Page 1: Web Tools
53-1001343-01 ® 28 July 2009 Web Tools Administrator’s Guide Supporting Fabric OS v6.3.0...
Page 2 Copyright © 2006-2009 Brocade Communications Systems, Inc. All Rights Reserved. Brocade, the B-wing symbol, BigIron, DCX, Fabric OS, FastIron, IronPoint, IronShield, IronView, IronWare, JetCore, NetIron, SecureIron, ServerIron, StorageX, and TurboIron are registered trademarks, and DCFM, Extraordinary Networks, and SAN Health are trademarks of Brocade Communications Systems, Inc., in the United States and/or in other countries.
Page 3 Document History The following table lists all versions of the Web Tools Administrator’s Guide. Document Title Publication Number Summary of Changes Publication Date Web Tools User’s Guide v2.0 53-0001536-01 September 1999 Web Tools User’s Guide v2.2 53-0001558-02 May 2000 Web Tools User’s Guide v2.3 53-0000067-02 December 2000 Web Tools User’s Guide v3.0...
Page 4 Document Title Publication Number Summary of Changes Publication Date Web Tools Administrator’s Guide 53-1000606-01 Updates to reflect updates to enhanced October 2007 Access Gateway support, changes to FCIP tunneling wizard, and other enhancements. Web Tools Administrator’s Guide 53-1000606-02 Updates for support for new switches, March 2008 traffic isolation zoning, F_Port trunking, removal of enhanced Access Gateway...
Page 5: Table Of Contents
Contents About This Document In this chapter ......... . .xxv How this document is organized .
Page 6 Role-Based Access Control....... . . 16 Session management ........17 Ending a Web Tools session .
Page 7 Switch restart ......... . . 48 Performing a fast boot .
Page 8 Switch configurations for mixed fabrics..... . . 78 Enabling interoperability ....... 79 Chapter 5 Managing Administrative Domains In this chapter .
Page 9 Port activation ......... . 107 Enabling Ports on Demand .
Page 10 Zoning overview.........135 Basic Zones .
Page 11 Trace dumps ......... . .155 How a trace dump is used.
Page 12 Port configuration ........181 Creating port groups .
Page 13 Setting up iSCSI Target Gateway Services....206 Launching the iSCSI Target Gateway Admin Module..206 Launching the iSCSI setup wizard ..... .208 Activating the iSCSI feature.
Page 14 User-defined accounts ........229 Virtual Fabrics considerations......230 Admin Domain considerations .
Page 15 IPSec over FCIP .........262 Accessing the IPSec Policies dialog box .
Page 16 Quality of Service (QoS) configuration ..... . .298 Adding a CEE map ........298 Adding a traffic class map.
Page 17 Figures Figure 1 Configuring Internet Explorer ......... . 6 Figure 2 Temporary Internet Settings dialog box .
Page 18 Figure 37 USB configuration upload ......... . . 70 Figure 38 Upload/Download tab .
Page 19 Figure 79 Temperature Sensor States window ....... . . 159 Figure 80 Power Status window .
Page 20 Figure 121 User tab ............231 Figure 122 Add User Account dialog box (VF) .
Page 21 Figure 163 CEE tab > LLDP-DCBX tab > LLDP Profile tab......304 Figure 164 LLDP dialog box ..........304 Figure 165 Port General tab .
Page 22 xxii Web Tools Administrator’s Guide 53-1001343-01...
Page 23 Tables Table 1 Basic Web Tools features and EGM licensed features ..... 2 Table 2 Web Tools functionality moved to DCFM ....... . 3 Table 3 Certified and tested platforms.
Page 24 xxiv Web Tools Administrator’s Guide 53-1001343-01...
Page 25: About This Document
About This Document In this chapter • How this document is organized ....... . . xxv •...
Page 26: Supported Hardware And Software
• Chapter 10, “Working With Diagnostic Features,” provides information about trace dumps, viewing switch health, and interpreting the LEDs. • Chapter 11, “Using the FC-FC Routing Service,” provides information on using the FC-FC Routing Service to share devices between fabrics without merging those fabrics. •...
Page 27: What's New In This Document
• Brocade 5450 • Brocade 7500 • Brocade 7500E • Brocade 7600 • Brocade 7800 Extension Switch • Brocade 8000 FCoE Switch • Brocade Encryption Switch • Brocade DCX Backbone and Brocade DCX-4S Backbone FA4-18 Fibre Channel application blade FCOE10-24 DCX Blade FS8-18 Encryption Blade FC8-16 port blade FC8-32 port blade...
Page 28: Document Conventions
• Added support for IPSec and FICON CUP for 7800 extension switches with upgrade license • Added access to Netstat Ethernet Management port statistics details • Added Fabric-Wide Consistency Policy configuration • Added interoperablity with Cisco fabrics using Access Gateway on Brocade Encryption Switch •...
Page 29: Key Terms
CAUTION A Caution statement alerts you to situations that can be potentially hazardous to you or cause damage to hardware, firmware, software, or data. DANGER A Danger statement indicates conditions or situations that can be potentially lethal or extremely hazardous to you. Safety labels are also attached directly to products to warn of these conditions or situations.
Page 30: Other Industry Resources
For practical discussions about SAN design, implementation, and maintenance, you can obtain Building SANs with Brocade Fabric Switches through: http://www.amazon.com White papers, online demos, and data sheets are available through the Brocade Web site at: http://www.brocade.com/products-solutions/products/index.page For additional Brocade documentation, visit the Brocade Web site: http://www.brocade.com Release notes are available on the Brocade Connect Web site and are also bundled with the Fabric OS firmware.
Page 31: Document Feedback
The switch serial number and corresponding bar code are provided on the serial number label, as illustrated below.: *FT00X0054E9* FT00X0054E9 The serial number label is located as follows: • Brocade 300, 4100, 4900, 5100, 5300, 7500, 7800, 8000, and Brocade Encryption Switch—On the switch ID pull-out tab located inside the chassis on the port side on the left •...
Page 32 xxxii Web Tools Administrator’s Guide 53-1001343-01...
Page 33: Introducing Web Tools
Chapter Introducing Web Tools In this chapter • Web Tools overview ..........1 •...
Page 34: Web Tools Features Enabled By The Egm License
Web Tools, the EGM license, and DCFM Web Tools features enabled by the EGM license The following table describes which Web Tools features require the EGM license. TABLE 1 Basic Web Tools features and EGM licensed features Feature Basic Web Tools Web Tools with EGM License Active Directory support AD Context Switching...
Page 35: Web Tools Functionality Moved To Dcfm
Web Tools, the EGM license, and DCFM TABLE 1 Basic Web Tools features and EGM licensed features Feature Basic Web Tools Web Tools with EGM License RBAC Routing and DLS Configuration Security Policies Tab (like ACL) Switch Info tab Switch Status Switch View right-click options Trace dump USB Management...
Page 36: System Requirements
System requirements TABLE 2 Web Tools functionality moved to DCFM Function Web Tools 6.1.0 DCFM Comments Fabric Reports > Fabric Monitor > Reports > Fabric Summary Report Summary Summary FCIP Tunnel Port Admin Module > GigE Configure > FCIP Tunnel Viewing FCIP Configuration tunnels is still...
Page 37: Setting Refresh Frequency For Internet Explorer
System requirements TABLE 3 Certified and tested platforms (Continued) Operating System Browser SUSE Linux Enterprise Server 10 Firefox 2.0 Solaris 10 (SPARC only) Firefox 2.0 TABLE 4 Supported platforms Operating System Browser Linux RedHat AS 3.0 Firefox 2.0 Linux RedHat AS 4.0 Windows 2000 Firefox 2.0, Internet Explorer 6.0 Windows 2003 Server, SP2...
Page 38: Deleting Temporary Internet Files Used By Java Applications
System requirements Configure your browser to check for newer versions of stored pages every visit to the page. FIGURE 1 Configuring Internet Explorer Deleting temporary internet files used by Java applications For Web Tools to operate correctly, you must delete the temporary internet files used by Java applications.
Page 39: Java Installation On The Workstation
Java installation on the workstation You can clear the Trace and Log files check box if you want to keep those files. 5. Click OK. 6. On the Java Control Panel, click View to review the files that are in the Java cache. If you have deleted all the temporary files, the list is empty.
Page 40: Installing The Java Plug-In On Windows
Java plug-in configuration 3. Install the patch and restart the system. Installing the Java plug-in on Windows Use the following procedure to Install the Java plug-in on Windows. 1. Click Start Menu > Settings > Control Panel and select the Java Plug-in Control Panel. 2.
Page 41: Configuring The Java Plug-In For Mozilla Family Browsers
Java plug-in configuration FIGURE 3 Java Control Panel 3. In the section Java Applet Runtime Settings, click View. The Java Applet Runtime Settings dialog box displays. FIGURE 4 Java Runtime Settings 4. Double-click in the Java Runtime Parameters field and type the following information to set the minimum and maximum heap size: -Xms256m -Xmx256m In this example, the minimum and maximum sizes are both 256 MB.
Page 42: Value Line Licenses
Value line licenses FIGURE 5 Default Java for browsers option 3. Select Mozilla family and click OK. 4. Click Apply to apply your settings and close the Java Control Panel. Value line licenses If your fabric includes a switch with a limited switch license and you are opening Web Tools using that switch, if the fabric exceeds the switch limit indicated in the license, Web Tools allows a 30-day “grace period”...
Page 43: Opening Web Tools
Opening Web Tools Opening Web Tools You can open Web Tools on any workstation with a compatible Web browser installed. For a list of Web browsers compatible with Fabric OS 6.3.0, refer to Table 3. Web Tools supports both HTTP and HTTPS protocol.
Page 44: Logging In
Opening Web Tools FIGURE 6 Web Tools interface Logging in When you use Web Tools, you must log in before you can view or modify any switch information. This section describes the login process. Prior to displaying the login window, Web Tools displays a security banner (if one is configured for your switch), which you must accept before logging in.
Page 45: Figure 7 Signed Applet Certificate
Opening Web Tools FIGURE 7 Signed applet certificate 2. Click OK in the security banner window, if one displays. FIGURE 8 Login dialog box 3. On the login dialog box, type your user name and password. If your current password has expired, you must also provide a new password and confirm the new password.
Page 46: Figure 9 Virtual Fabric Login Option
Opening Web Tools FIGURE 9 Virtual Fabric login option 2. Log in to a logical fabric. To log in to the home logical fabric, select Home Logical Fabric and click OK. To log in to a logical fabric other than the home logical fabric, select User Specified Logical Fabric, type in the fabric ID number, and click OK.
Page 47: Figure 10 Login Dialog Box With Admin Domain Options
Opening Web Tools FIGURE 10 Login dialog box with Admin Domain options If the user name or password is incorrect, a dialog box displays indicating an authentication failure. If you entered valid credentials, but specified an invalid Admin Domain, a dialog box displays from which you can choose a valid Admin Domain or click Cancel to log in to your home domain.
Page 48: Logging Out
Role-Based Access Control Logging out You can end a Web Tools session either by logging out or by closing Switch Explorer window. You might be logged out of a session involuntarily, without explicitly clicking the Logout button, under the following conditions: •...
Page 49: Session Management
Session management Session management A Web Tools session is the connection between the Web Tools client and its managed switch. A session is established when you log in to a switch through Web Tools. When you close Switch Explorer, Web Tools ends the session. A session remains in effect until one of the following happens: •...
Page 50: Requirements For Ipv6 Support
Requirements for IPv6 support Requirements for IPv6 support The following list provides requirements for Web Tools IPv6 support: • In a pure IPv6 environment, you must configure DNS maps to the IPv6 address of the switch. • The switch name is required to match the DNS name that is mapped to the IPv6 address. •...
Page 51: Viewing Switch Explorer
Chapter Using the Web Tools Interface In this chapter • Viewing Switch Explorer ......... 19 •...
Page 52 Viewing Switch Explorer You must use DCFM Professional or Enterprise Edition to print the zone database summary configuration and to analyze zone configurations. For more information on zoning management, refer to “Zone configuration and zoning database management” page 147. • Reporting tasks, such as viewing the status of a switch.
Page 53: Figure 12 Switch Explorer
Viewing Switch Explorer FIGURE 12 Switch Explorer Use the following table with Figure 12 to identify the areas of Switch Explorer. Tasks Fabric Tree Menu bar Switch View buttons Changing the Virtual Fabric ID, or Changing the Admin Domain Switch Events and Switch Information Indicator bar Professional Management Tool offering Switch View...
Page 54: Table 5 Icon Image Changes
Viewing Switch Explorer Changes for consistency with DCFM Beginning with Fabric OS version 6.2.0, Web Tools icons are changed to be consistent with DCFM. Table 5 summarizes these changes. TABLE 5 Icon image changes Image Name Old Image New Image Switch Director or DCX Fabric...
Page 55 Viewing Switch Explorer TABLE 5 Icon image changes (Continued) Image Name Old Image New Image Switch event - Fatal Switch event - Informational Switch event - Warning Refresh Enable Disable Prohibit Web Tools Administrator’s Guide 53-1001343-01...
Page 56: Figure 13 Right-Click For Copy, Export, And Search
Viewing Switch Explorer The Search, Copy, and Export buttons are removed from the Web Tools tree and table headers, and are replaced by right-click operations, as shown in Figure FIGURE 13 Right-click for Copy, Export, and Search Tasks The Tasks menu lets you manage, monitor, and perform other tasks. The Management section provides access to the following options: •...
Page 57: Fabric Tree
Viewing Switch Explorer NOTE Some of these functions require a license key to activate them. The Monitor section provides access to the following options: • Performance monitoring You must use Web Tools with the EGM license to perform performance monitoring operations; otherwise, access to this feature is denied and an error message displays.
Page 58: Figure 14 Missing Egm License
Viewing Switch Explorer FIGURE 14 Missing EGM license If you are logged into Web Tools without the EGM license, you must log in again using a specific AD. The following figure shows the login wizard. After you log in, all the Admin Domains assigned to you are available in the drop-down menu (Figure 16).
Page 59: Figure 16 Changing The Admin Domain Context
Viewing Switch Explorer Figure 16 shows the Admin Domain context drop-down menu highlighted for changing the Admin Domain context. FIGURE 16 Changing the Admin Domain context The following procedure describes how to change the Admin Domain context. When changing the Admin Domain context, the option for selecting AD from the drop-down is not available if the EGM license is not present.
Page 60: Switch View Buttons
Viewing Switch Explorer Switch View buttons The Switch View buttons let you access the following switch information: • Status - click the button to view the status of the switch. • Temperature - click the button to view temperature monitors. •...
Page 61: Table 6 Blade Representations
