapter 15 Software Images Default Settings S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Cisco MDS 9000 Family Fabric Manager Configuration Guide 15-18 OL-17256-03, Cisco MDS NX-OS Release 4.x...
  • Page 365 S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m C H A P T E R Managing Configuration Files This chapter describes how to initially configure switches using the configuration files so they can be...

  • Page 366: Chapter 16 Managing Configuration Files

    Chapter 16 Managing Configuration Files Formatting Flash Devices and File Systems S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 16-2 External CompactFlash in the Cisco MDS 9000 Supervisor Module CompactFlash 1...

  • Page 367: Flash Files

    Chapter 16 Managing Configuration Files Using the File System S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Copying Files, page 16-5 •...

  • Page 368: Deleting An Existing File Or Directory

    Chapter 16 Managing Configuration Files Using the File System S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 16-4 Flash Files Dialog Box Step 2...

  • Page 369: Copying Files

    Chapter 16 Managing Configuration Files Using the File System S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 16-6 Flash Files Dialog Box Select a device and partition from the drop-down lists.
  • Page 370 Chapter 16 Managing Configuration Files Using the File System S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 16-7 Flash Files Dialog Box Select the device and partition from the drop-down lists for the directory containing the file you want to...

  • Page 371: Performing Other File Manipulation Tasks

    Chapter 16 Managing Configuration Files Working with Configuration Files S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Click Apply.

  • Page 372: Saving The Configuration

    Chapter 16 Managing Configuration Files Working with Configuration Files S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Saving the Configuration To save the configuration file using Device Manager, follow these steps: Click Admin >...

  • Page 373: Saving Startup Configurations In The Fabric

    Chapter 16 Managing Configuration Files Working with Configuration Files S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Enter the user name and password you use to access the switch or server.
  • Page 374 Chapter 16 Managing Configuration Files Working with Configuration Files S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Click Apply to copy the file.

  • Page 375: Configuring High Availability

    S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m C H A P T E R Configuring High Availability The Cisco MDS 9500 Series of multilayer directors support application restartability and nondisruptive...

  • Page 376: Switchover Mechanisms

    Chapter 17 Configuring High Availability Switchover Mechanisms S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m both supervisor modules come up at the same time, sup-1 becomes active.

  • Page 377: Switchover Guidelines

    Chapter 17 Configuring High Availability Switchover Guidelines S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 17-1 Modules Screen Shows Current Supervisor Select Admin >...

  • Page 378: Switchover Mechanisms

    Chapter 17 Configuring High Availability Synchronizing Supervisor Modules S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m The standby supervisor module automatically synchronizes its image with the running image on the active supervisor module.
  • Page 379 Chapter 17 Configuring High Availability Synchronizing Supervisor Modules S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Table 17-3 Internal States (continued) State...
  • Page 380 Chapter 17 Configuring High Availability Synchronizing Supervisor Modules S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Cisco MDS 9000 Family Fabric Manager Configuration Guide 17-6 OL-17256-03, Cisco MDS NX-OS Release 4.x...

  • Page 381: Displaying Switch Hardware Inventory

    S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m C H A P T E R Managing System Hardware This chapter provides details on how to manage system hardware other than services and switching...

  • Page 382: Chapter 18 Managing System Hardware

    Chapter 18 Managing System Hardware Running the CompactFlash Report S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m In Device Manager, choose Physical >...

  • Page 383: Displaying The Switch Serial Number

    Chapter 18 Managing System Hardware Displaying the Switch Serial Number S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Download m9000-lc1-gplug-mz.1.0.2.bin from the Software Center on Cisco.com Step 1 (http://www.cisco.com/cgi-bin/tablebuild.pl/mds-utilities).

  • Page 384: Power Supply Configuration Modes

    Chapter 18 Managing System Hardware Power Supply Configuration Modes S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m In a Cisco MDS 9500 Series switch, power usage is reserved for both supervisors whether one or both Note supervisor modules are present.

  • Page 385: Power Supply Configuration Guidelines

    Chapter 18 Managing System Hardware Power Supply Configuration Modes S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 18-4 Power Supply Information in Device Manager Configure the power attributes for the power supply.
  • Page 386 Chapter 18 Managing System Hardware Power Supply Configuration Modes S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Table 18-1 Redundant Mode Power Supply Scenarios (continued) Power...

  • Page 387: About Crossbar Management

    Chapter 18 Managing System Hardware About Crossbar Management S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Reason: 1800 W is the lesser of the two power supplies and it is less than the system usage.
  • Page 388 Chapter 18 Managing System Hardware About Crossbar Management S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m MDS 9513 Fabric-2 Crossbar Switching module •...

  • Page 389: Operational Considerations When Removing Crossbars

    Chapter 18 Managing System Hardware About Crossbar Management S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Operational Considerations When Removing Crossbars You can mix and match Generation 1 and Generation 2 hardware on the Cisco MDS 9500 Series Directors running Cisco MDS SAN-OS 3.0(1) or later without compromising the integrity and...

  • Page 390: Backward Compatibility For Generation 1 Modules In Cisco Mds 9513 Directors

    Chapter 18 Managing System Hardware About Crossbar Management S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Taking the crossbar out of service may cause a supervisor switchover.

  • Page 391: About Module Temperature

    Chapter 18 Managing System Hardware About Module Temperature S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m About Module Temperature Built-in automatic sensors are provided in all switches in the Cisco MDS 9000 Family to monitor your switch at all times.

  • Page 392: About Fan Modules

    Chapter 18 Managing System Hardware About Fan Modules S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m About Fan Modules Hot-swappable fan modules (fan trays) are provided in all switches in the Cisco MDS 9000 Family to manage airflow and cooling for the entire switch.

  • Page 393: Default Settings

    Chapter 18 Managing System Hardware Default Settings S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 18-6 Cisco MDS 9513 Front Fan Module Numbering The rear fan module (DS-13SLT-FAN-R) on the Cisco MDS 9513 Director has only two fans.
  • Page 394 Chapter 18 Managing System Hardware Default Settings S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Cisco MDS 9000 Family Fabric Manager Configuration Guide 18-14 OL-17256-03, Cisco MDS NX-OS Release 4.x...

  • Page 395: About Modules

    S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m C H A P T E R Managing Modules This chapter describes how to manage switching and services modules (also known as line cards) and...

  • Page 396: Chapter 19 Managing Module

    Chapter 19 Managing Modules About Modules S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Table 19-1 Supervisor Module Options (continued) Number of...

  • Page 397: Switching Modules

    Chapter 19 Managing Modules Verifying the Status of a Module S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Table 19-2 Supervisor Module Terms and Usage Module Terms...

  • Page 398: Obtaining Supervisor Module Statistics

    Chapter 19 Managing Modules Obtaining Supervisor Module Statistics S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 19-1 Card Module Status Display The Status column in the output should display an ok status for switching modules and an active or...

  • Page 399: Reloading Modules

    Chapter 19 Managing Modules Reloading Modules S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Table 19-3 Module States Module Status...

  • Page 400: Reloading A Switch

    Chapter 19 Managing Modules Reloading Modules S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Power Cycling Modules, page 19-6 •...

  • Page 401: Preserving The Module Configuration

    Chapter 19 Managing Modules Preserving the Module Configuration S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Check the Reset check box in the row for the module(s) you want to reset.

  • Page 402: Powering Off Switching Modules

    Chapter 19 Managing Modules Powering Off Switching Modules S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Table 19-4 Switching Module Configuration Status Scenario...

  • Page 403: Identifying Module Leds

    Chapter 19 Managing Modules Identifying Module LEDs S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Click the Card Module Config tab.
  • Page 404 Chapter 19 Managing Modules Identifying Module LEDs S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Table 19-6 describes the LEDs for the Cisco MDS 9200 Series interface module.
  • Page 405 Chapter 19 Managing Modules Identifying Module LEDs S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Table 19-7 LEDs for the Cisco MDS 9000 Family Fibre Channel Switching Modules Status...
  • Page 406 Chapter 19 Managing Modules Identifying Module LEDs S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Table 19-8 LEDs for the Cisco MDS 9500 Series Supervisor Modules Status...

  • Page 407: Managing Ssms And Supervisor Modules

    Chapter 19 Managing Modules Managing SSMs and Supervisor Modules S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Managing SSMs and Supervisor Modules This section describes the considerations for replacing SSMs and supervisor modules and for upgrading and downgrading Cisco MDS NX-OS and SAN-OS releases.
  • Page 408 Chapter 19 Managing Modules Default Settings S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Table 19-10 Default SSM Settings Parameters...

  • Page 409: Switch Configuration

    S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m A R T Switch Configuration...
  • Page 410 S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m...

  • Page 411: Common Interface Configuration

    S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m C H A P T E R Configuring Interfaces The main function of a switch is to relay frames from one data link to another.

  • Page 412: Chapter 20 Configuring Interface

    Chapter 20 Configuring Interfaces Fibre Channel Interfaces S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 20-1 Fibre Channel Interface Configuration Fibre Channel Interfaces...

  • Page 413: About Interface Modes

    Chapter 20 Configuring Interfaces Fibre Channel Interfaces S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m When configuring these host-optimized ports, the following port mode guidelines apply: You can configure only the first port in each 4-port group (for example, the first port in ports 1-4, •...

  • Page 414: E Port

    Chapter 20 Configuring Interfaces Fibre Channel Interfaces S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 20-2 Cisco MDS 9000 Family Switch Port Modes Interfaces are created in VSAN 1 by default.

  • Page 415: F Port

    Chapter 20 Configuring Interfaces Fibre Channel Interfaces S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m F Port In fabric port (F port) mode, an interface functions as a fabric port.

  • Page 416: Te Port

    Chapter 20 Configuring Interfaces Fibre Channel Interfaces S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m TE Port In trunking E port (TE port) mode, an interface functions as a trunking expansion port.

  • Page 417: Fx Port

    Chapter 20 Configuring Interfaces Fibre Channel Interfaces S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m ST port mode is not supported on the Cisco MDS 9124 Fabric Switch, the Cisco Fabric Switch for HP Note c-Class BladeSystem, and the Cisco Fabric Switch for IBM BladeCenter.

  • Page 418: Operational States

    Chapter 20 Configuring Interfaces Fibre Channel Interfaces S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Table 20-1 Administrative States Administrative State...
  • Page 419 Chapter 20 Configuring Interfaces Fibre Channel Interfaces S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Table 20-4 Reason Codes for Nonoperational States Applicable...
  • Page 420 Chapter 20 Configuring Interfaces Fibre Channel Interfaces S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Table 20-4 Reason Codes for Nonoperational States (continued) Applicable...

  • Page 421: Graceful Shutdown

    Chapter 20 Configuring Interfaces Fibre Channel Interfaces S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Graceful Shutdown Interfaces on a port are shut down by default (unless you modified the initial configuration).

  • Page 422: Configuring Interface Modes

    Chapter 20 Configuring Interfaces Fibre Channel Interfaces S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m (Optional) Set other configuration parameters using the other tabs.

  • Page 423: Autosensing

    Chapter 20 Configuring Interfaces Fibre Channel Interfaces S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Autosensing Autosensing speed is enabled on all 4-Gbps and 8-Gbps switching module interfaces by default.
  • Page 424 Chapter 20 Configuring Interfaces Fibre Channel Interfaces S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m To specify or remove the port owner using the Fabric Manager, follow these steps: Expand Switches >...
  • Page 425 Chapter 20 Configuring Interfaces Fibre Channel Interfaces S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m To specify or remove the port owner using the Device Manager, follow these steps: Double-click the interface in the modules panel.

  • Page 426: Configuring Port Guard

    Chapter 20 Configuring Interfaces Fibre Channel Interfaces S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Configuring Port Guard Using the port guard feature, you can restrict the number of error reports and bring a malfunctioning port to down state dynamically.
  • Page 427 Chapter 20 Configuring Interfaces Fibre Channel Interfaces S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Click Apply to activate the configuration.

  • Page 428: About Interface Descriptions

    Chapter 20 Configuring Interfaces Fibre Channel Interfaces S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 20-8 Device Manager - Interface Port Guard Tab Check the Enable check box.

  • Page 429: Identifying The Beacon Leds

    Chapter 20 Configuring Interfaces Fibre Channel Interfaces S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Expand Switches >...

  • Page 430: About Beacon Mode

    Chapter 20 Configuring Interfaces Fibre Channel Interfaces S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m The speed LED displays the speed of the port interface: Off—The interface attached to that port is functioning at 1000 Mbps.

  • Page 431: Switch Port Attribute Default Values

    Chapter 20 Configuring Interfaces Fibre Channel Interfaces S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m GBIC or SFP is specified to operate at 2 Gbps but is used at 4 Gbps.

  • Page 432: Displaying Sfp Transmitter Types

    Chapter 20 Configuring Interfaces Fibre Channel Interfaces S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Table 20-5 SFP Transmitter Acronym Definitions (continued) Definition...

  • Page 433: Tl Ports For Private Loops

    Chapter 20 Configuring Interfaces TL Ports for Private Loops S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 20-11 Device Manager Interface Monitor Dialog Box (Optional) Click the Pencil icon to reset the cumulative counters.

  • Page 434: Configuring Tl Ports

    Chapter 20 Configuring Interfaces TL Ports for Private Loops S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Each private device on a TL port may be included in a different zone.

  • Page 435: About Tl Port Alpa Caches

    Chapter 20 Configuring Interfaces Buffer Credits S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Expand Switches >...
  • Page 436 Chapter 20 Configuring Interfaces Buffer Credits S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m For 16-port switching modules and full rate ports, the default value is 16 for Fx mode and 255 for E or TE modes.

  • Page 437: Extended Bb_Credits On Generation 1 Switching Modules

    Chapter 20 Configuring Interfaces Buffer Credits S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Configuring Performance Buffers To configure performance buffers for a Fibre Channel interface using Fabric Manager, follow these steps:...

  • Page 438: Extended Bb_Credits On Generation 2 And Generation 3 Switching Modules

    Chapter 20 Configuring Interfaces Buffer Credits S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m The last two Fibre Channel ports (port 13 and port 14) and the two Gigabit Ethernet ports Note do not support the extended BB_credits feature (see...

  • Page 439: Management Interfaces

    Chapter 20 Configuring Interfaces Management Interfaces S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Expand Switches >...

  • Page 440: Vsan Interfaces

    Chapter 20 Configuring Interfaces VSAN Interfaces S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Click Apply Changes.
  • Page 441 Chapter 20 Configuring Interfaces Default Settings S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Expand Switches >...
  • Page 442 Chapter 20 Configuring Interfaces Default Settings S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Table 20-7 Default Interface Parameters Parameters...

  • Page 443: Configuring N Port Virtualization

    S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m C H A P T E R Configuring N Port Virtualization N port virtualization (NPV) reduces the number of Fibre Channel domain IDs in SANs.

  • Page 444: C H A P T E R 21 Configuring N Port Virtualization

    Chapter 21 Configuring N Port Virtualization About NPV S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 21-1 Cisco NPV Fabric Configuration NPV-Core Switch...

  • Page 445: Npv Mode

    Chapter 21 Configuring N Port Virtualization About NPV S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m NPV Mode A switch is in NPV mode after a user has enabled NPV and the switch has successfully rebooted.
  • Page 446 Chapter 21 Configuring N Port Virtualization About NPV S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m The BB_SCN of internal FLOGIs on NP ports is always set to zero.

  • Page 447: Default Port Numbers

    Chapter 21 Configuring N Port Virtualization About NPV S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Default Port Numbers Port numbers on NPV-enabled switches will vary depending on the switch model.

  • Page 448: Disruptive

    Chapter 21 Configuring N Port Virtualization NPV Guidelines and Requirements S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Balances the load by allowing the user to evenly distribute the load across external interfaces.

  • Page 449: Npv Traffic Management Guidelines

    Chapter 21 Configuring N Port Virtualization Configuring NPV S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m NPV Traffic Management Guidelines When deploying NPV traffic management, follow these guidelines: Use NPV traffic management only when the automatic traffic engineering by the NPV device is not...
  • Page 450 Chapter 21 Configuring N Port Virtualization Configuring NPV S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m On the 91x4 platform, before you downgrade from 3.2(2c) to earlier versions, shut the F port, enable •...

  • Page 451: Configuring Npv Traffic Management

    Chapter 21 Configuring N Port Virtualization Configuring NPV S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Configuring NPV Traffic Management The NPV traffic management feature is enabled after configuring NPV.
  • Page 452 Chapter 21 Configuring N Port Virtualization Configuring NPV S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 21-5 NPV Traffic Map Tab Click the Traffic Map tab.

