Page 1 53-1001775-01 ® 13 April 2010 DCFM Enterprise User Manual Supporting DCFM 10.4.X...
Page 2: Document History
Copyright © 2007-2010 Brocade Communications Systems, Inc. All Rights Reserved. Brocade, the B-wing symbol, BigIron, DCX, Fabric OS, FastIron, IronPoint, IronShield, IronView, IronWare, JetCore, NetIron, SecureIron, ServerIron, StorageX, and TurboIron are registered trademarks, and DCFM, Extraordinary Networks, and SAN Health are trademarks of Brocade Communications Systems, Inc., in the United States and/or in other countries.
Page 3: Table Of Contents
Contents About This Document In this chapter ......... .xxvii How this document is organized .
Page 4 Contents Management server and client ......14 Logging into a server ....... . . 17 Launching a remote client.
Page 5 Contents Seed switch ..........53 Seed switch requirements.
Page 6 Contents Editing names ........81 Exporting names .
Page 7 Contents Defining an event filter ........119 Call Home for virtual switches .
Page 8 Contents Chapter 6 Third-party tools In this chapter ......... . 141 About third-party tools .
Page 9 Contents Configuring NIS authentication......164 Configuring UNIX password file authentication ... 164 Configuring local database authentication .
Page 10 Contents Host port mapping ........201 Creating a new Host.
Page 11 Contents Upload Failure data capture.......234 Enabling upload failure data capture ....234 Disabling upload failure data capture .
Page 12 Contents Defining the broadcast message action....262 Defining the launch script action ..... . 263 Defining the send e-mail action .
Page 13 Contents Exporting real-time performance data ....296 Clearing port counters ......296 Historical performance data.
Page 14 Contents Chapter 13 Port Fencing In this chapter ......... .325 About port fencing.
Page 15 Contents Roles ..........355 Creating a user role .
Page 16 Contents FCIP trunking ......... . .379 Design for redundancy and fault tolerance .
Page 17 Contents Enabling FCIP circuits ........408 Deleting FCIP Circuits .
Page 18 Contents CEE Performance ........435 Real Time Performance Graph .
Page 19 Contents Saving or Copying a PDCM configuration to another device ..471 Copying a PDCM configuration ......471 Saving a PDCM configuration to another device .
Page 20 Contents Supported encryption key manager appliances ....504 Steps for connecting to an RKM appliance ....504 Exporting the KAC certificate signing request (CSR) .
Page 21 Contents Adding target disk LUNs for encryption ..... .552 Remote replication LUNs......554 SRDF pairs .
Page 22 Contents Chapter 21 Virtual Fabrics In this chapter ......... .589 Virtual Fabrics overview .
Page 23 Contents Adding zones to a zone configuration ....619 Activating a zone configuration......620 Deactivating a zone configuration .
Page 24 Contents Chapter 23 Troubleshooting In this chapter ......... .655 FC troubleshooting .
Page 25 Contents Appendix D Sybase and Derby Database Fields In this appendix ......... 719 Database tables and fields .
Page 26 Contents xxvi DCFM Enterprise User Manual 53-1001775-01...
Page 27: About This Document
About This Document In this chapter • How this document is organized ....... . . xxvii •...
Page 28: Supported Hardware And Software
About This Document • Chapter 15, “Host management,” provides information on how to configure an HBA. • Chapter 16, “Fibre Channel over IP,” provides information on how to configure an FCIP. • Chapter 17, “Fibre Channel over Ethernet,”provides information on how to configure an FCoE. •...
Page 29 About This Document TABLE 1 Supported Hardware Device Name Terminology used in documentation Brocade 200E switch 16-port, 4 Gbps FC Switch Brocade 300 switch 24-port, 8 Gbps FC Switch Brocade 4012 switch Embedded 12-port, 4 Gbps FC Switch Brocade 4016 switch Embedded 16-port, 4 Gbps FC Switch Brocade 4018 switch Embedded 18-port, 4 Gbps FC Switch...
Page 30 About This Document TABLE 1 Supported Hardware (Continued) Device Name Terminology used in documentation Brocade DCX 384-port Backbone Chassis Brocade DCX with FC8-16, FC8-32, and FC8-48 Blades 384-port Backbone Chassis with 8 Gbps 16-FC port, 8 Gbps 32-FC port, and 8 Gbps 48-FC port blades Brocade DCX with FR4-18i Blades 384-port Backbone Chassis with 4 Gbps Router, Extension blade...
Page 31: Supported Open Source Software Products
About This Document TABLE 1 Supported Hardware (Continued) Device Name Terminology used in documentation Mi10K Director 256-Port Director Platform requires Fabric OS v5.1.0 or later Platform requires Fabric OS v5.2.0 or later Platform requires Fabric OS v5.2.1 or later Platform requires Fabric OS v5.3.0 or later Platform requires Fabric OS v5.3.1 or later Platform requires Fabric OS v6.1.0 or later Platform requires Fabric OS v6.0.0 or later...
Page 32: What's New In This Document
About This Document TABLE 2 Supported Open Source Software Third-party Software Products (Continued) Open Source Software Product License Type JRE 1.6 Sun License Log4j 1.2 Apache QuartzEnterpriseJobScheduler 1.6.0 Open Source TheJavaCIFSClientLibrary 1.2.17 LGPL TrileadSSHforJava 2.0.2 Trilead AG VIJava2 2.0 BSD License XMLRPC 1.2-B1 Open Source ApachecommonsPool 1.5.4...
Page 33 About This Document • Information that was changed: • Changed View tab to SAN tab • Moved Menu bar table to Appendix • Changed AG icons • Moved Management server and client section to Chapter 1 Getting Started • Changed procedure - Discovering a fabric •...
Page 34: Document Conventions
About This Document Document conventions This section describes text formatting conventions and important notice formats used in this document. Text formatting The narrative-text formatting conventions that are used are as follows: bold text Identifies command names Identifies the names of user-manipulated GUI elements Identifies keywords and operands Identifies text to enter at the GUI or CLI italic text...
Page 35: Notice To The Reader
About This Document Notice to the reader This document may contain references to the trademarks of the following corporations. These trademarks are the properties of their respective companies and corporations. These references are made for informational purposes only. Corporation Referenced Trademarks and Products Linus Torvalds Linux Microsoft Corporation...
Page 36: Other Industry Resources
About This Document Other industry resources For additional resource information, visit the Technical Committee T11 website. This website provides interface standards for high-performance and mass storage applications for Fibre Channel, storage management, and other applications: http://www.t11.org For information about the Fibre Channel industry, visit the Fibre Channel Industry Association website: http://www.fibrechannel.org Getting technical help...
Page 37: Document Feedback
About This Document • Brocade 7600—On the bottom of the chassis • Brocade 48000—Inside the chassis next to the power supply bays • Brocade DCX and DCX-4S—On the bottom right on the port side of the chassis 4. World Wide Name (WWN) Use the wwn command to display the switch WWN.
Page 38 About This Document xxxviii DCFM Enterprise User Manual 53-1001775-01...
Page 39: In This Chapter
Chapter Getting Started In this chapter • User interface components ........1 •...
Page 40 User interface components FIGURE 1 Main Window 1. Menu Bar. Lists commands you can perform on the SAN. 2. Toolbar. Provides buttons that enable quick access to dialog boxes and functions. 3. SAN tab. Displays the Master Log, Minimap, Connectivity Map (topology), and Product List. For more information, refer to the “SAN tab”.
Page 41: Menu Bar
Menu bar 8. Toolbox. Provides tools for viewing the Connectivity Map as well as exporting the Connectivity Map as an image. Does not display until you discover a fabric. 9. Master Log. Displays all events that have occurred on the SAN. 10.
Page 42: San Tab
SAN tab 11. Port Label. Use to set the port label for the devices in the Connectivity Map. 12. Product List Search. Use to search for a device in the product list. 13. Help. Displays the Online Help. SAN tab The SAN tab displays the Master Log, Utilization Legend, Minimap, Connectivity Map (topology), and Product List.
Page 43: Port Display Buttons
Port Display buttons Port Display buttons The Port Display buttons (Figure 4) are located at the top right of the Product List and enable you to configure how ports display. You have the option of viewing connected (or occupied) product ports, unoccupied product ports, or attached ports.
Page 44: Connectivity Map
Connectivity Map • Domain ID. Displays the Domain ID for the product in the format xx(yy), where xx is the normalized value and yy is the actual value on the wire. • FC Address. Displays the Fibre Channel address of the port. •...
Page 45: Toolbox
Toolbox Toolbox The toolbox (Figure 5) is located at the top right side of the View window and provides tools to export the topology, to zoom in and out of the Connectivity Map, collapse and expand groups, and fit the topology to the window. Does not display until you discover a fabric. FIGURE 5 The Toolbox 1.
Page 46: Utilization Legend
Utilization Legend • Count. The number of times the event occurred. • Module Name. The name of the module on which the event occurred. • Message ID. The message ID of the event. • Contributor. The name of the contributor on which the event occurred. •...
Page 47: Minimap
Minimap Minimap The Minimap, which displays in the lower right corner of the main window, is useful for getting a bird’s-eye view of the SAN, or to quickly jump to a specific place on the Connectivity Map. To jump to a specific location on the Connectivity Map, click that area on the Minimap.
Page 48: Status Bar
Status bar Status bar The status bar (Figure 8) displays at the bottom of the main window. The status bar provides a variety of information about the SAN and the application. The icons on the status bar change to reflect different information, such as the current status of products, fabrics, and backup. FIGURE 8 Status Bar The icons on your status bar will vary based on the licensed features on your system.
Page 49: Icon Legend
Icon legend Icon legend Various icons are used to illustrate devices and connections in a SAN. The following tables list icons that display on the Connectivity Map and Product List. Product icons The following table lists the manageable SAN product icons that display on the topology. Fabric OS manageable devices display with blue icons and M-EOS manageable devices display with green icons.
Page 50: Group Icons
Port icons Group icons The following table lists the manageable SAN product group icons that display on the topology. Icon Description Icon Description Switch Group Host Group Storage Group Unknown Fabric Group Unmanaged Fabric Group Chassis Group Port icons The following table lists the port status icons that display in the Product List. Icon Description Occupied FC Port...
Page 51: Product Status Icons
Product status icons Product status icons The following table lists the product status icons that display on the topology. Icon Status No icon Healthy/Operational Attention Degraded/Marginal Device Added Device Removed/Missing Down/Failed Routed In Routed Out Unknown/Link Down Event icons The following table lists the event icons that display on the topology and Master Log. For more information about events, refer to “Fault Management”...
Page 52: Management Server And Client
Management server and client Management server and client The Management application has two parts: the Server and the Client. The Server is installed on one machine and stores SAN-related information; it does not have a user interface. To view SAN information through a user interface, you must log in to the Server through a Client.
Page 53 Management server and client TABLE 3 Ports (Continued) Port Number Ports Transport Description Communication Path Open in Firewall 2638 Database port (Enforced during install) Port used by database Server–Database Remote ODBC– Database 1, 5, 7 4430 XML-RCP port for SSL Server–Switch 1, 7 8080...
Page 54 Management server and client TABLE 3 Ports (Continued) Port Number Ports Transport Description Communication Path Open in Firewall 55556 Launch in Context (LIC) client hand Client port used to check if a Client shaking port Management application client opened using LIC is running on the same host NOTE: If this port is in use, the application uses the...
Page 55: Logging Into A Server
Logging into a server Logging into a server You must log into a Server to monitor a SAN. NOTE You must have an established user account on the Server to log in. To log into a server, complete the following steps. 1.
Page 56: Clearing Previous Versions Of The Remote Client
Clearing previous versions of the remote client 4. Select or clear the Save password check box to choose whether you want the application to remember your password the next time you log in. 5. Click Login. 6. Click OK on the Login Banner dialog box. The Management application displays.
Page 57 Launching the Configuration Wizard 4. Select Internal FTP Server or External FTP Server on the FTP Server screen and click Next. If port 21 is busy, a message displays. Click OK to close the message and continue. Once the Management application is configured make sure port 21 is free and restart the Server to start the FTP service.
Page 58 Launching the Configuration Wizard b. Select an address from the Switch - Server IP Configuration Preferred Address list. If DNS is not configured for your network, do not select the ‘hostname’ option from either the Server IP Configuration or Switch - Server IP Configuration Preferred Address list. Selecting the ‘hostname’...
Page 59 Launching the Configuration Wizard Click Next. If you enter a syslog port number already in use, a message displays. Click No on the message to remain on the Server Configuration screen and edit the syslog port number (return to step 6a). Click Yes to close the message and continue with step 7. If you enter a port number already in use, a Warning displays next to the associated port number field.
Page 60: Changing Your Password
Changing your password 12. Click Login. 13. Click OK on the Login Banner. Changing your password To change your password, complete the following steps. 1. Double-click the desktop icon or open from the Start menu. The Log In dialog box displays. FIGURE 14 Log In dialog box 2.
Page 61: Viewing Active Sessions
Viewing active sessions If the current password and new password are the same, the following message displays: Old and New passwords cannot be same. Use different password and try again. Press any key to continue. If the new password and confirm password do not match, the following message displays: New password and confirm password do not match.
Page 62: Viewing Server Properties
Viewing server properties Viewing server properties To view the Management application server properties, complete the following steps. 1. Select Server > Server Properties. The Server Properties dialog box displays (Figure 16). FIGURE 16 Server Properties dialog box 2. Click Close. Viewing port status You can view the port status for the following ports: SNMP, Syslog, FTP, and Web Server.
Page 63: License
License License NOTE If your installation does not require a license key, the License dialog box does not display. License keys are unique strings of alphanumeric characters that verify ownership of the Management application software as well as determine the maximum port count allowed or any additional features (such as Event Management) that you receive as part of the license.
Page 64: Entering The License Key
Entering the license key Entering the license key A license key is required to run the application. The key specifies the expiration date of a trial license, as well as the number of ports allowed. NOTE You are not required to enter a license key for a trial license. If you do not enter the license key during installation of Professional Plus or Enterprise editions, you can use the application, including all of its features, for a trial period of 75 days.
Page 65: Installing A Patch
Installing a patch 2. Enter the license key (on the Key Certificate) in the License Key field and click Update. 3. Click OK on the message. The Client closes after updating the license successfully. Restart the Server, Client and Server Management Console for the changes to take effect.
Page 66: Uninstalling A Patch
Uninstalling a patch 5. Click Upgrade. If the patch process is interrupted (for example, loss of power), you must restart the patch process. The patch installer performs the following functions: • Extracts patch files to the Install_Home folder. • Creates a back up (zip) of the original files to be updated and copies the zip file to the Install_Home\patch-backup directory.
Page 67: Feature-To-Firmware Requirements
Feature-to-firmware requirements 8. Go to the Install_Home/conf directory. 9. Open the version.properties file in a text editor. 10. Change the patch version (patch.version) value to the reverted patch (for example, if you are reverting from patch F to patch C then patch.version = c If the previous version is the initial version (no patches), change the patch version value to none (for example,...
Page 68 Feature-to-firmware requirements Feature Fabric OS M-EOS FICON Requires Fabric OS 5.2 or later for cascaded Only supports cascaded FICON configuration for FICON. mixed fabrics. Requires Fabric OS 6.0 or later for advanced FICON. Requires Fabric OS 6.1.1 or later to configure multiple Prohibit Dynamic Connectivity Mask (PDCM) matrices.
Page 69: Accessibility Features For The Management Application
Accessibility features for the Management application Feature Fabric OS M-EOS Virtual Fabrics Requires at least one Virtual Fabrics-enabled Virtual Fabric configuration is only available physical chassis running Fabric OS 6.2 or later. through the Element Manager. Zoning Requires Fabric OS 5.0 or later for pure Fabric OS Requires M-EOS and M-EOSn 9.6.X or later for a fabrics.
Page 70: Look And Feel
Look and Feel Menu Item or Function Keyboard Shortcut Properties Alt-Enter Select All CTRL + A Show Ports Shift-F5 View Utilization CTRL + U Zoom In CTRL + NumPad+ Zoom Out CTRL + NumPad- Look and Feel You can configure the Management application to mimic your system settings as well as define the size of the font.
Page 71 Look and Feel 3. Choose from one of the following options: • Select Default to configure the look and feel back to the Management application defaults. • Select System to configure the Management application to have the look and feel of your system.
Page 72 Look and Feel DCFM Enterprise User Manual 53-1001775-01...
Page 73: Discovery
Chapter Discovery In this chapter • Fabric discovery overview ........35 •...
Page 74: Fcs Policy And Seed Switches
Discovering fabrics FCS policy and seed switches The Management application requires that the seed switch is the primary Fabric Content Service (FCS) switch at the time of discovery. Setting time on the fabric will set the time on the primary FCS switch, which will then distribute the changes to other switches.
Page 75 Discovering fabrics 2. Click Add Fabric to specify the IP addresses of the devices you want to discover. The Address Properties dialog box displays. FIGURE 19 Address Properties dialog box (IP Address tab) 3. Enter a name for the fabric in the Fabric Name field. 4.
Page 76 Discovering fabrics 6. Click the SNMP tab (Figure 20). FIGURE 20 Address Properties dialog box (SNMP - v1 tab) Enter the duration (in seconds) after which the application times out in the Time-out (sec) field. 8. Enter the number of times to retry the process in the Retries field. 9.
Page 77: Configuring Snmp Credentials
Configuring SNMP credentials 14. If you are configuring a 256-port director, select the Configure for 256-Port_Director_Name check box. • If you selected Configure for 256-Port_Director_Name, go to step 18. • If you did not select Configure for 256-Port_Director_Name, continue with step 15. FIGURE 21 Address Properties dialog box (SNMP Tab - v3) 15.
Page 78 Configuring SNMP credentials 5. Select the SNMP version from the SNMP Version list. • If you selected v1, continue with step 6. • If you select v3, the SNMP tab displays the v3 required parameters. Go to step 10. To discover a Virtual Fabric device, you must configure SNMP v3 and your SNMP v3 user account must be defined as a Fabric OS switch user.
Page 79: Reverting To A Default Snmp Community String
Reverting to a default SNMP community string a. Select the Select check box for each undiscovered seed switch to discover their fabrics. b. Click OK on the Undiscovered Seed Switches dialog box. 18. Click OK on the Discover Setup dialog box. Reverting to a default SNMP community string 1.
Page 80: Host Discovery
Host discovery Host discovery The Management application enables you to discover individual hosts, import a group of Host from a comma separated values (CSV) file, or import all hosts from discovered fabrics. NOTE Host discovery requires HCM Agent 2.0 or later. NOTE SMI and WMI discovery are not supported.
Page 81: Importing Hosts From A Csv File
Importing Hosts from a CSV file 9. Click OK on the Add Host Discovery dialog box. If an error occurs, a message displays. Click OK to close the error message and fix the problem. A Host Group displays in Discovered Addresses table with pending status. To update the status from pending you must close and reopen the Discover Setup dialog box.
Page 82: Importing Hosts From A Fabric
Importing Hosts from a Fabric Configure Host credentials, if necessary. To configure host credentials, refer to “Configuring Brocade HBA credentials” on page 45 or “Configuring virtual machine credentials” on page 46. 8. Click OK on the Add Host Discovery dialog box. If an error occurs, a message displays.
Page 83: Configuring Brocade Hba Credentials
Configuring Brocade HBA credentials 8. Click OK on the Add Host Discovery dialog box. If an error occurs, a message displays. Click OK to close the error message and fix the problem. A Host Group displays in Discovered Addresses table with pending status. To update the status from pending you must close and reopen the Discover Setup dialog box.
Page 84: Configuring Virtual Machine Credentials
Configuring virtual machine credentials Configuring virtual machine credentials To configure credentials for a virtual machine, complete the following steps. 1. Select Discover > Setup. The Discover Setup dialog box displays. 2. Click Add Host. The Add Host Discovery dialog box displays. 3.
Page 85: Editing Host Credentials
Editing Host credentials Editing Host credentials To edit Host credentials, complete the following steps. 1. Select Discover > Setup. The Discover Setup dialog box displays. 2. Select the Host and click Edit. The Edit Host Discovery dialog box displays. FIGURE 28 Edit Host Discovery dialog box 3.
Page 86: Removing A Host From Discovery
Removing a Host from Discovery Removing a Host from Discovery To remove a Host from discovery, complete the following steps. 1. Select Discover > Setup. The Discover Setup dialog box displays. 2. Select the Host you want to remove from discovery. 3.
Page 87: Troubleshooting Discovery
Troubleshooting discovery • New Discovery Pending • Created host structure differs from discovered host; Discovery ignored • Brocade HBA Discovery Failed: HCM Agent connection failed • HCM Agent collection failed Troubleshooting discovery If you encounter discovery problems, complete the following checklist to ensure that discovery was set up correctly.
Page 88: M-Eosn Discovery Troubleshooting
M-EOSn discovery troubleshooting M-EOSn discovery troubleshooting The following section states a possible issue and the recommended solution for M-EOSn discovery errors. Problem Resolution M-EOS seed switch discovery is not supported Discover the device using SNMP v1. using SNMPv3 on the following devices: To configure SNMP v3 and manage the device, complete the following steps.
Page 89: Virtual Fabric Discovery Troubleshooting
Virtual Fabric discovery troubleshooting Virtual Fabric discovery troubleshooting The following section state possible issues and the recommended solutions for Virtual Fabric discovery errors. Problem Resolution At the time of discovery, the seed switch is Virtual Fabric-enabled; however, the user does not have Make sure the user account has Chassis Admin role for the seed switch.
Page 90: Fabric Monitoring
Fabric monitoring Fabric monitoring NOTE Monitoring is not supported on Hosts. The upper limit to the number of HBA and CNA ports that can be monitored at the same time is 32. The same upper limit applies if switch ports and HBA ports are combined.
Page 91: Stop Monitoring Of A Discovered Fabric
Stop monitoring of a discovered fabric 3. Click Monitor. The monitor function fails if the fabric has user-defined Admin Domains created or if the fabric is merged with another fabric already in the monitored state. 4. Click OK. Stop monitoring of a discovered fabric NOTE Monitoring is not supported on Hosts.
Page 92: Seed Switch Requirements
Seed switch You can change the seed switch as long as the following conditions are met: • The new seed switch is HTTP-reachable from the Management application. • The new seed switch is a primary FCS. • The new seed switch is running the latest Fabric OS or M-EOS version in the fabric. This operation preserves historical and configuration data, such as performance monitoring and user-customized data for the selected fabric.
Page 93: Seed Switch Failover
Seed switch failover • 140-Port Director • 256-Port Director The following M-EOS devices are seed switch-capable; however, they do not obtain fabric member information: • 16-Port, 1 Gbps and 2 Gbps Switch • 32-Port, 1 Gbps and 2 Gbps Switch •...
Page 94: Changing The Seed Switch
Changing the seed switch • Updates to Fabric OS switches (such as, Virtual Fabrics, FCR, Admin Domain, Switch Name and so on) do not occur. • If the M-EOS switch is not seed switch capable and a switch joins the fabric, the IP address displays as ‘0.0.0.0’.
Page 95 Changing the seed switch 4. Select a switch to be the new seed switch from the Change Seed Switch dialog box. You can select only one switch. Only switches that are running the latest Fabric OS version in the fabric are displayed. The current seed switch is not displayed in this list. 5.
Page 96 Changing the seed switch DCFM Enterprise User Manual 53-1001775-01...
Page 97: Data Backup
Chapter Application Configuration In this chapter • Data backup........... 59 •...
Page 98: Management Server Backup
Management server backup Management server backup There are three options for backing up data to the management server: • Configuring backup to a writable CD • Configuring backup to a hard drive • Configuring backup to a network drive The Management Server is backed up to a rewritable (CD-RW) compact disk by default. Make sure you have a CD-RW disk in the CD recorder drive to ensure that backup can occur.
Page 99: Configuring Backup To A Writable Cd
Configuring backup to a writable CD Configuring backup to a writable CD NOTE This is not recommended on a permanent basis. CDs have a limited life, and may only last a month. An error message occurs if your Management application can no longer back up to the disc. To configure the backup function to a writable CD, complete the following steps.
Page 100: Configuring Backup To A Hard Drive
Configuring backup to a hard drive 6. Select an interval from the Backup Interval drop-down list to set how often backup occurs. Verify that the CD backup directory is correct (default directory is D:\Backup). It is assumed that drive D is a CD-RW drive. You can change the directory or use the Browse button to select another directory.
Page 101: Configuring Backup To A Network Drive
Configuring backup to a network drive Browse to the hard drive and directory to which you want to back up your data. 8. Click Apply or OK. The application verifies that the backup device exists and that the server can write to it. If the device does not exist or is not writable, an error message displays that states you have entered an invalid device.
Page 102: Enabling Backup
Enabling backup Click Browse to choose the network share and directory to which you want to back up your data, or enter the network share and directory path. NOTE You must specify the directory in a network share format (for example, \\network-name\share-name\directory).
Page 103: Viewing The Backup Status
Viewing the backup status Viewing the backup status The Management application enables you to view the backup status at a glance by providing a backup status icon on the Status Bar. The following table illustrates and describes the icons that indicate the current status of the backup function.
Page 104: Starting Immediate Backup
Starting immediate backup Starting immediate backup NOTE You must have backup privileges to use the Backup Now function. To start the backup process immediately, complete one of the following procedures: Using the Backup Icon, right-click the Backup icon and select Backup Now. 1.
Page 105: Data Restore
Data restore Data restore NOTE You cannot restore data from a previous version of the Management application. NOTE You cannot restore data from a different edition of the Management application. The Management application helps you to protect your data by backing it up automatically. The data can then be restored, as necessary.
Page 106: Restoring Data To A New Server
Restoring data to a new server Restoring data to a new server If your Management application server fails and you must recover information to a new server, restore the data (Refer to “Restoring data” on page 67 for complete instructions). Display You can configure the display for FICON and reset the display to the default settings.
Page 107: Resetting Your Display
Display Resetting your display You can reset your system to display the default display settings. Note that returning to current settings after a reset may require configuring each global fabric or group setting individually. The following table (Table 7) details the settings that change with reset and the associated default state.
Page 108: End Node Display
End node display End node display The connectivity map can be configured to display or not display end nodes. This option enables you to set the end node display for all newly discovered fabrics. Note that disabling end node display limits the connectivity map to emphasize switch members only. Displaying end nodes To display end nodes when discovering a new fabric, complete the following steps.
Page 109: Ethernet Events
Ethernet events Ethernet events An Ethernet event occurs when the Ethernet link between the Management Server and the managed device is lost. You can configure the application to enable events when the Ethernet connection is lost. Enabling Ethernet events The Options dialog box enables you to configure the Management application to generate an Ethernet event after a device is offline for a specific period of time.
Page 110: Disabling Ethernet Events
Disabling Ethernet events Disabling Ethernet events To disable Ethernet events, complete the following steps. 1. Select Server > Options. The Options dialog box displays. 2. Select Ethernet Event in the Category list. 3. Clear the Enable Ethernet Event check box. 4.
Page 111: Flyovers
Flyovers 3. Select the Purge Events check box. Events are purged at midnight (12:00 AM). For example, when the maximum number of events allowed limit is reached at 3:00 PM, the system purges the older events at midnight that day. 4.
Page 112 Flyovers 5. Select the Product tab (Figure 35) and complete the following steps to select the product properties you want to display on flyover. FIGURE 34 Options dialog box (Flyovers option, Product tab) a. Select each property you want to display in the product flyover from the Available Properties table.
Page 113 Flyovers 6. Select the Connection tab (Figure 35) and complete the following steps to select the information you want to display on flyover. FIGURE 35 Options dialog box (Flyovers option, Connection tab) a. Select the protocol from the Protocol list. The default protocol is Fibre Channel.
Page 114: Turning Flyovers On Or Off
Turning flyovers on or off FCoE • • Name Port# • • Node WWN Port Type • • FCoE Index # Click the right arrow to move the selected properties to the Selected Properties table. d. Use the Move Up and Move Down buttons to reorder the properties in the Selected Properties table.
Page 115: Setting Names To Be Non-Unique
Setting names to be non-unique FIGURE 36 Options dialog box (Names option) 2. Select Names in the Category list. 3. Select Set names to be unique to require that names be unique on your system. 4. Click OK on the Options dialog box. 5.
Page 116: Fixing Duplicate Names
Fixing duplicate names Fixing duplicate names To fix duplicated names, complete the following steps. 1. Select Configure > Names. The Configure Names dialog box displays (Figure 37). FIGURE 37 Configure Names dialog box 2. Click Fix Duplicates. The Duplicated Names dialog box displays. 3.
Page 117: Viewing Names
Viewing names Viewing names To view names associated with devices by name, complete the following steps. 1. Select Configure > Names. The Configure Names dialog box displays. 2. Select All Names from the Display list. Only devices with a name display. The table displays the Name, WWN, Operational Status, Type, and a Description of the device.
Page 118: Adding A Name To A New Device
Adding a name to a new device Adding a name to a new device To add a new device and name it, complete the following steps. 1. Select Configure > Names. The Configure Names dialog box displays. 2. Enter the WWN of the device in the Detached WWN field. 3.
Page 119: Editing Names
Editing names 5. Click OK to close the Configure Names dialog box. 6. Click OK on the confirmation message. Editing names To edit the name associated with a device, complete the following steps. 1. Select Configure > Names. The Configure Names dialog box displays. 2.
Page 120: Importing Names
Importing Names Importing Names If the name length exceeds the limitations detailed in the following table, you must edit the name (in the CSV file) before import. Names that exceed these limits will not be imported. If you migrated from a previous version, the .properties file is located in the Install_Home\migration\data folder. Device Character limit Fabric OS switch 6.2 or later...
Page 121: Searching For A Device By Wwn
Searching for a device by WWN 5. Click Search. All devices with the specified name (or partial name) are highlighted in the Display table. You may need to scroll to see all highlighted names. 6. Click OK to close the Configure Names dialog box. Searching for a device by WWN You can search for objects (switch, fabric, product, ports, or N Ports) by WWN (world wide name).
Page 122: Security
Security Security You can configure the Server Name, CHAP secret value, and login banner, and modify whether or not to allow clients to save passwords. When the login banner is enabled, each time a client connects to the server, the login banner displays with a legal notice provided by you. The client's users must acknowledge the login banner to proceed, otherwise they are logged out.
Page 123: Setting The Chap Secret
Setting the CHAP secret 5. Re-enter the password in the Retype Secret field. If the secret does not meet the application requirements or the CHAP Secret and Retype Secret entries do not match, an error message displays. Click OK to re-enter the CHAP Secret and Retype Secret values.
Page 124: Configuring The Login Banner Display
Configuring the login banner display Configuring the login banner display To configure the login banner display, complete the following steps. 1. Select Server > Options. The Options dialog box displays. 2. Select Security Misc in the Category list. 3. Select the Display login banner upon client login check box. 4.
Page 125: Software Configuration
Software Configuration Software Configuration The Management application allows you to configure the following software settings: • Client export port—A port for communication between the client and server. • Discovery—HTTP or HTTP over SSL when connecting to the switch. • FTP/SCP overview—Internal or external FTP server settings. •...
Page 126: Discovery
Discovery 3. Enter the client export port number to set a fixed port number for the client in the Client Export Port field. 4. Click Apply or OK to save your work. NOTE Changes to this option take effect after a client restart. 5.
Page 127: Ftp/Scp Overview
FTP/SCP overview 3. Choose one of the following options: • If you want to connect using HTTP, complete the following steps. a. Select the Connect using HTTP option. a. Enter the connection port number in the Port # field. Continue with step •...
Page 128 FTP/SCP overview Configuring an internal FTP server To configure the internal FTP server settings, complete the following steps. 1. Select Server > Options. The Options dialog box displays (Figure 41). FIGURE 41 Options dialog box (FTP/SCP option) 2. Select FTP/SCP in the Category list. 3.