Viewing Switch Explorer Blade representations Blades are graphically represented as shown in table. They are vertical in the DCX, and horizontal in the DCX-4s. TABLE 6 Blade representations Blade Graphic CORE8 FC8-48 FC8-32 FC8-16 FS8-18 FR4-18i FA4-18 FC10-6 FX8-24 FCOE10-24 Web Tools Administrator’s Guide 53-1001343-01...
Page 62: Port Representations
Viewing Switch Explorer Port representations The ports in the Switch View show the port type. Borders around the accessible ports indicate that SFP modules are present. A colored border indicates the status of the port; for example, a green border indicates that the port is connected and traffic is flowing. Ports that are not accessible do not display the port type and do not have borders.
Page 63: Figure 17 Usb Port Storage Management
Viewing Switch Explorer USB port representation For switches with USB ports, the USB Storage Management view is launched for USB ports (Figure 17). FIGURE 17 USB port storage management NOTE Left-click the USB port on the switch to launch the USB Storage Management window. Switch View refresh rates The Switch View display is refreshed at 15 second intervals.
Page 64: Switch Events And Switch Information
Viewing Switch Explorer Switch Events and Switch Information Switch Events and Switch Information appear as tab forms under Switch View. The information in the Switch Information View is polled every 60 seconds. The Switch Information tab displays information about the following items: •...
Page 65: Figure 18 Professional Management Tool Offering
Viewing Switch Explorer • RNID Type Model Sequence number Insistent Domain ID Mode Manufacturer Manufacturer Plant For more information, refer to “Displaying switch information” on page 158. Free Professional Management Tool You can use the Professional Management tool with Web Tools to view connectivity for each fabric, to back up and restore last-known configurations, and more.
Page 66: Figure 19 Right-Click Menu For Ports (From Switch Explorer)
Displaying tool tips Displaying tool tips When you rest the cursor over a Web Tools button, the system displays a brief description of the button. If you rest the cursor over most components, the system displays tool tip information about the component.
Page 67: Table 7 Polling Rates
Refresh rates • The Configure option provides another menu of options to allow you to rename, enable, and disable ports, and to set persistent enable or disable without opening the Port Administration window. Refresh rates Different panels of Web Tools refresh at different rates. The refresh, or polling, rates listed in this section and throughout the book indicate the time between the end of one polling and the start of the next, and not how often the screen is refreshed.
Page 68: Working With Web Tools: Recommendations
Working with Web Tools: recommendations If you open switches running Fabric OS v4.4.x or later from a Fabric Tree displayed for a version earlier than a v4.4.x switch, some features might be disabled. Use the following procedure to display switches in the fabric. 1.
Page 69: Opening A Telnet Or Ssh Client Window
Opening a Telnet or SSH client window Opening a Telnet or SSH client window When you open a Telnet or SSH client window, the connection is to the IP interface of the switch. You cannot connect to a CP blade on a director switch through a Telnet or SSH client window opened from Web Tools, even when the blade has an IP address and supports Telnet sessions.
Page 70 Collecting logs for troubleshooting Web Tools Administrator’s Guide 53-1001343-01...
Page 71: Managing Fabrics And Switches
Chapter Managing Fabrics and Switches In this chapter • Fabric and switch management overview ......39 •...
Page 72: Figure 20 Switch Administration Window, Switch Tab
Fabric and switch management overview FIGURE 20 Switch Administration window, Switch tab With the exception of switch time, information displayed in the Switch Administration window is not updated automatically by Web Tools. To update the information displayed in the Switch Administration window, refer to “Refreshing the Switch Administration window”...
Page 73: Fabric And Switch Management Overview
Fabric and switch management overview Opening the Switch Administration window Most of the management procedures in this chapter are performed from the Switch Administration window. To open the Switch Administration window, do the following. 1. Click Switch Admin in the Manage section of the Tasks menu. The Switch Administration window opens in basic mode, as shown in Figure 20 on page 40.
Page 74: Figure 21 Network Tab
Configuring IP and netmask information Configuring IP and netmask information Before proceeding, collect all the information you need to configure the Ethernet IP interface. This includes the subnet mask, gateway IP address, or IPFC, and subnet mask for your system. When you configure or change the Ethernet IP, subnet mask, gateway IP, or IPFC, and subnet mask from Web Tools, there is a normal loss of network connection to the switch.
Page 75: Figure 22 Netstat Performance
Netstat Performance 5. You can also enable automatic configuration of IPv6 addresses by selecting Enable IPV6 Auto Configuration. The automatically generated IPv6 addresses are displayed under Auto Configured IPV6 Addresses. Eight auto-configured addresses are created per switch, and up to 24 for a 48000, DCX, or DCX-4S chassis (eight per chassis, and eight per each installed CP).
Page 76: Removing A Syslog Ip Address
Removing a syslog IP address 3. In the Syslog IP’s Configuration section, in the New IP field, enter an IP address in either IPv4 or IPv6 format. 4. Click Add. The new IP address is displayed in the Syslog IP area. 5.
Page 77: Blade Management
Blade management Blade management Web Tools provides the ability to enable and disable blades, and to set slot-level IP addresses for blades. The procedure in this section applies only to the Brocade 48000 and Brocade DCX and DCX-4S enterprise-class platforms. Enabling or disabling a blade Use the following procedure to enable or disable a blade.
Page 78: Viewing Ip Addresses
Blade management Setting a slot-level IP address Use the following procedure to set an IP address. 1. Open the Switch Administration window as described on page 2. Click the Blade tab. 3. Click Set IP address. 4. Select a slot number from the list. 5.
Page 79: Switch Configuration
Switch configuration Switch configuration Use the Switch tab of the Switch Administration window to perform basic switch configuration. Figure 20 on page 40 shows an example of the Switch tab. Enabling and disabling a switch You can identify whether a switch is enabled or disabled in the Switch Administration window by looking at the lower-right corner.
Page 80: Viewing And Printing A Switch Report
Switch restart 5. Click Apply. 6. Enable the switch, as described in “Enabling and disabling a switch” on page 47. Viewing and printing a switch report The switch report includes the following information: • A list of switches in the fabric •...
Page 81: Figure 24 Configure Tab, Fabric Subtab
System configuration parameters System configuration parameters You must disable the switch before you can configure fabric parameters. You can change the following system configuration parameters: • Switch fabric settings • Virtual channel settings • Arbitrated loop parameters • System services •...
Page 82: Enabling Insistent Domain Id Mode
System configuration parameters 5. Make the fabric parameter configuration changes. 6. Click Apply. Enable the switch as described in “Enabling and disabling a switch” on page 47. Fabric settings Configure the following fabric settings on the Fabric subtab of the Configure tab: BB Credit The buffer-to-buffer credit is the number of buffers available to attached devices for frame receipt.
Page 83: Configuring Virtual Channel Settings
System configuration parameters Configuring virtual channel settings You can configure parameters for eight virtual channels (VC) to enable fine-tuning for a specific application. You cannot modify the first two virtual channels, which are reserved for switch internal functions. ATTENTION The default virtual channel settings are already optimized for switch performance. Changing the default values can improve switch performance, but can also degrade performance.
Page 84: Configuring System Services
Licensed feature management Configuring system services You can enable or disable FCP read link status (RLS) probing for F_Ports and FL_Ports. It is disabled by default. Follow the steps below. 1. Open the Switch Administration window as described on page 2.
Page 85: Figure 25 License Tab
Licensed feature management FIGURE 25 License tab Right-click a license key to export data, copy data, or search the table. Activating a license on a switch Before you can unlock a licensed feature, you must obtain a license key. You can either use the license key provided in the paperpack document supplied with switch software or refer to the Fabric OS Administrator’s Guide for instructions on how to obtain a license key at the Brocade Web site (www.brocade.com).
Page 86: Figure 26 Assign Slots Window
Licensed feature management Assigning slots for a license key This feature allows to increase the capacity without disrupting the slots that already have licensed features running. NOTE You can enable slot based licenses only on 10 Gigabit Ethernet (FTR_10G), Advanced Extension (FTR_AE), and Advanced FICON Acceleration (FTR_AFA) features.
Page 87: High Availability Overview
High Availability overview Universal time based licensing From v6.3.0, Web Tools supports universal time based licensing. Each universal key is for a single feature, and can be used on any product that supports the feature, for a defined trial period. At the end of the trial period, the feature gets disabled.
Page 88: Figure 27 High Availability Window, Cp Tab
High Availability overview 2. Click the HA button in the Switch View. The High Availability window opens. FIGURE 27 High Availability window, CP tab Note that the highlight color of the HA Status at the top of the module is the same as the background color of the HA button.
Page 89: Synchronizing Services On The Cp
High Availability overview Admin Domain considerations To open the High Availability window, the switch must be a member of the Admin Domain you are currently logged in to. If the switch is not a member of the current Admin Domain, the Synchronized Services and Initiate Failover buttons are unavailable.
Page 90: Table 8 Event Severity Levels
Event monitoring Event monitoring Web Tools displays fabric-wide and switch-wide events. Event information includes sortable fields for the following: • Switch name • Message number • Time stamp • Indication of whether the event is from a logical switch or a chassis •...
Page 91: Figure 28 Switch Events Tab
Event monitoring 1. Click the switch from the Fabric Tree. Switch View displays. 2. Click the Switch Events tab, if necessary. FIGURE 28 Switch Events tab You can click the column head to sort the events by a particular column, and drag the column divider to resize a column.
Page 92: Figure 29 Event Filter Dialog Box
Event monitoring The Event Filter dialog box displays. FIGURE 29 Event Filter dialog box 3. To filter events within a certain time period: a. Select the From check box and enter the start time and date in the fields. b. Select the To check box and enter the finish time and date in the fields. 4.
Page 93: Filtering Events By Message Id
Displaying the Name Server entries Filtering events by message ID Use the following procedure to filter events by message ID. 1. Open the Switch Events tab as described in “Displaying Switch Events” on page 58. 2. Click Filter. The Event Filter dialog box displays. 3.
Page 94: Figure 30 Name Server Window
Displaying the Name Server entries For FICON devices: The Name Server table shows the request node identification (RNID) information. 1. Click Name Server in the Monitor section of the Tasks menu. The Name Server window displays. FIGURE 30 Name Server window 2.
Page 95: Figure 31 Name Server Information - Detailed View
Physically locating a switch using beaconing 2. Click a device from the Domain column. 3. Click Detail View. The Name Server Information dialog box displays the information specific to that device. FIGURE 31 Name Server Information - detailed view Displaying zone members for a particular device Use the following procedure to display zone members for a particular device.
Page 96: Locating Logical Switches Using Chassis Beaconing
Locating logical switches using chassis beaconing 1. Select a switch from the Fabric Tree. The selected switch displays in the Switch View. 2. Click Beacon for a switch, or Chassis Beacon for a chassis-based switch. The LED lights on the actual switch light up on the physical switch in a pattern running back and forth across the switch itself.
Page 97: Virtual Fabrics Overview
Virtual Fabrics overview Virtual Fabrics overview Virtual Fabrics is an architecture to virtualize hardware boundaries. Traditionally, SAN design and management is done at the granularity of a physical switch. Each switch and all the ports in the switch act as a single fabric element that participates in a single fabric. The Virtual Fabrics feature allows SAN design and management to be done at the granularity of a port.
Page 98: Figure 32 Default Logical Switch
Virtual Fabrics overview Selecting a logical switch from the Switch View You can log in to a specific logical switch, as described in Chapter 1, or you can select a logical switch from the Switch View. If you do not log in to a specific logical switch, you are presented with the default logical switch.
Page 99: Figure 34 Logical Switch, Fabric Id 2
Virtual Fabrics overview FIGURE 34 Logical switch, fabric ID 2 Under the Switch Information tab, Base Switch, Default Switch, and Allow XISL Use are specific to VIrtual Fabrics: • Base Switch indicates whether or not the logical switch can act as a base switch. A base switch is a special logical switch that can be used for chassis interconnection.
Page 100: Figure 35 Logical Port Properties
Virtual Fabrics overview Viewing Logical ports When base switches are connected through XISLs, a base fabric is formed that includes logical switches in different chassis. A logical link is formed dynamically among logical switches that have the same FID to carry frames between the logical switches. Logical ports are created in the respective switches to support the logical link.
Page 101: Maintaining Configurations And Firmware
Chapter Maintaining Configurations and Firmware In this chapter • Creating a configuration backup file ....... 69 •...
Page 102: Figure 36 Upload/Download Tab
Creating a configuration backup file FIGURE 36 Upload/Download tab 5. If you upload from a network, type the host name or IP address in the Host Name or IP field, the user ID and password required for access to the host in the User Name and Password fields, and choose the Protocol Type used for the upload.
Page 103: Restoring A Configuration
Restoring a configuration An info link is enabled when USB is chosen as the source of the configuration file. If you click on info, the following information message is displayed. 6. Type the configuration file with a fully-qualified path, or select the configuration file name in the Configuration File Name field.
Page 104: Figure 38 Upload/Download Tab