  • Page 453: Enable Or Disable The Global Policy For Disruptive Load Balancing

    Chapter 21 Configuring N Port Virtualization Configuring NPV S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Select the Switch from the drop-down list as shown in Figure 21-6.
  • Page 454 Chapter 21 Configuring N Port Virtualization Configuring NPV S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m To enable disruptive load balancing on all the switches, check the Enable All check box as shown in Figure 21-8.

  • Page 455: Using The Npv Setup Wizard

    Chapter 21 Configuring N Port Virtualization Configuring NPV S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Using the NPV Setup Wizard To configure NPV using the wizard, follow these steps: Select Tools >...
  • Page 456 Chapter 21 Configuring N Port Virtualization Configuring NPV S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 21-10 Error in Launching Cisco MDS 9000 Family Fabric Manager Configuration Guide...
  • Page 457 Chapter 21 Configuring N Port Virtualization Configuring NPV S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Select the NPV devices as shown in Figure 21-11.
  • Page 458 Chapter 21 Configuring N Port Virtualization Configuring NPV S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m If you choose switches that are NPV disabled and click Next, a warning message appears with a list of IP addresses of the NPV devices on which NPV will be enabled.
  • Page 459 Chapter 21 Configuring N Port Virtualization Configuring NPV S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Select the NPIV core switches as shown in Figure 21-13.
  • Page 460 Chapter 21 Configuring N Port Virtualization Configuring NPV S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Create new NPV device and NPIV core switch pairs as required.
  • Page 461 Chapter 21 Configuring N Port Virtualization Configuring NPV S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m After you click the Next button in Step 3 of 6, the wizard determines if you have selected all the connected pairs.
  • Page 462 Chapter 21 Configuring N Port Virtualization Configuring NPV S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 21-16 Warning, NPV Setup Wizard Figure 21-17...
  • Page 463 Chapter 21 Configuring N Port Virtualization Configuring NPV S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m You can configure NPV associated ports either through automated or manual methods.
  • Page 464 Chapter 21 Configuring N Port Virtualization Configuring NPV S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m The ISLs are considered in the second method.
  • Page 465 Chapter 21 Configuring N Port Virtualization Configuring NPV S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 21-19 Warning, not Enough Number of Ports.
  • Page 466 Chapter 21 Configuring N Port Virtualization Configuring NPV S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m During manual selection from the list for NPV and NPIV, ports are defined as the licensed FC ports with "Operational status"...
  • Page 467 Chapter 21 Configuring N Port Virtualization Configuring NPV S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 21-21 Message Alert to Connect Port Pair.
  • Page 468 Chapter 21 Configuring N Port Virtualization Configuring NPV S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m The VSAN configuration is applied in the final step.
  • Page 469 Chapter 21 Configuring N Port Virtualization Configuring NPV S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m To select the NPV devices that need load balancing, click Configure Load Balancing, and then select the NPV devices for disruptive load balancing as shown in Figure...
  • Page 470 Chapter 21 Configuring N Port Virtualization Configuring NPV S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Review all the NPV Setup configurations you entered in the earlier steps and click Finish to complete Step 8 the setup as shown in...
  • Page 471 Chapter 21 Configuring N Port Virtualization Configuring NPV S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 21-27 Error in Applying Configurations and Details After the completion of all the tasks a link View NPV Port Connections is displayed in the place of the...
  • Page 472 Chapter 21 Configuring N Port Virtualization Configuring NPV S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 21-28 New NPV Port Pairs Cisco MDS 9000 Family Fabric Manager Configuration Guide...

  • Page 473: Dpvm Configuration

    Chapter 21 Configuring N Port Virtualization Configuring NPV S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 21-29 New NPV Port Pairs, Details DPVM Configuration...
  • Page 474 Chapter 21 Configuring N Port Virtualization Configuring NPV S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Once these requirements are met, you can enable port security as you would in any other context.

  • Page 475: About Generations Of Modules And Switches

    S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m C H A P T E R Configuring Generation 2 and Generation 3 Switching Modules...

  • Page 476: C H A P T E R 22 Configuring Generation 2 And Generation 3 Switching Modules

    Chapter 22 Configuring Generation 2 and Generation 3 Switching Modules About Generations of Modules and Switches S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Table 22-1 identifies the modules supported by the Cisco MDS 9500 Series switches and Cisco MDS 9216A and Cisco MDS 9216i switches, as well as the Fabric switches.

  • Page 477: Port Groups

    Chapter 22 Configuring Generation 2 and Generation 3 Switching Modules Port Groups and Port Rate Modes S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Port Groups and Port Rate Modes This section includes the following topics: Port Groups, page 22-3...

  • Page 478: Port Rate Modes

    Chapter 22 Configuring Generation 2 and Generation 3 Switching Modules Port Groups and Port Rate Modes S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Table 22-2 Bandwidth and Port Groups for the Fibre Channel Modules and Fabric Switches Bandwidth Per...
  • Page 479 Chapter 22 Configuring Generation 2 and Generation 3 Switching Modules Port Groups and Port Rate Modes S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Port rate modes are not supported on the Cisco Fabric Switch for HP c-Class BladeSystem, and the Cisco Note Fabric Switch for IBM BladeCenter.

  • Page 480: Dedicated Rate Mode

    Chapter 22 Configuring Generation 2 and Generation 3 Switching Modules Port Groups and Port Rate Modes S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Table 22-3 Port Rate Mode Support on Generation 2 and Generation 3 Modules and Switches Supports...

  • Page 481: Shared Rate Mode

    Chapter 22 Configuring Generation 2 and Generation 3 Switching Modules Port Groups and Port Rate Modes S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Table 22-5 show the amount of bandwidth reserved for a configured port speed on 4-Gbps switching modules.

  • Page 482: Reserving Bandwidth Quickly For The 8-Gbps Modules

    Chapter 22 Configuring Generation 2 and Generation 3 Switching Modules Port Groups and Port Rate Modes S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Table 22-6 Dedicated Rate Mode Bandwidth Reservation for Generation 3 Fibre Channel Modules (continued)

  • Page 483: Dynamic Bandwidth Management

    Chapter 22 Configuring Generation 2 and Generation 3 Switching Modules Port Groups and Port Rate Modes S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 22-2 RateMode Configuration Dialog Box Table 22-7...

  • Page 484: Out-Of-Service Interfaces

    Chapter 22 Configuring Generation 2 and Generation 3 Switching Modules Buffer Credit Allocation S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Ports configured in dedicated rate mode are allocated the required bandwidth to sustain a line rate of traffic at the maximum configured operating speed, and ports configured in shared mode share the available remaining bandwidth within the port group.
  • Page 485 Chapter 22 Configuring Generation 2 and Generation 3 Switching Modules Buffer Credit Allocation S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m The 48-Port and 24-Port 8-Gbps modules have dual global buffer pools.
  • Page 486 Chapter 22 Configuring Generation 2 and Generation 3 Switching Modules Buffer Credit Allocation S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 22-5 shows the default BB_credit buffer allocation model for 24-port 8-Gbps switching modules.
  • Page 487 Chapter 22 Configuring Generation 2 and Generation 3 Switching Modules Buffer Credit Allocation S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 22-7 shows the default BB_credit buffer allocation model for 24-port 4-Gbps switching modules.
  • Page 488 Chapter 22 Configuring Generation 2 and Generation 3 Switching Modules Buffer Credit Allocation S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m 48-Port 8-Gbps Fibre Channel Module BB_Credit Buffers Table 22-8 lists the BB_credit buffer allocation for the 48-port 8-Gbps Fibre Channel switching module.
  • Page 489 Chapter 22 Configuring Generation 2 and Generation 3 Switching Modules Buffer Credit Allocation S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m 24-Port 8-Gbps Fibre Channel Module BB_Credit Buffers Table 22-9 lists the BB_credit buffer allocation for the 24-port 8-Gbps Fibre Channel switching module.
  • Page 490 Chapter 22 Configuring Generation 2 and Generation 3 Switching Modules Buffer Credit Allocation S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m 4/44-Port 8-Gbps Host-Optimized Fibre Channel Module BB_Credit Buffers Table 22-10 lists the BB_credit buffer allocation for the 4/44-port 8-Gbps Fibre Channel switching...
  • Page 491 Chapter 22 Configuring Generation 2 and Generation 3 Switching Modules Buffer Credit Allocation S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m 48-Port 4-Gbps Fibre Channel Module BB_Credit Buffers Table 22-11 lists the BB_credit buffer allocation for 48-port 4-Gbps Fibre Channel switching modules.
  • Page 492 Chapter 22 Configuring Generation 2 and Generation 3 Switching Modules Buffer Credit Allocation S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 22-8 Example Speed and Rate Configuration on a 48-Port 4-Gbps Switching Module 4-Gbps...
  • Page 493 Chapter 22 Configuring Generation 2 and Generation 3 Switching Modules Buffer Credit Allocation S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Table 22-12 24 Port 4-Gbps Switching Module BB_Credit Buffer Allocation BB_Credit Buffers Per Port...
  • Page 494 Chapter 22 Configuring Generation 2 and Generation 3 Switching Modules Buffer Credit Allocation S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Table 22-13 18-Port 4-Gbps Multiservice Module BB_Credit Buffer Allocation BB_Credit Buffers Per Port...
  • Page 495 Chapter 22 Configuring Generation 2 and Generation 3 Switching Modules Buffer Credit Allocation S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m By default, 512 performance buffers are preallocated and are shared by all the ports.
  • Page 496 Chapter 22 Configuring Generation 2 and Generation 3 Switching Modules Buffer Credit Allocation S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m By default, 512 performance buffers are preallocated and are shared by all the ports.
  • Page 497 Chapter 22 Configuring Generation 2 and Generation 3 Switching Modules Buffer Credit Allocation S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Cisco MDS 9124 Fabric Switch BB_Credit Buffers Table 22-17 lists the BB_credit buffer allocation for 24-port 4-Gbps Fibre Channel switches.

  • Page 498: Combining Generation 1, Generation 2, And Generation 3 Modules

    Chapter 22 Configuring Generation 2 and Generation 3 Switching Modules Combining Generation 1, Generation 2, and Generation 3 Modules S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m for how many extended BB_credits you can assign to a port (except for the maximum and minimum limits).
  • Page 499 Chapter 22 Configuring Generation 2 and Generation 3 Switching Modules Combining Generation 1, Generation 2, and Generation 3 Modules S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Supervisor-2 modules support a maximum of 1020 port indexes when all switching modules in the •...

  • Page 500: Portchannels

    Chapter 22 Configuring Generation 2 and Generation 3 Switching Modules Combining Generation 1, Generation 2, and Generation 3 Modules S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m PortChannels PortChannels have the following restrictions: The maximum number of PortChannels allowed is 256 if all switching modules are Generation 2 or...
  • Page 501 Chapter 22 Configuring Generation 2 and Generation 3 Switching Modules Combining Generation 1, Generation 2, and Generation 3 Modules S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Table 22-20 PortChannel Configuration and Addition Results Configured Speed...

  • Page 502: Configuring Module Interface Shared Resources

    Chapter 22 Configuring Generation 2 and Generation 3 Switching Modules Configuring Module Interface Shared Resources S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Table 22-20 PortChannel Configuration and Addition Results (continued) Configured Speed...

  • Page 503: Migrating From Shared Mode To Dedicated Mode

    Chapter 22 Configuring Generation 2 and Generation 3 Switching Modules Configuring Module Interface Shared Resources S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Shared and dedicated rate mode •...

  • Page 504: Configuration Guidelines For 48-Port And 24-Port 4-Gbps Fibre Channel Switching Modules

    Chapter 22 Configuring Generation 2 and Generation 3 Switching Modules Configuring Module Interface Shared Resources S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m See the “Configuring Port Speed”...

  • Page 505: Configuration Guidelines For 12-Port 4-Gbps Switching Module Interfaces

    Chapter 22 Configuring Generation 2 and Generation 3 Switching Modules Configuring Module Interface Shared Resources S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m See the “About Interface Modes”...

  • Page 506: Configuring Port Speed

    Chapter 22 Configuring Generation 2 and Generation 3 Switching Modules Configuring Module Interface Shared Resources S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Use the following guidelines to configure 4-port 10-Gbps switching modules when starting with the default configuration: Configure the port mode.

  • Page 507: Configuring Rate Mode

    Chapter 22 Configuring Generation 2 and Generation 3 Switching Modules Configuring Module Interface Shared Resources S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 22-11 Speed Admin Column in Port Configuration The auto parameter enables autosensing on the interface.

  • Page 508: Configuring Oversubscription Ratio Restrictions

    Chapter 22 Configuring Generation 2 and Generation 3 Switching Modules Configuring Module Interface Shared Resources S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Click the Apply Changes icon.

  • Page 509: Disabling Restrictions On Oversubscription Ratios

    Chapter 22 Configuring Generation 2 and Generation 3 Switching Modules Configuring Module Interface Shared Resources S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m All ports in the 48-port and 24-port 8-Gbps modules can be configured to operate at 8 Gbps in shared mode even if other ports in the port group are configured in dedicated mode, regardless of available bandwidth.
  • Page 510 Chapter 22 Configuring Generation 2 and Generation 3 Switching Modules Configuring Module Interface Shared Resources S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m This feature is only supported on 48-port and 24-port 4-Gbps, and 8-Gbps Fibre Channel Caution switching modules.

  • Page 511: Enabling Restrictions On Oversubscription Ratios

    Chapter 22 Configuring Generation 2 and Generation 3 Switching Modules Configuring Module Interface Shared Resources S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Enabling Restrictions on Oversubscription Ratios You must enable restrictions on oversubscription ratios before you can downgrade modules to a previous Caution...

  • Page 512: Enabling Bandwidth Fairness

    Chapter 22 Configuring Generation 2 and Generation 3 Switching Modules Configuring Module Interface Shared Resources S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Enabling Bandwidth Fairness To enable bandwidth fairness on multiple 48-port or 24-port 4-Gbps, or any 8-Gbps Fibre Channel switching modules using Device Manager, follow these steps:...

  • Page 513: Disabling Bandwidth Fairness

    Chapter 22 Configuring Generation 2 and Generation 3 Switching Modules Configuring Module Interface Shared Resources S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 22-16 Module Dialog Box Click the enable radio button to enable bandwidth fairness.

  • Page 514: Upgrade Or Downgrade Scenario

    Chapter 22 Configuring Generation 2 and Generation 3 Switching Modules Configuring Module Interface Shared Resources S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Click Apply to save the changes.

  • Page 515: Releasing Shared Resources In A Port Group

    Chapter 22 Configuring Generation 2 and Generation 3 Switching Modules Displaying SFP Diagnostic Information S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Releasing Shared Resources in a Port Group When you want to reconfigure the interfaces in a port group on a Generation 2 or Generation 3 module, you can return the port group to the default configuration to avoid problems with allocating shared...
  • Page 516 Chapter 22 Configuring Generation 2 and Generation 3 Switching Modules Displaying SFP Diagnostic Information S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Right-click the selected ports, select Configure, and click the Diagnostics tab.

  • Page 517: Default Settings

    Chapter 22 Configuring Generation 2 and Generation 3 Switching Modules Default Settings S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Default Settings Table 22-22 lists the default settings for Generation 2 interface parameters.
  • Page 518 Chapter 22 Configuring Generation 2 and Generation 3 Switching Modules Default Settings S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Cisco MDS 9000 Family Fabric Manager Configuration Guide 22-44 OL-17256-03, Cisco MDS NX-OS Release 4.x...

  • Page 519: About Portchannels

    S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m C H A P T E R Configuring PortChannels This chapter discusses the PortChannel feature provided in the switch and includes the following...

  • Page 520: C H A P T E R 23 Configuring Portchannels

    Chapter 23 Configuring PortChannels About PortChannels S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m PortChannels on Cisco MDS 9000 Family switches allow flexibility in configuration.

  • Page 521: About F And Tf Portchannels

    Chapter 23 Configuring PortChannels About PortChannels S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m About F and TF PortChannels An F PortChannel is also a logical interface that combines a set of F ports connected to the same Fibre Channel node and operates as one link between the F ports and the NP ports.

  • Page 522: About Load Balancing

    Chapter 23 Configuring PortChannels About PortChannels S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m F ports and NP ports –...
  • Page 523 Chapter 23 Configuring PortChannels About PortChannels S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 23-4 SID1 and DID1 Based Load Balancing Link 1...

  • Page 524: About Portchannel Modes

    Chapter 23 Configuring PortChannels About PortChannels S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 23-5 SID1, DID1, and Exchange Based Load Balancing Link 1...

  • Page 525: Configuration Guidelines And Restrictions

    Chapter 23 Configuring PortChannels About PortChannels S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Table 23-1 compares ON and ACTIVE modes.