Page 129 FTP/SCP overview Configuring an external FTP server To configure the external FTP server settings, complete the following steps. 1. Select Server > Options. The Options dialog box displays. 2. Select FTP/SCP in the Category list. 3. Select the Use External FTP Server and/or SCP Server option. 4.
Page 130 FTP/SCP overview 9. Click Test to test the FTP server. A “Server running successfully” or an error message displays. If you receive an error message, make sure your credentials are correct, the server is running, the remote directory path exists, and you have the correct access permission; then try again. 10.
Page 131: Ip Configuration
IP Configuration IP Configuration You can configure IP Configuration settings. Configuring IP Configuration settings NOTE The server binds using IPv6 address by default if your Operating System is IPv6-enabled (dual mode or IPv6 only). The server binds using IPv4 address by default if your Operating System is IPv4-enabled.
Page 132 IP Configuration 3. Choose one of the following options in the Server IP Configuration list. • Select All. Go to step • Select a specific IP address. Continue with step • Select localhost. Continue with step When Server IP Configuration is set to All, you can select any available IP address as the Return Address.
Page 133 IP Configuration FIGURE 43 Server IP Configuration screen a. Select an address from the Server IP Configuration list. b. Select an address from the Switch - Server IP Configuration Preferred Address list. If DNS is not configured for your network, do not select the “hostname” option from either the Server IP Configuration or Switch - Server IP Configuration Preferred Address list.
Page 134 IP Configuration Configuring the application to use dual network cards Issues with Client-to-Server connectivity can be due to different reasons. Some examples are: • The computer running the Server has more than one network interface card (NIC) installed. • The computer running the Server is behind a firewall that performs network address translation.
Page 135: Memory Allocation
Memory allocation Memory allocation You can configure memory allocation for the client and server to improve performance. You can trigger switch polling when a state changes or you can poll at intervals when no state change occurs. NOTE SAN size is a consideration in selection of polling periods. Configuring memory allocation settings To configure memory allocation settings, complete the following steps.
Page 136 Memory allocation 5. Enter the memory allocation (MB) for the client in the Client Memory Allocation field. If you enter an invalid value, an error message displays with the minimum value allowed. Click OK and edit the value again. Minimum values are as follows: •...
Page 137 Memory allocation Configuring asset polling Asset polling allows you set the length of time between state change polling. To maximize the efficiency of the polling feature (balance the amount of possible information with any possible performance impact), base your settings on the size of the SAN. To configure asset polling, complete the following steps.
Page 138: Server Port
Server port Server port You can configure the server port settings so that you can assign a web server port number and set the server port to be SSL-enabled. Configuring the server port To configure server settings, complete the following steps. 1.
Page 139: Support Mode
Support mode 6. Click Apply or OK to save your work. NOTE Changes to this option take effect after application restart. Click OK on the “changes take effect after application restart” message. Support mode You can configure support settings to allow enhanced diagnostics. Configuring support mode settings To configure support mode settings, complete the following steps.
Page 140: Fabric Tracking
Fabric tracking 3. Select the Log client support data - Log Level list, and select the type of log data you want to configure. Log level options include: All, Fatal, Error, Warn, Info, Debug, Trace, and Off. Default is Info. The log level options return to the default value (Info) when the client or server is restarted.
Page 141: Enabling Fabric Tracking
Fabric tracking Enabling fabric tracking 1. Enable fabric tracking by choosing one of the following options: • Select a fabric on the Product List or Connectivity Map and select Monitor > Track Fabric Changes. • Right-click a fabric on the Product List or Connectivity Map and select Track Fabric Changes.
Page 142: Accepting Changes For A Fabric
Accepting changes for a device Accepting changes for a fabric 1. Accept the changes to a fabric by choosing one of the following options: • Select a fabric on the Product List or Connectivity Map and select Monitor > Accept Changes.
Page 143: In This Chapter
Chapter Call Home In this chapter • About call home ..........106 •...
Page 144: About Call Home
About call home About call home NOTE Call Home is supported on Windows systems for all modem and E-mail call home centers and is supported on Linux and Solaris for the E-mail call home centers. Call Home notification allows you to configure the Management application Server to automatically send an e-mail or dial-in to a support center to report system problems on specified devices (switches, routers, and directors).
Page 145: System Requirements
About call home • Adds an entry to the Master Log file and screen display. • Generates a XML report (only available with EMC call centers) with the switch details which is sent with the E-mail. • Generates an HTML report for E-mail-based Call Home centers. For more information about Call Home events, refer to “Call Home Event Tables”...
Page 146: Showing A Call Home Center
Showing a call home center Showing a call home center To show a call home center, complete the following steps. 1. Select Monitor > Event Notification > Call Home. The Call Home dialog box displays (Figure 47). FIGURE 47 Call Home dialog box 2.
Page 147: Hiding A Call Home Center
Hiding a call home center Hiding a call home center NOTE Before you can hide a call home center, you must remove all assigned products. To hide a call home center, complete the following steps. 1. Select Monitor > Event Notification > Call Home. The Call Home dialog box displays.
Page 148 Editing the Brocade International or IBM call home center FIGURE 49 Configure Call Home Center dialog box (Brocade International or IBM option) 4. Make sure the call home center type you selected displays in the Call Home Centers list. 5. Select Enable to enable this call home center. 6.
Page 149: Editing The Brocade North America Call Home Center
Editing the Brocade North America call home center Editing the Brocade North America call home center Modem call home centers are only available for Brocade. To edit this call home center, complete the following steps. 1. Select Monitor > Event Notification > Call Home. The Call Home dialog box displays.
Page 150: Editing An E-Mail Call Home Center
Editing an E-mail call home center Editing an E-mail call home center E-mail call home centers are available for Brocade, IBM, and SUN. To edit one of these call home centers, complete the following steps. 1. Select Monitor > Event Notification > Call Home. The Call Home dialog box displays.
Page 151: Editing The Emc Call Home Center
Editing the EMC call home center 14. Enter a password in the SMTP Server Settings - Password field. This is a required field when the SMTP server authentication is enabled. 15. Enter the e-mail address for replies in the E-mail Notification Settings - Reply Address field. 16.
Page 152: Editing The Hp Lan Call Home Center
Editing the HP LAN call home center Enter the phone number or extension of the local server in the Local Server - Modem # field. 8. Enter the identification number of the local server in the Local Server - Cabinet Serial # field. 9.
Page 153: Enabling A Call Home Center
Enabling a call home center 8. Click Send Test to test the address. The selected call home center must be enabled to test the IP address. A faked event is generated and sent to the selected call home center. You must contact the call home center to verify that the event was received and in the correct format.
Page 154: Testing The Call Home Center Connection
Testing the call home center connection Testing the call home center connection Once you add and enable a call home center, you should verify that call home is functional. To verify call home center functionality, complete the following steps. 1. Select Monitor > Event Notification > Call Home. 2.
Page 155: Viewing Call Home Status
Viewing Call Home status Viewing Call Home status You can view call home status from the main Management application window or from the Call Home Notification dialog box. The Management application enables you to view the call home status at a glance by providing a call home status icon on the Status Bar.
Page 156: Assigning A Device To The Call Home Center
Assigning a device to the call home center Assigning a device to the call home center Discovered devices (switches, routers, and directors) are not assigned to a corresponding call home center automatically. You must manually assign each device to a call home center before you use call home.
Page 157: Removing All Devices And Filters From A Call Home Center
Removing all devices and filters from a call home center Removing all devices and filters from a call home center To remove all devices and filters from a call home center, complete the following steps. 1. Select Monitor > Event Notification > Call Home. The Call Home dialog box displays.
Page 158: Assigning An Event Filter To A Call Home Center
Assigning an event filter to a call home center Assigning an event filter to a call home center Event filters allow call home center users to log in to a Management server and assign specific event filters to the devices. This limits the number of unnecessary or ‘acknowledge’ events and improves the performance and effectiveness of the call home center.
Page 159: Overwriting An Assigned Event Filter
Overwriting an assigned event filter Overwriting an assigned event filter A device can only have one event filter at a time; therefore, when a new filter is applied to a device that already has a filter, you must confirm the new filter assignment. To overwrite an event filter, complete the following steps.
Page 160: Removing An Event Filter From A Device
Removing an event filter from a device Removing an event filter from a device To remove an event filter from a device, complete the following steps. 1. Select Monitor > Event Notification > Call Home. The Call Home dialog box displays. 2.
Page 161: About View Management
Chapter View management In this chapter • About view management ........123 •...
Page 162: Creating A Customized View
Creating a customized view Creating a customized view You may want to customize the Product List and Connectivity Map to simplify management of large SANs by limiting the topology size or Product List columns. For each customized view, you can specify the fabrics and hosts that display on the Connectivity Map as well as the columns and device groupings that display on the Product List.
Page 163: Editing A Customized View
Editing a customized view 4. Click the Hosts tab and in the Available Host table, select the fabrics you want to include in the view and use the right arrow button to move your selections to the Selected Fabrics and Hosts table.
Page 164: Deleting A Customized View
Deleting a customized view 2. Use the left arrow button to remove fabrics and hosts from the Selected Fabrics and Hosts table. 3. Click the Fabrics tab, and in the Available Fabrics table, select the fabrics you want to include in the view and use the right arrow button to move your selections to the Selected Fabrics and Hosts table.
Page 165: Copying A View
Copying a view Copying a view 1. Use one of the following methods to open the Copy View dialog box: • Select View > Manage View > Copy View > View_Name. • Select Copy View from the View All list. Does not display until you discover a fabric. The Copy View dialog box title displays the name of the view you are copying.
Page 166: Customizing The Layout Of Devices On The Topology
Customizing the layout of devices on the topology Port Label. Select to configure which port labels display. NOTE Changes apply to the selected fabric or the fabric to which the selected item belongs. Name. Displays the name as the port label. If the port has not been given a name, the port’s WWN displays.
Page 167: Customizing The Layout Of Connections On The Topology
Customizing the layout of connections on the topology • Vertical. Displays the device icons vertically. • Horizontal. Displays the device icons horizontally. • Most Connected at Center. Displays the node that has the most connections at the center of the topology. •...
Page 168: Reverting To The Default Background Color
Reverting to the default background color 2. Select the Custom option and click Change. The Choose a background color dialog box displays (Figure 60). FIGURE 60 Map Display dialog box 3. Select or specify a color and preview it in the Preview pane. •...
Page 169: Changing The Product Label
Changing the product label Changing the product label 1. Select a product in the Connectivity Map or Product List. 2. Select View > Product Label, then select one of the following options: • Name (Product). Displays the product name as the product label. •...
Page 170: Grouping On The Topology
Grouping on the topology Grouping on the topology To simplify management, devices display in groups. Groups are shown with background shading and are labeled appropriately. You can expand and collapse groups to easily view a large topology. Collapsing groups To collapse a single group on the topology, do one of the following: •...
Page 171: Saving A Custom Connection Configuration
Saving a custom connection configuration 4. Click the right arrow to move them to the Selected Zones list. 5. Click OK. Saving a custom connection configuration NOTE Active zones must be available on the fabric. To save a new custom connection configuration, complete the following steps. 1.
Page 172: Customizing The Main Window
Customizing the main window Customizing the main window You can customize the main window to display only the data you need by displaying different levels of detail on the Connectivity Map (topology) or Product List. Zooming in and out of the connectivity map You can zoom in or out of the Connectivity Map to see products and ports.
Page 173: Showing Levels Of Detail On The Connectivity Map
Showing levels of detail on the connectivity map Showing levels of detail on the connectivity map You can configure different levels of detail on the Connectivity Map, making Management easier. View Fabrics To view only fabrics, without seeing groups, products or ports: Select View >...
Page 174: Customizing Application Tables
Customizing application tables Customizing application tables You can customize any table in the Management application (for example, the Master Log or the Product List) in the following ways: • Display only specific columns • Display columns in a specific order •...
Page 175 Customizing application tables 2. Choose from the following options: • Select the check box to display a column. Select the column name and click Show. • Clear the check box to hide a column. Select the column name and click Hide. •...
Page 176 Customizing application tables Copying table information You can copy the entire table or a specific row to another application (such as, Notepad, Excel, Word, and so on). 1. Choose from one of the following options: • Right-click anywhere in the table and select Table > Copy Table. •...
Page 177: Searching For A Device In The Connectivity Map
Searching for a device in the connectivity map Expanding and collapsing tables You can expand a table to display all information or collapse it to show only the top level. To expand the entire table, right-click anywhere in the table and select Expand All or Table > Expand All.
Page 178 Searching for a device in the connectivity map DCFM Enterprise User Manual 53-1001775-01...
Page 179: About Third-Party Tools
Chapter Third-party tools In this chapter • About third-party tools ......... . 141 •...
Page 180: Starting Third-Party Tools From The Application
Starting third-party tools from the application Starting third-party tools from the application You can open third-party tools from the Tools menu or a device’s shortcut menu. Remember that you cannot open a tool that is not installed on your computer. You must install the tool on your computer and add the tool to the Tools menu or the device’s shortcut menu.
Page 181: Launching An Element Manager
Launching an Element Manager Launching an Element Manager Element Managers are used to manage Fibre Channel switches and directors. You can open a device’s Element Manager directly from the application. To launch a device’s Element Manager, complete the following steps. On the Connectivity Map, double-click the device you want to manage.
Page 182: Launching Fcr Configuration
Launching FCR configuration 1. Select a Fabric OS device. 2. Select Configure > Element Manager > Hardware. Web Tools displays. 1. Select a Fabric OS device. 2. Click the Element Manager icon on the toolbar. Web Tools displays. Launching FCR configuration Use FCR Configuration to launch the FC Routing module, which enables you to share devices between fabrics without merging the fabrics.
Page 183: Launching Hcm Agent
Launching HCM Agent Launching HCM Agent Use Brocade HCM Agent to enable and manage Brocade HBAs. You can open HCM Agent directly from the application. For more information about HCM Agent, refer to the Brocade HCM Agent Administrator’s Guide. For more information about Brocade HBAs, refer to the documentation for the specific device.
Page 184: Adding A Tool
Adding a tool Adding a tool You can specify third-party tools so they appear on the Setup Tools dialog box. From there, you can add them to the Tools menu and then open the tools directly from the Management application. To add a tool, complete the following steps.
Page 185: Entering The Server Ip Address Of A Tool
Entering the server IP address of a tool Entering the server IP address of a tool If the third-party tool is a web-based application, you must enter the IP address of the applications server as a parameter to be able to open the application. To enter the server IP address, complete the following steps.
Page 186 Adding an option to the Tools menu FIGURE 65 Setup Tools dialog box (Tools menu tab) 3. Type a label for the option as you want it to appear on the Tools menu in the Menu Text field. 4. Select the application from the Tool list, or click Define if you want to specify a new tool. To specify a new tool, refer to “Adding a tool”...
Page 187: Changing An Option On The Tools Menu
Changing an option on the Tools menu Changing an option on the Tools menu You can edit parameters for third-party tools that display on the Tools menu. To edit a option to the tools menu, complete the following steps. 1. Select Tools > Setup. The Setup Tools dialog box displays.
Page 188: Adding An Option To A Device's Shortcut Menu
Adding an option to a device’s shortcut menu Adding an option to a device’s shortcut menu You can add an option to a device’s shortcut menu. To add an option to the device’s shortcut menu, complete the following steps. 1. Select Tools > Setup. The Setup Tools dialog box displays.
Page 189: Changing An Option On A Device's Shortcut Menu
Changing an option on a device’s shortcut menu Select the tool that you want to launch from the Tool list, or click Define to add a tool. To specify a new tool, refer to “Adding a tool” on page 146. 8.
Page 190: Removing An Option From A Device's Shortcut Menu
Removing an option from a device’s shortcut menu 9. Select the tool from the Tool list that you want to launch, or click Define to add a tool. To specify a new tool, refer to “Adding a tool” on page 146. 10.
Page 191: Vmware Vcenter Plug-In
VMware vCenter plug-in VMware vCenter plug-in NOTE You must have host management privileges to access the Plug-in for VMware vCenter dialog box. The VMware vCenter plug-in is a web application hosted on the Management server. This web application sends dynamic HTML content to the vSphere or VI client and the client renders the HTML content.
Page 192: Editing A Vcenter Server
Editing a vCenter server Editing a vCenter server 1. Select Tools > Plug-in for VMware vCenter. The Plug-in for VMware vCenter dialog box displays. 2. Click Edit. The Edit vCenter Server dialog box displays. The Host field is not editable in the Edit vCenter Server dialog box.
Page 193: Server Management Console Overview
Chapter Server Management Console In this chapter • Server management console overview ......155 •...
Page 194: Launching The Smc On Linux And Solaris
Services Launching the SMC on Linux and Solaris Perform the following steps to launch the server management console on Linux and Solaris systems. 1. On the Management application server, go to the following directory: Install_Directory/bin 2. Type the following at the command line: ./smc sh smc Services...
Page 195: Refreshing The Server Status
Refreshing the server status 3. Review the following information for each available service. • Name—The name of the server; for example, FTP Server or Database Server. • Process Name—The name of the process; for example, dbsrv10.exe (Database Server). • Status—The status of the service; for example, started or stopped. •...
Page 196: Starting All Services
Starting all services Starting all services NOTE The Start button restarts running services in addition to starting stopped services which causes client-server disconnect. To start all services, complete the following steps. 1. Launch the Server Management Console. 2. Click the Services tab. 3.
Page 197: Authentication
Authentication Authentication The Authentication function enables you to configure an authentication server and establish authentication policies. Authentication is configured to the local database by default. If you configure primary authentication to a Radius server, an LDAP server, or switch authentication, you can also configure secondary authentication to the local server.
Page 198 Configuring a Radius server 1. Select the Authentication tab (Figure 68). FIGURE 68 Authentication tab 2. For Primary Authentication, select Radius Server. 3. Click Add. The Add or Edit Radius Server dialog box displays (Figure 69). FIGURE 69 Add or Edit Radius Server 4.
Page 199: Configuring An Ldap Server
Configuring an LDAP server 10. Click OK to return to the Authentication tab. 11. If you have established an active connection with the Radius server, click Test. Test attempts to contact the Radius server by issuing a ping command. 12. Click Apply to save the configuration. Configuring an LDAP server If you are using an LDAP server for authentication, make the following preparations first: •...
Page 200: Configuring Switch Authentication
Configuring switch authentication 3. Click Add. The Add or Edit LDAP Server dialog box displays (Figure 71). FIGURE 71 Add or Edit LDAP server 4. Enter the LDAP server’s IP address in the IP Address field. 5. Enter the TCP port used by the Radius server in the TCP Port field. 6.
Page 201: Configuring Windows Authentication
Configuring Windows authentication 3. Enter the switch IP address and click Add. Repeat step 3 as needed. You can add up to three switches. 4. Set up the fall back order by completing the following steps. a. Select the IP address of the switch you want to move. b.
Page 202: Configuring Nis Authentication
Configuring NIS authentication Configuring NIS authentication Network Information Services (NIS/NIS+) authentication enables you to authenticate a user account against the NIS user account and the Management application server when running on UNIX platforms. To configure NIS authentication, complete the following steps. 1.
Page 203: Displaying The Client Authentication Audit Trail
Displaying the client authentication audit trail 3. Click Test. The Test Authentication dialog box displays. 4. Enter your user ID and password and click Test. Test verifies your user ID and password for the local database and verifies user privileges on the Management application server.
Page 204 Restoring the database FIGURE 72 Restore tab 4. Click Browse to select the path (defined in the Output Directory field on the Options dialog box - Backup pane) to the database backup location. 5. Click Restore. Upon completion, a message displays the status of the restore operation. Click OK to close the message and the Server Management Console.
Page 205: Capturing Technical Support Information
Capturing technical support information Capturing technical support information The Technical Support Information tab of the SMC allows you to capture technical support information for the Management application as well as the configuration files for all switches in discovered fabrics. This information is saved in a zip file in a location that you specify. To capture technical support information, complete the following steps.
Page 206: Upgrading Hcm On The Management Server
Upgrading HCM on the Management server Upgrading HCM on the Management server The HCM Upgrade tab enables you to upgrade the Management application to include a new version of HCM. To upgrade HCM, complete the following steps. 1. Select the HCM Upgrade tab (Figure 74).
Page 207: Smi Agent Configuration
SMI Agent configuration SMI Agent configuration The SMIA Configuration Tool enables you to configure SMI Agent settings, such as security, CIMOM, and certificate management. This tool is automatically installed with the Management application as part of the Server Management Console. This SMIA Configuration Tool consists of the following tabs: •...
Page 208: Launching The Smia Configuration Tool On Linux And Solaris
SMI Agent configuration 4. Select or clear the Save password check box to choose whether you want the application to remember your password the next time you log in. 5. Click Login. The SMIA Configuration Tool dialog box displays (Figure 76).
Page 209: Launching A Remote Smia Configuration Tool
Launching a remote SMIA configuration tool Launching a remote SMIA configuration tool To launch a remote SMIA configuration tool, complete the following steps. 1. Open a web browser and enter the IP address of the Management application server in the Address bar.
Page 210: Authentication
Authentication Accessing Management application features To access Management application features such as, discovery, role-based access control, application configuration and display options, server properties, as well as the application name, build, and copyright, complete the following steps. 1. Click the Home tab, if necessary. 2.
Page 211 Authentication 1. Click the Authentication tab. FIGURE 77 Authentication tab 2. Select the Enable Client Mutual Authentication check box, as needed. If the check box is checked, CIM client mutual authentication is enabled. If the check box is clear (default), client mutual authentication is disabled. 3.
Page 212 Authentication Configuring CIMOM server authentication CIMOM server authentication is the authentication mechanism between the CIM client and the CIMOM Server. You can configure the CIMOM server to allow the CIM client to query the CIMOM server without providing credentials; however, the CIMOM server requires the Management application credentials to connect to the Management application server to retrieve the required data.
Page 213: Cimom Configuration
CIMOM configuration CIMOM configuration NOTE You must have Security Read and Write privileges to make changes on the CIMOM tab. The CIMOM tab enables you to configure the CIMOM server port, the Bind Network Address, and the CIMOM log. Configuring the SMI Agent port number To configure the SMI Agent port number, complete the following steps.
Page 214 CIMOM configuration 4. Click Apply. NOTE Changes on this tab take effect after the next CIMOM server restart. If you disabled SSL, a confirmation message displays. Click Yes to continue. 5. Click Close to close the SMIA Configuration Tool dialog box. Configuring the Bind Network Address NOTE You must have Security Read and Write privileges to make changes on the CIMOM tab.
Page 215: Certificate Management
Certificate management • Finer—select to only log message data used to provide detailed trace information. • Finest—select to only log message data used to provide highly detailed trace information. • All—select to log support data for all messages. 3. Click Apply. NOTE Changes on this tab take effect after the next CIMOM server restart.
Page 216 Certificate management 2. Select the Client or Indication from the Authentication list. The appropriate certificates display in the Certificates list. 3. Enter the full path or browse to the certificate you want to import (for example, C:\Certificates\cimom-indication-auth2.cer). You can only import certificate files with the CER extension (.cer). 4.
Page 217: Deleting A Certificate
Certificate management 5. Browse to the directory where you want to export the certificate. 6. Edit the certificate name in the File Name field, if necessary. Click Save. 8. Click Close to close the SMIA Configuration Tool dialog box. Deleting a certificate NOTE You must have Security Read and Write privileges to view or make changes to the Certificate Management tab.
Page 218: Viewing The Configuration Summary
Viewing the configuration summary Viewing the configuration summary To view summary information about the Server configuration and the current configuration, complete the following steps. 1. Click the Summary tab. FIGURE 80 Summary tab 2. Review the summary. NOTE When the CIMOM server is stopped, the server configuration information does not display on the Summary tab.
Page 219 Viewing the configuration summary Field/Component Description Bind Network Address Displays the Bind Network address for the Server Configuration and the Current Configuration. Log Level Displays the log level for the Server Configuration and the Current Configuration. Options include the following: •...
Page 220 Viewing the configuration summary DCFM Enterprise User Manual 53-1001775-01...
Page 221: Configuration Repository Management
Chapter Device Configuration In this chapter • Configuration repository management ......183 • Device properties.
Page 222: Saving Switch Configurations
Saving switch configurations Saving switch configurations NOTE Save switch configuration is only supported on Fabric OS switches. NOTE To save switch configuration on more than one switch at a time, you must have the Enhanced Group Management license. Configuration files are uploaded from the selected switches and stored in individual files. Files are named with the convention cfg_fabricName_switchName_domainID.
Page 223: Restoring A Switch Configuration For A Selected Device
Restoring a switch configuration for a selected device Restoring a switch configuration for a selected device The Restore Switch Configuration dialog box enables you to download a previously saved switch configuration to a selected device. To restore a switch configuration, complete the following steps. 1.
Page 224: Backing Up A Switch Configuration
Backing up a switch configuration Backing up a switch configuration NOTE The Enhanced Group Management (EGM) license must be activated on a switch to perform this procedure and to use the supportSave module. If a periodic backup is scheduled at the SAN level, that backup will apply to all switches from all fabrics discovered.
Page 225 Backing up a switch configuration 3. Set the Schedule parameters. These include the following: The desired Frequency for backup operations (daily, weekly, monthly). The Day you want back up to run. If Frequency is Daily, the Day list is grayed out. If Frequency is Weekly, choices are days of the week (Sunday through Saturday).
Page 226: Restoring A Configuration From The Repository
Restoring a configuration from the repository Restoring a configuration from the repository 1. Right-click a device in the Product List or the Connectivity Map, and select Configuration > Configuration Repository. The Switch Configuration Repository dialog box displays (Figure 84). FIGURE 84 Switch Configuration Repository 2.
Page 227: Viewing Configuration File Content
Viewing configuration file content Viewing configuration file content You can view switch configuration file content in a text file. 1. Right-click a device in the Product List or the Connectivity Map, and select Configuration > Configuration Repository. The Switch Configuration Repository dialog box displays. 2.
Page 228: Searching The Configuration File Content
Searching the configuration file content Searching the configuration file content To search the configuration file content, complete the following steps. 1. Right-click a device in the Product List or the Connectivity Map, and select Configuration > Configuration Repository. The Switch Configuration Repository dialog box displays. 2.
Page 229: Exporting A Configuration
Exporting a configuration Exporting a configuration 1. Right-click a device in the Product List or the Connectivity Map, and select Configuration > Configuration Repository. The Switch Configuration Repository dialog box displays. 2. Select the configuration you want to export, and click Export. The file chooser appropriate to your operating system displays.
Page 230: Replicating Security Configurations
Replicating security configurations Replicating security configurations You can replicate an AD/LDAP Server, DCC, IP, RADIUS Server, or SCC security policy. Right-click a device in the Product List or the Connectivity Map, and select Configuration > Replicate > Security. A wizard is launched to guide you through the process. Device properties You can customize the device Properties dialog boxes to display only the data you need by adding, editing, and deleting property labels.
Page 231 Device properties TABLE 10 Device properties (Continued) Field/Component Description Contributors The device contributors. Device Type Whether the device is an initiator or target. Description A description of the customer site. Destination IP Address The IP address of the of the FCIP tunnel destination device. Discovery Status The discovery status of the switch.
Page 232 Device properties TABLE 10 Device properties (Continued) Field/Component Description Member Ports The member ports of the trunk. Model The model number of the device. Name The user-defined name of the switch. Node Name The name of the node. Node WWN The world wide name of the node.
Page 233: Adding A Property Label
Adding a property label TABLE 10 Device properties (Continued) Field/Component Description VLAN Class of Service for Data The VLAN class of service for the data connection of the FCIP tunnel. Connection VLAN ID The VLAN identification number. The world wide name of the device. Adding a property label You can add a new field to any of the tabs on the Properties dialog box.
Page 234: Deleting A Property Label
Deleting a property label Deleting a property label You can delete any label that you created on any of the tabs from the Properties dialog box. To delete a label, complete the following steps. 1. Right-click any product icon and select Properties. The Properties dialog box displays.
Page 235: Firmware Management
Firmware management Firmware management A firmware file repository (Windows systems only) is maintained on the server in the following location: C:\Program Files\Install_Directory\data\ftproot\6.1.1\n.n.n\n.n.n\ The firmware repository is used by the internal FTP server that is delivered with the Management application software, and may be used by an external FTP server if it is installed on the same platform as the Management application software.
Page 236: Importing A Firmware File And Release Notes
Importing a firmware file and release notes FIGURE 87 Firmware repository 3. View information about a specific firmware file by selecting the firmware file in the Firmware Repository. The Firmware Name, Release Date, and Import Date are displayed. You may also view the Release Notes, if the release notes were imported.
Page 237: Deleting A Firmware File
Deleting a firmware file 4. Type in the location of the firmware file and release notes, or use Browse to select the location. The Management application supports .zip and .gz compression file types for firmware files. 5. Click OK. You return to the Repository tab. The file is listed in the Firmware Repository when the import is complete and successful.
Page 238 Download firmware FIGURE 89 Firmware download 3. Select one or more switches from Available Switches. 4. Click the right arrow to move the switches to Selected Switches. 5. Select a specific version from the Firmware to Download column, or use Select Latest to automatically select the latest version.
Page 239: Host Port Mapping
Host port mapping Host port mapping HBAs and Hosts discovered through a fabric can be easily identified in the topology by their product icons. For a list of products and their icons, refer to “Product icons” on page 11. Once identified in the topology, you can create Hosts and assign the HBAs to them and import an externally created Host port mapping file (.CSV) to the Management application.