Restoring a configuration FIGURE 38 Upload/Download tab 5. Under Function, select Config Download to Switch. 6. If you download from a network, type the host name or IP address in the Host Name or IP field, the user ID and password required for access to the host in the User Name and Password fields, and choose the Protocol Type used for the upload.
Page 105: Admin Domain Configuration Maintenance
Admin Domain configuration maintenance An info link is enabled when USB is chosen as the source of the configuration file. If you click info, the following information message is displayed. 8. Type the configuration file with a fully-qualified path, or select the configuration file in the Configuration File Name field.
Page 106: Uploading And Downloading From Usb Storage
Uploading and downloading from USB storage • Local zone configuration • iSCSI config (if any) • All other config information except Admin Domain configuration information • If you invoke it from AD255 and you are logged in with any role that allows config upload/download), the following will be saved in the configuration file: •...
Page 107: Figure 40 Usb Port Management Wizard - Right Click Options
Performing a firmware download FIGURE 40 USB Port Management wizard - right click options 3. Click Copy to upload and Export to download. Performing a firmware download During a firmware download, the switch restarts and the browser temporarily loses connection with the switch.
Page 108: Figure 41 Firmware Download Tab
Performing a firmware download FIGURE 41 Firmware Download tab 3. Choose whether you are downloading the firmware or the firmware key. 4. Choose whether the download source is located on the network or a USB device. When you select the USB button, you can specify only a firmware path or directory name. No other fields on the tab are available.
Page 109: Sas And Sa Firmware Download
Performing a firmware download The firmware download begins. You can monitor the progress by looking at the Firmware Download progress bar. About halfway through the download process, after the firmware key is downloaded to the switch, connection to the switch is lost and Web Tools invalidates the current session. (Web Tools invalidates all windows because upfront login is always enabled and cannot be disabled.) 8.
Page 110: Figure 42 Firmware Download Tab For Bladed Switches
Switch configurations for mixed fabrics FIGURE 42 Firmware Download tab for bladed switches Switch configurations for mixed fabrics You can use Web Tools to configure switches in a mixed fabric. You do this by setting the switch to interoperability mode, which is McDATA Open Fabric mode or McDATA Fabric mode. When you turn on interoperability mode, the Zone DB is cleared.
Page 111: Figure 43 Configure Tab, Interoperability Tab
Switch configurations for mixed fabrics Enabling interoperability When you configure interoperability, Web Tools verifies that the domain ID of the switch falls within the range for the interoperability mode you choose. The domain ranges are as follows: • The normal domain ID range is 1-239. •...
Page 112 Switch configurations for mixed fabrics • Brocade Native Fabric Mode • For McDATA Fabric Mode and McDATA Open Fabric Mode, you can select the offset value from the Domain Offset (Hex) / Domain ID (Hex) drop down list. The available offset values are 0 (0x00), 32 (0x20), 64 (0x40), 96 (0x60), 128 (0x80), 160 (0xA0), and 192 (0xC0).
Page 113: Managing Administrative Domains
Chapter Managing Administrative Domains In this chapter • Administrative domain overview........81 •...
Page 114: User-Defined Admin Domains
Administrative domain overview User-defined Admin Domains AD1 through AD254 are user-defined Admin Domains. These user-defined Admin Domains can be created only by a physical fabric administrator in AD255. System-defined Admin Domains AD0 and AD255 are special Admin Domains and are present in every AD-capable fabric. AD0 is a system-defined Admin Domain that, in addition to containing members you explicitly added (similar to user-defined Admin Domains), it contains all online devices, switches, and switch ports that were not assigned to any user-defined Admin Domain.
Page 115: Admin Domain Membership
Enabling administrative domains You can use AD255 to do the following: • Manage other Admin Domains. • Get an unfiltered view of the fabric. • Manage ACL and distribution (can be managed in AD0 if no other Admin Domains are present). •...
Page 116: Figure 44 Missing Egm License
Admin Domain window 1. Change the Admin Domain context to AD0. Refer to “Changing the Admin Domain context” page 25. NOTE Changing the Admin Domain context requires using Web Tools with the EGM license; otherwise, access to this feature is denied and an error message displays. Change the Default Zone mode to No Access.
Page 117: Figure 45 Admin Domain Window, Summary View
Admin Domain window FIGURE 45 Admin Domain window, summary view The Admin Domain window displays information about the Admin Domains defined in the fabric. If you launch the Admin Domain window from AD255 (physical fabric), the window contains information about the current content of all Admin Domains. If you launch the Admin Domain window from any other Admin Domain, the window displays the current Admin Domain only.
Page 118: Figure 46 Admin Domain Window, Single Admin Domain Detail
Admin Domain window FIGURE 46 Admin Domain window, single Admin Domain detail NOTE The tree only displays launched switches and their ports. It also displays all the devices in the fabric. Slot and port information of other switches are not displayed in the tree. The Admin Domain window has the following buttons in a task bar at the top of the window: •...
Page 119: Figure 47 Search For A Text String In A Table
Admin Domain window • Click Copy Row or Copy Table to copy the contents in tab-delimited text format to a file. • Click Search to search for a specific text string in the table. The Switch Members box displays, as shown in Figure In the Switch Members box, type the text string and press Enter.
Page 120: Refreshing Admin Domain Information
Admin Domain window Refreshing Admin Domain information Any changes you make in the Admin Domain window are saved to a local buffer; they are not applied to persistent storage until you invoke one of the transactional operations listed in the Actions menu.
Page 121: Figure 48 Create Admin Domain Wizard
Creating and populating domains 2. Click Yes to close without saving changes or click No to go back to the Admin Domain window to save the changes (refer to “Saving local Admin Domain changes” on page 88). Creating and populating domains Setting up an Admin Domain involves the following steps.
Page 122: Figure 49 Adding Members To An Admin Domain
Creating and populating domains 3. In the Name area, assign an Admin Domain name. You can specify a name or let the system assign the name for you. 4. In the ID area, assign an Admin Domain ID. You can specify an ID or let the system assign the ID for you. 5.
Page 123: Figure 50 Summary View
Creating and populating domains NOTE The tree only displays two FC ports and all logical ports if the 7500E upgrade license is not installed. 8. Click Next. The wizard displays a summary of the Admin Domain. Read the summary to verify that the Admin Domain setup is correctly.
Page 124: Figure 51 Add Member Wizard
Modifying Admin Domain members FIGURE 51 Add Member wizard 2. Select Port and enter the member ID in the Member field using the Domain Index (D,I) format. 3. Click Apply to enforce the added members, and then click OK to accept the changes. Activating or deactivating an Admin Domain Use the following procedure to activate or deactivate an Admin Domain.
Page 125: Figure 52 Modify Admin Domain Wizard
Modifying Admin Domain members FIGURE 52 Modify Admin Domain wizard 4. Assign members to the Admin Domain by selecting them in the Available Members section and clicking Add, Add Ports, or Add Devices as described below: • Select a switch, port, or device in the Available Members tree and click Add to add the selected element.
Page 126: Renaming Admin Domains
Modifying Admin Domain members Renaming Admin Domains You can change the name of an Admin Domain, including an auto-assigned ID name. The Admin Domain name cannot exceed 63 characters and can contain alphabetic and numeric characters. The only special character allowed is an underscore ( _ ). NOTE You cannot rename AD0 or AD255.
Page 127: Opening The Port Administration Window
Chapter Managing Your Ports In this chapter • Port management overview ........95 •...
Page 128: Figure 53 Port Administration Window, Fc Ports, Basic Mode
Port management overview FIGURE 53 Port Administration window, FC Ports, Basic Mode The Port Administration window displays information about the ports on the switch. Click Show Advanced Mode in the upper-right corner of the window to see more port management options (Figure 54).
Page 129: Figure 54 Port Administration Window, Fc Ports, Advanced Mode
Port management overview FIGURE 54 Port Administration window, FC Ports, Advanced Mode Admin Domain considerations In fabrics with user-defined Admin Domains, the Port Administration window is filtered to show only ports that are direct or indirect members of the currently selected Admin Domain: •...
Page 130: Port Administration Window Components
Port management overview Port Administration window components The Port Administration window (shown in Figure 53) has the following two tabs on the top left: • FC Ports to display all of the FC ports on the switch (physical FC ports and logical FCIP ports) •...
Page 131 Port management overview • Button area. The button area contains buttons for all the tasks you can perform on the selected port. If you select more than one port, buttons are available for only the tasks that you can perform on all of the selected ports. Buttons are grayed (unavailable) if they are not applicable to the selected ports.
Page 132: Controllable Ports
Port management overview • QoS Enable/Disable (These options require Adaptive Networking License) SFP—Physical ports only (FC, CEE, and GbE) • Advanced information about the port equipment Port Statistics • Advanced port statistics • Error details • FCIP Tunnels—GbE ports and logical FCIP ports only (not available for the FR4-16IP) Controllable ports All ports have a “Controllable”...
Page 133: Figure 55 Port Administration Window, Table View
Configuring FC ports FIGURE 55 Port Administration window, Table view Configuring FC ports With the FC Port Configuration wizard, you can configure allowed port types, port speed, and long distance mode for physical ports. You must use Web Tools with the EGM license enabled on the switch to configure long distance; otherwise, access to this feature is denied and the following error message displays.
Page 134: Figure 57 Fc Port Configuration Wizard, Fc Ports
Configuring FC ports The EGM license is required only for 8 Gbps platforms, such as the Brocade DCX and DCX-4S enterprise-class platforms, the Encryption Switch, the 300, 5300, and 5100 switches. For non-8 Gbps platforms, all functionalities are available without EGM license. The following procedure describes how to open the FC Port Configuration wizard.
Page 135: Allowed Port Types
Configuring FC ports The FC Port Configuration wizard opens. The fields are populated with the current configuration values. Long distance is not displayed from the Edit Configuration window as shown is Figure 57. You can view long distance from the View tab when you display port details. 6.
Page 136: Figure 58 Missing Egm License
Assigning a name to a port FIGURE 58 Missing EGM license The EGM license is required only for 8 Gbps platforms, such as the Brocade DCX and DCX-4S enterprise-class platforms, the Encryption Switch, the 300, 5300, and 5100 switches. For non-8 Gbps platforms, all functionalities are available without EGM license.
Page 137: Enabling And Disabling A Port
Enabling and disabling a port 5. Click Rename. 6. Type a name for the port and click Rename. To delete the existing port name, leave the field blank and click Rename. Enabling and disabling a port Use the following procedure to enable or disable a port. 1.
Page 138: Persistent Enabling And Disabling Ports
Persistent enabling and disabling ports Persistent enabling and disabling ports Use the following procedure to enable or disable an FC port so that it remains enabled or disabled across switch restarts. NOTE Ports cannot be persistently enabled or disabled when FMS is enabled. 1.
Page 139: Table 9 Ports Enabled With Pod Licenses And Dpod Feature
Port activation Port activation Brocade switches come with a preset number of ports enabled. Additional ports can be enabled using the Ports on Demand (POD) licenses and the Dynamic Ports on Demand (DPOD) feature (for supported switches only). Ports on Demand is ready to be unlocked in the switch firmware. The license might be part of the licensed Paper Pack supplied with switch software, or you can purchase the license separately from your switch vendor, who will provide you with a key to unlock it.
Page 140: Enabling Ports On Demand
Port activation After the license keys are installed, you must enable the ports. You can do so without disrupting switch operation, as described in “Enabling and disabling a port” on page 105. Alternatively, you can disable and re-enable the switch to activate all ports as described in “Enabling and disabling a switch”...
Page 141: Disabling Dynamic Ports On Demand
Port activation Disabling Dynamic Ports on Demand NOTE Disabling DPODs causes traffic disruption. Any prior port associations and assignments are lost the next time the switch is restarted. You must be logged in as Admin to disable the Dynamic POD feature. 1.
Page 142: Port Swapping Index
Port swapping index Port swapping index If a port malfunctions, or if you want to connect to different devices without having to rewire your infrastructure, you can move traffic from one port to another (swap ports) without changing the I/O Configuration Data Set (IOCDS) on the mainframe computer.
Page 143: Figure 59 Port Swapping Index
Configuring BB credits on an F_Port FIGURE 59 Port Swapping Index Configuring BB credits on an F_Port From 6.3.0 you can configure the BB credits value on an F_Port. Follow the steps given below. 1. Click a port in the Switch View to open the Port Administration window. 2.
Page 144: Figure 61 Configure Bb Credit Window
Configuring BB credits on an F_Port FIGURE 61 Configure BB Credit window 5. Enter the BB credit value in the Enter BB Credit field. The default value is 8. NOTE You cannot modify the default BB credit value for VE and ICL ports. 6.
Page 145: Isl Trunking Overview
Chapter Enabling ISL Trunking In this chapter • ISL trunking overview ......... . 113 •...
Page 146: Figure 62 Missing Egm License
Disabling or enabling ISL trunking Disabling or enabling ISL trunking The trunking feature requires using Web Tools with the EGM license. If you attempt to use this feature without the EGM license, the following error message displays. FIGURE 62 Missing EGM license When the trunking license is activated, trunks are automatically established on eligible ISLs and trunking capability is enabled by default on all ports.
Page 147: Figure 63 Trunking Tab
Viewing trunk group information Viewing trunk group information Use the Trunking tab on the Switch Administration window to view trunk group information (Figure 63). FIGURE 63 Trunking tab The following trunking attributes can be displayed from the Port Admin view by selecting Show Advanced Mode: •...
Page 148: Figure 64 Missing Egm License
