Page 3
Document History The following table lists all versions of the Web Tools Administrator’s Guide. Document Title Publication Number Summary of Changes Publication Date Web Tools User’s Guide v2.0 53-0001536-01 September 1999 Web Tools User’s Guide v2.2 53-0001558-02 May 2000 Web Tools User’s Guide v2.3 53-0000067-02 December 2000 Web Tools User’s Guide v3.0...
Page 4
Document Title Publication Number Summary of Changes Publication Date Web Tools Administrator’s Guide 53-1000606-01 Updates to reflect updates to enhanced October 2007 Access Gateway support, changes to FCIP tunneling wizard, and other enhancements. Web Tools Administrator’s Guide 53-1000606-02 Updates for support for new switches, March 2008 traffic isolation zoning, F_Port trunking, removal of enhanced Access Gateway...
Page 22
xxii Web Tools Administrator’s Guide 53-1001343-01...
Page 23
Tables Table 1 Basic Web Tools features and EGM licensed features ..... 2 Table 2 Web Tools functionality moved to DCFM ....... . 3 Table 3 Certified and tested platforms.
Page 24
xxiv Web Tools Administrator’s Guide 53-1001343-01...
• Chapter 10, “Working With Diagnostic Features,” provides information about trace dumps, viewing switch health, and interpreting the LEDs. • Chapter 11, “Using the FC-FC Routing Service,” provides information on using the FC-FC Routing Service to share devices between fabrics without merging those fabrics. •...
• Added support for IPSec and FICON CUP for 7800 extension switches with upgrade license • Added access to Netstat Ethernet Management port statistics details • Added Fabric-Wide Consistency Policy configuration • Added interoperablity with Cisco fabrics using Access Gateway on Brocade Encryption Switch •...
CAUTION A Caution statement alerts you to situations that can be potentially hazardous to you or cause damage to hardware, firmware, software, or data. DANGER A Danger statement indicates conditions or situations that can be potentially lethal or extremely hazardous to you. Safety labels are also attached directly to products to warn of these conditions or situations.
For practical discussions about SAN design, implementation, and maintenance, you can obtain Building SANs with Brocade Fabric Switches through: http://www.amazon.com White papers, online demos, and data sheets are available through the Brocade Web site at: http://www.brocade.com/products-solutions/products/index.page For additional Brocade documentation, visit the Brocade Web site: http://www.brocade.com Release notes are available on the Brocade Connect Web site and are also bundled with the Fabric OS firmware.
The switch serial number and corresponding bar code are provided on the serial number label, as illustrated below.: *FT00X0054E9* FT00X0054E9 The serial number label is located as follows: • Brocade 300, 4100, 4900, 5100, 5300, 7500, 7800, 8000, and Brocade Encryption Switch—On the switch ID pull-out tab located inside the chassis on the port side on the left •...
Page 32
xxxii Web Tools Administrator’s Guide 53-1001343-01...
Web Tools, the EGM license, and DCFM Web Tools features enabled by the EGM license The following table describes which Web Tools features require the EGM license. TABLE 1 Basic Web Tools features and EGM licensed features Feature Basic Web Tools Web Tools with EGM License Active Directory support AD Context Switching...
Web Tools, the EGM license, and DCFM TABLE 1 Basic Web Tools features and EGM licensed features Feature Basic Web Tools Web Tools with EGM License RBAC Routing and DLS Configuration Security Policies Tab (like ACL) Switch Info tab Switch Status Switch View right-click options Trace dump USB Management...
System requirements TABLE 3 Certified and tested platforms (Continued) Operating System Browser SUSE Linux Enterprise Server 10 Firefox 2.0 Solaris 10 (SPARC only) Firefox 2.0 TABLE 4 Supported platforms Operating System Browser Linux RedHat AS 3.0 Firefox 2.0 Linux RedHat AS 4.0 Windows 2000 Firefox 2.0, Internet Explorer 6.0 Windows 2003 Server, SP2...
System requirements Configure your browser to check for newer versions of stored pages every visit to the page. FIGURE 1 Configuring Internet Explorer Deleting temporary internet files used by Java applications For Web Tools to operate correctly, you must delete the temporary internet files used by Java applications.
Java installation on the workstation You can clear the Trace and Log files check box if you want to keep those files. 5. Click OK. 6. On the Java Control Panel, click View to review the files that are in the Java cache. If you have deleted all the temporary files, the list is empty.
Java plug-in configuration 3. Install the patch and restart the system. Installing the Java plug-in on Windows Use the following procedure to Install the Java plug-in on Windows. 1. Click Start Menu > Settings > Control Panel and select the Java Plug-in Control Panel. 2.
Java plug-in configuration FIGURE 3 Java Control Panel 3. In the section Java Applet Runtime Settings, click View. The Java Applet Runtime Settings dialog box displays. FIGURE 4 Java Runtime Settings 4. Double-click in the Java Runtime Parameters field and type the following information to set the minimum and maximum heap size: -Xms256m -Xmx256m In this example, the minimum and maximum sizes are both 256 MB.
Value line licenses FIGURE 5 Default Java for browsers option 3. Select Mozilla family and click OK. 4. Click Apply to apply your settings and close the Java Control Panel. Value line licenses If your fabric includes a switch with a limited switch license and you are opening Web Tools using that switch, if the fabric exceeds the switch limit indicated in the license, Web Tools allows a 30-day “grace period”...
Opening Web Tools Opening Web Tools You can open Web Tools on any workstation with a compatible Web browser installed. For a list of Web browsers compatible with Fabric OS 6.3.0, refer to Table 3. Web Tools supports both HTTP and HTTPS protocol.
Opening Web Tools FIGURE 6 Web Tools interface Logging in When you use Web Tools, you must log in before you can view or modify any switch information. This section describes the login process. Prior to displaying the login window, Web Tools displays a security banner (if one is configured for your switch), which you must accept before logging in.
Opening Web Tools FIGURE 7 Signed applet certificate 2. Click OK in the security banner window, if one displays. FIGURE 8 Login dialog box 3. On the login dialog box, type your user name and password. If your current password has expired, you must also provide a new password and confirm the new password.
Opening Web Tools FIGURE 9 Virtual Fabric login option 2. Log in to a logical fabric. To log in to the home logical fabric, select Home Logical Fabric and click OK. To log in to a logical fabric other than the home logical fabric, select User Specified Logical Fabric, type in the fabric ID number, and click OK.
Opening Web Tools FIGURE 10 Login dialog box with Admin Domain options If the user name or password is incorrect, a dialog box displays indicating an authentication failure. If you entered valid credentials, but specified an invalid Admin Domain, a dialog box displays from which you can choose a valid Admin Domain or click Cancel to log in to your home domain.
Role-Based Access Control Logging out You can end a Web Tools session either by logging out or by closing Switch Explorer window. You might be logged out of a session involuntarily, without explicitly clicking the Logout button, under the following conditions: •...
Session management Session management A Web Tools session is the connection between the Web Tools client and its managed switch. A session is established when you log in to a switch through Web Tools. When you close Switch Explorer, Web Tools ends the session. A session remains in effect until one of the following happens: •...
Requirements for IPv6 support Requirements for IPv6 support The following list provides requirements for Web Tools IPv6 support: • In a pure IPv6 environment, you must configure DNS maps to the IPv6 address of the switch. • The switch name is required to match the DNS name that is mapped to the IPv6 address. •...
Chapter Using the Web Tools Interface In this chapter • Viewing Switch Explorer ......... 19 •...
Page 52
Viewing Switch Explorer You must use DCFM Professional or Enterprise Edition to print the zone database summary configuration and to analyze zone configurations. For more information on zoning management, refer to “Zone configuration and zoning database management” page 147. • Reporting tasks, such as viewing the status of a switch.
Viewing Switch Explorer FIGURE 12 Switch Explorer Use the following table with Figure 12 to identify the areas of Switch Explorer. Tasks Fabric Tree Menu bar Switch View buttons Changing the Virtual Fabric ID, or Changing the Admin Domain Switch Events and Switch Information Indicator bar Professional Management Tool offering Switch View...
Viewing Switch Explorer Changes for consistency with DCFM Beginning with Fabric OS version 6.2.0, Web Tools icons are changed to be consistent with DCFM. Table 5 summarizes these changes. TABLE 5 Icon image changes Image Name Old Image New Image Switch Director or DCX Fabric...
Page 55
Viewing Switch Explorer TABLE 5 Icon image changes (Continued) Image Name Old Image New Image Switch event - Fatal Switch event - Informational Switch event - Warning Refresh Enable Disable Prohibit Web Tools Administrator’s Guide 53-1001343-01...
Viewing Switch Explorer The Search, Copy, and Export buttons are removed from the Web Tools tree and table headers, and are replaced by right-click operations, as shown in Figure FIGURE 13 Right-click for Copy, Export, and Search Tasks The Tasks menu lets you manage, monitor, and perform other tasks. The Management section provides access to the following options: •...
Viewing Switch Explorer NOTE Some of these functions require a license key to activate them. The Monitor section provides access to the following options: • Performance monitoring You must use Web Tools with the EGM license to perform performance monitoring operations; otherwise, access to this feature is denied and an error message displays.
Viewing Switch Explorer FIGURE 14 Missing EGM license If you are logged into Web Tools without the EGM license, you must log in again using a specific AD. The following figure shows the login wizard. After you log in, all the Admin Domains assigned to you are available in the drop-down menu (Figure 16).
Viewing Switch Explorer Figure 16 shows the Admin Domain context drop-down menu highlighted for changing the Admin Domain context. FIGURE 16 Changing the Admin Domain context The following procedure describes how to change the Admin Domain context. When changing the Admin Domain context, the option for selecting AD from the drop-down is not available if the EGM license is not present.
Viewing Switch Explorer Switch View buttons The Switch View buttons let you access the following switch information: • Status - click the button to view the status of the switch. • Temperature - click the button to view temperature monitors. •...
Viewing Switch Explorer Blade representations Blades are graphically represented as shown in table. They are vertical in the DCX, and horizontal in the DCX-4s. TABLE 6 Blade representations Blade Graphic CORE8 FC8-48 FC8-32 FC8-16 FS8-18 FR4-18i FA4-18 FC10-6 FX8-24 FCOE10-24 Web Tools Administrator’s Guide 53-1001343-01...
Viewing Switch Explorer Port representations The ports in the Switch View show the port type. Borders around the accessible ports indicate that SFP modules are present. A colored border indicates the status of the port; for example, a green border indicates that the port is connected and traffic is flowing. Ports that are not accessible do not display the port type and do not have borders.
Viewing Switch Explorer USB port representation For switches with USB ports, the USB Storage Management view is launched for USB ports (Figure 17). FIGURE 17 USB port storage management NOTE Left-click the USB port on the switch to launch the USB Storage Management window. Switch View refresh rates The Switch View display is refreshed at 15 second intervals.
Viewing Switch Explorer Switch Events and Switch Information Switch Events and Switch Information appear as tab forms under Switch View. The information in the Switch Information View is polled every 60 seconds. The Switch Information tab displays information about the following items: •...