Page 240: Renaming An Hba Host
Renaming an HBA Host Renaming an HBA Host To rename a Host, complete the following steps. 1. Right-click an HBA icon and select Host Port Mapping. The Host Port Mapping dialog box displays. 2. Click the Host you want to rename in the Hosts table, wait a moment, and then click it again. The Host displays in edit mode.
Page 241: Associating An Hba With A Host
Associating an HBA with a Host Associating an HBA with a Host ATTENTION Discovered information overwrites your user settings. To associate an HBA with a Host, complete the following steps. 1. Right-click an HBA icon and select Host Port Mapping. The Host Port Mapping dialog box displays.
Page 242: Removing An Hba From A Host
Removing an HBA from a Host To import Host port mapping, complete the following steps. 1. Right-click an HBA icon and select Host Port Mapping. The Host Port Mapping dialog box displays. 2. Click Import. The Import dialog box displays. 3.
Page 243: Exporting Host Port Mapping
Exporting Host port mapping Exporting Host port mapping The Host Port Mapping dialog box enables you to export a Host port. The export file uses the CSV format. The first row contains the headers (HBA/Ports WWN, Host Name) and the switch to which the port is connected.
Page 244: Ports
Ports Ports You can enable and disable ports, as well as view port details, properties, type, status, and connectivity. Viewing port connectivity The connected switch and switch port information displays for all ports. To view port connectivity, choose one of the following steps: •...
Page 245 Ports TABLE 12 Port connectivity properties (Continued) Field Description Buffer Limited Whether buffers are limited. Buffers Needed/Allocated The ratio of buffers needed relative to the number of buffers allocated. Calculated Status The operational status. There are four possible operation status values: •...
Page 246 Ports TABLE 12 Port connectivity properties (Continued) Field Description Device Type The device type; for example, target or initiator. FC4 Type The active FC4 type; for example, SCSI. FC Address The Fibre Channel address. Each FC port has both an address identifier and a world wide name (WWN).
Page 247: Refreshing The Port Connectivity View
Refreshing the port connectivity view TABLE 12 Port connectivity properties (Continued) Field Description Switch Routing Policy Whether a routing policy, for example, port-based routing policy, is enabled. Switch Secure Mode Whether switch secure mode is enabled. Switch Status The operational status. There are four possible operation status values: •...
Page 248: Filtering Port Connectivity
Filtering port connectivity Filtering port connectivity To filter results from the port connectivity view, complete the following steps. 1. Click the Filter link from the Port Connectivity View dialog box The Filter dialog box displays (Figure 92). FIGURE 92 Filter dialog box 2.
Page 249: Viewing Port Details
Viewing port details Resetting the filter Reset immediately clears all existing definitions. You cannot cancel the reset. To reset the Filter dialog box, complete the following steps. 1. Click the Filter link from the Port Connectivity View dialog box. The Filter dialog box displays. 2.
Page 250: Viewing Ports And Port Properties
Viewing ports and port properties Viewing ports and port properties To view ports on the Connectivity Map, right-click a product icon and select Show Ports. NOTE Show Ports is not applicable when the map display layout is set to Free Form (default). NOTE This feature is only available for connected products.
Page 251 Viewing ports and port properties Depending on the port type, some of the following properties (Table 13) may not be available for all products. TABLE 13 Port properties Field Description # Virtual Session Ports The number of virtual session ports associated with the GE port. Additional Port Info Additional error information relating to the selected port.
Page 252 Viewing ports and port properties TABLE 13 Port properties (Continued) Field Description MAC Address The Media Access Control address assigned to a network adapters or network interface cards (NICs). Manufacturer Plant The name of the manufacturer plant. Modify button Click to launch the Element Manager. Model The model number of the device.
Page 253: Port Types
Port types TABLE 13 Port properties (Continued) Field Description Vendor The product vendor. Virtual FCoE Port Count The number of FC ports on the device. Port types On the Connectivity Map, right-click a switch icon and select Show Ports. The port types display showing which ports are connected to which products.
Page 254: Viewing Port Connection Properties
Viewing port connection properties Viewing port connection properties You can view the information about products and ports on both sides of the connection. 1. Right-click the connection between two end devices on the Connectivity Map and select Properties. Double-click the connection between two devices on the Connectivity Map. The Connection Properties dialog box displays.
Page 255 Viewing port connection properties TABLE 15 Port connection properties (Continued) Field Description 2-IP Address The IP address of the second switch. 2-Trunk Whether there is a trunk on the second switch. 2-Speed (Gbps) The speed of the second switch. Selected Connection Properties table The connected device port information.
Page 256: Determining Inactive Iscsi Devices
Determining inactive iSCSI devices TABLE 15 Port connection properties (Continued) Field Description Protocol The network protocol, for example, Fibre Channel. RA TOV The resource allocation time out value, in milliseconds, of the connected switch. This variable works with the E D TOV variable to determine switch actions when presented with an error condition.
Page 257: Viewing Port Optics
Viewing port optics Viewing port optics To view port optics, complete the following steps. 1. Right-click the switch for which you want to view port optic information on the Connectivity Map and select Port Optics (SFP). The Port Optics (SFP) dialog box displays(Figure 95).
Page 258 Viewing port optics • Vendor PN—The part number of the SFP. • Vendor Rev—The revision number of the SFP. • Serial #—The serial number of the SFP. • Data Code—The data code. • Media Form Factor—The type of media for the transceiver; for example, single mode. •...
Page 259: Port Auto Disable
Port Auto Disable Port Auto Disable The Port Auto Disable dialog box allows you to enable and disable the port auto disable flag on individual FC_ports or on all ports on a selected device, as well as unblock currently blocked ports. NOTE The device must be running Fabric OS 6.3 or later.
Page 260: Enabling Port Auto Disable On Individual Ports
Enabling port auto disable on individual ports • Port Type—Displays the port type. • Port Number—Displays the port number. • Port WWN—Displays the port world wide name. • Port Name—Displays the port name. • User Port #—Displays the user port number. •...
Page 261: Disabling Port Auto Disable On Individual Ports
Disabling port auto disable on individual ports Disabling port auto disable on individual ports NOTE The device must be running Fabric OS 6.3 or later. 1. Select Configure > Port Auto Disable. The Port Auto Disable dialog box displays. 2. Select the fabric on which you want to disable port auto disable (PAD) from the Fabric list. 3.
Page 262: Storage Port Mapping Configuration
Storage port mapping configuration Storage port mapping configuration The Management application enables you to see multiple ports on your storage devices in a SAN. It also displays the relationship between multiple ports and represents them as attached to a storage array (device) in the Device Tree, Topology, and Fabric views.
Page 263: Adding Storage Ports To A Storage Array
Adding storage ports to a storage array Adding storage ports to a storage array To add storage ports to a storage array, complete the following steps. 1. Open the Storage Port Mapping dialog box by performing one of the following actions: Select a storage port icon in the topology view, then select Discover >...
Page 264: Editing Storage Array Properties
Editing storage array properties 2. Select the storage port you want to unassign from the Storage Array list. 3. Click the left arrow button. The selected storage port is removed from the Storage Array list and added to the Storage Ports table.
Page 265: Viewing Storage Port Properties
Viewing storage port properties 3. Click Delete. The selected storage array and all storage ports assigned to the array are removed from Storage Array list. All Storage Ports assigned to the device are moved to the Storage Ports table. 4. Click OK to save your work and close the Storage Port Mapping dialog box. Viewing storage port properties 1.
Page 266: Importing Storage Port Mapping
Importing storage port mapping Importing storage port mapping The Storage Port Mapping dialog box enables you to import externally created storage port mapping information into the application. The imported file must be in CSV format. The first row must contain the headers (wwn, name) for the file, which is ignored during the import. Example wwn,name 20:00:00:04:CF:BD:89:6E,name1...
Page 267: Exporting Storage Port Mapping
Exporting storage port mapping When import is complete a result summary displays with the following information (“Import Results” on page 229). TABLE 16 Import Results Value Definition Total Valid Input Records Number of lines identified in the CSV file without any errors (excluding the Header).
Page 268: Device Technical Support
Device Technical Support 4. Browse to the location where you want to save the export file. Depending on your operating system, the default export location are as follows: • Desktop\My documents (Windows) • \root (Linux) • \ (Solaris) 5. Enter a name for the files and click Save. 6.
Page 269: Starting Immediate Technical Support Information Collection
Starting immediate technical support information collection 10. Click OK on the Technical SupportSave dialog box. 11. Click OK on the confirmation message. Technical supportSave data is saved to the following directory: Install_Home\data\ftproot\technicalsupport\ Technical supportSave uses the following naming convention for the files: Supportinfo-Day-mm-dd-yyyy-hh-mm-ss\Switch_Type-Switch_IP_Address- Switch_WWN.
Page 270: Viewing Technical Support Information
Viewing technical support information Viewing technical support information To view technical support information, complete the following steps. 1. Select Monitor > Technical Support > View Repository. The Repository dialog box displays. 2. Choose from one of the following options: • Select the Switches tab to view technical support information on switches.
Page 271: Ftp Server
Copying technical support information to an external FTP server Copying technical support information to an external FTP server To copy the Support Save data located in the built-in FTP server to an external FTP server, complete the following steps. 1. Select Monitor > Technical Support > View Repository. The Repository dialog box displays.
Page 272: Upload Failure Data Capture
Upload Failure data capture Upload Failure data capture You can use Upload Failure Data Capture to enable, disable, and purge failure data capture files as well as configure the FTP Host for the switch. NOTE Upload Failure Data Capture is only supported on Fabric OS devices. Enabling upload failure data capture 1.
Page 273: Disabling Upload Failure Data Capture
Disabling upload failure data capture Disabling upload failure data capture NOTE Upload Failure Data Capture is only supported on Fabric OS devices. 1. Select Monitor > Technical Support > Upload Failure Data Capture. The Upload Failure Data Capture dialog box displays. 2.
Page 274: Configuring The Upload Failure Data Capture Ftp Server
Configuring the upload failure data capture FTP server Configuring the upload failure data capture FTP server NOTE Upload Failure Data Capture is only supported on Fabric OS devices. NOTE Some external FTP software (such as, Filezilla and Xlight) are not supported. 1.
Page 275: Viewing The Upload Failure Data Capture Repository
Viewing the upload failure data capture repository Viewing the upload failure data capture repository NOTE Upload Failure Data Capture is only supported on Fabric OS devices. 1. Select Monitor > Technical Support > View Repository. The Repository dialog box displays. 2.
Page 276 Viewing the upload failure data capture repository DCFM Enterprise User Manual 53-1001775-01...
Page 277: Fabric Binding Overview
Chapter Fabric Binding In this chapter • Fabric binding overview......... 239 •...
Page 278: Enabling Fabric Binding
Enabling fabric binding Enabling fabric binding Fabric Binding is enabled through the Fabric Binding dialog box. After you have enabled Fabric Binding, use the Fabric Membership List/Add Detached Switch to add switches that you want to allow into the fabric. NOTE In a pure Fabric OS environment, Fabric Binding is only supported on Fabric OS 5.2 or later.
Page 279: Disabling Fabric Binding
Disabling fabric binding Disabling fabric binding Fabric Binding cannot be disabled while High Integrity Fabric is active if the switch is offline. This disables fabric binding and High Integrity Fabric on the switch, but not the rest of the fabric. Disabled switches segment from the fabric.
Page 280: Membership List
Adding detached devices to the fabric binding membership list Adding detached devices to the fabric binding membership list To add a switch that does not have a physical connection and is not discovered to the fabric, complete the following steps. 1.
Page 281: High Integrity Fabrics
High integrity fabrics High integrity fabrics The High Integrity Fabric (HIF) mode option automatically enables features and operating parameters that are necessary in multiswitch Enterprise Fabric environments. When HIF is enabled, each switch in the fabric automatically enforces a number of security-related features including Fabric Binding, Switch Binding, Insistent Domain IDs, and Domain Register for State Change Notifications (RSCNs).
Page 282: High Integrity Fabric Requirements
Activating high integrity fabrics High integrity fabric requirements The term high integrity fabric (HIF) refers to a set of strict, consistent, fabric-wide policies. There are several specific configuration requirements for high integrity fabrics: • Insistent domain ID (IDID) must be enabled in the participating switches. •...
Page 283: Deactivating High Integrity Fabrics
Deactivating high integrity fabrics 2. Select the fabric on which you want to activate HIF from the Fabric Name list. The HIF status displays in the High Integrity Fabric field. 3. Click Activate. For Pure Fabric OS fabrics, HIF activates the Switch Connection Control (SCC) policy, sets Insistent Domain ID, and sets the Fabric Wide Consistency Policy (FWCP) for SCC in strict mode.
Page 284 Deactivating high integrity fabrics DCFM Enterprise User Manual 53-1001775-01...
Page 285: Fault Management Overview
Chapter Fault Management In this chapter • Fault management overview........247 •...
Page 286: Event Logs
Event logs Event logs The Management application provides a variety of logs through which you can monitor the SAN. You can view all events that take place in the SAN through the Master Log at the bottom of the main window. You can also view a specific log by selecting an option from the Monitor menu’s Logs submenu.
Page 287: Copying Part Of A Log Entry
Copying part of a log entry Copying part of a log entry You can copy data from logs to other applications. Use this to analyze or store the data using another tool. To copy part of a log, complete the following steps. 1.
Page 288: Exporting The Entire Log
Exporting the entire log Exporting the entire log You can export the log data to a tab delimited text file. To export a log, complete the following steps. 1. Select Monitor > Logs > Log_Type. The Log_Type Log dialog box displays the kind of log you selected. 2.
Page 289: E-Mailing A Range Of Event Details From The Master Log
Displaying event details from the Master Log 5. Enter your e-mail address in the From field. 6. Click OK. E-mailing a range of event details from the Master Log NOTE You must configure e-mail notification before you can e-mail event details from the Master Log. To configure e-mail notification, refer to “Configuring e-mail notification”...
Page 290: Copying Part Of The Master Log
Copying part of the Master Log TABLE 17 Event details (Continued) Event Field Description Virtual Fabric ID The virtual fabric identifier. Message ID The message text. Recommended Action The recommended action. Contributors The contributor to this event. Time (Host) The time this event occurred and the host on which it occurred. 4.
Page 291: Exporting The Master Log
Exporting the Master Log Exporting the Master Log You can export the Master Log to a tab delimited text file. Use this to analyze or store the data using another tool. To export the Master Log, complete the following steps. 1.
Page 292: Setting Up Advanced Event Filtering For The Master Log
Setting up advanced event filtering for the Master Log 2. Select from the following to include or exclude event types. • To include an event type in the filter, select the event from the Available Events table and click the right arrow. •...
Page 293 Setting up advanced event filtering for the Master Log b. Select the event column for the event from the Event Column list. All event columns are listed in alphabetical order. Enter all or part of the event type value in the Value Contains text box. d.
Page 294: Removing An Advanced Event Filter
Removing an advanced event filter Click the right arrow button to move the event type to the Additional Filters - Filter out these Events table. NOTE You can configure a maximum of 10 filters to be excluded. 6. Click OK. The Define Filter dialog box displays.
Page 295: Event Policies
Event policies Event policies You can create policies for events you want to monitor. A policy is the mechanism defined by you that identifies the response to specific event types. You can customize the event management policy using triggers and actions, which are explained in this section. You can create a maximum of 10 policies at a time.
Page 296: Policy Triggers
Adding an event policy Policy triggers A trigger is a logical filter that determines which conditions will initiate a set of predefined actions. You can set multiple triggers. The Management application enables you to set the following triggers: • IP Address — Initiates the defined action when the IP address of a device is encountered. •...
Page 297: Adding An Port Offline Policy
Adding an Port offline policy 9. Enter all or part of the message ID associated with SNMP traps and Syslog messages in the Message ID field. If the entry matches or is part of the message ID, the policy is triggered. 10.
Page 298: Adding A Pm Threshold Crossed Policy
Adding a PM threshold crossed policy 6. Define the trigger in the IP Address, Node WWN, and Name list. The trigger is limited to 1024 characters. Multiple values must be separated by a semi-colon. When multiple values are entered, as long as at least one value matches the IP address, Node WWN, or Name in the event and all other conditions are met, an action is triggered.
Page 299: Adding A Security Violation Policy
Adding a security violation policy 9. Select the duration type (Seconds or Minutes) from the Duration list. The maximum duration is 30 minutes. 10. Select the check box in the Actions list for each action you want to occur when this policy is triggered.
Page 300: Defining The Broadcast Message Action
Defining the broadcast message action 11. Click OK on the Add Event Policy dialog box. 12. Select the Active check box for the policy you want to activate. 13. Click OK on the Event Policies dialog box. Defining the broadcast message action You can define the content of the broadcast message that occurs when a policy is triggered.
Page 301: Defining The Launch Script Action
Defining the launch script action Defining the launch script action NOTE Launch scripts with a user interface are not supported. You can define the path to the script that is launched when a policy is triggered. When the script launches, the Management application does not verify the existence of the script. The script must have the following characteristics: •...
Page 302: Defining The Send E-Mail Action
Defining the send e-mail action Defining the send e-mail action You can define the content of the e-mail message that occurs when a policy is triggered. You can only edit actions from the Add Event Policy, Duplicate Event Policy, or Edit Event Policy dialog boxes. For step-by-step instructions on adding or editing an event policy, refer to “Adding an event policy”...
Page 303: Configuring Support Data Capture Action
Configuring support data capture action Configuring support data capture action You can configure the Management application to start supportSave capture on Fabric OS devices when a policy is triggered. You can only edit actions from the Add Event Policy, Duplicate Event Policy, or Edit Event Policy dialog boxes.
Page 304: Deleting A Policy
Deleting a policy Deleting a policy 1. Select Monitor > Event Policies. The Event Policies dialog box displays. 2. Select the policy you want to delete. Press Ctrl and then click to select more than one policy. 3. Click Delete. 4.
Page 305: Duplicating An Port Offline Policy
Duplicating an Port offline policy 10. Edit the trigger in the IP Address, Node WWN, and Name list. The trigger is limited to 1024 characters. Multiple values must be separated by a semi-colon. When multiple values are entered, as long as at least one value matches the IP address, Node WWN, or Name in the event and all other conditions are met, an action is triggered.
Page 306: Duplicating A Pm Threshold Crossed Policy
Duplicating a PM threshold crossed policy 8. Select the duration type (Seconds or Minutes) from the Duration list. The maximum duration is 30 minutes. 9. Select the check box in the Actions list for each action you want to occur when this policy is triggered.
Page 307: Duplicating A Security Violation Policy
Duplicating a security violation policy 11. Select the Active check box to activate the duplicated policy. 12. Click OK on the Event Policies dialog box. Duplicating a security violation policy To duplicate a security violation policy, complete the following steps. 1.
Page 308: Editing An Event Policy
Editing an event policy Editing an event policy To edit an event policy, complete the following steps. 1. Select Monitor > Event Policies. The Event Policies dialog box displays. 2. Select the policy you want to edit in the Policies table. 3.
Page 309: Editing An Port Offline Policy
Editing an Port offline policy Editing an Port offline policy To edit an Port offline policy, complete the following steps. 1. Select Monitor > Event Policies. The Event Policies dialog box displays. 2. Select the policy you want to edit in the Policies table. 3.
Page 310: Editing A Pm Threshold Crossed Policy
Editing a PM threshold crossed policy Editing a PM threshold crossed policy To edit a PM threshold crossed policy, complete the following steps. 1. Select Monitor > Event Policies. The Event Policies dialog box displays. 2. Select the policy you want to edit in the Policies table. 3.
Page 311: Editing A Security Violation Policy
Editing a security violation policy Editing a security violation policy To edit a security violation policy, complete the following steps. 1. Select Monitor > Event Policies. The Event Policies dialog box displays. 2. Select the policy you want to edit in the Policies table. 3.
Page 312: Event Notification
Event notification Event notification The Management application records the SAN events in the Master Log. You can configure the application to send event notifications to e-mail addresses at certain time intervals. This is a convenient way to keep track of events that occur on the SAN. You can also configure products to “call home”...
Page 313: Setting Up Advanced Event Filtering For A User
Setting up advanced event filtering for a user 8. Enter the length of time the application should wait between notifications in the Summary Interval field and list. Notifications are combined into a single e-mail and sent at each interval setting. An interval setting of zero causes notifications to be sent immediately.
Page 314 Setting up advanced event filtering for a user 5. Click the Include Events tab. FIGURE 105 Advanced Event Filtering dialog box - Include Events tab a. Select the event type you want to include from the Event Type list. All event types are listed in alphabetical order. b.
Page 315 Setting up advanced event filtering for a user Click the Exclude Events tab. FIGURE 106 Advanced Event Filtering dialog box - Include Events tab a. Select the event type you want to remove from the Event Type list. All event types are listed in alphabetical order. b.
Page 316: Snmp Trap And Informs Registration And Forwarding
SNMP trap and informs registration and forwarding SNMP trap and informs registration and forwarding You can configure the application to send SNMP traps and informs to other computers. To correctly configure trap forwarding, you must configure the target computer’s IP address and SNMP ports. To correctly configure informs, you must enable informs on the switch.
Page 317: Removing A Host Server
Removing a host server 5. Select a fabric from the Targeted Fabric list. 6. Select a severity (None, Critical, Error, Warning, Info, or Debug) from the Severity list. Click OK on the SNMP Setup dialog box. Removing a host server You can remove any host server as the trap recipient on managed Fabric OS devices.
Page 318: Adding An Snmpv3 Destination
Adding an SNMPv3 destination 4. Click Add. The Add/Edit Trap Recipient dialog box displays. a. (Optional) In the Description field, enter a description of the trap recipient. b. In the IP Address field, enter the trap recipient’s IP address. The Management application accepts IP addresses in IPv4 or IPv6 formats. Enter the trap recipient’s UDP port number, in the port field.
Page 319: Editing A Destination
Editing a destination Editing a destination To edit a destination, complete the following steps. 1. Select Monitor > SNMP Setup. The SNMP Setup dialog box displays. 2. Click the Trap Forwarding tab. 3. Select the destination you want to edit in the Destinations table and click Edit. The Add/Edit Trap Recipient dialog box displays.
Page 320: Enabling Snmp Informs
Enabling SNMP informs Enabling SNMP informs NOTE SNMP Informs is only supported on Fabric OS 6.3 or later switches discovered through SNMP v3. For information about discovery through SNMP v3, refer to “Discovering fabrics” on page 36. You can enable SNMP informs on all Informs-capable Fabric OS switches. To enable Informs, complete the following steps.
Page 321: Syslog Forwarding
Syslog forwarding Syslog forwarding NOTE Syslog messages are only available on Fabric OS devices and Brocade HBAs (managed using HCM Agent). Syslog forwarding is the process by which you can configure the Management application to send Syslog messages to other computers. Switches only send the Syslog information through port 514; therefore, if port 514 is being used by another application, you must configure the Management application to listen on a different port.
Page 322: Registering A Host Server
Registering a host server Registering a host server You can register any host server as the Syslog destination on managed Fabric OS devices. You can register different destinations for different fabrics. To register a host server, complete the following steps. 1.
Page 323: Removing A Destination
Editing a destination Editing a destination To edit a destination, complete the following steps. 1. Select Monitor > Syslog Configuration. The Syslog Registration and Forwarding dialog box displays. 2. Click the Syslog Forwarding tab. 3. Select the destination you want to edit in the Destinations table and click Edit. The Add/Edit Syslog Recipient dialog box displays.
Page 324: Disabling Syslog Forwarding
Disabling Syslog forwarding Disabling Syslog forwarding You can disable Syslog forwarding on all defined destinations. To disable Syslog forwarding, complete the following steps. 1. Select Monitor > Syslog Configuration. The Syslog Registration and Forwarding dialog box displays. 2. Click the Syslog Forwarding tab. 3.
Page 325: Performance Overview
Chapter Performance Data In this chapter • Performance overview......... . 287 •...
Page 326: Performance Measures
Performance overview Performance measures Performance measures enable you to select one or more measures to define the graph or report. The measures available to you depend on the object type from which you want to gather performance data. • Tx % Utilization — available for FC, GE, Managed HBA ports, Managed CNA ports, 10GE ports, and FCIP tunnels.
Page 327: Performance Management Requirements
Performance management requirements • Under Sized Frames — available for Managed HBA ports and Managed CNA ports. • Over Sized Frames — available for Managed HBA ports and Managed CNA ports. • Primitive Sequence Protocol Errors — available for Managed HBA ports and Managed CNA ports.
Page 328 Performance management requirements Trap recipient: 10.191.12.240 Trap port: 162 Trap recipient Severity level: 4 Community 3: private (rw) Trap recipient: 10.103.5.105 Trap port: 162 Trap recipient Severity level: 4 Community 4: public (ro) Trap recipient: 192.168.102.41 Trap port: 162 Trap recipient Severity level: 4 Community 5: common (ro) Trap recipient: 10.32.150.116 Trap port: 162...
Page 329 Performance management requirements Priv Protocol: noPriv User 3 (rw): snmpadmin3 Auth Protocol: noAuth Priv Protocol: noPriv User 4 (ro): snmpuser1 Auth Protocol: noAuth Priv Protocol: noPriv User 5 (ro): snmpuser2 Auth Protocol: noAuth Priv Protocol: noPriv User 6 (ro): admin Auth Protocol: noAuth Priv Protocol: noPriv To set the SNMP v3 credentials on the device, use the...
Page 330 Performance management requirements Trap Recipient's IP address : [0.0.0.0] Trap Recipient's IP address : [0.0.0.0] Trap Recipient's IP address : [0.0.0.0] To check SNMP credentials in the Management application, complete the following steps. 1. Select Discover > Setup. The Discover Setup dialog box displays. 2.
Page 331: Real-Time Performance Data
Real-time performance data HA-MIB (yes, y, no, n): [yes] FCIP-MIB (yes, y, no, n): [yes] ISCSI-MIB (yes, y, no, n): [yes] • To collect performance on a Virtual Fabric enabled device, use the admin> userconfig command to make sure the Fabric OS user has access to all the Virtual Fabrics. Make --show sure that the SNMPv3 user name is same as the Fabric OS user name.
Page 332: Generating A Real-Time Performance Graph
Generating a real-time performance graph Generating a real-time performance graph You can monitor a device’s performance through a performance graph that displays transmit and receive data. The graphs can be sorted by the column headers. You can create multiple real-time performance graph instances.
Page 333: Filtering Real-Time Performance Data
Filtering real-time performance data Filtering real-time performance data To filter real-time performance data from the Real Time Performance Graphs dialog box, complete the following steps. 1. Open the Real Time Performance Graphs dialog box. For step-by-step instructions, refer to “Generating a real-time performance graph” page 294.
Page 334: Exporting Real-Time Performance Data
Exporting real-time performance data 10. Select the granularity at which you want to gather performance data from the Granularity list. 11. Select the Interpolate check box to use interpolation to fill existing gaps, if necessary. 12. (Optional) Click Other Options and select the Use Same Y-axis check box to make the Y-axis range the same for object.
Page 335: Historical Performance Data
Historical performance data Historical performance data Performance should be enabled constantly to receive the necessary historical data required for a meaningful report. The following options and features are available for obtaining historical performance data: • Collect historical performance data from the entire SAN or from a selected device. NOTE Virtual Fabric logical ISL ports are not included in performance collection.
Page 336: Disabling Historical Performance Collection
Disabling historical performance collection 2. Select the fabrics for which you want to collect historical performance data in the Available table. 3. Click the right arrow to move the selected fabrics to the Selected table. 4. Select the Include newly discovered fabrics check box to automatically add all newly discovered fabrics to the Selected table.
Page 337 Generating a historical performance graph 3. Select a default from the Favorites list or filter the historical data by completing the following steps. a. Select the number of results to display from the Display list. b. Select the ports from which you want to gather performance data from the From list. If you select Custom, refer to “Filtering data by ports”...
Page 338: Saving A Historical Performance Graph Configuration
Saving a historical performance graph configuration 2. Right-click a device in the Available table and select Expand All. 3. Select the ports (press Ctrl or Shift and then click to select multiple ports) from which you want to gather performance data from the Available table and click the right arrow button. The selected ports move to the Select Ports table.
Page 339: Exporting Historical Performance Data
Exporting historical performance data 9. Enter a reference line value percentage for Tx% or Rx % Utilization. This field is only enabled when Tx% or Rx % Utilization is selected from the Measures list. 10. Move the Row Height slider to the left to make the row height smaller or to the right to make it bigger.
Page 340: End-To-End Monitoring
End-to-end monitoring 4. Click Delete. 5. Click Yes on the confirmation message. 6. Click the close button (X) to close the Historical Performance Graph dialog box. End-to-end monitoring NOTE End-to-end monitoring requires a Fabric OS device. Performance enables you to provision end-to-end monitors of selected target and initiator pairs. These monitors are persisted in the database and are enabled on one of the F_ports on the connected device (the Management application server determines the port).
Page 341: Displaying End-To-End Monitor Pairs In A Real-Time Graph
Displaying end-to-end monitor pairs in a real-time graph 2. Select the fabric for which you want to configure end-to-end monitoring from the Fabric list. 3. Select an initiator port from the Select an initiator port table. 4. Select a target port from the Select a target port table. 5.
Page 342: Refreshing End-To-End Monitor Pairs
Refreshing end-to-end monitor pairs Refreshing end-to-end monitor pairs The Management application enables you to rewrite the end-to-end monitors (deleted through CLI or an Element Manager) back to a device. To refresh all end-to-end monitor pairs, complete the following steps. 1. Select Monitor > Performance > End-to-End Monitors. The Set End-to-End Monitor dialog box displays.
Page 343: Configuring A Fabric Mode Top Talker Monitor
Configuring a fabric mode Top Talker monitor Configuring a fabric mode Top Talker monitor NOTE A fabric mode Top Talker and an end-to-end monitor cannot be configured on the same fabric. You must delete the end-to-end monitor before you configure the fabric mode Top Talker. NOTE A fabric mode Top Talker and an F_port mode Top Talker cannot be configured on the same fabric.
Page 344 Configuring a fabric mode Top Talker monitor FIGURE 115 Top Talkers dialog box 5. Select the number of Top Talkers (1 through 20) to display from the Display list. 6. Select how often you want the Top Talker to refresh (10, 20, 30, 40, or 50 seconds, or 1 minute) from the Refresh Interval list.
Page 345: Configuring An F_Port Mode Top Talker Monitor
Configuring an F_port mode Top Talker monitor Configuring an F_port mode Top Talker monitor NOTE An F_port mode Top Talker and an end-to-end monitor cannot be configured on the same F_port. You must delete the end-to-end monitor before you configure the F_port mode Top Talker. NOTE An F_port mode Top Talker and a fabric mode Top Talker cannot be configured on the same fabric.
Page 346: Deleting A Top Talker Monitor
Deleting a Top Talker monitor Deleting a Top Talker monitor To delete a Top Talker monitor, complete the following steps. 1. Select the dialog box of the Top Talker monitor you want to delete. 2. Click Close. 3. Click Yes on the ‘do you want to delete this monitor’ message. Pausing a Top Talker monitor To pause a Top Talker monitor, complete the following steps.
Page 347: Thresholds And Event Notification