F_Port trunk groups F_Port trunk groups F_Port trunking provides extra bandwidth and robust connectivity for hosts and targets connected by switches in Access Gateway mode. There are five general criteria for establishing F_Port trunking: • The F_Port trunking feature requires installing the EGM license; otherwise if you attempt to use this feature in Web Tools without the license, the following error message displays.
Page 149: Figure 65 F_Port Trunking Dialog Box
F_Port trunk groups 3. Select any port from the port group in which you want to create the trunk group. 4. Select F_Port Trunking. The F_Port Trunking dialog box displays (Figure FIGURE 65 F_Port trunking dialog box 5. Select one or more ports in the Ports for trunking pane. A dialog box displays, asking you to select a trunk index.
Page 150 F_Port trunk groups Web Tools Administrator’s Guide 53-1001343-01...
Page 151: Monitoring Performance
Chapter Monitoring Performance In this chapter • Performance Monitor overview........119 •...
Page 152: Predefined Performance Graphs
Performance Monitor overview The Advanced Monitoring option in the Performance Graphs window displays predefined reports and filter-based performance monitoring. You can use this feature to track the following: • The number of words received and transmitted in Fibre Channel frames with a defined SID/DID pair.
Page 153: Table 10 Basic Performance Graphs
Performance Monitor overview The advanced monitoring graphs give more detailed performance information to help you manage your fabric. You can access the basic monitoring graphs on all switches; advanced monitoring graphs are available only on switches that have a Brocade Advanced Performance Monitoring license activated.
Page 154: Table 12 Supported Port Types For Brocade Switches
Performance Monitor overview Table 12 lists each graph and indicates the supported port types for each. The port selection lists for each graph displays the supported ports for that graph. TABLE 12 Supported port types for Brocade switches Graph Type Physical FC Ports Logical FC Ports GbE Ports...
Page 155: Figure 66 Accessing Performance Graphs
Performance Monitor overview Figure 66 shows how to access the list of Advanced Performance Monitoring graphs using Web Tools with the EGM license. This example displays the graphs available in the Performance Monitoring window for a Brocade 48000 director with the Advanced Performance Monitoring license installed.
Page 156: Figure 67 Canvas Of Six Performance Monitoring Graphs
Opening the Performance Monitoring window FIGURE 67 Canvas of six performance monitoring graphs Opening the Performance Monitoring window To perform performance monitoring, you must use Web Tools with the EGM license; otherwise, when you click on the Performance Monitor tab, access to this feature is denied and an error messages displays.
Page 157: Figure 68 Creating A Basic Performance Monitor Graph
Customizing basic monitoring graphs Depending on the type of graph you select, you might be prompted to select a slot or port for which to create a graph (Figure 69). FIGURE 68 Creating a basic performance monitor graph 3. If prompted, drag the port into the Enter/drag slot,port field, or manually type the slot and port information in the field, in the format slot,port.
Page 158: Figure 69 Select Ports For Customizing The Switch Throughput Utilization Graph
Customizing basic monitoring graphs The following procedure assumes that you already created one of these customizable graphs. 1. Create or access the graph you want to customize. Refer to “Creating basic performance monitor graphs” on page 124 for instructions on creating a graph. 2.
Page 159: Advanced Performance Monitoring Graphs
Advanced performance monitoring graphs You can perform the following in the dialog box: a. Double-click the domain to expand the slot or port list. For the Brocade 48000, Brocade DCX and Brocade DCX 4S enterprise-class platforms, click the plus (+) signs to expand the ports under each slot, as shown in Figure b.
Page 160: Figure 70 Creating An Sid/Did Performance Graph
Advanced performance monitoring graphs FIGURE 70 Creating an SID/DID performance graph NOTE Only the FC ports of the launched switch display in the tree. The All Devices tab lists all the devices in the fabric and lets you select the source and destination. Slot and port information of other switches is not displayed in the tree.
Page 161: Creating Scsi Command Graphs
Advanced performance monitoring graphs Creating a SCSI vs. IP Traffic Graph The SCSI vs. IP Traffic graph displays the SCSI versus IP traffic for selected ports. For Brocade 48000 and Brocade DCX and DCX-4S enterprise-class platforms, the slot and port name are identified in the graph.
Page 162: Figure 71 Creating A Scsi Command Graph
Tunnel and TCP performance monitoring graphs FIGURE 71 Creating a SCSI command graph 3. Navigate to a switch > slot > port in the Port Selection List. 4. Click the port from the Port Selection List and drag it into the Enter/drag port field. 5.
Page 163: Figure 72 Tunnel And Tcp Graph Window
Tunnel and TCP performance monitoring graphs FIGURE 72 Tunnel and TCP Graph window 3. Select the tunnel from the Tunnels drop down list for which you want to generate the graphs. For Brocade 7800 extension switch, you can have maximum four circuit connections in a tunnel and for FX8-24 DCX extension blade, you can have maximum 10 circuit connections in a tunnel.
Page 164: Saving Graphs To A Canvas
Saving graphs to a canvas Saving graphs to a canvas Saving graphs is useful when you create customized graphs and do not want to recreate them each time you access the Performance Monitoring window. When you save graphs, you must save them to a canvas. The following procedure describes how to save graphs to a new canvas.
Page 165: Printing Graphs
Printing graphs Printing graphs You can print a single graph or all the graphs displayed on the selected canvas configuration. Only one canvas configuration can be opened at a time. 1. Open the Performance Monitoring window. 2. Create a basic or advanced Performance Monitor graph as described in “Creating basic performance monitor graphs”...
Page 166 Modifying graphs Web Tools Administrator’s Guide 53-1001343-01...
Page 167: Table 13 Zoning Features Supported In Dcfm Professional And Enterprise Edition
Chapter Administering Zoning In this chapter • Zoning overview ..........135 •...
Page 168: Table 14 Qos Zone Name Prefixes
Zoning overview Basic Zones Basic zoning enables you to partition a storage area network (SAN) into logical groups of devices that can access each other. For example, you can partition a SAN into two zones, winzone and unixzone, so that the Windows servers and storage do not interact with UNIX servers and storage. Zones can be configured dynamically.
Page 169: Zoning Configurations
Zoning configurations Zoning configurations The Zone Administration window is where all of the zoning tasks are performed. When performing zoning tasks for switches in a mixed fabric—that is, a fabric containing two or more switches running different fabric operating systems—you should use the switch with the highest Fabric OS level.
Page 170: Figure 73 Zone Administration Window
Zoning management You must be logged into the switch using a user name with one of the following roles associated with it to make changes to the zoning: zoneAdmin, admin, or fabricAdmin. All other roles allow only a view or read-only access. Most of the zoning operations are disabled in read-only mode. A snapshot is taken of all the zoning configurations at the time you launch the Zone Administration window;...
Page 171: Refreshing Fabric Information
Zoning management • “Refreshing” means copying the current state of the zoning database on the switch to the Web Tools buffer, overwriting its current contents. In the Zone Administration window, all WWNs also display vendor names. NOTE The Member Selection List only lists the ports of the current switch and the devices of all the switches in the fabric.
Page 172: Refreshing Zone Administration Window Information
Zoning management Refreshing Zone Administration window information The information displayed in the Zone Administration window is initially a snapshot of the contents of the fabric zoning database at the time the window is launched. Any changes you make to this window are saved to a local buffer;...
Page 173: Creating And Populating Zone Aliases
Zoning management 1. Make the zoning changes in the Zone Administration window. 2. Click Zoning Actions > Save Config. NOTE If you have made changes to a configuration, you must enable the configuration before the changes are effective. To enable the configuration, refer to “Enabling zone configurations”...
Page 174: Adding And Removing Members Of A Zone Alias
Zoning management 4. On Create New Alias, type a name for the new alias and click OK. The new alias is displayed in the Name list. 5. Expand the Member Selection List to view the nested elements. The choices available in the Member Selection List depend on the selection in the View menu. 6.
Page 175: Deleting Zone Aliases
Zoning management 5. Click Zoning Actions > Save Config to save the configuration changes. To enable the configuration, refer to “Enabling zone configurations” on page 149. Deleting zone aliases You can remove a zone alias from the Zone Admin buffer. When a zone alias is deleted, it is no longer a member of the zones of which it was once a member.
Page 176: Creating And Populating Zones
Zoning management Creating and populating zones A zone is a region within the fabric where specified switches and devices can communicate. A device can communicate only with other devices connected to the fabric within its specified zone. Use the following procedure to create a zone. 1.
Page 177: Renaming Zones
Zoning management 5. Click Add Member to add a zone member, or click Remove Member to remove a zone member. The zone is modified in the Zone Admin buffer. At this point you can either save your changes or save and enable your changes. 6.
Page 178: Deleting Zones
Zoning management Deleting zones Use the following procedure to delete a zone. 1. Open the Zone Administration window as described on page 137. 2. Click the Zone tab. 3. Select the zone you want to delete from the Name menu and click Delete. 4.
Page 179: Figure 74 Sample Zoning Database
Zone configuration and zoning database management Zone configuration and zoning database management A zone configuration is a group of zones; zoning is enabled on a fabric by enabling a specific configuration. You can specify members of a configuration using zone names. Figure 74 shows a sample zoning database and the relationship between the zone aliases, zones, and zoning configuration.
Page 180: Adding Or Removing Zone Configuration Members
Zone configuration and zoning database management 3. Click the Zone Config tab and click New Zone Config. 4. On Create New Config, type a name for the new configuration and click OK. The new configuration displays in the Name list. 5.
Page 181: Cloning Zone Configurations
Zone configuration and zoning database management 4. On Rename a Config, type a new configuration name and click OK. The configuration is renamed in the configuration database. 5. Click Zoning Actions > Save Config to save the configuration changes. Cloning zone configurations You must use Web Tools with the EGM license to perform cloning operations for zone configurations;...
Page 182: Disabling Zone Configurations
Zone configuration and zoning database management 1. Open the Zone Administration window as described on page 137. 2. Click Zoning Actions > Enable Config. 3. On Enable Config, select the configuration to be enabled from the menu. 4. Click OK to save and enable the selected configuration. Disabling zone configurations When you disable the active configuration, the Advanced Zoning feature is disabled on the fabric, and all devices within the fabric can communicate with all other devices.
Page 183: Figure 75 Effective Configuration Window
Zone configuration and zoning database management FIGURE 75 Effective Configuration window Viewing the enabled zone configuration name without opening the Zone Administration window Do the following: • Select a switch from the Fabric Tree. The selected switch displays in the Switch View.
Page 184: Adding A Wwn To Multiple Aliases And Zones
Zone configuration and zoning database management 2. To identify the most recently effective zone configuration without saving or applying any changes you made in the Zone Administration window, click Print > Print Effective Zone Configuration in the Zone Administration window. If no zone is enabled, a message is displayed, indicating that there is no active zoning configuration on the switch.
Page 185: Replacing A Wwn In Multiple Aliases And Zones
Zone configuration and zoning database management Replacing a WWN in Multiple Aliases and Zones This procedure enables you to replace a WWN throughout the Zone Admin buffer. This is helpful when exchanging devices in your fabric and helps you to maintain your current configuration. 1.
Page 186: Clearing The Zoning Database
Best practices for zoning Clearing the Zoning Database Use the following procedure to disable the active zoning configuration, if one exists, and delete the entire zoning database. You must disable any active configuration before you can delete the zoning database. ATTENTION This action not only disables zoning on the fabric, but also deletes the entire zoning database.
Page 187: Working With Diagnostic Features
Chapter Working With Diagnostic Features In this chapter • Trace dumps ..........155 •...
Page 188: How A Trace Dump Is Used
Trace dumps Using the Trace tab of the Switch Administration window, you can view and configure the trace FTP host target and enable or disable automatic trace uploads. FIGURE 76 Trace tab How a trace dump is used The generation of a trace dump causes a CRITICAL message to be logged to the system error log. When a trace dump is detected, issue the supportSave command on the affected switch.
Page 189: Specifying A Remote Server
Trace dumps Setting up for automatic transfer of diagnostic files involves the following tasks: • Specifying a remote server to store the files. • Enabling the automatic transfer of trace dumps to the server. (Trace dumps overwrite each other by default; sending them to a server preserves information that would otherwise be lost.) Specifying a remote server You can perform this task only if the switch belongs to the Admin Domain you are logged into.
Page 190: Figure 77 Temperature Sensor States Window
Displaying switch information Displaying switch information You can right-click in the table content of Fan, Temperature, and Power Status windows to find Export, Copy, and Search options. These options are not available if the table does not have any content. You must accept the Brocade Certificate at the beginning of the log in to Web Tools to enable the functionality of Export and Copy.
Page 191: Figure 79 Temperature Sensor States Window
Displaying switch information The Fan No. column indicates either the fan number or the fan FRU number, depending on the switch model. A fan FRU can contain one or more fans. • For Brocade 4100, 4900, 5000, 5100, 5300, 7600, the 7500, 7500E, and 7800 Extension switches, the 8000, and the Brocade Encryption Switch, the Fan No.
Page 192: Figure 80 Power Status Window
Displaying switch information 1. Select a switch from the Fabric Tree. The selected switch displays in the Switch View. The icon on the Power button indicates the overall status of the power supply. 2. Click Power on the Switch View. The detailed power supply states are displayed.