  • Page 526: F And Tf Portchannel Restrictions

    Chapter 23 Configuring PortChannels About PortChannels S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m If you execute the write erase command on a 32-port switching module, and then copy a saved •...

  • Page 527: Portchannel Configuration

    Chapter 23 Configuring PortChannels PortChannel Configuration S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m PortChannel Configuration PortChannels are created with default values.

  • Page 528: About Portchannel Configuration

    Chapter 23 Configuring PortChannels PortChannel Configuration S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 23-7 Misconfigured Configurations Channel Group 10...

  • Page 529: Configuring Portchannels Using The Wizard

    Chapter 23 Configuring PortChannels PortChannel Configuration S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m If you misconfigure PortChannels, you may receive a misconfiguration message.
  • Page 530 Chapter 23 Configuring PortChannels PortChannel Configuration S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 23-9 Select Switch Pairs Click Next.
  • Page 531 Chapter 23 Configuring PortChannels PortChannel Configuration S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 23-10 Select ISLs (Optional) Check the Dynamically form Port Channel Group from selected ISLs check box if you...
  • Page 532 Chapter 23 Configuring PortChannels PortChannel Configuration S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 23-11 Dynamically Form a PortChannel If you did not choose to dynamically form a PortChannel, you see the third PortChannel Wizard dialog...
  • Page 533 Chapter 23 Configuring PortChannels PortChannel Configuration S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 23-12 Create a PortChannel Change the channel ID or description for each switch, if necessary.

  • Page 534: Configuring The Portchannel Mode

    Chapter 23 Configuring PortChannels PortChannel Configuration S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Configuring the PortChannel Mode By default, the CLI and the Device Manager create the PortChannel in ON mode in the NPIV core switches and ACTIVE mode on the NPV switches.

  • Page 535: Interfaces In A Portchannel

    Chapter 23 Configuring PortChannels Interfaces in a PortChannel S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Click Next.

  • Page 536: Suspended And Isolated States

    Chapter 23 Configuring PortChannels Interfaces in a PortChannel S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m The check ensures that the following parameters and settings match at both ends of a PortChannel: Capability parameters (type of interface, Gigabit Ethernet at both ends, or Fibre Channel at both •...

  • Page 537: Forcing An Interface Addition

    Chapter 23 Configuring PortChannels Interfaces in a PortChannel S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 23-14 Port Channels Step 2...

  • Page 538: About Interface Deletion From A Portchannel

    Chapter 23 Configuring PortChannels PortChannel Protocols S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m About Interface Deletion from a PortChannel When a physical interface is deleted from the PortChannel, the channel membership is automatically updated.

  • Page 539: About Channel Group Creation

    Chapter 23 Configuring PortChannels PortChannel Protocols S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m The PortChannel protocol uses two subprotocols: Bringup protocol—Automatically detects misconfigurations so you can correct them.

  • Page 540: About Autocreation

    Chapter 23 Configuring PortChannels PortChannel Protocols S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Table 23-2 Channel Group Configuration Differences User-Configured Channel Group...

  • Page 541: Enabling And Configuring Autocreation

    Chapter 23 Configuring PortChannels PortChannel Protocols S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Once the last member is removed from an autocreated PortChannel, the channel is automatically •...

  • Page 542: Verifying The Portchannel Configuration

    Chapter 23 Configuring PortChannels Verifying the PortChannel Configuration S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 23-16 Switch Protocols Step 2...

  • Page 543: Default Settings

    Chapter 23 Configuring PortChannels Default Settings S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Default Settings Table 23-3 lists the default settings for PortChannels.
  • Page 544 Chapter 23 Configuring PortChannels Default Settings S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Cisco MDS 9000 Family Fabric Manager Configuration Guide 23-26 OL-17256-03, Cisco MDS NX-OS Release 4.x...
  • Page 545 S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m C H A P T E R Configuring Trunking This chapter describes the trunking feature provided in Cisco MDS 9000 switches.

  • Page 546: Chapter 24 Configuring Trunking

    Chapter 24 Configuring Trunking About Trunking S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Trunking E Ports Trunking the E ports enables interconnect ports to transmit and receive frames in more than one VSAN, over the same physical link, using enhanced ISL (EISL) frame format.

  • Page 547: Key Concepts

    Chapter 24 Configuring Trunking Trunking Guidelines and Restrictions S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Link Number Link Description 1a and 1b...

  • Page 548: Trunking Misconfiguration Examples

    Chapter 24 Configuring Trunking Trunking Guidelines and Restrictions S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m The trunk-allowed VSANs configured for TE, TF, and TNP links are used by the trunking protocol •...

  • Page 549: Upgrade And Downgrade Restrictions

    Chapter 24 Configuring Trunking Trunking Guidelines and Restrictions S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 24-4 Third-Party Switch VSAN Mismatch Third-party switches...

  • Page 550: Enabling The Trunking Protocols

    Chapter 24 Configuring Trunking Enabling the Trunking Protocols S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Enabling the Trunking Protocols This section explains how to enable or disable the required trunking and channeling protocols represented in...

  • Page 551: Enabling The F Port Trunking And Channeling Protocol

    Chapter 24 Configuring Trunking Configuring Trunk Mode and VSAN List S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Enabling the F Port Trunking and Channeling Protocol The trunking protocols must be enabled to support trunking, and NPIV must be enabled on the core Note...

  • Page 552: Configuring Trunk Mode

    Chapter 24 Configuring Trunking Configuring Trunk Mode and VSAN List S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m The preferred configuration on the Cisco MDS 9000 Family switches is one side of the trunk set to auto and the other side set to on.

  • Page 553: About Trunk-Allowed Vsan Lists And Vf_Ids

    Chapter 24 Configuring Trunking Configuring Trunk Mode and VSAN List S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Click the Apply Changes icon.
  • Page 554 Chapter 24 Configuring Trunking Configuring Trunk Mode and VSAN List S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 24-7 Default Allowed-Active VSAN Configuration Switch 2...

  • Page 555: Configuring An Allowed-Active List Of Vsans

    Chapter 24 Configuring Trunking Default Settings S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 24-8 Operational and Allowed VSAN Configuration Switch 2...
  • Page 556 Chapter 24 Configuring Trunking Default Settings S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Table 24-4 Default Trunk Configuration Parameters (continued) Parameters...
  • Page 557 S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m C H A P T E R Configuring Domain Parameters The Fibre Channel domain (fcdomain) feature performs principal switch selection, domain ID...

  • Page 558: Chapter 25 Configuring Domain Parameters

    Chapter 25 Configuring Domain Parameters Fibre Channel Domains S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Fibre Channel Domains This section describes each fcdomain phase: Principal switch selection—This phase guarantees the selection of a unique principal switch across...

  • Page 559: About Domain Restart

    Chapter 25 Configuring Domain Parameters Fibre Channel Domains S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Restarting a Domain, page 25-3 •...
  • Page 560 Chapter 25 Configuring Domain Parameters Fibre Channel Domains S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m To restart the fabric disruptively or nondisruptively using Fabric Manager, follow these steps: Expand Fabricxx >...

  • Page 561: About Switch Priority

    Chapter 25 Configuring Domain Parameters Fibre Channel Domains S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m About Switch Priority By default, the configured priority is 128.

  • Page 562: Enabling Or Disabling Fcdomains

    Chapter 25 Configuring Domain Parameters Fibre Channel Domains S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Enabling or Disabling fcdomains To disable fcdomains in a single VSAN or a range of VSANs using Fabric Manager, follow these steps: Expand Fabricxx >...

  • Page 563: Rejecting Incoming Rcfs

    Chapter 25 Configuring Domain Parameters Fibre Channel Domains S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Rejecting Incoming RCFs To reject incoming RCF request frames using Fabric Manager, follow these steps: Expand Switches >...

  • Page 564: Enabling Autoreconfiguration

    Chapter 25 Configuring Domain Parameters Domain IDs S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Enabling Autoreconfiguration To enable automatic reconfiguration in a specific VSAN (or range of VSANs) using Fabric Manager, follow these steps:...
  • Page 565 Chapter 25 Configuring Domain Parameters Domain IDs S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m If you do not configure a domain ID, the local switch sends a random ID in its request.

  • Page 566: Specifying Static Or Preferred Domain Ids

    Chapter 25 Configuring Domain Parameters Domain IDs S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m If the configured type is preferred, the local switch accepts the domain ID assigned by the –...

  • Page 567: About Allowed Domain Id Lists

    Chapter 25 Configuring Domain Parameters Domain IDs S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Enter a value for the Config DomainID and click static or preferred from the Config Type drop-down Step 2 menu to set the domain ID for switches in the fabric.

  • Page 568: About Cfs Distribution Of Allowed Domain Id Lists

    Chapter 25 Configuring Domain Parameters Domain IDs S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Click Apply Changes to enable CFS distribution for the allowed domain ID list.

  • Page 569: Locking The Fabric

    Chapter 25 Configuring Domain Parameters Domain IDs S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Expand Fabricxx >...

  • Page 570: Clearing A Fabric Lock

    Chapter 25 Configuring Domain Parameters Domain IDs S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Expand Fabricxx >...

  • Page 571: Displaying Session Status

    Chapter 25 Configuring Domain Parameters Domain IDs S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Displaying Session Status To display the status of the distribution session using Fabric Manager, follow these steps: Expand Fabricxx >...

  • Page 572: Fc Ids

    Chapter 25 Configuring Domain Parameters FC IDs S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m To enable contiguous domains in a specific VSAN (or a range of VSANs) using Fabric Manager, follow these steps: Expand Fabricxx >...

  • Page 573: About Persistent Fc Ids

    Chapter 25 Configuring Domain Parameters FC IDs S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m About Persistent FC IDs When persistent FC IDs are enabled, the following consequences apply: The currently in use FC IDs in the fcdomain are saved across reboots.

  • Page 574: Configuring Persistent Fc Ids

    Chapter 25 Configuring Domain Parameters FC IDs S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Ensure that the required VSAN is an active VSAN—persistent FC IDs can only be configured on •...

  • Page 575: About Unique Area Fc Ids For Hbas

    Chapter 25 Configuring Domain Parameters FC IDs S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m To configure persistent FC IDs using Fabric Manager, follow these steps: Expand Fabricxx >...
  • Page 576 Chapter 25 Configuring Domain Parameters FC IDs S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Expand End Device in the Physical Attributes pane and select the FLOGI tab in the Information pane Step 1 to obtain the port WWN (Port Name field) of the HBA (see...

  • Page 577: About Persistent Fc Id Selective Purging

    Chapter 25 Configuring Domain Parameters FC IDs S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 25-13 Setting the FC ID in Fabric Manager Step 8...

  • Page 578: Displaying Fcdomain Statistics

    Chapter 25 Configuring Domain Parameters Displaying fcdomain Statistics S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 25-14 Persistent FC ID Information in Fabric Manager Check the Purge check box for the switch that you want to purge persistent FC IDs on (see...

  • Page 579: Default Settings

    Chapter 25 Configuring Domain Parameters Default Settings S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Table 25-2 Default fcdomain Parameters (continued) Parameters...
  • Page 580 Chapter 25 Configuring Domain Parameters Default Settings S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Cisco MDS 9000 Family Fabric Manager Configuration Guide 25-24 OL-17256-03, Cisco MDS NX-OS Release 4.x...

  • Page 581: Fabric Configuration

    S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m A R T Fabric Configuration...
  • Page 582 S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m...

  • Page 583: Configuring And Managing Vsans

    S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m C H A P T E R Configuring and Managing VSANs You can achieve higher security and greater stability in Fibre Channel fabrics by using virtual SANs...
  • Page 584 Chapter 26 Configuring and Managing VSANs About VSANs S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Events causing traffic disruptions in one VSAN are contained within that VSAN and are not •...

  • Page 585: Chapter 26 Configuring And Managing Vsan

    Chapter 26 Configuring and Managing VSANs About VSANs S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 26-2 Example of Two VSANs Link in VSAN 2...

  • Page 586: Vsans Versus Zones

    Chapter 26 Configuring and Managing VSANs About VSANs S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Traffic isolation—Traffic is contained within VSAN boundaries and devices reside only in one •...

  • Page 587: Vsan Configuration

    Chapter 26 Configuring and Managing VSANs VSAN Configuration S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 26-3 VSANS with Zoning Physical Topology...

  • Page 588: About Vsan Creation

    Chapter 26 Configuring and Managing VSANs VSAN Configuration S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m OX ID based load balancing of IVR traffic from IVR- enabled switches is not supported on Note Generation 1 switching modules.

  • Page 589: About Port Vsan Membership

    Chapter 26 Configuring and Managing VSANs VSAN Configuration S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 26-5 Create VSAN Dialog Box As of Cisco SAN-OS Release 3.1(2) and later, if you check the Static Domain IDs check box,...

  • Page 590: Assigning Static Port Vsan Membership

    Chapter 26 Configuring and Managing VSANs VSAN Configuration S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Dynamically—By assigning VSANs based on the device WWN.

  • Page 591: Displaying Isolated Vsan Membership

    Chapter 26 Configuring and Managing VSANs VSAN Configuration S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Up to 256 VSANs can be configured in a switch.

  • Page 592: Deleting Static Vsans

    Chapter 26 Configuring and Managing VSANs VSAN Configuration S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 26-6 VSAN Port Membership Details Before...

  • Page 593: About Load Balancing

    Chapter 26 Configuring and Managing VSANs VSAN Configuration S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 26-7 Deleting a VSAN You see a confirmation dialog box.

  • Page 594: About Interop Mode

    Chapter 26 Configuring and Managing VSANs Default Settings S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Click Apply Changes to save these changes, or click Undo Changes to discard any unsaved changes.

  • Page 595: San Device Virtualization

    S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m C H A P T E R SAN Device Virtualization This chapter describes how to configure virtual devices to represent physical end devices for switches...

  • Page 596: Chapter 27 San Device Virtualization

    Chapter 27 SAN Device Virtualization About SDV S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 27-2 Initiator Virtualization Primary...

  • Page 597: Key Concepts

    Chapter 27 SAN Device Virtualization About SDV S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Clustering (multiple initiators) compounds the problem, and the failover procedure must be repeated •...

  • Page 598: Automatic Failover And Fallback

    Chapter 27 SAN Device Virtualization Configuring SDV S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Secondary device—The additional device that is configured.
  • Page 599 Chapter 27 SAN Device Virtualization Configuring SDV S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Identifier (OUI).
  • Page 600 Chapter 27 SAN Device Virtualization Configuring SDV S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 27-6 Enabling SAN Device Virtualization Step 4...

  • Page 601: Linking A Virtual Device With A Physical Device

    Chapter 27 SAN Device Virtualization Configuring SDV S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 27-8 Virtual Devices tab Click Create to create the virtual target.

  • Page 602: Resolving Fabric Merge Conflicts

    Chapter 27 SAN Device Virtualization Configuring SDV S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m When the secondary device is active, if you link to a third device, and if the fallback attribute was •...

  • Page 603: Sdv Requirements And Guidelines

    Chapter 27 SAN Device Virtualization SDV Requirements and Guidelines S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m A blank commit is a commit operation that does not contain configuration changes, and enforces the SDV configuration of the committing switch fabric-wide.

  • Page 604: Default Settings

    Chapter 27 SAN Device Virtualization Default Settings S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m There must be at least one SDV-enabled switch that is not a Cisco MDS 9124 Switch between the server Caution and the device that are being virtualized.

  • Page 605: Creating Dynamic Vsans

    S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m C H A P T E R Creating Dynamic VSANs Port VSAN membership on the switch is assigned on a port-by-port basis.

  • Page 606: Chapter 28 Creating Dynamic Vsan

    Chapter 28 Creating Dynamic VSANs DPVM S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m DPVM is not supported on FL ports.
  • Page 607 Chapter 28 Creating Dynamic VSANs DPVM S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 28-1 DPVM Wizard Icon You see the Select Master Switch page.
  • Page 608 Chapter 28 Creating Dynamic VSANs DPVM S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 28-3 DPVM Setup Wizard: AutoLearn Current End Devices (Optional) Check the Create Configuration From Currently Logged In End Devices check box if you...

  • Page 609: About Dpvm Databases

    Chapter 28 Creating Dynamic VSANs DPVM S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Click Finish to update the DPVM config database, distribute the changes using CFS, and activate the Step 13 database, or click Cancel to exit the DPVM Setup Wizard without saving changes.
  • Page 610 Chapter 28 Creating Dynamic VSANs DPVM S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m You must click on the CFS tab inorder to activate the other tabs Note Click the Config Database tab and then click the Create Row to insert a new entry.

  • Page 611: Activating Dpvm Config Databases

    Chapter 28 Creating Dynamic VSANs DPVM S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Activating DPVM Config Databases When you explicitly activate the DPVM config database, the DPVM config database becomes the active DPVM database.