Thresholds and event notification Thresholds and event notification Performance allows you to apply thresholds and event notification to real-time performance data. A performance monitor process (thread) monitors the performance data against the threshold setting for each port and issues an appropriate alert to notify you when the threshold is exceeded. For information about configuring event notification, refer to Event Notification.
Page 348 Creating a threshold policy FIGURE 117 Set Threshold Policies dialog box 2. Click Add. The New Threshold Policy dialog box displays. FIGURE 118 New Threshold Policy dialog box 3. Enter a name for the policy (100 characters maximum) in the Name field. 4.
Page 349: Editing A Threshold Policy
Editing a threshold policy (Fabric OS only) Enter a percentage for the low boundary in the Low Boundary field. When the counter value goes below the low boundary an event is raised. 8. (Fabric OS only) Enter a percentage for the buffer in the Buffer Size field. Counters may fluctuate around the upper or lower boundary of a range threshold, and as a result cause numerous events in a short period of time.
Page 350 Editing a threshold policy FIGURE 119 Edit Threshold Policy dialog box 4. Change the policy type from the Policy Type list. 5. Select a measure from the Measure list. You cannot add the same measure more than once. If you try to add another threshold with the same measure, the new values overwrite the older threshold values in the Selected Thresholds table.
Page 351: Duplicating A Threshold Policy
Duplicating a threshold policy 13. Make the threshold changes by selecting one of the following options: • To only add new thresholds, select the Keep currently set thresholds and only add new thresholds check box. • To overwrite all existing thresholds on all fabrics and devices, select the Overwrite all thresholds currently set on all switches check box.
Page 352: Deleting A Threshold Policy
Deleting a threshold policy 3. Select one or more fabrics or devices to which you want to assign the policy in the Available Threshold Policies table. If you choose to assign the policy to a fabric and a M-EOS logical switch is present in the fabric, the policy is not assigned to the M-EOS logical switch.
Page 353: Connection Utilization
Connection utilization 6. Make the threshold changes by selecting one of the following options: • To only add new thresholds, select the Keep currently set thresholds and only add new thresholds check box. • To overwrite all existing thresholds on all fabrics and devices, select the Overwrite all thresholds currently set on all switches check box.
Page 354: Enabling Connection Utilization
Enabling connection utilization Enabling connection utilization NOTE Fabrics where performance data collection is not enabled display connections as thin black lines. To display the connection utilization, complete the following steps. 1. Choose from one of the following options: • Select Monitor > Performance > View Utilization •...
Page 355: Changing Connection Utilization
Changing connection utilization Changing connection utilization You can change the utilization percentages. To change the utilization percentages, complete the following steps. 1. Click the change link in the utilization legend. FIGURE 123 Utilization Legend in edit mode 2. Enter or select the end percentage you want for the blue line. When you make a change to the end percentage of a utilization line, you also change the start percentage for the utilization line immediately above the one you changed when you click apply.
Page 356 Changing connection utilization DCFM Enterprise User Manual 53-1001775-01...
Page 357: Report Types
Chapter Reports In this chapter • Report types..........319 •...
Page 358: Generating Reports
Generating reports Generating reports To generate reports, complete the following steps. 1. Select Reports > Generate. The Generate Reports dialog box displays. 2. Select the types of reports you want to generate. • Fabric Ports • Fabric Summary 3. Select the fabrics for which you want to generate reports. 4.
Page 359: Exporting Reports
Exporting reports Icon Description Actual Size—Click to display the report at its actual size. Fit to Page—Click to resize the report to display entirely in the view. Fit to Width—Click to resize the report to fit in the view by width. Zoom In—Click to zoom in on the report.
Page 360: Printing Reports
Printing reports Printing reports You can print reports through an internet browser. 1. Select Reports > View. The View Reports dialog box displays. 2. Select the report you want to print in the left pane of the dialog box. If you do not see the report you want to view, generate it first by following the instructions in “Generating reports”...
Page 361: Generating Performance Reports
Generating performance reports Generating performance reports To generate a historical performance report for a device, complete the following steps. 1. Select the device for which you want to generate a performance report. 2. Choose one of the following options: • Select Monitor >...
Page 362: Generating Zoning Reports
Generating zoning reports Click Apply. The selected report automatically displays in the View Reports dialog box. NOTE Hyperlinks in reports are active only as long as the source data is available. To print the selected report, refer to “Printing reports” on page 322.
Page 363: About Port Fencing
Chapter Port Fencing In this chapter • About port fencing ..........325 •...
Page 364: Thresholds
Thresholds Thresholds You can create thresholds, which you can then assign to available objects in the tree. Port Fencing threshold types include the following: • C3 Discard Frames (Fabric OS only) • Invalid CRCs (Fabric OS only) • Invalid Words (Fabric OS only) •...
Page 365: Invalid Crcs Threshold
Invalid CRCs threshold • 8 Gbps 16-port Embedded Switch • 8 Gbps 24-port Embedded Switch • 24 - 8 Gbps FC Port, 8 - 10 Gbps CEE Port Switch • 384-port Backbone Chassis • 192-port Backbone Chassis • 8 Gbps Encryption Switch •...
Page 366: Protocol Error Threshold
State Change threshold Protocol error threshold Use Protocol Error thresholds to block a port when one of the following protocol errors meet the threshold: • ISL Bouncing–ISL has repeatedly become unavailable due to link down events. • ISL Segmentation (M-EOS only)–ISL has repeatedly become segmented. •...
Page 367: Adding Thresholds
Adding thresholds Adding thresholds The Management application allows you to create Invalid CRCs, Invalid words, Link, Link Reset, Protocol Error, Security, and Sync Loss thresholds. Adding a C3 Discard Frames threshold NOTE This threshold is only available for Fabric OS devices running 6.3 or later. To add an C3 Discard Frames threshold, complete the following steps.
Page 368 Adding thresholds 4. Enter a name for the threshold in the Name field. 5. Select one of the following options: • Default—Uses device defaults. Go to step • Custom—Uses your selections. Continue with step 6. Enter the number of C3 discarded frames allowed for the threshold in the Threshold errors field.
Page 369: Adding An Invalid Crcs Threshold
Adding an Invalid CRCs threshold Adding an Invalid CRCs threshold NOTE This threshold is only available for Fabric OS devices. To add an Invalid CRCs threshold, complete the following steps. 1. Select Configure > Port Fencing. The Port Fencing dialog box displays. 2.
Page 370: Adding An Invalid Words Threshold
Adding an Invalid Words threshold Adding an Invalid Words threshold NOTE This threshold is only available for Fabric OS devices. To add an Invalid Words threshold, complete the following steps. 1. Select Configure > Port Fencing. The Port Fencing dialog box displays. 2.
Page 371: Adding A Link Threshold
Adding a Link threshold Adding a Link threshold NOTE This threshold is only available for M-EOS devices. To add Link thresholds, complete the following steps. 1. Select Configure > Port Fencing. The Port Fencing dialog box displays. 2. Select Link from the Violation Type list. 3.
Page 372: Adding A Link Reset Threshold
Adding a Link Reset threshold Adding a Link Reset threshold NOTE This threshold is only available for Fabric OS devices. Use this threshold to block a port when a Link Reset violation meets the Fabric OS switch threshold. To add a Link Reset threshold, complete the following steps. 1.
Page 373: Adding A Protocol Error Threshold
Adding a Protocol Error threshold 8. Click OK to add the Link Resets threshold to the table and close the Add Link Reset Threshold dialog box. To assign this threshold to fabrics, switches, or switch ports, refer to “Assigning thresholds” page 339.
Page 374: Adding A State Change Threshold
Adding a State Change threshold Select the time period for the threshold from the errors per list. The following choices are available: • None—the port is blocked as soon as the specified number of protocol errors allowed is met. • Second—the port is blocked as soon as the specified number of protocol errors allowed is reached within a second.
Page 375 Adding a State Change threshold 2. Select State Change (Fabric OS only) from the Violation Type list. 3. Click Add. The Add State Change Threshold dialog box displays. 4. Enter a name for the threshold in the Name field. 5. Select one of the following options: •...
Page 376: Adding A Security Threshold
Adding a Security threshold Adding a Security threshold NOTE This threshold is only available for M-EOS devices. To add a Security threshold, complete the following steps. 1. Select Configure > Port Fencing. The Port Fencing dialog box displays. 2. Select Security from the Violation Type list. 3.
Page 377: Assigning Thresholds
Assigning thresholds Assigning thresholds You can assign thresholds to any active object in the Ports table. You can only assign one threshold to an object at a time. If you assign a threshold to a switch, director, or fabric object, or to the All Fabrics object, the threshold is assigned to all subordinate objects (which do not have a directly assigned threshold) in the tree.
Page 378: Avoiding Port Fencing Inheritance
Avoiding port fencing inheritance Avoiding port fencing inheritance When you directly assign a threshold to an object, the threshold is inherited by all subordinate objects in the tree (unless they already have directly assigned thresholds). You cannot remove an inherited threshold from a subordinate object. However, the Management application allows you to effectively avoid inheritance for individual subordinate objects while maintaining inheritance for other subordinate objects.
Page 379: Editing An Invalid Crcs Threshold
Editing an Invalid CRCs threshold FIGURE 133 Edit C3 Discard Frames Threshold dialog box 4. Change the name for the threshold in the Name field, if necessary. 5. Select one of the following options: • Default—Uses device defaults. Go to step •...
Page 380: Editing An Invalid Words Threshold
Editing an Invalid Words threshold 4. Change the name for the threshold in the Name field, if necessary. 5. Select one of the following options: • Default—Uses device defaults. Go to step • Custom—Uses your selections. Continue with step 6. Change the number of port events allowed for the threshold in the Threshold field, if necessary.
Page 381: Editing A Link Threshold
Editing a Link threshold 8. Click OK on the Edit Invalid Words Threshold dialog box. If the threshold has already been assigned to ports, an “Are you sure you want to make the requested changes to this threshold on “X” ports?” message displays. Click OK to close. To assign this threshold to fabrics, switches, or switch ports, refer to “Assigning thresholds”...
Page 382: Editing A Link Reset Threshold
Editing a Link Reset threshold Editing a Link Reset threshold NOTE This threshold is only available for Fabric OS devices. To edit a Link Reset threshold, complete the following steps. 1. Select Configure > Port Fencing. The Port Fencing dialog box displays. 2.
Page 383: Editing A Protocol Error Threshold
Editing a Protocol Error threshold Editing a Protocol Error threshold To edit a Protocol Error threshold, complete the following steps. 1. Select Configure > Port Fencing. The Port Fencing dialog box displays. 2. Select Protocol Error from the Violation Type list. 3.
Page 384: Editing A State Change Threshold
Editing a State Change threshold Editing a State Change threshold NOTE This threshold is only available for Fabric OS devices running 6.3 or later. To edit an State Change threshold, complete the following steps. 1. Select Configure > Port Fencing. The Port Fencing dialog box displays (Figure 124).
Page 385: Editing A Security Threshold
Editing a Security threshold 6. Edit the number of state changes allowed for the threshold in the Threshold errors field, if necessary. Change the time period for the threshold from the errors per list, if necessary. The following choices are available: •...
Page 386: Finding Assigned Thresholds
Finding assigned thresholds 5. Change the number of port events allowed for the threshold from the Threshold errors list, if necessary. 6. Change the time period for the threshold from the violations per list, if necessary. Click OK on the Edit Security Threshold dialog box. If the threshold has already been assigned to ports, an “Are you sure you want to make the requested changes to this threshold on “X”...
Page 387: Viewing All Thresholds On A Specific Device
Viewing all thresholds on a specific device Viewing all thresholds on a specific device To view all thresholds assigned to a specific switch, complete the following steps. 1. Select Configure > Port Fencing. The Port Fencing dialog box displays. 2. Right-click anywhere in the Ports table and select Expand. 3.
Page 388: Removing Thresholds From The Thresholds Table
Removing thresholds from the thresholds table A directly assigned icon ( ) displays next to each object with an assigned threshold which does not inherit a threshold from higher in the tree. NOTE If you remove a threshold from All Fabrics, it removes the threshold from individual Fabrics, switches, and switch ports in all Fabrics except for a Chassis group.
Page 389: Users
Chapter Role-Based Access Control In this chapter • Users ............351 •...
Page 390: Adding A User Account
Adding a user account Adding a user account NOTE You must have the User Management privilege to perform this task. To add a user, complete the following steps. 1. Select Server > Users. The Server Users dialog box displays. 2. Click Add. The New User dialog box displays (Figure 143).
Page 391: Editing A User Account
Editing a user account Editing a user account NOTE You must have the User Management privilege to perform this task. To edit a user, complete the following steps. 1. Select Server > Users. The Server Users dialog box displays. 2. Select the user whose information you want to edit in the Users table. 3.
Page 392: Removing A User Account
Removing a user account FIGURE 144 Define Filter dialog box 4. Move events between the tables by selecting the event and clicking the appropriate arrow. 5. Set up advanced event filtering by clicking Advanced Filtering. For more information about advanced event filtering, refer to “Setting up advanced event filtering for a user”...
Page 393: Roles
Roles 4. Click OK on the confirmation message. The selected user is removed from the Server Users dialog box. 5. Click OK to close the Server Users dialog box. Roles The Management application enables you to set privileges for individual users, which enhances the security of your SAN.
Page 394: Editing A User Role
Editing a user role 3. Enter a name for the role in the Name field. 4. (Optional) Enter a description for the role in the Description field. 5. Add Read and Write access by completing the following steps. a. In the Available Privileges list, select features to which you want to allow read and write access.
Page 395: Removing A User Role
Removing a user role 5. Remove Read and Write access by completing the following steps. a. In the Read & Write Privileges list, on the left, select features to which you want to remove read and write access. Press CTRL and click to select multiple features. b.
Page 396: Resource Groups
Resource groups 5. Click OK on the “role removed” message. 6. Click OK to close the Server Users dialog box. Resource groups The Management application enables you to create resource groups and assign users to the selected role within that group. This enables you to configure user access by both role and fabric when you assign users to a role within the resource group.
Page 397: Editing A Resource Group
Editing a resource group 5. Click the Hosts tab and complete the following steps to add hosts to the resource group. FIGURE 147 Add/Edit Resource Group dialog box - Hosts tab a. Select the hosts you want to include in this group in the Available Hosts table. b.
Page 398: Removing A Resource Group
Removing a resource group 5. Remove fabrics from the resource group by completing the following steps. a. Click the Fabrics tab. a. In the Selected Fabrics and Hosts table, select the fabrics you want to remove from this group. b. Click the left arrow button. The selected fabrics are moved to the Available Fabrics table.
Page 399: Assigning A User To A Resource Group
Assigning a user to a resource group 4. Click Yes on the message. A message box displays indicating the group was removed successfully. 5. Click OK on the message. The Server Users dialog box displays and the resource group no longer displays in the Resource Groups list.
Page 400: Removing A User From A Resource Group
Removing a user from a resource group Removing a user from a resource group NOTE You must have the User Management privilege to perform this task. NOTE You cannot remove the default resource group 'All Fabrics'. You can remove users from a resource group to take away permissions for features and topology views.
Page 401: About Host Management
Chapter Host management In this chapter • About host management........363 •...
Page 402: Hcm Software
HCM software HCM software The Host Connectivity Manager (HCM) is a management software application for configuring, monitoring, and troubleshooting Brocade host bus adapters (HBAs), converged network adapters (CNAs), and FC mezzanine cards in a storage area network (SAN) environment. HCM features Common HBA and CNA management software features include the following: •...
Page 403: Host Bus Adapters
HCM features Host bus adapters Brocade offers five models of Fibre Channel Host Bus Adapters (HBAs). These models provide reliable, high-performance host connectivity for mission-critical SAN environments. The Brocade HBAs are listed in Table TABLE 18 Brocade Fibre Channel HBA models Model Number Description Number of Ports...
Page 404: Converged Network Adapters
Converged network adapters Converged network adapters Table 19 describes available Brocade Converged Network Adapters (CNAs) for PCIe x 8 host bus interfaces, hereafter referred to as Brocade CNAs. These adapters provide reliable, high-performance host connectivity for mission-critical SAN environments. TABLE 19 Brocade Fibre Channel CNA Models Model Number Port Speed...
Page 405: Host Discovery
Host discovery Host discovery The Management application enables you to discover individual hosts, import a group of hosts from a CSV file, or import host names from discovered fabrics. The maximum number of host discovery requests that can be accepted is 1000. Host discovery requires HCM Agent 2.0 or later. SMI and WMI discovery are not supported.
Page 406: View Management
View management View management You can customize the topology by creating views at the managed host level in addition to the fabric level views. If you discover or import a Fabric with more than approximately 2000 devices, the devices display on the Product List, but not on the Connectivity Map. Instead, the topology area shows a message stating that the topology cannot be displayed.
Page 407: Role-Based Access Control
Role-based access control Role-based access control The Management application enables you to create resource groups and assign users to the selected role within that group. This enables you to assign users to a role within the resource group. The Management application provides one pre-configured resource group (All Fabrics). When you create a resource group, all available roles are automatically assigned to the resource group.
Page 408: Host Performance Management
Host performance management Host performance management Real-time performance enables you to collect data from managed HBA and CNA ports. You can use real-time performance to configure the following options: • Select the polling rate from 20 seconds up to 1 minute. •...
Page 409: Host Fault Management
Host fault management TABLE 20 Counters (Continued) FC port measures HBA port measures CNA port measures Received length error frames Received code error frames Instructions for generating real-time performance data are detailed in “Generating a real-time performance graph” on page 294. Host fault management Fault management enables you to monitor your SAN using the following methods: •...
Page 410: Filtering Event Notifications
Filtering event notifications Filtering event notifications The application provides notification of many different types of SAN events. If a user wants to receive notification of certain events, you can filter the events specifically for that user. NOTE The e-mail filter in the Management application is overridden by the firmware e-mail filter. When the firmware determines that certain events do not receive e-mail notification, an e-mail is not sent for those events even when the event type is added to the Selected Events table in the Define Filter dialog box.
Page 411: Host Security Authentication
Host security authentication Host security authentication Fibre Channel Security Protocol (FC-SP) is a mechanism used to secure communication between two switches or between a switch and a device such as an HBA port. You can use either the Management application or the HCM GUI to display the authentication settings and status.
Page 412: Supportsave On Adapters
supportSave on adapters 3. Configure the following parameters on the FCSP Authentication dialog box: a. Select the Enable Authentication check box to enable or disable the authentication policy. If authentication is enabled, the port attempts to negotiate with the switch. If the switch does not participate in the authentication process, the port skips the authentication process.
Page 413: In This Chapter
Chapter Fibre Channel over IP In this chapter • FCIP services licensing ......... 376 •...
Page 414: Fcip Services Licensing
FCIP services licensing FCIP services licensing Most of the FCIP extension services described in this chapter require the High Performance . FICON emulation features require additional licenses. Use the Extension over FCIP/FC license licenseShow command to verify the needed licenses are present on the hardware used on both ends the FCIP tunnel.
Page 415: Fcip Platforms And Supported Features
FCIP platforms and supported features FCIP platforms and supported features There are five Fabric OS platforms that support FCIP: • The 8 Gbps 16-FC ports, 6-Gbps ports extension switch. • The 8 Gbps 12-FC port, 10 GbE ports, 2-10 GbE ports blade (384-port Backbone Chassis, 192-port Backbone Chassis).
Page 416 FCIP platforms and supported features The way FCIP tunnels and virtual ports map to the physical GbE ports depends on the switch or blade model. The 8 Gbps 16-FC ports, 6-Gbps ports extension switch and 8 Gbps 12-FC port, 10 GbE ports, 2-10 GbE ports blade tunnels are not tied to a specific GbE port, and may be assigned to any virtual port within the allowed range.
Page 417: Fcip Trunking
FCIP trunking FCIP trunking FCIP Trunking is a method for managing the use of WAN bandwidth and providing redundant paths over the WAN to protect against transmission loss. This feature is available only on the 8 Gbps extension switches and 8 Gbps extension blades. Trunking is enabled by creating logical circuits within an FCIP tunnel.
Page 418: Fcip Trunk Configuration Considerations
FCIP Trunk configuration considerations FCIP Trunk configuration considerations There are several points to consider when configuring an FCIP trunk: • Each FCIP circuit is assigned a pair of IP addresses, one source IP address, and one destination IP address. • The source IP address is used to determine which GbE interface to use.
Page 419: Bandwidth Calculation During Failover
Bandwidth calculation during failover Figure 151, circuit 1 is assigned a metric of 0, and circuit 2 is assigned a metric of 1. In this case, circuit 2 is a standby that is not used unless there are no lowest metric circuits available. If all lowest metric circuits fail, then the pending send traffic is retransmitted over any available circuits with the higher metric, Circuit 1 - Metric 0 - Active...
Page 420: Adaptive Rate Limiting
Adaptive Rate Limiting Adaptive Rate Limiting Adaptive Rate Limiting (ARL) is performed on FCIP tunnel connections to change the rate in which the FCIP tunnel transmits data through the TCP connections. This feature is available only on the 8 Gbps extension switches and 8 Gbps extension blades. ARL uses information from the TCP connections to determine and adjust the rate limit for the FCIP tunnel dynamically.
Page 421: Qos Sid/Did Priorities Over An Fcip Trunk
QoS SID/DID priorities over an FCIP trunk QoS SID/DID priorities over an FCIP trunk QoS SID/DID traffic prioritization is a capability of Brocade Fabric OS Adaptive Networking licensed feature. This feature allows you to prioritize FC traffic flows between hosts and targets. Four internal TCP connections provide internal circuits for managing QoS SID/DID priorities over an FCIP tunnel, as illustrated in Figure...
Page 422: Ipsec And Ike Implementation Over Fcip
IPsec and IKE implementation over FCIP IPsec and IKE implementation over FCIP Internet Protocol security (IPsec) uses cryptographic security to ensure private, secure communications over Internet Protocol networks. IPsec supports network-level data integrity, data confidentiality, data origin authentication, and replay protection. It helps secure your SAN against network-based attacks from untrusted computers, attacks that can result in the denial-of-service of applications, services, or the network, data corruption, and data and user credential theft.
Page 423: Ipsec For The 8 Gbps Platforms
IPSec for the 8 Gbps platforms The following limitations apply to using IPsec: • IPsec is not supported on 10GbE ports. • IPsec-specific statistics are not supported. • To change the configuration of a secure tunnel, you must delete the tunnel and recreate it. •...
Page 424: Qos, Dscp, And Vlans
QOS, DSCP, and VLANs QOS, DSCP, and VLANs Quality of Service (QoS) refers to policies for handling differences in data traffic. These policies are based on data characteristics and delivery requirements. For example, ordinary data traffic is tolerant of delays and dropped packets, but voice and video data are not. QoS policies provide a framework for accommodating these differences in data as it passes through a network.
Page 425: When Both Dscp And L2Cos Are Used
When both DSCP and L2CoS are used When both DSCP and L2CoS are used If an FCIP tunnel or circuit is VLAN tagged, both DSCP and L2CoS are relevant, unless the VLAN is end-to-end, with no intermediate hops in the IP network. The following table shows the default mapping of DSCP priorities to L2Cos priorities.
Page 426: Open Systems Tape Pipelining
Open systems tape pipelining Open systems tape pipelining Open Systems Tape Pipelining (OSTP) can be used to enhance open systems SCSI tape write I/O performance. To implement OSTP over FCIP, you must enable the following two features: • FCIP Fastwrite and Tape Acceleration. •...
Page 427: Ficon Emulation Features
FICON emulation features FICON emulation features FICON emulation supports FICON traffic over IP WANs using FCIP as the underlying protocol. FICON emulation features support performance enhancements for specific applications. If you are using FCIP for distance extension in a FICON environment, evaluate the need for these features before you run the FCIP configuration wizard.
Page 428: Fcip Configuration Guidelines
FCIP configuration guidelines FCIP configuration guidelines FCIP configuration always involves two or more extension switches. The following should take place first before you configure a working FCIP connection from the Management application: • The WAN link should be provisioned and tested for integrity. •...
Page 429: Configuring An Fcip Tunnel
Configuring an FCIP tunnel Configuring an FCIP tunnel When you configure an FCIP extension connection, you create FCIP tunnels and FCIP circuits, between two extension switches. 1. Select Configure > FCIP Tunnels. The FCIP Tunnels dialog box is displayed (Figure 153).
Page 430 Configuring an FCIP tunnel 3. Click the Add Tunnel button, or right-click on the switch and select Add Tunnel. The Add FCIP Tunnel dialog is displayed (Figure 154). The name of the switch you selected is displayed in the Switch field under Switch One Settings. This dialog allows you to configure settings for both switches on either end of the tunnel.
Page 431: Adding An Fcip Circuit
Adding an FCIP circuit Adding an FCIP circuit When adding a new FCIP tunnel, you can add an FCIP circuit by selecting the Add Circuit button on the Add FCIP Tunnel dialog box. Additional FCIP circuits can be added to existing FCIP tunnels by clicking Add Circuit from the Circuit tab, or by right-clicking on an existing tunnel and selecting Add Circuit.
Page 432: Use Tcp/Ip Dscp Or L2Cos To Prioritize Fc Traffic
Adding an FCIP circuit 4. For IPv4 addresses, specify the Subnet Mask. For IPv6 addresses, specify the prefix length. The default is created from the IP address and Subnet Mask. If you want to create a route through a gateway router, click Create Non-Default Route, and select a Gateway address. 5.
Page 433 Adding an FCIP circuit FIGURE 156 FCIP Circuit Advanced Settings Select the Selective Ack Off check box to disable or enable selective acknowledgement. Selective acknowledgement allows a receiver to acknowledge multiple lost packets with a single ACK response. This results in better performance and faster recovery time. Normally, selective acknowledgement should not be disabled.
Page 434: Configuring Fcip Tunnel Advanced Settings
Configuring FCIP tunnel advanced settings Configuring FCIP tunnel advanced settings Compression, FCIP fast write and tape pipelining, IPSec and IKE policies, and FICON emulation features are configured as advanced settings. 1. Click Advanced Settings on the Add FCIP Tunnel dialog box. The Advanced Settings dialog box is displayed.
Page 435: Enabling Open Systems Tape Pipelining (Ostp)
Enabling Open Systems Tape Pipelining (OSTP) 2. Select the desired compression mode. A Hardware compression option is available on all platforms. The 8 Gbps 16-FC ports, 6-Gbps ports extension switch and the 8 Gbps 12-FC port, 10 GbE ports, 2-10 GbE ports Extension blade provide two additional, more aggressive options for compression.
Page 436: Configuring Ipsec And Ike Policies
Configuring IPSec and IKE policies Configuring IPSec and IKE policies IPSec and IKE policies are configured from the Security tab. The screens and procedures are platform-dependent. Figure 158 shows the screen for the 4 Gbps Router, Extension Switch. Figure 158 shows the screen for the 8 Gbps 16-FC ports, 6-Gbit ports Extension Switch and 8 Gbps 12-FC port, 10 GbE ports, 2-10 GbE ports Extension blade.
Page 437: Configuring Ficon Emulation
Configuring FICON emulation FIGURE 159 Advanced Settings Security Tab for the 8 Gbps extension switch and blade NOTE IPSec settings cannot be edited. If you want to change settings, you will need to delete the tunnel and then create a new tunnel with the new settings. Configuring FICON emulation FICON emulation and acceleration features and operating parameters are configured from the FICON Emulation tab...
Page 438 Configuring FICON emulation 1. Select the check boxes for the FICON emulation features you want to implement. NOTE The primary FICON emulation features are XRC emulation, tape write pipelining, and tape read pipelining. TIN/TUR emulation and device level ACK emulation provide support for the three primary features.
Page 439: Viewing Fcip Connection Properties
Viewing FCIP connection properties Viewing FCIP connection properties The FCIP connection properties show properties of the blades or switches on both sides of a connection. To view FCIP connection properties, right-click the connection between two extension blades or switches (Figure 161).
Page 440: Viewing General Fcip Properties
Viewing General FCIP properties Viewing General FCIP properties Take the following steps to view general FCIP properties. 1. Select an extension blade or switch from the Fabric Tree structure, or right-click an extension blade or switch on the Connectivity Map, and select Properties. 2.
Page 441: Viewing Fcip Fc Port Properties
Viewing FCIP FC port properties Viewing FCIP FC port properties Take the following steps to view FCIP FC port properties. 1. Select an extension blade or switch from the Fabric Tree structure, or right-click an extension blade or switch on the Connectivity Map, and select Properties. 2.
Page 442: Viewing Fcip Ethernet Port Properties
Viewing FCIP Ethernet port properties Viewing FCIP Ethernet port properties Take the following steps to view Ethernet port properties. 1. Select an extension blade or switch from the Fabric Tree structure, or right-click an extension blade or switch on the Connectivity Map, and select Properties. 2.
Page 443: Editing Fcip Tunnels
Editing FCIP tunnels Editing FCIP tunnels NOTE You cannot edit an active tunnel; disable the tunnel before making changes. 1. From the FCIP Tunnels dialog box, select the tunnel you want to edit. 2. Select Edit Tunnel. The Edit FCIP Tunnel dialog box displays (Figure 165).
Page 444: Editing Fcip Circuits
Editing FCIP circuits Editing FCIP circuits FCIP circuit settings may be edited from the Edit FCIP Circuit dialog box. The procedure for launching this dialog box for the 4 Gbps Router, Extension Switch and Blade is different than the procedure for the 8 Gbps 16-FC ports, 6-Gbit ports Extension Switch and the 8 Gbps 12-FC port, 10 GbE ports, 2-10 GbE ports Extension blade.
Page 445: Disabling Fcip Tunnels
Disabling FCIP tunnels FIGURE 166 Edit FCIP Circuits dialog box 5. Fields and parameters are as described in “Adding an FCIP circuit”. You can edit all editable fields and parameters. Disabling FCIP tunnels 1. From the FCIP Tunnels dialog box, select the tunnel you want to disable. 2.
Page 446: Deleting Fcip Tunnels
Deleting FCIP tunnels Deleting FCIP tunnels 1. From the FCIP Tunnels dialog box, right-click the tunnel you want to delete. 2. Select the Delete Tunnel button. A confirmation dialog box displays, warning you of the consequences of deleting a tunnel. 3.
Page 447: Displaying Fcip Performance Graphs
Displaying FCIP performance graphs Displaying FCIP performance graphs You can display performance graphs by clicking the Performance button on the FCIP Tunnels dialog box. You can also display performance graphs from Properties, as described in the following sections. Displaying performance graphs for FC ports 1.
Page 448: Displaying Tunnel Properties From The Fcip Tunnels Dialog Box
Displaying tunnel properties from the FCIP tunnels dialog box Displaying tunnel properties from the FCIP tunnels dialog box Tunnel properties can be displayed from the FCIP Tunnels dialog box. 1. Select a tunnel from the FCIP tunnels dialog box. 2. Select the Tunnel tab. Tunnel properties are displayed (Figure 167).
Page 449: Displaying Fcip Circuit Properties From The Fcip Tunnels Dialog Box
Displaying FCIP circuit properties from the FCIP tunnels dialog box Displaying FCIP circuit properties from the FCIP tunnels dialog box Tunnel properties can be displayed from the FCIP Tunnels dialog box using the following procedure. 1. Select a tunnel from the FCIP tunnels dialog box. 2.
Page 450: Displaying Switch Properties From The Fcip Tunnels Dialog Box
Displaying switch properties from the FCIP Tunnels dialog box Displaying switch properties from the FCIP Tunnels dialog box Switch properties are displayed on the FCIP Tunnels dialog box when you select a switch (Figure 169). FIGURE 169 Switch properties on the FCIP Tunnels dialog box DCFM Enterprise User Manual 53-1001775-01...
Page 451: Displaying Fabric Properties From The Fcip Tunnels Dialog Box
Displaying fabric properties from the FCIP Tunnels dialog box Displaying fabric properties from the FCIP Tunnels dialog box Fabric properties are displayed on the FCIP Tunnels dialog box when you select a fabric. (Figure 170). FIGURE 170 Fabric properties on the FCIP Tunnels dialog box DCFM Enterprise User Manual 53-1001775-01...
Page 452: Troubleshooting Fcip Ethernet Connections
Troubleshooting FCIP Ethernet connections Troubleshooting FCIP Ethernet connections 1. Select an extension blade or switch from the Fabric Tree structure, or right-click an extension blade or switch on the Connectivity Map, and select Properties. 2. Select the GigE Ports tab. 3.
Page 453: Fcoe Overview
Chapter Fibre Channel over Ethernet In this chapter • FCoE overview ..........415 •...