Page 193: Figure 81 Switch Report Window
Displaying switch information Click the Status button to display a detailed, customizable switch status report, shown in Figure Note that this is a static report and not a dynamic view of the switch. FIGURE 81 Switch Report window 1. Select a switch from the Fabric Tree.
Page 194: Figure 82 Switch Report Action Menu
Port LED interpretation FIGURE 82 Switch Report Action menu Port LED interpretation Switch View displays port graphics with blinking LEDs, simulating the physical appearance of the ports. One of the LEDs indicates port status; the other indicates port speed. For LED information, refer to the hardware documentation for the switch you are viewing.
Page 195: Figure 83 Port And Led Status Color-Coded Information In The Port Icon In Switch View
Port LED interpretation Port icon colors The background color of the port icon indicates the port status, as follows: • Green (healthy) • Yellow (marginal) • Red (critical) • Gray (unmonitored) • If the entire port icon is blue, the port is buffer-limited. •...
Page 196: Figure 84 Port Leds For The Fc4-32 Port Blade In The Brocade 48000
Port LED interpretation Brocade 48000 Director LEDs For the Brocade 48000 director, the representation of the port LEDs on the FC4-32 port blade is not the same as the LEDs on the physical blade. Figure 84 on page 164 compares the LEDs on the physical port card and the Web Tools display.
Page 197: Using The Fc-Fc Routing Service
Chapter Using the FC-FC Routing Service In this chapter • Fibre Channel Routing overview ........165 •...
Page 198: Supported Switches For Fibre Channel Routing
Supported switches for Fibre Channel Routing Note the following terminology for Fibre Channel Routing: backbone fabric An FC Router can connect two edge fabrics; a backbone fabric connects FC Routers. The backbone fabric is the fabric to which the FC Router switch belongs.
Page 199: Opening The Fc Routing Module
FC-FC routing management 3. Configure EX_Ports by clicking the EX Ports tab and then clicking New. Follow the instructions in the wizard. Refer to “Viewing EX_Ports” on page 169. 4. Connect the cables from the EX_Ports on the FC Router to the edge fabrics, if they were not connected before.
Page 200: Figure 85 Fc Routing Module In Disabled Mode With General Tab Selected
FC-FC routing management NOTE When the Virtual Fabrics capability is enabled on the switch, Fabric ID cannot be set using the Set Fabric ID button. Use the following procedure to open the FC Routing module. 1. Select a switch from the Fabric Tree.
Page 201: Figure 86 Fc Routing Module With Lsan Fabrics Tab Selected
Viewing EX_Ports To manage an LSAN fabric, select the fabric to manage and click Manage LSAN Fabric in the task bar. A browser window is launched with the following url: http://ip-address-of-lsan-fabric-switch For Brocade switches, this launches Web Tools. For non-Brocade fabrics, this launches the element manager for that switch.
Page 202: Figure 87 Fc Routing Module With Ex_Ports Tab Selected
Viewing EX_Ports • Edit an EX_Ports configuration • Rename an EX_Port • Swap the Port Index of an EX_Port (described in “Port swapping index” on page 110) • Enable or disable an EX_Port • Persistently enable or disable an EX_Port •...
Page 203: Configuring An Ex_Port
Configuring an EX_Port Configuring an EX_Port Use the following procedure to configure an EX_Port. 1. Select Tasks > Manage > FCR. 2. Click the EX_Ports tab. 3. Click New in the task bar to configure one or more EX_Ports. NOTE For Brocade 7800 extension switch and FX8-24 blade, New button is enabled only if Integrated Routing license is present.
Page 204: Viewing Lsan Zones
Viewing LSAN zones 1. Open the Switch View window. 2. Click FCR in Manage section of the Tasks menu. 3. Click the Ex_Ports tab. 4. Click the Router Port Cost button. Viewing LSAN zones The LSAN Zones tab displays all the LSAN zones, in both a tabular and tree form. If FC-FC Routing is disabled, the table and the tree node in this tab display only the LSAN zones present in the backbone fabric.
Page 205: Figure 88 Fc Routing Module With Lsan Devices Tab Selected
Configuring the backbone fabric ID Click the Physical Devices or Proxy Devices element in the tree to see a detailed list of the physical or proxy devices. Click the device name in the tree for more detailed information about a specific device, as shown in Figure FIGURE 88...
Page 206 Configuring the backbone fabric ID Select a fabric ID from the drop-down menu. The fabric ID is a number from 1 through 128. Web Tools warns you if you select a fabric ID that is already in use. 8. Click OK. 9.
Page 207: Access Gateway Overview
Chapter Using the Access Gateway In this chapter • Access Gateway overview ........175 •...
Page 208: Figure 89 Switch Explorer View For Access Gateway Mode
Viewing switch explorer for Access Gateway mode Viewing switch explorer for Access Gateway mode The Switch Explorer for Access Gateway mode displays as shown in Figure FIGURE 89 Switch Explorer view for Access Gateway mode The Access Gateway mode Switch Explorer is divided into the following areas: •...
Page 209: Figure 90 Port Configuration Policy Disabled
Access Gateway mode on Brocade Encryption switch Access Gateway mode on Brocade Encryption switch The Access Gateway feature on Brocade Encryption switches enables interoperability with the Cisco fabrics. The Access Gateway mode of the switch presents standard F_Ports to the hosts, but it connects to the Enterprise fabric as N_Port (rather than as E_Port in case of a regular switch).
Page 210: Figure 91 Port Group Configuration - View Only
Access Gateway mode on Brocade Encryption switch FIGURE 91 Port Group Configuration - view only • Configure F-N Port Mappings Add and Remove buttons are disabled for primary mappings and secondary failover mapping as shown in Figure FIGURE 92 F-N Port Mapping Configuration - view only •...
Page 211: Figure 93 N Port Configuration
Enabling Access Gateway mode By default all the ports are set to N_Ports and failover and fallback are disabled. You can edit the Speed. The following options are disabled in the N Port Configuration window as shown in Figure • Lock as N Port •...
Page 212: Figure 94 Access Gateway Device Display
Disabling Access Gateway mode Disabling Access Gateway mode Use the following procedure to disable Access Gateway mode. 1. Select a switch. 2. Click Switch Admin in the Manage section under Tasks. The Switch Administration window opens. 3. Click Disable in the Switch Status section. You can disable Access Gateway mode only after the switch is disabled.
Page 213: Port Configuration
Port configuration Port configuration You can configure the port types (N_Port, F_Port) on each individual port on an Access Gateway enabled switch. When you configure ports, you can specify a global configuration policy using the Port Configuration Policy button. By default, Advanced is selected and sets the initial defaults for port types, groups, and the F_Port-to-N_Port mappings.
Page 214: Figure 95 Port Group Configuration Dialog Box
Port configuration FIGURE 95 Port Group Configuration dialog box 4. On Port Group Configuration, click Add. The Add Port Group window displays (Figure 96). FIGURE 96 Add Port Group 5. Enter the id for the new port group in the Port Group ID* field. 6.
Page 215: Figure 97 Edit/View Port Group
Port configuration 11. Click Close on the Port Group Configuration dialog box. Editing or Viewing port groups Use the following procedure to edit port groups. 1. Click a port in the Switch View to open the Port Administration window. 2. Click Configure N_Port Groups. 3.
Page 216: Deleting Port Groups
Port configuration 8. Under the Select Members(N-Port)* section, select the required ports you want to group and clear the check boxes for the ports you want to remove from the port group. 9. Click Save. 10. Click Close on the Port Group Configuration dialog box. Deleting port groups Use the following procedure to delete port groups.
Page 217: Figure 98 F-N Port Mapping Configuration Dialog Box
Access Gateway policy modification FIGURE 98 F-N Port Mapping Configuration dialog box 4. In the Primary Mappings area, select ports and use the Add button to map F_Ports or U_Ports to N_Ports. Use the Remove button to delete an F_Port mapping from an N_Port. 5.
Page 218: Figure 99 N_Port Configuration Dialog Box
Access Gateway policy modification Path Failover and Failback policies The Path Failover and Failback policies determine the behavior of the F_Port if the primary mapped N_Port they are mapped to goes offline or is disabled. The Path Failover and failback policies are attributes of the N_Port.
Page 219: Figure 100 Port Administration Window, Enabling Apc
Access Gateway policy modification FIGURE 100 Port Administration window, enabling APC 3. Click Yes in the confirmation window. 4. In the Switch Explorer window select Switch Admin. The Switch Administration window displays. FIGURE 101 Access Gateway Auto Rebalancing 5. Click Refresh. 6.
Page 220 Access Gateway policy modification • Click Manual Balancing and a confirmation dialog box displays. Click Yes to change F Port - N Port Mapping or click No to cancel the changes. Click Apply to apply the changes. Web Tools Administrator’s Guide 53-1001343-01...
Page 221: Administering Fabric Watch
Chapter Administering Fabric Watch In this chapter • Fabric Watch overview......... . 189 •...
Page 222: Figure 102 The Fabric Watch Window
Using Fabric Watch with Web Tools Using Fabric Watch with Web Tools You can perform Fabric Watch operations using Web Tools and Web Tools with the EGM license. NOTE Unless the switch is a member of the current Admin Domain context, Fabric Watch is view-only. FIGURE 102 The Fabric Watch window Fabric Watch Explorer, on the left side of the window, displays the available classes.
Page 223: Opening The Fabric Watch Window
Fabric Watch threshold configuration Opening the Fabric Watch window Use the following procedure to open the Fabric Watch window. 1. Select a switch from the Fabric Tree and log in if necessary. 2. Select Tasks > Manage > Fabric Watch. The Fabric Watch window opens, as shown in Figure 102.
Page 224: Figure 103 Threshold Configuration In Fabric Watch
Fabric Watch threshold configuration FIGURE 103 Threshold configuration in Fabric Watch 3. Click the Trait Configuration subtab. 4. In Fabric Watch Explorer, click a class. 5. Under Area Selection, choose an area from the list. This sets the units in the Units field. The module displays two columns of trait information, labeled System Default and Custom Defined.
Page 225: Configuring Threshold Alarms
Fabric Watch threshold configuration Configuring threshold alarms After you update the threshold information, use the Alarm Configuration subtab to customize the notification settings for each event setting. 1. Open the Fabric Watch window. 2. Click the Threshold Configuration tab. 3. Click the Alarm Configuration subtab. 4.
Page 226: Configuring Alarms For Frus
Configuring alarms for FRUs • Click Triggered to receive threshold alarms only when they are triggered by events that you defined. • Click Continuous to receive threshold alarms at a continuous interval. Select a time interval in which to receive the threshold alarms from the Time Interval menu. 9.
Page 227: Table 15 Alarm Notification Table Fields
Fabric Watch alarm information Fabric Watch alarm information From Fabric Watch, you can view two types of reports: • Alarm notifications—Displays the alarms that occurred for a selected class or area. • Alarm configuration—Displays threshold and alarm configurations for a selected class or area. Viewing an alarm configuration report Use the Threshold Configuration tab, Configuration Report subtab to display a report of the configuration for a selected class or area with the following information:...
Page 228: E-Mail Notification
E-mail notification TABLE 15 Alarm notification table fields (Continued) Field Description Current Value The current data value of the element Time Time when the event occurred 1. Open the Fabric Watch window. 2. In Fabric Watch Explorer, select the class that you want to check for alarms. 3.
Page 229: Figure 104 Fabric Watch Email Configuration Tab
E-mail notification 1. Open the Fabric Watch window. 2. Click the Email Configuration tab. 3. Click Enable or Disable to enable or disable the e-mail alert status. When you disable e-mail alerts, Fabric Watch does not send e-mail notification even if the e-mail notification method is assigned to monitored areas.
Page 230 E-mail notification Web Tools Administrator’s Guide 53-1001343-01...
Page 231: Administering Extended Fabrics
Chapter Administering Extended Fabrics In this chapter • Extended link buffer allocation overview ......199 •...
Page 232: Figure 105 Extended Fabric Tab
Extended link buffer allocation overview • Actual Distance (km)—The actual distance for the link in kilometers. • Desired Distance (km)—Required for a port configured in LD or LS mode (Table 16 page 201), the desired distance, in kilometers, for the link. For an LD-mode link, the desired distance is used as the upper limit of the link distance to calculate buffer availability for other ports in the same port group.
Page 233: Table 16 Long-Distance Settings And License Requirements
Configuring a port for long distance TABLE 16 Long-distance settings and license requirements Value Description Extended Fabrics License Required? No long-distance setting is enabled. The maximum supported link distance is 10 km, 5 km, or 2.5 km for ports at speeds of 1 Gbps, 2 Gbps, and 4 Gbps, respectively.
Page 234 Configuring a port for long distance • If the port capability is 2 GB, type a number between 10 and 250, inclusive. • If the port capability is 1 GB, type a number between 10 and 500, inclusive. This value is the upper limit for calculating buffer availability for other ports in the same port group.
Page 235: Administering The Iscsi Target Gateway
Chapter Administering the iSCSI Target Gateway In this chapter • iSCSI service overview......... . 203 •...
Page 236: Figure 106 Search Screen
iSCSI service overview After an IQN is defined, you can map a LUN device to the IQN name. Supported platforms for iSCSI The iSCSI target gateway service is supported on the Brocade 48000 director with CP blades running Fabric OS v5.2.0 and later releases, and configured with an FC4-16IP blade. Common iSCSI Target Gateway Admin functions You can right-click on the table content in the window to access Export, Copy, and Search options: NOTE...
Page 237: Table 17 Iscsi Gateway Services Terminology
iSCSI service overview Terminology iSCSI target gateway services require you to understand some additional terminology. Following are terms that are used in this document to explain how the iSCSI target gateway is implemented. TABLE 17 iSCSI gateway services terminology Term Definition iSCSI Internet-SCSI.
Page 238: Saving Changes
Setting up iSCSI Target Gateway Services Saving Changes There are several ways to save changes on the switch and apply them to the fabric (applies to the iSCSI Target Gateway Admin module only): • Apply—Click Apply and your changes will be transfered from the Web Tools database to the switches database and distributed throughout the fabric.
Page 239: Figure 107 Iscsi Target Gateway Admin With The Targets Tab Selected