Viewing Switch Explorer • RNID Type Model Sequence number Insistent Domain ID Mode Manufacturer Manufacturer Plant For more information, refer to “Displaying switch information” on page 158. Free Professional Management Tool You can use the Professional Management tool with Web Tools to view connectivity for each fabric, to back up and restore last-known configurations, and more.
Displaying tool tips Displaying tool tips When you rest the cursor over a Web Tools button, the system displays a brief description of the button. If you rest the cursor over most components, the system displays tool tip information about the component.
Refresh rates • The Configure option provides another menu of options to allow you to rename, enable, and disable ports, and to set persistent enable or disable without opening the Port Administration window. Refresh rates Different panels of Web Tools refresh at different rates. The refresh, or polling, rates listed in this section and throughout the book indicate the time between the end of one polling and the start of the next, and not how often the screen is refreshed.
Working with Web Tools: recommendations If you open switches running Fabric OS v4.4.x or later from a Fabric Tree displayed for a version earlier than a v4.4.x switch, some features might be disabled. Use the following procedure to display switches in the fabric. 1.
Opening a Telnet or SSH client window Opening a Telnet or SSH client window When you open a Telnet or SSH client window, the connection is to the IP interface of the switch. You cannot connect to a CP blade on a director switch through a Telnet or SSH client window opened from Web Tools, even when the blade has an IP address and supports Telnet sessions.
Page 70
Collecting logs for troubleshooting Web Tools Administrator’s Guide 53-1001343-01...
Fabric and switch management overview FIGURE 20 Switch Administration window, Switch tab With the exception of switch time, information displayed in the Switch Administration window is not updated automatically by Web Tools. To update the information displayed in the Switch Administration window, refer to “Refreshing the Switch Administration window”...
Fabric and switch management overview Opening the Switch Administration window Most of the management procedures in this chapter are performed from the Switch Administration window. To open the Switch Administration window, do the following. 1. Click Switch Admin in the Manage section of the Tasks menu. The Switch Administration window opens in basic mode, as shown in Figure 20 on page 40.
Configuring IP and netmask information Configuring IP and netmask information Before proceeding, collect all the information you need to configure the Ethernet IP interface. This includes the subnet mask, gateway IP address, or IPFC, and subnet mask for your system. When you configure or change the Ethernet IP, subnet mask, gateway IP, or IPFC, and subnet mask from Web Tools, there is a normal loss of network connection to the switch.
Netstat Performance 5. You can also enable automatic configuration of IPv6 addresses by selecting Enable IPV6 Auto Configuration. The automatically generated IPv6 addresses are displayed under Auto Configured IPV6 Addresses. Eight auto-configured addresses are created per switch, and up to 24 for a 48000, DCX, or DCX-4S chassis (eight per chassis, and eight per each installed CP).
Removing a syslog IP address 3. In the Syslog IP’s Configuration section, in the New IP field, enter an IP address in either IPv4 or IPv6 format. 4. Click Add. The new IP address is displayed in the Syslog IP area. 5.
Blade management Blade management Web Tools provides the ability to enable and disable blades, and to set slot-level IP addresses for blades. The procedure in this section applies only to the Brocade 48000 and Brocade DCX and DCX-4S enterprise-class platforms. Enabling or disabling a blade Use the following procedure to enable or disable a blade.
Blade management Setting a slot-level IP address Use the following procedure to set an IP address. 1. Open the Switch Administration window as described on page 2. Click the Blade tab. 3. Click Set IP address. 4. Select a slot number from the list. 5.
Switch configuration Switch configuration Use the Switch tab of the Switch Administration window to perform basic switch configuration. Figure 20 on page 40 shows an example of the Switch tab. Enabling and disabling a switch You can identify whether a switch is enabled or disabled in the Switch Administration window by looking at the lower-right corner.
Switch restart 5. Click Apply. 6. Enable the switch, as described in “Enabling and disabling a switch” on page 47. Viewing and printing a switch report The switch report includes the following information: • A list of switches in the fabric •...
System configuration parameters System configuration parameters You must disable the switch before you can configure fabric parameters. You can change the following system configuration parameters: • Switch fabric settings • Virtual channel settings • Arbitrated loop parameters • System services •...
System configuration parameters 5. Make the fabric parameter configuration changes. 6. Click Apply. Enable the switch as described in “Enabling and disabling a switch” on page 47. Fabric settings Configure the following fabric settings on the Fabric subtab of the Configure tab: BB Credit The buffer-to-buffer credit is the number of buffers available to attached devices for frame receipt.
System configuration parameters Configuring virtual channel settings You can configure parameters for eight virtual channels (VC) to enable fine-tuning for a specific application. You cannot modify the first two virtual channels, which are reserved for switch internal functions. ATTENTION The default virtual channel settings are already optimized for switch performance. Changing the default values can improve switch performance, but can also degrade performance.
Licensed feature management Configuring system services You can enable or disable FCP read link status (RLS) probing for F_Ports and FL_Ports. It is disabled by default. Follow the steps below. 1. Open the Switch Administration window as described on page 2.
Licensed feature management FIGURE 25 License tab Right-click a license key to export data, copy data, or search the table. Activating a license on a switch Before you can unlock a licensed feature, you must obtain a license key. You can either use the license key provided in the paperpack document supplied with switch software or refer to the Fabric OS Administrator’s Guide for instructions on how to obtain a license key at the Brocade Web site (www.brocade.com).
Licensed feature management Assigning slots for a license key This feature allows to increase the capacity without disrupting the slots that already have licensed features running. NOTE You can enable slot based licenses only on 10 Gigabit Ethernet (FTR_10G), Advanced Extension (FTR_AE), and Advanced FICON Acceleration (FTR_AFA) features.
High Availability overview Universal time based licensing From v6.3.0, Web Tools supports universal time based licensing. Each universal key is for a single feature, and can be used on any product that supports the feature, for a defined trial period. At the end of the trial period, the feature gets disabled.
High Availability overview 2. Click the HA button in the Switch View. The High Availability window opens. FIGURE 27 High Availability window, CP tab Note that the highlight color of the HA Status at the top of the module is the same as the background color of the HA button.
High Availability overview Admin Domain considerations To open the High Availability window, the switch must be a member of the Admin Domain you are currently logged in to. If the switch is not a member of the current Admin Domain, the Synchronized Services and Initiate Failover buttons are unavailable.
Event monitoring Event monitoring Web Tools displays fabric-wide and switch-wide events. Event information includes sortable fields for the following: • Switch name • Message number • Time stamp • Indication of whether the event is from a logical switch or a chassis •...
Event monitoring 1. Click the switch from the Fabric Tree. Switch View displays. 2. Click the Switch Events tab, if necessary. FIGURE 28 Switch Events tab You can click the column head to sort the events by a particular column, and drag the column divider to resize a column.
Event monitoring The Event Filter dialog box displays. FIGURE 29 Event Filter dialog box 3. To filter events within a certain time period: a. Select the From check box and enter the start time and date in the fields. b. Select the To check box and enter the finish time and date in the fields. 4.
Displaying the Name Server entries Filtering events by message ID Use the following procedure to filter events by message ID. 1. Open the Switch Events tab as described in “Displaying Switch Events” on page 58. 2. Click Filter. The Event Filter dialog box displays. 3.
Displaying the Name Server entries For FICON devices: The Name Server table shows the request node identification (RNID) information. 1. Click Name Server in the Monitor section of the Tasks menu. The Name Server window displays. FIGURE 30 Name Server window 2.
Physically locating a switch using beaconing 2. Click a device from the Domain column. 3. Click Detail View. The Name Server Information dialog box displays the information specific to that device. FIGURE 31 Name Server Information - detailed view Displaying zone members for a particular device Use the following procedure to display zone members for a particular device.
Locating logical switches using chassis beaconing 1. Select a switch from the Fabric Tree. The selected switch displays in the Switch View. 2. Click Beacon for a switch, or Chassis Beacon for a chassis-based switch. The LED lights on the actual switch light up on the physical switch in a pattern running back and forth across the switch itself.
Virtual Fabrics overview Virtual Fabrics overview Virtual Fabrics is an architecture to virtualize hardware boundaries. Traditionally, SAN design and management is done at the granularity of a physical switch. Each switch and all the ports in the switch act as a single fabric element that participates in a single fabric. The Virtual Fabrics feature allows SAN design and management to be done at the granularity of a port.
Virtual Fabrics overview Selecting a logical switch from the Switch View You can log in to a specific logical switch, as described in Chapter 1, or you can select a logical switch from the Switch View. If you do not log in to a specific logical switch, you are presented with the default logical switch.
Virtual Fabrics overview FIGURE 34 Logical switch, fabric ID 2 Under the Switch Information tab, Base Switch, Default Switch, and Allow XISL Use are specific to VIrtual Fabrics: • Base Switch indicates whether or not the logical switch can act as a base switch. A base switch is a special logical switch that can be used for chassis interconnection.
Virtual Fabrics overview Viewing Logical ports When base switches are connected through XISLs, a base fabric is formed that includes logical switches in different chassis. A logical link is formed dynamically among logical switches that have the same FID to carry frames between the logical switches. Logical ports are created in the respective switches to support the logical link.
Creating a configuration backup file FIGURE 36 Upload/Download tab 5. If you upload from a network, type the host name or IP address in the Host Name or IP field, the user ID and password required for access to the host in the User Name and Password fields, and choose the Protocol Type used for the upload.
Restoring a configuration An info link is enabled when USB is chosen as the source of the configuration file. If you click on info, the following information message is displayed. 6. Type the configuration file with a fully-qualified path, or select the configuration file name in the Configuration File Name field.
Restoring a configuration FIGURE 38 Upload/Download tab 5. Under Function, select Config Download to Switch. 6. If you download from a network, type the host name or IP address in the Host Name or IP field, the user ID and password required for access to the host in the User Name and Password fields, and choose the Protocol Type used for the upload.
Admin Domain configuration maintenance An info link is enabled when USB is chosen as the source of the configuration file. If you click info, the following information message is displayed. 8. Type the configuration file with a fully-qualified path, or select the configuration file in the Configuration File Name field.
Uploading and downloading from USB storage • Local zone configuration • iSCSI config (if any) • All other config information except Admin Domain configuration information • If you invoke it from AD255 and you are logged in with any role that allows config upload/download), the following will be saved in the configuration file: •...
Performing a firmware download FIGURE 40 USB Port Management wizard - right click options 3. Click Copy to upload and Export to download. Performing a firmware download During a firmware download, the switch restarts and the browser temporarily loses connection with the switch.
Performing a firmware download FIGURE 41 Firmware Download tab 3. Choose whether you are downloading the firmware or the firmware key. 4. Choose whether the download source is located on the network or a USB device. When you select the USB button, you can specify only a firmware path or directory name. No other fields on the tab are available.
Performing a firmware download The firmware download begins. You can monitor the progress by looking at the Firmware Download progress bar. About halfway through the download process, after the firmware key is downloaded to the switch, connection to the switch is lost and Web Tools invalidates the current session. (Web Tools invalidates all windows because upfront login is always enabled and cannot be disabled.) 8.