  • Page 612: Viewing The Pending Database

    Chapter 28 Creating Dynamic VSANs DPVM S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Viewing the Pending Database To view the pending database using Fabric Manager, follow these steps: Expand Fabricxx>...

  • Page 613: Enabling Autolearning

    Chapter 28 Creating Dynamic VSANs DPVM S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Learning new device logins—...

  • Page 614: Dpvm Database Distribution

    Chapter 28 Creating Dynamic VSANs DPVM Database Distribution S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 28-12 DPVM Actions Tab Select clear from the Auto Learn Clear drop-down menu.

  • Page 615: Disabling Dpvm Database Distribution

    Chapter 28 Creating Dynamic VSANs DPVM Database Distribution S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m These changes are distributed to all switches in a fabric when you commit the changes.

  • Page 616: Committing Changes

    Chapter 28 Creating Dynamic VSANs DPVM Database Distribution S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 28-13 Create Config Database Choose an available pWWN and login VSAN.

  • Page 617: Discarding Changes

    Chapter 28 Creating Dynamic VSANs Database Merge Guidelines S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Discarding Changes If you discard (abort) the changes made to the DPVM pending database, the configurations remain unaffected and the lock is released.

  • Page 618: About Copying Dpvm Databases

    Chapter 28 Creating Dynamic VSANs Database Merge Guidelines S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m This section describes how to merge DPVM databases and includes the following topics: About Copying DPVM Databases, page 28-14 •...

  • Page 619: Default Settings

    Chapter 28 Creating Dynamic VSANs Default Settings S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Default Settings Table 28-1 lists the default settings for DPVM parameters.
  • Page 620 Chapter 28 Creating Dynamic VSANs Default Settings S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Cisco MDS 9000 Family Fabric Manager Configuration Guide 28-16 OL-17256-03, Cisco MDS NX-OS Release 4.x...

  • Page 621: Configuring Inter-Vsan Routing

    S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m C H A P T E R Configuring Inter-VSAN Routing This chapter explains the Inter-VSAN routing (IVR) feature and provides details on sharing resources...

  • Page 622: About Ivr

    Chapter 29 Configuring Inter-VSAN Routing Inter-VSAN Routing S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m About IVR IVR is not supported on the Cisco MDS 9124 Fabric Switch, the Cisco MDS 9134 Fabric Switch, the Note...

  • Page 623: Ivr Features

    Chapter 29 Configuring Inter-VSAN Routing Inter-VSAN Routing S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m IVR Features IVR supports the following features: Accesses resources across VSANs without compromising other VSAN benefits.

  • Page 624: Ivr Limits Summary

    Chapter 29 Configuring Inter-VSAN Routing Inter-VSAN Routing S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Border switch—An IVR-enabled switch that is a member of two or more VSANs.

  • Page 625: Ivr Nat

    Chapter 29 Configuring Inter-VSAN Routing Inter-VSAN Routing S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m IVR NAT Without Network Address Translation (NAT), IVR requires unique domain IDs for all switches in the fabric.

  • Page 626: Ivr Vsan Topology

    Chapter 29 Configuring Inter-VSAN Routing Inter-VSAN Routing S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Table 29-2 Extended Link Service Messages Supported by IVR NAT (continued) Link Service Command...

  • Page 627: Autonomous Fabric Id

    Chapter 29 Configuring Inter-VSAN Routing About the IVR Zone Wizard S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m IVR topology in auto mode requires Cisco MDS SAN-OS Release 2.1(1a) or later and enabling CFS for Note IVR on all switches in the fabric.
  • Page 628 Chapter 29 Configuring Inter-VSAN Routing About the IVR Zone Wizard S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 29-2 IVR Zone Wizard Icon To migrate to IVR NAT mode click Yes, otherwise click No.

  • Page 629: Manual Ivr Configuration

    Chapter 29 Configuring Inter-VSAN Routing Manual IVR Configuration S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m If you did not enable IVR NAT, verify the transit VSAN or configure the transit VSAN if Fabric Manager Step 7 cannot find an appropriate transit VSAN.

  • Page 630: About Ivr Nat And Auto Topology

    Chapter 29 Configuring Inter-VSAN Routing Manual IVR Configuration S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Configuring Persistent FC IDs for IVR, page 29-19 •...

  • Page 631: Configuring Ivr Nat And Ivr Auto Topology

    Chapter 29 Configuring Inter-VSAN Routing Manual IVR Configuration S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Border switches require Cisco MDS SAN-OS Release 2.1(1a) or later.

  • Page 632: Configuring Default Afids

    Chapter 29 Configuring Inter-VSAN Routing Manual IVR Configuration S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m You can only use AFID configuration when the VSAN topology mode is automatic.

  • Page 633: Configuring Ivr Without Ivr Nat Or Auto Topology

    Chapter 29 Configuring Inter-VSAN Routing Manual IVR Configuration S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Check the check box next to each switch involved in IVR that you want to use this default AFID.

  • Page 634: Transit Vsan Guidelines

    Chapter 29 Configuring Inter-VSAN Routing Manual IVR Configuration S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m In a configuration involving IVR without NAT, if one VSAN in the IVR topology is configured with Note static domain IDs, then the other VSANs (edge or transit) in the topology should be configured with...

  • Page 635: Manually Creating The Ivr Topology

    Chapter 29 Configuring Inter-VSAN Routing Manual IVR Configuration S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Click the Action tab.

  • Page 636: Activating A Manually Configured Ivr Topology

    Chapter 29 Configuring Inter-VSAN Routing Manual IVR Configuration S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 29-8 Local Topology Tab Step 2...

  • Page 637: Clearing The Configured Ivr Topology

    Chapter 29 Configuring Inter-VSAN Routing Manual IVR Configuration S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Click the Apply Changes icon to activate the IVR topology.

  • Page 638: About Ivr Virtual Domains

    Chapter 29 Configuring Inter-VSAN Routing Manual IVR Configuration S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m About IVR Virtual Domains In a remote VSAN, the IVR application does not automatically add the virtual domain to the assigned domains list.

  • Page 639: About Persistent Fc Ids For Ivr

    Chapter 29 Configuring Inter-VSAN Routing Manual IVR Configuration S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m About Persistent FC IDs for IVR You can configure persistent FC IDs for IVR.

  • Page 640: Configuring Ivr Logging Levels

    Chapter 29 Configuring Inter-VSAN Routing Manual IVR Configuration S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Expand All VSANs and then select IVR in the Logical Domains pane.

  • Page 641: Ivr Zones And Ivr Zone Sets

    Chapter 29 Configuring Inter-VSAN Routing IVR Zones and IVR Zone Sets S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 29-13 Syslog Severity Drop-Down Menu Setting the severity to warning means that all IVR messages at the warning level or above will...

  • Page 642: About Ivr Zones

    Chapter 29 Configuring Inter-VSAN Routing IVR Zones and IVR Zone Sets S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m About LUNs in IVR Zoning, page 29-30 •...

  • Page 643: Configuring Ivr Zones And Ivr Zone Sets

    Chapter 29 Configuring Inter-VSAN Routing IVR Zones and IVR Zone Sets S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 29-14 Creating Zones Upon IVR Zone Activation Active zone in VSAN 1:...
  • Page 644 Chapter 29 Configuring Inter-VSAN Routing IVR Zones and IVR Zone Sets S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 29-15 Edit IVR Local Full Zone Database Dialog Box If you want to view zone membership information, right-click in the Members column, and then click...
  • Page 645 Chapter 29 Configuring Inter-VSAN Routing IVR Zones and IVR Zone Sets S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 29-17 Edit IVR Local Full Zone Database Dialog Box Alternatively, click the zone where you want to add members and click the Insert icon.

  • Page 646: About Activating Zone Sets And Using The Force Option

    Chapter 29 Configuring Inter-VSAN Routing IVR Zones and IVR Zone Sets S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 29-19 Save Configuration Dialog Box Step 9...
  • Page 647 Chapter 29 Configuring Inter-VSAN Routing IVR Zones and IVR Zone Sets S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m If IVR and iSLB are enabled in the same fabric, at least one switch in the fabric must have both features Note enabled.

  • Page 648: Recovering An Ivr Full Zone Database

    Chapter 29 Configuring Inter-VSAN Routing IVR Zones and IVR Zone Sets S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 29-21 Edit Zone Database Dialog Box Select a Zoneset folder and then click Activate to activate the zone set (shown in...

  • Page 649: Recovering An Ivr Full Topology

    Chapter 29 Configuring Inter-VSAN Routing IVR Zones and IVR Zone Sets S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Choose Edit >...

  • Page 650: About Luns In Ivr Zoning

    Chapter 29 Configuring Inter-VSAN Routing IVR Zones and IVR Zone Sets S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Click Copy to copy the topology.

  • Page 651: Clearing The Ivr Zone Database

    Chapter 29 Configuring Inter-VSAN Routing Database Merge Guidelines S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Click a zone or zone set in the left pane.
  • Page 652 Chapter 29 Configuring Inter-VSAN Routing Database Merge Guidelines S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 29-25 Fabric Merge Consequences Fabrics with...

  • Page 653: Resolving Database Merge Failures

    Chapter 29 Configuring Inter-VSAN Routing Database Merge Guidelines S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m If only some of the switches in the fabrics are running Cisco SAN-OS Release 3.0(3) or later, and the Note number of zone members exceeds 10,000, you must either reduce the number of zone members in the...

  • Page 654: Default Settings

    Chapter 29 Configuring Inter-VSAN Routing Default Settings S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m If the failure is due to exceeding the maximum configuration limits in a fabric where the switches •...

  • Page 655: Configuring And Managing Zones

    S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m C H A P T E R Configuring and Managing Zones Zoning enables you to set up access control between storage devices or user groups.

  • Page 656: Chapter 30 Configuring And Managing Zone

    Chapter 30 Configuring and Managing Zones About Zoning S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Zones can vary in size.

  • Page 657: Zone Implementation

    Chapter 30 Configuring and Managing Zones About Zoning S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 30-1 Fabric with Two Zones Zone 1...

  • Page 658: Zone Member Configuration Guidelines

    Chapter 30 Configuring and Managing Zones About Zoning S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Each VSAN has a full database and an active database.
  • Page 659 Chapter 30 Configuring and Managing Zones About Zoning S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Hard and soft zoning are implemented using the active zone set.
  • Page 660 Chapter 30 Configuring and Managing Zones About Zoning S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 30-3 Active and Full Zone Sets Full zone set...

  • Page 661: Using The Quick Config Wizard

    Chapter 30 Configuring and Managing Zones Using the Quick Config Wizard S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Using the Quick Config Wizard The Quick Config Wizard supports only switch interface zone members.
  • Page 662 Chapter 30 Configuring and Managing Zones Using the Quick Config Wizard S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 30-4 Discrepancies Dialog Box Click OK to continue.
  • Page 663 Chapter 30 Configuring and Managing Zones Using the Quick Config Wizard S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 30-5 Quick Config Wizard Check the check box in the Ports Zoned To column for the port you want to add or remove from a zone.

  • Page 664: Zone Configuration

    Chapter 30 Configuring and Managing Zones Zone Configuration S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 30-6 Confirm Changes Dialog Box If you want to see the CLI commands, right-click in the dialog box and click CLI Commands from the...

  • Page 665: About The Edit Local Full Zone Database Tool

    Chapter 30 Configuring and Managing Zones Zone Configuration S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m About the Edit Local Full Zone Database Tool The Edit Local Full Zone Database tool allows you to zone across multiple switches and all zoning features are available through the Edit Local Full Zone Database dialog box (see...

  • Page 666: Configuring A Zone Using The Zone Configuration Tool

    Chapter 30 Configuring and Managing Zones Zone Configuration S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Interface-based zoning only works with Cisco MDS 9000 Family switches.
  • Page 667 Chapter 30 Configuring and Managing Zones Zone Configuration S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m You see the Create Zone dialog box shown in Figure 30-10.

  • Page 668: Adding Zone Members

    Chapter 30 Configuring and Managing Zones Zone Configuration S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 30-12 Select Zone Dialog Box Click Add to add the zone.

  • Page 669: Zone Sets

    Chapter 30 Configuring and Managing Zones Zone Sets S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Select the members you want to add from the Fabric pane (see Figure 30-13) and click Add to Zone or...

  • Page 670: About Zone Set Creation

    Chapter 30 Configuring and Managing Zones Zone Sets S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m About FC Alias Creation, page 30-21 •...

  • Page 671: Activating A Zone Set

    Chapter 30 Configuring and Managing Zones Zone Sets S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Activating a Zone Set Changes to a zone set do not take effect in a full zone set until you activate it.

  • Page 672: Deactivating A Zoneset

    Chapter 30 Configuring and Managing Zones Zone Sets S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 30-18 Save Configuration Dialog Box Check the Save Running to Startup Configuration check box to save all changes to the startup...
  • Page 673 Chapter 30 Configuring and Managing Zones Zone Sets S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 30-20 Deactivate Zoneset Dialog Box Enter deactivate in the text box and then click OK.

  • Page 674: Displaying Zone Membership Information

    Chapter 30 Configuring and Managing Zones Zone Sets S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Displaying Zone Membership Information To display zone membership information for members assigned to zones in Fabric Manager, follow these steps:...

  • Page 675: Configuring The Default Zone

    Chapter 30 Configuring and Managing Zones Zone Sets S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Configuring the Default Zone To permit or deny traffic to members in the default zone using Fabric Manager, follow these steps: Expand a VSAN and then select Default Zone in the Fabric Manager Logical Domains pane.

  • Page 676: Creating Fc Aliases

    Chapter 30 Configuring and Managing Zones Zone Sets S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Creating FC Aliases To create an FC alias using Fabric Manager, follow these steps: Choose Zone >...
  • Page 677 Chapter 30 Configuring and Managing Zones Zone Sets S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Choose Zone >...

  • Page 678: Converting Zone Members To Pwwn-Based Members

    Chapter 30 Configuring and Managing Zones Zone Sets S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 30-26 Add Member to Alias Dialog Box The Device Alias radio button is visible only if device alias is in enhanced mode.
  • Page 679 Chapter 30 Configuring and Managing Zones Zone Sets S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Click Yes in the confirmation dialog box to convert that member to pWWN-based membership.

  • Page 680: Zone Enforcement

    Chapter 30 Configuring and Managing Zones Zone Set Distribution S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Zone Enforcement Zoning can be enforced in two ways: soft and hard.

  • Page 681: Enabling A One-Time Distribution

    Chapter 30 Configuring and Managing Zones Zone Set Distribution S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Expand a VSAN and select a zone set in the Logical Domains pane.

  • Page 682: About Recovering From Link Isolation

    Chapter 30 Configuring and Managing Zones Zone Set Distribution S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m About Recovering from Link Isolation When two switches in a fabric are merged using a TE or E port, these TE and E ports may become isolated when the active zone set databases are different between the two switches or fabrics.

  • Page 683: Zone Set Duplication

    Chapter 30 Configuring and Managing Zones Zone Set Duplication S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 30-29 Zone Merge Failure Recovery Dialog Box Click the Import Active Zoneset or the Export Active Zoneset radio button.

  • Page 684: Copying Zone Sets

    Chapter 30 Configuring and Managing Zones Zone Set Duplication S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Migrating a Non-MDS Database, page 30-35 •...

  • Page 685: Backing Up Zones

    Chapter 30 Configuring and Managing Zones Zone Set Duplication S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Backing Up Zones To back up the full zone configuration using Fabric Manager, follow these steps: Choose Zone >...

  • Page 686: Restoring Zones

    Chapter 30 Configuring and Managing Zones Zone Set Duplication S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 30-32 Backup Zone Configuration Dialog Box You can edit this configuration before backing up the data to a remote server.
  • Page 687 Chapter 30 Configuring and Managing Zones Zone Set Duplication S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 30-33 Edit Local Full Zone Database Choose File >...

  • Page 688: Renaming Zones, Zone Sets, And Aliases

    Chapter 30 Configuring and Managing Zones Zone Set Duplication S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Password—Enter the password for the user.

  • Page 689: Cloning Zones, Zone Sets, Fc Aliases, And Zone Attribute Groups

    Chapter 30 Configuring and Managing Zones Zone Set Duplication S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m An edit box appears around the zone or zone set name.

  • Page 690: Clearing The Zone Server Database

    Chapter 30 Configuring and Managing Zones Advanced Zone Attributes S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Clearing the Zone Server Database You can clear all configured information in the zone server database for the specified VSAN.To clear the zone server database, refer to the Cisco MDS 9000 Family CLI Configuration Guide.