Setting up iSCSI Target Gateway Services FIGURE 107 iSCSI Target Gateway Admin with the Targets tab selected 1. Select a switch from the Fabric Tree and log in, if necessary. The selected switch displays in Switch View. Make sure that your Admin Domain Context is either AD0 or AD255. Generally, the default user Admin Domain is AD0.
Page 240: Launching The Iscsi Setup Wizard
Setting up iSCSI Target Gateway Services Launching the iSCSI setup wizard Use the following procedure to launch the iSCSI setup wizard. 1. Select a switch from the Fabric Tree and log in, if necessary. The selected switch displays in Switch View.
Page 241: Figure 108 Iscsi Port Tab
Setting up iSCSI Target Gateway Services Configuring the IP interface This step configures iSCSI ports (GbE Ports) found on the FC4-16IP. You must have at least one iSCSI port configured to log into the iSCSI target. There are two steps in this process: •...
Page 242: Figure 109 Edit Ip Interface Dialog Box
Setting up iSCSI Target Gateway Services Configuring the IP route is optional because when an IP address is set up, a route is automatically set up as well. 1. Open iSCSI Target Gateway Admin as described on page 206. 2. Select the iSCSI Port tab. 3.
Page 243: Figure 110 Add Ip Route Dialog Box
Setting up iSCSI Target Gateway Services Configuring the IP route (optional) Use the following procedure to configure the IP route. NOTE You can create maximum of 32 static IP routes. 1. Launch the iSCSI Target Gateway Admin module as described on page 206.
Page 244: Figure 111 Vt Configuration Wizard
Setting up iSCSI Target Gateway Services Creating iSCSI virtual targets SCSI virtual target creation is done from the first pane in the iSCSI Target Gateway Admin module. The iSCSI Virtual Target wizard provides two ways to create iSCSI targets: Create and Easy Create. Create allows you to double check your work several times before committing the changes.
Page 245: Figure 112 Easy Vt Creation Dialog
Setting up iSCSI Target Gateway Services Using Easy Create to create iSCSI virtual targets Easy Create is an alternative method for creating iSCSI virtual targets. 1. Open iSCSI Target Gateway Admin as described on page 206. 2. Select the Targets tab. 3.
Page 246: Figure 113 Initiator Group
Discovery Domain management 5. Follow the instructions in the wizard to edit an iSCSI virtual target. The wizard is self-explanatory, so the individual steps are not described in this document. NOTE The Remove LUN(s) button is available only for virtual targets that are fully initialized as a target.
Page 247: Figure 114 Discovery Domain Group
Discovery Domain management When you select DDInfo from the tree in the left pane, you can create a discovery domain. If you select an object in the discovery domain set listed you can view, create, edit, delete, enable, or disable any of the discovery domain information contained in each object. If you select a discovery domain object, you can edit or delete the data contained in the object.
Page 248: Figure 115 Create Dd Wizard
Discovery Domain management In the wizard you can do the following tasks: • You can configure the DD. You must specify the DD name, and then you can add or remove initiators and targets. You can also add any offline device(s) by entering the IQN name in the IQN name field and clicking Add Offline Devices under the list on the right.
Page 249: Editing A Discovery Domain
Discovery domain sets (DDSet) Editing a discovery domain Use the following procedure to edit a discovery domain. 1. Open iSCSI Target Gateway Admin as described on page 206. 2. Select the Discovery Domains tab. 3. Select a DD in the left pane and click Edit. 4.
Page 250: Figure 116 Create Ddset Wizard
CHAP Configuration FIGURE 116 Create DDSet wizard 4. Follow the instructions in the wizard to create an iSCSI discovery domain set. The wizard is self-explanatory, so the individual steps are not described in this document. Editing a Discovery Domain Set Use the following procedure to edit a discovery domain set.
Page 251: Figure 117 Chap Tab
CHAP Configuration FIGURE 117 CHAP tab Creating a CHAP user Use the following procedure to create a CHAP user. 1. Launch the iSCSI Target Gateway Admin module as described on page 206. 2. Select the CHAP tab. 3. Click Create. 4.
Page 252: Binding Or Removing Chap Users
Connection redirection Binding or Removing CHAP users Use the following procedure to bind or remove CHAP users. 1. Launch the iSCSI Target Gateway Admin module as described on page 206. 2. Select the CHAP tab. 3. Click Bind/Remove Chap(s). 4. Select a virtual target. 5.
Page 253: Figure 118 Connection Redirection Tab
iSCSI Fibre Channel Zone configuration FIGURE 118 Connection Redirection tab 3. Select the check box in the Enable/Disable column to enable connection redirection for the required slot. Clear the check box to disable connection redirection. NOTE Existing connections are not redistributed when iSCSI ports change state from disabled to enabled or offline to online.
Page 254: Figure 119 Create An Iscsi Fc Zone Dialog Box
iSCSI Fibre Channel Zone configuration • If a defined configuration is currently effective in the fabric and you add your iSCSI FC zone to that configuration, the configuration is automatically re-enabled to include this zone. NOTE If you do not have a zoning license or any zoning implemented, you do not need to create one for iSCSI target gateway service.
Page 255: Creating An Iscsi Fibre Channel Zone With An Effective Zone
Managing and Troubleshooting Accessibility Creating an iSCSI Fibre Channel zone with an effective zone configuration Use the following procedure to create an iSCSI FC zone with an effective zone configuration. 1. Launch the iSCSI Target Gateway Admin module as described on page 206.
Page 256 Managing and Troubleshooting Accessibility Web Tools Administrator’s Guide 53-1001343-01...
Page 257: Routing Traffic
Chapter Routing Traffic In this chapter • Routing overview ..........225 •...
Page 258: Figure 120 Routing Tab
Viewing Fabric Shortest Path First routing FIGURE 120 Routing tab Viewing Fabric Shortest Path First routing The Routing tab of the Switch Administration window displays information about routing paths. 1. Open the Switch Administration window as described on page 2. Click the Routing tab. 3.
Page 259: Specifying Frame Order Delivery
Specifying frame order delivery When the port-based policy is in force, you can enable DLS to optimize routing. When DLS is enabled, it shares traffic among multiple equivalent paths between switches. DLS recomputes load sharing either when a switch boots up or each time an E_Port or FX_Port goes online or offline. Enabling this feature allows a path to be discovered automatically by the FSPF path-selection protocol.
Page 260: Configuring The Link Cost For A Port
Configuring the link cost for a port Configuring the link cost for a port This section describes how to set the cost of an interswitch link (ISL). The cost of a link is a dimensionless positive number. The fabric shortest path first (FSPF) protocol compares the cost of various paths between a source switch and a destination switch by adding the costs of all the ISLs along each path.
Page 261: Configuring Standard Security Features
Chapter Configuring Standard Security Features In this chapter • User-defined accounts ......... 229 •...
Page 262: Table 18 User Role And Permissions
User-defined accounts Access rights for any user session are determined by the user’s role-based access rights. Refer to Chapter 1, “Introducing Web Tools” for additional information about Role-Based Access Control (RBAC). The User tab of the Switch Administration window (Figure 121 on page 231) displays account information.
Page 263: Figure 121 User Tab
User-defined accounts FIGURE 121 User tab Viewing user account information Use the following procedure to view user account information. 1. Open the Switch Administration window as described on page 2. Click the User tab. A list of the default and user-defined accounts displays. If you are logged in using the switchadmin role, only your account information is displayed.
Page 264: Figure 122 Add User Account Dialog Box (Vf)
User-defined accounts FIGURE 122 Add User Account dialog box (VF) FIGURE 123 Add User Account dialog box (AD) Web Tools Administrator’s Guide 53-1001343-01...
Page 265 User-defined accounts 4. Type the user name, which must begin with an alphabetic character. The name can be up to 40 characters long. It is case-sensitive and can contain alphabetic and numeric characters, the dot (.) and the underscore (_). It must be different from all other account names on the logical switch.
Page 266: Changing User Account Parameters
User-defined accounts Deleting user-defined accounts Use the following procedure to delete user-defined accounts. 1. Open the Switch Administration window as described on page 2. Click the User tab. 3. Select the account to remove and click Remove. 4. Click Apply to save your changes. You cannot delete the default accounts.
Page 267: Maintaining Passwords
User-defined accounts The All button is disabled unless the following conditions are met: • The selected role for the target user must be admin or securityadmin. • You must be a physical fabric administrator. Selecting All makes the target user account a physical fabric administrator. 9.
Page 268 User-defined accounts Passwords must also meet any additional password rules that were set up. (Refer to “Setting the rules for passwords” on page 236 for more information.) Retype the new password in the Confirm Password field. 8. Click OK. 9. Click Apply to save your changes. Setting the rules for passwords Use the following procedure to set rules for passwords.
Page 269: Figure 124 Configure Password Rules Dialog Box
User-defined accounts FIGURE 124 Configure Password Rules dialog box Setting a password as expired Use the following procedure to set a password as expired. 1. Open the Switch Administration window as described on page 2. Click the User tab. 3. Select the account. 4.
Page 270: Figure 125 Role Mapping (Virtual Fabrics)
User-defined accounts Displaying roles and assigned logical fabrics You can display user role assignments for logical fabrics. 1. Open the Switch Administration window as described on page 2. Click the User tab. 3. Select an account. 4. Select Show Role and VF. The Role Mapping for that user is displayed (Figure 125).
Page 271: Figure 126 Security Policies Tab For Scc/Dcc/Fcs Policy Configuration
Access control list policy configuration Access control list policy configuration Support for the Access Control List (ACL) policies is currently defined in the Switch Connection Control (SCC) and Device Connection Control (DCC) policies. SCC and DCC policy configuration in base Fabric OS is performed on a switch-local basis. Fabric Configuration Server (FCS) Policy can be created only once.
Page 272: Creating An Scc, Dcc, Or Fcs Policy
Access control list policy configuration Admin Domain considerations ACL management can be done on AD255 and in AD0 only if there are no other user-defined Admin Domains. Both AD0 (when no other user-defined Admin Domains exist) and AD255 provide an unfiltered view of the fabric.
Page 273: Figure 127 Dcc Policy Configuration Wizard
Access control list policy configuration FIGURE 127 DCC Policy Configuration wizard 10. In the ADD Domain, Port Index field, enter the value in the Domain, Index format and click Add. 11. Click Ok to confirm the changes to the switch. You must activate the policy in order to implement it.
Page 274: Moving An Fcs Policy Switch Position
Access control list policy configuration Deleting all SCC, DCC, FCS policies You cannot delete the FCS policy from non-primary or non-FCS switches. The Delete All button is enabled only when there is at least one policy activated. 1. Open the Switch Administration window as described on page 2.
Page 275: Figure 128 Fwcp Configuration
Fabric-Wide Consistency Policy configuration 3. Select the FCS tab. 4. Click Move FCS Switch. 5. Select the appropriate from and to positions. 6. Click Apply. After you move all the member switches, click Apply and Close. Fabric-Wide Consistency Policy configuration Fabric Wide Consistency Policy (FWCP) configures the Fabric Wide Consistency behavior of distributable ACL policies.
Page 276: Authentication Policy Configuration
Authentication policy configuration 3. Under Security Policies, click FWCP. 4. Select one of the following consistency behavior for the required policy type (SCC, DCC, FCS). • Absent • Tolerant • Strict NOTE You can change the consistency behavior of SCC, DCC, or FCS policy only for a primary switch. 5.
Page 277: Distributing Authentication Policies
Authentication policy configuration 4. In the Authentication Type field, choose FCAP or DHCHAP. 5. Select the switch authentication policy mode: Strict authentication is enforced on all E_Ports. Active The switches can be connected to a switch with any type of policy. Passive The switch does not initiate authentication but participates if the connecting switch initiates...
Page 278: Figure 129 Add Shared Secret Keys Window
Authentication policy configuration 6. Click OK. Authentication policies are distributed only if all the selected switches accept the distribution. Only the policy mode is distributed to the selected switches. The switch initiating the distribution must accept distribution. Re-authenticating policies A user who has changed authentication policy parameters or a shared secret key pair can re-initialize the authentication.
Page 279: Modifying A Shared Secret Key Pair
SNMP configuration 6. Enter the Switch WWN, name, or domain ID, or use the Browse button to select a switch. In the Peer Secret and Confirm Peer Secret fields, enter the peer secret value. 8. In the Local Secret and Confirm Local Secret fields, enter the local secret value. 9.
Page 280: Figure 130 Snmp Tab
SNMP configuration FIGURE 130 SNMP tab 3. Select a trap level for a recipient from the corresponding Trap Level menu in the SNMPv1 and SNMPv3 sections. The level you select identifies the minimum event level that will prompt a trap. NOTE Adding or editing the user name can be done only through the CLI and by selecting a user name from the User Name menu in the SNMPv3 section.
Page 281: Setting Snmpv1 Configuration Parameters
SNMP configuration Setting SNMPv1 configuration parameters Use the following procedure to set SNMPv1 configuration parameters. 1. Open the Switch Administration window as described on page 2. Click the SNMP tab (Figure 130). 3. Double-click a community string in the SNMPv1 section and type a new community string. 4.
Page 282: Figure 131 Choices In The Secondary Aaa Service Drop-Down Menu
RADIUS service management 4. Select a permission for the host from the Access Control List menu. Options are Read Only and Read Write. 5. Click Apply. NOTE The port number is not included. RADIUS service management Fabric OS supports RADIUS authentication, authorization, and accounting service (AAA). When configured for RADIUS, the switch becomes a Network Access Server (NAS) that acts as a RADIUS client.
Page 283: Figure 132 Aaa Service Tab
RADIUS service management FIGURE 132 AAA Service tab Enabling and Disabling RADIUS Service At least one RADIUS server must be configured before you can enable RADIUS service. 1. Open the Switch Administration window as described on page 2. Click the AAA Service tab. 3.
Page 284: Modifying The Radius Server
RADIUS service management Configuring the RADIUS Service The configuration is chassis-based, so it applies to all logical switches (domains) on the switch and it is replicated on a standby CP, if one is present. It is saved in a configuration upload, and can be applied to other switches in a configuration download.