Switch configurations for mixed fabrics FIGURE 42 Firmware Download tab for bladed switches Switch configurations for mixed fabrics You can use Web Tools to configure switches in a mixed fabric. You do this by setting the switch to interoperability mode, which is McDATA Open Fabric mode or McDATA Fabric mode. When you turn on interoperability mode, the Zone DB is cleared.
Switch configurations for mixed fabrics Enabling interoperability When you configure interoperability, Web Tools verifies that the domain ID of the switch falls within the range for the interoperability mode you choose. The domain ranges are as follows: • The normal domain ID range is 1-239. •...
Page 112
Switch configurations for mixed fabrics • Brocade Native Fabric Mode • For McDATA Fabric Mode and McDATA Open Fabric Mode, you can select the offset value from the Domain Offset (Hex) / Domain ID (Hex) drop down list. The available offset values are 0 (0x00), 32 (0x20), 64 (0x40), 96 (0x60), 128 (0x80), 160 (0xA0), and 192 (0xC0).
Administrative domain overview User-defined Admin Domains AD1 through AD254 are user-defined Admin Domains. These user-defined Admin Domains can be created only by a physical fabric administrator in AD255. System-defined Admin Domains AD0 and AD255 are special Admin Domains and are present in every AD-capable fabric. AD0 is a system-defined Admin Domain that, in addition to containing members you explicitly added (similar to user-defined Admin Domains), it contains all online devices, switches, and switch ports that were not assigned to any user-defined Admin Domain.
Enabling administrative domains You can use AD255 to do the following: • Manage other Admin Domains. • Get an unfiltered view of the fabric. • Manage ACL and distribution (can be managed in AD0 if no other Admin Domains are present). •...
Admin Domain window 1. Change the Admin Domain context to AD0. Refer to “Changing the Admin Domain context” page 25. NOTE Changing the Admin Domain context requires using Web Tools with the EGM license; otherwise, access to this feature is denied and an error message displays. Change the Default Zone mode to No Access.
Admin Domain window FIGURE 45 Admin Domain window, summary view The Admin Domain window displays information about the Admin Domains defined in the fabric. If you launch the Admin Domain window from AD255 (physical fabric), the window contains information about the current content of all Admin Domains. If you launch the Admin Domain window from any other Admin Domain, the window displays the current Admin Domain only.
Admin Domain window FIGURE 46 Admin Domain window, single Admin Domain detail NOTE The tree only displays launched switches and their ports. It also displays all the devices in the fabric. Slot and port information of other switches are not displayed in the tree. The Admin Domain window has the following buttons in a task bar at the top of the window: •...
Admin Domain window • Click Copy Row or Copy Table to copy the contents in tab-delimited text format to a file. • Click Search to search for a specific text string in the table. The Switch Members box displays, as shown in Figure In the Switch Members box, type the text string and press Enter.
Admin Domain window Refreshing Admin Domain information Any changes you make in the Admin Domain window are saved to a local buffer; they are not applied to persistent storage until you invoke one of the transactional operations listed in the Actions menu.
Creating and populating domains 2. Click Yes to close without saving changes or click No to go back to the Admin Domain window to save the changes (refer to “Saving local Admin Domain changes” on page 88). Creating and populating domains Setting up an Admin Domain involves the following steps.
Creating and populating domains 3. In the Name area, assign an Admin Domain name. You can specify a name or let the system assign the name for you. 4. In the ID area, assign an Admin Domain ID. You can specify an ID or let the system assign the ID for you. 5.
Creating and populating domains NOTE The tree only displays two FC ports and all logical ports if the 7500E upgrade license is not installed. 8. Click Next. The wizard displays a summary of the Admin Domain. Read the summary to verify that the Admin Domain setup is correctly.
Modifying Admin Domain members FIGURE 51 Add Member wizard 2. Select Port and enter the member ID in the Member field using the Domain Index (D,I) format. 3. Click Apply to enforce the added members, and then click OK to accept the changes. Activating or deactivating an Admin Domain Use the following procedure to activate or deactivate an Admin Domain.
Modifying Admin Domain members FIGURE 52 Modify Admin Domain wizard 4. Assign members to the Admin Domain by selecting them in the Available Members section and clicking Add, Add Ports, or Add Devices as described below: • Select a switch, port, or device in the Available Members tree and click Add to add the selected element.
Modifying Admin Domain members Renaming Admin Domains You can change the name of an Admin Domain, including an auto-assigned ID name. The Admin Domain name cannot exceed 63 characters and can contain alphabetic and numeric characters. The only special character allowed is an underscore ( _ ). NOTE You cannot rename AD0 or AD255.
Port management overview FIGURE 53 Port Administration window, FC Ports, Basic Mode The Port Administration window displays information about the ports on the switch. Click Show Advanced Mode in the upper-right corner of the window to see more port management options (Figure 54).
Port management overview FIGURE 54 Port Administration window, FC Ports, Advanced Mode Admin Domain considerations In fabrics with user-defined Admin Domains, the Port Administration window is filtered to show only ports that are direct or indirect members of the currently selected Admin Domain: •...
Port management overview Port Administration window components The Port Administration window (shown in Figure 53) has the following two tabs on the top left: • FC Ports to display all of the FC ports on the switch (physical FC ports and logical FCIP ports) •...
Page 131
Port management overview • Button area. The button area contains buttons for all the tasks you can perform on the selected port. If you select more than one port, buttons are available for only the tasks that you can perform on all of the selected ports. Buttons are grayed (unavailable) if they are not applicable to the selected ports.
Port management overview • QoS Enable/Disable (These options require Adaptive Networking License) SFP—Physical ports only (FC, CEE, and GbE) • Advanced information about the port equipment Port Statistics • Advanced port statistics • Error details • FCIP Tunnels—GbE ports and logical FCIP ports only (not available for the FR4-16IP) Controllable ports All ports have a “Controllable”...
Configuring FC ports FIGURE 55 Port Administration window, Table view Configuring FC ports With the FC Port Configuration wizard, you can configure allowed port types, port speed, and long distance mode for physical ports. You must use Web Tools with the EGM license enabled on the switch to configure long distance; otherwise, access to this feature is denied and the following error message displays.
Configuring FC ports The EGM license is required only for 8 Gbps platforms, such as the Brocade DCX and DCX-4S enterprise-class platforms, the Encryption Switch, the 300, 5300, and 5100 switches. For non-8 Gbps platforms, all functionalities are available without EGM license. The following procedure describes how to open the FC Port Configuration wizard.
Configuring FC ports The FC Port Configuration wizard opens. The fields are populated with the current configuration values. Long distance is not displayed from the Edit Configuration window as shown is Figure 57. You can view long distance from the View tab when you display port details. 6.
Assigning a name to a port FIGURE 58 Missing EGM license The EGM license is required only for 8 Gbps platforms, such as the Brocade DCX and DCX-4S enterprise-class platforms, the Encryption Switch, the 300, 5300, and 5100 switches. For non-8 Gbps platforms, all functionalities are available without EGM license.
Enabling and disabling a port 5. Click Rename. 6. Type a name for the port and click Rename. To delete the existing port name, leave the field blank and click Rename. Enabling and disabling a port Use the following procedure to enable or disable a port. 1.
Persistent enabling and disabling ports Persistent enabling and disabling ports Use the following procedure to enable or disable an FC port so that it remains enabled or disabled across switch restarts. NOTE Ports cannot be persistently enabled or disabled when FMS is enabled. 1.
Port activation Port activation Brocade switches come with a preset number of ports enabled. Additional ports can be enabled using the Ports on Demand (POD) licenses and the Dynamic Ports on Demand (DPOD) feature (for supported switches only). Ports on Demand is ready to be unlocked in the switch firmware. The license might be part of the licensed Paper Pack supplied with switch software, or you can purchase the license separately from your switch vendor, who will provide you with a key to unlock it.
Port activation After the license keys are installed, you must enable the ports. You can do so without disrupting switch operation, as described in “Enabling and disabling a port” on page 105. Alternatively, you can disable and re-enable the switch to activate all ports as described in “Enabling and disabling a switch”...
Port activation Disabling Dynamic Ports on Demand NOTE Disabling DPODs causes traffic disruption. Any prior port associations and assignments are lost the next time the switch is restarted. You must be logged in as Admin to disable the Dynamic POD feature. 1.
Port swapping index Port swapping index If a port malfunctions, or if you want to connect to different devices without having to rewire your infrastructure, you can move traffic from one port to another (swap ports) without changing the I/O Configuration Data Set (IOCDS) on the mainframe computer.
Configuring BB credits on an F_Port FIGURE 59 Port Swapping Index Configuring BB credits on an F_Port From 6.3.0 you can configure the BB credits value on an F_Port. Follow the steps given below. 1. Click a port in the Switch View to open the Port Administration window. 2.
Configuring BB credits on an F_Port FIGURE 61 Configure BB Credit window 5. Enter the BB credit value in the Enter BB Credit field. The default value is 8. NOTE You cannot modify the default BB credit value for VE and ICL ports. 6.
Disabling or enabling ISL trunking Disabling or enabling ISL trunking The trunking feature requires using Web Tools with the EGM license. If you attempt to use this feature without the EGM license, the following error message displays. FIGURE 62 Missing EGM license When the trunking license is activated, trunks are automatically established on eligible ISLs and trunking capability is enabled by default on all ports.
Viewing trunk group information Viewing trunk group information Use the Trunking tab on the Switch Administration window to view trunk group information (Figure 63). FIGURE 63 Trunking tab The following trunking attributes can be displayed from the Port Admin view by selecting Show Advanced Mode: •...
F_Port trunk groups F_Port trunk groups F_Port trunking provides extra bandwidth and robust connectivity for hosts and targets connected by switches in Access Gateway mode. There are five general criteria for establishing F_Port trunking: • The F_Port trunking feature requires installing the EGM license; otherwise if you attempt to use this feature in Web Tools without the license, the following error message displays.
F_Port trunk groups 3. Select any port from the port group in which you want to create the trunk group. 4. Select F_Port Trunking. The F_Port Trunking dialog box displays (Figure FIGURE 65 F_Port trunking dialog box 5. Select one or more ports in the Ports for trunking pane. A dialog box displays, asking you to select a trunk index.
Page 150
F_Port trunk groups Web Tools Administrator’s Guide 53-1001343-01...
Performance Monitor overview The Advanced Monitoring option in the Performance Graphs window displays predefined reports and filter-based performance monitoring. You can use this feature to track the following: • The number of words received and transmitted in Fibre Channel frames with a defined SID/DID pair.
Performance Monitor overview The advanced monitoring graphs give more detailed performance information to help you manage your fabric. You can access the basic monitoring graphs on all switches; advanced monitoring graphs are available only on switches that have a Brocade Advanced Performance Monitoring license activated.
Performance Monitor overview Table 12 lists each graph and indicates the supported port types for each. The port selection lists for each graph displays the supported ports for that graph. TABLE 12 Supported port types for Brocade switches Graph Type Physical FC Ports Logical FC Ports GbE Ports...