  • Page 691: Configuring Zone-Based Traffic Priority

    Chapter 30 Configuring and Managing Zones Advanced Zone Attributes S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Configuring Zone-Based Traffic Priority To configure the zone priority using Fabric Manager, follow these steps: Expand a VSAN and then select a zone set in the Logical Domains pane.

  • Page 692: Configuring The Default Zone Policy

    Chapter 30 Configuring and Managing Zones Advanced Zone Attributes S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 30-38 QoS Priority Attributes Step 4...

  • Page 693: Configuring Broadcast Zoning

    Chapter 30 Configuring and Managing Zones Advanced Zone Attributes S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m You can configure broadcast frames in the basic zoning mode.

  • Page 694: About Lun Zoning

    Chapter 30 Configuring and Managing Zones Advanced Zone Attributes S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m About LUN Zoning Logical unit number (LUN) zoning is a feature specific to switches in the Cisco MDS 9000 Family.

  • Page 695: Assigning Luns To Storage Subsystems

    Chapter 30 Configuring and Managing Zones Advanced Zone Attributes S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Click the zone where you want to add members and click the Insert icon.

  • Page 696: Configuring Read-Only Zones

    Chapter 30 Configuring and Managing Zones Displaying Zone Information S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Read-only volumes are not supported by some operating system and file system combinations (for •...

  • Page 697: Enhanced Zoning

    Chapter 30 Configuring and Managing Zones Enhanced Zoning S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Click the Read Only Violations, Statistics tab, or LUN Zoning Statistics tab to view statistics for the Step 2 selected zone.

  • Page 698: Changing From Basic Zoning To Enhanced Zoning

    Chapter 30 Configuring and Managing Zones Enhanced Zoning S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Table 30-3 Advantages of Enhanced Zoning (continued) Basic Zoning...

  • Page 699: Enabling Enhanced Zoning

    Chapter 30 Configuring and Managing Zones Enhanced Zoning S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Set the operation mode to basic zoning mode.

  • Page 700: Analyzing A Zone Merge

    Chapter 30 Configuring and Managing Zones Enhanced Zoning S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Table 30-4 Database Zone Merge Status Local Database...

  • Page 701: Configuring Zone Merge Control Policies

    Chapter 30 Configuring and Managing Zones Compacting the Zone Database for Downgrading S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 30-44 Zone Merge Analysis Dialog Box Select the first switch to be analyzed from the Check Switch 1 drop-down list.

  • Page 702: Default Settings

    Chapter 30 Configuring and Managing Zones Default Settings S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Default Settings Table 30-5 lists the default settings for basic zone parameters.

  • Page 703: Distributing Device Alias Services

    S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m C H A P T E R Distributing Device Alias Services All switches in the Cisco MDS 9000 Family support Distributed Device Alias Services (device alias) on...

  • Page 704: C H A P T E R 31 Distributing Device Alias Services

    Chapter 31 Distributing Device Alias Services About Device Alias Modes S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Changing Mode Settings When the device alias mode is changed from basic to enhanced mode, the applications are informed about the change.

  • Page 705: Resolving Merge And Device Alias Mode Mismatch

    Chapter 31 Distributing Device Alias Services About Device Alias Modes S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Resolving Merge and Device Alias Mode Mismatch If two fabrics are running in different modes and the device alias merge fails between the fabrics, the conflict can be resolved by selecting one mode or the other.

  • Page 706: Zone Aliases Versus Device Aliases

    Chapter 31 Distributing Device Alias Services Device Alias Databases S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m 1 to 9 –...

  • Page 707: Distributing The Device Alias Database

    Chapter 31 Distributing Device Alias Services Device Alias Databases S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Distributing the Device Alias Database To enable the device alias distribution using Fabric Manager, follow these steps: Expand End Devices and then select Device Alias in the Physical Attributes pane.

  • Page 708: Creating A Device Alias

    Chapter 31 Distributing Device Alias Services Device Alias Databases S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Creating a Device Alias To lock the fabric and create a device alias in the pending database using Fabric Manager, follow these steps:...

  • Page 709: Discarding Changes

    Chapter 31 Distributing Device Alias Services Legacy Zone Alias Conversion S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Expand End Devices and then select Device Alias in the Physical Attributes pane.

  • Page 710: Using Device Aliases Or Fc Aliases

    Chapter 31 Distributing Device Alias Services Database Merge Guidelines S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Using Device Aliases or FC Aliases, page 31-8 •...

  • Page 711: Default Settings

    Chapter 31 Distributing Device Alias Services Default Settings S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Default Settings Table 31-2 lists the default settings for device alias parameters.
  • Page 712 Chapter 31 Distributing Device Alias Services Default Settings S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Cisco MDS 9000 Family Fabric Manager Configuration Guide 31-10 OL-17256-03, Cisco MDS NX-OS Release 4.x...
  • Page 713 S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m C H A P T E R Configuring Fibre Channel Routing Services and Protocols...

  • Page 714: C H A P T E R 32 Configuring Fibre Channel Routing Services And Protocols

    Chapter 32 Configuring Fibre Channel Routing Services and Protocols About FSPF S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m About FSPF FSPF is the protocol currently standardized by the T11 committee for routing in Fibre Channel networks.

  • Page 715: Redundant Links

    Chapter 32 Configuring Fibre Channel Routing Services and Protocols About FSPF S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Redundant Links To further improve on the topology in Figure...

  • Page 716: Fspf Global Configuration

    Chapter 32 Configuring Fibre Channel Routing Services and Protocols FSPF Global Configuration S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Table 32-2 Shutting Down the Switch for the SmartBits Scenario PortChannel Scenario...

  • Page 717: Configuring Fspf On A Vsan

    Chapter 32 Configuring Fibre Channel Routing Services and Protocols FSPF Global Configuration S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Table 32-3 LSR Default Settings LSR Option...

  • Page 718: Enabling Or Disabling Fspf

    Chapter 32 Configuring Fibre Channel Routing Services and Protocols FSPF Interface Configuration S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Click Apply Changes to save these changes, or click Undo Changes to discard any unsaved changes.

  • Page 719: Configuring Fspf Link Cost

    Chapter 32 Configuring Fibre Channel Routing Services and Protocols FSPF Interface Configuration S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Configuring FSPF Link Cost To configure FSPF link cost using Fabric Manager, follow these steps: Expand Switches, expand Interfaces and then select FC Physical.

  • Page 720: Configuring Hello Time Intervals

    Chapter 32 Configuring Fibre Channel Routing Services and Protocols FSPF Interface Configuration S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Configuring Hello Time Intervals To configure the FSPF Hello time interval using Fabric Manager, follow these steps: Expand Switches, expand Interfaces and then select FC Physical.

  • Page 721: Configuring Retransmitting Intervals

    Chapter 32 Configuring Fibre Channel Routing Services and Protocols FSPF Interface Configuration S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m This value must be the same on the switches on both ends of the interface.

  • Page 722: Displaying The Fspf Database

    Chapter 32 Configuring Fibre Channel Routing Services and Protocols FSPF Interface Configuration S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Displaying the FSPF Database The FSPF database for a specified VSAN includes the following information: Link State Record (LSR) type...

  • Page 723: Viewing Fspf Statistics

    Chapter 32 Configuring Fibre Channel Routing Services and Protocols FSPF Interface Configuration S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 32-7 FSPF Database Information in the LSDB LSRs Tab Click Close to close the dialog box.

  • Page 724: Fspf Routes

    Chapter 32 Configuring Fibre Channel Routing Services and Protocols FSPF Routes S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m You see the FSPF interface statistics in the Information pane.
  • Page 725 Chapter 32 Configuring Fibre Channel Routing Services and Protocols FSPF Routes S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 32-10 Fibre Channel Static Route Configuration Dialog Box Click Create to create a static route.

  • Page 726: About Broadcast And Multicast Routing

    Chapter 32 Configuring Fibre Channel Routing Services and Protocols FSPF Routes S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m About Broadcast and Multicast Routing Broadcast and multicast in a Fibre Channel fabric uses the concept of a distribution tree to reach all switches in the fabric.

  • Page 727: In-Order Delivery

    Chapter 32 Configuring Fibre Channel Routing Services and Protocols In-Order Delivery S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 32-12 Multicast Root Configuration Step 3...

  • Page 728: About Reordering Portchannel Frames

    Chapter 32 Configuring Fibre Channel Routing Services and Protocols In-Order Delivery S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 32-13 Route Change Delivery Old path...

  • Page 729: About Enabling In-Order Delivery

    Chapter 32 Configuring Fibre Channel Routing Services and Protocols In-Order Delivery S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m The new frames are delivered through the new path after the switch latency drop period has elapsed •...

  • Page 730: Enabling In-Order Delivery Globally

    Chapter 32 Configuring Fibre Channel Routing Services and Protocols In-Order Delivery S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Enabling In-Order Delivery Globally To ensure that the in-order delivery parameters are uniform across all VSANs on an MDS switch, enable in-order delivery globally.

  • Page 731: Default Settings

    Chapter 32 Configuring Fibre Channel Routing Services and Protocols Default Settings S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Expand a fabric and select All VSANS.
  • Page 732 Chapter 32 Configuring Fibre Channel Routing Services and Protocols Default Settings S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Table 32-4 Default FSPF Settings (continued) Parameters...

  • Page 733: Dense Wavelength Division Multiplexing

    S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m C H A P T E R Dense Wavelength Division Multiplexing About DWDM...

  • Page 734: C H A P T E R 33 Dense Wavelength Division Multiplexing

    Chapter 33 Dense Wavelength Division Multiplexing Viewing DWDM Links S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 33-1 Fabric Manager with ISL Link The ISL’s Physical table displays the connector type as “sfpDwdm”...
  • Page 735 Chapter 33 Dense Wavelength Division Multiplexing Viewing DWDM Links S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Move the mouse over the link to see the tooltip as DWDM indicating the link type as shown in Step 5 Figure...
  • Page 736 Chapter 33 Dense Wavelength Division Multiplexing Viewing DWDM Links S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Cisco MDS 9000 Family Fabric Manager Configuration Guide 33-4 OL-17256-03, Cisco MDS NX-OS Release 4.x...

  • Page 737: Flogi

    S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m C H A P T E R Managing FLOGI, Name Server, FDMI, and RSCN Databases...

  • Page 738: C H A P T E R 34 Managing Flogi, Name Server, Fdmi, And Rscn Databases

    Chapter 34 Managing FLOGI, Name Server, FDMI, and RSCN Databases Name Server Proxy S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 34-1 FLOGI Physical Interfaces Name Server Proxy...

  • Page 739: About Rejecting Duplicate Pwwn

    Chapter 34 Managing FLOGI, Name Server, FDMI, and RSCN Databases Name Server Proxy S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 34-2 Name Server Proxies Double-click the PortName field to register a new name server proxy.

  • Page 740: Fdmi

    Chapter 34 Managing FLOGI, Name Server, FDMI, and RSCN Databases FDMI S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 34-3 Name Server Dialog Box The General tab is the default tab;...

  • Page 741: Rscn

    Chapter 34 Managing FLOGI, Name Server, FDMI, and RSCN Databases RSCN S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m RSCN The Registered State Change Notification (RSCN) is a Fibre Channel service that informs hosts about changes in the fabric.

  • Page 742: About The Multi-Pid Option

    Chapter 34 Managing FLOGI, Name Server, FDMI, and RSCN Databases RSCN S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 34-4 RSCN Statistics About the multi-pid Option...

  • Page 743: Clearing Rscn Statistics

    Chapter 34 Managing FLOGI, Name Server, FDMI, and RSCN Databases RSCN S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 34-5 RSCN Multi-PID Check the Enable check box.

  • Page 744: Configuring The Rscn Timer With Cfs

    Chapter 34 Managing FLOGI, Name Server, FDMI, and RSCN Databases Default Settings S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Before performing a downgrade, make sure that you revert the RCSN timer value in your network to the Note default value.
  • Page 745 Chapter 34 Managing FLOGI, Name Server, FDMI, and RSCN Databases Default Settings S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Table 34-1 Default RSCN Settings Parameters...
  • Page 746 Chapter 34 Managing FLOGI, Name Server, FDMI, and RSCN Databases Default Settings S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Cisco MDS 9000 Family Fabric Manager Configuration Guide 34-10 OL-17256-03, Cisco MDS NX-OS Release 4.x...

  • Page 747: Discovering Scsi Targets

    S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m C H A P T E R Discovering SCSI Targets This chapter describes the SCSI LUN discovery feature provided in switches in the Cisco MDS 9000...

  • Page 748: Chapter 35 Discovering Scsi Target

    Chapter 35 Discovering SCSI Targets About SCSI LUN Discovery S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Starting SCSI LUN Discovery To begin SCSI LUN discovery using Device Manager, follow these steps: Choose FC >...

  • Page 749: Displaying Scsi Lun Information

    Chapter 35 Discovering SCSI Targets Displaying SCSI LUN Information S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Click Apply to begin discovery.
  • Page 750 Chapter 35 Discovering SCSI Targets Displaying SCSI LUN Information S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Cisco MDS 9000 Family Fabric Manager Configuration Guide 35-4 OL-17256-03, Cisco MDS NX-OS Release 4.x...

  • Page 751: Configuring Ficon

    S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m C H A P T E R Configuring FICON Fibre Connection (FICON) interface capabilities enhance the Cisco MDS 9000 Family by supporting...

  • Page 752: Chapter 36 Configuring Ficon

    Chapter 36 Configuring FICON About FICON S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m The 32-port Fibre Channel switching module •...

  • Page 753: Mds-Specific Ficon Advantages

    Chapter 36 Configuring FICON About FICON S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m You need the MAINFRAME_PKG license to configure FICON parameters.
  • Page 754 Chapter 36 Configuring FICON About FICON S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 36-2 VSAN-Specific Fabric Optimization Separate physical fabrics...

  • Page 755: Fcip Support

    Chapter 36 Configuring FICON About FICON S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Addition of ports to a FICON LPAR is a nondisruptive process.
  • Page 756 Chapter 36 Configuring FICON About FICON S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Refer to the Cisco MDS 9500 Series Hardware Installation Guide and the Cisco MDS 9200 Series Hardware Installation Guide.

  • Page 757: Ficon Cascading

    Chapter 36 Configuring FICON About FICON S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Date and time—Set the date and time on the switch.

  • Page 758: Ficon Port Numbering

    Chapter 36 Configuring FICON FICON Port Numbering S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m FICON Port Numbering With reference to the FICON feature, ports in Cisco MDS switches are identified by a statically defined 8-bit value known as the port number.
  • Page 759 Chapter 36 Configuring FICON FICON Port Numbering S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 36-3 Default FICON Port Number in Numbering on the Cisco MDS 9000 Family Switch Module 1 16-Port module...
  • Page 760 Chapter 36 Configuring FICON FICON Port Numbering S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Table 36-1 Default FICON Port Numbering in the Cisco MDS 9000 Family Implemented Port Allocation...

  • Page 761: Port Addresses

    Chapter 36 Configuring FICON FICON Port Numbering S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Table 36-1 Default FICON Port Numbering in the Cisco MDS 9000 Family (continued) Implemented Port Allocation...

  • Page 762: Installed And Uninstalled Ports

    Chapter 36 Configuring FICON FICON Port Numbering S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m FICON port numbers are not changed for ports that are active.

  • Page 763: Assigning Ficon Port Numbers To Slots

    Chapter 36 Configuring FICON FICON Port Numbering S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Assigning FICON Port Numbers to Slots When you assign, change, or release a port number, the port reloads.

  • Page 764: Fc Id Allocation

    Chapter 36 Configuring FICON FICON Port Numbering S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Click FICON >...

  • Page 765: Configuring Ficon

    Chapter 36 Configuring FICON Configuring FICON S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Configuring FICON By default FICON is disabled in all switches in the Cisco MDS 9000 Family.

  • Page 766: Setting Up A Basic Ficon Configuration

    Chapter 36 Configuring FICON Configuring FICON S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Using Device Manager, FICON auto-save can be invoked by multiple users logged on to the same FICON-enabled switch.
  • Page 767 Chapter 36 Configuring FICON Configuring FICON S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 36-8 Create VSAN Dialog Box Step 2...

  • Page 768: Manually Enabling Ficon On A Vsan

    Chapter 36 Configuring FICON Configuring FICON S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 36-9 VSAN Dialog Box in Device Manager Enter the VSAN membership information.

  • Page 769: Suspending A Ficon Vsan

    Chapter 36 Configuring FICON Configuring FICON S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 36-10 All VSANs Table Click anywhere in the row of the VSAN that you want to delete.

  • Page 770: Assigning Fc Id Last Byte

    Chapter 36 Configuring FICON Configuring FICON S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m This is an optional configuration.