Page 285: Modifying The Radius Server Order
Active Directory service management Modifying the RADIUS Server Order The RADIUS servers are contacted in the order they are listed, starting from the top of the list and moving to the bottom. 1. Open the Switch Administration window as described on page 2.
Page 286: Modifying Active Directory Service
Active Directory service management 4. Select None, Switch Database when Active Directory authentication failed, or Switch Database when Active Directory timeout from the Secondary AAA Service menu. To disable Active Directory service, select Switch Database from the Primary AAA Service drop-down menu and select None from the Secondary AAA Service drop-down menu.
Page 287: Table 19 Relevant Rfcs
IPSec Concepts IPSec Concepts Internet Security Protocol (IPSec) is a set of open standards that provide cryptographic security services for IP networks. Several protocols are available for providing authentication and secure transmission of data. From Web Tools, you can establish IPSec policies for FCIP implementations on 7800 extension switches with the upgrade license, the 7500 extension switches and FR4-18i blades, and you can establish IPSec policies for IP interfaces that provide management access to switches and control processors.
Page 288: Figure 133 Transport Mode And Tunnel Mode Comparison
IPSec Concepts Transport mode and tunnel mode Transport mode adds an authentication header (AH) before the IP header. Only a single pair of addresses is used (those in the IP header). When transport mode is used, both endpoints implement IPSec. Tunnel mode encapsulates an IP datagram in a new datagram, with a new IP header specifying the addresses of the tunnel end points.
Page 289: Figure 134 Ah Header In Transport Mode And Tunnel Mode
IPSec Concepts IPSec header options IPSec adds headers to an IP datagram to enable authentication and privacy. There are two options: • Authentication Header (AH) • Encapsulating Security Payload (ESP) Authentication Header AH can be used to authenticate a data stream, but does not provide encryption needed for privacy. The AH contains a message authentication code (MAC).
Page 290: Basic Ipsec Configurations
IPSec Concepts Basic IPSec configurations There are three basic configurations for IPSec use: • Endpoint to Endpoint. • Gateway to Gateway. • Endpoint to Gateway. Endpoint to Endpoint In an endpoint to endpoint configuration, both endpoints implement IPSec. Transport mode is commonly used in endpoint to endpoint configurations, and only a single pair of addresses is used.
Page 291: Table 20 Encryption Algorithm Options
IPSec Concepts Internet Key Exchange (IKE) Concepts Key exchange is used to authenticate the end points of an IP connection, and to determine security policies for IP traffic over the connection. The initiating node proposes a policy based on the following: •...
Page 292 IPSec Concepts PRF (Pseudo-Random Function) Algorithm The PRF algorithm generates output that appears to be random data, using the HMAC chosen as the hash algorithm as the seed value. PRF is used to strengthen security. Public key certificate-based authentication Industry standard X.500 database servers are available as certificate authority servers to enable certificate-based authentication of computers.
Page 293 IPSec Concepts Authentication methods The methods used to authenticate the IKE peer are preshared key (psk), DSS digital signature (dss), and RSA digital signature (rsasig): • A Preshared key (PSK) is a shared secret that is shared between two parties over a secure channel before it is used.
Page 294: Figure 136 Ike Policies (Fcip)
IPSec over FCIP IPSec over FCIP 7500 extension switches and FR4-81i blades use FCIP protocol to IP to carry Fibre Channel traffic over IP networks. IPSec can be used to secure the IP flows over an FCIP tunnel. At a high level, the steps to take are as follows: •...
Page 295: Figure 137 Add Policy (Ike For Fcip)
IPSec over FCIP Establishing an IKE policy for an FCIP tunnel Use the following procedure to establish an IKE policy for an FCIP tunnel. 1. From the IKE tab of the IPSec Policies screen, select Create. An Add Policy dialog box is displayed (Figure 137).
Page 296: Figure 138 Add Policy (Ipsec Over Fcip)
IPSec over FCIP 9. Click OK. Establishing an IPSec policy for an FCIP tunnel Use the following procedure to establish an IPSec policy for an FCIP tunnel. 1. Select the IPSec tab The IPSec Policies window is displayed. 2. Select Create. An Add Policy dialog box is displayed (Figure 138).
Page 297: Figure 139 Ipsec Policies (Ethernet Management Port)
IPSec over management ports IPSec over management ports IPSec can be applied to the management port on a switch or a CP blade to establish a secure connection between a PC or workstation and Web Tools. The connection can be used as a virtual private network (VPN) interface to Web Tools.
Page 298: Figure 140 Add Ike Policy For Management Port
IPSec over management ports Enabling IPSec Ethernet IPSec policies can be configured only after enabling IPSec by clicking the Enable button below the Ethernet IPSec policies table (Figure 139). Establishing an IKE policy When you establish an IKE policy, you identify a set of algorithms and authentication rules and parameters to use in a key exchange.
Page 299: Figure 141 Add Sa Dialog Box
IPSec over management ports 5. Type the identifier of the remote peer switch in Peer Identifier. This is normally the IP address in IPv4 or IPv6 format, but it may also be a DNS name. 6. Choose the Encryption Algorithm. the choices are 3des_cbc, null_enc, aes128_cbc, and aes256_cbc.
Page 300: Creating An Sa Proposal
IPSec over management ports 4. Type a name for the SA in the SA Name field. 5. Choose the IPSec Protocol. The choices are ah (for authentication header) and esp (for encapsulated security protocol). 6. Choose the Authentication Algorithm. The choices are hmac_md5, hmac_sha1, and AES_xcbc. Choose the Encryption Algorithm.
Page 301: Figure 142 Add Sa-Proposal Dialog Box
IPSec over management ports The Add-SA Proposal dialog box is displayed (Figure 142). FIGURE 142 Add SA-Proposal dialog box 3. Type a name in the SA Proposal Name field. 4. Type the SAs in the SA(s) to use field. 5. Optionally, define SA lifetime parameters. The SA lifetime may be defined as a time value in seconds (LifeTime in seconds), as the number of bytes transmitted before the SA is rekeyed (LifeTime in bytes), or both.
Page 302: Figure 143 Transforms Tab
IPSec over management ports 1. Select the Transforms tab. The Transforms screen is displayed (Figure 143). FIGURE 143 Transforms tab 2. Select Add. The Add Transform dialog box is displayed (Figure 144). FIGURE 144 Add Transform dialog box 3. Type a name in the Transform Name field. 4.
Page 303 IPSec over management ports 6. Select the IPSec Protection Type. The choices are discard, bypass, and protect: Discard causes data packets to be rejected if there is an invalid pair of source and destination addresses or invalid port addresses. Bypass allows a data packet to be transmitted or received without IPsec protection. Process indicates a data packet is processed using IPsec encryption, IKE authentication, or both, using encapsulation security protocol (ESP) processing, or authentication header (AH) protocol processing.
Page 304: Figure 145 Selectors Tab
IPSec over management ports Adding an IPSec selector Selectors are used to apply transform policies to an IP flow. Flows are uni-directional. Selectors are associated with a specific source IP address, a specific peer IP address, and a specific transform. 1.
Page 305: Figure 146 Add Selector Dialog Box
IPSec over management ports The Add Selector dialog box is displayed. FIGURE 146 Add Selector dialog box 3. Type a name in the Selector Name field. 4. Select the Traffic Flow Direction (in or out). IPSec policies are unidirectional, and must be applied separately to inbound and outbound flows.
Page 306: Figure 147 Add Manual-Sa Dialog Box
IPSec over management ports Manually creating an SA Use the following procedure to manually create a security association (SA). 1. Select the SA(Manual) tab. 2. Select Add. The Add Manual-SA dialog box is displayed (Figure 147) FIGURE 147 Add Manual-SA dialog box 3.
Page 307: Editing An Ike Or Ipsec Policy
IPSec over management ports 8. Choose the IPSec Mode. The choices are Transport or Tunnel. Refer to“Transport mode and tunnel mode” if you are unfamiliar with Transport and Tunnel modes. 9. Choose the IPSec Protocol. The choices are ah (for authentication header) and esp (for encapsulated security protocol).
Page 308: Figure 148 Device Authentication Policy Mode
Establishing authentication policies for HBAs 5. Select the policy or policies you want to delete. 6. Select Delete. The policy is deleted from the SA database (SADB), and is removed from the list. Establishing authentication policies for HBAs To establish and enable authentication policies for HBAs as the log in to a fabric, do the following. 1.
Page 309: Figure 149 Device Authentication Shared Secret Keys Tab
Establishing authentication policies for HBAs 10. Click Apply. 11. If your authentication method uses a shared secret, select the Shared Secret Keys tab. The Shared Secret Keys screen is displayed (Figure 149). FIGURE 149 Device authentication Shared Secret Keys tab 12.
Page 310 Establishing authentication policies for HBAs 15. Enter the shared secret for the peer device (an HBA in this case) in the Peer Shared Secret and Confirm Peer Shared Secret fields. 16. Enter the shared secret for switch in the Local Shared Secret and Confirm Local Shared Secret fields.
Page 311: Ficon Cup Fabrics Overview
Chapter Administering FICON CUP Fabrics In this chapter • FICON CUP fabrics overview ........279 •...
Page 312: Enabling Port-Based Routing
Enabling port-based routing • Display a code page • Manage port connectivity configuration You do not need to install the FICON CUP license to perform FICON CUP management; you must install the FICON CUP license, however, if your switch is to enforce traffic between the FICON director and the host-based management program.
Page 313: Figure 150 Ficon Cup Management
Enabling or disabling FICON Management Server mode FIGURE 150 FICON CUP management Enabling or disabling FICON Management Server mode FICON Management Server (FMS) is used to support switch management using CUP. To be able to use the CUP functionality, all switches in the fabric must have FICON Management Server mode (FMS mode) enabled.
Page 314: Table 22 Fms Mode Parameter Descriptions
FMS parameter configuration The FICON CUP tabbed page displays the FICON Management Server page, as shown in Figure 150. All attributes on this tab are disabled until FMS mode is enabled. 5. Click Enable in the FICON Management Server Mode section to enable FMS mode or click Disable to disable FMS mode.
Page 315: Configuring Fms Mode Parameters
Displaying code page information TABLE 22 FMS mode parameter descriptions (Continued) Parameter Description Director Clock Controls behavior for attempts to set the switch timestamp clock through the director console. Alert Mode When it is enabled, the director console (Web Tools, in this case) displays warning indications when the switch timestamp is changed by a user application.
Page 316: Figure 151 Ficon Cup Busy Error
Viewing the control device state Viewing the control device state The control device is in either a neutral or a switched state. When it is neutral, the control device accepts commands from any channel that has established a logic path with it and accepts commands from alternate managers.
Page 317: Cup Port Connectivity Configuration
CUP port connectivity configuration CUP port connectivity configuration In the Port Connectivity subpanel, you can manage the configuration files and active configuration. All CUP configuration files and the active configuration are listed in a table. The active configuration is listed as “Active Configuration*” and the description in the table is “Current active configuration on switch.”...
Page 318 CUP port connectivity configuration • To create a new configuration, click New. The Create Port CUP Connectivity Configuration dialog box displays all ports and port names on the selected switch (similar to the dialog box shown in Figure 152). The Block column, Prohibit column, and prohibited ports matrix are displayed as empty, for you to configure.
Page 319: Figure 152 Port Cup Connectivity Configuration Dialog Box
CUP port connectivity configuration FIGURE 152 Port CUP Connectivity Configuration dialog box Activating a CUP Port Connectivity Configuration When you activate a saved CUP port connectivity configuration on the switch, the preceding configuration (currently activated) is overwritten. 1. Open the CUP port connectivity configuration list. 2.
Page 320: Deleting A Cup Port Connectivity Configuration
CUP port connectivity configuration 3. Click Copy. The Copy CUP Port Connectivity Configuration dialog box displays. 4. In the dialog box, type a name and description for the new configuration and click OK to save the configuration to the target file; click Cancel to cancel copying the configuration. The file name must be in alphanumeric characters and can contain only dashes or underscores as special characters.
Page 321: Figure 153 Switch Rnid Information
Displaying Request Node Identification Data (RNID) Displaying Request Node Identification Data (RNID) Web Tools displays RNID information for the local switch, and for attached FICON devices and FICON channel paths. RNID information for the switch displays in the Switch Information tab (Figure 153).
Page 322 Displaying Request Node Identification Data (RNID) Web Tools Administrator’s Guide 53-1001343-01...
Page 323: Configuring Fcoe Features
Chapter Configuring FCoE features In this chapter • FCoE overview ..........292 •...
Page 324: Fcoe Overview
FCoE overview FCoE overview A new view has been added for the Brocade 8000 switch and FCOE10-24 DCX blade, and new tabs have been added to the Switch Administration panel and the Port Administration panel to support FCoE interfaces and trunks. Port information that is unique to FCoE The General tab of the Port Administration panel shows several parameters that are unique to CEE/DCE interfaces:...
Page 325: Figure 154 Switch Administration Panel With Cee Tab
Switch Administration panel tab for FC0E Switch Administration panel tab for FC0E The CEE tab on the Switch Administration panel (Figure 154) is specific to DCE/CEE configuration and management. FIGURE 154 Switch Administration panel with CEE tab Web Tools Administrator’s Guide 53-1001343-01...
Page 326: Figure 155 Switch Administration Cee Tab
Switch Administration panel tab for FC0E The CEE tab The CEE tab (Figure 155) has five tabs that are used for FCoE switch administration: • Link Aggregation tab • VLAN tab • FCoE Login tab • QoS tab • LLDP-DCBX tab FIGURE 155 Switch Administration CEE tab Web Tools Administrator’s Guide...
Page 327: Figure 156 Port Administration Cee Interfaces Tab
Port Administration panel tabs for FCoE Port Administration panel tabs for FCoE The Port Administration panel has two tabs specific to FCoE interfaces: • CEE Interfaces tab (Figure 156) • FCoE Ports tab (Figure 157) FIGURE 156 Port Administration CEE Interfaces tab Web Tools Administrator’s Guide 53-1001343-01...
Page 328: Figure 157 Port Administration Fcoe Ports Tab