Performance Monitor overview Figure 66 shows how to access the list of Advanced Performance Monitoring graphs using Web Tools with the EGM license. This example displays the graphs available in the Performance Monitoring window for a Brocade 48000 director with the Advanced Performance Monitoring license installed.
Opening the Performance Monitoring window FIGURE 67 Canvas of six performance monitoring graphs Opening the Performance Monitoring window To perform performance monitoring, you must use Web Tools with the EGM license; otherwise, when you click on the Performance Monitor tab, access to this feature is denied and an error messages displays.
Customizing basic monitoring graphs Depending on the type of graph you select, you might be prompted to select a slot or port for which to create a graph (Figure 69). FIGURE 68 Creating a basic performance monitor graph 3. If prompted, drag the port into the Enter/drag slot,port field, or manually type the slot and port information in the field, in the format slot,port.
Customizing basic monitoring graphs The following procedure assumes that you already created one of these customizable graphs. 1. Create or access the graph you want to customize. Refer to “Creating basic performance monitor graphs” on page 124 for instructions on creating a graph. 2.
Advanced performance monitoring graphs You can perform the following in the dialog box: a. Double-click the domain to expand the slot or port list. For the Brocade 48000, Brocade DCX and Brocade DCX 4S enterprise-class platforms, click the plus (+) signs to expand the ports under each slot, as shown in Figure b.
Advanced performance monitoring graphs FIGURE 70 Creating an SID/DID performance graph NOTE Only the FC ports of the launched switch display in the tree. The All Devices tab lists all the devices in the fabric and lets you select the source and destination. Slot and port information of other switches is not displayed in the tree.
Advanced performance monitoring graphs Creating a SCSI vs. IP Traffic Graph The SCSI vs. IP Traffic graph displays the SCSI versus IP traffic for selected ports. For Brocade 48000 and Brocade DCX and DCX-4S enterprise-class platforms, the slot and port name are identified in the graph.
Tunnel and TCP performance monitoring graphs FIGURE 71 Creating a SCSI command graph 3. Navigate to a switch > slot > port in the Port Selection List. 4. Click the port from the Port Selection List and drag it into the Enter/drag port field. 5.
Tunnel and TCP performance monitoring graphs FIGURE 72 Tunnel and TCP Graph window 3. Select the tunnel from the Tunnels drop down list for which you want to generate the graphs. For Brocade 7800 extension switch, you can have maximum four circuit connections in a tunnel and for FX8-24 DCX extension blade, you can have maximum 10 circuit connections in a tunnel.
Saving graphs to a canvas Saving graphs to a canvas Saving graphs is useful when you create customized graphs and do not want to recreate them each time you access the Performance Monitoring window. When you save graphs, you must save them to a canvas. The following procedure describes how to save graphs to a new canvas.
Printing graphs Printing graphs You can print a single graph or all the graphs displayed on the selected canvas configuration. Only one canvas configuration can be opened at a time. 1. Open the Performance Monitoring window. 2. Create a basic or advanced Performance Monitor graph as described in “Creating basic performance monitor graphs”...
Page 166
Modifying graphs Web Tools Administrator’s Guide 53-1001343-01...
Zoning overview Basic Zones Basic zoning enables you to partition a storage area network (SAN) into logical groups of devices that can access each other. For example, you can partition a SAN into two zones, winzone and unixzone, so that the Windows servers and storage do not interact with UNIX servers and storage. Zones can be configured dynamically.
Zoning configurations Zoning configurations The Zone Administration window is where all of the zoning tasks are performed. When performing zoning tasks for switches in a mixed fabric—that is, a fabric containing two or more switches running different fabric operating systems—you should use the switch with the highest Fabric OS level.
Zoning management You must be logged into the switch using a user name with one of the following roles associated with it to make changes to the zoning: zoneAdmin, admin, or fabricAdmin. All other roles allow only a view or read-only access. Most of the zoning operations are disabled in read-only mode. A snapshot is taken of all the zoning configurations at the time you launch the Zone Administration window;...
Zoning management • “Refreshing” means copying the current state of the zoning database on the switch to the Web Tools buffer, overwriting its current contents. In the Zone Administration window, all WWNs also display vendor names. NOTE The Member Selection List only lists the ports of the current switch and the devices of all the switches in the fabric.
Zoning management Refreshing Zone Administration window information The information displayed in the Zone Administration window is initially a snapshot of the contents of the fabric zoning database at the time the window is launched. Any changes you make to this window are saved to a local buffer;...
Zoning management 1. Make the zoning changes in the Zone Administration window. 2. Click Zoning Actions > Save Config. NOTE If you have made changes to a configuration, you must enable the configuration before the changes are effective. To enable the configuration, refer to “Enabling zone configurations”...
Zoning management 4. On Create New Alias, type a name for the new alias and click OK. The new alias is displayed in the Name list. 5. Expand the Member Selection List to view the nested elements. The choices available in the Member Selection List depend on the selection in the View menu. 6.
Zoning management 5. Click Zoning Actions > Save Config to save the configuration changes. To enable the configuration, refer to “Enabling zone configurations” on page 149. Deleting zone aliases You can remove a zone alias from the Zone Admin buffer. When a zone alias is deleted, it is no longer a member of the zones of which it was once a member.
Zoning management Creating and populating zones A zone is a region within the fabric where specified switches and devices can communicate. A device can communicate only with other devices connected to the fabric within its specified zone. Use the following procedure to create a zone. 1.
Zoning management 5. Click Add Member to add a zone member, or click Remove Member to remove a zone member. The zone is modified in the Zone Admin buffer. At this point you can either save your changes or save and enable your changes. 6.
Zoning management Deleting zones Use the following procedure to delete a zone. 1. Open the Zone Administration window as described on page 137. 2. Click the Zone tab. 3. Select the zone you want to delete from the Name menu and click Delete. 4.
Zone configuration and zoning database management Zone configuration and zoning database management A zone configuration is a group of zones; zoning is enabled on a fabric by enabling a specific configuration. You can specify members of a configuration using zone names. Figure 74 shows a sample zoning database and the relationship between the zone aliases, zones, and zoning configuration.
Zone configuration and zoning database management 3. Click the Zone Config tab and click New Zone Config. 4. On Create New Config, type a name for the new configuration and click OK. The new configuration displays in the Name list. 5.
Zone configuration and zoning database management 4. On Rename a Config, type a new configuration name and click OK. The configuration is renamed in the configuration database. 5. Click Zoning Actions > Save Config to save the configuration changes. Cloning zone configurations You must use Web Tools with the EGM license to perform cloning operations for zone configurations;...
Zone configuration and zoning database management 1. Open the Zone Administration window as described on page 137. 2. Click Zoning Actions > Enable Config. 3. On Enable Config, select the configuration to be enabled from the menu. 4. Click OK to save and enable the selected configuration. Disabling zone configurations When you disable the active configuration, the Advanced Zoning feature is disabled on the fabric, and all devices within the fabric can communicate with all other devices.
Zone configuration and zoning database management FIGURE 75 Effective Configuration window Viewing the enabled zone configuration name without opening the Zone Administration window Do the following: • Select a switch from the Fabric Tree. The selected switch displays in the Switch View.
Zone configuration and zoning database management 2. To identify the most recently effective zone configuration without saving or applying any changes you made in the Zone Administration window, click Print > Print Effective Zone Configuration in the Zone Administration window. If no zone is enabled, a message is displayed, indicating that there is no active zoning configuration on the switch.
Zone configuration and zoning database management Replacing a WWN in Multiple Aliases and Zones This procedure enables you to replace a WWN throughout the Zone Admin buffer. This is helpful when exchanging devices in your fabric and helps you to maintain your current configuration. 1.
Best practices for zoning Clearing the Zoning Database Use the following procedure to disable the active zoning configuration, if one exists, and delete the entire zoning database. You must disable any active configuration before you can delete the zoning database. ATTENTION This action not only disables zoning on the fabric, but also deletes the entire zoning database.
Trace dumps Using the Trace tab of the Switch Administration window, you can view and configure the trace FTP host target and enable or disable automatic trace uploads. FIGURE 76 Trace tab How a trace dump is used The generation of a trace dump causes a CRITICAL message to be logged to the system error log. When a trace dump is detected, issue the supportSave command on the affected switch.
Trace dumps Setting up for automatic transfer of diagnostic files involves the following tasks: • Specifying a remote server to store the files. • Enabling the automatic transfer of trace dumps to the server. (Trace dumps overwrite each other by default; sending them to a server preserves information that would otherwise be lost.) Specifying a remote server You can perform this task only if the switch belongs to the Admin Domain you are logged into.
Displaying switch information Displaying switch information You can right-click in the table content of Fan, Temperature, and Power Status windows to find Export, Copy, and Search options. These options are not available if the table does not have any content. You must accept the Brocade Certificate at the beginning of the log in to Web Tools to enable the functionality of Export and Copy.
Displaying switch information The Fan No. column indicates either the fan number or the fan FRU number, depending on the switch model. A fan FRU can contain one or more fans. • For Brocade 4100, 4900, 5000, 5100, 5300, 7600, the 7500, 7500E, and 7800 Extension switches, the 8000, and the Brocade Encryption Switch, the Fan No.
Displaying switch information 1. Select a switch from the Fabric Tree. The selected switch displays in the Switch View. The icon on the Power button indicates the overall status of the power supply. 2. Click Power on the Switch View. The detailed power supply states are displayed.
Displaying switch information Click the Status button to display a detailed, customizable switch status report, shown in Figure Note that this is a static report and not a dynamic view of the switch. FIGURE 81 Switch Report window 1. Select a switch from the Fabric Tree.
Port LED interpretation FIGURE 82 Switch Report Action menu Port LED interpretation Switch View displays port graphics with blinking LEDs, simulating the physical appearance of the ports. One of the LEDs indicates port status; the other indicates port speed. For LED information, refer to the hardware documentation for the switch you are viewing.
Port LED interpretation Port icon colors The background color of the port icon indicates the port status, as follows: • Green (healthy) • Yellow (marginal) • Red (critical) • Gray (unmonitored) • If the entire port icon is blue, the port is buffer-limited. •...
Port LED interpretation Brocade 48000 Director LEDs For the Brocade 48000 director, the representation of the port LEDs on the FC4-32 port blade is not the same as the LEDs on the physical blade. Figure 84 on page 164 compares the LEDs on the physical port card and the Web Tools display.
Supported switches for Fibre Channel Routing Note the following terminology for Fibre Channel Routing: backbone fabric An FC Router can connect two edge fabrics; a backbone fabric connects FC Routers. The backbone fabric is the fabric to which the FC Router switch belongs.
FC-FC routing management 3. Configure EX_Ports by clicking the EX Ports tab and then clicking New. Follow the instructions in the wizard. Refer to “Viewing EX_Ports” on page 169. 4. Connect the cables from the EX_Ports on the FC Router to the edge fabrics, if they were not connected before.
FC-FC routing management NOTE When the Virtual Fabrics capability is enabled on the switch, Fabric ID cannot be set using the Set Fabric ID button. Use the following procedure to open the FC Routing module. 1. Select a switch from the Fabric Tree.