  • Page 771: Allowing The Host To Move The Switch Offline

    Chapter 36 Configuring FICON Configuring FICON S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 36-12 Persistent FcIds Tab Step 3...

  • Page 772: Allowing The Host To Change Ficon Port Parameters

    Chapter 36 Configuring FICON Configuring FICON S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Allowing the Host to Change FICON Port Parameters By default, mainframe users are not allowed to configure FICON parameters on Cisco MDS switches—they can only query the switch.

  • Page 773: Ficon Information Refresh

    Chapter 36 Configuring FICON Configuring FICON S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m If you disable SNMP in the Cisco MDS switch, you cannot configure FICON parameters using the Fabric Note Manager.

  • Page 774: Configuring Ficon Ports

    Chapter 36 Configuring FICON Configuring FICON Ports S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m FICON-specific configuration changes are immediately saved to the IPL file (see the “FICON •...

  • Page 775: Configuring Port Blocking

    Chapter 36 Configuring FICON Configuring FICON Ports S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Viewing ESCON Style Ports, page 36-26 •...

  • Page 776: Viewing Escon Style Ports

    Chapter 36 Configuring FICON Configuring FICON Ports S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Viewing ESCON Style Ports To view the available and prohibited ESCON style ports using Device Manager, follow these steps: Check the ESCON Style check box to see the available and prohibited ESCON style ports.

  • Page 777: Assigning A Port Address Name

    Chapter 36 Configuring FICON Configuring FICON Ports S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Choose FICON >...

  • Page 778: Ficon Configuration Files

    Chapter 36 Configuring FICON FICON Configuration Files S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Choose FICON >...

  • Page 779: About Ficon Configuration Files

    Chapter 36 Configuring FICON FICON Configuration Files S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Normal configuration files used by Cisco MDS switches include FICON-enabled attributes for a VSAN, Note port number mapping for PortChannels and FCIP interfaces, port number to port address mapping, port...

  • Page 780: Editing Ficon Configuration Files

    Chapter 36 Configuring FICON FICON Configuration Files S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 36-17 FICON VSANs Dialog Box Highlight the file you want to apply and click Apply File to apply the configuration to the running...

  • Page 781: Copying Ficon Configuration Files

    Chapter 36 Configuring FICON Port Swapping S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Click Open.

  • Page 782: About Port Swapping

    Chapter 36 Configuring FICON Port Swapping S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m If you swap a port in a module that has unlimited oversubscription ratios enabled with a port in a •...

  • Page 783: Swapping Ports

    Chapter 36 Configuring FICON FICON Tape Acceleration S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Swapping Ports To swap ports using Device Manager, follow these steps: Select two Fibre Channel ports by holding down the CTRL key and clicking them.
  • Page 784 Chapter 36 Configuring FICON FICON Tape Acceleration S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 36-20 Host Directly Accessing IBM/STK (StorageTek) Library FICON...

  • Page 785: Configuring Ficon Tape Acceleration

    Chapter 36 Configuring FICON FICON Tape Acceleration S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 36-23 Host Accessing Peer-to-Peer VTS (Virtual Tape Server) OS/390...
  • Page 786 Chapter 36 Configuring FICON FICON Tape Acceleration S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 36-24 FCIP Tunnels Tab in Fabric Manager Click the Create Row icon to create an FCIP tunnel.

  • Page 787: Cup In-Band Management

    Chapter 36 Configuring FICON CUP In-Band Management S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 36-25 Create FCIP Tunnel Dialog Box Configure the tunnel with the options shown in...
  • Page 788 Chapter 36 Configuring FICON CUP In-Band Management S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m CUP is supported by switches and directors in the Cisco MDS 9000 Family.

  • Page 789: Calculating Ficon Flow Load Balance

    Chapter 36 Configuring FICON Calculating FICON Flow Load Balance S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 36-28 Adding FICON:CUP WWN to Zone Calculating FICON Flow Load Balance...

  • Page 790: Displaying Ficon Information

    Chapter 36 Configuring FICON Displaying FICON Information S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 36-29 Flow Load Balance Calculator Click Add to enter the source and destination(s) flows.

  • Page 791: Receiving Ficon Alerts

    Chapter 36 Configuring FICON Displaying FICON Information S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Receiving FICON Alerts To receive an alert to indicate any changes in the FICON configuration using Device Manager, follow these steps:...

  • Page 792: Default Settings

    Chapter 36 Configuring FICON Default Settings S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m The director history buffer provides a mechanism to determine the change in the port state from the previous time when a value was contained in the key counter.

  • Page 793: Advanced Features And Concepts

    S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m C H A P T E R Advanced Features and Concepts This chapter describes the advanced features provided in switches in the Cisco MDS 9000 Family.

  • Page 794: Fibre Channel Time Out Values

    Chapter 37 Advanced Features and Concepts Fibre Channel Time Out Values S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m The certificate file contains the certificate and the private key.

  • Page 795: Timer Configuration Per-Vsan

    Chapter 37 Advanced Features and Concepts Fibre Channel Time Out Values S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m To configure timers in Fabric Manager, expand Switches >...

  • Page 796: About Fctimer Distribution

    Chapter 37 Advanced Features and Concepts Fibre Channel Time Out Values S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m If a switch is downgraded to Cisco MDS SAN-OS Release 1.2 or 1.1 after the timer is configured for a VSAN, an error message is issued to warn against strict incompatibilities.

  • Page 797: Database Merge Guidelines

    Chapter 37 Advanced Features and Concepts World Wide Names S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Click Apply to save these changes.

  • Page 798: Displaying Wwn Information

    Chapter 37 Advanced Features and Concepts World Wide Names S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Changes to the world-wide names should be made by an administrator or individual who is completely Caution familiar with switch operations.

  • Page 799: Fc Id Allocation For Hbas

    Chapter 37 Advanced Features and Concepts FC ID Allocation for HBAs S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 37-4 Allocated World Wide Names in Device Manager Step 2...

  • Page 800: Default Company Id List

    Chapter 37 Advanced Features and Concepts Switch Interoperability S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Default Company ID list All switches in the Cisco MDS 9000 Family that ship with Cisco SAN-OS Release 2.0(1b) or later, or NX-OS 4.1(1) contain a default list of company IDs that require area allocation.

  • Page 801: About Interop Mode

    Chapter 37 Advanced Features and Concepts Switch Interoperability S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m If all vendors followed the standards in the same manner, then interconnecting different products would become a trivial exercise.
  • Page 802 Chapter 37 Advanced Features and Concepts Switch Interoperability S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Table 37-2 Changes in Switch Behavior When Interoperability Is Enabled (continued) Switch Feature...

  • Page 803: Configuring Interop Mode 1

    Chapter 37 Advanced Features and Concepts Switch Interoperability S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Configuring Interop Mode 1 The interop mode1 in Cisco MDS 9000 Family switches can be enabled disruptively or nondisruptively.

  • Page 804: Verifying Interoperating Status

    Chapter 37 Advanced Features and Concepts Switch Interoperability S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m The Cisco MDS 9000, Brocade, and McData FC error detect (ED_TOV) and resource allocation Note (RA_TOV) timers default to the same values.

  • Page 805: Default Settings

    Chapter 37 Advanced Features and Concepts Default Settings S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 37-7 Name Server Dialog Box Click Close to close the dialog box.
  • Page 806 Chapter 37 Advanced Features and Concepts Default Settings S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Cisco MDS 9000 Family Fabric Manager Configuration Guide 37-14 OL-17256-03, Cisco MDS NX-OS Release 4.x...

  • Page 807: Security

    S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m A R T Security...
  • Page 808 S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m...

  • Page 809: Configuring Fips

    S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m C H A P T E R Configuring FIPS The Federal Information Processing Standards (FIPS) Publication 140-2, Security Requirements for...

  • Page 810: Enabling Fips Mode

    Chapter 38 Configuring FIPS Enabling FIPS Mode S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Enabling FIPS Mode To enable FIPS mode using Fabric Manager, follow these steps: Step 1...

  • Page 811: Fips Self-Tests

    Chapter 38 Configuring FIPS FIPS Self-Tests S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Click Apply to save the changes.
  • Page 812 Chapter 38 Configuring FIPS FIPS Self-Tests S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Cisco MDS 9000 Family Fabric Manager Configuration Guide 38-4 OL-17256-03, Cisco MDS NX-OS Release 4.x...

  • Page 813: Configuring Users And Common Roles

    S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m C H A P T E R Configuring Users and Common Roles The CLI and SNMP use common roles in all switches in the Cisco MDS 9000 Family.

  • Page 814: Chapter 39 Configuring User And Common Role

    Chapter 39 Configuring Users and Common Roles Role-Based Authorization S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m About Roles Each role can contain multiple users and each user can be part of multiple roles.

  • Page 815: Deleting Common Roles

    Chapter 39 Configuring Users and Common Roles Role-Based Authorization S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m You see the Create Roles dialog box in Figure 39-2.

  • Page 816: Modifying The Vsan Policy

    Chapter 39 Configuring Users and Common Roles Role-Based Authorization S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m You can configure a role so that it only allows tasks to be performed for a selected set of VSANs.

  • Page 817: Modifying Rules

    Chapter 39 Configuring Users and Common Roles Role-Based Authorization S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m In this case, exec CLI commands refer to all commands in the EXEC mode that do not fall in the show, Note debug, and clear CLI command categories.
  • Page 818 Chapter 39 Configuring Users and Common Roles Role-Based Authorization S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m You see the Rules dialog box shown in Figure 39-4.

  • Page 819: Displaying Role-Based Information

    Chapter 39 Configuring Users and Common Roles Role Distributions S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Displaying Role-Based Information The rules are displayed by rule number and are based on each role.

  • Page 820: Locking The Fabric

    Chapter 39 Configuring Users and Common Roles Role Distributions S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Locking the Fabric The first action that modifies the database creates the pending database and locks the feature in the entire fabric.

  • Page 821: Discarding The Changes

    Chapter 39 Configuring Users and Common Roles Role Distributions S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Discarding the Changes If you discard (abort) the changes made to the pending database, the configuration database remains unaffected and the lock is released.

  • Page 822: Database Merge Guidelines

    Chapter 39 Configuring Users and Common Roles User Accounts S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Database Merge Guidelines Fabric merge does not modify the role database on a switch.

  • Page 823: About Users

    Chapter 39 Configuring Users and Common Roles User Accounts S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m The password should have the strong characteristics, such as the following: Are at least eight characters long •...

  • Page 824: Configuring Users

    Chapter 39 Configuring Users and Common Roles User Accounts S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Cisco MDS SAN-OS does not support all numeric user names, whether created with TACACS+ or Caution RADIUS, or created locally.

  • Page 825: Changing Administrator Password Using Fabric Manager

    Chapter 39 Configuring Users and Common Roles User Accounts S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m You see the Create Users dialog box shown in Figure 39-8.
  • Page 826 Chapter 39 Configuring Users and Common Roles User Accounts S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m New password will be saved after the fabric is open.

  • Page 827: Deleting A User

    Chapter 39 Configuring Users and Common Roles SSH Services S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Deleting a User To delete a user using Fabric Manager, follow these steps: Expand Switches >...

  • Page 828: About Ssh

    Chapter 39 Configuring Users and Common Roles SSH Services S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Generating the SSH Server Key Pair, page 39-17 •...

  • Page 829: Generating The Ssh Server Key Pair

    Chapter 39 Configuring Users and Common Roles SSH Services S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Generating the SSH Server Key Pair To generate the SSH server key pair, follow these steps: Expand Switches >...

  • Page 830: Overwriting A Generated Key Pair

    Chapter 39 Configuring Users and Common Roles SSH Services S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Overwriting a Generated Key Pair If the SSH key pair option is already generated for the required version, you can force the switch to overwrite the previously generated key pair.

  • Page 831: Ssh Authentication Using Digital Certificates

    Chapter 39 Configuring Users and Common Roles SSH Services S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m If you are logging in to a switch through SSH and you have issued the aaa authentication login Note default none CLI command, you must enter one or more key strokes to log in.

  • Page 832: Recovering The Administrator Password

    Chapter 39 Configuring Users and Common Roles Recovering the Administrator Password S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Cisco MDS NX-OS does not support all numeric usernames, whether created with TACACS+ or Caution RADIUS, or created locally.

  • Page 833: Configuring Cisco Acs Servers

    Chapter 39 Configuring Users and Common Roles Configuring Cisco ACS Servers S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Configuring Cisco ACS Servers The Cisco Access Control Server (ACS) uses TACACS+ and RADIUS protocols to provide AAA services that ensure a secure environment.When using the AAA server, user management is normally...
  • Page 834 Chapter 39 Configuring Users and Common Roles Configuring Cisco ACS Servers S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 39-14 Configuring Multiple Roles with SNMPv3 Attributes When Using RADIUS Cisco MDS 9000 Family Fabric Manager Configuration Guide...
  • Page 835 Chapter 39 Configuring Users and Common Roles Configuring Cisco ACS Servers S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 39-15 Configuring the network-admin Role with SNMPv3 Attributes When Using TACACS+ Cisco MDS 9000 Family Fabric Manager Configuration Guide...

  • Page 836: Default Settings

    Chapter 39 Configuring Users and Common Roles Default Settings S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 39-16 Configuring Multiple Roles with SNMPv3 Attributes When Using TACACS+ Default Settings...
  • Page 837 Chapter 39 Configuring Users and Common Roles Default Settings S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Table 39-1 Default Switch Security Settings (continued) Parameters...
  • Page 838 Chapter 39 Configuring Users and Common Roles Default Settings S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Cisco MDS 9000 Family Fabric Manager Configuration Guide 39-26 OL-17256-03, Cisco MDS NX-OS Release 4.x...

  • Page 839: Configuring Snmp

    S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m C H A P T E R Configuring SNMP The CLI and SNMP use common roles in all switches in the Cisco MDS 9000 Family.

  • Page 840: Chapter 40 Configuring Snmp

    Chapter 40 Configuring SNMP SNMPv3 CLI User Management and AAA Integration S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m This section includes the following topics: SNMP Version 1 and Version 2c, page 40-2 •...

  • Page 841: Cli And Snmp User Synchronization

    Chapter 40 Configuring SNMP SNMPv3 CLI User Management and AAA Integration S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m SNMPv3 user management can be centralized at the AAA server level.

  • Page 842: Creating And Modifying Users

    Chapter 40 Configuring SNMP Creating and Modifying Users S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m You can begin communicating with the agent once your user name is created, your roles are set up by your administrator, and you are added to the roles.

  • Page 843: Enforcing Snmpv3 Message Encryption

    Chapter 40 Configuring SNMP Creating and Modifying Users S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Enforcing SNMPv3 Message Encryption By default the SNMP agent allows the securityLevel parameters of authNoPriv and authPriv for the SNMPv3 messages that use user-configured SNMPv3 message encryption with auth and priv keys.

  • Page 844: Assigning Snmpv3 Users To Multiple Roles

    Chapter 40 Configuring SNMP Creating and Modifying Users S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Select a VSAN in the Logical Domains pane.

  • Page 845: Adding Communities

    Chapter 40 Configuring SNMP Creating and Modifying Users S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m (Optional) Provide an expiration date for the user and the file name of an SSH key.

  • Page 846: Snmp Trap And Inform Notifications

    Chapter 40 Configuring SNMP SNMP Trap and Inform Notifications S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Click the name of the community you want to delete.

  • Page 847: Configuring Snmpv3 Notifications

    Chapter 40 Configuring SNMP SNMP Trap and Inform Notifications S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 40-7 Create Destinations Dialog Box Check the switches for which you want to configure a new destination.
  • Page 848 Chapter 40 Configuring SNMP SNMP Trap and Inform Notifications S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Table 40-1 lists the Fabric Manager procedures that enable the notifications for Cisco MDS MIBs.

  • Page 849: Configuring The Notification Target User

    Chapter 40 Configuring SNMP SNMP Trap and Inform Notifications S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Click the Other tab to enable other notifications.

  • Page 850: Viewing The Snmp Events Log

    Chapter 40 Configuring SNMP Default Settings S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Viewing the SNMP Events Log To view the SNMP events log from Fabric Manager, click the Events tab (see Figure...

  • Page 851: Configuring Radius And Tacacs

    S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m C H A P T E R Configuring RADIUS and TACACS+ The authentication, authorization, and accounting (AAA) feature verifies the identity of, grants access...

  • Page 852: Chapter 41 Configuring Radiu And Tacac+

    Chapter 41 Configuring RADIUS and TACACS+ Switch AAA S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Fabric Manager Security Options You can access Fabric Manager using the console (serial connection), Telnet, or Secure Shell (SSH).