Port Administration panel tabs for FCoE FIGURE 157 Port Administration FCoE Ports tab Web Tools Administrator’s Guide 53-1001343-01...
Page 329: Fc0E Configuration Tasks
FC0E configuration tasks FC0E configuration tasks There are several tasks related to FC0E configuration. The following lists the high level tasks in a suggested order: • Quality of Service (QoS) configuration (optional) - If you intend to implement a specific QoS scheme to prioritize data traffic, it is recommended that you finish your QoS configuration before you begin port configuration.
Page 330: Figure 158 Qos Tab > Cee Map Tab
Quality of Service (QoS) configuration Quality of Service (QoS) configuration As a general concept, QoS is a mechanism for classifying and scheduling data traffic based on priority settings. QoS can be used to control traffic congestion, allocate bandwidth, and carry data traffic with different characteristics over a common interface.
Page 331: Figure 159 Cee Map Configuration Dialog Box
Quality of Service (QoS) configuration 4. Select Add. The CEE Map Configuration dialog box is displayed (Figure 159). FIGURE 159 CEE Map Configuration dialog box 5. Type a name for the CEE map in the Name field. 6. Type a precedence value in the Precedence field. The value is specified as a number. The allowable range is 1 to 100.
Page 332: Figure 160 Adding A Priority Group
Quality of Service (QoS) configuration An entry is added to the Priority Group table (Figure 160). When you add an entry, a PGID is automatically assigned. The PGID is an integer from 0 to 7. The first added entry is given a PGID of 0, and the PGID increments by one for each additional added entry until a PGID of 7 is reached.
Page 333: Figure 161 Traffic Class Map Configuration Dialog Box
Quality of Service (QoS) configuration The Traffic Class Map Configuration dialog box is displayed (Figure 161). This dialog box has the same structure as the Priority Group Map in the CEE Configuration dialog box (Figure 160). The default CoS-to-traffic class structure is based on IEEE 802.1Q recommendations, as in the default Priority Group Map shown in Figure 160.
Page 334: Figure 162 Cee Tab > Lldp-Dcbx Tab > Global Tab
LLDP-DCBX configuration LLDP-DCBX configuration Link Layer Discovery Protocol (LLDP) is a IEEE standard for collecting and distributing device information. Data Center Bridging Exchange (DCBX) extends LLDP by providing a protocol for discovering, initializing, and managing CEE-compliant devices. There are two configuration procedures: •...
Page 335: Adding An Lldp Profile
LLDP-DCBX configuration Choose the Mode. For Mode, the choices are Tx (transmit), Rx, (receive) or Both. The default is Both. 8. In the Hello field, enter a time value in seconds. The Hello value sets the interval between hello bridge protocol data units sent by the root switch configuration messages. The range is 4 to 180 seconds.
Page 336: Figure 163 Cee Tab > Lldp-Dcbx Tab > Lldp Profile Tab
LLDP-DCBX configuration 3. Select the LLDP Profile tab (Figure 163). FIGURE 163 CEE tab > LLDP-DCBX tab > LLDP Profile tab 4. Click Add. The LLDP Configuration dialog box is displayed (Figure 164). FIGURE 164 LLDP dialog box Web Tools Administrator’s Guide 53-1001343-01...
Page 337 LLDP-DCBX configuration 5. Type a name for the configuration in the Name field. 6. Optionally, add a description in the Description field. Choose the Mode. For Mode, the choices are Tx (transmit), Rx, (receive) or Both. The default is Both. 8.
Page 338: Figure 165 Port General Tab
Configuring CEE interfaces Configuring CEE interfaces CEE interfaces are configured from the Port Administration panel. 1. Select the CEE Interfaces tab on the Port Administration panel. 2. Select the port you want to configure under the CEE Interface Explorer. 3. Select the General tab (Figure 165).
Page 339: Figure 166 Cee Edit Configuration Dialog Box
Configuring CEE interfaces FIGURE 166 CEE Edit Configuration dialog box 5. Select the Interface Mode. The options are None and L2. The default is None. If you intend to use this port in a Link Aggregation Group (LAG), choose None. L2 mode will be applied when you configure the LAG.
Page 340: Figure 167 Cee Tab > Link Aggregation Tab
Configuring a link aggregation group (LAG) Configuring a link aggregation group (LAG) FCoE ports can be grouped to create a LAG. The LAG is treated as a single interface. 1. Select the CEE Interfaces tab on the Switch Administration panel. 2.
Page 341: Figure 168 Add Lag Configuration Dialog Box
Configuring a link aggregation group (LAG) FIGURE 168 Add LAG Configuration dialog box 4. Select the Mode. The choices are Static and Dynamic. Static mode does not use Link Aggregation Control Protocol (LACP) to negotiate and manage link aggregation. Link participation in the LAG is determined by the link’s operational status and administrative state.
Page 342: Figure 169 Cee Tab > Vlan Tab
Configuring VLANs 9. Click OK. Configuring VLANs The Virtual LAN (VLAN) capability allows multiple virtual LANs within a single physical LAN infrastructure. The physical interface must be configured as L2 prior to configuring a VLAN, either as an individual interface, or as a LAG. Before you start the VLAN configuration procedure, you need to know which interfaces or LAGs you want to associate with each VLAN.
Page 343: Figure 170 Vlan Configuration Dialog Box
Configuring VLANs The VLAN Configuration dialog box is displayed (Figure 170). FIGURE 170 VLAN Configuration dialog box 4. Specify a VLAN ID. The format is VLAN<bridge number><ID>. In this Fabric OS release, no bridge instances are supported, so the bridge number is always 0, and the value under Bridge is statically defined as VLAN0.
Page 344: Figure 171 Cee Tab > Fcoe Login Tab
Configuring FCoE login groups Configuring FCoE login groups FCoE login groups control which FCoE switches are allowed to log in to a fabric. 1. Select the CEE tab on the Switch Administration panel. 2. Select the FCoE Login tab (Figure 171).
Page 345: Figure 172 New Login Group Dialog Box
Configuring FCoE login groups The New Login Group dialog box is displayed (Figure 172). FIGURE 172 New Login Group dialog box 4. Type a name for the login group in the Login Group Name field. 5. Select the switch WWN, The choices are Self, which is the WWN of the switch you are logged into, or Other Switch WWN.
Page 346: Figure 173 Fcoe Ports Tab, Port Administration Panel
Displaying FCoE Port Information Displaying FCoE Port Information There are 24 internal FCoE Ports that bridge FC and Ethernet traffic. You can view FCoE port information from the Port Administration panel. 1. Select the FCoE Ports tab on the Port Administration panel (Figure 173).
Page 347: Figure 174 Fcoe Ports, General Tab
Displaying FCoE Port Information Port information is displayed in three tabs. The General tab is pre-selected (Figure 174). FIGURE 174 FCoE Ports, General tab The Connected Devices tab shows information about devices connected to the switch (Figure 175). Six columns of information are displayed: •...
Page 348: Figure 175 Fcoe Ports, Connected Devices Tab
Displaying LAG information FIGURE 175 FCoE Ports, Connected Devices tab Displaying LAG information Use the following procedure to display LAG information. 1. Select the CEE tab on the Switch Administration panel. 2. Select the Link Aggregation tab LAG information is displayed (Figure 176).
Page 349: Figure 177 Vlan Information
Displaying VLAN information Displaying VLAN information Use the following procedure to display VLAN information. 1. Select the CEE tab on the Switch Administration panel. 2. Select the VLAN tab. VLAN information is displayed (Figure 177). FIGURE 177 VLAN information Displaying FCoE login groups Use the following procedure to display FCoE login group information.
Page 350: Figure 179 Cee Map Information
Displaying LLDP-DCBX information FIGURE 179 CEE Map Information FIGURE 180 Traffic Class Map Information Displaying LLDP-DCBX information Use the following procedure to display LLDP-DCBX information. 1. Select the CEE tab on the Switch Administration panel. 2. Select the LLDP-DCBX tab. To display global settings, select the Global tab (Figure 181).
Page 351: Figure 181 Lldp-Dcbx Global Settings
Displaying CEE interface statistics FIGURE 181 LLDP-DCBX Global Settings To display LLDP profile information, select the LLDP Profile tab (Figure 182). FIGURE 182 LLDP Profile Information Displaying CEE interface statistics The CEE interface Port Statistics tab shows basic and advanced statistics, and allows you to change statistics collection parameters.
Page 352: Figure 183 Cee Interfaces, Port Statistics, Basic Mode
Displaying CEE interface statistics FIGURE 183 CEE Interfaces, Port Statistics, Basic Mode The CEE Interface Statistics Configuration section allows you to do the following: • Toggle between showing Absolute Values or Delta Values (values that have changed since the last data collection). •...
Page 353: Figure 184 Cee Interface, Port Statistics, Advanced Mode
Displaying CEE interface statistics FIGURE 184 CEE Interface, Port Statistics, Advanced Mode The Advanced tab shows CEE transmission statistics (Figure 185). Web Tools Administrator’s Guide 53-1001343-01...
Page 354: Figure 185 Cee Advanced Performance Statistics
Displaying CEE interface statistics FIGURE 185 CEE Advanced Performance Statistics The Error Details tab shows transmission error statistics (Figure 186). FIGURE 186 CEE Error Detail Statistics Web Tools Administrator’s Guide 53-1001343-01...
Page 355: Enabling And Disabling A Cee Interface
Enabling and disabling a CEE interface Enabling and disabling a CEE interface CEE interfaces can be enabled and disabled from a right-click menu on the Switch View, or from the Port Administration panel. To enable or disable a CEE interface from the Switch View, perform the following steps. 1.
Page 356: Enabling And Disabling Lldp
Enabling and disabling LLDP Enabling and disabling LLDP To enable or disable LLDP on a CEE interface, perform the following steps. 1. Select the CEE Interfaces tab on the Port Administration panel. 2. Under the CEE Interface Explorer, select the port. 3.
Page 357: Figure 187 Fcoe Edit Configuration Dialog Box
Enabling and disabling FCoE ports You can also enable or disable by selecting Edit Configuration, and selecting Enable or Disable on the FCoE Edit Configuration dialog box (Figure 187). FIGURE 187 FCoE Edit Configuration dialog box Web Tools Administrator’s Guide 53-1001343-01...
Page 358 Enabling and disabling FCoE ports Web Tools Administrator’s Guide 53-1001343-01...
Page 359: Table 23 Web Tools Limitations
Chapter Limitations In this chapter • General Web Tools limitations ........327 General Web Tools limitations Table 23 lists general Web Tools limitations that apply to all browsers and switch platforms.
Page 360 General Web Tools limitations TABLE 23 Web Tools limitations (Continued) Area Details Firmware download There are multiple phases to firmware download and activation. When Web Tools reports that firmware download completed successfully, this indicates that a basic sanity check, package retrieval, package unloading, and verification was successful. Web Tools forces a full package install.
Page 361 General Web Tools limitations TABLE 23 Web Tools limitations (Continued) Area Details Loss of Connection Occasionally, you might see the following message when you try to retrieve data from the switch or send a request to the switch: Switch Status Checking The switch is not currently accessible.
Page 362 General Web Tools limitations TABLE 23 Web Tools limitations (Continued) Area Details Refresh option in Web Tools must be restarted when the Ethernet IP address is changed using the browsers NetworkConfig View command. Web Tools appears to hang if it is not restarted after this operation is executed.
Page 363 Index Numerics automatic trace dump transfers 2 domain/4 domain fabric licenses backbone fabric backbone fabric ID, configuring backing up configuration file About Discovery Domains (DD) basic performance monitoring graphs Access Control List. Refer to ACL BB credit access control. Refer to RBAC. beaconing, enabling Access Gateway mode best practices for zoning...
Page 364 configuration file configuration SCC/DCC policy Admin Domain considerations SCSI command graphs backing up SCSI vs. IP traffic graphs restoring SID-DID performance graphs configuring virtual targets for iSCSI Target Gateway arbitrated loop parameters zone aliases backbone fabric ID zone configurations CUP port connectivity zones default heap size creating FCS policy...
Page 365 Discovery Domains enabling iSCSI Target Gateway Access Gateway mode discovery domains (DD) automatic trace dump transfer displaying beaconing blades alarms, Fabric Watch Control Device state Fabric Watch threshold alarms CUP port connectivity configuration FICON Management Server mode enabled zone configuration insistent domain ID mode fan status iSCSI Target Gateway service...
Page 366 FC-FC routing insistent domain ID mode about about setting up enabling supported switches installing FCR router cost Java Plug-in FCS policy JRE patches on Solaris activate Solaris patches create IOD, frame delivery deactivate delete IP address distribute configuring for iSCSI Target Gateway moving switch position filtering feature licenses...
Page 367 zone configuration LSAN iSCSI initiator devices iSCSI initiators fabrics, managing iSCSI Port zones, managing iSCSI session iSCSI virtual target launching module LUN mapping managing/troubleshooting accessibility managing RADIUS server message severity levels search for FC target MetaSAN supported switches modifying VT LUN performance graphs iSCSI target, editing for iSCSI Target Gateway RADIUS server...
Page 368 performance graphs refresh rates adding to a canvas refreshing modifying Admin Domain window printing fabric information types of Switch Administration window Performance Monitoring window Zone Administration window per-frame routing priority removing persistently disable a port licenses RADIUS server platforms, supported zone alias members polling rates zone configuration members...
Page 369 starting Web Tools VC Priority swapping port index IDs viewing switch EX_Ports LSAN devices changing the name of LSAN fabrics enabling and disabling LSAN zones mouse over information swapped ports rebooting Switch Explorer Switch Administration window switch status opening viewing FCR router cost refreshing virtual channel settings, configuring Switch Events and Switch Information...
Page 370 zones about adding WWNs best practices creating deleting description LSAN modifying removing WWNs renaming replacing WWNs selecting a view zoning all access default zoning no access zoning database clearing maximum size zoning views zoning, disabling zoning, saving changes Web Tools Administrator’s Guide 53-1001343-01...

This manual is also suitable for:

8/24 8/40 8/8 8/80

Brocade Communications Systems 1606 Administrator's Manual

Table of Contents

Chapter 1 Introducing Web Tools

Chapter 2 Using the Web Tools Interface

Chapter 3 Managing Fabrics and Switches

Chapter 4 Maintaining Configurations and Firmware

Chapter 5 Managing Administrative Domains

Chapter 6 Managing Your Ports

Chapter 7 Enabling Isl Trunking

Chapter 8 Monitoring Performance

Chapter 9 Administering Zoning

Chapter 10 Working with Diagnostic Features

Quick Links

Web Tools

Chapters

Troubleshooting

Related Manuals for Brocade Communications Systems 1606

Summary of Contents for Brocade Communications Systems 1606