Viewing EX_Ports To manage an LSAN fabric, select the fabric to manage and click Manage LSAN Fabric in the task bar. A browser window is launched with the following url: http://ip-address-of-lsan-fabric-switch For Brocade switches, this launches Web Tools. For non-Brocade fabrics, this launches the element manager for that switch.
Viewing EX_Ports • Edit an EX_Ports configuration • Rename an EX_Port • Swap the Port Index of an EX_Port (described in “Port swapping index” on page 110) • Enable or disable an EX_Port • Persistently enable or disable an EX_Port •...
Configuring an EX_Port Configuring an EX_Port Use the following procedure to configure an EX_Port. 1. Select Tasks > Manage > FCR. 2. Click the EX_Ports tab. 3. Click New in the task bar to configure one or more EX_Ports. NOTE For Brocade 7800 extension switch and FX8-24 blade, New button is enabled only if Integrated Routing license is present.
Viewing LSAN zones 1. Open the Switch View window. 2. Click FCR in Manage section of the Tasks menu. 3. Click the Ex_Ports tab. 4. Click the Router Port Cost button. Viewing LSAN zones The LSAN Zones tab displays all the LSAN zones, in both a tabular and tree form. If FC-FC Routing is disabled, the table and the tree node in this tab display only the LSAN zones present in the backbone fabric.
Configuring the backbone fabric ID Click the Physical Devices or Proxy Devices element in the tree to see a detailed list of the physical or proxy devices. Click the device name in the tree for more detailed information about a specific device, as shown in Figure FIGURE 88...
Page 206
Configuring the backbone fabric ID Select a fabric ID from the drop-down menu. The fabric ID is a number from 1 through 128. Web Tools warns you if you select a fabric ID that is already in use. 8. Click OK. 9.
Viewing switch explorer for Access Gateway mode Viewing switch explorer for Access Gateway mode The Switch Explorer for Access Gateway mode displays as shown in Figure FIGURE 89 Switch Explorer view for Access Gateway mode The Access Gateway mode Switch Explorer is divided into the following areas: •...
Access Gateway mode on Brocade Encryption switch Access Gateway mode on Brocade Encryption switch The Access Gateway feature on Brocade Encryption switches enables interoperability with the Cisco fabrics. The Access Gateway mode of the switch presents standard F_Ports to the hosts, but it connects to the Enterprise fabric as N_Port (rather than as E_Port in case of a regular switch).
Access Gateway mode on Brocade Encryption switch FIGURE 91 Port Group Configuration - view only • Configure F-N Port Mappings Add and Remove buttons are disabled for primary mappings and secondary failover mapping as shown in Figure FIGURE 92 F-N Port Mapping Configuration - view only •...
Enabling Access Gateway mode By default all the ports are set to N_Ports and failover and fallback are disabled. You can edit the Speed. The following options are disabled in the N Port Configuration window as shown in Figure • Lock as N Port •...
Disabling Access Gateway mode Disabling Access Gateway mode Use the following procedure to disable Access Gateway mode. 1. Select a switch. 2. Click Switch Admin in the Manage section under Tasks. The Switch Administration window opens. 3. Click Disable in the Switch Status section. You can disable Access Gateway mode only after the switch is disabled.
Port configuration Port configuration You can configure the port types (N_Port, F_Port) on each individual port on an Access Gateway enabled switch. When you configure ports, you can specify a global configuration policy using the Port Configuration Policy button. By default, Advanced is selected and sets the initial defaults for port types, groups, and the F_Port-to-N_Port mappings.
Port configuration FIGURE 95 Port Group Configuration dialog box 4. On Port Group Configuration, click Add. The Add Port Group window displays (Figure 96). FIGURE 96 Add Port Group 5. Enter the id for the new port group in the Port Group ID* field. 6.
Port configuration 11. Click Close on the Port Group Configuration dialog box. Editing or Viewing port groups Use the following procedure to edit port groups. 1. Click a port in the Switch View to open the Port Administration window. 2. Click Configure N_Port Groups. 3.
Port configuration 8. Under the Select Members(N-Port)* section, select the required ports you want to group and clear the check boxes for the ports you want to remove from the port group. 9. Click Save. 10. Click Close on the Port Group Configuration dialog box. Deleting port groups Use the following procedure to delete port groups.
Access Gateway policy modification FIGURE 98 F-N Port Mapping Configuration dialog box 4. In the Primary Mappings area, select ports and use the Add button to map F_Ports or U_Ports to N_Ports. Use the Remove button to delete an F_Port mapping from an N_Port. 5.
Access Gateway policy modification Path Failover and Failback policies The Path Failover and Failback policies determine the behavior of the F_Port if the primary mapped N_Port they are mapped to goes offline or is disabled. The Path Failover and failback policies are attributes of the N_Port.
Access Gateway policy modification FIGURE 100 Port Administration window, enabling APC 3. Click Yes in the confirmation window. 4. In the Switch Explorer window select Switch Admin. The Switch Administration window displays. FIGURE 101 Access Gateway Auto Rebalancing 5. Click Refresh. 6.
Page 220
Access Gateway policy modification • Click Manual Balancing and a confirmation dialog box displays. Click Yes to change F Port - N Port Mapping or click No to cancel the changes. Click Apply to apply the changes. Web Tools Administrator’s Guide 53-1001343-01...
Using Fabric Watch with Web Tools Using Fabric Watch with Web Tools You can perform Fabric Watch operations using Web Tools and Web Tools with the EGM license. NOTE Unless the switch is a member of the current Admin Domain context, Fabric Watch is view-only. FIGURE 102 The Fabric Watch window Fabric Watch Explorer, on the left side of the window, displays the available classes.
Fabric Watch threshold configuration Opening the Fabric Watch window Use the following procedure to open the Fabric Watch window. 1. Select a switch from the Fabric Tree and log in if necessary. 2. Select Tasks > Manage > Fabric Watch. The Fabric Watch window opens, as shown in Figure 102.
Fabric Watch threshold configuration FIGURE 103 Threshold configuration in Fabric Watch 3. Click the Trait Configuration subtab. 4. In Fabric Watch Explorer, click a class. 5. Under Area Selection, choose an area from the list. This sets the units in the Units field. The module displays two columns of trait information, labeled System Default and Custom Defined.
Fabric Watch threshold configuration Configuring threshold alarms After you update the threshold information, use the Alarm Configuration subtab to customize the notification settings for each event setting. 1. Open the Fabric Watch window. 2. Click the Threshold Configuration tab. 3. Click the Alarm Configuration subtab. 4.
Configuring alarms for FRUs • Click Triggered to receive threshold alarms only when they are triggered by events that you defined. • Click Continuous to receive threshold alarms at a continuous interval. Select a time interval in which to receive the threshold alarms from the Time Interval menu. 9.
Fabric Watch alarm information Fabric Watch alarm information From Fabric Watch, you can view two types of reports: • Alarm notifications—Displays the alarms that occurred for a selected class or area. • Alarm configuration—Displays threshold and alarm configurations for a selected class or area. Viewing an alarm configuration report Use the Threshold Configuration tab, Configuration Report subtab to display a report of the configuration for a selected class or area with the following information:...
E-mail notification TABLE 15 Alarm notification table fields (Continued) Field Description Current Value The current data value of the element Time Time when the event occurred 1. Open the Fabric Watch window. 2. In Fabric Watch Explorer, select the class that you want to check for alarms. 3.
E-mail notification 1. Open the Fabric Watch window. 2. Click the Email Configuration tab. 3. Click Enable or Disable to enable or disable the e-mail alert status. When you disable e-mail alerts, Fabric Watch does not send e-mail notification even if the e-mail notification method is assigned to monitored areas.
Page 230
E-mail notification Web Tools Administrator’s Guide 53-1001343-01...
Extended link buffer allocation overview • Actual Distance (km)—The actual distance for the link in kilometers. • Desired Distance (km)—Required for a port configured in LD or LS mode (Table 16 page 201), the desired distance, in kilometers, for the link. For an LD-mode link, the desired distance is used as the upper limit of the link distance to calculate buffer availability for other ports in the same port group.
Configuring a port for long distance TABLE 16 Long-distance settings and license requirements Value Description Extended Fabrics License Required? No long-distance setting is enabled. The maximum supported link distance is 10 km, 5 km, or 2.5 km for ports at speeds of 1 Gbps, 2 Gbps, and 4 Gbps, respectively.
Page 234
Configuring a port for long distance • If the port capability is 2 GB, type a number between 10 and 250, inclusive. • If the port capability is 1 GB, type a number between 10 and 500, inclusive. This value is the upper limit for calculating buffer availability for other ports in the same port group.
iSCSI service overview After an IQN is defined, you can map a LUN device to the IQN name. Supported platforms for iSCSI The iSCSI target gateway service is supported on the Brocade 48000 director with CP blades running Fabric OS v5.2.0 and later releases, and configured with an FC4-16IP blade. Common iSCSI Target Gateway Admin functions You can right-click on the table content in the window to access Export, Copy, and Search options: NOTE...
iSCSI service overview Terminology iSCSI target gateway services require you to understand some additional terminology. Following are terms that are used in this document to explain how the iSCSI target gateway is implemented. TABLE 17 iSCSI gateway services terminology Term Definition iSCSI Internet-SCSI.
Setting up iSCSI Target Gateway Services Saving Changes There are several ways to save changes on the switch and apply them to the fabric (applies to the iSCSI Target Gateway Admin module only): • Apply—Click Apply and your changes will be transfered from the Web Tools database to the switches database and distributed throughout the fabric.
Setting up iSCSI Target Gateway Services FIGURE 107 iSCSI Target Gateway Admin with the Targets tab selected 1. Select a switch from the Fabric Tree and log in, if necessary. The selected switch displays in Switch View. Make sure that your Admin Domain Context is either AD0 or AD255. Generally, the default user Admin Domain is AD0.
Setting up iSCSI Target Gateway Services Launching the iSCSI setup wizard Use the following procedure to launch the iSCSI setup wizard. 1. Select a switch from the Fabric Tree and log in, if necessary. The selected switch displays in Switch View.
Setting up iSCSI Target Gateway Services Configuring the IP interface This step configures iSCSI ports (GbE Ports) found on the FC4-16IP. You must have at least one iSCSI port configured to log into the iSCSI target. There are two steps in this process: •...
Setting up iSCSI Target Gateway Services Configuring the IP route is optional because when an IP address is set up, a route is automatically set up as well. 1. Open iSCSI Target Gateway Admin as described on page 206. 2. Select the iSCSI Port tab. 3.
Setting up iSCSI Target Gateway Services Configuring the IP route (optional) Use the following procedure to configure the IP route. NOTE You can create maximum of 32 static IP routes. 1. Launch the iSCSI Target Gateway Admin module as described on page 206.
Setting up iSCSI Target Gateway Services Creating iSCSI virtual targets SCSI virtual target creation is done from the first pane in the iSCSI Target Gateway Admin module. The iSCSI Virtual Target wizard provides two ways to create iSCSI targets: Create and Easy Create. Create allows you to double check your work several times before committing the changes.