  • Page 853: Authentication

    Chapter 41 Configuring RADIUS and TACACS+ Switch AAA S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Authentication Authentication is the process of verifying the identity of the person or device accessing the switch.

  • Page 854: Remote Aaa Services

    Chapter 41 Configuring RADIUS and TACACS+ Switch AAA S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Remote AAA Services Remote AAA services provided through RADIUS and TACACS+ protocols have the following advantages over local AAA services:...

  • Page 855: Aaa Server Monitoring

    Chapter 41 Configuring RADIUS and TACACS+ Switch AAA S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Cisco MDS NX-OS does not support all numeric usernames, whether created with TACACS+ or Caution RADIUS, or created locally.

  • Page 856: Authentication And Authorization Process

    Chapter 41 Configuring RADIUS and TACACS+ Switch AAA S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Authentication and Authorization Process Authentication is the process of verifying the identity of the person managing the switch.

  • Page 857: Configuring Radius Server Monitoring Parameters

    Chapter 41 Configuring RADIUS and TACACS+ Configuring RADIUS Server Monitoring Parameters S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 41-2 Switch Authorization and Authentication Flow Start...

  • Page 858: About Radius Server Default Configuration

    Chapter 41 Configuring RADIUS and TACACS+ Configuring RADIUS Server Monitoring Parameters S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m This section includes the following topics: About RADIUS Server Default Configuration, page 41-8 •...

  • Page 859: Setting The Default Radius Server Timeout Interval And Retransmits

    Chapter 41 Configuring RADIUS and TACACS+ Configuring RADIUS Server Monitoring Parameters S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 41-3 RADIUS Default Settings Step 3...

  • Page 860: Configuring A Radius Server

    Chapter 41 Configuring RADIUS and TACACS+ Configuring RADIUS Server Monitoring Parameters S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Configuring a RADIUS Server To configure a RADIUS server and all its options using Fabric Manager, follow these steps: Expand Switches >...

  • Page 861: Configuring The Test Idle Timer

    Chapter 41 Configuring RADIUS and TACACS+ Configuring RADIUS Server Monitoring Parameters S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Enter the test user with the default password.

  • Page 862: Displaying Radius Server Statistics

    Chapter 41 Configuring RADIUS and TACACS+ Configuring RADIUS Server Monitoring Parameters S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m You see any existing RADIUS servers.

  • Page 863: About Vendor-Specific Attributes

    Chapter 41 Configuring RADIUS and TACACS+ Configuring RADIUS Server Monitoring Parameters S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m About Vendor-Specific Attributes The Internet Engineering Task Force (IETF) draft standard specifies a method for communicating vendor-specific attributes (VSAs) between the network access server and the RADIUS server.

  • Page 864: Configuring Tacacs+ Server Monitoring Parameters

    Chapter 41 Configuring RADIUS and TACACS+ Configuring TACACS+ Server Monitoring Parameters S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m The SNMPv3 authentication protocol options are SHA and MD5.

  • Page 865: About The Default Tacacs+ Server Encryption Type And Preshared Key

    Chapter 41 Configuring RADIUS and TACACS+ Configuring TACACS+ Server Monitoring Parameters S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Timeout value •...

  • Page 866: About Tacacs+ Servers

    Chapter 41 Configuring RADIUS and TACACS+ Configuring TACACS+ Server Monitoring Parameters S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Click the Apply Changes icon to save the changes.

  • Page 867: About Validating A Tacacs+ Server

    Chapter 41 Configuring RADIUS and TACACS+ Configuring TACACS+ Server Monitoring Parameters S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 41-5 Create TACACS+ Server Dialog Box Select the switches that you want to assign as TACACS servers.

  • Page 868: Periodically Validating A Tacacs+ Server

    Chapter 41 Configuring RADIUS and TACACS+ Configuring TACACS+ Server Monitoring Parameters S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m You can configure this option to test the server periodically, or you can run a one-time only test.

  • Page 869: About Custom Attributes For Roles

    Chapter 41 Configuring RADIUS and TACACS+ Server Groups S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m About Custom Attributes for Roles Cisco MDS 9000 Family switches use the TACACS+ custom attribute for service shells to configure roles to which a user belongs.

  • Page 870: About Configuring Server Groups

    Chapter 41 Configuring RADIUS and TACACS+ Server Groups S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m This section includes the following topics: About Configuring Server Groups, page 41-20 •...

  • Page 871: About Bypassing A Nonresponsive Server

    Chapter 41 Configuring RADIUS and TACACS+ AAA Server Distribution S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 41-7 Applications Tab Step 8...

  • Page 872: Enabling Aaa Server Distribution

    Chapter 41 Configuring RADIUS and TACACS+ AAA Server Distribution S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Merge Guidelines for RADIUS and TACACS+ Configurations, page 41-24 •...

  • Page 873: Displaying The Session Status

    Chapter 41 Configuring RADIUS and TACACS+ AAA Server Distribution S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Displaying the Session Status Once the implicit distribution session has started, you can check the session statusfrom Fabric Manager by expanding Switches >...

  • Page 874: Clearing Sessions

    Chapter 41 Configuring RADIUS and TACACS+ MSCHAP Authentication S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m To discard RADIUS or TACACS+ distribution using Fabric Manager, follow these steps: Expand Switches >...

  • Page 875: About Enabling Mschap

    Chapter 41 Configuring RADIUS and TACACS+ MSCHAP Authentication S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m About Enabling MSCHAP By default, the switch uses Password Authentication Protocol (PAP) authentication between the switch and the remote server.

  • Page 876: Local Aaa Services

    Chapter 41 Configuring RADIUS and TACACS+ Local AAA Services S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Click Apply Changes to save the changes.
  • Page 877 Chapter 41 Configuring RADIUS and TACACS+ Configuring Cisco Access Control Servers S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 41-10 Configuring the network-admin Role When Using RADIUS Cisco MDS 9000 Family Fabric Manager Configuration Guide...
  • Page 878 Chapter 41 Configuring RADIUS and TACACS+ Configuring Cisco Access Control Servers S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 41-11 Configuring Multiple Roles with SNMPv3 Attributes When Using RADIUS Cisco MDS 9000 Family Fabric Manager Configuration Guide...
  • Page 879 Chapter 41 Configuring RADIUS and TACACS+ Configuring Cisco Access Control Servers S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 41-12 Configuring the network-admin Role with SNMPv3 Attributes When Using TACACS+ Cisco MDS 9000 Family Fabric Manager Configuration Guide...

  • Page 880: Default Settings

    Chapter 41 Configuring RADIUS and TACACS+ Default Settings S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 41-13 Configuring Multiple Roles with SNMPv3 Attributes When Using TACACS+ Default Settings...
  • Page 881 Chapter 41 Configuring RADIUS and TACACS+ Default Settings S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Table 41-2 Default Switch Security Settings (continued) Parameters...
  • Page 882 Chapter 41 Configuring RADIUS and TACACS+ Default Settings S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Cisco MDS 9000 Family Fabric Manager Configuration Guide 41-32 OL-17256-03, Cisco MDS NX-OS Release 4.x...

  • Page 883: Configuring Ipv4 And Ipv6 Access Control Lists

    S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m C H A P T E R Configuring IPv4 and IPv6 Access Control Lists Cisco MDS 9000 Family switches can route IP version 4 (IPv4) traffic between Ethernet and Fibre...

  • Page 884: C H A P T E R 42 Configuring Ipv4 And Ipv6 Access Control Lists

    Chapter 42 Configuring IPv4 and IPv6 Access Control Lists IPv4-ACL and IPv6-ACL Configuration Guidelines S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m IPv4-ACL and IPv6-ACL Configuration Guidelines Follow these guidelines when configuring IPv4-ACLs or IPv6-ACLs in any switch or director in the Cisco MDS 9000 Family:...

  • Page 885: Address Information

    Chapter 42 Configuring IPv4 and IPv6 Access Control Lists About Filter Contents S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m When configuring IPv4-ACLs or IPv6-ACLs on Gigabit Ethernet interfaces, only use the TCP Note or ICMP options.

  • Page 886: Icmp Information

    Chapter 42 Configuring IPv4 and IPv6 Access Control Lists About Filter Contents S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Table 42-1 TCP and UDP Port Numbers Protocol...

  • Page 887: Tos Information

    Chapter 42 Configuring IPv4 and IPv6 Access Control Lists Creating IPv4-ACLs or IPv6-ACLs with the IP-ACL Wizard S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m 1.

  • Page 888: Creating Ipv4-Acls Or Ipv6-Acls In Device Manager

    Chapter 42 Configuring IPv4 and IPv6 Access Control Lists Creating IPv4-ACLs or IPv6-ACLs with the IP-ACL Wizard S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m If you are creating an IPv6-ACL, check the IPv6 check box.
  • Page 889 Chapter 42 Configuring IPv4 and IPv6 Access Control Lists Creating IPv4-ACLs or IPv6-ACLs with the IP-ACL Wizard S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m You see the Create IP ACL Profiles dialog box shown in Figure 42-3.

  • Page 890: Removing Ip Filters From An Existing Ipv4-Acl Or Ipv6-Acl

    Chapter 42 Configuring IPv4 and IPv6 Access Control Lists Creating IPv4-ACLs or IPv6-ACLs with the IP-ACL Wizard S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 42-5 Create IP Filter Dialog Box Choose either permit or deny for the Action and set the IP Number in the Protocol field.

  • Page 891: Deleting Ip-Acls

    Chapter 42 Configuring IPv4 and IPv6 Access Control Lists Reading the IP-ACL Log Dump S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Click the IP-ACL you want to modify and click Rules.

  • Page 892: Applying An Ip-Acl To An Interface

    Chapter 42 Configuring IPv4 and IPv6 Access Control Lists Applying an IP-ACL to an Interface S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Applying an IP-ACL to an Interface You can define IP-ACLs without applying them.

  • Page 893: Applying An Ip-Acl To Mgmt0

    Chapter 42 Configuring IPv4 and IPv6 Access Control Lists Applying an IP-ACL to mgmt0 S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Applying an IP-ACL to mgmt0 A system default ACL called mgmt0 exists on the mgmt0 interface.

  • Page 894: Example Ip-Acl Configuration

    Chapter 42 Configuring IPv4 and IPv6 Access Control Lists Example IP-ACL Configuration S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Example IP-ACL Configuration To define an IP-ACL that restricts management access using Device Manager, follow these steps: Step 1...
  • Page 895 Chapter 42 Configuring IPv4 and IPv6 Access Control Lists Example IP-ACL Configuration S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Select 8 echo from the ICMPType drop-down menu.
  • Page 896 Chapter 42 Configuring IPv4 and IPv6 Access Control Lists Example IP-ACL Configuration S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Cisco MDS 9000 Family Fabric Manager Configuration Guide 42-14 OL-17256-03, Cisco MDS NX-OS Release 4.x...

  • Page 897: About Cas And Digital Certificates

    S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m C H A P T E R Configuring Certificate Authorities and Digital Certificates...

  • Page 898: C H A P T E R 43 Configuring Certificate Authorities And Digital Certificates

    Chapter 43 Configuring Certificate Authorities and Digital Certificates About CAs and Digital Certificates S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Purpose of CAs and Digital Certificates CAs manage certificate requests and issue certificates to participating entities such as hosts, network devices, or users.

  • Page 899: Multiple Trusted Ca Support

    Chapter 43 Configuring Certificate Authorities and Digital Certificates About CAs and Digital Certificates S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m The following list summarizes the relationship between trust points, RSA key-pairs, and identity certificates: •...

  • Page 900: Pki Enrollment Support

    Chapter 43 Configuring Certificate Authorities and Digital Certificates About CAs and Digital Certificates S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m PKI Enrollment Support Enrollment is the process of obtaining an identity certificate for the switch that is used for applications such as IPsec/IKE or SSH.

  • Page 901: Peer Certificate Verification

    Chapter 43 Configuring Certificate Authorities and Digital Certificates About CAs and Digital Certificates S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Peer Certificate Verification The PKI support on an MDS switch provides the means to verify peer certificates.

  • Page 902: Configuring Cas And Digital Certificates

    Chapter 43 Configuring Certificate Authorities and Digital Certificates Configuring CAs and Digital Certificates S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Configuring CAs and Digital Certificates This section describes the tasks you must perform to allow CAs and digital certificates your Cisco MDS switch device to interoperate.
  • Page 903 Chapter 43 Configuring Certificate Authorities and Digital Certificates Configuring CAs and Digital Certificates S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 43-1 PKI RSA Key-Pair Information Click Create Row.

  • Page 904: Creating A Trust Point Ca Association

    Chapter 43 Configuring Certificate Authorities and Digital Certificates Configuring CAs and Digital Certificates S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Click Create to create the RSA Key-Pair.

  • Page 905: Copying Files To Bootflash

    Chapter 43 Configuring Certificate Authorities and Digital Certificates Configuring CAs and Digital Certificates S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m The OSCP URL must be configured before configuring the revocation checking method.

  • Page 906: Authenticating The Ca

    Chapter 43 Configuring Certificate Authorities and Digital Certificates Configuring CAs and Digital Certificates S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 43-6 Copy Files Dialog Box Step 4...

  • Page 907: Confirming Ca Authentication

    Chapter 43 Configuring Certificate Authorities and Digital Certificates Configuring CAs and Digital Certificates S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m From the Command field drop-down menu, select the appropriate option.

  • Page 908: Configuring Certificate Revocation Checking Methods

    Chapter 43 Configuring Certificate Authorities and Digital Certificates Configuring CAs and Digital Certificates S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Configuring Certificate Revocation Checking Methods During security exchanges with a client (for example, an IKE peer or SSH user), the MDS switch performs the certificate verification of the peer certificate sent by the client and the verification process...

  • Page 909: Installing Identity Certificates

    Chapter 43 Configuring Certificate Authorities and Digital Certificates Configuring CAs and Digital Certificates S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m The challenge password is not saved with the configuration.

  • Page 910: Ensuring Trust Point Configurations Persist Across Reboots

    Chapter 43 Configuring Certificate Authorities and Digital Certificates Configuring CAs and Digital Certificates S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Ensuring Trust Point Configurations Persist Across Reboots The trust point configuration is a normal Cisco NX-OS configuration that persists across system reboots only if you copy it explicitly to the startup configuration.
  • Page 911 Chapter 43 Configuring Certificate Authorities and Digital Certificates Configuring CAs and Digital Certificates S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 43-9 Pkcs12export Option Exports a Key-Pair Step 4...

  • Page 912: Deleting Certificates From The Ca Configuration

    Chapter 43 Configuring Certificate Authorities and Digital Certificates Configuring CAs and Digital Certificates S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Click the Trust Point Actions tab in the Information pane.

  • Page 913: Example Configurations

    Chapter 43 Configuring Certificate Authorities and Digital Certificates Example Configurations S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Click Yes or No in the Confirmation dialog box.
  • Page 914 Chapter 43 Configuring Certificate Authorities and Digital Certificates Example Configurations S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Download the CA certificate from the CA that you want to add as the trustpoint CA.

  • Page 915: Downloading A Ca Certificate

    Chapter 43 Configuring Certificate Authorities and Digital Certificates Example Configurations S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Enter the name of the certificate file which was copied to bootflash, in the URL field in the bootflash:filename format.
  • Page 916 Chapter 43 Configuring Certificate Authorities and Digital Certificates Example Configurations S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Click the Open button in the File Download dialog box.
  • Page 917 Chapter 43 Configuring Certificate Authorities and Digital Certificates Example Configurations S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Select the Base-64 encoded X.509 (CER) on the Certificate Export Wizard dialog box and click Next.
  • Page 918 Chapter 43 Configuring Certificate Authorities and Digital Certificates Example Configurations S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Step 7 Click the Finish button on the Certificate Export Wizard dialog box.
  • Page 919 Chapter 43 Configuring Certificate Authorities and Digital Certificates Example Configurations S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Cisco MDS 9000 Family Fabric Manager Configuration Guide 43-23 OL-17256-03, Cisco MDS NX-OS Release 4.x...

  • Page 920: Requesting An Identity Certificate

    Chapter 43 Configuring Certificate Authorities and Digital Certificates Example Configurations S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Requesting an Identity Certificate To request an identify certificate from a Microsoft Certificate server using a PKCS#10 certificate signing request (CRS), follow these steps:...
  • Page 921 Chapter 43 Configuring Certificate Authorities and Digital Certificates Example Configurations S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Select the Submit a certificate request using a base64 encoded PKCS#10 file or a renewal request Step 3 using a base64 encoded PKCS#7 file radio button and click Next.
  • Page 922 Chapter 43 Configuring Certificate Authorities and Digital Certificates Example Configurations S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Wait one or two days until the certificate is issued by the CA administrator.
  • Page 923 Chapter 43 Configuring Certificate Authorities and Digital Certificates Example Configurations S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Select the Check on a pending certificate radio button on the Microsoft Certificate Services web Step 7 interface and click Next.
  • Page 924 Chapter 43 Configuring Certificate Authorities and Digital Certificates Example Configurations S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Select Base 64 encoded and click the Download CA certificate link.
  • Page 925 Chapter 43 Configuring Certificate Authorities and Digital Certificates Example Configurations S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Click the Details tab on the Certificate dialog and click the Copy to File button.

