7
Policy database distribution
Enabling local switch protection
1. Connect to the switch and log in using an account assigned to the admin role.
2. Enter the fddCfg
Disabling local switch protection
1. Connect to the switch and log in using an account assigned to the admin role.
2. Enter the fddCfg
ACL policy distribution to other switches
This section explains how to manually distribute local ACL policy databases. The distribute
command has the following dependencies:
•
•
•
•
Distributing the local ACL policies
1. Connect to the switch and log in using an account assigned to the admin role.
2. Enter the distribute -p command.
Fabric-wide enforcement
The fabric-wide consistency policy enforcement setting determines the distribution behavior when
changes to a policy are activated. Using the tolerant or strict fabric-wide consistency policy ensures
that changes to local ACL policy databases are automatically distributed to other switches in the
fabric.
160
DATABASE
-
Accept/Reject
---------------------------------
SCC
-
DCC
-
PWD
-
FCS
-
AUTH
-
IPFILTER
-
Fabric Wide Consistency Policy:- ""
localreject command.
--
localaccept command.
--
All target switches must be running Fabric OS v6.2.0 or later.
All target switches must accept the database distribution (see
on page 159).
The fabric must have a tolerant or no (absent) fabric-wide consistency policy (see
enforcement"
on page 160).
If the fabric-wide consistency policy for a database is strict, the database cannot be manually
distributed. When you set a strict fabric-wide consistency policy for a database, the distribution
mechanism is automatically invoked whenever the database changes.
The local distribution setting must be accepted. To be able to initiate the distribute command,
set the local distribution to accept.
accept
accept
accept
accept
accept
accept
"Database distribution settings"
"Fabric-wide
Fabric OS Administrator's Guide
53-1001763-01