Setting up iSCSI Target Gateway Services Using Easy Create to create iSCSI virtual targets Easy Create is an alternative method for creating iSCSI virtual targets. 1. Open iSCSI Target Gateway Admin as described on page 206. 2. Select the Targets tab. 3.
Discovery Domain management 5. Follow the instructions in the wizard to edit an iSCSI virtual target. The wizard is self-explanatory, so the individual steps are not described in this document. NOTE The Remove LUN(s) button is available only for virtual targets that are fully initialized as a target.
Discovery Domain management When you select DDInfo from the tree in the left pane, you can create a discovery domain. If you select an object in the discovery domain set listed you can view, create, edit, delete, enable, or disable any of the discovery domain information contained in each object. If you select a discovery domain object, you can edit or delete the data contained in the object.
Discovery Domain management In the wizard you can do the following tasks: • You can configure the DD. You must specify the DD name, and then you can add or remove initiators and targets. You can also add any offline device(s) by entering the IQN name in the IQN name field and clicking Add Offline Devices under the list on the right.
Discovery domain sets (DDSet) Editing a discovery domain Use the following procedure to edit a discovery domain. 1. Open iSCSI Target Gateway Admin as described on page 206. 2. Select the Discovery Domains tab. 3. Select a DD in the left pane and click Edit. 4.
CHAP Configuration FIGURE 116 Create DDSet wizard 4. Follow the instructions in the wizard to create an iSCSI discovery domain set. The wizard is self-explanatory, so the individual steps are not described in this document. Editing a Discovery Domain Set Use the following procedure to edit a discovery domain set.
CHAP Configuration FIGURE 117 CHAP tab Creating a CHAP user Use the following procedure to create a CHAP user. 1. Launch the iSCSI Target Gateway Admin module as described on page 206. 2. Select the CHAP tab. 3. Click Create. 4.
Connection redirection Binding or Removing CHAP users Use the following procedure to bind or remove CHAP users. 1. Launch the iSCSI Target Gateway Admin module as described on page 206. 2. Select the CHAP tab. 3. Click Bind/Remove Chap(s). 4. Select a virtual target. 5.
iSCSI Fibre Channel Zone configuration FIGURE 118 Connection Redirection tab 3. Select the check box in the Enable/Disable column to enable connection redirection for the required slot. Clear the check box to disable connection redirection. NOTE Existing connections are not redistributed when iSCSI ports change state from disabled to enabled or offline to online.
iSCSI Fibre Channel Zone configuration • If a defined configuration is currently effective in the fabric and you add your iSCSI FC zone to that configuration, the configuration is automatically re-enabled to include this zone. NOTE If you do not have a zoning license or any zoning implemented, you do not need to create one for iSCSI target gateway service.
Managing and Troubleshooting Accessibility Creating an iSCSI Fibre Channel zone with an effective zone configuration Use the following procedure to create an iSCSI FC zone with an effective zone configuration. 1. Launch the iSCSI Target Gateway Admin module as described on page 206.
Page 256
Managing and Troubleshooting Accessibility Web Tools Administrator’s Guide 53-1001343-01...
Viewing Fabric Shortest Path First routing FIGURE 120 Routing tab Viewing Fabric Shortest Path First routing The Routing tab of the Switch Administration window displays information about routing paths. 1. Open the Switch Administration window as described on page 2. Click the Routing tab. 3.
Specifying frame order delivery When the port-based policy is in force, you can enable DLS to optimize routing. When DLS is enabled, it shares traffic among multiple equivalent paths between switches. DLS recomputes load sharing either when a switch boots up or each time an E_Port or FX_Port goes online or offline. Enabling this feature allows a path to be discovered automatically by the FSPF path-selection protocol.
Configuring the link cost for a port Configuring the link cost for a port This section describes how to set the cost of an interswitch link (ISL). The cost of a link is a dimensionless positive number. The fabric shortest path first (FSPF) protocol compares the cost of various paths between a source switch and a destination switch by adding the costs of all the ISLs along each path.
User-defined accounts Access rights for any user session are determined by the user’s role-based access rights. Refer to Chapter 1, “Introducing Web Tools” for additional information about Role-Based Access Control (RBAC). The User tab of the Switch Administration window (Figure 121 on page 231) displays account information.
User-defined accounts FIGURE 121 User tab Viewing user account information Use the following procedure to view user account information. 1. Open the Switch Administration window as described on page 2. Click the User tab. A list of the default and user-defined accounts displays. If you are logged in using the switchadmin role, only your account information is displayed.
User-defined accounts FIGURE 122 Add User Account dialog box (VF) FIGURE 123 Add User Account dialog box (AD) Web Tools Administrator’s Guide 53-1001343-01...
Page 265
User-defined accounts 4. Type the user name, which must begin with an alphabetic character. The name can be up to 40 characters long. It is case-sensitive and can contain alphabetic and numeric characters, the dot (.) and the underscore (_). It must be different from all other account names on the logical switch.
User-defined accounts Deleting user-defined accounts Use the following procedure to delete user-defined accounts. 1. Open the Switch Administration window as described on page 2. Click the User tab. 3. Select the account to remove and click Remove. 4. Click Apply to save your changes. You cannot delete the default accounts.
User-defined accounts The All button is disabled unless the following conditions are met: • The selected role for the target user must be admin or securityadmin. • You must be a physical fabric administrator. Selecting All makes the target user account a physical fabric administrator. 9.
Page 268
User-defined accounts Passwords must also meet any additional password rules that were set up. (Refer to “Setting the rules for passwords” on page 236 for more information.) Retype the new password in the Confirm Password field. 8. Click OK. 9. Click Apply to save your changes. Setting the rules for passwords Use the following procedure to set rules for passwords.
User-defined accounts FIGURE 124 Configure Password Rules dialog box Setting a password as expired Use the following procedure to set a password as expired. 1. Open the Switch Administration window as described on page 2. Click the User tab. 3. Select the account. 4.
User-defined accounts Displaying roles and assigned logical fabrics You can display user role assignments for logical fabrics. 1. Open the Switch Administration window as described on page 2. Click the User tab. 3. Select an account. 4. Select Show Role and VF. The Role Mapping for that user is displayed (Figure 125).
Access control list policy configuration Access control list policy configuration Support for the Access Control List (ACL) policies is currently defined in the Switch Connection Control (SCC) and Device Connection Control (DCC) policies. SCC and DCC policy configuration in base Fabric OS is performed on a switch-local basis. Fabric Configuration Server (FCS) Policy can be created only once.
Access control list policy configuration Admin Domain considerations ACL management can be done on AD255 and in AD0 only if there are no other user-defined Admin Domains. Both AD0 (when no other user-defined Admin Domains exist) and AD255 provide an unfiltered view of the fabric.
Access control list policy configuration FIGURE 127 DCC Policy Configuration wizard 10. In the ADD Domain, Port Index field, enter the value in the Domain, Index format and click Add. 11. Click Ok to confirm the changes to the switch. You must activate the policy in order to implement it.
Access control list policy configuration Deleting all SCC, DCC, FCS policies You cannot delete the FCS policy from non-primary or non-FCS switches. The Delete All button is enabled only when there is at least one policy activated. 1. Open the Switch Administration window as described on page 2.
Fabric-Wide Consistency Policy configuration 3. Select the FCS tab. 4. Click Move FCS Switch. 5. Select the appropriate from and to positions. 6. Click Apply. After you move all the member switches, click Apply and Close. Fabric-Wide Consistency Policy configuration Fabric Wide Consistency Policy (FWCP) configures the Fabric Wide Consistency behavior of distributable ACL policies.
Authentication policy configuration 3. Under Security Policies, click FWCP. 4. Select one of the following consistency behavior for the required policy type (SCC, DCC, FCS). • Absent • Tolerant • Strict NOTE You can change the consistency behavior of SCC, DCC, or FCS policy only for a primary switch. 5.
Authentication policy configuration 4. In the Authentication Type field, choose FCAP or DHCHAP. 5. Select the switch authentication policy mode: Strict authentication is enforced on all E_Ports. Active The switches can be connected to a switch with any type of policy. Passive The switch does not initiate authentication but participates if the connecting switch initiates...
Authentication policy configuration 6. Click OK. Authentication policies are distributed only if all the selected switches accept the distribution. Only the policy mode is distributed to the selected switches. The switch initiating the distribution must accept distribution. Re-authenticating policies A user who has changed authentication policy parameters or a shared secret key pair can re-initialize the authentication.
SNMP configuration 6. Enter the Switch WWN, name, or domain ID, or use the Browse button to select a switch. In the Peer Secret and Confirm Peer Secret fields, enter the peer secret value. 8. In the Local Secret and Confirm Local Secret fields, enter the local secret value. 9.
SNMP configuration FIGURE 130 SNMP tab 3. Select a trap level for a recipient from the corresponding Trap Level menu in the SNMPv1 and SNMPv3 sections. The level you select identifies the minimum event level that will prompt a trap. NOTE Adding or editing the user name can be done only through the CLI and by selecting a user name from the User Name menu in the SNMPv3 section.
SNMP configuration Setting SNMPv1 configuration parameters Use the following procedure to set SNMPv1 configuration parameters. 1. Open the Switch Administration window as described on page 2. Click the SNMP tab (Figure 130). 3. Double-click a community string in the SNMPv1 section and type a new community string. 4.
RADIUS service management 4. Select a permission for the host from the Access Control List menu. Options are Read Only and Read Write. 5. Click Apply. NOTE The port number is not included. RADIUS service management Fabric OS supports RADIUS authentication, authorization, and accounting service (AAA). When configured for RADIUS, the switch becomes a Network Access Server (NAS) that acts as a RADIUS client.
RADIUS service management FIGURE 132 AAA Service tab Enabling and Disabling RADIUS Service At least one RADIUS server must be configured before you can enable RADIUS service. 1. Open the Switch Administration window as described on page 2. Click the AAA Service tab. 3.
RADIUS service management Configuring the RADIUS Service The configuration is chassis-based, so it applies to all logical switches (domains) on the switch and it is replicated on a standby CP, if one is present. It is saved in a configuration upload, and can be applied to other switches in a configuration download.
Active Directory service management Modifying the RADIUS Server Order The RADIUS servers are contacted in the order they are listed, starting from the top of the list and moving to the bottom. 1. Open the Switch Administration window as described on page 2.
Active Directory service management 4. Select None, Switch Database when Active Directory authentication failed, or Switch Database when Active Directory timeout from the Secondary AAA Service menu. To disable Active Directory service, select Switch Database from the Primary AAA Service drop-down menu and select None from the Secondary AAA Service drop-down menu.
IPSec Concepts IPSec Concepts Internet Security Protocol (IPSec) is a set of open standards that provide cryptographic security services for IP networks. Several protocols are available for providing authentication and secure transmission of data. From Web Tools, you can establish IPSec policies for FCIP implementations on 7800 extension switches with the upgrade license, the 7500 extension switches and FR4-18i blades, and you can establish IPSec policies for IP interfaces that provide management access to switches and control processors.