  • Page 926: Revoking A Certificate

    Chapter 43 Configuring Certificate Authorities and Digital Certificates Example Configurations S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Step 14 Display the identity certificate in base64-encoded format using the Microsoft Windows type command.
  • Page 927 Chapter 43 Configuring Certificate Authorities and Digital Certificates Example Configurations S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Click the Issued Certificates folder on the Certification Authority tree.
  • Page 928 Chapter 43 Configuring Certificate Authorities and Digital Certificates Example Configurations S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Select a reason for the revocation from the Reason code drop-down list, and click Yes.

  • Page 929: Generating And Publishing The Crl

    Chapter 43 Configuring Certificate Authorities and Digital Certificates Example Configurations S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Generating and Publishing the CRL To generate and publish the CRL using the Microsoft CA administrator program, follow these steps: Select Action >...

  • Page 930: Downloading The Crl

    Chapter 43 Configuring Certificate Authorities and Digital Certificates Example Configurations S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Downloading the CRL To download the CRL from the Microsoft CA website, follow these steps: Select Request the CA certificate or certificate revocation list radio button on the Microsoft...
  • Page 931 Chapter 43 Configuring Certificate Authorities and Digital Certificates Example Configurations S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Enter the destination file name in the Save As dialog box and click Save.

  • Page 932: Importingthe Crl

    Chapter 43 Configuring Certificate Authorities and Digital Certificates Maximum Limits S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Importingthe CRL To import the CRL to the trust point corresponding to the CA, follow these steps: Step 1...

  • Page 933: Default Settings

    Chapter 43 Configuring Certificate Authorities and Digital Certificates Default Settings S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Table 43-1 Maximum Limits for CA and Digital Certificate Feature...
  • Page 934 Chapter 43 Configuring Certificate Authorities and Digital Certificates Default Settings S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Cisco MDS 9000 Family Fabric Manager Configuration Guide 43-38 OL-17256-03, Cisco MDS NX-OS Release 4.x...

  • Page 935: Configuring Ipsec Network Security

    S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m C H A P T E R Configuring IPsec Network Security IP security (IPsec) protocol is a framework of open standards that provides data confidentiality, data...

  • Page 936: C H A P T E R 44 Configuring Ipsec Network Security

    Chapter 44 Configuring IPsec Network Security About IPsec S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m About IPsec IPsec is not supported by the Cisco Fabric Switch for HP c-Class BladeSystem and the Cisco Fabric Note...

  • Page 937: About Ike

    Chapter 44 Configuring IPsec Network Security About IKE S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 44-1 FCIP and iSCSI Scenarios Using MPS-14/2 Modules iSCSI Servers...

  • Page 938: Using Ipsec

    Chapter 44 Configuring IPsec Network Security Using IPsec S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m The IPsec feature inserts new headers in existing packets (see the “Configuring the MTU Frame Size”...

  • Page 939: Ipsec And Ike Terminology

    Chapter 44 Configuring IPsec Network Security Using IPsec S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Security association bundling.

  • Page 940: Supported Ipsec Transforms And Algorithms

    Chapter 44 Configuring IPsec Network Security Using IPsec S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Data confidentiality—A security service where the protected data cannot be observed.

  • Page 941: Ipsec Digital Certificate Support

    Chapter 44 Configuring IPsec Network Security IPsec Digital Certificate Support S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Advanced Encrypted Standard (AES) is an encryption algorithm.

  • Page 942: Implementing Ipsec With Cas And Digital Certificates

    Chapter 44 Configuring IPsec Network Security IPsec Digital Certificate Support S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 44-2 Two IPsec Switches Without CAs and Digital Certificates Cleartext...

  • Page 943: How Ca Certificates Are Used By Ipsec Devices

    Chapter 44 Configuring IPsec Network Security IPsec Digital Certificate Support S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 44-4 Dynamically Authenticating Devices with a CA Certificate...

  • Page 944: Configuring Ipsec Using Fcip Wizard

    Chapter 44 Configuring IPsec Network Security Configuring IPsec Using FCIP Wizard S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m If the peer asks for a certificate which is signed by a CA that it trusts, then IKE uses that certificate, •...
  • Page 945 Chapter 44 Configuring IPsec Network Security Configuring IPsec Using FCIP Wizard S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 44-6 Enabling IPsec on an FCIP Link Step 5...
  • Page 946 Chapter 44 Configuring IPsec Network Security Configuring IPsec Using FCIP Wizard S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 44-7 IPSec Configuration The Control tab is the default.

  • Page 947: Manually Configuring Ipsec And Ike

    Chapter 44 Configuring IPsec Network Security Manually Configuring IPsec and IKE S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Manually Configuring IPsec and IKE This section describes how to manually configure IPsec and IKE if you are not using the FCIP Wizard.

  • Page 948: About Ike Policy Negotiation

    Chapter 44 Configuring IPsec Network Security Manually Configuring IPsec and IKE S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m IKE version 2 (IKEv2) is a simplified and more efficient version and does not interoperate with •...

  • Page 949: Configuring An Ike Policy

    Chapter 44 Configuring IPsec Network Security Manually Configuring IPsec and IKE S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m When you configure the hash algorithm, the corresponding HMAC version is used as the authentication Note algorithm.

  • Page 950: Optional Ike Parameter Configuration

    Chapter 44 Configuring IPsec Network Security Optional IKE Parameter Configuration S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 44-10 Create IKE Step 4...

  • Page 951: Configuring The Keepalive Time For A Peer

    Chapter 44 Configuring IPsec Network Security Optional IKE Parameter Configuration S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Only IKE v1 is supported to build IPsec between 2.x and 3.x MDS switches.

  • Page 952: Configuring The Initiator Version

    Chapter 44 Configuring IPsec Network Security Optional IKE Parameter Configuration S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 44-11 IKE Configuration Select the Global tab.
  • Page 953 Chapter 44 Configuring IPsec Network Security Optional IKE Parameter Configuration S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m You see the IKE configuration in the Information pane (see Figure 44-13).

  • Page 954: Clearing Ike Tunnels Or Domains

    Chapter 44 Configuring IPsec Network Security Optional IKE Parameter Configuration S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Click Create to create this initiator version or click Close to discard any unsaved changes.

  • Page 955: Crypto Ipv4-Acls

    Chapter 44 Configuring IPsec Network Security Crypto IPv4-ACLs S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 44-16 IKE Configuration Click the Pre-Shared AuthKey tab in the Information pane.

  • Page 956: About Crypto Ipv4-Acls

    Chapter 44 Configuring IPsec Network Security Crypto IPv4-ACLs S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Configuring Perfect Forward Secrecy, page 44-35 •...
  • Page 957 Chapter 44 Configuring IPsec Network Security Crypto IPv4-ACLs S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m The deny option prevents traffic from being protected by crypto.

  • Page 958: Mirror Image Crypto Ipv4-Acls

    Chapter 44 Configuring IPsec Network Security Crypto IPv4-ACLs S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m For IPsec to interoperate effectively with Microsoft iSCSI initiators, specify the TCP protocol and •...

  • Page 959: The Any Keyword In Crypto Ipv4-Acls

    Chapter 44 Configuring IPsec Network Security Crypto IPv4-ACLs S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m In case 4, an SA cannot be established because SAs are always requested according to the crypto IPv4-ACLs at the initiating packet's end.

  • Page 960: Configuring Transform Sets

    Chapter 44 Configuring IPsec Network Security Crypto IPv4-ACLs S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m When you enable IPsec, the Cisco NX-OS software automatically creates a default transform set Note (ipsec_default_tranform_set) using AES-128 encryption and SHA-1 authentication algorithms.
  • Page 961 Chapter 44 Configuring IPsec Network Security Crypto IPv4-ACLs S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 44-19 IPsec Configuration Click the Transform Set tab in the Information pane.

  • Page 962: About Crypto Map Entries

    Chapter 44 Configuring IPsec Network Security Crypto IPv4-ACLs S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m About Crypto Map Entries Once you have created the crypto IPv4-ACLs and transform sets, you can create crypto map entries that combine the various parts of the IPsec SA, including the following:...

  • Page 963: Crypto Map Configuration Guidelines

    Chapter 44 Configuring IPsec Network Security Crypto IPv4-ACLs S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Crypto Map Configuration Guidelines When configuring crypto map entries, follow these guidelines: The sequence number for each crypto map decides the order in which the policies are applied.

  • Page 964: About Sa Lifetime Negotiation

    Chapter 44 Configuring IPsec Network Security Crypto IPv4-ACLs S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 44-22 Existing Crypto Maps Step 3...

  • Page 965: Setting The Sa Lifetime

    Chapter 44 Configuring IPsec Network Security Crypto IPv4-ACLs S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m To specify SA lifetime negotiation values, you can optionally configure the lifetime value for a specified crypto map.

  • Page 966: About The Autopeer Option

    Chapter 44 Configuring IPsec Network Security Crypto IPv4-ACLs S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m You see more columns shown in Figure 44-26.

  • Page 967: Configuring The Autopeer Option

    Chapter 44 Configuring IPsec Network Security Crypto IPv4-ACLs S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 44-27 iSCSI with End-to-End IPsec Using the auto-peer Option Subnet X...

  • Page 968: About Perfect Forward Secrecy

    Chapter 44 Configuring IPsec Network Security Crypto IPv4-ACLs S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 44-28 IPsec Configuration Click the CryptoMap Set Entry tab.

  • Page 969: Configuring Perfect Forward Secrecy

    Chapter 44 Configuring IPsec Network Security Crypto IPv4-ACLs S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Configuring Perfect Forward Secrecy To configure the PFS value using Fabric Manager, follow these steps: Expand Switches >...

  • Page 970: About Crypto Map Set Application

    Chapter 44 Configuring IPsec Network Security Crypto IPv4-ACLs S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m About Crypto Map Set Application You need to apply a crypto map set to each interface through which IPsec traffic will flow.

  • Page 971: Ipsec Maintenance

    Chapter 44 Configuring IPsec Network Security IPsec Maintenance S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Click the Interfaces tab.
  • Page 972 Chapter 44 Configuring IPsec Network Security Global Lifetime Values S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Assuming that the particular crypto map entry does not have lifetime values configured, when the switch requests new SAs it will specify its global lifetime values in the request to the peer;...

  • Page 973: Default Settings

    Chapter 44 Configuring IPsec Network Security Default Settings S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Default Settings Table 44-3 lists the default settings for IKE parameters.
  • Page 974 Chapter 44 Configuring IPsec Network Security Default Settings S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Cisco MDS 9000 Family Fabric Manager Configuration Guide 44-40 OL-17256-03, Cisco MDS NX-OS Release 4.x...

  • Page 975: Configuring Fc-Sp And Dhchap

    S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m C H A P T E R Configuring FC-SP and DHCHAP Fibre Channel Security Protocol (FC-SP) capabilities provide switch-switch and host-switch...

  • Page 976: Dhchap

    Chapter 45 Configuring FC-SP and DHCHAP DHCHAP S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 45-1 Switch and Host Authentication Trusted hosts...

  • Page 977: Chapter 45 Configuring Fc-Sp And Dhchap

    Chapter 45 Configuring FC-SP and DHCHAP DHCHAP S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Configure the hash algorithm and DH group.

  • Page 978: About Enabling Dhchap

    Chapter 45 Configuring FC-SP and DHCHAP DHCHAP S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m About Enabling DHCHAP By default, the DHCHAP feature is disabled in all switches in the Cisco MDS 9000 Family.

  • Page 979: About Dhchap Authentication Modes

    Chapter 45 Configuring FC-SP and DHCHAP DHCHAP S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m About DHCHAP Authentication Modes The DHCHAP authentication status for each interface depends on the configured DHCHAP port mode.

  • Page 980: About The Dhchap Hash Algorithm

    Chapter 45 Configuring FC-SP and DHCHAP DHCHAP S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 45-3 FC-SP (DHCHAP) Interface Modes Set the Mode drop-down menu to the DHCHAP authentication mode you want to configure for that...

  • Page 981: About The Dhchap Group Settings

    Chapter 45 Configuring FC-SP and DHCHAP DHCHAP S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m About the DHCHAP Group Settings All switches in the Cisco MDS Family support all DHCHAP groups specified in the standard: 0 (null DH group, which does not perform the Diffie-Hellman exchange), 1, 2, 3, or 4.

  • Page 982: Configuring Dhchap Passwords For The Local Switch

    Chapter 45 Configuring FC-SP and DHCHAP DHCHAP S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Configuring DHCHAP Passwords for the Local Switch To configure the DHCHAP password for the local switch using Fabric Manager, follow these steps: Expand Switches >...

  • Page 983: About The Dhchap Timeout Value

    Chapter 45 Configuring FC-SP and DHCHAP DHCHAP S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 45-6 Enable FC-SP Dialog Box Click Apply to save the updated password.

  • Page 984: Configuring Dhchap Aaa Authentication

    Chapter 45 Configuring FC-SP and DHCHAP Default Settings S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Click the Apply Changes icon to save the updated information.

  • Page 985: Configuring Port Security

    S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m C H A P T E R Configuring Port Security All switches in the Cisco MDS 9000 Family provide port security features that reject intrusion attempts...

  • Page 986: Chapter 46 Configuring Port Security

    Chapter 46 Configuring Port Security About Port Security S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m All intrusion attempts are reported to the SAN administrator through system messages.

  • Page 987: Port Security Activation

    Chapter 46 Configuring Port Security Port Security Configuration Guidelines S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m If you enable auto-learning before activating port security, you cannot activate until auto-learning is Note disabled.

  • Page 988: Configuring Port Security With Auto-Learning Without Cfs

    Chapter 46 Configuring Port Security Port Security Configuration Guidelines S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Activate port security on each VSAN.

  • Page 989: Configuring Port Security Using Wizard

    Chapter 46 Configuring Port Security Port Security Configuration Guidelines S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Activate port security on each VSAN.
  • Page 990 Chapter 46 Configuring Port Security Port Security Configuration Guidelines S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Figure 46-1 Select VSAN Window Select the VSAN from the list and click OK.
  • Page 991 Chapter 46 Configuring Port Security Port Security Configuration Guidelines S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m You see Edit and Activate Configuration page as shown in Figure 46-3.

  • Page 992: Enabling Port Security

    Chapter 46 Configuring Port Security Enabling Port Security S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Click Close to exit the Insert Port Security window.

  • Page 993: Port Security Activation

    Chapter 46 Configuring Port Security Port Security Activation S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Click the Control tab.

  • Page 994: Database Activation Rejection

    Chapter 46 Configuring Port Security Activating Port Security S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Click in the Action column under Activation, next to the switch or VSAN on which you want to activate Step 3 port security.

  • Page 995: Database Reactivation

    Chapter 46 Configuring Port Security Activating Port Security S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Click in the Action column under Activation, next to the switch or VSAN on which you want to activate Step 3 port security and select the forceactivate option.

  • Page 996: Displaying Activated Port Security Settings

    Chapter 46 Configuring Port Security Auto-learning S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Displaying Activated Port Security Settings To display active port security settings using Fabric Manager, follow these steps: Expand a VSAN and select Port Security in the Logical Domains pane.

  • Page 997: About Enabling Auto-Learning

    Chapter 46 Configuring Port Security Auto-learning S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m About Enabling Auto-learning The state of the auto-learning configuration depends on the state of the port security feature: If the port security feature is not activated, auto-learning is disabled by default.

  • Page 998: Auto-Learning Device Authorization

    Chapter 46 Configuring Port Security Auto-learning S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Expand a VSAN and select Port Security in the Logical Domains pane.

  • Page 999: Port Security Manual Configuration

    Chapter 46 Configuring Port Security Port Security Manual Configuration S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Table 46-2 summarizes the port security authorization results for this active database.

  • Page 1000: About Wwn Identification

    Chapter 46 Configuring Port Security Port Security Manual Configuration S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Deleting Port Security Setting, page 46-17 •...

This manual is also suitable for:

Ap776a - nexus converged network switch 5020Aj732a - cisco mds 9134 fabric switchCisco mds 9124 - fabric switchCisco mds 9120 - fabric switchCisco mds 9140 - fabric switchCisco mds 9020 - fabric switch ... Show all

Table of Contents