Page 454: Enhanced Ethernet Features
Enhanced Ethernet features Enhanced Ethernet features Converged Enhanced Ethernet (CEE) is a set of IEEE 802 standard Ethernet enhancements that enable Fibre Channel convergence with Ethernet. The two basic requirements in a lossless Ethernet environment are Enhanced Transmission Selection (ETS) and priority-based flow control. These capabilities allow the Fibre Channel frames to run directly over 10 Gbps Ethernet segments without adversely affecting performance.
Page 455: Fcoe Protocols Supported
FCoE protocols supported FCoE protocols supported The Brocade FCoE converged network adapter supports two layers of protocols: Ethernet link layer and FCoE layer. They are listed in the following sections. Ethernet link layer protocols supported The following protocols support the Ethernet link layer. •...
Page 456: Fcoe Licensing
FCoE Licensing FCoE Licensing The FCoE license enables Fibre Channel over Ethernet (FCoE) functionality on the Brocade 8000. Without the FCoE license, the Brocade 8000 is a pure L2 Ethernet switch and will not allow FCoE bridging capabilities. With the FCoE license, the FCoE Configuration dialog displays virtual FCoE port information and enables you to manage the virtual port information.
Page 457: Cee Configuration
CEE configuration 2. Highlight a discovered CEE switch from the Available Switches table, and click the right arrow button to move the switch to the Selected Switches Table. 3. Highlight the selected switch and click OK to start the configuration. The running configuration is saved to the selected switch, effective on the next system startup.
Page 458: Opening The Cee Configuration Dialog Box
Opening the CEE Configuration dialog box Opening the CEE Configuration dialog box 1. Launch the CEE Configuration dialog box using one of the following methods: • Select Configure > Switch > CEE from the menu bar. • Right-click the CEE switch from the device tree, and select Configure > CEE. •...
Page 459: Cee Configuration Tasks
CEE configuration tasks CEE configuration tasks The CEE Configuration dialog box enables you to perform the following tasks: • Edit CEE ports for a selected switch. You can also add a link aggregation group (LAG) if a single switch is selected. •...
Page 460: Minimum Cee Configuration For Fcoe Traffic
Minimum CEE configuration for FCoE traffic Minimum CEE configuration for FCoE traffic You must complete the following procedures to create the basic configuration of CEE for FCoE traffic. NOTE The first two procedures in this section can be completed as a single procedure. They were broken into two separate procedures for clarity.
Page 461 Minimum CEE configuration for FCoE traffic Configuring LLDP for FCoE To configure LLDP for FCoE, complete the following steps. 1. Select Configure > Switch > CEE. The CEE Configuration dialog box displays. 2. Select the switch to edit in the CEE Ports and LAGs table and click Edit. The CEE Edit Switch dialog box displays.
Page 462 Minimum CEE configuration for FCoE traffic Configuring the CEE interface with the CEE Map and Global LLDP profile To configure the CEE interface, complete the following steps. 1. Select Configure > Switch > CEE. The CEE Configuration dialog box displays. 2.
Page 463 Minimum CEE configuration for FCoE traffic 9. Select the FCoE check box. 10. Select the CEE interface to carry the FCoE traffic from the Selection List and click Add to add it to the Selected List. 11. Click OK on the VLAN Configuration dialog box to save your changes. 12.
Page 464: Switch Policies
Switch policies Switch policies You can configure and enable a number of CEE policies on a switch, port, or link aggregation group (LAG). The following switch policy configurations apply to all ports in a LAG: • CEE map and Traffic Class map •...
Page 465: Spanning Tree Protocol Policy
Spanning Tree Protocol policy Spanning Tree Protocol policy The Spanning Tree Protocol (STP) is a Layer 2 protocol that ensures a loop-free topology for any bridged LAN (Layer-2 bridges are typically Ethernet switches). Spanning tree allows a network design to include spare (redundant) links to provide automatic backup paths if an active link fails, without the danger of bridge loops or the need to manually enable or disable these backup links.
Page 466 Link aggregation groups 3. Click Add LAG. The Add LAG dialog box displays. FIGURE 175 Add LAG dialog box 4. Configure the following LAG parameters: NOTE Ports with 802.1x authentication or ports that are L2 or L3 mode-enabled are not supported in a LAG.
Page 467 Link aggregation groups 5. Select at least one available CEE port from the Available Members table and click the right arrow button to move them to the LAG Members table. The CEE ports are now part of the link aggregation group. 6.
Page 468: Editing A Cee Switch
Editing a CEE switch Editing a CEE switch 1. Select Configure > Switch > CEE from the menu bar. The CEE Configuration dialog box displays, showing the status of all CEE-related hardware and functions. 2. Select the CEE switch from the Products/Ports table. 3.
Page 469: Editing A Cee Port
Editing a CEE port Editing a CEE port 1. Select Configure > Switch > CEE from the menu bar. The CEE Configuration dialog box displays, showing the status of all CEE-related hardware and functions. 2. Select a CEE port from the Products/Ports table. 3.
Page 470: Editing A Lag
Editing a LAG 5. When you have finished configuring the policies, apply the settings to the CEE port. NOTE Clicking Cancel when there are pending changes launches a pop-up dialog. 6. Click OK when you have finished modifying the CEE port parameters. The CEE Confirmation and Status dialog box displays.
Page 471 Editing a LAG 5. Configure the following LAG parameters: NOTE Ports with 802.1x authentication or ports that are L2/L3 mode enabled are not supported in a LAG. • Status - Enabled or Disabled. You must enable the LAG to use the CEE functionality. •...
Page 472: Enabling A Cee Port Or Lag
Enabling a CEE port or LAG Enabling a CEE port or LAG If you select multiple switches or multiple ports and LAGs from two or more switches, both the Enable button and the Disable button are disabled. 1. Select Configure > Switch > CEE from the menu bar. The CEE Configuration dialog box displays, showing the status of all CEE-related hardware and functions.
Page 473: Cee Performance
CEE Performance CEE Performance Performance monitoring provides details about the quantity of traffic and errors a specific port or device generates on the fabric over a specific time frame. You can also use performance to indicate the devices that create the most traffic and to identify the ports that are most congested. Real Time Performance Graph You can monitor a device’s performance through a performance graph that displays transmit and receive data.
Page 474: Historical Performance Graph
Historical Performance Graph Historical Performance Graph The Historical Performance Graph dialog box enables you to customize how you want the historical performance information to display. Generating a historical performance graph 1. Select a CEE port from the CEE Configuration dialog box, and select Historical Graph from the Performance list.
Page 475: Qos Configuration
QoS configuration QoS configuration QoS configuration involves configuring packet classification, mapping the priority and traffic class, controlling congestion, and scheduling. The configuration of these QoS entities consist of CEE Map and Traffic Class Map configuration. In a Converged Enhanced Ethernet (CEE) configuration, Enhanced Transmission Selection (ETS) and Priority-based flow control (PFC) are configured by utilizing a priority table, a priority group table, and a priority traffic table.
Page 476: Creating A Cee Map
Creating a CEE map Creating a CEE map When you create a CEE map, each of the Class of Service (CoS) options (0-7) must be mapped to at least one of the Priority Group IDs (0-7) and the total bandwidth must equal 100. All QoS, CEE map, and Traffic map configurations apply to all ports in a LAG.
Page 477: Editing A Cee Map
Editing a CEE map 5. Configure the following CEE Map parameters in the CEE Map table: • Name - Enter a name to identify the CEE map. If the switch is a 10 Gbps CEE/FC switch module, you cannot change the name. •...
Page 478: Deleting A Cee Map
Deleting a CEE map 5. Keep the same CEE Map name and modify the following values, as required. See Table for an example of priority group configuration. • Name - Enter a name to identify the CEE map. If the switch is a 10 Gbps CEE/FC switch module, you cannot change the name.
Page 479: Assigning A Cee Map To A Port Or Link Aggregation Group
Assigning a CEE map to a port or link aggregation group 8. Review the changes carefully before you accept them. 9. Click Start to apply the changes, or click Close to abort the operation. If a CEE map is assigned to a port or LAG and you delete the CEE map, an error message displays in the Status area (applicable for the Traffic class map and ACL).
Page 480: Creating A Traffic Class Map
Creating a traffic class map Creating a traffic class map 1. Select Configure > Switch > CEE from the menu bar. The CEE Configuration dialog box displays, showing the status of all CEE-related hardware and functions. 2. Select a switch, and click Edit. 3.
Page 481: Deleting A Traffic Class Map
Deleting a traffic class map Deleting a traffic class map 1. Select Configure > Switch > CEE from the menu bar. The CEE Configuration dialog box displays, showing the status of all CEE-related hardware and functions. 2. Select a switch, and click Edit. 3.
Page 482 Assigning a traffic class map to a port or link aggregation group FIGURE 183 QoS, assign a traffic class map to a port dialog box 4. Click the Assign a map to <port name> check box. 5. Select Traffic Class in the Map Type list. 6.
Page 483: Lldp-Dcbx Configuration
LLDP-DCBX configuration LLDP-DCBX configuration Link Layer Discovery Protocol (LLDP) provides a solution for the configuration issues caused by increasing numbers and types of network devices in a LAN environment, because, with LLDP, you can statically monitor and configure each device on a network. Data Center Bridging Capability Exchange Protocol (DCBX) enables Enhanced Ethernet devices to discover whether a peer device supports particular features, such as Priority Flow Control or Class of Service (CoS).
Page 484: Adding An Lldp Profile
Adding an LLDP profile 4. Select the Global Configuration LLDP profile in the LLDP Profiles table. 5. Click the left arrow button to edit. 6. Select the FCoE Application and FCoE Logical Link check boxes in the Advertise table to advertise them on the network.
Page 485: Editing An Lldp Profile
Editing an LLDP profile • DCBX - The DCBX profiles. • FCoE application - The FCoE application feature. • FCoE logical link - The logical link level for the SAN network. 6. Click the right arrow button to move the newly created profile into the DBCX Profiles table. Click OK.
Page 486: Assigning An Lldp Profile To A Port Or Ports In A Lag
Assigning an LLDP profile to a port or ports in a LAG 4. Select an existing LLDP Profile from the LLDP Profiles table in the upper right pane. NOTE You cannot delete <Global Configurations>. You can, however, edit global configurations. For more information, see “Editing an LLDP profile”...
Page 487 Assigning an LLDP profile to a port or ports in a LAG FIGURE 185 Assign an LLDP profile dialog box 4. Click Assign an LLDP profile to <port name> button to enable the feature. NOTE Assign the Global Configuration is the default. The Available Profiles list is disabled if global configuration is selected.
Page 488: Access Control List Configuration
Access Control List configuration Access Control List configuration Access control lists (ACL) are sequential lists consisting of permit and deny rules. They are either Layer 3 (IP)- or Layer 2 (MAC)-specific. You can configure multiple access lists and rules and store them in the configuration.
Page 489 Adding an ACL to a switch 4. Click Add and select Standard or Extended from the Add list. The Add Extended Access Control List includes all the Standard ACL features plus two additional features: Destination and Ether Type. The ACL parameters are described below. FIGURE 187 Add Extended Access Control List dialog box 5.
Page 490: Editing The Parameters Of An Acl
Editing the parameters of an ACL • Count - Instructs the system to maintain a counter. • Ether Type - Specifies the Ethernet protocol being transferred in the Ethernet frame. Only one of the following Ether types is supported at a time. Address Resolution Protocol (ARP) - Ether Type 0x0806 ...
Page 491: Deleting An Acl
Deleting an ACL Deleting an ACL When you delete an ACL from the ACLs table, you are given the option to also remove the profile from the entities where it is currently associated. 1. Select Configure > Switch > CEE from the menu bar. The CEE Configuration dialog box displays, showing the status of all CEE-related hardware and functions.
Page 492 Assigning an ACL to a port or link aggregation group FIGURE 188 Assign ACL to port dialog box 5. Select an ACL from the Available ACLs list. The ACL name is suffixed with its type (standard or extended) in parentheses; for example, Human Resources (Extended).
Page 493: Spanning Tree Protocol Configuration
Spanning Tree Protocol configuration Spanning Tree Protocol configuration You can configure Spanning Tree Protocol (STP) when editing a LAG, but not when you are adding a LAG. The 8 Gbps 16-FC-ports, 10 GbE 8-Ethernet Port, and the 10 Gbps CEE/FC switch module support the following types of STP: •...
Page 494: Setting Spanning Tree Parameters For A Switch
Setting Spanning Tree parameters for a switch Setting Spanning Tree parameters for a switch You cannot configure Spanning Tree Protocol (STP) when adding a new LAG. STP can be configured only after the LAG has been added to the switch. NOTE The ports and the ports in a link aggregation group (LAG) for the selected switch must be in Layer 2 (L2) mode.
Page 495 Setting Spanning Tree parameters for a switch 5. Configure the following Spanning Tree Protocol parameters: • Priority - The bridge priority. The value range is 0-61440 and the default value is 32768. The value must be in increments of 4096. •...
Page 496 Setting Spanning Tree parameters for a switch FIGURE 190 Spanning Tree Protocol dialog box, MSTP 6. Click OK. The CEE Confirmation and Status dialog box displays. Review the changes carefully before you accept them. 8. Click Start to apply the changes, or click Close to abort the operation. DCFM Enterprise User Manual 53-1001775-01...
Page 497: Stp Configurable Parameters At The Port Or Lag Level
STP configurable parameters at the port or LAG level STP configurable parameters at the port or LAG level You cannot configure Spanning Tree Protocol (STP) when adding a new LAG. STP can be configured only after the LAG has been added to the switch. Figure 191 shows the Spanning Tree Protocol (STP) parameters that are configurable at the port or LAG level.
Page 498: X Authentication
802.1x authentication 802.1x authentication 802.1x is a standard authentication protocol that defines a client-server-based access control and authentication protocol. 802.1x restricts unknown or unauthorized clients from connecting to a LAN through publicly accessible ports. NOTE 802.1x is not supported for internal ports. A switch must be enabled for 802.1x authentication before you configure its parameters.
Page 499: Disabling 802.1X
Disabling 802.1x Disabling 802.1x 1. Select Configure > Switch > CEE from the menu bar. The CEE Configuration dialog box displays, showing the status of all CEE-related hardware and functions. 2. Select a switch and click Edit. 3. Click the 802.1x tab on the Edit Switch dialog box. The 802.1x dialog box displays.
Page 500 Setting 802.1x parameters for a switch 4. Click the Enable 802.1x check box to enable 802.1x authentication, and click OK. The 802.1x dialog box displays. FIGURE 192 802.1x dialog box 6. Configure the following 802.1x parameters: • Wait Period - The number of seconds the switch waits before sending an EAP request. The value range is 15 to 65535 seconds.
Page 501: Cee Switch Management Using Web Tools
CEE switch management using Web Tools CEE switch management using Web Tools You can open Web Tools directly from the CEE Configuration dialog box and use the Element Man- ager to enable and manage the CEE switch. To launch a CEE switch’s Element Manager, complete the following steps. 1.
Page 502: Cee Switch Management Using Telnet
CEE switch management using Telnet CEE switch management using Telnet You can use Telnet to log in and issue command line-based commands to a CEE switch. To launch a Telnet session, complete the following steps: 1. Launch the CEE Configuration dialog box using one of the following methods: •...
Page 503: Viewing Virtual Fcoe Ports
Viewing virtual FCoE ports Viewing virtual FCoE ports Configuration of virtual FCoE ports requires installation of the FCoE license on the switch. 1. Select Configure > Switch > FCoE from the menu bar. The FCoE Configuration dialog box displays. 2. Select the Virtual FCoE Ports tab. The Virtual FCoE Ports tab displays.
Page 504: Clearing A Stale Entry
Clearing a stale entry Clearing a stale entry A stale entry is a device that logged in and logged off but, because a port went down after an FLOGI was received, the device failed to receive the message. The entry in the FCoE Connected Devices table becomes stale and you must clear it manually.
Page 505: Ficon Configurations
Chapter FICON Environments In this chapter • FICON Configurations ......... . 467 •...
Page 506: Configuring A Pdcm Allow/Prohibit Matrix
Configuring a PDCM Allow/Prohibit Matrix FIGURE 196 Cascaded configuration, three domains, but only two in a path Configuring a PDCM Allow/Prohibit Matrix The Prohibit Dynamic Connectivity Mask (PDCM) is a FICON port attribute that can be used to prohibit communication between specific ports. Prohibits are not recommended on E_Ports (inter switch links).
Page 507 Configuring a PDCM Allow/Prohibit Matrix 2. Select a switch from Available Switches. Two default configurations (Active and IPL) are displayed in a tree structure below the switch. Existing configurations are also displayed. 3. Choose one of the following options: • Double-click a configuration file.
Page 508: Configuring An Allow/Prohibit Manually
Configuring an Allow/Prohibit manually Configuring an Allow/Prohibit manually NOTE If you receive a 'FICON not supported on switch' error, refer to FICON troubleshooting for a list of possible causes. To configure to allow or prohibit communication between specific ports manually, complete the following steps.
Page 509: Copying A Pdcm Configuration
Saving or Copying a PDCM configuration to another device 8. Click Add. The information displays in the Selected Ports for Modification table. To delete any of these manual configurations, select the configuration you want to delete in the Selected Ports for Modification table and click Remove. 9.
Page 510 Copying a PDCM configuration 3. Click Copy. The Save As/Copy dialog box displays. FIGURE 200 Save As/Copy dialog box 4. Enter a name for the configuration. 5. Enter a description for the configuration. 6. Select the check box for the switch to which you want to save the configuration in the Select Switch table.
Page 511: Saving A Pdcm Configuration To Another Device
Saving a PDCM configuration to another device Saving a PDCM configuration to another device NOTE If you receive a 'FICON not supported on switch' error, refer to FICON troubleshooting for a list of possible causes. To save an existing PDCM configuration to another device, complete the following steps. 1.
Page 512: Activating A Pdcm Configuration
Activating a PDCM configuration Activating a PDCM configuration NOTE If you receive a 'FICON not supported on switch' error, refer to FICON troubleshooting for a list of possible causes. You must have an active zone configuration before you can activate a PDCM configuration. 1.
Page 513: Deleting A Pdcm Configuration
Deleting a PDCM configuration Deleting a PDCM configuration NOTE If you receive a 'FICON not supported on switch' error, refer to FICON troubleshooting for a list of possible causes. You cannot delete the active configuration, the IPL configuration, or a configuration that is marked as having uncommitted changes.
Page 514: Cascaded Ficon Fabric
Cascaded FICON fabric Cascaded FICON fabric NOTE You must have FICON Management privileges to configure a fabric for cascaded FICON. The Management application enables you to easily configure a fabric for cascaded FICON. Note that configuring a fabric for cascaded FICON may be disruptive to current I/O operations in the fabric, as it needs to disable and enable the switches in the fabric.
Page 515: Configuring A Cascaded Ficon Fabric
Configuring a cascaded FICON fabric Configuring a cascaded FICON fabric NOTE If you receive a 'FICON not supported on switch' error, refer to FICON troubleshooting for a list of possible causes. The FICON wizard automatically creates high integrity fabric configuration settings that support a cascaded FICON fabric.
Page 516 Configuring a cascaded FICON fabric 4. Select the DLS check box to enable dynamic load sharing (DLS) or Lossless DLS on all switches in the fabric. NOTE DLS requires DLS support on the switch. Lossless DLS requires Lossless DLS support on the switch.
Page 517: Cascaded Ficon Fabric Merge
Cascaded FICON fabric merge Cascaded FICON fabric merge The Management application provides a wizard to help you merge two fabrics for cascaded FICON. Note that merging two cascaded FICON fabrics may be disruptive to current I/O operations in both fabrics, as it needs to disable and enable the switches in both fabrics. NOTE It is recommended that you run a configuration backup on all switches before performing the fabric merge.
Page 518: Merging Two Cascaded Ficon Fabrics
Merging two cascaded FICON fabrics Merging two cascaded FICON fabrics NOTE If you receive a 'FICON not supported on switch' error, refer to FICON troubleshooting for a list of possible causes. If you want to join two cascaded FICON fabrics, they must be merged. If the distance between fabrics is 10 km or more, an Extended Fabrics license is required, and an extra step is required to configure the connection as a long distance connection.
Page 519 Merging two cascaded FICON fabrics 8. Select which fabric’s Administrative domains, zone database, and ACL database you want to preserve and use after the fabrics are merged. 9. Read the bulleted list of actions so you understand the actions that are taken to avoid conflicts when the fabrics are merged.
Page 520: Resolving Merge Conflicts
Resolving merge conflicts Resolving merge conflicts You can resolve the following types of switch configuration conflicts: • Domain ID • • Buffer To Buffer Credit • Disable Device Probe • Route Priority Per Frame • Sequence Level Switching • Suppress Class F •...
Page 521: Port Groups
Port Groups Port Groups A port group is a group of FC ports from one or more switches within the same fabric. Port groups are user-specific, you can only view and manage port groups that you create. The ports display in the order in which you add them to the port group. The order in which you add ports to a port group is persisted in both the port group and the Allow/Prohibit Matrix.
Page 522: Viewing Port Groups
Viewing port groups 2. Click New. 3. Enter a name for the port group in the Name field. 4. Enter a description for the port group in the Description field. 5. Select one or more ports to add to the group in the Group Type - FC Ports table. A port group must have at least one port in the Membership List.
Page 523: Editing A Port Group
Editing a port group Editing a port group To edit a port group, complete the following steps. 1. Select Configure > Port Groups. The Port Groups dialog box displays. 2. Select the port group you want to edit in the Port Groups table. The information for the selected port group displays in the update information area.
Page 524: Swapping Blades
Swapping blades Swapping blades NOTE Blade-based port swap is mainly used for FICON and is only applicable for port blades. However, the Management application does not block blade-based port swap for other application blades, including the 8 Gbps 24-port blade. You can swap all of the ports from one blade to another blade.
Page 525: Devices That Support Fibre Channel Routing
Chapter FC-FC Routing Service Management In this chapter • Devices that support Fibre Channel routing ......487 •...
Page 526: Fibre Channel Routing Overview
Fibre Channel routing overview Fibre Channel routing overview Fibre Channel routing provides connectivity to devices in different fabrics without merging the fabrics. Using Fibre Channel routing, you can share tape drives across multiple fabrics without the administrative overhead, such as change management and network management, and scalability issues that might result from merging the fabrics.
Page 527: Guidelines For Setting Up Fc-Fc Routing
Guidelines for setting up FC-FC routing VE_Port Edge fabric 2 IP cloud Edge fabric 1 Edge fabric 3 E_Port E_Port VEX_Port FC router EX_Port (2) = LSAN Backbone fabric FIGURE 205 A metaSAN with edge-to-edge and backbone fabrics Guidelines for setting up FC-FC routing The following are some general guidelines for setting up FC-FC routing: •...
Page 528: Connecting Edge Fabrics To A Backbone Fabric
Connecting edge fabrics to a backbone fabric Connecting edge fabrics to a backbone fabric The following procedure explains how to set up FC-FC routing on two edge fabrics connected through an FC router using E_Ports and EX_Ports. If you are connecting Fibre Channel SANs through an IP-based network, see “Configuring an FCIP tunnel”...
Page 529 Connecting edge fabrics to a backbone fabric 3. Select the FC router from the Available Routers table. 4. Click the right arrow to move the FC router you selected to the Selected Router table. 5. Select a valid fabric ID (1–128) from the Fabric ID list. You can choose any unique fabric ID as long as it is consistent for all EX_Ports that connect to the same edge fabric.
Page 530: Configuring Routing Domain Ids
Configuring routing domain IDs Configuring routing domain IDs Logical (phantom) domains are created to enable routed fabrics. A logical domain called a front domain is created in edge fabrics for every IFL. A logical domain called a translate (Xlate) domain is created in routed fabrics that share devices.
Page 531 Chapter Encryption configuration In this chapter • Encryption Center features ........494 •...
Page 532: Encryption Center Features
Encryption Center features Encryption Center features The Encryption Center dialog box (Figure 208) is the single launching point for all encryption-related configuration in the Management application. It also provides a table that shows the general status of all encryption-related hardware and functions at a glance. FIGURE 208 Encryption Center dialog box Beginning with Fabric OS version 6.4, the Encryption Center is dynamically updated to reflect the...
Page 533: Encryption User Privileges
Encryption user privileges Encryption user privileges In the Management application, resource groups are assigned privileges, roles, and fabrics. Privileges are not directly assigned to users; users get privileges because they belong to a role in a resource group. A user can only belong to one resource group at a time. The Management application provides three pre-configured roles: •...
Page 534: Smart Card Usage
Smart card usage Smart card usage Smart Cards are credit card-sized cards that contain a CPU and persistent memory. Smart cards can be used as security devices. You must have Storage Encryption Security user privileges to activate, register, and configure smart cards. Smart cards can be used to do the following: •...
Page 535: Registering Authentication Cards From The Database
Registering authentication cards from the database 3. Select the Quorum Size. The quorum size is the minimum number of cards necessary to enable the card holders to perform the security sensitive operations listed above. The maximum quorum size is five cards. The actual number of authentication cards registered is always more than the quorum size, so if you set the quorum size to five, for example, you will need to register at least six cards in the subsequent steps.
Page 536: De-Registering An Authentication Card
De-registering an authentication card De-registering an authentication card Authentication cards can be removed from the database and the switch by de-registering them. Use the following procedure to de-register an authentication card. 1. Select the authentication card on the Authentication Card table. 2.
Page 537: Enabling Or Disabling The System Card Requirement
Enabling or disabling the system card requirement Enabling or disabling the system card requirement If you want to use a system card to control activation of an encryption engine on a switch, you must enable the system card requirement. You can use the following procedure to enable or disable the system card requirement.
Page 538: De-Registering A System Card
De-registering a system card De-registering a system card System cards can be removed from the database by de-registering them. Use the following procedure to de-register a system card. 1. From the Register System Card dialog box, select the system card you want to de-register. 2.
Page 539: Editing Smart Cards
Editing smart cards Editing smart cards Use the Edit Smart Card dialog box to edit smart card details. 1. From the Encryption Center, select Smart Card > Edit Smart Card. The Edit Smart Card dialog box displays(Figure 210). FIGURE 210 Edit Smart Card dialog box 2.
Page 540: Network Connections
Network connections Network connections Before you use the encryption setup wizard for the first time, you must have the following required network connections: • The management ports on all encryption switches and 384-port Backbone Chassis CPs that have encryption blades installed must have a LAN connection to the SAN management program, and must be available for discovery.
Page 541: Encryption Node Initialization And Certificate Generation
Encryption node initialization and certificate generation Encryption node initialization and certificate generation When an encryption node is initialized, the following security parameters and certificates are generated: • FIPS crypto officer • FIPS user • Node CP certificate • A self-signed Key authentication center KAC) certificate •...
Page 542: Supported Encryption Key Manager Appliances
Supported encryption key manager appliances Supported encryption key manager appliances As stated under “Network connections”, a supported key management appliance must be connected on the same LAN as the management port of the encryption switches or of the Backbone Chassis Control Processors (CPs) in the case of the encryption blade. Secure communication between encryption nodes in an encryption group, and between encryption nodes and key manager appliances requires an exchange of certificates that are used for mutual authentication.
Page 543: Exporting The Kac Certificate Signing Request (Csr)
Exporting the KAC certificate signing request (CSR) Exporting the KAC certificate signing request (CSR) You need to export the KAC CSR to a temporary location prior to submitting the KAC CSR to a Certificate Authority (CA) for signing. 1. Synchronize the time on the switch and the key manager appliance. They should be within one minute of each other.
Page 544: Rkm Appliance
Uploading the KAC and CA certificates onto the RKM appliance Uploading the KAC and CA certificates onto the RKM appliance After an encryption group is created, you need to install the switch public key certificate (KAC certificate) and signing authority certificate (CA certificate) on the RKM appliance. 1.
Page 545: Rkm Key Vault High Availability Deployment
RKM key vault high availability deployment Repeat a. through h. for each key class. Click Finish. 9. For each encryption node, create an identity as follows. a. Select the Identities tab. b. Click Create. Enter a label for the node in the Name field. This is a user-defined identifier. d.
Page 546: The Netapp Datafort Management Console
The NetApp DataFort Management Console The NetApp DataFort Management Console The NetApp DataFort Management Console (DMC) must be installed on your PC or workstation to complete certain procedures described in this appendix. Refer to the appropriate DMC product documentation for DMC installation instructions. After you install DMC, do the following. 1.
Page 547: Obtaining And Importing The Lkm Certificate
Obtaining and importing the LKM certificate Obtaining and importing the LKM certificate Certificates must be exchanged between LKM and the encryption switch to enable mutual authentication. You must obtain a certificate from LKM, and import it into the encryption group leader.
Page 548: Exporting And Registering The Switch Kac Certificates On Lkm
Exporting and registering the switch KAC certificates on LKM Exporting and registering the switch KAC certificates on LKM The encryption switch self-signed KAC certificates must exported and then registered on the LKM appliance. 1. From the Encryption Center, select Switch > Export Certificate. The Export Switch Certificate dialog box displays.
Page 549: Tape Lun And Df -Compatible Tape Pool Support
Tape LUN and DF -compatible tape pool support Tape LUN and DF -compatible tape pool support • DEK Creation - The DEK is created and archived to the primary LKM only. Upon successful archival of the DEK to the primary LKM, the DEK can be used for encryption of a Tape LUN or DF-Compatible tape pool.
Page 550: Configuring A Brocade Group On Skm
Configuring a Brocade group on SKM • Download the CA certificate. • Create and install an SKM server certificate. • Enable an SSL connection. • Configure a cluster of SKM appliances for high availability. • Export and sign the encryption node certificate signing requests. •...
Page 551: Password
Registering the SKM Brocade group user name and password Registering the SKM Brocade group user name and password The Brocade group user name and password you created when configuring a Brocade group on SKM must also be registered on each Brocade encryption node. 1.
Page 552: Setting Up The Local Certificate Authority (Ca) On Skm
Setting up the local Certificate Authority (CA) on SKM Setting up the local Certificate Authority (CA) on SKM To create and install a local CA, perform the following steps: 1. Login to the SKM management web console using the admin password. 2.
Page 553: Downloading The Local Ca Certificate From Skm
Downloading the local CA certificate from SKM In the Trusted Certificate Authority List, click Edit. 8. From the list of Available CAs in the right panel, select the CA you just created. Repeat these steps any time another local CA is needed. Downloading the local CA certificate from SKM The local CA certificate you created using the procedure for “Setting up the local Certificate...
Page 554: Enabling Ssl On The Key Management System (Kms) Server
Enabling SSL on the Key Management System (KMS) Server 11. Enter the required data in the Sign Certificate Request section of the window. Select the CA name from the Sign with Certificate Authority drop down box. Select Server as the Certificate Purpose. Enter the number of days before the certificate must be renewed based on your site's security policies.
Page 555: Creating An Skm High Availability Cluster
Creating an SKM High Availability cluster Creating an SKM High Availability cluster The HP SKM key vault supports clustering of HP SKM appliances for high availability. If two SKM key vaults are configured, they must be clustered. If only a single SKM appliance is configured, it may be clustered for backup purposes, but the backup appliance will not be directly used by the switch.
Page 556: Adding Skm Appliances To The Cluster
Adding SKM appliances to the cluster Adding SKM appliances to the cluster If you are adding an appliance to an existing cluster, select the Cluster Settings section of the window, click Download Cluster Key and save the key to a convenient location, such as your computer's desktop.
Page 557: Signing The Brocade Encryption Node Kac Certificates
Signing the Brocade encryption node KAC certificates Signing the Brocade encryption node KAC certificates The KAC certificate signing request generated when the encryption node is initialized must be exported for each encryption node and signed by the Brocade local CA on SKM. The signed certificate must then be imported back into the encryption node.
Page 558: Steps For Connecting To A Tems Appliance
Steps for connecting to a TEMS appliance Steps for connecting to a TEMS appliance TEMS provides a web user interface for management of clients, keys, admins, and configuration parameters. A Thales officer creates domains, groups, and managers (a type of administrator), assigns groups to domains and assigns managers to manage groups.
Page 559: Creating A Client On Tems