IPSec Concepts Transport mode and tunnel mode Transport mode adds an authentication header (AH) before the IP header. Only a single pair of addresses is used (those in the IP header). When transport mode is used, both endpoints implement IPSec. Tunnel mode encapsulates an IP datagram in a new datagram, with a new IP header specifying the addresses of the tunnel end points.
IPSec Concepts IPSec header options IPSec adds headers to an IP datagram to enable authentication and privacy. There are two options: • Authentication Header (AH) • Encapsulating Security Payload (ESP) Authentication Header AH can be used to authenticate a data stream, but does not provide encryption needed for privacy. The AH contains a message authentication code (MAC).
IPSec Concepts Basic IPSec configurations There are three basic configurations for IPSec use: • Endpoint to Endpoint. • Gateway to Gateway. • Endpoint to Gateway. Endpoint to Endpoint In an endpoint to endpoint configuration, both endpoints implement IPSec. Transport mode is commonly used in endpoint to endpoint configurations, and only a single pair of addresses is used.
IPSec Concepts Internet Key Exchange (IKE) Concepts Key exchange is used to authenticate the end points of an IP connection, and to determine security policies for IP traffic over the connection. The initiating node proposes a policy based on the following: •...
Page 292
IPSec Concepts PRF (Pseudo-Random Function) Algorithm The PRF algorithm generates output that appears to be random data, using the HMAC chosen as the hash algorithm as the seed value. PRF is used to strengthen security. Public key certificate-based authentication Industry standard X.500 database servers are available as certificate authority servers to enable certificate-based authentication of computers.
Page 293
IPSec Concepts Authentication methods The methods used to authenticate the IKE peer are preshared key (psk), DSS digital signature (dss), and RSA digital signature (rsasig): • A Preshared key (PSK) is a shared secret that is shared between two parties over a secure channel before it is used.
IPSec over FCIP IPSec over FCIP 7500 extension switches and FR4-81i blades use FCIP protocol to IP to carry Fibre Channel traffic over IP networks. IPSec can be used to secure the IP flows over an FCIP tunnel. At a high level, the steps to take are as follows: •...
IPSec over FCIP Establishing an IKE policy for an FCIP tunnel Use the following procedure to establish an IKE policy for an FCIP tunnel. 1. From the IKE tab of the IPSec Policies screen, select Create. An Add Policy dialog box is displayed (Figure 137).
IPSec over FCIP 9. Click OK. Establishing an IPSec policy for an FCIP tunnel Use the following procedure to establish an IPSec policy for an FCIP tunnel. 1. Select the IPSec tab The IPSec Policies window is displayed. 2. Select Create. An Add Policy dialog box is displayed (Figure 138).
IPSec over management ports IPSec over management ports IPSec can be applied to the management port on a switch or a CP blade to establish a secure connection between a PC or workstation and Web Tools. The connection can be used as a virtual private network (VPN) interface to Web Tools.
IPSec over management ports Enabling IPSec Ethernet IPSec policies can be configured only after enabling IPSec by clicking the Enable button below the Ethernet IPSec policies table (Figure 139). Establishing an IKE policy When you establish an IKE policy, you identify a set of algorithms and authentication rules and parameters to use in a key exchange.
IPSec over management ports 5. Type the identifier of the remote peer switch in Peer Identifier. This is normally the IP address in IPv4 or IPv6 format, but it may also be a DNS name. 6. Choose the Encryption Algorithm. the choices are 3des_cbc, null_enc, aes128_cbc, and aes256_cbc.
IPSec over management ports 4. Type a name for the SA in the SA Name field. 5. Choose the IPSec Protocol. The choices are ah (for authentication header) and esp (for encapsulated security protocol). 6. Choose the Authentication Algorithm. The choices are hmac_md5, hmac_sha1, and AES_xcbc. Choose the Encryption Algorithm.
IPSec over management ports The Add-SA Proposal dialog box is displayed (Figure 142). FIGURE 142 Add SA-Proposal dialog box 3. Type a name in the SA Proposal Name field. 4. Type the SAs in the SA(s) to use field. 5. Optionally, define SA lifetime parameters. The SA lifetime may be defined as a time value in seconds (LifeTime in seconds), as the number of bytes transmitted before the SA is rekeyed (LifeTime in bytes), or both.
IPSec over management ports 1. Select the Transforms tab. The Transforms screen is displayed (Figure 143). FIGURE 143 Transforms tab 2. Select Add. The Add Transform dialog box is displayed (Figure 144). FIGURE 144 Add Transform dialog box 3. Type a name in the Transform Name field. 4.
Page 303
IPSec over management ports 6. Select the IPSec Protection Type. The choices are discard, bypass, and protect: Discard causes data packets to be rejected if there is an invalid pair of source and destination addresses or invalid port addresses. Bypass allows a data packet to be transmitted or received without IPsec protection. Process indicates a data packet is processed using IPsec encryption, IKE authentication, or both, using encapsulation security protocol (ESP) processing, or authentication header (AH) protocol processing.
IPSec over management ports Adding an IPSec selector Selectors are used to apply transform policies to an IP flow. Flows are uni-directional. Selectors are associated with a specific source IP address, a specific peer IP address, and a specific transform. 1.
IPSec over management ports The Add Selector dialog box is displayed. FIGURE 146 Add Selector dialog box 3. Type a name in the Selector Name field. 4. Select the Traffic Flow Direction (in or out). IPSec policies are unidirectional, and must be applied separately to inbound and outbound flows.
IPSec over management ports Manually creating an SA Use the following procedure to manually create a security association (SA). 1. Select the SA(Manual) tab. 2. Select Add. The Add Manual-SA dialog box is displayed (Figure 147) FIGURE 147 Add Manual-SA dialog box 3.
IPSec over management ports 8. Choose the IPSec Mode. The choices are Transport or Tunnel. Refer to“Transport mode and tunnel mode” if you are unfamiliar with Transport and Tunnel modes. 9. Choose the IPSec Protocol. The choices are ah (for authentication header) and esp (for encapsulated security protocol).
Establishing authentication policies for HBAs 5. Select the policy or policies you want to delete. 6. Select Delete. The policy is deleted from the SA database (SADB), and is removed from the list. Establishing authentication policies for HBAs To establish and enable authentication policies for HBAs as the log in to a fabric, do the following. 1.
Establishing authentication policies for HBAs 10. Click Apply. 11. If your authentication method uses a shared secret, select the Shared Secret Keys tab. The Shared Secret Keys screen is displayed (Figure 149). FIGURE 149 Device authentication Shared Secret Keys tab 12.
Page 310
Establishing authentication policies for HBAs 15. Enter the shared secret for the peer device (an HBA in this case) in the Peer Shared Secret and Confirm Peer Shared Secret fields. 16. Enter the shared secret for switch in the Local Shared Secret and Confirm Local Shared Secret fields.
Enabling port-based routing • Display a code page • Manage port connectivity configuration You do not need to install the FICON CUP license to perform FICON CUP management; you must install the FICON CUP license, however, if your switch is to enforce traffic between the FICON director and the host-based management program.
Enabling or disabling FICON Management Server mode FIGURE 150 FICON CUP management Enabling or disabling FICON Management Server mode FICON Management Server (FMS) is used to support switch management using CUP. To be able to use the CUP functionality, all switches in the fabric must have FICON Management Server mode (FMS mode) enabled.
FMS parameter configuration The FICON CUP tabbed page displays the FICON Management Server page, as shown in Figure 150. All attributes on this tab are disabled until FMS mode is enabled. 5. Click Enable in the FICON Management Server Mode section to enable FMS mode or click Disable to disable FMS mode.
Displaying code page information TABLE 22 FMS mode parameter descriptions (Continued) Parameter Description Director Clock Controls behavior for attempts to set the switch timestamp clock through the director console. Alert Mode When it is enabled, the director console (Web Tools, in this case) displays warning indications when the switch timestamp is changed by a user application.
Viewing the control device state Viewing the control device state The control device is in either a neutral or a switched state. When it is neutral, the control device accepts commands from any channel that has established a logic path with it and accepts commands from alternate managers.
CUP port connectivity configuration CUP port connectivity configuration In the Port Connectivity subpanel, you can manage the configuration files and active configuration. All CUP configuration files and the active configuration are listed in a table. The active configuration is listed as “Active Configuration*” and the description in the table is “Current active configuration on switch.”...
Page 318
CUP port connectivity configuration • To create a new configuration, click New. The Create Port CUP Connectivity Configuration dialog box displays all ports and port names on the selected switch (similar to the dialog box shown in Figure 152). The Block column, Prohibit column, and prohibited ports matrix are displayed as empty, for you to configure.
CUP port connectivity configuration FIGURE 152 Port CUP Connectivity Configuration dialog box Activating a CUP Port Connectivity Configuration When you activate a saved CUP port connectivity configuration on the switch, the preceding configuration (currently activated) is overwritten. 1. Open the CUP port connectivity configuration list. 2.
CUP port connectivity configuration 3. Click Copy. The Copy CUP Port Connectivity Configuration dialog box displays. 4. In the dialog box, type a name and description for the new configuration and click OK to save the configuration to the target file; click Cancel to cancel copying the configuration. The file name must be in alphanumeric characters and can contain only dashes or underscores as special characters.
Displaying Request Node Identification Data (RNID) Displaying Request Node Identification Data (RNID) Web Tools displays RNID information for the local switch, and for attached FICON devices and FICON channel paths. RNID information for the switch displays in the Switch Information tab (Figure 153).
Page 322
Displaying Request Node Identification Data (RNID) Web Tools Administrator’s Guide 53-1001343-01...
FCoE overview FCoE overview A new view has been added for the Brocade 8000 switch and FCOE10-24 DCX blade, and new tabs have been added to the Switch Administration panel and the Port Administration panel to support FCoE interfaces and trunks. Port information that is unique to FCoE The General tab of the Port Administration panel shows several parameters that are unique to CEE/DCE interfaces:...
Switch Administration panel tab for FC0E Switch Administration panel tab for FC0E The CEE tab on the Switch Administration panel (Figure 154) is specific to DCE/CEE configuration and management. FIGURE 154 Switch Administration panel with CEE tab Web Tools Administrator’s Guide 53-1001343-01...
Switch Administration panel tab for FC0E The CEE tab The CEE tab (Figure 155) has five tabs that are used for FCoE switch administration: • Link Aggregation tab • VLAN tab • FCoE Login tab • QoS tab • LLDP-DCBX tab FIGURE 155 Switch Administration CEE tab Web Tools Administrator’s Guide...
Port Administration panel tabs for FCoE Port Administration panel tabs for FCoE The Port Administration panel has two tabs specific to FCoE interfaces: • CEE Interfaces tab (Figure 156) • FCoE Ports tab (Figure 157) FIGURE 156 Port Administration CEE Interfaces tab Web Tools Administrator’s Guide 53-1001343-01...
FC0E configuration tasks FC0E configuration tasks There are several tasks related to FC0E configuration. The following lists the high level tasks in a suggested order: • Quality of Service (QoS) configuration (optional) - If you intend to implement a specific QoS scheme to prioritize data traffic, it is recommended that you finish your QoS configuration before you begin port configuration.
Quality of Service (QoS) configuration Quality of Service (QoS) configuration As a general concept, QoS is a mechanism for classifying and scheduling data traffic based on priority settings. QoS can be used to control traffic congestion, allocate bandwidth, and carry data traffic with different characteristics over a common interface.
Quality of Service (QoS) configuration 4. Select Add. The CEE Map Configuration dialog box is displayed (Figure 159). FIGURE 159 CEE Map Configuration dialog box 5. Type a name for the CEE map in the Name field. 6. Type a precedence value in the Precedence field. The value is specified as a number. The allowable range is 1 to 100.
Quality of Service (QoS) configuration An entry is added to the Priority Group table (Figure 160). When you add an entry, a PGID is automatically assigned. The PGID is an integer from 0 to 7. The first added entry is given a PGID of 0, and the PGID increments by one for each additional added entry until a PGID of 7 is reached.
Quality of Service (QoS) configuration The Traffic Class Map Configuration dialog box is displayed (Figure 161). This dialog box has the same structure as the Priority Group Map in the CEE Configuration dialog box (Figure 160). The default CoS-to-traffic class structure is based on IEEE 802.1Q recommendations, as in the default Priority Group Map shown in Figure 160.
LLDP-DCBX configuration LLDP-DCBX configuration Link Layer Discovery Protocol (LLDP) is a IEEE standard for collecting and distributing device information. Data Center Bridging Exchange (DCBX) extends LLDP by providing a protocol for discovering, initializing, and managing CEE-compliant devices. There are two configuration procedures: •...
LLDP-DCBX configuration Choose the Mode. For Mode, the choices are Tx (transmit), Rx, (receive) or Both. The default is Both. 8. In the Hello field, enter a time value in seconds. The Hello value sets the interval between hello bridge protocol data units sent by the root switch configuration messages. The range is 4 to 180 seconds.
Page 337
LLDP-DCBX configuration 5. Type a name for the configuration in the Name field. 6. Optionally, add a description in the Description field. Choose the Mode. For Mode, the choices are Tx (transmit), Rx, (receive) or Both. The default is Both. 8.
Configuring CEE interfaces Configuring CEE interfaces CEE interfaces are configured from the Port Administration panel. 1. Select the CEE Interfaces tab on the Port Administration panel. 2. Select the port you want to configure under the CEE Interface Explorer. 3. Select the General tab (Figure 165).
Configuring CEE interfaces FIGURE 166 CEE Edit Configuration dialog box 5. Select the Interface Mode. The options are None and L2. The default is None. If you intend to use this port in a Link Aggregation Group (LAG), choose None. L2 mode will be applied when you configure the LAG.
Configuring a link aggregation group (LAG) Configuring a link aggregation group (LAG) FCoE ports can be grouped to create a LAG. The LAG is treated as a single interface. 1. Select the CEE Interfaces tab on the Switch Administration panel. 2.
Configuring a link aggregation group (LAG) FIGURE 168 Add LAG Configuration dialog box 4. Select the Mode. The choices are Static and Dynamic. Static mode does not use Link Aggregation Control Protocol (LACP) to negotiate and manage link aggregation. Link participation in the LAG is determined by the link’s operational status and administrative state.
Configuring VLANs 9. Click OK. Configuring VLANs The Virtual LAN (VLAN) capability allows multiple virtual LANs within a single physical LAN infrastructure. The physical interface must be configured as L2 prior to configuring a VLAN, either as an individual interface, or as a LAG. Before you start the VLAN configuration procedure, you need to know which interfaces or LAGs you want to associate with each VLAN.
Configuring VLANs The VLAN Configuration dialog box is displayed (Figure 170). FIGURE 170 VLAN Configuration dialog box 4. Specify a VLAN ID. The format is VLAN<bridge number><ID>. In this Fabric OS release, no bridge instances are supported, so the bridge number is always 0, and the value under Bridge is statically defined as VLAN0.
Configuring FCoE login groups Configuring FCoE login groups FCoE login groups control which FCoE switches are allowed to log in to a fabric. 1. Select the CEE tab on the Switch Administration panel. 2. Select the FCoE Login tab (Figure 171).
Configuring FCoE login groups The New Login Group dialog box is displayed (Figure 172). FIGURE 172 New Login Group dialog box 4. Type a name for the login group in the Login Group Name field. 5. Select the switch WWN, The choices are Self, which is the WWN of the switch you are logged into, or Other Switch WWN.
Displaying FCoE Port Information Displaying FCoE Port Information There are 24 internal FCoE Ports that bridge FC and Ethernet traffic. You can view FCoE port information from the Port Administration panel. 1. Select the FCoE Ports tab on the Port Administration panel (Figure 173).
Displaying FCoE Port Information Port information is displayed in three tabs. The General tab is pre-selected (Figure 174). FIGURE 174 FCoE Ports, General tab The Connected Devices tab shows information about devices connected to the switch (Figure 175). Six columns of information are displayed: •...
Displaying LAG information FIGURE 175 FCoE Ports, Connected Devices tab Displaying LAG information Use the following procedure to display LAG information. 1. Select the CEE tab on the Switch Administration panel. 2. Select the Link Aggregation tab LAG information is displayed (Figure 176).
Displaying VLAN information Displaying VLAN information Use the following procedure to display VLAN information. 1. Select the CEE tab on the Switch Administration panel. 2. Select the VLAN tab. VLAN information is displayed (Figure 177). FIGURE 177 VLAN information Displaying FCoE login groups Use the following procedure to display FCoE login group information.
Displaying LLDP-DCBX information FIGURE 179 CEE Map Information FIGURE 180 Traffic Class Map Information Displaying LLDP-DCBX information Use the following procedure to display LLDP-DCBX information. 1. Select the CEE tab on the Switch Administration panel. 2. Select the LLDP-DCBX tab. To display global settings, select the Global tab (Figure 181).
Displaying CEE interface statistics FIGURE 181 LLDP-DCBX Global Settings To display LLDP profile information, select the LLDP Profile tab (Figure 182). FIGURE 182 LLDP Profile Information Displaying CEE interface statistics The CEE interface Port Statistics tab shows basic and advanced statistics, and allows you to change statistics collection parameters.
Displaying CEE interface statistics FIGURE 183 CEE Interfaces, Port Statistics, Basic Mode The CEE Interface Statistics Configuration section allows you to do the following: • Toggle between showing Absolute Values or Delta Values (values that have changed since the last data collection). •...
Enabling and disabling a CEE interface Enabling and disabling a CEE interface CEE interfaces can be enabled and disabled from a right-click menu on the Switch View, or from the Port Administration panel. To enable or disable a CEE interface from the Switch View, perform the following steps. 1.
Enabling and disabling LLDP Enabling and disabling LLDP To enable or disable LLDP on a CEE interface, perform the following steps. 1. Select the CEE Interfaces tab on the Port Administration panel. 2. Under the CEE Interface Explorer, select the port. 3.
Enabling and disabling FCoE ports You can also enable or disable by selecting Edit Configuration, and selecting Enable or Disable on the FCoE Edit Configuration dialog box (Figure 187). FIGURE 187 FCoE Edit Configuration dialog box Web Tools Administrator’s Guide 53-1001343-01...
Page 358
Enabling and disabling FCoE ports Web Tools Administrator’s Guide 53-1001343-01...
Chapter Limitations In this chapter • General Web Tools limitations ........327 General Web Tools limitations Table 23 lists general Web Tools limitations that apply to all browsers and switch platforms.
Page 360
General Web Tools limitations TABLE 23 Web Tools limitations (Continued) Area Details Firmware download There are multiple phases to firmware download and activation. When Web Tools reports that firmware download completed successfully, this indicates that a basic sanity check, package retrieval, package unloading, and verification was successful. Web Tools forces a full package install.
Page 361
General Web Tools limitations TABLE 23 Web Tools limitations (Continued) Area Details Loss of Connection Occasionally, you might see the following message when you try to retrieve data from the switch or send a request to the switch: Switch Status Checking The switch is not currently accessible.
Page 362
General Web Tools limitations TABLE 23 Web Tools limitations (Continued) Area Details Refresh option in Web Tools must be restarted when the Ethernet IP address is changed using the browsers NetworkConfig View command. Web Tools appears to hang if it is not restarted after this operation is executed.
Page 363
Index Numerics automatic trace dump transfers 2 domain/4 domain fabric licenses backbone fabric backbone fabric ID, configuring backing up configuration file About Discovery Domains (DD) basic performance monitoring graphs Access Control List. Refer to ACL BB credit access control. Refer to RBAC. beaconing, enabling Access Gateway mode best practices for zoning...
Page 364
configuration file configuration SCC/DCC policy Admin Domain considerations SCSI command graphs backing up SCSI vs. IP traffic graphs restoring SID-DID performance graphs configuring virtual targets for iSCSI Target Gateway arbitrated loop parameters zone aliases backbone fabric ID zone configurations CUP port connectivity zones default heap size creating FCS policy...
Page 365
Discovery Domains enabling iSCSI Target Gateway Access Gateway mode discovery domains (DD) automatic trace dump transfer displaying beaconing blades alarms, Fabric Watch Control Device state Fabric Watch threshold alarms CUP port connectivity configuration FICON Management Server mode enabled zone configuration insistent domain ID mode fan status iSCSI Target Gateway service...
Page 366
FC-FC routing insistent domain ID mode about about setting up enabling supported switches installing FCR router cost Java Plug-in FCS policy JRE patches on Solaris activate Solaris patches create IOD, frame delivery deactivate delete IP address distribute configuring for iSCSI Target Gateway moving switch position filtering feature licenses...
Page 367
zone configuration LSAN iSCSI initiator devices iSCSI initiators fabrics, managing iSCSI Port zones, managing iSCSI session iSCSI virtual target launching module LUN mapping managing/troubleshooting accessibility managing RADIUS server message severity levels search for FC target MetaSAN supported switches modifying VT LUN performance graphs iSCSI target, editing for iSCSI Target Gateway RADIUS server...
Page 368
performance graphs refresh rates adding to a canvas refreshing modifying Admin Domain window printing fabric information types of Switch Administration window Performance Monitoring window Zone Administration window per-frame routing priority removing persistently disable a port licenses RADIUS server platforms, supported zone alias members polling rates zone configuration members...
Page 369
starting Web Tools VC Priority swapping port index IDs viewing switch EX_Ports LSAN devices changing the name of LSAN fabrics enabling and disabling LSAN zones mouse over information swapped ports rebooting Switch Explorer Switch Administration window switch status opening viewing FCR router cost refreshing virtual channel settings, configuring Switch Events and Switch Information...
Page 370
zones about adding WWNs best practices creating deleting description LSAN modifying removing WWNs renaming replacing WWNs selecting a view zoning all access default zoning no access zoning database clearing maximum size zoning views zoning, disabling zoning, saving changes Web Tools Administrator’s Guide 53-1001343-01...