Creating a client on TEMS 3. Enter the client IP address information under KM Server Interface. 4. Enter a host name for the appliance, internet or intranet domain, and, if used, the primary and secondary DNS IP address under Common Settings. 5.
Page 560: Establishing Tems Key Vault Credentials On The Switch
Establishing TEMS key vault credentials on the switch FIGURE 214 TEMS Clients tab Click the Add Client tab. 8. Paste or type in the user name from step 4 in the Name field. 9. Enter a password in the Password and Verify Password fields. 10.
Page 561: Gathering Information
Gathering information 2. Copy exactly the user name and password used when creating the TEMS client. You may create different credentials, but if you do, you also need to change the TEMS client credentials to match the new credentials. 3. Click OK. Gathering information Before you use the encryption setup wizard for the first time, you should also have a detailed configuration plan in place and available for reference.
Page 562: Creating A New Encryption Group
Creating a new encryption group Creating a new encryption group The following steps describe how to start and run the encryption setup wizard, and then create a new encryption group. NOTE When a new encryption group is created, any existing tape pools in the switch are removed. 1.
Page 563 Creating a new encryption group 4. Click Next. Create a new encryption Group is pre-selected. This is the correct selection for creating a new group. FIGURE 217 Designate Switch Membership dialog box 5. Enter an Encryption Group Name for the encryption group (the maximum length of the group name is 15 characters;...
Page 564 Creating a new encryption group FIGURE 218 Select Key Vault dialog box Select the Key Vault Type. The choices are the following: RSA Key Manager (RKM) NetApp Link Key Manager (LKM) HP Secure Key Manager (SKM) Thales Encryption Manager for Storage (TEMS) Tivoli Key Lifetime Manager (TKLM) Different options are available depending on which key vault type you choose.
Page 565 Creating a new encryption group When you select RKM, the options are a shown in Figure 219. a. Enter the IP address or host name for the primary key vault. If you are clustering RKM appliances for high availability, IP load balancers are used to direct traffic to the appliances.
Page 566 Creating a new encryption group When you select LKM, the options are as shown in Figure 220. a. Enter the IP address or host name for the primary key vault. b. Enter the name of the file that holds the primary key vault’s public key certificate or browse to the location by clicking the Browse button.
Page 567 Creating a new encryption group When you select SKM, the options are as shown in Figure 221. a. Enter the IP address or host name for the primary key vault. b. Enter the name of the file that holds the primary key vault’s public key certificate or browse to the location by clicking the Browse button.
Page 568 Creating a new encryption group When you select TEMS, the options are as shown in Figure 222. a. Enter the IP address or host name for the primary key vault. b. Enter the name of the file that holds the primary key vault’s public key certificate or browse to the location by clicking the Browse button.
Page 569 Creating a new encryption group When you select TKLM, the options are as shown in Figure 223. a. Enter the IP address or host name for the primary key vault. b. Enter the name of the file that holds the primary key vault’s public key certificate or browse to the location by clicking the Browse button.
Page 570 Creating a new encryption group FIGURE 224 Specify Public Key Certificate filename dialog box 8. Specify the name of the file where you want to store the public key certificate that is used to authenticate connections to the key vault, and click Next. The certificate stored in this file is the switch’s public key certificate.
Page 571 Creating a new encryption group FIGURE 225 Specify Master Key File Name dialog box 10. Enter a file name, or browse to the desired location. 11. Enter the passphrase, which is required for restoring the master key. The passphrase can be between eight and 40 characters, and any character is allowed.
Page 572 Creating a new encryption group 13. Click Next. The Confirm Configuration panel displays the encryption group name and switch public key certificate file name you specified, shown in Figure 226. FIGURE 226 Confirm Configuration dialog box 14. Click Next to confirm the displayed information. The Configuration Status displays, as shown in Figure 227.
Page 573 Creating a new encryption group FIGURE 227 Configuration Status dialog box The Management application sends API commands to verify the switch configuration. The CLI commands are detailed in the Fabric OS Encryption Administrator’s Guide, “Key vault configuration.” • Initialize the switch If the switch is not already in the initiated state, the Management application performs the command.
Page 574: Adding A Switch To An Encryption Group
Adding a switch to an encryption group • Save the switch’s public key certificate to a file The Management application saves the KAC certificate into the specified file. • Back up the master key to a file The Management application saves the master key into the specified file. Note that a master key is not generated if the key vault type is LKM.
Page 575 Adding a switch to an encryption group FIGURE 228 Add switch to an encryption group - Designate Switch Membership dialog box a. Select Add this switch to an existing encryption group. b. Click Next. The Add Switch to Existing Encryption Group dialog box displays. FIGURE 229 Add Switch to Existing Encryption Group dialog box 5.
Page 576 Adding a switch to an encryption group FIGURE 230 Add switch to an encryption group - Specify Public Key Certificate filename dialog box 6. Specify the name of the file where you want to store the public key certificate that is used to authenticate connections to the key vault, and click Next.
Page 577 Adding a switch to an encryption group Click Next to confirm the displayed information. The Configuration Status displays. • A progress indicator shows that a configuration step is in progress. A green check mark indicates successful completion of all steps for that Configuration Item. A red stop sign indicates a failed step.
Page 578: Replacing An Encryption Engine In An Encryption Group
Replacing an encryption engine in an encryption group FIGURE 233 Add switch to an encryption group - Next Steps dialog box 9. Click Finish to exit the Configure Switch Encryption wizard. Replacing an encryption engine in an encryption group To replace an encryption engine in an encryption group with another encryption engine within the same DEK Cluster, complete the following steps.
Page 579: Creating High Availability (Ha) Clusters
Creating high availability (HA) clusters FIGURE 234 Engine Operations tab 2. Select the engine you want to replace in the Engine list. 3. Select the engine you want to use as the replacement in the Replacement list. 4. Click Replace. All containers hosted by the current engine (Engine list) are replaced by the new engine (Replacement list).
Page 580: Removing Engines From An Ha Cluster
Removing engines from an HA cluster 4. Select an available encryption engine, and a destination HA cluster under High-Availability Clusters. Select New HA Cluster if you are creating a new cluster. 5. Click the right arrow to add the encryption engine to the selected HA cluster. FIGURE 235 HA Clusters tab NOTE...
Page 581: Swapping Engines In An Ha Cluster
Swapping engines in an HA cluster Swapping engines in an HA cluster Swapping engines is useful when replacing hardware. Swapping engines is different from removing an engine and adding another because when you swap engines, the configured targets on the former HA cluster member are moved to the new HA cluster member.
Page 582: Adding Encryption Targets
Adding encryption targets Adding encryption targets Adding an encryption target maps storage devices and hosts to virtual targets and virtual initiators within the encryption switch. NOTE It is recommended that you zone the host and target together before configuring them for encryption.
Page 583 Adding encryption targets 5. Click Next to begin. The Select Encryption Engine dialog box displays. The list of engines depends on the scope being viewed. • If the Targets dialog box is showing all targets in an encryption group, the list includes all engines in the group.
Page 584 Adding encryption targets 6. Select the encryption engine (blade or switch) you want to configure, and click Next. The Select Target panel displays. This panel lists all target ports and target nodes in the same fabric as the encryption engine. The Select Target list does not show targets that are already configured in an encryption group.
Page 585 Adding encryption targets Click Next. The Select Hosts panel displays. This panel lists all hosts in the same fabric as the encryption engine. There are two available methods for selecting hosts: select from a list of known hosts or manually enter the port and node world wide names. FIGURE 239 Select Hosts dialog box a.
Page 586 Adding encryption targets FIGURE 240 Name Container dialog box 10. Click Next. The Confirmation panel displays. FIGURE 241 Confirmation dialog box DCFM Enterprise User Manual 53-1001775-01...
Page 587 Adding encryption targets 11. Click Next to confirm the displayed information. The Configuration Status displays the target and host that are configured in the target container, as well as the virtual targets (VT) and virtual initiators (VI). NOTE If you can view the VI/VT Port WWNs and VI/VT Node WWNs, the container has been successfully added to the switch.
Page 588 Adding encryption targets 13. Click Next to confirm the configuration. The Important Instructions dialog box displays. FIGURE 243 Important Instructions dialog box 14. Review the instructions about post-configuration tasks you must complete after you close the wizard. 15. Click Finish to exit the Configure Storage Encryption wizard. DCFM Enterprise User Manual 53-1001775-01...
Page 589: Configuring Hosts For Encryption Targets
Configuring hosts for encryption targets Configuring hosts for encryption targets Use the Encryption Target Hosts dialog box to edit (add or remove) hosts for an encrypted target. NOTE Hosts are normally selected as part of the Configure Storage Encryption wizard but you can also edit hosts later using the Encryption Target Hosts dialog box.
Page 590: Adding Target Disk Luns For Encryption
Adding target disk LUNs for encryption Adding target disk LUNs for encryption You can add a new path to an existing disk LUN or add a new LUN and path by launching the Add New Path wizard. Take the following steps to launch the Add New Path wizard. 1.
Page 591 Adding target disk LUNs for encryption 5. Click Next. The Select Initiator Port dialog box displays. 6. Select the initiator port from the Initiator Port list. Click Next. LUN discovery is launched, and a progress bar displays. There are four possible outcomes: A message displays indicating No LUNs are discovered.
Page 592: Remote Replication Luns
Remote replication LUNs Remote replication LUNs The Symmetrix Remote Data Facility (SRDF) transmits data that is being written to a local Symmetrix array to a remote symmetrix array. The replicated data facilitates a fast switchover to the remote site for data recovery. SRDF supports the following methods of data replication: •...
Page 593: Metadata Requirements And Remote Replication
Metadata requirements and remote replication FIGURE 248 Basic SRDF configuration with Brocade encryption switches Metadata requirements and remote replication When the metadata and key ID are written, the primary metadata on blocks 1 to 16 is compressed and encrypted. However, there are scenarios where these blocks are not compressible, and the metadata is not written to the media.
Page 594: Adding Target Tape Luns For Encryption
Adding Target Tape LUNs for encryption • The New LUN option is used only if an RKM key vault is configured for the encryption group. • The New LUN option can be used only if replication is enabled for the encryption group. •...
Page 595: Configuring Encrypted Tape Storage In A Multi-Path Environment
Configuring encrypted tape storage in a multi-path environment 8. Select the desired encryption mode. • If you change a LUN policy from Native Encryption or DF-Compatible Encryption to Clear Text, you disable encryption. • The LUNs of the target which are not enabled for encryption must still be added to the CryptoTarget container with the Clear Text encryption mode option.
Page 596: Re-Balancing The Encryption Engine
Re-balancing the encryption engine 9. Select target port B, click LUNs, then click Add. Select the LUNs to be encrypted and the encryption policies for the LUNs, making sure that the encryption policies match the policies specified in the other path. 10.
Page 597: Master Keys
Master keys To rebalance an encryption engine, do the following. 1. Select Configure > Encryption from the menu bar. The Encryption Center dialog box displays. 2. Select an encryption engine and select Engine > Re-Balance from the menu bar, or right click on the encryption engine, and select Re-Balance.
Page 598: Master Key Actions
Master key actions Master key actions Master key actions are as follows: • Backup master key, which is enabled any time a master key exists. • Restore master key, which is enabled when no master key exists or the previous master key has been backed up.
Page 599 Saving the master key to a file 4. Select Backup Master Key as the Master Key Action. The Master Key Backup dialog box displays, but only if the master key has already been generated. FIGURE 249 Backup Destination (to file) dialog box 5.
Page 600: Saving A Master Key To A Key Vault
Saving a master key to a key vault Saving a master key to a key vault Use the following procedure to save the master key to a key vault. 1. Select Configure > Encryption from the menu bar. The Encryption Center dialog box displays. 2.
Page 601: Saving A Master Key To A Smart Card Set
Saving a master key to a smart card set Saving a master key to a smart card set A card reader must be attached to the SAN Management application PC to complete this procedure. Recovery cards can only be written once to back up a single master key. Each master key backup operation requires a new set of previously unused smart cards.
Page 602 Saving a master key to a smart card set FIGURE 251 Backup Destination (to smart cards) dialog box 5. Select A Recovery Set of Smart Cards as the Backup Destination. 6. Enter the recovery card set size. Insert the first blank card and wait for the card serial number to appear. 8.
Page 603: Restoring A Master Key From A File
Restoring a master key from a file Restoring a master key from a file Use the following procedure to restore the master key from a file. 1. Select Configure > Encryption from the menu bar. The Encryption Center dialog box displays. 2.
Page 604: Restoring A Master Key From A Key Vault
Restoring a master key from a key vault Restoring a master key from a key vault Use the following procedure to restore the master key from a key vault. 1. Select Configure > Encryption from the menu bar. The Encryption Center dialog box displays. 2.
Page 605: Restoring A Master Key From A Smart Card Set
Restoring a master key from a smart card set Restoring a master key from a smart card set A card reader must be attached to the SAN Management application PC to complete this procedure. Use the following procedure to restore the master key from a set of smart cards. 1.
Page 606: Creating A New Master Key
Creating a new master key 10. Insert the next card, and repeat step 8 step 11. Continue until all the cards in the set have been read. 12. Click OK. Creating a new master key Though it is generally not necessary to create a new master key, you may be required to create one due to circumstances such as the following: •...
Page 607: Zeroizing An Encryption Engine
Zeroizing an encryption engine Zeroizing an encryption engine Zeroizing is the process of erasing all data encryption keys and other sensitive encryption information in an encryption engine. You can zeroize an encryption engine manually to protect encryption keys. No data is lost because the data encryption keys for the encryption targets are stored in the key vault.
Page 608: Encryption Targets Dialog Box
Encryption Targets dialog box A confirmation dialog box describing consequences and actions required to recover launches. 4. Click YES to zeroize the encryption engine. Encryption Targets dialog box The Encryption Targets dialog box enables you to send outbound data that you want to store as ciphertext to an encryption device.
Page 609 Encryption Targets dialog box FIGURE 256 Encryption Targets dialog box TABLE 24 Encryption Targets dialog box fields and components Feature Description Add button Launches the Storage Encryption Setup Wizard, which enables you to configure a new target for encryption. It is the first step in configuring encryption for a storage device.
Page 610: Redirection Zones
Redirection zones TABLE 24 Encryption Targets dialog box fields and components (Continued) Feature Description Hosts button Launches the Encryption Target Hosts dialog box, where you can configure hosts to access the selected encryption target. LUNs button Launches the Encryption Target LUNs dialog box, where you can display existing LUNs and add new LUNs.
Page 611: Disk Device Decommissioning
Disk device decommissioning Disk device decommissioning A disk device needs to be decommissioned when any of the following occur: • The storage lease expires for an array, and devices must be returned or exchanged. • Storage is reprovisioned for movement between departments. •...
Page 612: Displaying And Deleting Decommissioned Key Ids
Displaying and deleting decommissioned key IDs Displaying and deleting decommissioned key IDs When disk LUNs are decommissioned, the process includes the disabling of the key record in the key vault and indicating that the key has been decommissioned. These decommissioned keys are still stored on the switch.
Page 613 Viewing and editing switch encryption properties FIGURE 257 Encryption Properties dialog box • Switch Properties table - the properties associated with the selected switch. • Name - the name of the selected switch. • Node WWN - the world wide name of the node. •...
Page 614 Viewing and editing switch encryption properties • Domain ID - the domain ID of the selected switch. • Firmware Version - the current encryption firmware on the switch. • Primary Key Vault Link Key Status - the possible statuses are as follows: Not Used –...
Page 615: Properties
Exporting the public key certificate signing request (CSR) from Properties • HA Cluster Name - the name of the HA cluster (for example, Cluster1), if in an HA configuration. The name can have a maximum of 31 characters. Only letters, digits, and underscores are allowed.
Page 616: Enabling The Encryption Engine State From Properties
Enabling the encryption engine state from Properties Enabling the encryption engine state from Properties To enable the encryption engine, complete the following steps. 1. Find the Set State To entry under Encryption Engine Properties. 2. Click the field and select Enabled. 3.
Page 617: General Tab
General tab FIGURE 258 Encryption Group Properties dialog box General tab The properties displayed in the General tab are described below. • Encryption group name - the name of the encryption group. • Group status - the status of the encryption group, which can be OK-Converged or Degraded. Degraded means the group leader cannot contact all of the configured group members.
Page 618: Members Tab
Members tab Members tab The Group Members tab lists group switches, their role, and their connection status with the group leader. The tab displays the configured membership for the group (none of the table columns are editable). The list can be different from the members displayed in the Encryption Center dialog box if some configured members are unmanaged, missing, or in a different group.
Page 619: Consequences Of Removing An Encryption Switch
Consequences of removing an encryption switch Consequences of removing an encryption switch Table 25 explains the impact of removing switches. TABLE 25 Switch removal impact Switch configuration Impact of removal The switch is the only switch in the encryption The encryption group is also removed. group.
Page 620 Consequences of removing an encryption switch Figure 260 shows the warning message that displays if you click Remove to remove an encryption group. FIGURE 260 Removal of switch in encryption group warning DCFM Enterprise User Manual 53-1001775-01...
Page 621: Security Tab
Security tab Security tab The Security tab (Figure 261) displays the status of the master key for the encryption group. NOTE You must enable encryption engines before you back up or restore master keys. Master key actions are as follows: •...
Page 622: Ha Clusters Tab
HA Clusters tab HA Clusters tab HA clusters are groups of encryption engines that provide high availability features. If one of the engines in the group fails or becomes unreachable, the other cluster member takes over the encryption and decryption tasks of the failed encryption engine. An HA cluster consists of exactly two encryption engines.
Page 623: Link Keys Tab
Link Keys tab Link Keys tab Connections between a switch and an NetApp LKM key vault require a shared link key. Link keys are used only with LKM key vaults. They are used to protect data encryption keys in transit to and from the key vault.
Page 624 Tape Pools tab Tape pools overview Tape cartridges and volumes may be organized into a tape pool (a collection of tape media). The same data encryption keys are used for all cartridges and volumes in the pool. Tape pools are used by backup application programs to group all the tape volumes used in a single backup or in a backup plan.
Page 625: Encryption-Related Acronyms In Log Messages
Encryption-related acronyms in log messages FIGURE 265 Add Tape Pool by number dialog box 4. Specify the Tape Pool Label Type. Tape pools can be identified by either a name or a number, shown in Figure 264 Figure 265. 5. Enter a name for the tape pool. If you selected Number as the Tape Pool Label Type, the name must match the tape pool label or tape ID/number that is configured on the tape backup/restore application.
Page 626 Encryption-related acronyms in log messages DCFM Enterprise User Manual 53-1001775-01...
Page 627: Virtual Fabrics Overview
Chapter Virtual Fabrics In this chapter • Virtual Fabrics overview ........589 •...
Page 628: Terminology
Virtual Fabrics requirements Terminology Table 27 lists definitions of Virtual Fabrics terms. TABLE 27 Virtual Fabrics terms Term Definition Physical chassis The physical switch or chassis from which you create logical switches and fabrics. Logical switch A collection of zero or more ports that act as a single Fibre Channel (FC) switch. When Virtual Fabrics is enabled on the chassis, there is always at least one logical switch: the default logical switch.
Page 629 Virtual Fabrics requirements For more information about enabling Virtual Fabrics on a physical chassis, refer to “Enabling Virtual Fabrics on a discovered device” on page 593. Table 28 lists the Virtual Fabric-capable physical chassis and the number of logical switches allowed for each of those physical chassis.
Page 630: Configuring Virtual Fabrics
Configuring Virtual Fabrics Configuring Virtual Fabrics The Management application allows you to discover, enable, create, and manage Virtual Fabric-capable physical chassis from the same interface. This procedure describes the general steps you take to enable the Virtual Fabrics feature and configure logical fabrics.
Page 631: Enabling Virtual Fabrics On A Discovered Device
Enabling Virtual Fabrics on a discovered device Enabling Virtual Fabrics on a discovered device ATTENTION Enabling Virtual Fabrics is disruptive. You should disable the physical chassis before you enable Virtual Fabrics. ATTENTION If the physical chassis is participating in a fabric, the affected fabric will be disrupted. 1.
Page 632 Creating a logical switch or base switch 3. Select one of the following in the Existing Logical Switches table: • A physical chassis in the Discovered Logical Switches node. • A NewFabric logical switch template in the Discovered Logical Switches node. •...
Page 633: Finding The Physical Chassis For A Logical Switch
Finding the physical chassis for a logical switch 13. Select a domain ID in the Preferred Domain ID list. In a FICON environment, select a domain ID that is not in use by the default or another logical switch in the same chassis. 14.
Page 634: Finding The Logical Switch From A Physical Chassis
Assigning ports to a logical switch Finding the logical switch from a physical chassis The Management application enables you to locate the logical switch from the physical chassis. To find the logical switch, right-click the physical chassis within the Chassis Group in the Product List and select Logical Switches >...
Page 635: Removing Ports From A Logical Switch
Removing ports from a logical switch Removing ports from a logical switch 1. Select a switch on the Product List or Connectivity Map and select Configure > Logical Switches. The Logical Switches dialog box displays. 2. Select the physical chassis to which the ports belong in the Chassis list. 3.
Page 636: Deleting A Logical Switch
Deleting a logical switch Deleting a logical switch 1. Select a switch on the Product List or Connectivity Map and select Configure > Logical Switches. The Logical Switches dialog box displays. 2. Right-click anywhere in the Existing Logical Switches table and select Table > Expand All. 3.
Page 637: Applying Logical Fabric Settings To All Associated Logical Switches
Applying logical fabric settings to all associated logical switches 3. Click New Fabric. The New Logical Fabric Template dialog box displays. 4. Enter a new identifier in the Logical Fabric ID field to create a new logical fabric template. This identifier is how you distinguish among multiple logical fabric templates in the Logical Switches dialog box.
Page 638: Moving A Logical Switch To A Different Fabric
Moving a logical switch to a different fabric 4. Click OK on the Logical Switches dialog box. The Logical Switch Change Confirmation and Status dialog box displays with a list of all changes you made in the Logical Switches dialog box. NOTE Ports are disabled before moving from one logical switch to another.
Page 639: Changing A Logical Switch To A Base Switch
Changing a logical switch to a base switch 10. Click Start to send these changes to the affected chassis. NOTE Most changes to logical switches will disrupt data traffic in the fabric. The status of each change is displayed in the Status column and Status area in the dialog box. 11.
Page 640 Changing a logical switch to a base switch 11. Click Start to send these changes to the affected chassis. NOTE Most changes to logical switches will disrupt data traffic in the fabric. The status of each change is displayed in the Status column and Status area in the dialog box. 12.
Page 641: Zoning Overview
Chapter Zoning In this chapter • Zoning overview ..........603 •...
Page 642: Online Zoning
Zoning overview • QoS zones Assign high or low priority to designated traffic flows. Quality of Service (QoS) zones are normal zones with additional QoS attributes that you select when you create the zone. • Traffic Isolation zones (TI zones) Isolate inter-switch traffic to a specific, dedicated path through the fabric.
Page 643: Accessing Zoning
Accessing zoning Accessing zoning Most of the zoning tasks are performed from the Zoning dialog box. You can access the Zoning dialog box from the main screen of the Management application using any of the following methods: • Select Configure > Zoning > Fabric. •...
Page 644 Administrator zoning privileges TABLE 30 Privilege levels and accessible zoning functions Privilege level per zoning components Accessible functions Read-only Zone DB tab • • Activation Zoning Policies • • LSAN Find • Offline Active Zone Config tab • • Online No accessible functions •...
Page 645: Zoning Configuration
Zoning configuration Zoning configuration At a minimum, zoning configuration entails creating zones and zone members. However, you can also create zone aliases, zone configurations, and zone databases. You can define multiple zone configurations, deactivating and activating individual configurations as your needs change. Zoning configuration can also involve enabling or disabling safe zoning mode and the default zone.
Page 646: Creating A New Zone
Creating a new zone Creating a new zone 1. Select Configure > Zoning > Fabric. The Zoning dialog box displays. 2. Click the Zone DB tab if that tab is not automatically displayed. 3. Select an FC fabric from the Zoning Scope list. This identifies the target entity for all subsequent zoning actions and displays the zoning database for the selected entity.
Page 647: Viewing Zone Properties
Viewing zone properties Viewing zone properties 1. Select Configure > Zoning > Fabric. The Zoning dialog box displays. 2. Click the Zone DB tab if that tab is not automatically displayed. 3. Select an FC fabric from the Zoning Scope list. This identifies the target entity for all subsequent zoning actions and displays the zoning database for the selected entity.
Page 648: Creating A New Member In A Zone By Wwn
Creating a new member in a zone by WWN 5. Select an option from the Type list. By default, the first time you launch the Zoning dialog box for a Zoning Scope, the Potential Members list displays valid members using the following rules: •...
Page 649 Creating a new member in a zone by WWN 5. Click New Member. The Add Zone Member dialog box displays. 6. Select World Wide Name from the Member Type list. Add the new member by port name by completing the following steps. a.
Page 650: Creating A New Member In A Zone By Domain, Port Index
Creating a new member in a zone by domain, port index Creating a new member in a zone by domain, port index Use this procedure to add a member to a zone when the member is not listed in the Potential Members list of the Zone DB tab.
Page 651: Creating A New Member In A Zone By Alias
Creating a new member in a zone by alias A message displays informing you that any zones or zone configurations you have changed will be saved in the zone database, and warning you to make sure no other user is making changes to the same areas.
Page 652: Enabling Or Disabling The Default Zone For Fabrics
Enabling or disabling the default zone for fabrics 8. Click OK to save your changes and close the Add Zone Member dialog box. Click Apply to save your changes and keep the Add Zone Member dialog box open so you can add more new members.
Page 653: Enabling Or Disabling Safe Zoning Mode For Fabrics
Enabling or disabling safe zoning mode for fabrics Enabling or disabling safe zoning mode for fabrics NOTE Safe Zoning Mode is available only on devices running in McDATA Fabric Mode and, for pure EOS fabrics, in McDATA Open Mode. 1. Select Configure > Zoning > Fabric. The Zoning dialog box displays.
Page 654: Editing A Zone Alias
Editing a zone alias 5. Click New Alias. The New Alias dialog box displays. 6. Type the desired name for the alias in the Alias Name field. Select WWN or Domain, Port Index to choose how to display the objects in the Potential Members list.
Page 655: Removing An Object From A Zone Alias
Removing an object from a zone alias Removing an object from a zone alias 1. Select Configure > Zoning > Fabric. The Zoning dialog box displays. 2. Click the Zone DB tab if that tab is not automatically displayed. 3. Select Alias from the Type list. 4.
Page 656: Creating A Zone Configuration
Creating a zone configuration Creating a zone configuration 1. Select Configure > Zoning > Fabric. The Zoning dialog box displays. 2. Click the Zone DB tab if that tab is not automatically displayed. 3. Select an FC fabric from the Zoning Scope list. This identifies the target entity for all subsequent zoning actions and displays the zoning database for the selected entity.
Page 657: Adding Zones To A Zone Configuration
Adding zones to a zone configuration 5. Review the zone configuration properties. The following information is included in the zone properties: • Zone Config Name—The name of the selected zone configuration. • Number of Zones—The number of zones in the selected zone configuration. •...
Page 658: Activating A Zone Configuration
Activating a zone configuration Activating a zone configuration For FC fabrics and router fabrics, when a zone configuration is active, its members can communicate with one another. Only one zone configuration can be active at any given time. When you initiate activation of a zone configuration, a number of checks are performed on the zone configuration.
Page 659 Activating a zone configuration 5. Click Activate. The Management application begins performing various checks. Note the following events that may occur: • For FC fabrics, and depending on the characters included in the name you gave to this zone configuration, a message may display informing you the name contains characters that are not accepted by some switch vendors and asking whether you want to proceed.
Page 660: Deactivating A Zone Configuration
Deactivating a zone configuration 8. Click OK to continue. The Activate Zone Config dialog box is closed and the Zone DB tab displays. 9. Click OK. A message displays informing you that any zones or zone configurations you have changed will be saved in the zone database, and warning you to make sure no other user is making changes to the same areas.
Page 661: Creating An Offline Zone Database
Creating an offline zone database Creating an offline zone database Use this procedure to create a zone database and save it offline. 1. Select Configure > Zoning > Fabric. The Zoning dialog box displays. 2. Click the Zone DB tab if that tab is not automatically displayed. 3.
Page 662: Refreshing A Zone Database
Refreshing a zone database Refreshing a zone database 1. Select Configure > Zoning > Fabric. The Zoning dialog box displays. 2. Click the Zone DB tab if that tab is not automatically displayed. 3. Select a zone database from the Zone DB list. 4.
Page 663 Merging two zone databases FIGURE 266 Compare/Merge Zone DBs dialog box 3. Select a database from the Reference Zone DB field. 4. Select a database from the Editable Zone DB field. The Reference Zone DB and Editable Zone DB areas display all available element types (zone configurations, zones, and aliases) for the two selected zone databases.
Page 664: Saving A Zone Database To A Switch
Saving a zone database to a switch 8. Select the Sync Scroll Enable check box to synchronize scrolling between the selected databases. 9. Merge zone configurations by completing the followings steps. a. Select one or more zone configuration nodes from the Reference Zone DB area. b.
Page 665: Exporting An Offline Zone Database
Exporting an offline zone database Exporting an offline zone database NOTE You cannot export an online zone database. 1. Select Configure > Zoning > Fabric. The Zoning dialog box displays. 2. Select an offline zone database from the Zone DB list. 3.
Page 666: Lsan Zoning
LSAN zoning LSAN zoning LSAN zoning is available only for backbone fabrics and any directly connected edge fabrics. A backbone fabric is a fabric that contains an FC router. All discovered backbone fabrics have the prefix LSAN_ in their fabric name, which is listed in the Zoning Scope list. Configuring LSAN zoning The following procedure provides an overview of the steps you must perform to configure LSAN zoning.
Page 667: Creating A New Lsan Zone
Creating a new LSAN zone Creating a new LSAN zone 1. Select a backbone fabric from the Connectivity Map or Product List. 2. Select Configure > Zoning > LSAN Zoning (Device Sharing). The Zoning dialog box displays. 3. Click the Zone DB tab if that tab is not automatically displayed. 4.
Page 668: Creating A New Member In An Lsan Zone
Creating a new member in an LSAN zone 4. Select one or more LSAN zones to which you want to add members in the Zones list. (Press SHIFT or CTRL and click each zone name to select more than one zone.) 5.
Page 669: Activating Lsan Zones
Activating LSAN zones 5. Add the new member by port WWN by completing the following steps. a. Select the End Device Port WWN option. b. Enter a port WWN in the End Device Port WWN field. If you enter a WWN that has been used by a discovered device, a message displays informing you of this and instructing you to enter a port WWN.
Page 670: Traffic Isolation Zoning
Traffic isolation zoning 5. Click OK to commit the LSAN zones and activate them in the selected fabrics. A message box displays informing you that the zones you change will be saved in the zone database and asking whether you want to proceed. Click Yes to confirm the activation, or No to cancel the activation.
Page 671: Configuring Traffic Isolation Zoning
Traffic isolation zoning • 8 Gbps 16-FC ports, 6-Gbit ports Extension Switch • 24 - 8 Gbps FC Port, 8 - 10 Gbps CEE Port Switch • 8 Gbps 40-port Switch • 384-port Backbone Chassis • 192-port Backbone Chassis • 8 Gbps Encryption Switch Enhanced TI zones are supported only if the following conditions are met: •...
Page 672: Creating A Traffic Isolation Zone
Creating a traffic isolation zone Add members to each zone. For specific instructions, refer to “Adding members to a traffic isolation zone” on page 635. NOTE You cannot add a traffic isolation zone to a zone configuration. 8. Click OK or Apply to save your changes. A message displays informing you that any zones or zone configurations you have changed will be saved in the zone database, and warning you to make sure no other user is making changes to the same areas.
Page 673: Adding Members To A Traffic Isolation Zone
Adding members to a traffic isolation zone Adding members to a traffic isolation zone NOTE Traffic isolation zones are configurable only on a Fabric OS device. Use this procedure to add a member to a zone when the member is listed in the Potential Members list of the Zone DB tab.
Page 674: Enabling A Traffic Isolation Zone
Enabling a traffic isolation zone Enabling a traffic isolation zone NOTE Traffic isolation zones are configurable only on a Fabric OS device. Use this procedure to enable a traffic isolation zone. When a zone configuration in the same zone database is activated, the enabled TI zones are also activated at that time. Traffic isolation zones are enabled by default when you create them.
Page 675: Enabling Failover On A Traffic Isolation Zone
Enabling failover on a traffic isolation zone Enabling failover on a traffic isolation zone NOTE Traffic isolation zones are configurable only on a Fabric OS device. 1. Select Configure > Zoning > Fabric. The Zoning dialog box displays. 2. Click the Zone DB tab if that tab is not automatically displayed. 3.
Page 676: Zoning Administration
Zoning administration 4. Right-click the traffic isolation zone you want to disable failover on in the Zones list and clear the Configured Failover check box. 5. Click OK or Apply to save your changes. A message displays informing you that any zones or zone configurations you have changed will be saved in the zone database, and warning you to make sure no other user is making changes to the same areas.
Page 677 Comparing zone databases FIGURE 267 Compare/Merge Zone DBs dialog box 3. Select a database from the Reference Zone DB field. 4. Select a database from the Editable Zone DB field. The Reference Zone DB and Editable Zone DB areas display all available element types (zone configurations, zones, and aliases) for the two selected zone databases.
Page 678: Managing Zone Configuration Comparison Alerts
Managing zone configuration comparison alerts 8. Select the Sync Scroll Enable check box to synchronize scrolling between the selected databases. 9. Click Previous or Next to navigate line-by-line in the Editable Zone DB area. 10. Click Close. To merge two zone databases, refer to “Merging two zone databases”...
Page 679: Deleting A Zone
Deleting a zone 4. Repeat step 2 step 3 for each fabric on which you want to set limits. 5. To set a limit for new, undiscovered fabrics, enter a value in the Default Change Count for New Fabrics field. The default value is 0 (Unlimited).
Page 680: Deleting A Zone Configuration
Deleting a zone configuration 5. Click Yes on the confirmation message. To selected zone alias is deleted from the Alias list. 6. Click OK or Apply on the Zoning dialog box to save your changes. Deleting a zone configuration 1. Select Configure > Zoning > Fabric. The Zoning dialog box displays.
Page 681: Clearing The Fabric Zone Database
Clearing the fabric zone database 3. Select the offline zone database you want to delete in the Zone DB list. NOTE Only offline databases can be deleted. 4. Select Delete from the Zone DB Operation list. 5. Click Yes on the confirmation message. The message box closes and, when successful, the selected zone configurations are removed from the Zone Configs list.
Page 682: Duplicating A Zone
Duplicating a zone 3. Select a zone database that you have checked out (your user name is in the Current User column) in the Zone DB list. 4. Select Undo CheckOut from the Zone DB Operation list. 5. Click Yes in the confirmation message. This removes the user names of users currently logged in to the client from the Current User column for this zone database.
Page 683: Duplicating A Zone Alias
Duplicating a zone alias Duplicating a zone alias 1. Select Configure > Zoning > Fabric. The Zoning dialog box displays. 2. Click the Zone DB tab if that tab is not automatically displayed. 3. Select Alias from the Type list. 4.
Page 684: Finding A Member In One Or More Zones
Finding a member in one or more zones Finding a member in one or more zones Use this procedure to locate all instances of a member in the Zones list on the Zone DB tab. 1. Select Configure > Zoning > Fabric. The Zoning dialog box displays.
Page 685: Finding Zones In A Zone Configuration
Finding zones in a zone configuration Finding zones in a zone configuration Use this procedure to locate all instances of a zone in the Zone Configs list on the Zone DB tab. 1. Select Configure > Zoning > Fabric. The Zoning dialog box displays. 2.
Page 686: Listing Zone Members
Listing zone members Listing zone members Use this procedure to identify the zone in the active zone configuration of the fabric to which an individual port belongs and the members of that zone. Note that the procedure is performed from the main view of the Management application. 1.
Page 687: Removing A Zone From A Zone Configuration
Removing a zone from a zone configuration Removing a zone from a zone configuration Use the following procedure to remove a zone from a zone configuration. Note that the zone is not deleted; it is only removed from the zone configuration. 1.
Page 688: Renaming A Zone
Renaming a zone Click OK or Apply on the Zoning dialog box to save your changes. A message displays informing you that any zones or zone configurations you have changed will be saved in the zone database, and warning you to make sure no other user is making changes to the same areas.
Page 689: Replacing Zone Members
Replacing zone members 6. Press Enter to save the new name. Depending on the characters included in the name you enter, a message may display informing you the name contains characters that are not accepted by some switch vendors, and asking whether you want to proceed.
Page 690: Replacing An Offline Device By Wwn
Replacing an offline device by WWN 8. Click OK or Apply to save your changes. A message displays informing you that any zones or zone configurations you have changed will be saved in the zone database, and warning you to make sure no other user is making changes to the same areas.
Page 691: Replacing An Offline Device By Name
Replacing an offline device by name Replacing an offline device by name The Management application enables you to replace an offline device by name from all zones and zone aliases in the selected zone DB. 1. Select Configure > Zoning > Fabric. The Zoning dialog box displays.
Page 692 Replacing an offline device by name DCFM Enterprise User Manual 53-1001775-01...
Page 693: Fc Troubleshooting
Chapter Troubleshooting In this chapter • FC troubleshooting ..........655 •...
Page 694: Tracing Fc Routes
FC troubleshooting Tracing FC routes The Management application enables you to select a source port and a destination port and displays the detailed routing information from the source port or area on the local switch to the destination port or area on another switch. Trace route cannot be performed on the offline devices or virtual devices.
Page 695: Troubleshooting Device Connectivity
Troubleshooting device connectivity • Reverse Route. This tab shows the path from the destination port to the source port. NOTE This reverse route may sometimes be different from the forward route. • FC Ping. This tab shows the minimum, maximum and average round trip times between the selected device port WWNs and the domain controller.
Page 696: Confirming Fabric Device Sharing
Confirming fabric device sharing 3. Click OK. The following diagnostic tests are performed: • Device Status • Switch port health status • Zone configuration in the fabric • LSAN zone configuration in edge fabrics • Edge fabric - FC router physical connection status. •...
Page 697: Ip Troubleshooting
IP troubleshooting 4. Click OK. The following checks are performed on the selected fabrics: • Are the selected fabrics configured with an FC Router? • Are the selected fabrics connected to the same backbone fabric? • Is sharing of devices between backbone and edge fabric supported? The Fabric Device Sharing Diagnosis Results dialog box displays with the details of the fabrics selected for diagnosis, the details of the tests performed, the results of the test, as well as short description of the test results.
Page 698 IP troubleshooting TABLE 32 FCIP IP Ping Response Details Field or Component Description Status Always displays ‘Completed’. If there is a failure, an error message displays instead of the IP Ping Result dialog box. Packets Sent Always displays ‘4. This is not configurable. Packets Received The number of received responses.
Page 699: Tracing Ip Routes
Tracing IP routes Tracing IP routes The Management application enables you to select an source and a target and displays the detailed routing information from the source port or area on the local switch to the destination port or area on another switch. Trace route cannot be performed on the offline devices or virtual devices.
Page 700: Viewing Fcip Tunnel Performance
Viewing FCIP tunnel performance Click Close on the IP Traceroute Result dialog box. 8. Click Cancel on the IP Traceroute dialog box. Viewing FCIP tunnel performance NOTE IP Performance is only supported on the 4 Gbps Router, Extension Switch and Encryption Blade running Fabric OS 5.2 or later.
Page 701: Client Browser Troubleshooting
Client browser troubleshooting Field/Component Description DELAY The average round trip time to send a packet of data and receive the acknowledgement. PMTU The largest packet size that can be transmitted over the end-to- end path without fragmentation. This value is measured in bytes and includes the IP header and (Path Maximum payload.
Page 702: Ficon Troubleshooting
FICON troubleshooting FICON troubleshooting The following section states a possible issue and the possible cause for FICON errors. Problem Causes FICON not supported on switch error. FICON Unsupported Configurations: • FICON is not supported on base switches. • FICON is not supported on a switch which has an XISL configured. •...
Page 703: Launch Client Troubleshooting
Launch Client troubleshooting Launch Client troubleshooting The following section states a possible issue and the recommended solution if you are unable to launch the client. Problem Resolution Incorrect (down level) remote client short cut The remote client link in the Start menu does not automatically upgrade when you displays in Start menu after Management upgrade the Management application.
Page 704 Launch Client troubleshooting Problem Resolution Unable to log into the Client (the application Use one the following procedures to configure the IP address in the host file. does not launch when you use a valid user Windows operating systems name and password and exceptions are thrown Log in using the 'Administrator' privilege.
Page 705: Names Troubleshooting
Names troubleshooting Names troubleshooting The following section states a possible issue and the recommended solution for names errors. Problem Resolution Duplicate name error. If you configured the Management application to only allow unique names and you try to use a name that already exists in the fabric. You can enter a different name for the device or search for the duplicate name using one of the following procedures: •...
Page 706 Performance troubleshooting Problem Resolution An error message with the following text To collect data, the SNMP credentials in the Management application and switch displays: must match. Real Time statistics collection has failed. SNMP v1 or v3: The community strings entered in the Address Properties dialog box - Please see master log for details.
Page 707 Performance troubleshooting Problem Resolution An error message with the following text To collect GigE port and FCIP statistics, you must enable the FCIP-MIB capability. displays: Verification and Troubleshooting Real Time statistics collection has failed. To verify that FCIP-MIB capability is enabled, use the following command from the Please see master log for details.
Page 708 Performance troubleshooting Problem Resolution An error message with the following text To collect data on Virtual Fabric-enabled switches, the Fabric OS user must have displays: access to all Virtual Fabrics. The SNMPv3 user name must be the same as the Fabric Real Time statistics collection has failed.
Page 709: Port Fencing Troubleshooting
Port Fencing troubleshooting Port Fencing troubleshooting The following section states a possible issue and the recommended solution for Port Fencing errors. Problem Resolution In a pure M-EOS fabric, fabric level policy Re-assign the threshold to the fabric. For step-by-step instructions, refer to “Assigning information (for example, Port Fencing Link thresholds”...
Page 710: Server Management Console Troubleshooting
Server Management Console troubleshooting Server Management Console troubleshooting The following section states a possible issue and the recommended solution for server management console. Problem Resolution Unable to launch the The Windows Vista or Windows 7 system enables the User Access Control (UAC) option by default. When the UAC SMC on a Windows Vista option is enabled, the SMC cannot launch.
Page 711: Supportsave Troubleshooting
Supportsave troubleshooting Problem Resolution Unable to launch the SMC on Disable using the Group Policy by completing the following steps. a Windows Vista or Windows 7 You can perform this procedure on you local machine using Local Group Policy editor or for many system computers at the same time using the Active Directory-based Group Policy Object (GPO) editor.
Page 712: View All List Troubleshooting
View All list troubleshooting View All list troubleshooting The following section states a possible issue and the recommended solution for View All list errors. Problem Resolution View All list does not display. The View All list does not display until you discover a fabric. To discover a fabric, refer to “Discovering fabrics”...
Page 713: In This Appendix
Appendix Application menus In this appendix • Main menus ..........675 •...
Page 714 Main menus Menu Command Command Options Manage View. Select to set up the Management application view. Create View. Select to create a new view. Display View. Select to display by View All or by a view you create. Levels. Select to display by All Levels, Products and Ports, Product Only, or Ports Only.
Page 715 Main menus Menu Command Command Options Product Label. Select to configure which product labels display. Name. Select to display the product name as the product label. Node WWN. Select to display the node name as the product label. IP Address. Select to display the IP Address (IPv4 or IPv6 format) as the product label.
Page 716 Main menus Menu Command Command Options Configure Menu Element Manager. Select to configure a selected device. Hardware. Select to the Element Manager or Web Tools application for the selected device. Ports. Select to launch Web Tools for the selected device. Admin.
Page 717 Main menus Menu Command Command Options Names. Select to provide familiar simple names to products and ports in your SAN. FCIP Tunnels. Select to connect to remote fabrics. High Integrity Fabric. Select to activate the following on M-EOS and Fabric OS devices: •...
Page 718 Main menus Menu Command Command Options List Zone Members. Select to display all members in a zone. Monitor Menu. Performance. Select to monitor SAN devices. View Utilization. Select to display connection utilization. HIstorical Data Collection. Select how to monitor historical data by choosing one of the following options: •...
Page 719 Main menus Menu Command Command Options Syslog Configuration. Select to configure Syslog for the management server. Logs. Select to display logs. Audit. Select to display a history of user actions performed through the application (except login/logout). Event. Select to display errors related to SNMP traps and Client-Server communications.
Page 720: Shortcut Menus
Shortcut menus Menu Command Command Options Help Menu Contents. Select to open the Online Help. Find. Select to search the Online Help. License. Select to view or change your License information. About Management_Application_Name. Select to view the application information, such as the company information and release number.
Page 721 Shortcut menus Component Menu/Submenu Commands Comments Trace Route Connected End Devices > Include Virtual Devices check box Hide All Show All Custom MyCustomList Create Meta SAN View Only available for Backbone fabrics. Create View Automatically Automatically creates a view with the selected fabric.
Page 722 Shortcut menus Component Menu/Submenu Commands Comments Table > Only available from Product List. Copy 'Device_Name Group' Copy Row Copy Table Export Row Export Table Search Select All Size All Columns To Fit Expand All Collapse All Customize Collapse or Expand Only available from Connectivity Map Fabric OS Switch/Chassis/Access Gateway...
Page 723 Shortcut menus Component Menu/Submenu Commands Comments Port Display > Only available from Product List. Occupied Product Ports UnOccupied Product Ports Attached Ports Switch to Switch Connections Port Optics (SFP) Port Fencing Performance > Top Talkers Clear Counters Real-Time Graph Historical Graph Historical Report Events Enable / Disable >...
Page 724 Shortcut menus Component Menu/Submenu Commands Comments Table > Only available from Product List. Copy 'Device_Name Group' Copy Row Copy Table Export Row Export Table Search Select All Size All Columns To Fit Expand All Collapse All Customize Properties M-EOS Switch/Director Zoning Element Manager Performance >...
Page 725 Shortcut menus Component Menu/Submenu Commands Comments Table > Only available from Product List. Copy 'Device_Name Group' Copy Row Copy Table Export Row Export Table Search Select All Size All Columns To Fit Expand All Collapse All Customize Properties Core Switch Element Manager Only available from Product List.
Page 726 Shortcut menus Component Menu/Submenu Commands Comments Table > Only available from Product List. Copy 'Device_Name Group' Copy Row Copy Table Export Row Export Table Search Select All Size All Columns To Fit Expand All Collapse All Customize Properties HBA, iSCSI Host, and HBA Enclosure Element Manager Launches Element Manager for Brocade HBAs discovered using JSON agent.
Page 727 Shortcut menus Component Menu/Submenu Commands Comments Port Display > Only available from Product List. Occupied Product Ports UnOccupied Product Ports Attached Ports Switch to Switch Connections Expand All Only available from Product List. Collapse All Only available from Product List. Properties Storage, iSCSI Storage, and Storage Enclosure...
Page 728 Shortcut menus Component Menu/Submenu Commands Comments Port Display > Only available from Product List. Occupied Product Ports UnOccupied Product Ports Attached Ports Switch to Switch Connections Table > Only available from Product List. Copy 'Device_Name Group' Copy Row Copy Table Export Row Export Table Search...
Page 729 Shortcut menus Component Menu/Submenu Commands Comments Properties HBA and iSCSI Initiator Performance > Disabled when all ports are offline. Real Time Graphs FC Security Protocol Only available for Managed JSON HBA Ports. Only available when you have the Security Privilege. Zoning List Zone Members Connected Port...
Page 730 Shortcut menus Component Menu/Submenu Commands Comments Collapse All Only available from Product List. Properties Storage Node Show Ports Does not display for routed devices and discovered Hosts. Show Connections Storage FC and iSCSI Storage port Storage Port Mapping Zoning List Zone Members Connected Port Port Display >...
Page 731 Shortcut menus Component Menu/Submenu Commands Comments Table > Only available from Product List. Copy 'Device_Name Group' Copy Row Copy Table Export Row Export Table Search Select All Size All Columns To Fit Expand All Collapse All Customize Properties Connection Properties FCIP Tunnel Properties Trunk...
Page 732 Shortcut menus Component Menu/Submenu Commands Comments White Area of the Product List Port Display > Occupied Product Ports UnOccupied Product Ports Attached Ports Switch to Switch Connections Table > Copy 'Component' Copy Row Copy Table Export Row Export Table Search Select All Size All Columns To Fit Expand All...
Page 733: Call Home Event Table
Appendix Call Home Event Tables In this appendix This section provides information about the specific events that display when using Call Home. This information is shown in the following Event Tables. • Call Home Event Table ......... 695 •...
Page 734 Call Home Event Table Event Reason Code FRU Code / Event Type Description Severity PWR/HW Power supply DC voltage failure. PWR/HW Power supply thermal failure. PWR/HW Power supply false shutdown. PWR/HW Power supply i2c bus failure. FAN/HW A cooling fan propeller has failed. FAN/HW A cooling fan propeller has failed (two failed propellers).
Page 735: Consrv Events Table
# CONSRV Events Table # CONSRV Events Table Event Reason Code FRU Code/Event Type Description Severity DVP/LIM/HW M-EOS: Port module failure. DVP/PORT Fibre Channel port failure DVP/PORT Fibre Channel path failure. LIM/DVP LIM SPP failure. DVP/ LIM/PORT SFP/XFP optics failure. LIM SPP Offline.
Page 736: Brocade Events Table
# Brocade Events Table # Brocade Events Table Event Reason Code FRU Code/Event Type Description Severity 1009 MS-1009 Error in registered link incident record (RLIR) 1402 FW-1402 Flash usage is out of range (Fabric OS version 6.0 or earlier) 1426 FW-1426 Faulty or Missing Power supply 1427...
Page 737: About User Privileges
Appendix User Privileges In this appendix • About User Privileges......... . . 699 •...
Page 738 About User Privileges TABLE 35 Privileges and Application Behavior Privilege Description No Privilege Read-Only Read/Write Active Session Allows you view active Disables the Active Enables the Active Enables the Active Management client sessions and Sessions command from Sessions command from Sessions command from disconnect an unwanted the Server menu.
Page 739 About User Privileges TABLE 35 Privileges and Application Behavior (Continued) Privilege Description No Privilege Read-Only Read/Write CEE Management Allows you to configure Disables the Switch > Enables the Switch > CEE Enables the Switch > CEE CEE devices. CEE command from the command from the command from the Configure menu.
Page 740 About User Privileges TABLE 35 Privileges and Application Behavior (Continued) Privilege Description No Privilege Read-Only Read/Write E-mail Event Notification Allows you to define the Disables Event Enables the Event Enables Event Setup e-mail server used to Notification E-mail Notification E-mail Notification E-mail send e-mail.
Page 741 About User Privileges TABLE 35 Privileges and Application Behavior (Continued) Privilege Description No Privilege Read-Only Read/Write Fault Management Allows you to control Disables the SNMP Trap Enables the SNMP Trap Enables the SNMP Trap access to the SNMP Trap and Syslog configuration and Syslog configuration, and Syslog configuration, Registration and...
Page 742 About User Privileges TABLE 35 Privileges and Application Behavior (Continued) Privilege Description No Privilege Read-Only Read/Write FCIP Management Allows you to configure Disables the Configure > Enables the Configure > Enables the Configure > FCIP tunnels and FCIP Tunnel and FCIP Tunnel and FCIP Tunnel and troubleshooting of IP...
Page 743 About User Privileges TABLE 35 Privileges and Application Behavior (Continued) Privilege Description No Privilege Read-Only Read/Write High Integrity Fabric For Fabric OS devices, Disables the High Enables the High Integrity Enables the High Integrity allows you to set Fabric Integrity Fabric command Fabric command from the Fabric command from the Binding and Insistent...
Page 744 About User Privileges TABLE 35 Privileges and Application Behavior (Continued) Privilege Description No Privilege Read-Only Read/Write LSAN Zoning Allows you to edit and Disables the Zoning > Enables the Zoning > Enables all LSAN zone activate LSAN zones for LSAN Zoning (Device LSAN Zoning (Device functions on all dialog the LSAN fabrics that are...
Page 745 About User Privileges TABLE 35 Privileges and Application Behavior (Continued) Privilege Description No Privilege Read-Only Read/Write Performance Allows you to configure Disables entire Enables entire Enables entire the performance Performance submenu of Performance submenu Performance submenu of subsystem, the display of the Monitor menu as well off the Monitor menu as the Monitor menu and the...
Page 746 About User Privileges TABLE 35 Privileges and Application Behavior (Continued) Privilege Description No Privilege Read-Only Read/Write Product Maintenance An Element Manager Disables the functions Same as No Privilege. Enables the functions privilege that enables described in the Element described in the Element NOTE maintenance functions.
Page 747 About User Privileges TABLE 35 Privileges and Application Behavior (Continued) Privilege Description No Privilege Read-Only Read/Write Report Allows you to generate Disables the View Enables the View Enables the View and view the following command and the command on the Reports command and the reports: Generate command on...
Page 748 About User Privileges TABLE 35 Privileges and Application Behavior (Continued) Privilege Description No Privilege Read-Only Read/Write Setup Tools Allows you to define and Disables the Setup Tools Enables the Setup Tools Enables the Setup Tools place commands on command on the Tools command on the Tools command on the Tools product icons and in the...
Page 749 About User Privileges TABLE 35 Privileges and Application Behavior (Continued) Privilege Description No Privilege Read-Only Read/Write Software Configuration Allows you to configure Disables the Software Enables the Software Enables the Software Parameters some of the properties of Configuration Parameters Configuration Parameters Configuration Parameters the client and server of folder and subpages in...
Page 750 About User Privileges TABLE 35 Privileges and Application Behavior (Continued) Privilege Description No Privilege Read-Only Read/Write Storage Encryption Key Allows you to configure Disables the Encryption Enables the Encryption Enables the Encryption Operation storage encryption key command from the command from the command from the operation, including Configure menu.
Page 751 About User Privileges TABLE 35 Privileges and Application Behavior (Continued) Privilege Description No Privilege Read-Only Read/Write Storage Encryption Allows you to configure Disables all functions Disables all functions Enables the Encryption Security storage encryption from the dialog box from the dialog box command from the security, including except view.
Page 752 About User Privileges TABLE 35 Privileges and Application Behavior (Continued) Privilege Description No Privilege Read-Only Read/Write User Management Allows you to create and Disables the Users Enables the Users Enables the Users define users and groups, command on the main command on the Server command on the Server as well as assign...
Page 753 About User Privileges TABLE 35 Privileges and Application Behavior (Continued) Privilege Description No Privilege Read-Only Read/Write Zoning Offline Allows you to edit the In Zoning dialog box, the In Zoning dialog box, the Enables all functions on zone database in offline Zone DB list includes Zone DB list includes the Zoning dialog box.
Page 754 About User Privileges TABLE 35 Privileges and Application Behavior (Continued) Privilege Description No Privilege Read-Only Read/Write Zoning Online Allows you to edit any of In Zoning dialog box, the In Zoning dialog box, the Enables all functions on the fabric zone databases Zone DB list includes Zone DB list includes the Zoning dialog box.
Page 755: About Roles And Access Levels
About Roles and Access Levels About Roles and Access Levels The Management application provides seven pre-configured roles (System Administrator, Security Administrator, Zone Administrator, Operator, Security Officer, Network Administrator, and Host Administrator); however, System Administrators can also create roles manually. Refer to “Creating a user role”...
Page 756 About Roles and Access Levels TABLE 36 Features and User Groups Access Levels (Continued) Feature Roles with Read/Write Access Roles with Read-Only Access Port Fencing System Administrator Operator Product Administration System Administrator Product Maintenance System Administrator Product Operation System Administrator, Operator Properties Edit System Administrator, Host Administrator Operator...
Page 757: In This Appendix
Appendix Sybase and Derby Database Fields In this appendix • Advanced Call Home ......... . . 720 •...
Page 758: Database Tables And Fields
Database tables and fields • Zoning 1 ........... . . 809 •...
Page 759: Capability
Capability TABLE 41 ACH_EVENT_FILTER_MAP Field Definition Format Size FILTER_ID * ID of the event filter. EVENT_ID * Event ID which needs to be associated with the filter. TABLE 42 ACH_EVENT Field Definition Format Size ID * REASON_CODE Reason code of the event. varchar FRU_CODE FRU code of the event.
Page 760: Client_View
Client_view TABLE 46 CARD Field Definition Format Size ID * CORE_SWITCH_ID * Core switch DB ID. SLOT_NUMBER The number of the physical slot in the chassis where smallint the blade is plugged in. For fixed blades, SlotNumber is zero. TYPE ID of the blade to identify the type.
Page 761 Client_view TABLE 48 USER_ (Continued) Field Definition Format Size PASSWORD User password. varchar EMAIL User e-mail ID. varchar 1024 NOTIFICATION_ENABLED Flag for e-mail notification. smallint TABLE 49 USER_PREFERENCE Field Definition Format Size USER_NAME * User name whose preferences are saved. It corresponds varchar to user_name in USER_table.
Page 762 Client_view TABLE 52 CLIENT_VIEW_MEMBER Field Definition Format Size CLIENT_VIEW_ID * Foreign key to CLIENT_VIEW table. FABRIC_ID * Foreign key to FABRIC table. TABLE 53 FABRIC Field Definition Format Size ID * SAN_ID Foreign key to SAN table; usually 1 since there is only one SAN.
Page 763: Collector
Collector Collector TABLE 54 FABRIC_CHECKSUM Field Definition Format Size FABRIC_ID * Fabric ID, foreign key to the FABRIC table. CHECKSUM_KEY * Type of checksum, e.g. device data or zone data. varchar CHECKSUM Actual checksum value. varchar TABLE 55 FABRIC_COLLECTION Field Definition Format Size...
Page 764 Collector TABLE 57 FABRIC (Continued) Field Definition Format Size AD_ENVIRONMENT 1 = there are user-defined ADs in this fabric. smallint MANAGED 1 = it is an actively "monitored" fabric; otherwise, it is smallint an "unmonitored" fabric. MANAGEMENT_STATE Bit map to indicate various management indications smallint for the fabric.
Page 765 Collector TABLE 60 VIRTUAL_SWITCH_CHECKSUM Field Definition Format Size VIRTUAL_SWITCH_ID * DB ID of virtual switch. CHECKSUM_KEY * Checksum key. varchar CHECKSUM Checksum value. varchar TABLE 61 CORE_SWITCH_CHECKSUM Field Definition Format Size CORE_SWITCH_ID * DB ID. CHECKSUM_KEY * Checksum type. varchar CHECKSUM Checksum value.
Page 766: Config
Config TABLE 63 SECURITY_POLICY Field Definition Format Size VIRTUAL_SWITCH_ID * DB ID of virtual_switch. POLICY_NUMBER* IPSec Policy Number. The number can range from 1 to smallint POLICY_TYPE* Type of the Policy. The possible values are IKE or IPSec smallint ENCRYPTION_ALGORITHM Encryption Algorithm for the policy.The following are varchar the possible Encryption: NONE,DES,3DES,AES-128,AES-256,AES-CM-128 or...
Page 767 Config TABLE 65 FIRMWARE_FILE_DETAIL (Continued) Field Definition Format Size RELEASE_DATE Release date of the firmware file. timestamp IMPORTED_DATE Imported date of the file to the Management timestamp application. FIRMWARE_FILE_SIZE Firmware file size. FIRMWARE_LOCATION Firmware file location in the Management application varchar 1024 repository.
Page 768: Connected End Devices
Connected end devices TABLE 69 SWITCH_CONFIG Field Definition Format Size NAME Name of the switch configurations uploaded from the switch either on demand or through scheduler. varchar SWITCH_ID ID of the switch from which the configuration has been uploaded. BACKUP_DATE_TIME The date/time stamp at which the configuration has timestamp been uploaded.
Page 769: Device
Device Device TABLE 73 DEVICE_PORT Field Definition Format Size NODE_ID DB ID of the device node to which this port belongs. DOMAIN_ID Domain ID of the switch to which this device port is attached. Device port WWN. char SWITCH_PORT_WWN WWN of the switch port to which this device port is char attached.
Page 770 Device TABLE 74 FICON_DEVICE_PORT (Continued) Field Definition Format Size FICON device property, e.g., 809a or 809b. varchar FLAG FICON device property, e.g., 0x10 (hex). varchar PARAMS FICON device property string, e.g., Valid channel port. varchar TABLE 75 DEVICE_NODE Field Definition Format Size FABRIC_ID...
Page 771 Device TABLE 77 DEVICE_ENCLOSURE Field Definition Format Size FABRIC_ID ID of the fabric to which the device enclosure belongs. int NAME Name of the Device enclosure. varchar TYPE Type of Device enclosure - Storage Array/Server. varchar ICON Type of Icon. Operating System.
Page 772 Device TABLE 78 FABRIC (Continued) Field Definition Format Size SECURE 1 = it is secured fabric. smallint AD_ENVIRONMENT 1 = there are user-defined ADs in this fabric. smallint MANAGED 1 = it is an actively "monitored" fabric; otherwise, it is smallint an "unmonitored"...
Page 773 Device TABLE 79 DEVICE_PORT_INFO Name Source MISSING TIME DEVICE_PORT.MISSING_TIME, NPV PHYSICAL DEVICE_PORT.NPV_PHYSICAL TYPE NUMBER FICON_DEVICE_PORT.TYPE_NUMBER MODEL NUMBER FICON_DEVICE_PORT.MODEL_NUMBER MANUFACTURER FICON_DEVICE_PORT.MANUFACTURER MANUFACTURER PLANT FICON_DEVICE_PORT.MANUFACTURER_PLANT SEQUENCE NUMBER FICON_DEVICE_PORT.SEQUENCE_NUMBER FICON_DEVICE_PORT.TAG FLAG FICON_DEVICE_PORT.FLAG PARAMS FICON_DEVICE_PORT.PARAMS NAME USER_DEFINED_DEVICE_DETAIL.NAME USER DEFINED TYPE USER_DEFINED_DEVICE_DETAIL.TYPE IP ADDRESS USER_DEFINED_DEVICE_DETAIL.IP_ADDRESS CONTACT USER_DEFINED_DEVICE_DETAIL.CONTACT LOCATION...
Page 774 Device TABLE 80 DEVICE_INFO (Continued) Name Source DEVICE PORT TYPE DEVICE_PORT.TYPE DEVICE PORT SYMBOLICE NAME DEVICE_PORT.SYMBOLIC_NAME FC4_TYPE DEVICE_PORT.FC4_TYPE, IP_PORT DEVICE_PORT.IP_PORT HARDWARE_ADDRESS DEVICE_PORT.HARDWARE_ADDRESS DEVICE PORT TRUSTED DEVICE_PORT.TRUSTED DEVICE PORT MISSING DEVICE_PORT.MISSING DEVICE_PORT.COS NPV_PHYSICAL DEVICE_PORT.NPV_PHYSICAL SWITCH PORT ID SWITCH_PORT.ID SWITCH PORT WWN SWITCH_PORT.WWN SWITCH PORT NAME SWITCH_PORT.NAME...
Page 775 Device TABLE 80 DEVICE_INFO (Continued) Name Source VIRTUAL SWITCH ID SWITCH_INFO.ID VIRTUAL SWITCH NAME SWITCH_INFO.NAME OPERATIONAL STATUS SWITCH_INFO.OPERATIONAL_STATUS SWITCH_MODE SWITCH_INFO.SWITCH_MODE VIRTUAL SWITCH WWN SWITCH_INFO.WWN VIRTUAL SWITCH DOMAIN ID SWITCH_INFO.DOMAIN_ID VIRTUAL_FABRIC_ID SWITCH_INFO.VIRTUAL_FABRIC_ID BASE_SWITCH SWITCH_INFO.BASE_SWITCH VIRTUAL SWITCH STATE SWITCH_INFO.STATE VIRTUAL SWITCH STATUS SWITCH_INFO.STATUS FABRIC ID SWITCH_INFO.FABRIC_ID...
Page 776: Ee- Monitor
EE- Monitor TABLE 82 DEVICE_NODE_INFO (Continued) Name Source CAPABILITY DEVICE_NODE.CAPABILITY_ TRUSTED DEVICE_NODE.TRUSTED CREATION TIME DEVICE_NODE.CREATION_TIME MISSING DEVICE_NODE.MISSING MISSING TIME DEVICE_NODE.MISSING_TIME, PROXY DEVICE DEVICE_NODE.PROXY_DEVICE DEVICE_NODE.AG, NAME USER_DEFINED_DEVICE_DETAIL.NAME USER DEFINED TYPE USER_DEFINED_DEVICE_DETAIL.TYPE IP ADDRESS USER_DEFINED_DEVICE_DETAIL.IP_ADDRESS CONTACT USER_DEFINED_DEVICE_DETAIL.CONTACT LOCATION USER_DEFINED_DEVICE_DETAIL.LOCATION DESCRIPTION USER_DEFINED_DEVICE_DETAIL.DESCRIPTION USER DEFINED VALUE1 USER_DEFINED_DEVICE_DETAIL.USER_DEFINED_VALUE1 USER DEFINED VALUE2 USER_DEFINED_DEVICE_DETAIL.USER_DEFINED_VALUE2...
Page 777 EE- Monitor TABLE 84 EE_MONITOR_STATS_30MIN Field Definition Format Size EE_MONITOR_ID CREATION_TIME timestamp ACTIVE_STATE smallint double precision double precision CRCERRORS double TABLE 85 EE_MONITOR_STATS_2HOUR Field Definition Format Size EE_MONITOR_ID CREATION_TIME timestamp ACTIVE_STATE smallint double precision double precision CRCERRORS double TABLE 86 EE_MONITOR Field Definition...
Page 778: Event/Fm
Event/FM TABLE 87 EE_MONITOR_STATS_1DAY (Continued) Field Definition Format Size CREATION_TIME timestamp ACTIVE_STATE smallint double precision double precision CRCERRORS double Event/FM TABLE 88 RECIPIENT_TYPE Field Definition Format Size TYPE Type of the recipient (Syslog or SNMP). varchar TABLE 89 SOURCE_OBJECT_TYPE Field Definition Format Size...
Page 779 Event/FM TABLE 92 EVENT_SUB_TYPE Field Definition Format Size EVENT_TYPE_ID Unique Event Sub type ID DESCRIPTION Description of Event Sub Type varchar TABLE 93 SNMP_CREDENTIALS Field Definition Format Size VIRTUAL_SWITCH_ID Virtual switch ID for which this instance of the SNMP credentials apply. RECIPIENT_ID Refers to recipient in the MESSAGE_RECIPIENT table.
Page 780 Event/FM TABLE 93 SNMP_CREDENTIALS (Continued) Field Definition Format Size AUTH_PASSWORD The localized secret key used by the authentication varchar protocol for authenticating messages. This is applicable if the agent is configured to operate in SNMPv3. PRIV_PROTOCOL An indication of whether messages sent or received on varchar behalf of this user can be encrypted and if so, which privacy protocol to use.
Page 781 Event/FM TABLE 95 EVENT Field Definition Format Size SWITCH_ID ID of the switch. PARENT_ID ID of the Parent. SOURCE_NAME Name of the source from which the event originated. varchar SOURCE_ADDR IP Address of the source from which the event varchar originated.
Page 782 Event/FM TABLE 95 EVENT (Continued) Field Definition Format Size EVENT_CATEGORY Category of the event varchar DISCOVERY_TYPE Discovery type of the product varchar MANAGEMENT_LINK Management link status varchar OPERATIONAL_STATUS Operational Status of the switch from which the event varchar is triggered NODE_WWN WWN of the node from which the event is triggered varchar...
Page 783 Event/FM TABLE 97 EVENT_NOTIFICATION (Continued) Field Definition Format Size USER_NAME User name for authentication. varchar PASSWORD Password for authentication. varchar NOTIFICATION_INTERVAL Time interval between successive event notifications. NOTIFICATION_UNIT Time interval Unit: smallint 0 = Seconds 1 = Minutes 2 = Hours TEST_OPTION Time interval Unit: smallint...
Page 784: Fabric
Fabric TABLE 98 EVENT_RULE (Continued) Field Definition Format Size LAST_MODIFIED_TIME Rules last edited time. timestamp SELECTED_TIME_UNIT Timestamp unit of the selected rule: smallint 0 = second 1 = Minutes 2 = Hours TABLE 99 EVENT_RULE_ACTION Field Definition Format Size RULE_ID The rule ID present in the Event_Rule Table.
Page 785 Fabric TABLE 101 FABRIC Field Definition Format Size SAN_ID Foreign key to SAN table; usually 1 since there is only one SAN. SEED_SWITCH_WWN WWN of the virtual switch used as seed switch to char discover the fabric. NAME User-assigned fabric name. varchar CONTACT User-assigned "contact"...
Page 786 Fabric TABLE 102 FABRIC_INFO (Continued) Name Source MANAGEMENT_STATE FABRIC.MANAGEMENT_STATE LAST_FABRIC_CHANGED FABRIC.LAST_FABRIC_CHANGED SECURE FABRIC.SECURE AD_ENVIRONMENT FABRIC.AD_ENVIRONMENT MANAGED FABRIC.MANAGED CONTACT FABRIC.CONTACT LOCATION FABRIC.LOCATION DESCRIPTION FABRIC.DESCRIPTION CREATION_TIME FABRIC.CREATION_TIME LAST_SCAN_TIME FABRIC.LAST_SCAN_TIME LAST_UPDATE_TIME FABRIC.LAST_UPDATE_TIME TRACK_CHANGES FABRIC.TRACK_CHANGES TYPE FABRIC.TYPE USER_DEFINED_VALUE_1 FABRIC.USER_DEFINED_VALUE_1 USER_DEFINED_VALUE_2 FABRIC.USER_DEFINED_VALUE_2 USER_DEFINED_VALUE_3 FABRIC.USER_DEFINED_VALUE_3 VIRTUAL_SWITCH.ID SEED SWITCH IP ADDRESS CORE_SWITCH.IP_ADDRESS SWITCH COUNT...
Page 787: Fc Port Stats
FC Port Stats FC Port Stats TABLE 104 FC_PORT_STATS Field Definition Format Size SWITCH_ID References the ID in CORE_SWITCH table. PORT_ID References the ID in SWITCH_PORT table. Transmission (TX) value in bytes. double Receive (RX) value in bytes. double TX_UTILIZATION Transmit utilization value in percentage.
Page 788 FC Port Stats TABLE 105 FC_PORT_STATS_30MIN (Continued) Field Definition Format Size SIGNALLOSSES double SEQUENCEERRORS double INVALIDTRANSMISSIONS double CRCERRORS double DATA_GAPS_IN5MIN smallint TABLE 106 FC_PORT_STATS_2HOUR Field Definition Format Size SWITCH_ID PORT_ID double double TX_UTILIZATION double RX_UTILIZATION double‘ CREATION_TIME timestamp ACTIVE_STATE smallint LINKFAILURES double TXLINKRESETS...
Page 789 FC Port Stats TABLE 107 FC_PORT_STATS_1DAY (Continued) Field Definition Format Size RX_UTILIZATION double‘ CREATION_TIME timestamp ACTIVE_STATE smallint LINKFAILURES double TXLINKRESETS double RXLINKRESETS double SYNCLOSSES double SIGNALLOSSES double SEQUENCEERRORS double INVALIDTRANSMISSIONS double CRCERRORS double DATA_GAPS_IN5MIN smallint DATA_GAPS_IN30MIN smallint DATA_GAPS_IN2HOUR smallint DCFM Enterprise User Manual 53-1001775-01...
Page 790: Fcip
FCIP FCIP TABLE 108 FCIP_TUNNEL Field Definition Format Size ETHERNET_PORT_ID GigE Port ID on which the tunnel is created. TUNNEL_ID Tunnel ID for that GigE Port. smallint VLAN_TAG VLAN Tag on the tunnel (if present). SOURCE_IP Source IP on which the tunnel is created. char DEST_IP Destination IP on the other end of tunnel.
Page 791 FCIP TABLE 109 FCIP_TUNNEL_INFO (Continued) Name Source WAN_TOV_ENABLED FCIP_TUNNEL.WAN_TOV_ENABLED TUNNEL_STATUS FCIP_TUNNEL.TUNNEL_STATUS COMPRESSION_ENABLED FCIP_TUNNEL_DETAILS.COMPRESSION_ENABLED TURBO_WRITE_ENALBED FCIP_TUNNEL_DETAILS.TURBO_WRITE_ENABLED TAPE_ACCELERATION_ENABLED FCIP_TUNNEL_DETAILS.TAPE_ACCELERATION_ENABLED IKE_POLICY_NUM FCIP_TUNNEL_DETAILS.IKE_POLICY_NUM IPSEC_POLICY_NUM FCIP_TUNNEL_DETAILS.IPSEC_POLICY_NUM PRESHARED_KEY FCIP_TUNNEL_DETAILS.PRESHARED_KEY FICON_TAPE_READ_BLOCK_ID_ FCIP_TUNNEL_DETAILS.FICON_TAPE_READ_BLOCK_ID_ENABLED ENABLED FICON_TIN_TIR_EMULATION_E FCIP_TUNNEL_DETAILS.FICON_TIN_TIR_EMULATION_ENABLED NABLED FICON_DEVICE_LEVEL_ACK_EM FCIP_TUNNEL_DETAILS.FICON_DEVICE_LEVEL_ACK_EMULATION_ENABLED ULATION_ENABLED FICON_TAPE_WRITE_MAX_PIPE FCIP_TUNNEL_DETAILS.FICON_TAPE_WRITE_MAX_PIPE FICON_TAPE_READ_MAX_PIPE FCIP_TUNNEL_DETAILS.FICON_TAPE_READ_MAX_PIPE FICON_TAPE_WRITE_MAX_OPS FCIP_TUNNEL_DETAILS.FICON_TAPE_WRITE_MAX_OPS FICON_TAPE_READ_MAX_OPS FCIP_TUNNEL_DETAILS.FICON_TAPE_READ_MAX_OPS FICON_TAPE_WRITE_TIMER FCIP_TUNNEL_DETAILS.FICON_TAPE_WRITE_TIMER FICON_TAPE_MAX_WRITE_CHAI...
Page 792 FCIP TABLE 109 FCIP_TUNNEL_INFO (Continued) Name Source REMOTE PORT WWN FCIP_PORT_TUNNEL_MAP.TUNNEL_ID = FCIP_TUNNEL.ID and FCIP_PORT_TUNNEL_MAP.SWITCHPORT_ID = PORT.ID) REMOTE_PORT_WWN REMOTE NODE WWN FCIP_PORT_TUNNEL_MAP.TUNNEL_ID = FCIP_TUNNEL.ID and FCIP_PORT_TUNNEL_MAP.SWITCHPORT_ID = PORT.ID) REMOTE_NODE_WWN TABLE 110 FCIP_PORT_TUNNEL_MAP Field Definition Format Size SWITCHPORT_ID* Switch Port ID. TUNNEL_ID* FCIP Tunnel ID.
Page 793: Fcip Tunnel Stats
FCIP Tunnel Stats TABLE 111 FCIP_TUNNEL_DETAILS (Continued) Field Definition Format Size FICON_TAPE_WRITE_ Whether this is enabled on that tunnel. smallint EMULATION_ENABLED FICON_TAPE_READ_ Whether this is enabled on that tunnel. smallint EMULATION_ENABLED FICON_DEBUG__FLAGS FICON_DEBUG_FLAGS for that particular tunnel. double FCIP Tunnel Stats TABLE 112 FCIP_TUNNEL_STATS Field...
Page 794 FCIP Tunnel Stats TABLE 113 FCIP_TUNNEL_STATS_30MIN (Continued) Field Definition Format Size DROPPED PACKETS double precision COMPRESSION double precision LATENCY double precision LINK_RETRANSMITS double precision ACTIVE_STATE smallint TABLE 114 FCIP_TUNNEL_STATS_2HOUR Field Definition Format Size TUNNEL_DBID SWITCH ID CREATION TIME timestamp double precision double precision TX_UTILIZATION double precision...
Page 795: Gige Port Stats
GigE Port Stats TABLE 115 FCIP_TUNNEL_STATS_1DAY (Continued) Field Definition Format Size LINK_RETRANSMITS double precision ACTIVE_STATE smallint TABLE 116 FCIP_TUNNEL Field Definition Format Size ETHERNET_PORT_ID GigE Port ID on which the tunnel is created. TUNNEL_ID Tunnel ID for that GigE Port. smallint VLAN_TAG VLAN Tag on the tunnel (if present).
Page 796 GigE Port Stats TABLE 117 GIGE_PORT_STATS (Continued) Field Definition Format Size DROPPED PACKETS Number of dropped packets. double precision COMPRESSION The compression value. double precision LATENCY The latency value. double precision BANDWIDTH The bandwidth value. double precision TABLE 118 GIGE_PORT_STATS_30MIN Field Definition Format...
Page 797 TABLE 120 GIGE_PORT_STATS_1DAY Field Definition Format Size SWITCH ID PORT_ID CREATION TIME timestamp double precision double precision TX_UTILIZATION double precision RX_UTILIZATION double precision DROPPED PACKETS double precision COMPRESSION double precision LATENCY double precision BANDWIDTH double precision TABLE 121 ISL_INFO Name Source ISL.ID FABRIC_ID...
Page 798 TABLE 122 ISL_TRUNK_INFO Name Source ISL_TRUNK_GROUP.ID COST ISL_INFO.COST TYPE ISL_INFO.TYPE SOURCE PORT NUMBER ISL_INFO.SOURCE_PORT_NUMBER SOURCE SWITCH ID ISL_INFO.SOURCE_SWITCH_ID SOURCE SWITCH IP ADDRESS SOURCE_CORE_SWITCH.IP_ADDRESS SOURCE SWITCH WWN SOURCE_VIRTUAL_SWITCH.WWN MASTER PORT ISL_INFO.SOURCE_DOMAIN_ID SOURCE SWITCH NAME ISL_INFO.SOURCE_SWITCH_NAME SOURCE SWITCH PORT ID ISL_INFO.SOURCE_SWITCH_PORT_ID DEST PORT NUMBER ISL_INFO.DEST_PORT_NUMBER DEST SWITCH ID ISL_INFO.DEST_SWITCH_ID...
Page 799 TABLE 124 FABRIC Field Definition Format Size SAN_ID Foreign key to SAN table; usually 1 since there is only one SAN. SEED_SWITCH_WWN WWN of the virtual switch used as seed switch to char discover the fabric. NAME User-assigned fabric name. varchar CONTACT User-assigned "contact"...
Page 800: License
License TABLE 126 ISL_TRUNK_GROUP Field Definition Format Size VIRTUAL_SWITCH_ID Virtual switch DB ID. MASTER_USER_PORT Port number of master port. smallint License TABLE 127 LICENSE_FEATURE_MAP Field Definition Format Size LICENSE_ID* Foreign Key (SWITCH_LICENSE.ID) and is part of the integer primary key. FEATURE_ID* Foreign Key (LICENSED_FEATURE.ID) and is part of integer...
Page 801: Encryption Device
Encryption Device Encryption Device TABLE 131 KEY VAULT Field Definition Format Size IP_ADDRESS The IP Address (IPv4, IPv6, or hostname) of the key varchar vault. PORT_NUMBER The TCP port number for the key vault. PUBLIC_CERTIFICATE The key vault’s public key certificate. Switches use varchar 4096 this to establish a secure connection to the key vault.
Page 802 Encryption Device TABLE 132 CRYPTO_SWITCH Field Definition Format Size KAC_CERTIFICATE The public key certificate, in PEM format, of the varchar 4096 switch’s Key Archive Client module. This certificate is installed on key vaults to establish secure communication between this switch and the key vault.
Page 803 Encryption Device TABLE 133 ENCRYPTION GROUP Field Definition Format Size ACTIVE_MASTER_KEY_STAT The operational status of the "master key" or "Key smallint Encryption Key (KEK)" used to encrypt Data Encryption Keys in a key vault. Not used for NetApp LKM key vaults. 0 = not used 1 = required but not present 2 = present but not backed up...
Page 804 Encryption Device TABLE 134 ENCRYPTION_TAPE_POOL Field Definition Format Size TAPE_POOL_NAME User-supplied name or number for the tape pool. This varchar is the same name or number specified in the tape backup application. Numbers are stored in hex. TAPE_POOL_OPERATION_M Specifies which type of encryption should be used by smallint tape volumes in this tape pool.
Page 805 Encryption Device TABLE 137 QUORUM_CARD_GROUP_MAPPING Field Definition Format Size ENCRYPTION_GROUP_ID Foreign key reference to the ENCRYPTION_GROUP for which an authorization card is registered. SMART_CARD_ID Foreign key reference to the SMART_CARD that is registered as an authorization card for the encryption group.
Page 806 Encryption Device TABLE 139 SMART CARD Field Definition Format Size GROUP_NAME 'The name of the Encryption Group used to initialize varchar the card. For recovery set cards, this identifies which group’s master key is backed up on the card. CREATION_TIME The date and time that the card was initialized.
Page 807: Encryption Container
Encryption Container Encryption Container TABLE 141 CRYPTO HOST Field Definition Format Size CRYPTO_TARGET_CONTAIN Foreign key reference to the ER_ID CRYPTO_TARGET_CONTAINER that contains this host. VI_NODE_WWN Node WWN of Virtual Initiator that represents this char host. VI_PORT_WWN Port WWN of Virtual Initiator that represents this char host.
Page 808 Encryption Container TABLE 143 CRYPTO LUN Field Definition Format Size CRYPTO_TARGET_ Foreign key reference to the CONTAINER_ID CRYPTO_TARGET_CONTAINER that contains the host for which these LUNs are configured. SERIAL_NUMBER The LUN serial number, used to identify the physical varchar LUN. ENCRYPTION_STATE Boolean.
Page 809 Encryption Container TABLE 143 CRYPTO LUN Field Definition Format Size DECRYPT_EXISTING_DATA Not used. When configuring disk LUN that was smallint previously encrypted and is to become cleartext, this property tells the switch whether or not to start a re-keying operation to decrypt the existing LUN data. This property does not need to be persisted.
Page 810 Encryption Container TABLE 144 ENCRYPTION ENGINE Field Definition Format Size SYSTEM_CARD_STATUS Indicates whether a System Card is currently inserted smallint in the Encryption Engine, and whether the card is valid or not. This feature is not yet supported. WWN_POOLS_AVAILABLE Not used. Previously used to indicate the number of WWN pools remaining for allocation on this encryption engine.
Page 811 Encryption Container TABLE 146 Name Source CRYPTO HOST ID LUN.CRYPTO_HOST_ID CRYPTO LUN ID LUN.ID CRYPTO_LUN_ID LUN NUMBER LUN.LUN_NUMBER CRYPTO TARGET CONTAINER ID LUN.CRYPTO_TARGET_CONTAINER_ID SERIAL NUMBER LUN.SERIAL_NUMBER ENCRYPTION STATE LUN.ENCRYPTION_STATE STATUS LUN.STATUS REKEY_INTERVAL LUN.REKEY_INTERVAL VOLUME_LABEL_PREFIX LUN.VOLUME_LABEL_PREFIX LAST_REKEY_DATE LUN.LAST_REKEY_DATE LAST_REKEY_STATUS LUN.LAST_REKEY_STATUS LAST_REKEY_PROGRESS LUN.LAST_REKEY_PROGRESS CURRENT_VOLUME_LABEL LUN.CURRENT_VOLUME_LABEL...
Page 812: Meta San
Meta SAN Meta SAN TABLE 147 LSAN_DEVICE Field Definition Format Size BB_FABRIC_ID Backbone fabric DB ID. FCR_FABRIC_ID FID assigned to edge fabric. DEVICE_PORT_WWN Device port WWN of physical device. char PHYSICAL_PID PID of physical device. char TABLE 148 LSAN_PROXY_DEVICE Field Definition Format Size...
Page 813 Meta SAN TABLE 150 FABRIC (Continued) Field Definition Format Size TYPE Type of fabric: smallint 0 = legacy fabric 1 = base fabric 2 = logical fabric SECURE 1 = it is a secured fabric. smallint AD_ENVIRONMENT 1 = there are user-defined ADs in this fabric. smallint MANAGED 1 = it is an actively "monitored"...
Page 814: Network
Network TABLE 152 IFL_INFO Name Source IFL.ID EDGE_FABRIC_ID IFL.EDGE_FABRIC_ID FCR SWITCH ID FCR_PORT.VIRTUAL_SWITCH_ID EDGE_PORT_WWN IFL.EDGE_PORT_WWN BB_FABRIC_ID IFL.BB_FABRIC_ID BB_PORT_WWN IFL.BB_PORT_WWN BB_RA_TOV IFL.BB_RA_TOV BB_ED_TOV IFL.BB_ED_TOV BB_PID_FORMAT IFL.BB_PID_FORMAT EDGE SWITCH ID SWITCH_PORT.VIRTUAL_SWITCH_ID EDGE PORT ID SWITCH_PORT.ID EDGE PORT NUMBER SWITCH_PORT.USER_PORT_NUMBER EDGE PORT TYPE SWITCH_PORT.TYPE Network TABLE 153...
Page 815: Others
Others TABLE 154 IP_ROUTE (Continued) Field Definition Format Size FLAG Flag. CHECKSUM Check Sum. varchar Others TABLE 155 SYSTEM_PROPERTY Field Definition Format Size NAME* The name of the property. char VALUE The value for the property. VARCHAR 2048 TABLE 156 OUI_VENDOR Field Definition...
Page 816: Port Fencing
Port Fencing Port Fencing TABLE 160 PORT_FENCING_POLICY Field Definition Format Size NAME Name of the policy. The length of the field should be varchar 62 because M-EOS switch supports only maximum 62 characters. TYPE 0 = ISL Protocol smallint 1 = Link 2 = Security THRESHOLD_LIMIT Threshold Limits for M-EOS Switch.
Page 817: Quartz
Quartz Quartz TABLE 162 QRTZ_JOB_DETAILS Field Definition Format Size JOB_NAME* Name of the job. varchar JOB_GROUP* Name of the job group. varchar DESCRIPTION Description of the job (optional). varchar JOB_CLASS_NAME The instance of the job that will be executed. varchar IS_DURABLE Whether the job should remain stored after it is orphaned.
Page 818 Quartz TABLE 164 QRTZ_SIMPLE_TRIGGERS Field Definition Format size TRIGGER_NAME* Name of the trigger varchar TRIGGER_GROUP* name of the trigger group varchar REPEAT_COUNT number of times to repeat numeric 13,0 REPEAT_INTERVAL interval for first and second job numeric 13,0 TIMES_TRIGGERED Number of times the corresponding trigger fired numeric 13,0 TABLE 165...
Page 819 Quartz TABLE 168 QRTZ_JTRIGGER_LISTENERS Field Definition Format Size TRIGGER_NAME* Name of the trigger. varchar TRIGGER_GROUP* Name of the trigger group. varchar TRIGGER_LISTENER* The listener action. varchar TABLE 169 QRTZ_BLOB_TRIGGERS Field Definition Format Size TRIGGER_NAME* Name of the trigger. varchar TRIGGER_GROUP* Name of the trigger group.
Page 820: Reports
Reports Reports TABLE 174 REPORT_TYPE Field Definition Format Size Meta Data for available reports. NAME Report name. varchar DESCRIPTION Report type description. varchar TABLE 175 GENERATED_REPORT Field Definition Format Size NAME Report name. varchar TYPE_ID Report type. EFCM_USER The Management application user who has varchar generated this report.
Page 821 Role Based Access Control TABLE 179 PRIVILEGE Field Definition Format Size NAME Privilege Name. varchar TABLE 180 PRIVILEGE_GROUP_MAP Field Definition Format Size GROUP_ID* Privilege group ID. PRIVILEGE_ID* Privilege ID. TABLE 181 PRIVILEGE_GROUP Field Definition Format Size NAME Privilege group name. varchar TABLE 182 ROLE_PRIVILEGE_INFO...
Page 822 Role Based Access Control TABLE 185 RESOURCE_GROUP Field Definition Format Size NAME Resource group name. varchar DESCRIPTION Resource group description. varchar TABLE 186 RESOURCE_FABRIC_MAP Field Definition Format Size RESOURCE_GROUP_ID* Resource group ID. FABRIC_ID* Fabric ID, which is in the resource group. TABLE 187 USER_ROLE_RESOURCE_INFO name...
Page 823: Snmp
SNMP SNMP TABLE 188 SNMP_CREDENTIALS Field Definition Format Size VIRTUAL SWITCH_ID Virtual switch ID for which this instance of the SNMP credentials apply. RECIPIENT_ID Recipient in the MESSAGE_RECIPIENT table. POR)_NUMBER Port number of the SNMP agent on the switch for get smallint and set requests.
Page 824 SNMP TABLE 188 SNMP_CREDENTIALS (Continued) Field Definition Format Size PRIV_PROTOCOL An indication of whether messages sent or received varchar on behalf of this user can be encrypted and if so, which privacy protocol to use. The current values for this field are: usmNoPrivProtocol and usmDESPrivProtocol.
Page 825 SNMP TABLE 189 SNMP_PROFILE (Continued) Field Definition Format Size AUTH_PROTOCOL An indication of whether or not messages sent or varchar received on behalf of this user can be authenticated and if so, which authentication protocol to use. The supported values for this field are: usmNoAuthProtocol, usmHMACMD5AuthProtocol, and usmHMACSHAAuthProtocol.
Page 826: Stats
Stats Stats TABLE 191 FAVORITES Field Definition Format Size NAME Name of the favorite. varchar USER_ The application user credentials. varchar TOP_N The top number of ports(5,10,15,20). varchar SELECTION_FILTER Types of ports (FC/FCIP/GE) and End-to-End varchar Monitors. FROM_TIME The time interval in which the graph is shown. Time varchar interval can be predefined or custom.
Page 827 Stats TABLE 193 STATS_AGING Field Definition Format Size FIVE_MIN_VALUE Configured maximum samples value for the five minute table. THIRTY_MIN_VALUE Configured maximum samples value for the thirty minute table. TWO_HR_VALUE Configured maximum samples value for the two hour table. ONE_DAY_VALUE Configured maximum samples value for the one day table.
Page 828: Switch
Switch Switch TABLE 196 VIRTUAL-SWITCH Field Definition Format Size LOGICAL_ID Logical ID of the switch. smallint NAME Switch name. varchar WWN of the switch. char VIRTUAL_FABRIC_ID Virtual fabric ID. If VF enabled then will have the VFID; smallint otherwise it will be -1. DOMAIN_ID Domain ID of the switch.
Page 829 Switch TABLE 197 CORE_SWITCH Field Definition Format Size IP_ADDRESS IP address of the switch. varchar Chassis WWN. char NAME Switch name. varchar CONTACT Any associated contact name, obtained through varchar SNMP. LOCATION Physical location, obtained through SNMP. varchar DESCRIPTION User assigned description, obtained through SNMP. varchar TYPE SWBD type number as given by Fabric OS.
Page 830 Switch TABLE 197 CORE_SWITCH (Continued) Field Definition Format Size NIC_PROFILE_ID NIC profile of the Management application server host used by this switch to communicate in interactive configuration and other operations. It determines which Management application host IP used by this switch. MANAGING_SERVER_IP_ IP address of the server which is currently managing varchar...
Page 831 Switch TABLE 199 SWITCH_INFO name Source NIC_PROFILE_ID CORE_SWITCH.NIC_PROFILE_ID MANAGING_SERVER_IP_ADDRESS CORE_SWITCH.MANAGING_SERVER_IP_ADDRESS VIRTUAL_SWITCH.ID NAME VIRTUAL_SWITCH.NAME OPERATIONAL_STATUS VIRTUAL_SWITCH.OPERATIONAL_STATUS SWITCH_MODE VIRTUAL_SWITCH.SWITCH_MODE AD_CAPABLE VIRTUAL_SWITCH.AD_CAPABLE VIRTUAL_SWITCH.WWN ROLE VIRTUAL_SWITCH.ROLE FCS_ROLE VIRTUAL_SWITCH.FCS_ROLE DOMAIN_ID VIRTUAL_SWITCH.DOMAIN_ID VIRTUAL_FABRIC_ID VIRTUAL_SWITCH.VIRTUAL_FABRIC_ID BASE_SWIITCH VIRTUAL_SWITCH.BASE_SWITCH MAX_ZONE_CONFIG_SIZE VIRTUAL_SWITCH.MAX_ZONE_CONFIG_SIZE CREATION_TIME VIRTUAL_SWITCH.CREATION_TIME LAST_UPDATE_TIME VIRTUAL_SWITCH.LAST_UPDATE_TIME USER_NAME VIRTUAL_SWITCH.USER_NAME PASSWORD VIRTUAL_SWITCH.PASSWORD MANAGEMENT_STATE VIRTUAL_SWITCH.MANAGEMENT_STATE STATE...
Page 832 Switch TABLE 200 SWITCH_MODEL Field Definition Format Size SWBD_TYPE Switch type number, universally used by all the smallint Management application module implementation. SUBTYPE Switch subtype. At present no subtypes for existing smallint model records are defined. DESCRIPTION Model description, such as FC link speed, port count varchar and whether multi-card (director) class switch or other type of switch.
Page 833: Switch Details
Switch details Switch details TABLE 202 CORE_SWITCH_DETAILS Field Definition Format Size CORE_SWITCH_ID* DB ID. ETHERNET_MASK Subnet mask. char FC_MASK Subnet mask for FC IP. char FC_IP Fibre Channel IP address. char FC_CERTIFICATE smallint SW_LICENSE_ID char SUPPLIER_SERIAL_ Serial number of the chassis. varchar NUMBER PART_NUMBER...
Page 834 Switch details TABLE 202 CORE_SWITCH_DETAILS (Continued) Field Definition Format Size STBY_CP_PRI_FW_VERSIO Standby CP primary firmware version. varchar STBY_CP_SEC_FW_VERSIO Standby CP secondary firmware version. varchar TYPE SWBD number as assigned by embedded SW smallint depending upon the switch type / platform. EGM_CAPABLE 1 = the switch is EGM-capable.
Page 835 Switch details TABLE 203 CORE_SWITCH (Continued) Field Definition Format Size LAST_SCAN_TIME timestampty LAST_UPDATE_TIME Time when this record was last updated. timestamp SYSLOG_REGISTERED 1 if the Management application server is registered smallint with the switch to receive Syslog. CALL_HOME_ENABLED 1 if "call home" is enabled for this switch. smallint SNMP_REGISTERED 1 if the Management application server is registered...
Page 836 Switch details TABLE 204 SWITCH_DETAILS_INFO Name Source MANAGING_SERVER_IP_ADDRESS CORE_SWITCH.MANAGING_SERVER_IP_ADDRESS VIRTUAL_SWITCH.ID NAME VIRTUAL_SWITCH.NAME OPERATIONAL_STATUS VIRTUAL_SWITCH.OPERATIONAL_STATUS SWITCH_MODE VIRTUAL_SWITCH.SWITCH_MODE AD_CAPABLE VIRTUAL_SWITCH.AD_CAPABLE VIRTUAL_SWITCH.WWN ROLE VIRTUAL_SWITCH.ROLE FCS_ROLE VIRTUAL_SWITCH.FCS_ROLE DOMAIN_ID VIRTUAL_SWITCH.DOMAIN_ID VIRTUAL_FABRIC_ID VIRTUAL_SWITCH.VIRTUAL_FABRIC_ID BASE_SWITCH VIRTUAL_SWITCH.BASE_SWITCH MAX_ZONE_CONFIG_SIZE VIRTUAL_SWITCH.MAX_ZONE_CONFIG_SIZE CREATION_TIME VIRTUAL_SWITCH.CREATION_TIME LAST_UPDATE_TIME VIRTUAL_SWITCH.LAST_UPDATE_TIME USER_NAME VIRTUAL_SWITCH.USER_NAME PASSWORD VIRTUAL_SWITCH.PASSWORD MANAGEMENT_STATE VIRTUAL_SWITCH.MANAGEMENT_STATE STATE VIRTUAL_SWITCH.STATE...
Page 837 Switch details TABLE 204 SWITCH_DETAILS_INFO Name Source PART_NUMBER CORE_SWITCH_DETAILS.PART_NUMBER CHECK_BEACON CORE_SWITCH_DETAILS.CHECK_BEACON TIMEZONE CORE_SWITCH_DETAILS.TIMEZONE FMS_MODE CORE_SWITCH_DETAILS.FMS_MODE MAX_PORT CORE_SWITCH_DETAILS.MAX_PORT CHASSIS_SERVICE_TAG CORE_SWITCH_DETAILS.CHASSIS_SERVICE_TAG BAY_ID CORE_SWITCH_DETAILS.BAY_ID TYPE_NUMBER CORE_SWITCH_DETAILS.TYPE_NUMBER MODEL_NUMBER CORE_SWITCH_DETAILS.MODEL_NUMBER MANUFACTURER CORE_SWITCH_DETAILS.MANUFACTURER PLANT_OF_MANUFACTURER CORE_SWITCH_DETAILS.PLANT_OF_MANUFACTURER SEQUENCE_NUMBER CORE_SWITCH_DETAILS.SEQUENCE_NUMBER CORE_SWITCH_DETAILS.TAG DYNAMIC_LOAD_SHARING CORE_SWITCH_DETAILS.DYNAMIC_LOAD_SHARING PORT_BASED_ROUTING CORE_SWITCH_DETAILS.PORT_BASED_ROUTING IN_ORDER_DELIVERY CORE_SWITCH_DETAILS.IN_ORDER_DELIVERY ACT_CP_PRI_FW_VERSION CORE_SWITCH_DETAILS.ACT_CP_PRI_FW_VERSION ACT_CP_SEC_FW_VERSION CORE_SWITCH_DETAILS.ACT_CP_SEC_FW_VERSION STBY_CP_PRI_FW_VERSION...
Page 838: Switch Port
Switch port Switch port TABLE 205 GIGE_PORT Field Definition Format Size SWITCH_PORT_ID ID for the GigE Port in SWITCH_PORT. PORT_NUMBER GigE Port Number(0 for ge0 and 1 for ge1). SLOT_NUMBER Slot number on which the GigE Port is present. ENABLED Enabled or disabled.
Page 839 Switch port TABLE 206 SWITCH_PORT (Continued) Field Definition Format Size MAC_ADDRESS MAC address of this port. varchar PORT_MOD varchar TYPE Port type. The specific mode currently enabled for the varchar port. FULL_TYPE Port type. varchar STATUS The current status of the switch port. varchar HEALTH varchar...
Page 840 Switch port TABLE 206 SWITCH_PORT (Continued) Field Definition Format Size NPIV_CAPABLE Instance NPIV mode capability: smallint 1 = indicates port has NPIV capability 2 = NPIV license is enabled NPIV_ENABLED Whether NPIV mode is enabled. smallint FC_FAST_WRITE_ENABLED 1 = FC fast write is enabled. smallint ISL_RRDY_ENABLED smallint...
Page 841 Switch port TABLE 207 GIGE_PORT_INFO (Continued) name Source INTERFACE_TYPE GIGE_PORT.INTERFACE_TYPE CHECKSUM GIGE_PORT.CHECKSUM FCIP_CAPABLE GIGE_PORT.FCIP_CAPABLE ISCSI_CAPABLE GIGE_PORT.ISCSI_CAPABLE INBAND_MANAGEMENT_STATUS GIGE_PORT.INBAND_MANAGEMENT_STATUS VIRTUAL SWITCHID SWITCH_PORT.VIRTUAL_SWITCH_ID USER PORT NUMBER SWITCH_PORT.USER_PORT_NUMBER TABLE 208 N2F_PORT_MAP Field Definition Format Size VIRTUAL_SWITCH_ID Virtual switch ID of AG for N to F_port mapping, foreign key to VIRTUAL_SWITCH table.
Page 842 Switch port TABLE 211 FPORT_TRUNK_MEMBER Field Definition Format Size GROUP_ID* Foreign key to the PORT_TRUNK_GROUP table. PORT_NUMBER* Member user port number. SMALLINT Member port WWN. CHAR TABLE 212 VIRTUAL_SWITCH Field Definition Format Size LOGICAL_ID Logical ID of the switch. smallint NAME Switch name.
Page 843: Switch Snmp Info
Switch SNMP info TABLE 212 VIRTUAL_SWITCH (Continued) Field Definition Format Size CRYPTO_CAPABLE 0 = the switch is not crypto-enabled; if capable it will smallint have non-zero value FCR_CAPABLE 0 = the switch is not FCR-enabled; if capable it will smallint have non-zero value FCIP_CAPABLE 0 if the switch is not FCIP-enabled;...
Page 844 Switch SNMP info TABLE 213 VIRTUAL_SWITCH Name Source BASE SWITCH BASE_SWITCH MAX ZONE CONFIG SIZE MAX_ZONE_CONFIG_SIZE CREATION TIME CREATION_TIME LAST UPDATE TIME LAST_UPDATE_TIME USER NAME SWITCH_INFO.USER_NAME PASSWORD PASSWORD MANAGEMENT STATE MANAGEMENT_STATE STATE STATE STATUS STATUS STATUS REASON STATUS_REASON USER DEFINED VALUE1 USER_DEFINED_VALUE_1 USER DEFINED VALUE2 USER_DEFINED_VALUE_2...
Page 845: Threshold
Threshold Threshold TABLE 214 SWITCH_THRESHOLD-SETTING Field Definition Format Size SWITCH_ID* References the ID in CORE_SWITCH table. POLICY_ID* References the ID in THRESHOLD_POLICY table. STATUS The status of applied to the switch. smallint OVERRIDDEN Policy is overridden or not overridden. smallint DESCRIPTION Description about the status of policy applied to the varchar...
Page 846: User Interface
User Interface TABLE 219 THRESHOLD_MEASURE (Continued) Field Definition Format Size LOW_BOUNDARY Configured low boundary threshold value for measure ID. BUFFER_SIZE Configured buffer size for measure ID. POLICY_ID* References the ID in THRESHOLD_POLICY table. User Interface TABLE 220 AVAILABLE_FLYOVER_PROPERTY Field Definition Format Size NAME...
Page 847: Zoning 1
Zoning 1 TABLE 223 TOOL_PATH (Continued) Field Definition Format Size PATH Path of the tool where installed or available. varchar 1057 WORKING_FOLDER Working folder for that application. varchar TABLE 224 PRODUCT_APP Field Definition Format Size MENU_TEXT Name of the product menu. varchar PROP1_KEY First condition name to be satisfied by a selected...
Page 848 Zoning 1 TABLE 225 ZONE_DB (Continued) Field Definition Format Size MCDATA_DEFAULT_ZONE McData switch default zoning mode. smallint MCDATA_SAFE_ZONE McData switch safe zoning mode. smallint ZONE_CONFIG_SIZE Zone configuration string length. TABLE 226 ZONE_DB_USERS Field Definition Format Size ZONE_DB_ID PK of the owning zone DB. USER_NAME List of users currently editing this zone DB.
Page 849: Zoning 2
Zoning 2 Zoning 2 TABLE 230 ZONE_ALIAS_IN_ZONE Field Definition Format Size ZONE_ALIAS_ID* PK of the zone alias. ZONE_ID* PK of the zone. TABLE 231 ZONE_ALIAS Field Definition Format Size ZONE_DB_ID PK of the owning ZONE_DB. NAME The zone alias name. varchar TABLE 232 ZONE_ALIAS_MEMBER...
Page 850 Zoning 2 TABLE 235 ZONE_DB Field Definition Format Size FABRIC_ID PK of the owning fabric. NAME Zone DB name for offline Zone DBs. varchar OFFLINE Offline Zone DB (1 = offline). smallint CREATED Created timestamp. timestamp LAST_MODIFIED Last modified timestamp. timestamp LAST_APPLIED Last saved to switch timestamp.
Page 851 Index storage ports to storage array switches to fabric binding thresholds access traffic isolation zone members assigning users changing V1 destination, SNMP traps removing V3 destination, SNMP traps access levels zone members defined zones – features admin access, assigning roles administrator access, defined accessing administrator privileges...
Page 852 Index reviewing events changing roles and access levels database passwords starting passwords status, determining PDCM matrix display switch configuration port display viewing status port label broadcast messages product label defining user accounts browse access, assigning users view options changing connection utilization CHAP CHAP secret setting...
Page 853 Index configuring content asset polling broadcast messages call home copying cascaded FICON fabric log entries client export port log entry parts discovery master log e-mail notification master log parts encrypted storage in a multi-path environment PDCM configuration explicit server IP address threshold policies external FTP server zones...
Page 854 Index database, restoring device properties deactivating viewing device properties dialog boxes, customizing event policies deactivating zone configuration device shortcut menu default background color, changing adding options changing options default community strings removing options default desktop color, changing device tips default zone (fabrics) configuring disabling device tips, turning on and off...
Page 855 Index displaying emailing event details technical support information FCIP performance graphs for Ethernet ports enable SSL FCIP performance graphs for FC ports enabling firmware repository call home centers master log event details default zone for fabrics downloading fabric binding firmware FCIP tunnels dual network cards, configuration historical performance data collection...
Page 856 Index encryption group properties event notification using the restore master key configuring e-mail notification viewing encryption group properties overview encryption group properties dialog box event notification, description General tab event policies HA Clusters tab activating Link Keys tab broadcast message Members tab deactivating Tape Pools tab...
Page 857 Index performance graphs, Ethernet ports displaying performance graphs, FC ports fabric binding displaying adding detached devices properties adding switches viewing disabling QoS implementation enabling services overview licensing removing switches Tape Pipelining roles and access levels tunneling Fabric OS tunnels seed switch version configuring Fabric OS feature listing deleting...
Page 858 Index performance firmware repository port fencing deleting firmware files product administration displaying product maintenance importing into product operation flyovers properties edit configuring report turning on and off routing configuration viewing security FSPF link cost calculation when ARL is used servers setup tools overview software configuration properties...
Page 859 Index importing firmware files and release notes storage port mapping HA clusters zone databases creating inactive iSCSI devices, identifying removing engines from in-band discovery, enabling requirements for insistent domain ID (IDID) swapping engines in interfabric links (IFLs) HBAs internal FTP server associating to servers unassociating configuring...
Page 860 Index Logical Switch Configuration roles and access levels login banner launch configuring remote client disabling launch script path login security defining configuring launch scripts logon conflicts requirements logs launching event Server Management Console LSAN zone SMIA Configuration Tool creating launching FCR configuration LSAN zones launching HCM Agent activating...
Page 861 Index master key monitoring active connection utilization alternate end-to-end backup end-to-end, configuring create new master key end-to-end, displaying creating a new monitoring fabrics description of monitoring pairs reasons they are disabled deleting restore master key refreshing saving to a file monitoring statistics master log multi-path configuration for encrypted storage using the...
Page 862 Index policy triggers policy types port binding, FICON port connection properties, viewing passwords port connectivity view changing disabling filter database, changing enabling filter PDCM filtering results E_Ports refreshing PDCM allow/prohibit matrix resetting filter configuring viewing details PDCM configuration port connectivity, viewing activating port display, changing copying...
Page 863 Index product list removing resource groups removing user roles customizing columns removing users from resource groups product maintenance resource groups roles and access levels roles product operation user list roles and access levels user privileges product overview users products real time performance icons exporting data status, determining...
Page 864 Index removing event filters rolling back changes call home centers zone databases call home event filters table routing configuration devices roles and access levels renaming zone alias zone configuration zones renaming servers safe zoning mode replacing disabling zone members enabling replicate switch configuration zoning...
Page 865 Index server IP address, explicit SNMP traps Server Management Console adding V1 destination adding V3 destination about editing a destination launching registering a different host server Server menu registering the management server server name removing a destination configuring removing the host server server name, determining trap forwarding, disabling server port...
Page 866 Index storage port properties table viewing # Brocade events storage ports # CONSRV event # thermal event reason codes adding to storage array call home event reassigning to storage array – features, user groups access levels unassigning from storage array –...
Page 867 Index tape write acceleration viewing viewing on a specific device technical support data collection thresholds table roles and access levels removing thresholds technical support information TIN/TUP emulation copying to an external FTP server tips, turning on and off deleting emailing tips, viewing immediate tool tips, turning on and off...
Page 868 Index troubleshooting discovery FCIP Ethernet connections V1 destination tunnels, configuring adding V3 destination adding VE_Ports VEX_Port unassigning view management storage ports from storage array roles and access levels unassociating, HBA to server View menu UNIX authentication view options, changing configuring View window user product list...
Page 869 Index views zone configuration comparison alerts copying managing creating zone configuration member deleting finding in Zones list editing zone database automatic checkout, undoing zone databases comparing creating exporting Web Tools, launching importing Windows authentication merging configuring refreshing rolling back changes searching by saving to switch zone members...
Page 870 Index zoning configuration overview zoning offline roles and access levels zoning online roles and access levels zoning reports generating zoning set edit limits, roles and access levels zooming in zooming out DCFM Enterprise User Manual 53-1001775-01...

This manual is also suitable for:

Dcfm enterprise

Brocade Communications Systems Brocade BladeSystem 4/24 User Manual

Table of Contents

Chapter 1 Getting Started

Chapter 2 Discovery

Chapter 3 Application Configuration

Chapter 4 Call Home

Chapter 5 View Management

Chapter 6 Third-Party Tools

Chapter 7 Server Management Console

Chapter 8 Device Configuration

Chapter 9 Fabric Binding

Chapter 10 Fault Management

Chapter 11 Performance Data

Chapter 12 Reports

Chapter 13 Port Fencing

Chapter 14 Role-Based Access Control

Quick Links

Chapters

Troubleshooting

Related Manuals for Brocade Communications Systems Brocade BladeSystem 4/24

Summary of Contents for Brocade Communications Systems Brocade BladeSystem 4/24